bool Test_VirtualAlloc()
{
size_t memsize = 2 * 1024 * 1024;
SIZE_T min = 0, max = 0;
::GetProcessWorkingSetSize(::GetCurrentProcess(), &min, &max);
printf("min: %u KB, max: %u KB\n", min/1024, max/1024);
{
BYTE *pBuf = (BYTE*)VirtualAlloc(NULL, memsize, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
printf("VirtualAlloc: %p\n", pBuf);
BOOL ret = VirtualLock(pBuf, memsize);
printf("VirtualLock: %d\n", ret);
memset(pBuf, 0, memsize);
// getchar();
void *pa[10];
for (int i = 0; i < 10; i++) {
pa[i] = malloc(10 * 1024 * 1024);
memset(pa[i], 0, 10 * 1024 * 1024);
}
getchar();
for (int i = 0; i < 10; i++) {
free(pa[i]);
}
if (ret) VirtualUnlock(pBuf, memsize);
VirtualFree(pBuf, memsize, 0);
}
min += 2 * 1024 * 1024;
max += 2 * 1024 * 1024;
::SetProcessWorkingSetSize(::GetCurrentProcess(), min, max);
printf("min: %u KB, max: %u KB\n", min / 1024, max / 1024);
{
BYTE *pBuf = (BYTE*)VirtualAlloc(NULL, memsize, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
printf("VirtualAlloc: %p\n", pBuf);
BOOL ret = VirtualLock(pBuf, memsize);
printf("VirtualLock: %d\n", ret);
memset(pBuf, 0, memsize);
// getchar();
if (ret) VirtualUnlock(pBuf, memsize);
VirtualFree(pBuf, memsize, 0);
}
return 0;
}
void disk_buffer_pool::free_buffer_impl(char* buf, mutex::scoped_lock& l)
{
TORRENT_ASSERT(buf);
TORRENT_ASSERT(m_magic == 0x1337);
TORRENT_ASSERT(is_disk_buffer(buf, l));
#if defined TORRENT_DISK_STATS || defined TORRENT_STATS
--m_allocations;
#endif
#ifdef TORRENT_DISK_STATS
TORRENT_ASSERT(m_categories.find(m_buf_to_category[buf])
!= m_categories.end());
std::string const& category = m_buf_to_category[buf];
--m_categories[category];
m_log << log_time() << " " << category << ": " << m_categories[category] << "\n";
m_buf_to_category.erase(buf);
#endif
#if TORRENT_USE_MLOCK
if (m_settings.lock_disk_cache)
{
#ifdef TORRENT_WINDOWS
VirtualUnlock(buf, m_block_size);
#else
munlock(buf, m_block_size);
#endif
}
#endif
#ifdef TORRENT_DISABLE_POOL_ALLOCATOR
page_aligned_allocator::free(buf);
#else
m_pool.free(buf);
#endif
--m_in_use;
}
void MemFreeLocked( PTR ptr, UINT32 uiSize )
{
if ( !fMemManagerInit )
DbgMessage( TOPIC_MEMORY_MANAGER, DBG_LEVEL_0, String("MemFreeLocked: Warning -- Memory manager not initialized!!! ") );
if (ptr != NULL)
{
VirtualUnlock( ptr, uiSize );
VirtualFree( ptr, 0, MEM_RELEASE );
guiMemTotal -= uiSize;
guiMemFreed += uiSize;
}
else
{
DbgMessage( TOPIC_MEMORY_MANAGER, DBG_LEVEL_0, String("MemFreeLocked ERROR: NULL ptr received, size %d", uiSize) );
}
// count even a NULL ptr as a MemFree, not because it's really a memory leak, but because it is still an error of some
// sort (nobody should ever be freeing NULL pointers), and this will help in tracking it down if the above DbgMessage
// is not noticed.
MemDebugCounter--;
#ifdef DEBUG_MEM_LEAKS
DbgMessage( TOPIC_MEMORY_MANAGER, DBG_LEVEL_1, String("MemFreeLocked %p", ptr) );
#endif
}
static void
sUnlockMemory(
HANDLE hDriver,
void * mem,
PGPSize numBytes )
{
PGPMEMLOCKSTRUCT mls;
DWORD dw;
BOOL bDIOreturn;
if ( IsntNull( hDriver ) )
{
mls.pMem = mem;
mls.ulNumBytes = numBytes;
bDIOreturn = DeviceIoControl( hDriver,
IOCTL_PGPMEMLOCK_UNLOCK_MEMORY,
&mls,
sizeof( mls ),
&mls,
sizeof( mls ),
&dw,
NULL );
pgpAssertMsg ( bDIOreturn, "DIOC error from page-locking driver" );
if ( bDIOreturn )
{
pgpAssertMsg ( mls.ulError == 0,
"Internal error in page-locking driver" );
}
}
else
{
VirtualUnlock ( mem, numBytes ); /* call for good measure*/
}
}
bool MemoryPageLocker::Unlock(const void* addr, size_t len)
{
#ifdef WIN32
return VirtualUnlock(const_cast<void*>(addr), len) != 0;
#else
return munlock(addr, len) == 0;
#endif
}
bool unlockPage(void* addr, int len){
#if defined(Q_WS_X11) || defined(Q_WS_MAC)
return (munlock(addr, len)==0);
#elif defined(Q_WS_WIN)
return VirtualUnlock(addr, len);
#else
return false;
#endif
}
int munlock(const void *addr, size_t len)
{
if (VirtualUnlock((LPVOID)addr, len))
return 0;
errno = __map_mman_error(GetLastError(), EPERM);
return -1;
}
int
munlock(const void *addr, size_t len)
{
if (VirtualUnlock((void *)addr, len))
return 0;
errno = EBADF;
return -1;
}
int munlock(const void *addr, size_t len)
{
if (VirtualUnlock((LPVOID)addr, len))
return 0;
else
{
errno = windowsErrorToErrno(GetLastError());
return -1;
}
}
void MemoryTrunk::DisposeTrunkBuffer()
{
if (PhysicalMemoryPageLocking)
{
VirtualUnlock(trunkPtr, head.append_head);
}
Memory::DecommitMemory(trunkPtr, TrunkLength); //Decommit the whole region
head.committed_head = 0;
committed_tail = 0;
}
BOOL My_VirtualUnlock()
{
LPVOID lpAddress=NULL;
SIZE_T dwSize=NULL;
BOOL returnVal_Real = NULL;
BOOL returnVal_Intercepted = NULL;
DWORD error_Real = 0;
DWORD error_Intercepted = 0;
__try{
disableInterception();
returnVal_Real = VirtualUnlock (lpAddress,dwSize);
error_Real = GetLastError();
enableInterception();
returnVal_Intercepted = VirtualUnlock (lpAddress,dwSize);
error_Intercepted = GetLastError();
}__except(puts("in filter"), 1){puts("exception caught");}
return ((returnVal_Real == returnVal_Intercepted) && (error_Real == error_Intercepted));
}
int munlock(const void* addr, size_t len)
{
if (VirtualUnlock((LPVOID)addr, len) != FALSE)
{
errno = 0;
return 0;
}
errno = last_error(EPERM);
return -1;
}
void* prim_virtualUnlock(void * arg1,DWORD arg2)
{ static struct {HsInt gc_failed;HsPtr gc_failstring;} gc_result;
int gc_failed;
char* gc_failstring;
do { BOOL res1=VirtualUnlock(arg1,arg2);
if ((gc_failed = ( res1=0 ))) {gc_failstring = ErrorWin("VirtualUnlock") ;}
else {gc_failed = 0;}
gc_result.gc_failed = gc_failed;
gc_result.gc_failstring = gc_failstring;
return(&gc_result);} while(0);
}
void LMDBCursor::Seek(MDB_cursor_op op) {
#ifdef _MSC_VER
if (op != MDB_FIRST)
VirtualUnlock(mdb_value_.mv_data, mdb_value_.mv_size);
#endif
int mdb_status = mdb_cursor_get(mdb_cursor_, &mdb_key_, &mdb_value_, op);
if (mdb_status == MDB_NOTFOUND) {
valid_ = false;
}
else {
MDB_CHECK(mdb_status);
valid_ = true;
}
}
int uMemUnlock(void *addr, size_t size, sys_call_error_fun fun)
{
#ifdef _WIN32
if (VirtualUnlock(addr, size) == 0)
{
sys_call_error("VirtualUnlock");
return -1;
}
else return 0;
#else
int res = munlock(addr, size);
if (res == -1)
sys_call_error("munlock");
return res;
#endif
}
/**
* Free and wipe memory. Uses SQLites internal sqlite3_free so that memory
* can be countend and memory leak detection works in the test suite.
* If ptr is not null memory will be freed.
* If sz is greater than zero, the memory will be overwritten with zero before it is freed
* If sz is > 0, and not compiled with OMIT_MEMLOCK, system will attempt to unlock the
* memory segment so it can be paged
*/
void sqlcipher_free(void *ptr, int sz) {
if(ptr) {
if(sz > 0) {
sqlcipher_memset(ptr, 0, sz);
#ifndef OMIT_MEMLOCK
#if defined(__unix__) || defined(__APPLE__)
munlock(ptr, sz);
#elif defined(_WIN32)
#if !(defined(WINAPI_FAMILY) && (WINAPI_FAMILY == WINAPI_FAMILY_PHONE_APP || WINAPI_FAMILY == WINAPI_FAMILY_APP))
VirtualUnlock(ptr, sz);
#endif
#endif
#endif
}
sqlite3_free(ptr);
}
}
static void
protected_value_xor (ProtectedValue *pvalue, gboolean to_clear)
{
if (to_clear) {
if (! pvalue->cvalue) {
guint i, l;
ensure_static_blob_filled ();
l = protected_get_length (pvalue->pvalue, pvalue->offset);
pvalue->cvalue = malloc (sizeof (gchar) * (l + 1));
for (i = 0; i < l; i++)
pvalue->cvalue [i] = pvalue->pvalue [i] ^ random_blob [pvalue->offset + i];
pvalue->cvalue [l] = 0;
#ifdef G_OS_WIN32
VirtualLock (pvalue->cvalue, sizeof (gchar) * (l + 1));
#else
#ifdef USE_MLOCK
mlock (pvalue->cvalue, sizeof (gchar) * (l + 1));
#endif
#endif
/*g_print ("Unmangled [%s]\n", pvalue->cvalue);*/
}
}
else {
if (pvalue->cvalue) {
/*g_print ("Mangled [%s]\n", pvalue->cvalue);*/
guint i;
for (i = 0; ; i++) {
gchar c;
c = pvalue->cvalue[i];
pvalue->cvalue[i] = g_random_int_range (1, 255);
if (!c)
break;
}
#ifdef G_OS_WIN32
VirtualUnlock (pvalue->cvalue, sizeof (gchar) * (i + 1));
#else
#ifdef USE_MLOCK
munlock (pvalue->cvalue, sizeof (gchar) * (i + 1));
#endif
#endif
free (pvalue->cvalue);
pvalue->cvalue = NULL;
}
}
}
/*
* Unlock a region so that it can be swapped to disk.
*
* req: TLV_TYPE_BASE_ADDRESS - The base address to lock
* req: TLV_TYPE_LENGTH - The size of the region to lock
*/
DWORD request_sys_process_memory_unlock(Remote *remote, Packet *packet)
{
Packet *response = packet_create_response(packet);
LPVOID base;
SIZE_T size;
DWORD result = ERROR_SUCCESS;
base = (LPVOID)packet_get_tlv_value_qword(packet, TLV_TYPE_BASE_ADDRESS);
size = packet_get_tlv_value_uint(packet, TLV_TYPE_LENGTH);
if (!VirtualUnlock(base, size))
result = GetLastError();
// Transmit the response
packet_transmit_response(result, remote, response);
return ERROR_SUCCESS;
}
bool ot_unlockPage(void* addr, int len)
{
static bool bWarned = false;
#ifdef _WIN32
return VirtualUnlock(addr, len);
#elif defined(PREDEF_PLATFORM_UNIX)
if (munlock(addr, len) && !bWarned)
{
bWarned = true;
OTLog::Error("ot_unlockPage: WARNING: unable to unlock memory used for storing secrets.\n");
}
return true;
#else
OT_ASSERT_MSG(false, "ASSERT: ot_unlockPage unable to unlock secret memory.");
#endif
return false;
}
void MappedMemory::release(void)
{
if(map) {
if(use_mapping) {
VirtualUnlock(map, size);
UnmapViewOfFile(fd);
CloseHandle(fd);
map = NULL;
fd = INVALID_HANDLE_VALUE;
}
else {
free(map);
map = NULL;
}
}
if(erase) {
remove(idname);
erase = false;
}
}
void crypto_close (PCRYPTO_INFO cryptoInfo)
{
#ifndef GST_WINDOWS_BOOT
if (cryptoInfo != NULL)
{
burn (cryptoInfo, sizeof (CRYPTO_INFO));
#ifndef DEVICE_DRIVER
VirtualUnlock (cryptoInfo, sizeof (CRYPTO_INFO));
#endif
GSTfree (cryptoInfo);
}
#else // GST_WINDOWS_BOOT
burn (&CryptoInfoBuffer, sizeof (CryptoInfoBuffer));
CryptoInfoBufferInUse = FALSE;
#endif // GST_WINDOWS_BOOT
}
int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams)
{
int nStatus;
PCRYPTO_INFO cryptoInfo = NULL;
HANDLE dev = INVALID_HANDLE_VALUE;
DWORD dwError;
char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
unsigned __int64 num_sectors, startSector;
fatparams ft;
FILETIME ftCreationTime;
FILETIME ftLastWriteTime;
FILETIME ftLastAccessTime;
BOOL bTimeStampValid = FALSE;
BOOL bInstantRetryOtherFilesys = FALSE;
char dosDev[TC_MAX_PATH] = { 0 };
char devName[MAX_PATH] = { 0 };
int driveLetter = -1;
WCHAR deviceName[MAX_PATH];
uint64 dataOffset, dataAreaSize;
LARGE_INTEGER offset;
BOOL bFailedRequiredDASD = FALSE;
HWND hwndDlg = volParams->hwndDlg;
FormatSectorSize = volParams->sectorSize;
if (FormatSectorSize < TC_MIN_VOLUME_SECTOR_SIZE
|| FormatSectorSize > TC_MAX_VOLUME_SECTOR_SIZE
|| FormatSectorSize % ENCRYPTION_DATA_UNIT_SIZE != 0)
{
Error ("SECTOR_SIZE_UNSUPPORTED", hwndDlg);
return ERR_DONT_REPORT;
}
/* WARNING: Note that if Windows fails to format the volume as NTFS and the volume size is
less than the maximum FAT size, the user is asked within this function whether he wants to instantly
retry FAT format instead (to avoid having to re-create the whole container again). If the user
answers yes, some of the input parameters are modified, the code below 'begin_format' is re-executed
and some destructive operations that were performed during the first attempt must be (and are) skipped.
Therefore, whenever adding or modifying any potentially destructive operations below 'begin_format',
determine whether they (or their portions) need to be skipped during such a second attempt; if so,
use the 'bInstantRetryOtherFilesys' flag to skip them. */
if (volParams->hiddenVol)
{
dataOffset = volParams->hiddenVolHostSize - TC_VOLUME_HEADER_GROUP_SIZE - volParams->size;
}
else
{
if (volParams->size <= TC_TOTAL_VOLUME_HEADERS_SIZE)
return ERR_VOL_SIZE_WRONG;
dataOffset = TC_VOLUME_DATA_OFFSET;
}
dataAreaSize = GetVolumeDataAreaSize (volParams->hiddenVol, volParams->size);
num_sectors = dataAreaSize / FormatSectorSize;
if (volParams->bDevice)
{
StringCbCopyA ((char *)deviceName, sizeof(deviceName), volParams->volumePath);
ToUNICODE ((char *)deviceName, sizeof(deviceName));
driveLetter = GetDiskDeviceDriveLetter (deviceName);
}
VirtualLock (header, sizeof (header));
nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE,
header,
volParams->ea,
FIRST_MODE_OF_OPERATION_ID,
volParams->password,
volParams->pkcs5,
volParams->pim,
NULL,
&cryptoInfo,
dataAreaSize,
volParams->hiddenVol ? dataAreaSize : 0,
dataOffset,
dataAreaSize,
0,
volParams->headerFlags,
FormatSectorSize,
FALSE);
if (nStatus != 0)
{
burn (header, sizeof (header));
VirtualUnlock (header, sizeof (header));
return nStatus;
}
begin_format:
if (volParams->bDevice)
{
/* Device-hosted volume */
DWORD dwResult;
int nPass;
if (FakeDosNameForDevice (volParams->volumePath, dosDev, sizeof(dosDev), devName, sizeof(devName), FALSE) != 0)
return ERR_OS_ERROR;
if (IsDeviceMounted (devName))
{
if ((dev = DismountDrive (devName, volParams->volumePath)) == INVALID_HANDLE_VALUE)
{
Error ("FORMAT_CANT_DISMOUNT_FILESYS", hwndDlg);
nStatus = ERR_DONT_REPORT;
goto error;
}
/* Gain "raw" access to the partition (it contains a live filesystem and the filesystem driver
would otherwise prevent us from writing to hidden sectors). */
if (!DeviceIoControl (dev,
FSCTL_ALLOW_EXTENDED_DASD_IO,
NULL,
0,
NULL,
0,
&dwResult,
NULL))
{
bFailedRequiredDASD = TRUE;
}
}
else if (IsOSAtLeast (WIN_VISTA) && driveLetter == -1)
{
// Windows Vista doesn't allow overwriting sectors belonging to an unformatted partition
// to which no drive letter has been assigned under the system. This problem can be worked
// around by assigning a drive letter to the partition temporarily.
char szDriveLetter[] = { 'A', ':', 0 };
char rootPath[] = { 'A', ':', '\\', 0 };
char uniqVolName[MAX_PATH+1] = { 0 };
int tmpDriveLetter = -1;
BOOL bResult = FALSE;
tmpDriveLetter = GetFirstAvailableDrive ();
if (tmpDriveLetter != -1)
{
rootPath[0] += (char) tmpDriveLetter;
szDriveLetter[0] += (char) tmpDriveLetter;
if (DefineDosDevice (DDD_RAW_TARGET_PATH, szDriveLetter, volParams->volumePath))
{
bResult = GetVolumeNameForVolumeMountPoint (rootPath, uniqVolName, MAX_PATH);
DefineDosDevice (DDD_RAW_TARGET_PATH|DDD_REMOVE_DEFINITION|DDD_EXACT_MATCH_ON_REMOVE,
szDriveLetter,
volParams->volumePath);
if (bResult
&& SetVolumeMountPoint (rootPath, uniqVolName))
{
// The drive letter can be removed now
DeleteVolumeMountPoint (rootPath);
}
}
}
}
// For extra safety, we will try to gain "raw" access to the partition. Note that this should actually be
// redundant because if the filesystem was mounted, we already tried to obtain DASD above. If we failed,
// bFailedRequiredDASD was set to TRUE and therefore we will perform pseudo "quick format" below. However,
// for extra safety, in case IsDeviceMounted() failed to detect a live filesystem, we will blindly
// send FSCTL_ALLOW_EXTENDED_DASD_IO (possibly for a second time) without checking the result.
DeviceIoControl (dev,
FSCTL_ALLOW_EXTENDED_DASD_IO,
NULL,
0,
NULL,
0,
&dwResult,
NULL);
// If DASD is needed but we failed to obtain it, perform open - 'quick format' - close - open
// so that the filesystem driver does not prevent us from formatting hidden sectors.
for (nPass = (bFailedRequiredDASD ? 0 : 1); nPass < 2; nPass++)
{
int retryCount;
retryCount = 0;
// Try exclusive access mode first
// Note that when exclusive access is denied, it is worth retrying (usually succeeds after a few tries).
while (dev == INVALID_HANDLE_VALUE && retryCount++ < EXCL_ACCESS_MAX_AUTO_RETRIES)
{
dev = CreateFile (devName, GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL);
if (retryCount > 1)
Sleep (EXCL_ACCESS_AUTO_RETRY_DELAY);
}
if (dev == INVALID_HANDLE_VALUE)
{
// Exclusive access denied -- retry in shared mode
dev = CreateFile (devName, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
if (dev != INVALID_HANDLE_VALUE)
{
if (!volParams->bForceOperation && (Silent || (IDNO == MessageBoxW (volParams->hwndDlg, GetString ("DEVICE_IN_USE_FORMAT"), lpszTitle, MB_YESNO|MB_ICONWARNING|MB_DEFBUTTON2))))
{
nStatus = ERR_DONT_REPORT;
goto error;
}
}
else
{
handleWin32Error (volParams->hwndDlg, SRC_POS);
Error ("CANT_ACCESS_VOL", hwndDlg);
nStatus = ERR_DONT_REPORT;
goto error;
}
}
if (volParams->hiddenVol || bInstantRetryOtherFilesys)
break; // The following "quick format" operation would damage the outer volume
if (nPass == 0)
{
char buf [2 * TC_MAX_VOLUME_SECTOR_SIZE];
DWORD bw;
// Perform pseudo "quick format" so that the filesystem driver does not prevent us from
// formatting hidden sectors
memset (buf, 0, sizeof (buf));
if (!WriteFile (dev, buf, sizeof (buf), &bw, NULL))
{
nStatus = ERR_OS_ERROR;
goto error;
}
FlushFileBuffers (dev);
CloseHandle (dev);
dev = INVALID_HANDLE_VALUE;
}
}
if (DeviceIoControl (dev, FSCTL_IS_VOLUME_MOUNTED, NULL, 0, NULL, 0, &dwResult, NULL))
{
Error ("FORMAT_CANT_DISMOUNT_FILESYS", hwndDlg);
nStatus = ERR_DONT_REPORT;
goto error;
}
}
else
{
/* File-hosted volume */
dev = CreateFile (volParams->volumePath, GENERIC_READ | GENERIC_WRITE,
(volParams->hiddenVol || bInstantRetryOtherFilesys) ? (FILE_SHARE_READ | FILE_SHARE_WRITE) : 0,
NULL, (volParams->hiddenVol || bInstantRetryOtherFilesys) ? OPEN_EXISTING : CREATE_ALWAYS, 0, NULL);
if (dev == INVALID_HANDLE_VALUE)
{
nStatus = ERR_OS_ERROR;
goto error;
}
DisableFileCompression (dev);
if (!volParams->hiddenVol && !bInstantRetryOtherFilesys)
{
LARGE_INTEGER volumeSize;
volumeSize.QuadPart = dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE;
if (volParams->sparseFileSwitch && volParams->quickFormat)
{
// Create as sparse file container
DWORD tmp;
if (!DeviceIoControl (dev, FSCTL_SET_SPARSE, NULL, 0, NULL, 0, &tmp, NULL))
{
nStatus = ERR_OS_ERROR;
goto error;
}
}
// Preallocate the file
if (!SetFilePointerEx (dev, volumeSize, NULL, FILE_BEGIN)
|| !SetEndOfFile (dev)
|| SetFilePointer (dev, 0, NULL, FILE_BEGIN) != 0)
{
nStatus = ERR_OS_ERROR;
goto error;
}
}
}
if (volParams->hiddenVol && !volParams->bDevice && bPreserveTimestamp)
{
if (GetFileTime ((HANDLE) dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime) == 0)
bTimeStampValid = FALSE;
else
bTimeStampValid = TRUE;
}
if (volParams->hwndDlg && volParams->bGuiMode) KillTimer (volParams->hwndDlg, TIMER_ID_RANDVIEW);
/* Volume header */
// Hidden volume setup
if (volParams->hiddenVol)
{
LARGE_INTEGER headerOffset;
// Check hidden volume size
if (volParams->hiddenVolHostSize < TC_MIN_HIDDEN_VOLUME_HOST_SIZE || volParams->hiddenVolHostSize > TC_MAX_HIDDEN_VOLUME_HOST_SIZE)
{
nStatus = ERR_VOL_SIZE_WRONG;
goto error;
}
// Seek to hidden volume header location
headerOffset.QuadPart = TC_HIDDEN_VOLUME_HEADER_OFFSET;
if (!SetFilePointerEx ((HANDLE) dev, headerOffset, NULL, FILE_BEGIN))
{
nStatus = ERR_OS_ERROR;
goto error;
}
}
else if (bInstantRetryOtherFilesys)
{
// The previous file system format failed and the user wants to try again with a different file system.
// The volume header had been written successfully so we need to seek to the byte after the header.
LARGE_INTEGER offset;
offset.QuadPart = TC_VOLUME_DATA_OFFSET;
if (!SetFilePointerEx ((HANDLE) dev, offset, NULL, FILE_BEGIN))
{
nStatus = ERR_OS_ERROR;
goto error;
}
}
if (!bInstantRetryOtherFilesys)
{
// Write the volume header
if (!WriteEffectiveVolumeHeader (volParams->bDevice, dev, header))
{
nStatus = ERR_OS_ERROR;
goto error;
}
// To prevent fragmentation, write zeroes to reserved header sectors which are going to be filled with random data
if (!volParams->bDevice && !volParams->hiddenVol)
{
byte buf[TC_VOLUME_HEADER_GROUP_SIZE - TC_VOLUME_HEADER_EFFECTIVE_SIZE];
DWORD bytesWritten;
ZeroMemory (buf, sizeof (buf));
if (!WriteFile (dev, buf, sizeof (buf), &bytesWritten, NULL))
{
nStatus = ERR_OS_ERROR;
goto error;
}
if (bytesWritten != sizeof (buf))
{
nStatus = ERR_PARAMETER_INCORRECT;
goto error;
}
}
}
if (volParams->hiddenVol)
{
// Calculate data area position of hidden volume
cryptoInfo->hiddenVolumeOffset = dataOffset;
// Validate the offset
if (dataOffset % FormatSectorSize != 0)
{
nStatus = ERR_VOL_SIZE_WRONG;
goto error;
}
volParams->quickFormat = TRUE; // To entirely format a hidden volume would be redundant
}
/* Data area */
startSector = dataOffset / FormatSectorSize;
// Format filesystem
switch (volParams->fileSystem)
{
case FILESYS_NONE:
case FILESYS_NTFS:
if (volParams->bDevice && !StartFormatWriteThread())
{
nStatus = ERR_OS_ERROR;
goto error;
}
nStatus = FormatNoFs (hwndDlg, startSector, num_sectors, dev, cryptoInfo, volParams->quickFormat);
if (volParams->bDevice)
StopFormatWriteThread();
break;
case FILESYS_FAT:
if (num_sectors > 0xFFFFffff)
{
nStatus = ERR_VOL_SIZE_WRONG;
goto error;
}
// Calculate the fats, root dir etc
ft.num_sectors = (unsigned int) (num_sectors);
#if TC_MAX_VOLUME_SECTOR_SIZE > 0xFFFF
#error TC_MAX_VOLUME_SECTOR_SIZE > 0xFFFF
#endif
ft.sector_size = (uint16) FormatSectorSize;
ft.cluster_size = volParams->clusterSize;
memcpy (ft.volume_name, "NO NAME ", 11);
GetFatParams (&ft);
*(volParams->realClusterSize) = ft.cluster_size * FormatSectorSize;
if (volParams->bDevice && !StartFormatWriteThread())
{
nStatus = ERR_OS_ERROR;
goto error;
}
nStatus = FormatFat (hwndDlg, startSector, &ft, (void *) dev, cryptoInfo, volParams->quickFormat);
if (volParams->bDevice)
StopFormatWriteThread();
break;
default:
nStatus = ERR_PARAMETER_INCORRECT;
goto error;
}
if (nStatus != ERR_SUCCESS)
goto error;
// Write header backup
offset.QuadPart = volParams->hiddenVol ? volParams->hiddenVolHostSize - TC_HIDDEN_VOLUME_HEADER_OFFSET : dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE;
if (!SetFilePointerEx ((HANDLE) dev, offset, NULL, FILE_BEGIN))
{
nStatus = ERR_OS_ERROR;
goto error;
}
nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE,
header,
volParams->ea,
FIRST_MODE_OF_OPERATION_ID,
volParams->password,
volParams->pkcs5,
volParams->pim,
cryptoInfo->master_keydata,
&cryptoInfo,
dataAreaSize,
volParams->hiddenVol ? dataAreaSize : 0,
dataOffset,
dataAreaSize,
0,
volParams->headerFlags,
FormatSectorSize,
FALSE);
if (!WriteEffectiveVolumeHeader (volParams->bDevice, dev, header))
{
nStatus = ERR_OS_ERROR;
goto error;
}
// Fill reserved header sectors (including the backup header area) with random data
if (!volParams->hiddenVol)
{
nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, dataAreaSize, FALSE, FALSE);
if (nStatus != ERR_SUCCESS)
goto error;
}
#ifndef DEBUG
if (volParams->quickFormat && volParams->fileSystem != FILESYS_NTFS)
Sleep (500); // User-friendly GUI
#endif
error:
dwError = GetLastError();
burn (header, sizeof (header));
VirtualUnlock (header, sizeof (header));
if (dev != INVALID_HANDLE_VALUE)
{
if (!volParams->bDevice && !volParams->hiddenVol && nStatus != 0)
{
// Remove preallocated part before closing file handle if format failed
if (SetFilePointer (dev, 0, NULL, FILE_BEGIN) == 0)
SetEndOfFile (dev);
}
FlushFileBuffers (dev);
if (bTimeStampValid)
SetFileTime (dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime);
CloseHandle (dev);
dev = INVALID_HANDLE_VALUE;
}
if (nStatus != 0)
{
SetLastError(dwError);
goto fv_end;
}
if (volParams->fileSystem == FILESYS_NTFS)
{
// Quick-format volume as NTFS
int driveNo = GetLastAvailableDrive ();
MountOptions mountOptions;
int retCode;
ZeroMemory (&mountOptions, sizeof (mountOptions));
if (driveNo == -1)
{
if (!Silent)
{
MessageBoxW (volParams->hwndDlg, GetString ("NO_FREE_DRIVES"), lpszTitle, ICON_HAND);
MessageBoxW (volParams->hwndDlg, GetString ("FORMAT_NTFS_STOP"), lpszTitle, ICON_HAND);
}
nStatus = ERR_NO_FREE_DRIVES;
goto fv_end;
}
mountOptions.ReadOnly = FALSE;
mountOptions.Removable = FALSE;
mountOptions.ProtectHiddenVolume = FALSE;
mountOptions.PreserveTimestamp = bPreserveTimestamp;
mountOptions.PartitionInInactiveSysEncScope = FALSE;
mountOptions.UseBackupHeader = FALSE;
if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, volParams->pkcs5, volParams->pim, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
{
if (!Silent)
{
MessageBoxW (volParams->hwndDlg, GetString ("CANT_MOUNT_VOLUME"), lpszTitle, ICON_HAND);
MessageBoxW (volParams->hwndDlg, GetString ("FORMAT_NTFS_STOP"), lpszTitle, ICON_HAND);
}
nStatus = ERR_VOL_MOUNT_FAILED;
goto fv_end;
}
if (!Silent && !IsAdmin () && IsUacSupported ())
retCode = UacFormatNtfs (volParams->hwndDlg, driveNo, volParams->clusterSize);
else
retCode = FormatNtfs (driveNo, volParams->clusterSize);
if (retCode != TRUE)
{
if (!UnmountVolumeAfterFormatExCall (volParams->hwndDlg, driveNo) && !Silent)
MessageBoxW (volParams->hwndDlg, GetString ("CANT_DISMOUNT_VOLUME"), lpszTitle, ICON_HAND);
if (dataAreaSize <= TC_MAX_FAT_SECTOR_COUNT * FormatSectorSize)
{
if (AskErrYesNo ("FORMAT_NTFS_FAILED_ASK_FAT", hwndDlg) == IDYES)
{
// NTFS format failed and the user wants to try FAT format immediately
volParams->fileSystem = FILESYS_FAT;
bInstantRetryOtherFilesys = TRUE;
volParams->quickFormat = TRUE; // Volume has already been successfully TC-formatted
volParams->clusterSize = 0; // Default cluster size
goto begin_format;
}
}
else
Error ("FORMAT_NTFS_FAILED", hwndDlg);
nStatus = ERR_DONT_REPORT;
goto fv_end;
}
if (!UnmountVolumeAfterFormatExCall (volParams->hwndDlg, driveNo) && !Silent)
MessageBoxW (volParams->hwndDlg, GetString ("CANT_DISMOUNT_VOLUME"), lpszTitle, ICON_HAND);
}
fv_end:
dwError = GetLastError();
if (dosDev[0])
RemoveFakeDosName (volParams->volumePath, dosDev);
crypto_close (cryptoInfo);
SetLastError (dwError);
return nStatus;
}
int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors, void * dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat)
{
int write_buf_cnt = 0;
char sector[TC_MAX_VOLUME_SECTOR_SIZE], *write_buf;
unsigned __int64 nSecNo = startSector;
int retVal = 0;
DWORD err;
char temporaryKey[MASTER_KEYDATA_SIZE];
char originalK2[MASTER_KEYDATA_SIZE];
LARGE_INTEGER startOffset;
LARGE_INTEGER newOffset;
// Seek to start sector
startOffset.QuadPart = startSector * FormatSectorSize;
if (!SetFilePointerEx ((HANDLE) dev, startOffset, &newOffset, FILE_BEGIN)
|| newOffset.QuadPart != startOffset.QuadPart)
{
return ERR_OS_ERROR;
}
write_buf = (char *)TCalloc (FormatWriteBufferSize);
if (!write_buf)
return ERR_OUTOFMEMORY;
VirtualLock (temporaryKey, sizeof (temporaryKey));
VirtualLock (originalK2, sizeof (originalK2));
memset (sector, 0, sizeof (sector));
// Remember the original secondary key (XTS mode) before generating a temporary one
memcpy (originalK2, cryptoInfo->k2, sizeof (cryptoInfo->k2));
/* Fill the rest of the data area with random data */
if(!quickFormat)
{
/* Generate a random temporary key set to be used for "dummy" encryption that will fill
the free disk space (data area) with random data. This is necessary for plausible
deniability of hidden volumes. */
// Temporary master key
if (!RandgetBytes (hwndDlg, temporaryKey, EAGetKeySize (cryptoInfo->ea), FALSE))
goto fail;
// Temporary secondary key (XTS mode)
if (!RandgetBytes (hwndDlg, cryptoInfo->k2, sizeof cryptoInfo->k2, FALSE))
goto fail;
retVal = EAInit (cryptoInfo->ea, temporaryKey, cryptoInfo->ks);
if (retVal != ERR_SUCCESS)
goto fail;
if (!EAInitMode (cryptoInfo))
{
retVal = ERR_MODE_INIT_FAILED;
goto fail;
}
while (num_sectors--)
{
if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo,
cryptoInfo) == FALSE)
goto fail;
}
if (!FlushFormatWriteBuffer (dev, write_buf, &write_buf_cnt, &nSecNo, cryptoInfo))
goto fail;
}
else
nSecNo = num_sectors;
UpdateProgressBar (nSecNo * FormatSectorSize);
// Restore the original secondary key (XTS mode) in case NTFS format fails and the user wants to try FAT immediately
memcpy (cryptoInfo->k2, originalK2, sizeof (cryptoInfo->k2));
// Reinitialize the encryption algorithm and mode in case NTFS format fails and the user wants to try FAT immediately
retVal = EAInit (cryptoInfo->ea, cryptoInfo->master_keydata, cryptoInfo->ks);
if (retVal != ERR_SUCCESS)
goto fail;
if (!EAInitMode (cryptoInfo))
{
retVal = ERR_MODE_INIT_FAILED;
goto fail;
}
burn (temporaryKey, sizeof(temporaryKey));
burn (originalK2, sizeof(originalK2));
VirtualUnlock (temporaryKey, sizeof (temporaryKey));
VirtualUnlock (originalK2, sizeof (originalK2));
TCfree (write_buf);
return 0;
fail:
err = GetLastError();
burn (temporaryKey, sizeof(temporaryKey));
burn (originalK2, sizeof(originalK2));
VirtualUnlock (temporaryKey, sizeof (temporaryKey));
VirtualUnlock (originalK2, sizeof (originalK2));
TCfree (write_buf);
SetLastError (err);
return (retVal ? retVal : ERR_OS_ERROR);
}
/*************************************************
* Unlock a previously locked region of memory *
*************************************************/
void unlock_mem(void* ptr, u32bit bytes)
{
VirtualUnlock(ptr, bytes);
}
void disk_buffer_pool::free_buffer_impl(char* buf, mutex::scoped_lock& l)
{
TORRENT_ASSERT(buf);
TORRENT_ASSERT(m_magic == 0x1337);
TORRENT_ASSERT(m_settings_set);
TORRENT_ASSERT(is_disk_buffer(buf, l));
#if TORRENT_USE_MLOCK
if (m_lock_disk_cache)
{
#ifdef TORRENT_WINDOWS
VirtualUnlock(buf, m_block_size);
#else
munlock(buf, m_block_size);
#endif
}
#endif
#if TORRENT_HAVE_MMAP
if (m_cache_pool)
{
TORRENT_ASSERT(buf >= m_cache_pool);
TORRENT_ASSERT(buf < m_cache_pool + boost::uint64_t(m_max_use) * 0x4000);
int slot_index = (buf - m_cache_pool) / 0x4000;
m_free_list.push_back(slot_index);
#if defined MADV_FREE
// tell the virtual memory system that we don't actually care
// about the data in these pages anymore. If this block was
// swapped out to the SSD, it (hopefully) means it won't have
// to be read back in once we start writing our new data to it
madvise(buf, 0x4000, MADV_FREE);
#elif defined MADV_DONTNEED && defined TORRENT_LINUX
// rumor has it that MADV_DONTNEED is in fact destructive
// on linux (i.e. it won't flush it to disk or re-read from disk)
// http://kerneltrap.org/mailarchive/linux-kernel/2007/5/1/84410
madvise(buf, 0x4000, MADV_DONTNEED);
#endif
}
else
#endif
{
#if defined TORRENT_DISABLE_POOL_ALLOCATOR
#if TORRENT_USE_PURGABLE_CONTROL
vm_deallocate(
mach_task_self(),
reinterpret_cast<vm_address_t>(buf),
0x4000
);
#else
page_aligned_allocator::free(buf);
#endif // TORRENT_USE_PURGABLE_CONTROL
#else
if (m_using_pool_allocator)
m_pool.free(buf);
else
page_aligned_allocator::free(buf);
#endif // TORRENT_DISABLE_POOL_ALLOCATOR
}
#if defined TORRENT_DEBUG
std::set<char*>::iterator i = m_buffers_in_use.find(buf);
TORRENT_ASSERT(i != m_buffers_in_use.end());
m_buffers_in_use.erase(i);
#endif
--m_in_use;
#ifndef TORRENT_DISABLE_POOL_ALLOCATOR
// should we switch which allocator to use?
if (m_in_use == 0 && m_want_pool_allocator != m_using_pool_allocator)
{
m_pool.release_memory();
m_using_pool_allocator = m_want_pool_allocator;
}
#endif
}
///
/// Note: if there are Keyfiles, these must be applied already to the password!
/// int __declspec(dllexport) __stdcall CheckVolumeHeaderPassword (BOOL bBoot, char *encryptedHeader, Password *password)
int __declspec(dllexport) __cdecl CheckVolumeHeaderPassword (BOOL bBoot, char *encryptedHeader, Password *password)
{
char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
KEY_INFO keyInfo;
PCRYPTO_INFO cryptoInfo;
char dk[MASTER_KEYDATA_SIZE];
int enqPkcs5Prf, pkcs5_prf;
uint16 headerVersion;
int status = ERR_PARAMETER_INCORRECT;
int primaryKeyOffset;
TC_EVENT keyDerivationCompletedEvent;
TC_EVENT noOutstandingWorkItemEvent;
KeyDerivationWorkItem *keyDerivationWorkItems;
KeyDerivationWorkItem *item;
int pkcs5PrfCount = LAST_PRF_ID - FIRST_PRF_ID + 1;
size_t encryptionThreadCount = GetEncryptionThreadCount();
size_t queuedWorkItems = 0;
LONG outstandingWorkItemCount = 0;
int i;
cryptoInfo = crypto_open();
if (cryptoInfo == NULL)
return ERR_OUTOFMEMORY;
if (encryptionThreadCount > 1)
{
keyDerivationWorkItems = TCalloc (sizeof (KeyDerivationWorkItem) * pkcs5PrfCount);
if (!keyDerivationWorkItems)
return ERR_OUTOFMEMORY;
for (i = 0; i < pkcs5PrfCount; ++i)
keyDerivationWorkItems[i].Free = TRUE;
keyDerivationCompletedEvent = CreateEvent (NULL, FALSE, FALSE, NULL);
if (!keyDerivationCompletedEvent)
{
TCfree (keyDerivationWorkItems);
return ERR_OUTOFMEMORY;
}
noOutstandingWorkItemEvent = CreateEvent (NULL, FALSE, TRUE, NULL);
if (!noOutstandingWorkItemEvent)
{
CloseHandle (keyDerivationCompletedEvent);
TCfree (keyDerivationWorkItems);
return ERR_OUTOFMEMORY;
}
}
VirtualLock (&keyInfo, sizeof (keyInfo));
VirtualLock (&dk, sizeof (dk));
crypto_loadkey (&keyInfo, password->Text, (int) password->Length);
// PKCS5 is used to derive the primary header key(s) and secondary header key(s) (XTS mode) from the password
memcpy (keyInfo.salt, encryptedHeader + HEADER_SALT_OFFSET, PKCS5_SALT_SIZE);
// Test all available PKCS5 PRFs
for (enqPkcs5Prf = FIRST_PRF_ID; enqPkcs5Prf <= LAST_PRF_ID || queuedWorkItems > 0; ++enqPkcs5Prf)
{
BOOL lrw64InitDone = FALSE; // Deprecated/legacy
BOOL lrw128InitDone = FALSE; // Deprecated/legacy
if (encryptionThreadCount > 1)
{
// Enqueue key derivation on thread pool
if (queuedWorkItems < encryptionThreadCount && enqPkcs5Prf <= LAST_PRF_ID)
{
for (i = 0; i < pkcs5PrfCount; ++i)
{
item = &keyDerivationWorkItems[i];
if (item->Free)
{
item->Free = FALSE;
item->KeyReady = FALSE;
item->Pkcs5Prf = enqPkcs5Prf;
EncryptionThreadPoolBeginKeyDerivation (&keyDerivationCompletedEvent, &noOutstandingWorkItemEvent,
&item->KeyReady, &outstandingWorkItemCount, enqPkcs5Prf, keyInfo.userKey,
keyInfo.keyLength, keyInfo.salt, get_pkcs5_iteration_count (enqPkcs5Prf, bBoot), item->DerivedKey);
++queuedWorkItems;
break;
}
}
if (enqPkcs5Prf < LAST_PRF_ID)
continue;
}
else
--enqPkcs5Prf;
// Wait for completion of a key derivation
while (queuedWorkItems > 0)
{
for (i = 0; i < pkcs5PrfCount; ++i)
{
item = &keyDerivationWorkItems[i];
if (!item->Free && InterlockedExchangeAdd (&item->KeyReady, 0) == TRUE)
{
pkcs5_prf = item->Pkcs5Prf;
keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, bBoot);
memcpy (dk, item->DerivedKey, sizeof (dk));
item->Free = TRUE;
--queuedWorkItems;
goto KeyReady;
}
}
if (queuedWorkItems > 0)
TC_WAIT_EVENT (keyDerivationCompletedEvent);
}
continue;
KeyReady: ;
}
else
{
pkcs5_prf = enqPkcs5Prf;
keyInfo.noIterations = get_pkcs5_iteration_count (enqPkcs5Prf, bBoot);
switch (pkcs5_prf)
{
case RIPEMD160:
derive_key_ripemd160 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
case SHA512:
derive_key_sha512 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
case SHA1:
// Deprecated/legacy
derive_key_sha1 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
case WHIRLPOOL:
derive_key_whirlpool (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
}
}
// Test all available modes of operation
for (cryptoInfo->mode = FIRST_MODE_OF_OPERATION_ID;
cryptoInfo->mode <= LAST_MODE_OF_OPERATION;
cryptoInfo->mode++)
{
switch (cryptoInfo->mode)
{
case LRW:
case CBC:
case INNER_CBC:
case OUTER_CBC:
// For LRW (deprecated/legacy), copy the tweak key
// For CBC (deprecated/legacy), copy the IV/whitening seed
memcpy (cryptoInfo->k2, dk, LEGACY_VOL_IV_SIZE);
primaryKeyOffset = LEGACY_VOL_IV_SIZE;
break;
default:
primaryKeyOffset = 0;
}
// Test all available encryption algorithms
for (cryptoInfo->ea = EAGetFirst ();
cryptoInfo->ea != 0;
cryptoInfo->ea = EAGetNext (cryptoInfo->ea))
{
int blockSize;
if (!EAIsModeSupported (cryptoInfo->ea, cryptoInfo->mode))
continue; // This encryption algorithm has never been available with this mode of operation
blockSize = CipherGetBlockSize (EAGetFirstCipher (cryptoInfo->ea));
status = EAInit (cryptoInfo->ea, dk + primaryKeyOffset, cryptoInfo->ks);
if (status == ERR_CIPHER_INIT_FAILURE)
goto err;
// Init objects related to the mode of operation
if (cryptoInfo->mode == XTS)
{
// Copy the secondary key (if cascade, multiple concatenated)
memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
// Secondary key schedule
if (!EAInitMode (cryptoInfo))
{
status = ERR_MODE_INIT_FAILED;
goto err;
}
}
else if (cryptoInfo->mode == LRW
&& (blockSize == 8 && !lrw64InitDone || blockSize == 16 && !lrw128InitDone))
{
// Deprecated/legacy
if (!EAInitMode (cryptoInfo))
{
status = ERR_MODE_INIT_FAILED;
goto err;
}
if (blockSize == 8)
lrw64InitDone = TRUE;
else if (blockSize == 16)
lrw128InitDone = TRUE;
}
// Copy the header for decryption
memcpy (header, encryptedHeader, sizeof (header));
// Try to decrypt header
DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
// Magic 'TRUE'
if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) == 0x54525545){
status = ERR_SUCCESS;
goto ret;
}
}
}
}
status = ERR_PASSWORD_WRONG;
err:
ret:
burn (&keyInfo, sizeof (keyInfo));
burn (dk, sizeof(dk));
VirtualUnlock (&keyInfo, sizeof (keyInfo));
VirtualUnlock (&dk, sizeof (dk));
if (encryptionThreadCount > 1)
{
// TC_WAIT_EVENT (noOutstandingWorkItemEvent);
burn (keyDerivationWorkItems, sizeof (KeyDerivationWorkItem) * pkcs5PrfCount);
TCfree (keyDerivationWorkItems);
CloseHandle (keyDerivationCompletedEvent);
CloseHandle (noOutstandingWorkItemEvent);
}
return status;
}
static void unlockMemory( INOUT MEM_INFO_HEADER *memHdrPtr )
{
MEM_INFO_HEADER *currentBlockPtr;
PTR_TYPE block1PageAddress, block2PageAddress;
const int pageSize = getSysVar( SYSVAR_PAGESIZE );
assert( isWritePtr( memHdrPtr, sizeof( MEM_INFO_HEADER ) ) );
/* If the memory block isn't locked, there's nothing to do */
if( !( memHdrPtr->flags & MEM_FLAG_LOCKED ) )
return;
/* Because VirtualLock() works on a per-page basis, we can't unlock a
memory block if there's another locked block on the same page. The
only way to manage this is to walk the block list checking to see
whether there's another block allocated on the same page. Although in
theory this could make freeing memory rather slow, in practice there
are only a small number of allocated blocks to check so it's
relatively quick, especially compared to the overhead imposed by the
lethargic VC++ allocator. The only real disadvantage is that the
allocation objects remain locked while we do the free, but this
isn't any worse than the overhead of touchAllocatedPages(). Note
that the following code assumes that an allocated block will never
cover more than two pages, which is always the case.
First we calculate the addresses of the page(s) in which the memory
block resides */
block1PageAddress = getPageStartAddress( memHdrPtr );
block2PageAddress = getPageEndAddress( memHdrPtr, memHdrPtr->size );
if( block1PageAddress == block2PageAddress )
block2PageAddress = 0;
/* Walk down the block list checking whether the page(s) contain another
locked block */
for( currentBlockPtr = krnlData->allocatedListHead; \
currentBlockPtr != NULL; currentBlockPtr = currentBlockPtr->next )
{
const PTR_TYPE currentPage1Address = \
getPageStartAddress( currentBlockPtr );
PTR_TYPE currentPage2Address = \
getPageEndAddress( currentBlockPtr, currentBlockPtr->size );
if( currentPage1Address == currentPage2Address )
currentPage2Address = 0;
/* If there's another block allocated on either of the pages, don't
unlock it */
if( block1PageAddress == currentPage1Address || \
block1PageAddress == currentPage2Address )
{
block1PageAddress = 0;
if( !block2PageAddress )
break;
}
if( block2PageAddress == currentPage1Address || \
block2PageAddress == currentPage2Address )
{
block2PageAddress = 0;
if( !block1PageAddress )
break;
}
}
/* Finally, if either page needs unlocking, do so. The supplied size is
irrelevant since the entire page the memory is on is unlocked */
if( block1PageAddress )
VirtualUnlock( ( void * ) block1PageAddress, 16 );
if( block2PageAddress )
VirtualUnlock( ( void * ) block2PageAddress, 16 );
}
void Win32LockedPageAllocator::FreeLocked(void* addr, size_t len)
{
len = align_up(len, page_size);
memory_cleanse(addr, len);
VirtualUnlock(const_cast<void*>(addr), len);
}
/*
================
Sys_UnlockMemory
================
*/
bool Sys_UnlockMemory( void *ptr, int bytes ) {
return ( VirtualUnlock( ptr, (SIZE_T)bytes ) != FALSE );
}
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
{
char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
KEY_INFO keyInfo;
PCRYPTO_INFO cryptoInfo;
char dk[MASTER_KEYDATA_SIZE];
int enqPkcs5Prf, pkcs5_prf;
uint16 headerVersion;
int status = ERR_PARAMETER_INCORRECT;
int primaryKeyOffset;
TC_EVENT keyDerivationCompletedEvent;
TC_EVENT noOutstandingWorkItemEvent;
KeyDerivationWorkItem *keyDerivationWorkItems;
KeyDerivationWorkItem *item;
int pkcs5PrfCount = LAST_PRF_ID - FIRST_PRF_ID + 1;
size_t encryptionThreadCount = GetEncryptionThreadCount();
size_t queuedWorkItems = 0;
LONG outstandingWorkItemCount = 0;
int i;
if (retHeaderCryptoInfo != NULL)
{
cryptoInfo = retHeaderCryptoInfo;
}
else
{
cryptoInfo = *retInfo = crypto_open ();
if (cryptoInfo == NULL)
return ERR_OUTOFMEMORY;
}
if (encryptionThreadCount > 1)
{
keyDerivationWorkItems = TCalloc (sizeof (KeyDerivationWorkItem) * pkcs5PrfCount);
if (!keyDerivationWorkItems)
return ERR_OUTOFMEMORY;
for (i = 0; i < pkcs5PrfCount; ++i)
keyDerivationWorkItems[i].Free = TRUE;
#ifdef DEVICE_DRIVER
KeInitializeEvent (&keyDerivationCompletedEvent, SynchronizationEvent, FALSE);
KeInitializeEvent (&noOutstandingWorkItemEvent, SynchronizationEvent, TRUE);
#else
keyDerivationCompletedEvent = CreateEvent (NULL, FALSE, FALSE, NULL);
if (!keyDerivationCompletedEvent)
{
TCfree (keyDerivationWorkItems);
return ERR_OUTOFMEMORY;
}
noOutstandingWorkItemEvent = CreateEvent (NULL, FALSE, TRUE, NULL);
if (!noOutstandingWorkItemEvent)
{
CloseHandle (keyDerivationCompletedEvent);
TCfree (keyDerivationWorkItems);
return ERR_OUTOFMEMORY;
}
#endif
}
#ifndef DEVICE_DRIVER
VirtualLock (&keyInfo, sizeof (keyInfo));
VirtualLock (&dk, sizeof (dk));
#endif
crypto_loadkey (&keyInfo, password->Text, (int) password->Length);
// PKCS5 is used to derive the primary header key(s) and secondary header key(s) (XTS mode) from the password
memcpy (keyInfo.salt, encryptedHeader + HEADER_SALT_OFFSET, PKCS5_SALT_SIZE);
// Test all available PKCS5 PRFs
for (enqPkcs5Prf = FIRST_PRF_ID; enqPkcs5Prf <= LAST_PRF_ID || queuedWorkItems > 0; ++enqPkcs5Prf)
{
BOOL lrw64InitDone = FALSE; // Deprecated/legacy
BOOL lrw128InitDone = FALSE; // Deprecated/legacy
if (encryptionThreadCount > 1)
{
// Enqueue key derivation on thread pool
if (queuedWorkItems < encryptionThreadCount && enqPkcs5Prf <= LAST_PRF_ID)
{
for (i = 0; i < pkcs5PrfCount; ++i)
{
item = &keyDerivationWorkItems[i];
if (item->Free)
{
item->Free = FALSE;
item->KeyReady = FALSE;
item->Pkcs5Prf = enqPkcs5Prf;
EncryptionThreadPoolBeginKeyDerivation (&keyDerivationCompletedEvent, &noOutstandingWorkItemEvent,
&item->KeyReady, &outstandingWorkItemCount, enqPkcs5Prf, keyInfo.userKey,
keyInfo.keyLength, keyInfo.salt, get_pkcs5_iteration_count (enqPkcs5Prf, bBoot), item->DerivedKey);
++queuedWorkItems;
break;
}
}
if (enqPkcs5Prf < LAST_PRF_ID)
continue;
}
else
--enqPkcs5Prf;
// Wait for completion of a key derivation
while (queuedWorkItems > 0)
{
for (i = 0; i < pkcs5PrfCount; ++i)
{
item = &keyDerivationWorkItems[i];
if (!item->Free && InterlockedExchangeAdd (&item->KeyReady, 0) == TRUE)
{
pkcs5_prf = item->Pkcs5Prf;
keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, bBoot);
memcpy (dk, item->DerivedKey, sizeof (dk));
item->Free = TRUE;
--queuedWorkItems;
goto KeyReady;
}
}
if (queuedWorkItems > 0)
TC_WAIT_EVENT (keyDerivationCompletedEvent);
}
continue;
KeyReady: ;
}
else
{
pkcs5_prf = enqPkcs5Prf;
keyInfo.noIterations = get_pkcs5_iteration_count (enqPkcs5Prf, bBoot);
switch (pkcs5_prf)
{
case RIPEMD160:
derive_key_ripemd160 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
case SHA512:
derive_key_sha512 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
case SHA1:
// Deprecated/legacy
derive_key_sha1 (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
case WHIRLPOOL:
derive_key_whirlpool (keyInfo.userKey, keyInfo.keyLength, keyInfo.salt,
PKCS5_SALT_SIZE, keyInfo.noIterations, dk, GetMaxPkcs5OutSize());
break;
default:
// Unknown/wrong ID
TC_THROW_FATAL_EXCEPTION;
}
}
// Test all available modes of operation
for (cryptoInfo->mode = FIRST_MODE_OF_OPERATION_ID;
cryptoInfo->mode <= LAST_MODE_OF_OPERATION;
cryptoInfo->mode++)
{
switch (cryptoInfo->mode)
{
case LRW:
case CBC:
case INNER_CBC:
case OUTER_CBC:
// For LRW (deprecated/legacy), copy the tweak key
// For CBC (deprecated/legacy), copy the IV/whitening seed
memcpy (cryptoInfo->k2, dk, LEGACY_VOL_IV_SIZE);
primaryKeyOffset = LEGACY_VOL_IV_SIZE;
break;
default:
primaryKeyOffset = 0;
}
// Test all available encryption algorithms
for (cryptoInfo->ea = EAGetFirst ();
cryptoInfo->ea != 0;
cryptoInfo->ea = EAGetNext (cryptoInfo->ea))
{
int blockSize;
if (!EAIsModeSupported (cryptoInfo->ea, cryptoInfo->mode))
continue; // This encryption algorithm has never been available with this mode of operation
blockSize = CipherGetBlockSize (EAGetFirstCipher (cryptoInfo->ea));
status = EAInit (cryptoInfo->ea, dk + primaryKeyOffset, cryptoInfo->ks);
if (status == ERR_CIPHER_INIT_FAILURE)
goto err;
// Init objects related to the mode of operation
if (cryptoInfo->mode == XTS)
{
// Copy the secondary key (if cascade, multiple concatenated)
memcpy (cryptoInfo->k2, dk + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
// Secondary key schedule
if (!EAInitMode (cryptoInfo))
{
status = ERR_MODE_INIT_FAILED;
goto err;
}
}
else if (cryptoInfo->mode == LRW
&& (blockSize == 8 && !lrw64InitDone || blockSize == 16 && !lrw128InitDone))
{
// Deprecated/legacy
if (!EAInitMode (cryptoInfo))
{
status = ERR_MODE_INIT_FAILED;
goto err;
}
if (blockSize == 8)
lrw64InitDone = TRUE;
else if (blockSize == 16)
lrw128InitDone = TRUE;
}
// Copy the header for decryption
memcpy (header, encryptedHeader, sizeof (header));
// Try to decrypt header
DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
// Magic 'TRUE'
if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x54525545)
continue;
// Header version
headerVersion = GetHeaderField16 (header, TC_HEADER_OFFSET_VERSION);
if (headerVersion > VOLUME_HEADER_VERSION)
{
status = ERR_NEW_VERSION_REQUIRED;
goto err;
}
// Check CRC of the header fields
if (!ReadVolumeHeaderRecoveryMode
&& headerVersion >= 4
&& GetHeaderField32 (header, TC_HEADER_OFFSET_HEADER_CRC) != GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC))
continue;
// Required program version
cryptoInfo->RequiredProgramVersion = GetHeaderField16 (header, TC_HEADER_OFFSET_REQUIRED_VERSION);
cryptoInfo->LegacyVolume = cryptoInfo->RequiredProgramVersion < 0x600;
// Check CRC of the key set
if (!ReadVolumeHeaderRecoveryMode
&& GetHeaderField32 (header, TC_HEADER_OFFSET_KEY_AREA_CRC) != GetCrc32 (header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE))
continue;
// Now we have the correct password, cipher, hash algorithm, and volume type
// Check the version required to handle this volume
if (cryptoInfo->RequiredProgramVersion > VERSION_NUM)
{
status = ERR_NEW_VERSION_REQUIRED;
goto err;
}
// Header version
cryptoInfo->HeaderVersion = headerVersion;
// Volume creation time (legacy)
cryptoInfo->volume_creation_time = GetHeaderField64 (header, TC_HEADER_OFFSET_VOLUME_CREATION_TIME).Value;
// Header creation time (legacy)
cryptoInfo->header_creation_time = GetHeaderField64 (header, TC_HEADER_OFFSET_MODIFICATION_TIME).Value;
// Hidden volume size (if any)
cryptoInfo->hiddenVolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_HIDDEN_VOLUME_SIZE).Value;
// Hidden volume status
cryptoInfo->hiddenVolume = (cryptoInfo->hiddenVolumeSize != 0);
// Volume size
cryptoInfo->VolumeSize = GetHeaderField64 (header, TC_HEADER_OFFSET_VOLUME_SIZE);
// Encrypted area size and length
cryptoInfo->EncryptedAreaStart = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_START);
cryptoInfo->EncryptedAreaLength = GetHeaderField64 (header, TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH);
// Flags
cryptoInfo->HeaderFlags = GetHeaderField32 (header, TC_HEADER_OFFSET_FLAGS);
// Sector size
if (headerVersion >= 5)
cryptoInfo->SectorSize = GetHeaderField32 (header, TC_HEADER_OFFSET_SECTOR_SIZE);
else
cryptoInfo->SectorSize = TC_SECTOR_SIZE_LEGACY;
if (cryptoInfo->SectorSize < TC_MIN_VOLUME_SECTOR_SIZE
|| cryptoInfo->SectorSize > TC_MAX_VOLUME_SECTOR_SIZE
|| cryptoInfo->SectorSize % ENCRYPTION_DATA_UNIT_SIZE != 0)
{
status = ERR_PARAMETER_INCORRECT;
goto err;
}
// Preserve scheduled header keys if requested
if (retHeaderCryptoInfo)
{
if (retInfo == NULL)
{
cryptoInfo->pkcs5 = pkcs5_prf;
cryptoInfo->noIterations = keyInfo.noIterations;
goto ret;
}
cryptoInfo = *retInfo = crypto_open ();
if (cryptoInfo == NULL)
{
status = ERR_OUTOFMEMORY;
goto err;
}
memcpy (cryptoInfo, retHeaderCryptoInfo, sizeof (*cryptoInfo));
}
// Master key data
memcpy (keyInfo.master_keydata, header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE);
memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE);
// PKCS #5
memcpy (cryptoInfo->salt, keyInfo.salt, PKCS5_SALT_SIZE);
cryptoInfo->pkcs5 = pkcs5_prf;
cryptoInfo->noIterations = keyInfo.noIterations;
// Init the cipher with the decrypted master key
status = EAInit (cryptoInfo->ea, keyInfo.master_keydata + primaryKeyOffset, cryptoInfo->ks);
if (status == ERR_CIPHER_INIT_FAILURE)
goto err;
switch (cryptoInfo->mode)
{
case LRW:
case CBC:
case INNER_CBC:
case OUTER_CBC:
// For LRW (deprecated/legacy), the tweak key
// For CBC (deprecated/legacy), the IV/whitening seed
memcpy (cryptoInfo->k2, keyInfo.master_keydata, LEGACY_VOL_IV_SIZE);
break;
default:
// The secondary master key (if cascade, multiple concatenated)
memcpy (cryptoInfo->k2, keyInfo.master_keydata + EAGetKeySize (cryptoInfo->ea), EAGetKeySize (cryptoInfo->ea));
}
if (!EAInitMode (cryptoInfo))
{
status = ERR_MODE_INIT_FAILED;
goto err;
}
status = ERR_SUCCESS;
goto ret;
}
}
}
status = ERR_PASSWORD_WRONG;
err:
if (cryptoInfo != retHeaderCryptoInfo)
{
crypto_close(cryptoInfo);
*retInfo = NULL;
}
ret:
burn (&keyInfo, sizeof (keyInfo));
burn (dk, sizeof(dk));
#ifndef DEVICE_DRIVER
VirtualUnlock (&keyInfo, sizeof (keyInfo));
VirtualUnlock (&dk, sizeof (dk));
#endif
if (encryptionThreadCount > 1)
{
TC_WAIT_EVENT (noOutstandingWorkItemEvent);
burn (keyDerivationWorkItems, sizeof (KeyDerivationWorkItem) * pkcs5PrfCount);
TCfree (keyDerivationWorkItems);
#ifndef DEVICE_DRIVER
CloseHandle (keyDerivationCompletedEvent);
CloseHandle (noOutstandingWorkItemEvent);
#endif
}
return status;
}