--- truecrypt/driver/encryptedioqueue.c 2018/04/24 16:52:58 1.1.1.4 +++ truecrypt/driver/encryptedioqueue.c 2018/04/24 16:59:51 1.1.1.7 @@ -1,7 +1,7 @@ /* Copyright (c) 2008 TrueCrypt Foundation. All rights reserved. - Governed by the TrueCrypt License 2.4 the full text of which is contained + Governed by the TrueCrypt License 2.6 the full text of which is contained in the file License.txt included in TrueCrypt binary and source code distribution packages. */ @@ -9,7 +9,10 @@ #include "TCdefs.h" #include "Apidrvr.h" #include "Ntdriver.h" +#include "DriveFilter.h" #include "EncryptedIoQueue.h" +#include "EncryptionThreadPool.h" +#include "Volumes.h" static void DecrementOutstandingIoCount (EncryptedIoQueue *queue) @@ -19,7 +22,7 @@ static void DecrementOutstandingIoCount } -static void OnItemCompleted (EncryptedIoQueueItem *item) +static void OnItemCompleted (EncryptedIoQueueItem *item, BOOL freeItem) { DecrementOutstandingIoCount (item->Queue); @@ -34,15 +37,20 @@ static void OnItemCompleted (EncryptedIo item->Queue->TotalBytesRead += item->OriginalLength; } - TCfree (item); + if (freeItem) + TCfree (item); } static NTSTATUS CompleteOriginalIrp (EncryptedIoQueueItem *item, NTSTATUS status, ULONG_PTR information) { //Dump ("Queue comp offset=%I64d status=%x info=%p out=%d\n", item->OriginalOffset, status, information, item->Queue->OutstandingIoCount - 1); + TCCompleteDiskIrp (item->OriginalIrp, status, information); - OnItemCompleted (item); + + item->Status = status; + OnItemCompleted (item, TRUE); + return status; } @@ -89,6 +97,9 @@ static VOID CompletionThreadProc (PVOID EncryptedIoRequest *request; UINT64_STRUCT dataUnit; + if (IsEncryptionThreadPoolRunning()) + KeSetPriorityThread (KeGetCurrentThread(), LOW_REALTIME_PRIORITY); + while (!queue->ThreadExitRequested) { if (!NT_SUCCESS (KeWaitForSingleObject (&queue->CompletionThreadQueueNotEmptyEvent, Executive, KernelMode, FALSE, NULL))) @@ -108,6 +119,8 @@ static VOID CompletionThreadProc (PVOID if (queue->CryptoInfo->bPartitionInInactiveSysEncScope) dataUnit.Value += queue->CryptoInfo->FirstDataUnitNo.Value; + else if (queue->RemapEncryptedArea) + dataUnit.Value += queue->RemappedAreaDataUnitOffset; DecryptDataUnits (request->Data + request->EncryptedOffset, &dataUnit, request->EncryptedLength / ENCRYPTION_DATA_UNIT_SIZE, queue->CryptoInfo); } @@ -139,6 +152,15 @@ static VOID IoThreadProc (PVOID threadAr KeSetPriorityThread (KeGetCurrentThread(), LOW_REALTIME_PRIORITY); + if (!queue->IsFilterDevice && queue->SecurityClientContext) + { +#ifdef DEBUG + NTSTATUS status = +#endif + SeImpersonateClientEx (queue->SecurityClientContext, NULL); + ASSERT (NT_SUCCESS (status)); + } + while (!queue->ThreadExitRequested) { if (!NT_SUCCESS (KeWaitForSingleObject (&queue->IoThreadQueueNotEmptyEvent, Executive, KernelMode, FALSE, NULL))) @@ -156,10 +178,67 @@ static VOID IoThreadProc (PVOID threadAr { if (queue->IsFilterDevice) { - if (request->Item->Write) - request->Item->Status = TCWriteDevice (queue->LowerDeviceObject, request->Data, request->Offset, request->Length); + if (queue->RemapEncryptedArea && request->EncryptedLength > 0) + { + if (request->EncryptedLength != request->Length) + { + // Up to three subfragments may be required to handle a partially remapped fragment + int subFragment; + byte *subFragmentData = request->Data; + + for (subFragment = 0 ; subFragment < 3; ++subFragment) + { + LARGE_INTEGER subFragmentOffset; + ULONG subFragmentLength; + subFragmentOffset.QuadPart = request->Offset.QuadPart; + + switch (subFragment) + { + case 0: + subFragmentLength = (ULONG) request->EncryptedOffset; + break; + + case 1: + subFragmentOffset.QuadPart += request->EncryptedOffset + queue->RemappedAreaOffset; + subFragmentLength = request->EncryptedLength; + break; + + case 2: + subFragmentOffset.QuadPart += request->EncryptedOffset + request->EncryptedLength; + subFragmentLength = (ULONG) (request->Length - (request->EncryptedOffset + request->EncryptedLength)); + break; + } + + if (subFragmentLength > 0) + { + if (request->Item->Write) + request->Item->Status = TCWriteDevice (queue->LowerDeviceObject, subFragmentData, subFragmentOffset, subFragmentLength); + else + request->Item->Status = TCReadDevice (queue->LowerDeviceObject, subFragmentData, subFragmentOffset, subFragmentLength); + + subFragmentData += subFragmentLength; + } + } + } + else + { + // Remap the fragment + LARGE_INTEGER remappedOffset; + remappedOffset.QuadPart = request->Offset.QuadPart + queue->RemappedAreaOffset; + + if (request->Item->Write) + request->Item->Status = TCWriteDevice (queue->LowerDeviceObject, request->Data, remappedOffset, request->Length); + else + request->Item->Status = TCReadDevice (queue->LowerDeviceObject, request->Data, remappedOffset, request->Length); + } + } else - request->Item->Status = TCReadDevice (queue->LowerDeviceObject, request->Data, request->Offset, request->Length); + { + if (request->Item->Write) + request->Item->Status = TCWriteDevice (queue->LowerDeviceObject, request->Data, request->Offset, request->Length); + else + request->Item->Status = TCReadDevice (queue->LowerDeviceObject, request->Data, request->Offset, request->Length); + } } else { @@ -169,6 +248,9 @@ static VOID IoThreadProc (PVOID threadAr request->Item->Status = ZwWriteFile (queue->HostFileHandle, NULL, NULL, NULL, &ioStatus, request->Data, request->Length, &request->Offset, NULL); else request->Item->Status = ZwReadFile (queue->HostFileHandle, NULL, NULL, NULL, &ioStatus, request->Data, request->Length, &request->Offset, NULL); + + if (NT_SUCCESS (request->Item->Status) && ioStatus.Information != request->Length) + request->Item->Status = STATUS_END_OF_FILE; } } @@ -192,10 +274,7 @@ static VOID IoThreadProc (PVOID threadAr else { if (NT_SUCCESS (request->Item->Status)) - { - // Copy fragment to original IRP buffer memcpy (request->OrigDataBufferFragment, request->Data, request->Length); - } ReleaseFragmentBuffer (queue, request->Data); request->Data = request->OrigDataBufferFragment; @@ -215,7 +294,7 @@ static NTSTATUS OnPassedIrpCompleted (PD if (irp->PendingReturned) IoMarkIrpPending (irp); - OnItemCompleted (item); + OnItemCompleted (item, TRUE); return STATUS_CONTINUE_COMPLETION; } @@ -234,6 +313,13 @@ static VOID MainThreadProc (PVOID thread uint64 intersectStart; uint32 intersectLength; + int mdlWaitTime; + LARGE_INTEGER mdlWaitInterval; + mdlWaitInterval.QuadPart = TC_ENC_IO_QUEUE_MEM_ALLOC_RETRY_DELAY * -10000; + + if (IsEncryptionThreadPoolRunning()) + KeSetPriorityThread (KeGetCurrentThread(), LOW_REALTIME_PRIORITY); + while (!queue->ThreadExitRequested) { if (!NT_SUCCESS (KeWaitForSingleObject (&queue->MainThreadQueueNotEmptyEvent, Executive, KernelMode, FALSE, NULL))) @@ -241,26 +327,110 @@ static VOID MainThreadProc (PVOID thread while ((listEntry = ExInterlockedRemoveHeadList (&queue->MainThreadQueue, &queue->MainThreadQueueLock))) { - item = CONTAINING_RECORD (listEntry, EncryptedIoQueueItem, ListEntry); - + PIRP irp = CONTAINING_RECORD (listEntry, IRP, Tail.Overlay.ListEntry); + PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (irp); + if (queue->Suspended) - { KeWaitForSingleObject (&queue->QueueResumedEvent, Executive, KernelMode, FALSE, NULL); + + item = AllocateMemoryWithTimeout (sizeof (EncryptedIoQueueItem), TC_ENC_IO_QUEUE_MEM_ALLOC_RETRY_DELAY, TC_ENC_IO_QUEUE_MEM_ALLOC_TIMEOUT); + if (!item) + { + EncryptedIoQueueItem stackItem; + stackItem.Queue = queue; + stackItem.OriginalIrp = irp; + stackItem.Status = STATUS_INSUFFICIENT_RESOURCES; + + TCCompleteDiskIrp (irp, STATUS_INSUFFICIENT_RESOURCES, 0); + OnItemCompleted (&stackItem, FALSE); + continue; } - - IoSetCancelRoutine (item->OriginalIrp, NULL); - if (item->OriginalIrp->Cancel) + + item->Queue = queue; + item->OriginalIrp = irp; + item->OutstandingRequestCount = 0; + item->Status = STATUS_SUCCESS; + + IoSetCancelRoutine (irp, NULL); + if (irp->Cancel) { CompleteOriginalIrp (item, STATUS_CANCELLED, 0); continue; } + switch (irpSp->MajorFunction) + { + case IRP_MJ_READ: + item->Write = FALSE; + item->OriginalOffset = irpSp->Parameters.Read.ByteOffset; + item->OriginalLength = irpSp->Parameters.Read.Length; + break; + + case IRP_MJ_WRITE: + item->Write = TRUE; + item->OriginalOffset = irpSp->Parameters.Write.ByteOffset; + item->OriginalLength = irpSp->Parameters.Write.Length; + break; + + default: + CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0); + continue; + } + // Pass the IRP if the drive is not encrypted if (queue->IsFilterDevice && (queue->EncryptedAreaStart == -1 || queue->EncryptedAreaEnd == -1)) { - IoCopyCurrentIrpStackLocationToNext (item->OriginalIrp); - IoSetCompletionRoutine (item->OriginalIrp, OnPassedIrpCompleted, item, TRUE, TRUE, TRUE); - IoCallDriver (queue->LowerDeviceObject, item->OriginalIrp); + IoCopyCurrentIrpStackLocationToNext (irp); + IoSetCompletionRoutine (irp, OnPassedIrpCompleted, item, TRUE, TRUE, TRUE); + IoCallDriver (queue->LowerDeviceObject, irp); + continue; + } + + // Handle misaligned reads to support Windows System Assessment Tool which reads from disk devices at offsets not aligned on sector boundaries + if (queue->IsFilterDevice + && !item->Write + && item->OriginalLength > 0 + && (item->OriginalLength & (ENCRYPTION_DATA_UNIT_SIZE - 1)) == 0 + && (item->OriginalOffset.QuadPart & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0) + { + byte *buffer; + ULONG alignedLength = item->OriginalLength + ENCRYPTION_DATA_UNIT_SIZE; + LARGE_INTEGER alignedOffset; + alignedOffset.QuadPart = item->OriginalOffset.QuadPart & ~((LONGLONG) ENCRYPTION_DATA_UNIT_SIZE - 1); + + buffer = TCalloc (alignedLength); + if (!buffer) + { + CompleteOriginalIrp (item, STATUS_INSUFFICIENT_RESOURCES, 0); + continue; + } + + item->Status = TCReadDevice (queue->LowerDeviceObject, buffer, alignedOffset, alignedLength); + + if (NT_SUCCESS (item->Status)) + { + UINT64_STRUCT dataUnit; + + dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, HighPagePriority); + if (!dataBuffer) + { + TCfree (buffer); + CompleteOriginalIrp (item, STATUS_INSUFFICIENT_RESOURCES, 0); + continue; + } + + GetIntersection (alignedOffset.QuadPart, alignedLength, queue->EncryptedAreaStart, queue->EncryptedAreaEnd, &intersectStart, &intersectLength); + if (intersectLength > 0) + { + dataUnit.Value = intersectStart / ENCRYPTION_DATA_UNIT_SIZE; + DecryptDataUnits (buffer + (intersectStart - alignedOffset.QuadPart), &dataUnit, intersectLength / ENCRYPTION_DATA_UNIT_SIZE, queue->CryptoInfo); + } + + memcpy (dataBuffer, buffer + (item->OriginalOffset.LowPart & (ENCRYPTION_DATA_UNIT_SIZE - 1)), item->OriginalLength); + } + + TCfree (buffer); + CompleteOriginalIrp (item, item->Status, NT_SUCCESS (item->Status) ? item->OriginalLength : 0); continue; } @@ -274,6 +444,8 @@ static VOID MainThreadProc (PVOID thread continue; } + //Dump ("--- Queue %c %I64d (%I64d) %d out=%d\n", item->Write ? 'W' : 'R', item->OriginalOffset.QuadPart, item->OriginalOffset.QuadPart / 1024 / 1024, item->OriginalLength, queue->OutstandingIoCount); + if (!queue->IsFilterDevice) { // Adjust the offset for host file or device @@ -300,8 +472,9 @@ static VOID MainThreadProc (PVOID thread if (RegionsOverlap ((unsigned __int64) item->OriginalOffset.QuadPart, (unsigned __int64) item->OriginalOffset.QuadPart + item->OriginalLength - 1, queue->CryptoInfo->hiddenVolumeOffset, - (unsigned __int64) queue->VirtualDeviceLength + queue->CryptoInfo->volDataAreaOffset - (HIDDEN_VOL_HEADER_OFFSET - HEADER_SIZE) - 1)) + (unsigned __int64) queue->CryptoInfo->hiddenVolumeOffset + queue->CryptoInfo->hiddenVolumeProtectedSize - 1)) { + Dump ("Hidden volume protection triggered: write %I64d-%I64d (protected %I64d-%I64d)\n", item->OriginalOffset.QuadPart, item->OriginalOffset.QuadPart + item->OriginalLength - 1, queue->CryptoInfo->hiddenVolumeOffset, queue->CryptoInfo->hiddenVolumeOffset + queue->CryptoInfo->hiddenVolumeProtectedSize - 1); queue->CryptoInfo->bHiddenVolProtectionAction = TRUE; // Deny this write operation to prevent the hidden volume from being overwritten @@ -310,11 +483,28 @@ static VOID MainThreadProc (PVOID thread } } } - - //Dump ("--- Queue %c %I64d (%I64d) %d out=%d\n", item->Write ? 'W' : 'R', item->OriginalOffset.QuadPart, item->OriginalOffset.QuadPart / 1024 / 1024, item->OriginalLength, queue->OutstandingIoCount); + else if (item->Write && IsHiddenSystemRunning() + && (RegionsOverlap (item->OriginalOffset.QuadPart, item->OriginalOffset.QuadPart + item->OriginalLength - 1, SECTOR_SIZE, TC_BOOT_LOADER_AREA_SECTOR_COUNT * SECTOR_SIZE - 1) + || RegionsOverlap (item->OriginalOffset.QuadPart, item->OriginalOffset.QuadPart + item->OriginalLength - 1, GetBootDriveLength(), _I64_MAX))) + { + Dump ("Preventing write to boot loader or host protected area\n"); + CompleteOriginalIrp (item, STATUS_MEDIA_WRITE_PROTECTED, 0); + continue; + } // Original IRP data buffer - dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (item->OriginalIrp->MdlAddress, HighPagePriority); + mdlWaitTime = 0; + while (TRUE) + { + dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, HighPagePriority); + + if (dataBuffer || mdlWaitTime >= TC_ENC_IO_QUEUE_MEM_ALLOC_TIMEOUT) + break; + + KeDelayExecutionThread (KernelMode, FALSE, &mdlWaitInterval); + mdlWaitTime += TC_ENC_IO_QUEUE_MEM_ALLOC_RETRY_DELAY; + } + if (dataBuffer == NULL) { CompleteOriginalIrp (item, STATUS_INSUFFICIENT_RESOURCES, 0); @@ -334,7 +524,7 @@ static VOID MainThreadProc (PVOID thread activeFragmentBuffer = (activeFragmentBuffer == queue->FragmentBufferA ? queue->FragmentBufferB : queue->FragmentBufferA); // Create IO request - request = (EncryptedIoRequest *) TCalloc (sizeof (EncryptedIoRequest)); + request = (EncryptedIoRequest *) AllocateMemoryWithTimeout (sizeof (EncryptedIoRequest), TC_ENC_IO_QUEUE_MEM_ALLOC_RETRY_DELAY, TC_ENC_IO_QUEUE_MEM_ALLOC_TIMEOUT); if (!request) { while (InterlockedExchangeAdd (&item->OutstandingRequestCount, 0) > 0) @@ -381,7 +571,9 @@ static VOID MainThreadProc (PVOID thread if (queue->CryptoInfo->bPartitionInInactiveSysEncScope) dataUnit.Value += queue->CryptoInfo->FirstDataUnitNo.Value; - + else if (queue->RemapEncryptedArea) + dataUnit.Value += queue->RemappedAreaDataUnitOffset; + EncryptDataUnits (activeFragmentBuffer + request->EncryptedOffset, &dataUnit, request->EncryptedLength / ENCRYPTION_DATA_UNIT_SIZE, queue->CryptoInfo); } } @@ -408,8 +600,6 @@ static VOID MainThreadProc (PVOID thread NTSTATUS EncryptedIoQueueAddIrp (EncryptedIoQueue *queue, PIRP irp) { - EncryptedIoQueueItem *item; - PIO_STACK_LOCATION origIrpSp = IoGetCurrentIrpStackLocation (irp); NTSTATUS status; InterlockedIncrement (&queue->OutstandingIoCount); @@ -427,45 +617,10 @@ NTSTATUS EncryptedIoQueueAddIrp (Encrypt goto err; } - item = TCalloc (sizeof (EncryptedIoQueueItem)); - if (!item) - { - status = STATUS_INSUFFICIENT_RESOURCES; - goto err; - } - - memset (item, 0, sizeof (EncryptedIoQueueItem)); - - switch (origIrpSp->MajorFunction) - { - case IRP_MJ_READ: - item->Write = FALSE; - item->OriginalOffset = origIrpSp->Parameters.Read.ByteOffset; - item->OriginalLength = origIrpSp->Parameters.Read.Length; - break; - - case IRP_MJ_WRITE: - item->Write = TRUE; - item->OriginalOffset = origIrpSp->Parameters.Write.ByteOffset; - item->OriginalLength = origIrpSp->Parameters.Write.Length; - break; - - default: - TCfree (item); - status = STATUS_INVALID_PARAMETER; - goto err; - } - - item->Queue = queue; - item->OriginalIrp = irp; - item->OutstandingRequestCount = 0; - item->Status = STATUS_SUCCESS; - + //Dump ("Queue irp %p out=%d\n", irp, queue->OutstandingIoCount); IoMarkIrpPending (irp); - //Dump ("Queue add %I64d %I64d out=%d\n", item->OriginalOffset, item->OriginalLength, queue->OutstandingIoCount); - - ExInterlockedInsertTailList (&queue->MainThreadQueue, &item->ListEntry, &queue->MainThreadQueueLock); + ExInterlockedInsertTailList (&queue->MainThreadQueue, &irp->Tail.Overlay.ListEntry, &queue->MainThreadQueueLock); KeSetEvent (&queue->MainThreadQueueNotEmptyEvent, IO_DISK_INCREMENT, FALSE); return STATUS_PENDING; @@ -497,6 +652,10 @@ NTSTATUS EncryptedIoQueueHoldWhenIdle (E if (!NT_SUCCESS (status)) return status; + + TCSleep (1); + if (InterlockedExchangeAdd (&queue->OutstandingIoCount, 0) > 0) + return STATUS_UNSUCCESSFUL; } KeClearEvent (&queue->QueueResumedEvent); @@ -542,7 +701,7 @@ NTSTATUS EncryptedIoQueueResumeFromHold } -NTSTATUS EncryptedIoQueueStart (EncryptedIoQueue *queue, PEPROCESS process) +NTSTATUS EncryptedIoQueueStart (EncryptedIoQueue *queue) { NTSTATUS status; queue->ThreadExitRequested = FALSE; @@ -576,7 +735,7 @@ NTSTATUS EncryptedIoQueueStart (Encrypte KeInitializeSpinLock (&queue->IoThreadQueueLock); KeInitializeEvent (&queue->IoThreadQueueNotEmptyEvent, SynchronizationEvent, FALSE); - status = TCStartThreadInProcess (IoThreadProc, queue, &queue->IoThread, process); + status = TCStartThread (IoThreadProc, queue, &queue->IoThread); if (!NT_SUCCESS (status)) { queue->ThreadExitRequested = TRUE;