Skip to content

Commit 17ad739

Browse files
idrassiidrassi
committed
Windows: better handling of reading EFI variable to display help error messages in case of failure.
Now we accept the possibility of BootOrder EFI variable to be empty in order to try to solve issues on some PCs.
1 parent ae65707 commit 17ad739

File tree

1 file changed

+44
-4
lines changed

1 file changed

+44
-4
lines changed

src/Common/BootEncryption.cpp

Lines changed: 44 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -2640,10 +2640,27 @@ namespace VeraCrypt
26402640
}
26412641

26422642
void EfiBoot::DeleteStartExec(uint16 statrtOrderNum, wchar_t* type) {
2643-
SetPrivilege(SE_SYSTEM_ENVIRONMENT_NAME, TRUE);
2643+
DWORD dwLastError;
2644+
BOOL bPrivilegesSet = IsPrivilegeEnabled (SE_SYSTEM_ENVIRONMENT_NAME);
2645+
if (!bPrivilegesSet && !SetPrivilege(SE_SYSTEM_ENVIRONMENT_NAME, TRUE))
2646+
{
2647+
dwLastError = GetLastError();
2648+
wchar_t szMsg[128];
2649+
StringCbPrintfW(szMsg, ARRAYSIZE(szMsg), L"Failed to set SE_SYSTEM_ENVIRONMENT_NAME privilege (error code 0x.8X)", dwLastError);
2650+
throw ErrorException(szMsg, SRC_POS);
2651+
}
26442652
// Check EFI
26452653
if (!IsEfiBoot()) {
2646-
throw ErrorException(L"can not detect EFI environment", SRC_POS);
2654+
dwLastError = GetLastError();
2655+
if (dwLastError != ERROR_SUCCESS)
2656+
{
2657+
if (!bPrivilegesSet)
2658+
SetPrivilege(SE_SYSTEM_ENVIRONMENT_NAME, FALSE);
2659+
// format message to append the error code to the exception message
2660+
wchar_t szMsg[128];
2661+
StringCbPrintfW(szMsg, ARRAYSIZE(szMsg), L"Failed to detect EFI environment (error code 0x.8X)", dwLastError);
2662+
throw ErrorException(szMsg, SRC_POS);
2663+
}
26472664
}
26482665
wchar_t varName[256];
26492666
StringCchPrintfW(varName, ARRAYSIZE (varName), L"%s%04X", type == NULL ? L"Boot" : type, statrtOrderNum);
@@ -2686,13 +2703,33 @@ namespace VeraCrypt
26862703
SetFirmwareEnvironmentVariable(next.c_str(), EfiVarGuid, startOrder, 0);
26872704
}
26882705
}
2706+
2707+
if (!bPrivilegesSet)
2708+
SetPrivilege(SE_SYSTEM_ENVIRONMENT_NAME, FALSE);
26892709
}
26902710

26912711
void EfiBoot::SetStartExec(wstring description, wstring execPath, bool setBootEntry, bool forceFirstBootEntry, bool setBootNext, uint16 statrtOrderNum , wchar_t* type, uint32 attr) {
2692-
SetPrivilege(SE_SYSTEM_ENVIRONMENT_NAME, TRUE);
2712+
DWORD dwLastError;
2713+
BOOL bPrivilegesSet = IsPrivilegeEnabled (SE_SYSTEM_ENVIRONMENT_NAME);
2714+
if (!bPrivilegesSet && !SetPrivilege(SE_SYSTEM_ENVIRONMENT_NAME, TRUE))
2715+
{
2716+
dwLastError = GetLastError();
2717+
wchar_t szMsg[128];
2718+
StringCbPrintfW(szMsg, ARRAYSIZE(szMsg), L"Failed to set SE_SYSTEM_ENVIRONMENT_NAME privilege (error code 0x.8X)", dwLastError);
2719+
throw ErrorException(szMsg, SRC_POS);
2720+
}
26932721
// Check EFI
26942722
if (!IsEfiBoot()) {
2695-
throw ErrorException(L"can not detect EFI environment", SRC_POS);
2723+
dwLastError = GetLastError();
2724+
if (dwLastError != ERROR_SUCCESS)
2725+
{
2726+
if (!bPrivilegesSet)
2727+
SetPrivilege(SE_SYSTEM_ENVIRONMENT_NAME, FALSE);
2728+
// format message to append the error code to the exception message
2729+
wchar_t szMsg[1024];
2730+
StringCbPrintfW(szMsg, ARRAYSIZE(szMsg), L"Failed to detect EFI environment (error code 0x.8X)", dwLastError);
2731+
throw ErrorException(szMsg, SRC_POS);
2732+
}
26962733
}
26972734

26982735
if (bDeviceInfoValid)
@@ -2866,6 +2903,9 @@ namespace VeraCrypt
28662903
SetFirmwareEnvironmentVariable(next.c_str(), EfiVarGuid, &statrtOrderNum, 2);
28672904

28682905
}
2906+
2907+
if (!bPrivilegesSet)
2908+
SetPrivilege(SE_SYSTEM_ENVIRONMENT_NAME, FALSE);
28692909
}
28702910

28712911
bool EfiBoot::CompareFiles (const wchar_t* fileName1, const wchar_t* fileName2)

0 commit comments

Comments
 (0)