vck-windrv 0.0.2

Windows kernel-mode driver framework for VolumeCrypt-Kit
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252

// SPDX-FileCopyrightText: 2026 JC-Lab <joseph@jc-lab.net>
//
// SPDX-License-Identifier: Apache-2.0

//! `EncryptionEngine`: decides per-sector crypto behaviour and drives the
//! background encrypt/decrypt sweep, persisting progress via the store.

use vck_common::{
    types::VolumeState, EncryptedOffset, EncryptedOffsetStore, SectorIo, VckResult, VolumeCipher,
};

#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub enum EngineState {
    Idle,
    Encrypting,
    Decrypting,
    Paused,
}

/// Wire-compatible integer values mirror the Go SDK's `EncryptionState`.
impl EngineState {
    pub fn as_wire(self) -> i32 {
        match self {
            EngineState::Idle => 0,
            EngineState::Encrypting => 1,
            EngineState::Decrypting => 2,
            EngineState::Paused => 3,
        }
    }
}

/// A point-in-time progress snapshot returned to GET_STATUS / GET_PROGRESS.
#[derive(Debug, Clone, Copy)]
pub struct ProgressSnapshot {
    pub encrypted_sector: u64,
    pub total_sectors: u64,
    pub state: EngineState,
}

pub struct EncryptionEngine {
    /// Absolute start LBA of the data region.
    offset_sector: u64,
    /// Progress (data-region relative) + total target sectors.
    encrypted_offset: EncryptedOffset,
    state: EngineState,
}

impl EncryptionEngine {
    pub fn new(offset_sector: u64, encrypted_offset: EncryptedOffset) -> Self {
        Self {
            offset_sector,
            encrypted_offset,
            state: EngineState::Idle,
        }
    }

    /// Map an absolute LBA to a data-region relative sector, or `None` if the
    /// LBA falls in a metadata region (which must be passed through).
    ///
    /// Header regions yield `None` because `lba < offset_sector`; footer regions
    /// yield `None` because the relative sector is `>= total_sectors`.
    pub fn relative(&self, lba: u64) -> Option<u64> {
        lba.checked_sub(self.offset_sector)
            .filter(|rel| *rel < self.encrypted_offset.total_sectors)
    }

    /// Whether the (relative) sector is currently in the encrypted span.
    pub fn is_encrypted(&self, rel: u64) -> bool {
        self.encrypted_offset.is_encrypted(rel)
    }

    /// Current ciphertext boundary (data-region relative).
    pub fn encrypted_boundary(&self) -> u64 {
        self.encrypted_offset.sector
    }

    pub fn state(&self) -> EngineState {
        self.state
    }

    pub fn snapshot(&self) -> ProgressSnapshot {
        ProgressSnapshot {
            encrypted_sector: self.encrypted_offset.sector,
            total_sectors: self.encrypted_offset.total_sectors,
            state: self.state,
        }
    }

    /// Begin progressive encryption and persist the direction (so a reboot
    /// resumes encrypting). No sweep work if already fully encrypted.
    pub fn start_encrypt(&mut self, store: &dyn EncryptedOffsetStore) {
        let _ = store.store_state(VolumeState::Encrypt);
        if !self.encrypted_offset.is_fully_encrypted() {
            self.state = EngineState::Encrypting;
        } else {
            self.state = EngineState::Idle;
        }
    }

    /// Begin progressive decryption and persist the direction (so a reboot
    /// resumes decrypting). No sweep work if nothing is encrypted.
    pub fn start_decrypt(&mut self, store: &dyn EncryptedOffsetStore) {
        let _ = store.store_state(VolumeState::Decrypt);
        if self.encrypted_offset.sector > 0 {
            self.state = EngineState::Decrypting;
        } else {
            self.state = EngineState::Idle;
        }
    }

    /// Resume the sweep in the **persisted** direction after attach (e.g. the OS
    /// volume re-binding on reboot). Reads the direction the store recorded; does
    /// not re-persist it. Idle if there is nothing left to do in that direction.
    pub fn resume(&mut self, store: &dyn EncryptedOffsetStore) {
        match store.load_state().unwrap_or(VolumeState::Encrypt) {
            VolumeState::Encrypt => {
                self.state = if self.encrypted_offset.is_fully_encrypted() {
                    EngineState::Idle
                } else {
                    EngineState::Encrypting
                };
            }
            VolumeState::Decrypt => {
                self.state = if self.encrypted_offset.sector > 0 {
                    EngineState::Decrypting
                } else {
                    EngineState::Idle
                };
            }
        }
    }

    pub fn pause(&mut self) {
        if matches!(
            self.state,
            EngineState::Encrypting | EngineState::Decrypting
        ) {
            self.state = EngineState::Paused;
        }
    }

    /// Run one batch of the encrypt/decrypt sweep and persist progress.
    ///
    /// Returns `Ok(true)` if more work remains (caller should schedule another
    /// step), `Ok(false)` when the engine reached `Idle`.
    ///
    /// `io` MUST be the raw lower volume device (below this filter), so the
    /// sweep reads plaintext / writes ciphertext without re-entering the filter.
    ///
    /// CRASH-CONSISTENCY (known limitation): a batch writes the ciphertext for
    /// `[boundary, boundary+count)` and only THEN persists the new boundary. A
    /// hard crash (power loss) between those two steps leaves that batch as
    /// ciphertext on disk while the persisted boundary still marks it plaintext;
    /// on resume the sweep would re-encrypt it (double-encryption → corruption of
    /// that one batch). Eliminating this requires hotzone journaling (backing up
    /// the in-flight region so resume can redo it idempotently), which is out of
    /// scope for this sample. Graceful shutdown is handled separately by pausing
    /// the sweep (see `dispatch::pause_all_volumes`) so the boundary stops
    /// advancing before I/O is cut off.
    pub fn progress_step(
        &mut self,
        io: &dyn SectorIo,
        cipher: &dyn VolumeCipher,
        store: &dyn EncryptedOffsetStore,
        batch_sectors: u64,
    ) -> VckResult<bool> {
        match self.state {
            EngineState::Encrypting => self.encrypt_step(io, cipher, store, batch_sectors),
            EngineState::Decrypting => self.decrypt_step(io, cipher, store, batch_sectors),
            _ => Ok(false),
        }
    }

    fn encrypt_step(
        &mut self,
        io: &dyn SectorIo,
        cipher: &dyn VolumeCipher,
        store: &dyn EncryptedOffsetStore,
        batch_sectors: u64,
    ) -> VckResult<bool> {
        if self.encrypted_offset.is_fully_encrypted() {
            self.state = EngineState::Idle;
            return Ok(false);
        }
        let sector_size = io.sector_size() as usize;
        let start_rel = self.encrypted_offset.sector;
        let remaining = self.encrypted_offset.total_sectors - start_rel;
        let count = remaining.min(batch_sectors.max(1));

        let mut buf = alloc::vec![0u8; count as usize * sector_size];
        let abs = self.offset_sector + start_rel;
        crate::vck_log!("sweep: enc read abs={} count={}", abs, count);
        io.read_sectors(abs, &mut buf).map_err(|e| {
            crate::vck_log!("sweep: read err: {}", e);
            e
        })?;
        cipher.encrypt_area(&mut buf, sector_size, start_rel);
        crate::vck_log!("sweep: enc write abs={}", abs);
        io.write_sectors(abs, &buf).map_err(|e| {
            crate::vck_log!("sweep: write err: {}", e);
            e
        })?;

        self.encrypted_offset.sector += count;
        crate::vck_log!("sweep: stored boundary={}", self.encrypted_offset.sector);
        store.store(&self.encrypted_offset).map_err(|e| {
            crate::vck_log!("sweep: store err: {}", e);
            e
        })?;
        store.flush()?;

        if self.encrypted_offset.is_fully_encrypted() {
            self.state = EngineState::Idle;
            Ok(false)
        } else {
            Ok(true)
        }
    }

    fn decrypt_step(
        &mut self,
        io: &dyn SectorIo,
        cipher: &dyn VolumeCipher,
        store: &dyn EncryptedOffsetStore,
        batch_sectors: u64,
    ) -> VckResult<bool> {
        if self.encrypted_offset.sector == 0 {
            self.state = EngineState::Idle;
            return Ok(false);
        }
        let sector_size = io.sector_size() as usize;
        let count = self.encrypted_offset.sector.min(batch_sectors.max(1));
        let new_boundary = self.encrypted_offset.sector - count;

        let mut buf = alloc::vec![0u8; count as usize * sector_size];
        let abs = self.offset_sector + new_boundary;
        io.read_sectors(abs, &mut buf)?;
        cipher.decrypt_area(&mut buf, sector_size, new_boundary);
        io.write_sectors(abs, &buf)?;

        self.encrypted_offset.sector = new_boundary;
        store.store(&self.encrypted_offset)?;
        store.flush()?;

        if new_boundary == 0 {
            self.state = EngineState::Idle;
            Ok(false)
        } else {
            Ok(true)
        }
    }
}