Windows: Block Windows from resizing system partition if it is encrypted. This avoid issues during Windows Upgrade that sometimes resizes system partition which create problems if it is encrypted by VeraCrypt

author: Mounir IDRASSI <mounir.idrassi@idrix.fr> 2021-02-27 23:05:40 +0100
committer: Mounir IDRASSI <mounir.idrassi@idrix.fr> 2021-02-27 23:07:10 +0100
commit: c6d63e9365a3c591e6451aeeb049c24de12649bf (patch)
tree: 9763159e3c6458b823e113a591001e387a1c6654 /src/Driver
parent: c1e81d96924e5e68257f67b65f1dda72e0103bdc (diff)
download: VeraCrypt-c6d63e9365a3c591e6451aeeb049c24de12649bf.tar.gz
VeraCrypt-c6d63e9365a3c591e6451aeeb049c24de12649bf.zip
3 files changed, 45 insertions, 18 deletions
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c
index 740ce949..4afb692b 100644
--- a/src/Driver/DriveFilter.c
+++ b/src/Driver/DriveFilter.c
@@ -1046,6 +1046,11 @@ static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFil
 				}
 			}
 			break;
+		case IOCTL_DISK_GROW_PARTITION:
+			Dump ("DriverFilter-DispatchControl: IOCTL_DISK_GROW_PARTITION blocked\n");
+			IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
+			return TCCompleteDiskIrp (Irp, STATUS_UNSUCCESSFUL, 0);
+			break;
 	}
 
 	status = PassIrp (Extension->LowerDeviceObject, Irp);
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c
index a5ef2472..2d025fa5 100644
--- a/src/Driver/Ntdriver.c
+++ b/src/Driver/Ntdriver.c
@@ -3381,6 +3381,8 @@ LPWSTR TCTranslateCode (ULONG ulCode)
 		return (LPWSTR) _T ("IOCTL_STORAGE_CHECK_PRIORITY_HINT_SUPPORT");
 	else if (ulCode == IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES)
 		return (LPWSTR) _T ("IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES");
+	else if (ulCode == IOCTL_DISK_GROW_PARTITION)
+		return (LPWSTR) _T ("IOCTL_DISK_GROW_PARTITION");
 	else if (ulCode == IRP_MJ_READ)
 		return (LPWSTR) _T ("IRP_MJ_READ");
 	else if (ulCode == IRP_MJ_WRITE)
diff --git a/src/Driver/VolumeFilter.c b/src/Driver/VolumeFilter.c
index 14e496bc..29d02673 100644
--- a/src/Driver/VolumeFilter.c
+++ b/src/Driver/VolumeFilter.c
@@ -125,6 +125,32 @@ static NTSTATUS OnStartDeviceCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP
 	return STATUS_CONTINUE_COMPLETION;
 }
 
+static BOOL IsSystemVolumePartition (VolumeFilterExtension *Extension)
+{
+	NTSTATUS status;
+	BOOL bRet = FALSE;
+	DriveFilterExtension *bootDriveExtension = GetBootDriveFilterExtension();
+	STORAGE_DEVICE_NUMBER storageDeviceNumber;
+
+	if (!bootDriveExtension->SystemStorageDeviceNumberValid)
+		TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
+
+	status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber));
+
+	if (NT_SUCCESS (status) && bootDriveExtension->SystemStorageDeviceNumber == storageDeviceNumber.DeviceNumber)
+	{
+		PARTITION_INFORMATION_EX partition;
+		status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &partition, sizeof (partition));
+
+		if (NT_SUCCESS (status) && partition.StartingOffset.QuadPart == bootDriveExtension->ConfiguredEncryptedAreaStart)
+		{
+			bRet = TRUE;
+		}
+	}
+
+	return bRet;
+}
+
 
 static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp)
 {
@@ -139,25 +165,10 @@ static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFi
 		case IOCTL_DISK_IS_WRITABLE:
 			{
 				// All volumes except the system volume must be read-only
-
-				DriveFilterExtension *bootDriveExtension = GetBootDriveFilterExtension();
-				STORAGE_DEVICE_NUMBER storageDeviceNumber;
-
-				if (!bootDriveExtension->SystemStorageDeviceNumberValid)
-					TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
-
-				status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber));
-
-				if (NT_SUCCESS (status) && bootDriveExtension->SystemStorageDeviceNumber == storageDeviceNumber.DeviceNumber)
+				if (IsSystemVolumePartition(Extension))
 				{
-					PARTITION_INFORMATION_EX partition;
-					status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &partition, sizeof (partition));
-
-					if (NT_SUCCESS (status) && partition.StartingOffset.QuadPart == bootDriveExtension->ConfiguredEncryptedAreaStart)
-					{
-						IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
-						return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0);
-					}
+					IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
+					return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0);
 				}
 
 				IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
@@ -194,6 +205,15 @@ static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFi
 
 			IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
 			return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0);
+
+		case IOCTL_DISK_GROW_PARTITION:
+			if (IsSystemVolumePartition(Extension))
+			{
+				Dump ("VolumeFilter-DispatchControl: IOCTL_DISK_GROW_PARTITION blocked\n");
+				IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
+				return TCCompleteDiskIrp (Irp, STATUS_UNSUCCESSFUL, 0);
+			}
+			break;
 		}
 	}
author	Mounir IDRASSI <mounir.idrassi@idrix.fr>	2021-02-27 23:05:40 +0100
committer	Mounir IDRASSI <mounir.idrassi@idrix.fr>	2021-02-27 23:07:10 +0100
commit	c6d63e9365a3c591e6451aeeb049c24de12649bf (patch)
tree	9763159e3c6458b823e113a591001e387a1c6654 /src/Driver
parent	c1e81d96924e5e68257f67b65f1dda72e0103bdc (diff)
download	VeraCrypt-c6d63e9365a3c591e6451aeeb049c24de12649bf.tar.gz VeraCrypt-c6d63e9365a3c591e6451aeeb049c24de12649bf.zip