diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2018-08-23 20:57:00 +0200 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2018-08-24 00:49:59 +0200 |
commit | 7cbe6b71e50b535d40336385600139cf2f8524ba (patch) | |
tree | 3b34de9c4744e143be5bc5150eeac630f0280857 /src | |
parent | f5a765e86088eb90c4392e43ad8a3c27bfa814cc (diff) | |
download | VeraCrypt-7cbe6b71e50b535d40336385600139cf2f8524ba.tar.gz VeraCrypt-7cbe6b71e50b535d40336385600139cf2f8524ba.zip |
Windows: implement a driver configuration option to explicitly allow defragmenting non-système disques by Windows built-in defragmenter tool.
Diffstat (limited to 'src')
-rw-r--r-- | src/Common/Apidrvr.h | 1 | ||||
-rw-r--r-- | src/Common/Language.xml | 8 | ||||
-rw-r--r-- | src/Driver/Ntdriver.c | 4 | ||||
-rw-r--r-- | src/Driver/Ntdriver.h | 1 | ||||
-rw-r--r-- | src/Mount/Mount.c | 21 | ||||
-rw-r--r-- | src/Mount/Mount.rc | 14 | ||||
-rw-r--r-- | src/Mount/Resource.h | 3 |
7 files changed, 41 insertions, 11 deletions
diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h index 1230fc43..2c436bf9 100644 --- a/src/Common/Apidrvr.h +++ b/src/Common/Apidrvr.h @@ -412,5 +412,6 @@ typedef struct #define TC_DRIVER_CONFIG_CACHE_BOOT_PIM 0x40 #define VC_DRIVER_CONFIG_ALLOW_NONSYS_TRIM 0x80 #define VC_DRIVER_CONFIG_BLOCK_SYS_TRIM 0x100 +#define VC_DRIVER_CONFIG_ALLOW_WINDOWS_DEFRAG 0x200 #endif /* _WIN32 */ diff --git a/src/Common/Language.xml b/src/Common/Language.xml index 9c0e4fae..88b5e0fd 100644 --- a/src/Common/Language.xml +++ b/src/Common/Language.xml @@ -1421,10 +1421,12 @@ <entry lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</entry> <entry lang="en" key="WINDOWS_EFI_BOOT_LOADER_MISSING">ERROR: Windows EFI system loader could not be located on the disk. Operation will be aborted.</entry> <entry lang="en" key="SYSENC_EFI_UNSUPPORTED_SECUREBOOT">It is currently not possible to encrypt a system if SecureBoot is enabled and if VeraCrypt custom keys are not loaded into the machine firmware. SecureBoot needs to be disabled in the BIOS configuration in order to allow system encryption to proceed.</entry> - <entry lang="en" key="PASSWORD_PASTED_TRUNCATED">Pasted text truncated because the password maximum length is 64 characters</entry> - <entry lang="en" key="PASSWORD_MAXLENGTH_REACHED">Password already reached its maximum length of 64 characters.\nNo additional character is allowed.</entry> - <entry lang="en" key="IDC_SELECT_LANGUAGE_LABEL">Select the language to use during the installation:</entry> + <entry lang="en" key="PASSWORD_PASTED_TRUNCATED">Pasted text truncated because the password maximum length is 64 characters</entry> + <entry lang="en" key="PASSWORD_MAXLENGTH_REACHED">Password already reached its maximum length of 64 characters.\nNo additional character is allowed.</entry> + <entry lang="en" key="IDC_SELECT_LANGUAGE_LABEL">Select the language to use during the installation:</entry> <entry lang="en" key="VOLUME_TOO_LARGE_FOR_HOST">ERROR: The size of the file container is larger than the available free space on disk.</entry> + <entry lang="en" key="IDC_ALLOW_WINDOWS_DEFRAG">Allow Windows Disk Defragmenter to defragment non-system partition/drive</entry> + <entry lang="en" key="CONFIRM_ALLOW_WINDOWS_DEFRAG">WARNING: Defragmenting non-system partitions/drives may leak metadata about their content or cause issues with hidden volumes they may contain.\n\nContinue?</entry> </localization> <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="VeraCrypt"> diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c index 6e774724..e8fb2824 100644 --- a/src/Driver/Ntdriver.c +++ b/src/Driver/Ntdriver.c @@ -129,6 +129,7 @@ BOOL CacheBootPassword = FALSE; BOOL CacheBootPim = FALSE; BOOL NonAdminSystemFavoritesAccessDisabled = FALSE; BOOL BlockSystemTrimCommand = FALSE; +BOOL AllowWindowsDefrag = FALSE; static size_t EncryptionThreadPoolFreeCpuCountLimit = 0; static BOOL SystemFavoriteVolumeDirty = FALSE; static BOOL PagingFileCreationPrevented = FALSE; @@ -1265,7 +1266,7 @@ NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Dump ("ProcessVolumeDeviceControlIrp (IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS)\n"); // Vista's and Windows 10 filesystem defragmenter fails if IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS does not succeed. if (!(OsMajorVersion == 6 && OsMinorVersion == 0) - && !(OsMajorVersion == 10 && EnableExtendedIoctlSupport && Extension->bRawDevice) + && !(OsMajorVersion == 10 && AllowWindowsDefrag && Extension->bRawDevice) ) { Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST; @@ -4249,6 +4250,7 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry) EnableExtendedIoctlSupport = (flags & TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL)? TRUE : FALSE; AllowTrimCommand = (flags & VC_DRIVER_CONFIG_ALLOW_NONSYS_TRIM)? TRUE : FALSE; + AllowWindowsDefrag = (flags & VC_DRIVER_CONFIG_ALLOW_WINDOWS_DEFRAG)? TRUE : FALSE; } else status = STATUS_INVALID_PARAMETER; diff --git a/src/Driver/Ntdriver.h b/src/Driver/Ntdriver.h index b679952a..2479d45b 100644 --- a/src/Driver/Ntdriver.h +++ b/src/Driver/Ntdriver.h @@ -124,6 +124,7 @@ extern BOOL VolumeClassFilterRegistered; extern BOOL CacheBootPassword; extern BOOL CacheBootPim; extern BOOL BlockSystemTrimCommand; +extern BOOL AllowWindowsDefrag; /* Helper macro returning x seconds in units of 100 nanoseconds */ #define WAIT_SECONDS(x) ((x)*10000000) diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index 1d80e030..aefafe94 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -10856,6 +10856,16 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM CheckDlgButton (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION, (driverConfig & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? BST_UNCHECKED : BST_CHECKED); CheckDlgButton (hwndDlg, IDC_ENABLE_EXTENDED_IOCTL_SUPPORT, (driverConfig & TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL) ? BST_CHECKED : BST_UNCHECKED); CheckDlgButton (hwndDlg, IDC_ALLOW_TRIM_NONSYS_SSD, (driverConfig & VC_DRIVER_CONFIG_ALLOW_NONSYS_TRIM) ? BST_CHECKED : BST_UNCHECKED); + // checkbox for Windows Defragmenter only usuable on Windows 10 + // on previous version, we can not control Windows defragmenter so + // this settings is always checked. + if (CurrentOSMajor >= 10) + CheckDlgButton (hwndDlg, IDC_ALLOW_WINDOWS_DEFRAG, (driverConfig & VC_DRIVER_CONFIG_ALLOW_WINDOWS_DEFRAG) ? BST_CHECKED : BST_UNCHECKED); + else + { + CheckDlgButton (hwndDlg, IDC_ALLOW_WINDOWS_DEFRAG, BST_CHECKED); + EnableWindow (GetDlgItem (hwndDlg, IDC_ALLOW_WINDOWS_DEFRAG), FALSE); + } SYSTEM_INFO sysInfo; GetSystemInfo (&sysInfo); @@ -10914,6 +10924,7 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM BOOL disableHW = !IsDlgButtonChecked (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION); BOOL enableExtendedIOCTL = IsDlgButtonChecked (hwndDlg, IDC_ENABLE_EXTENDED_IOCTL_SUPPORT); BOOL allowTrimCommand = IsDlgButtonChecked (hwndDlg, IDC_ALLOW_TRIM_NONSYS_SSD); + BOOL allowWindowsDefrag = IsDlgButtonChecked (hwndDlg, IDC_ALLOW_WINDOWS_DEFRAG); try { @@ -10951,6 +10962,8 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION, disableHW); SetDriverConfigurationFlag (TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL, enableExtendedIOCTL); SetDriverConfigurationFlag (VC_DRIVER_CONFIG_ALLOW_NONSYS_TRIM, allowTrimCommand); + if (CurrentOSMajor >= 10) + SetDriverConfigurationFlag (VC_DRIVER_CONFIG_ALLOW_WINDOWS_DEFRAG, allowWindowsDefrag); DWORD bytesReturned; if (!DeviceIoControl (hDriver, TC_IOCTL_REREAD_DRIVER_CONFIG, NULL, 0, NULL, 0, &bytesReturned, NULL)) @@ -10982,6 +10995,14 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM } return 1; + case IDC_ALLOW_WINDOWS_DEFRAG: + if (IsDlgButtonChecked (hwndDlg, IDC_ALLOW_WINDOWS_DEFRAG) + && AskWarnYesNo ("CONFIRM_ALLOW_WINDOWS_DEFRAG", hwndDlg) == IDNO) + { + CheckDlgButton (hwndDlg, IDC_ALLOW_WINDOWS_DEFRAG, BST_UNCHECKED); + } + return 1; + case IDC_ENABLE_HARDWARE_ENCRYPTION: if (!IsDlgButtonChecked (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION) && AskWarnYesNo ("CONFIRM_SETTING_DEGRADES_PERFORMANCE", hwndDlg) == IDNO) diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc index 07b5be0c..a0eaf661 100644 --- a/src/Mount/Mount.rc +++ b/src/Mount/Mount.rc @@ -309,7 +309,7 @@ BEGIN DEFPUSHBUTTON "OK",IDOK,255,158,50,14 END -IDD_PERFORMANCE_SETTINGS DIALOGEX 0, 0, 371, 253 +IDD_PERFORMANCE_SETTINGS DIALOGEX 0, 0, 371, 265 STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU CAPTION "VeraCrypt - Performance Options" FONT 8, "MS Shell Dlg", 400, 0, 0x1 @@ -327,13 +327,15 @@ BEGIN "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,198,337,10 CONTROL "Allow TRIM command for non-system SSD partition/drive",IDC_ALLOW_TRIM_NONSYS_SSD, "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,212,337,10 - PUSHBUTTON "&Benchmark",IDC_BENCHMARK,7,232,59,14 - DEFPUSHBUTTON "OK",IDOK,257,232,50,14 - PUSHBUTTON "Cancel",IDCANCEL,314,232,50,14 + PUSHBUTTON "&Benchmark",IDC_BENCHMARK,7,244,59,14 + DEFPUSHBUTTON "OK",IDOK,257,244,50,14 + PUSHBUTTON "Cancel",IDCANCEL,314,244,50,14 LTEXT "Processor (CPU) in this computer supports hardware acceleration for AES:",IDT_HW_AES_SUPPORTED_BY_CPU,18,23,273,9 GROUPBOX "Hardware Acceleration",IDT_ACCELERATION_OPTIONS,7,6,355,74 GROUPBOX "Thread-Based Parallelization",IDT_PARALLELIZATION_OPTIONS,7,84,355,93 - GROUPBOX "Driver Configuration",IDT_DRIVER_OPTIONS,7,183,357,44 + GROUPBOX "Driver Configuration",IDT_DRIVER_OPTIONS,7,183,357,58 + CONTROL "Allow Windows Disk Defragmenter to defragment non-system partition/drive",IDC_ALLOW_WINDOWS_DEFRAG, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,226,337,10 END IDD_FAVORITE_VOLUMES DIALOGEX 0, 0, 380, 368 @@ -500,7 +502,7 @@ BEGIN LEFTMARGIN, 7 RIGHTMARGIN, 364 TOPMARGIN, 7 - BOTTOMMARGIN, 246 + BOTTOMMARGIN, 258 END IDD_FAVORITE_VOLUMES, DIALOG diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h index 94d57108..d66e1282 100644 --- a/src/Mount/Resource.h +++ b/src/Mount/Resource.h @@ -189,6 +189,7 @@ #define IDT_ADVANCED_OPTIONS 1166 #define IDC_ALLOW_TRIM_NONSYS_SSD 1167 #define IDC_BLOCK_SYSENC_TRIM 1168 +#define IDC_ALLOW_WINDOWS_DEFRAG 1169 #define IDM_HELP 40001 #define IDM_ABOUT 40002 #define IDM_UNMOUNT_VOLUME 40003 @@ -265,7 +266,7 @@ #define _APS_NO_MFC 1 #define _APS_NEXT_RESOURCE_VALUE 120 #define _APS_NEXT_COMMAND_VALUE 40069 -#define _APS_NEXT_CONTROL_VALUE 1169 +#define _APS_NEXT_CONTROL_VALUE 1170 #define _APS_NEXT_SYMED_VALUE 101 #endif #endif |