VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2018-03-05 19:29:08 +0100
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2018-03-05 19:35:07 +0100
commitd907627f7e4844547545b9ff189208cec9eee426 (patch)
treece75898e20230bc735db1380b0e14e1e7b7f9791
parentbac2ad29b66527a6dcc96c06e4c2407f4622414c (diff)
downloadVeraCrypt-d907627f7e4844547545b9ff189208cec9eee426.tar.gz
VeraCrypt-d907627f7e4844547545b9ff189208cec9eee426.zip
Windows: Add option to block TRIM command on system encryption SSD drives.
-rw-r--r--Translations/Language.ar.xml1
-rw-r--r--Translations/Language.be.xml1
-rw-r--r--Translations/Language.bg.xml1
-rw-r--r--Translations/Language.ca.xml1
-rw-r--r--Translations/Language.cs.xml1
-rw-r--r--Translations/Language.da.xml1
-rw-r--r--Translations/Language.de.xml1
-rw-r--r--Translations/Language.el.xml1
-rw-r--r--Translations/Language.es.xml1
-rw-r--r--Translations/Language.et.xml1
-rw-r--r--Translations/Language.eu.xml1
-rw-r--r--Translations/Language.fa.xml1
-rw-r--r--Translations/Language.fi.xml1
-rw-r--r--Translations/Language.fr.xml1
-rw-r--r--Translations/Language.hu.xml1
-rw-r--r--Translations/Language.id.xml1
-rw-r--r--Translations/Language.it.xml1
-rw-r--r--Translations/Language.ja.xml1
-rw-r--r--Translations/Language.ka.xml1
-rw-r--r--Translations/Language.ko.xml1
-rw-r--r--Translations/Language.lv.xml1
-rw-r--r--Translations/Language.my.xml1
-rw-r--r--Translations/Language.nl.xml1
-rw-r--r--Translations/Language.nn.xml1
-rw-r--r--Translations/Language.pl.xml1
-rw-r--r--Translations/Language.pt-br.xml1
-rw-r--r--Translations/Language.ro.xml1
-rw-r--r--Translations/Language.ru.xml1
-rw-r--r--Translations/Language.sk.xml1
-rw-r--r--Translations/Language.sl.xml1
-rw-r--r--Translations/Language.sv.xml1
-rw-r--r--Translations/Language.th.xml1
-rw-r--r--Translations/Language.tr.xml1
-rw-r--r--Translations/Language.uk.xml1
-rw-r--r--Translations/Language.uz.xml1
-rw-r--r--Translations/Language.vi.xml1
-rw-r--r--Translations/Language.zh-cn.xml1
-rw-r--r--Translations/Language.zh-hk.xml1
-rw-r--r--Translations/Language.zh-tw.xml1
-rw-r--r--src/Common/Apidrvr.h1
-rw-r--r--src/Common/Language.xml1
-rw-r--r--src/Driver/DriveFilter.c43
-rw-r--r--src/Driver/Ntdriver.c4
-rw-r--r--src/Driver/Ntdriver.h2
-rw-r--r--src/Mount/Mount.c4
-rw-r--r--src/Mount/Mount.rc56
-rw-r--r--src/Mount/Resource.h3
47 files changed, 125 insertions, 28 deletions
diff --git a/Translations/Language.ar.xml b/Translations/Language.ar.xml
index 06f86e51..c4b4de6b 100644
--- a/Translations/Language.ar.xml
+++ b/Translations/Language.ar.xml
@@ -1423,6 +1423,7 @@
<control lang="ar" key="IDT_ADVANCED_OPTIONS">خيارات متقدمة</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.be.xml b/Translations/Language.be.xml
index 2ab42196..d3215707 100644
--- a/Translations/Language.be.xml
+++ b/Translations/Language.be.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.bg.xml b/Translations/Language.bg.xml
index 783c1d96..b3ec0771 100644
--- a/Translations/Language.bg.xml
+++ b/Translations/Language.bg.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.ca.xml b/Translations/Language.ca.xml
index ef376c33..b29186d4 100644
--- a/Translations/Language.ca.xml
+++ b/Translations/Language.ca.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.cs.xml b/Translations/Language.cs.xml
index 769a3589..b4a6f56b 100644
--- a/Translations/Language.cs.xml
+++ b/Translations/Language.cs.xml
@@ -1423,6 +1423,7 @@
<control lang="cs" key="IDT_ADVANCED_OPTIONS">Pokročilé možnosti</control>
<string lang="cs" key="AFTER_UPGRADE_RESCUE_DISK">Doporučujeme vytvořit si nový záchranný disk Veracryptu (již bude obsahovat novou verzi VeraCrypt Boot Loader). Učiníte tak pomocí nabídky 'Systém' > 'Vytvořit záchranný disk'.\nChcete to provést nyní?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.da.xml b/Translations/Language.da.xml
index 78889012..c29c3f6f 100644
--- a/Translations/Language.da.xml
+++ b/Translations/Language.da.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.de.xml b/Translations/Language.de.xml
index 26783f69..1e6b92e6 100644
--- a/Translations/Language.de.xml
+++ b/Translations/Language.de.xml
@@ -1423,6 +1423,7 @@
<control lang="de" key="IDT_ADVANCED_OPTIONS">Erweiterte Optionen</control>
<string lang="de" key="AFTER_UPGRADE_RESCUE_DISK">Es wird dringend empfohlen, dass Sie einen neuen VeraCrypt-Rettungsdatenträger (der die neue Version des VeraCrypt-Bootloaders enthalten wird) erstellen, indem Sie 'System' > 'Rettungsdatenträger erstellen' auswählen.\nMöchten Sie es jetzt erledigen?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML-Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.el.xml b/Translations/Language.el.xml
index 636fb9c6..2bb46117 100644
--- a/Translations/Language.el.xml
+++ b/Translations/Language.el.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.es.xml b/Translations/Language.es.xml
index dbfd4648..40888d30 100644
--- a/Translations/Language.es.xml
+++ b/Translations/Language.es.xml
@@ -1423,6 +1423,7 @@
<control lang="es" key="IDT_ADVANCED_OPTIONS">Opciones Avanzadas</control>
<string lang="es" key="AFTER_UPGRADE_RESCUE_DISK">Se recomienda encarecidamente que cree un nuevo Disco de Rescate de VeraCrypt (el cual tendrá la nueva versión de Cargador de Arranque de VeraCrypt) seleccionando 'Sistema' > 'Crear Disco de Rescate'.\n¿Quiere proceder a ello ahora?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.et.xml b/Translations/Language.et.xml
index 01c13c35..799ed4c7 100644
--- a/Translations/Language.et.xml
+++ b/Translations/Language.et.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.eu.xml b/Translations/Language.eu.xml
index 75adcd5e..68a4880a 100644
--- a/Translations/Language.eu.xml
+++ b/Translations/Language.eu.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.fa.xml b/Translations/Language.fa.xml
index 63268044..0220d46e 100644
--- a/Translations/Language.fa.xml
+++ b/Translations/Language.fa.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.fi.xml b/Translations/Language.fi.xml
index 5073b544..0dbf3298 100644
--- a/Translations/Language.fi.xml
+++ b/Translations/Language.fi.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.fr.xml b/Translations/Language.fr.xml
index 65c29f79..14b57e54 100644
--- a/Translations/Language.fr.xml
+++ b/Translations/Language.fr.xml
@@ -1423,6 +1423,7 @@
<control lang="fr" key="IDT_ADVANCED_OPTIONS">Options Avancées</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="fr" key="IDC_ALLOW_TRIM_NONSYS_SSD">Autoriser la commande TRIM sur les disques SSD non système</control>
+ <control lang="fr" key="IDC_BLOCK_SYSENC_TRIM">Bloquer la commande TRIM sur la partition/disque système</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.hu.xml b/Translations/Language.hu.xml
index facf8741..e5fafb77 100644
--- a/Translations/Language.hu.xml
+++ b/Translations/Language.hu.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.id.xml b/Translations/Language.id.xml
index 9083d1d3..2b858321 100644
--- a/Translations/Language.id.xml
+++ b/Translations/Language.id.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.it.xml b/Translations/Language.it.xml
index bcd31a73..e8bdec19 100644
--- a/Translations/Language.it.xml
+++ b/Translations/Language.it.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.ja.xml b/Translations/Language.ja.xml
index 69ecad64..de3bb14c 100644
--- a/Translations/Language.ja.xml
+++ b/Translations/Language.ja.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.ka.xml b/Translations/Language.ka.xml
index 3bd740f1..f5884b3a 100644
--- a/Translations/Language.ka.xml
+++ b/Translations/Language.ka.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.ko.xml b/Translations/Language.ko.xml
index bca41ccb..2601b2d6 100644
--- a/Translations/Language.ko.xml
+++ b/Translations/Language.ko.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.lv.xml b/Translations/Language.lv.xml
index 0133a479..43a91bc8 100644
--- a/Translations/Language.lv.xml
+++ b/Translations/Language.lv.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.my.xml b/Translations/Language.my.xml
index ce6c3770..8a420fa7 100644
--- a/Translations/Language.my.xml
+++ b/Translations/Language.my.xml
@@ -1425,6 +1425,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.nl.xml b/Translations/Language.nl.xml
index d74a72c9..80bbaf15 100644
--- a/Translations/Language.nl.xml
+++ b/Translations/Language.nl.xml
@@ -1424,6 +1424,7 @@
<control lang="nl" key="IDT_ADVANCED_OPTIONS">Geavanceerde opties</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.nn.xml b/Translations/Language.nn.xml
index de684cba..bb215ea5 100644
--- a/Translations/Language.nn.xml
+++ b/Translations/Language.nn.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.pl.xml b/Translations/Language.pl.xml
index 98133d42..e5e1aa0a 100644
--- a/Translations/Language.pl.xml
+++ b/Translations/Language.pl.xml
@@ -1423,6 +1423,7 @@
<control lang="pl" key="IDT_ADVANCED_OPTIONS">Opcje zaawansowane</control>
<string lang="pl" key="AFTER_UPGRADE_RESCUE_DISK">Zdecydowanie zaleca się utworzenie nowej płyty ratunkowej VeraCrypt (która zawierać będzie nową wersję programu rozruchowego VeraCrypt) poprzez wybranie 'System' > 'Utwórz płytę ratunkową'.\nCzy chcesz to teraz zrobić?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.pt-br.xml b/Translations/Language.pt-br.xml
index 8298c0d3..7762346b 100644
--- a/Translations/Language.pt-br.xml
+++ b/Translations/Language.pt-br.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.ro.xml b/Translations/Language.ro.xml
index 852a61b3..ce3e50eb 100644
--- a/Translations/Language.ro.xml
+++ b/Translations/Language.ro.xml
@@ -1423,6 +1423,7 @@
<control lang="ro" key="IDT_ADVANCED_OPTIONS">Opțiuni avansate</control>
<string lang="ro" key="AFTER_UPGRADE_RESCUE_DISK">Este recomandată crearea unui Disc de recuperare Veracrypt nou (ce va conține noua versiune a încărcătorului Veracrypt) selectând 'Sistem' > 'Creare disc de recuperare'.\nDoriți crearea lui acum ?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.ru.xml b/Translations/Language.ru.xml
index 8c58bc6a..229ff19f 100644
--- a/Translations/Language.ru.xml
+++ b/Translations/Language.ru.xml
@@ -1423,6 +1423,7 @@
<control lang="ru" key="IDT_ADVANCED_OPTIONS">Расширенные настройки</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.sk.xml b/Translations/Language.sk.xml
index 0c6566c4..c179ba49 100644
--- a/Translations/Language.sk.xml
+++ b/Translations/Language.sk.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.sl.xml b/Translations/Language.sl.xml
index 36daa9f2..d847313d 100644
--- a/Translations/Language.sl.xml
+++ b/Translations/Language.sl.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.sv.xml b/Translations/Language.sv.xml
index 27e1b199..8b797ae8 100644
--- a/Translations/Language.sv.xml
+++ b/Translations/Language.sv.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.th.xml b/Translations/Language.th.xml
index dc2911e0..7aaafcbd 100644
--- a/Translations/Language.th.xml
+++ b/Translations/Language.th.xml
@@ -1424,6 +1424,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.tr.xml b/Translations/Language.tr.xml
index 86824b03..adbe1ac2 100644
--- a/Translations/Language.tr.xml
+++ b/Translations/Language.tr.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.uk.xml b/Translations/Language.uk.xml
index ff8ca61c..2924fa84 100644
--- a/Translations/Language.uk.xml
+++ b/Translations/Language.uk.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.uz.xml b/Translations/Language.uz.xml
index e9d6e7ca..45e1388b 100644
--- a/Translations/Language.uz.xml
+++ b/Translations/Language.uz.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.vi.xml b/Translations/Language.vi.xml
index cbd4fe87..135151a6 100644
--- a/Translations/Language.vi.xml
+++ b/Translations/Language.vi.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.zh-cn.xml b/Translations/Language.zh-cn.xml
index 004eca34..4d550e99 100644
--- a/Translations/Language.zh-cn.xml
+++ b/Translations/Language.zh-cn.xml
@@ -1423,6 +1423,7 @@
<control lang="zh-cn" key="IDT_ADVANCED_OPTIONS">高级选项</control>
<string lang="zh-cn" key="AFTER_UPGRADE_RESCUE_DISK">强烈建议您创建一个新的 VeraCrypt 修复盘 (该磁盘将包含新版本的 VeraCrypt 引导加载程序),方法是选择 '系统' > '创建修复盘'。\n您现在要创建吗?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.zh-hk.xml b/Translations/Language.zh-hk.xml
index 603964a8..b7b056e9 100644
--- a/Translations/Language.zh-hk.xml
+++ b/Translations/Language.zh-hk.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/Translations/Language.zh-tw.xml b/Translations/Language.zh-tw.xml
index b855e8c3..925ef75e 100644
--- a/Translations/Language.zh-tw.xml
+++ b/Translations/Language.zh-tw.xml
@@ -1423,6 +1423,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h
index fda2d946..1230fc43 100644
--- a/src/Common/Apidrvr.h
+++ b/src/Common/Apidrvr.h
@@ -411,5 +411,6 @@ typedef struct
#define TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION 0x20
#define TC_DRIVER_CONFIG_CACHE_BOOT_PIM 0x40
#define VC_DRIVER_CONFIG_ALLOW_NONSYS_TRIM 0x80
+#define VC_DRIVER_CONFIG_BLOCK_SYS_TRIM 0x100
#endif /* _WIN32 */
diff --git a/src/Common/Language.xml b/src/Common/Language.xml
index 38457c49..cf7cfa82 100644
--- a/src/Common/Language.xml
+++ b/src/Common/Language.xml
@@ -1424,6 +1424,7 @@
<control lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</control>
<string lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</string>
<control lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM operation for non-system SSD partition/drive</control>
+ <control lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</control>
</localization>
<!-- XML Schema -->
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c
index 08bebe18..bb7083ce 100644
--- a/src/Driver/DriveFilter.c
+++ b/src/Driver/DriveFilter.c
@@ -941,6 +941,46 @@ static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilte
return status;
}
+static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilterExtension *Extension, PIO_STACK_LOCATION irpSp)
+{
+ BOOL bBlockTrim = BlockSystemTrimCommand || IsHiddenSystemRunning();
+ NTSTATUS status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp);
+ if (!NT_SUCCESS (status))
+ return TCCompleteIrp (Irp, status, 0);
+
+ switch (irpSp->Parameters.DeviceIoControl.IoControlCode)
+ {
+ case IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES:
+ Dump ("DriverFilter-DispatchControl: IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES\n");
+ if (bBlockTrim)
+ {
+ PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp);
+ DWORD inputLength = irpSp->Parameters.DeviceIoControl.InputBufferLength;
+ if (inputLength >= sizeof (DEVICE_MANAGE_DATA_SET_ATTRIBUTES))
+ {
+ PDEVICE_MANAGE_DATA_SET_ATTRIBUTES pInputAttrs = (PDEVICE_MANAGE_DATA_SET_ATTRIBUTES) Irp->AssociatedIrp.SystemBuffer;
+ DEVICE_DATA_MANAGEMENT_SET_ACTION action = pInputAttrs->Action;
+ if (action == DeviceDsmAction_Trim)
+ {
+ Dump ("DriverFilter-DispatchControl: IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES - DeviceDsmAction_Trim.\n");
+
+ if (bBlockTrim)
+ {
+ Dump ("DriverFilter-DispatchControl:: TRIM command blocked.\n");
+ IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
+ return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0);
+ }
+ }
+ }
+ }
+ break;
+ }
+
+ status = PassIrp (Extension->LowerDeviceObject, Irp);
+ IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
+ return status;
+}
+
NTSTATUS DriveFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp)
{
@@ -970,6 +1010,9 @@ NTSTATUS DriveFilterDispatchIrp (PDEVICE_OBJECT DeviceObject, PIRP Irp)
case IRP_MJ_POWER:
return DispatchPower (DeviceObject, Irp, Extension, irpSp);
+
+ case IRP_MJ_DEVICE_CONTROL:
+ return DispatchControl (DeviceObject, Irp, Extension, irpSp);
}
status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp);
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c
index ce2f01ce..fca2ca42 100644
--- a/src/Driver/Ntdriver.c
+++ b/src/Driver/Ntdriver.c
@@ -128,6 +128,7 @@ BOOL VolumeClassFilterRegistered = FALSE;
BOOL CacheBootPassword = FALSE;
BOOL CacheBootPim = FALSE;
BOOL NonAdminSystemFavoritesAccessDisabled = FALSE;
+BOOL BlockSystemTrimCommand = FALSE;
static size_t EncryptionThreadPoolFreeCpuCountLimit = 0;
static BOOL SystemFavoriteVolumeDirty = FALSE;
static BOOL PagingFileCreationPrevented = FALSE;
@@ -4220,6 +4221,9 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry)
if (flags & TC_DRIVER_CONFIG_CACHE_BOOT_PIM)
CacheBootPim = TRUE;
+
+ if (flags & VC_DRIVER_CONFIG_BLOCK_SYS_TRIM)
+ BlockSystemTrimCommand = TRUE;
}
EnableHwEncryption ((flags & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? FALSE : TRUE);
diff --git a/src/Driver/Ntdriver.h b/src/Driver/Ntdriver.h
index 50a98d03..8403f212 100644
--- a/src/Driver/Ntdriver.h
+++ b/src/Driver/Ntdriver.h
@@ -122,7 +122,7 @@ extern ULONG OsMinorVersion;
extern BOOL VolumeClassFilterRegistered;
extern BOOL CacheBootPassword;
extern BOOL CacheBootPim;
-
+extern BOOL BlockSystemTrimCommand;
/* Helper macro returning x seconds in units of 100 nanoseconds */
#define WAIT_SECONDS(x) ((x)*10000000)
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 61ce4f77..ac9ef105 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -11109,6 +11109,7 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
uint16 bootLoaderVersion = 0;
BOOL bPasswordCacheEnabled = (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD)? TRUE : FALSE;
BOOL bPimCacheEnabled = (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PIM)? TRUE : FALSE;
+ BOOL bBlockSysEncTrimEnabled = (driverConfig & VC_DRIVER_CONFIG_BLOCK_SYS_TRIM)? TRUE : FALSE;
if (!BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion))
{
@@ -11150,6 +11151,7 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
CheckDlgButton (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD, bPasswordCacheEnabled ? BST_CHECKED : BST_UNCHECKED);
EnableWindow (GetDlgItem (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM), bPasswordCacheEnabled);
CheckDlgButton (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? BST_CHECKED : BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_BLOCK_SYSENC_TRIM, bBlockSysEncTrimEnabled ? BST_CHECKED : BST_UNCHECKED);
}
catch (Exception &e)
{
@@ -11261,10 +11263,12 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
{
BOOL bPasswordCacheEnabled = IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD);
BOOL bPimCacheEnabled = IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM);
+ BOOL bBlockSysEncTrimEnabled = IsDlgButtonChecked (hwndDlg, IDC_BLOCK_SYSENC_TRIM);
BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim, prop.pkcs5);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD, bPasswordCacheEnabled);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? TRUE : FALSE);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION, IsDlgButtonChecked (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION));
+ SetDriverConfigurationFlag (VC_DRIVER_CONFIG_BLOCK_SYS_TRIM, bBlockSysEncTrimEnabled);
}
catch (Exception &e)
{
diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc
index 9024b0d6..9eae9dac 100644
--- a/src/Mount/Mount.rc
+++ b/src/Mount/Mount.rc
@@ -285,26 +285,28 @@ BEGIN
LTEXT "",IDT_PKCS11_LIB_HELP,16,63,286,65
END
-IDD_EFI_SYSENC_SETTINGS DIALOGEX 0, 0, 374, 165
+IDD_EFI_SYSENC_SETTINGS DIALOGEX 0, 0, 375, 182
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "VeraCrypt - System Encryption Settings"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
BEGIN
- CONTROL "&Cache pre-boot authentication password in driver memory (for mounting of non-system volumes)",IDC_BOOT_LOADER_CACHE_PASSWORD,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,68,339,10
- DEFPUSHBUTTON "OK",IDOK,255,141,50,14
- PUSHBUTTON "Cancel",IDCANCEL,313,141,50,14
GROUPBOX "Boot Loader Screen Options",IDT_BOOT_LOADER_SCREEN_OPTIONS,8,7,355,45
- GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,7,53,355,44
- CONTROL "Include PIM when caching pre-boot authentication password",IDC_BOOT_LOADER_CACHE_PIM,
- "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,16,83,340,10
CONTROL "Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk)",IDC_DISABLE_BOOT_LOADER_PIM_PROMPT,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,20,339,9
CONTROL "Do not request Hash algorithm in the pre-boot authentication screen",IDC_DISABLE_BOOT_LOADER_HASH_PROMPT,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,35,339,9
- PUSHBUTTON "Display EFI Platform Information",IDC_SHOW_PLATFORMINFO,187,112,173,14
- PUSHBUTTON "Edit Boot Loader Configuration",IDC_EDIT_DCSPROP,10,112,173,14
- GROUPBOX "Advanced Options",IDT_ADVANCED_OPTIONS,7,99,355,36
+ GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,7,53,355,61
+ CONTROL "&Cache pre-boot authentication password in driver memory (for mounting of non-system volumes)",IDC_BOOT_LOADER_CACHE_PASSWORD,
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,68,339,10
+ CONTROL "Include PIM when caching pre-boot authentication password",IDC_BOOT_LOADER_CACHE_PIM,
+ "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,16,83,340,10
+ CONTROL "Block TRIM command on system partition/drive",IDC_BLOCK_SYSENC_TRIM,
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,98,340,10
+ GROUPBOX "Advanced Options",IDT_ADVANCED_OPTIONS,7,116,355,36
+ PUSHBUTTON "Edit Boot Loader Configuration",IDC_EDIT_DCSPROP,10,129,173,14
+ PUSHBUTTON "Display EFI Platform Information",IDC_SHOW_PLATFORMINFO,187,129,173,14
+ PUSHBUTTON "Cancel",IDCANCEL,313,158,50,14
+ DEFPUSHBUTTON "OK",IDOK,255,158,50,14
END
IDD_PERFORMANCE_SETTINGS DIALOGEX 0, 0, 371, 253
@@ -389,7 +391,7 @@ BEGIN
CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,7,7,76,10
END
-IDD_SYSENC_SETTINGS DIALOGEX 0, 0, 370, 286
+IDD_SYSENC_SETTINGS DIALOGEX 0, 0, 371, 297
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "VeraCrypt - System Encryption Settings"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
@@ -397,22 +399,24 @@ BEGIN
CONTROL "Do not &show any texts in the pre-boot authentication screen (except the below custom message)",IDC_DISABLE_BOOT_LOADER_OUTPUT,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,20,339,9
EDITTEXT IDC_CUSTOM_BOOT_LOADER_MESSAGE,18,50,216,14,ES_AUTOHSCROLL
+ CONTROL "Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk)",IDC_DISABLE_BOOT_LOADER_PIM_PROMPT,
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,157,339,9
CONTROL "&Cache pre-boot authentication password in driver memory (for mounting of non-system volumes)",IDC_BOOT_LOADER_CACHE_PASSWORD,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,192,339,10
+ CONTROL "Include PIM when caching pre-boot authentication password",IDC_BOOT_LOADER_CACHE_PIM,
+ "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,18,207,340,10
CONTROL "Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager)",IDC_ALLOW_ESC_PBA_BYPASS,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,222,340,10
- DEFPUSHBUTTON "OK",IDOK,257,262,50,14
- PUSHBUTTON "Cancel",IDCANCEL,313,262,50,14
- LTEXT "Display this custom message in the pre-boot authentication screen (24 characters maximum):",IDT_CUSTOM_BOOT_LOADER_MESSAGE,18,39,337,8
- GROUPBOX "Boot Loader Screen Options",IDT_BOOT_LOADER_SCREEN_OPTIONS,8,7,355,165
- GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,8,177,355,75
- LTEXT "",IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP,18,72,337,73
CONTROL "Disable ""Evil Maid"" attack detection",IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,237,340,10
- CONTROL "Include PIM when caching pre-boot authentication password",IDC_BOOT_LOADER_CACHE_PIM,
- "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,18,207,340,10
- CONTROL "Do not request PIM in the pre-boot authentication screen (PIM value is stored unencrypted on disk)",IDC_DISABLE_BOOT_LOADER_PIM_PROMPT,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,157,339,9
+ CONTROL "Block TRIM command on system partition/drive",IDC_BLOCK_SYSENC_TRIM,
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,251,340,10
+ PUSHBUTTON "Cancel",IDCANCEL,314,273,50,14
+ DEFPUSHBUTTON "OK",IDOK,257,273,50,14
+ LTEXT "Display this custom message in the pre-boot authentication screen (24 characters maximum):",IDT_CUSTOM_BOOT_LOADER_MESSAGE,18,39,337,8
+ GROUPBOX "Boot Loader Screen Options",IDT_BOOT_LOADER_SCREEN_OPTIONS,9,7,355,165
+ GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,9,177,355,92
+ LTEXT "",IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP,18,72,337,73
END
/////////////////////////////////////////////////////////////////////////////
@@ -486,9 +490,9 @@ BEGIN
IDD_EFI_SYSENC_SETTINGS, DIALOG
BEGIN
LEFTMARGIN, 7
- RIGHTMARGIN, 367
+ RIGHTMARGIN, 368
TOPMARGIN, 7
- BOTTOMMARGIN, 155
+ BOTTOMMARGIN, 172
END
IDD_PERFORMANCE_SETTINGS, DIALOG
@@ -518,9 +522,9 @@ BEGIN
IDD_SYSENC_SETTINGS, DIALOG
BEGIN
LEFTMARGIN, 7
- RIGHTMARGIN, 363
+ RIGHTMARGIN, 364
TOPMARGIN, 7
- BOTTOMMARGIN, 276
+ BOTTOMMARGIN, 287
END
END
#endif // APSTUDIO_INVOKED
diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h
index 2cefbdad..94d57108 100644
--- a/src/Mount/Resource.h
+++ b/src/Mount/Resource.h
@@ -188,6 +188,7 @@
#define IDC_EDIT_DCSPROP 1165
#define IDT_ADVANCED_OPTIONS 1166
#define IDC_ALLOW_TRIM_NONSYS_SSD 1167
+#define IDC_BLOCK_SYSENC_TRIM 1168
#define IDM_HELP 40001
#define IDM_ABOUT 40002
#define IDM_UNMOUNT_VOLUME 40003
@@ -264,7 +265,7 @@
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 120
#define _APS_NEXT_COMMAND_VALUE 40069
-#define _APS_NEXT_CONTROL_VALUE 1168
+#define _APS_NEXT_CONTROL_VALUE 1169
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif