VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2018-08-23 18:57:00 (GMT)
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2018-08-23 22:49:59 (GMT)
commit7cbe6b71e50b535d40336385600139cf2f8524ba (patch)
tree3b34de9c4744e143be5bc5150eeac630f0280857 /src
parentf5a765e86088eb90c4392e43ad8a3c27bfa814cc (diff)
downloadVeraCrypt-7cbe6b71e50b535d40336385600139cf2f8524ba.zip
VeraCrypt-7cbe6b71e50b535d40336385600139cf2f8524ba.tar.gz
Windows: implement a driver configuration option to explicitly allow defragmenting non-système disques by Windows built-in defragmenter tool.
Diffstat (limited to 'src')
-rw-r--r--src/Common/Apidrvr.h1
-rw-r--r--src/Common/Language.xml8
-rw-r--r--src/Driver/Ntdriver.c4
-rw-r--r--src/Driver/Ntdriver.h1
-rw-r--r--src/Mount/Mount.c21
-rw-r--r--src/Mount/Mount.rc14
-rw-r--r--src/Mount/Resource.h3
7 files changed, 41 insertions, 11 deletions
diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h
index 1230fc4..2c436bf 100644
--- a/src/Common/Apidrvr.h
+++ b/src/Common/Apidrvr.h
@@ -412,5 +412,6 @@ typedef struct
#define TC_DRIVER_CONFIG_CACHE_BOOT_PIM 0x40
#define VC_DRIVER_CONFIG_ALLOW_NONSYS_TRIM 0x80
#define VC_DRIVER_CONFIG_BLOCK_SYS_TRIM 0x100
+#define VC_DRIVER_CONFIG_ALLOW_WINDOWS_DEFRAG 0x200
#endif /* _WIN32 */
diff --git a/src/Common/Language.xml b/src/Common/Language.xml
index 9c0e4fa..88b5e0f 100644
--- a/src/Common/Language.xml
+++ b/src/Common/Language.xml
@@ -1421,10 +1421,12 @@
<entry lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</entry>
<entry lang="en" key="WINDOWS_EFI_BOOT_LOADER_MISSING">ERROR: Windows EFI system loader could not be located on the disk. Operation will be aborted.</entry>
<entry lang="en" key="SYSENC_EFI_UNSUPPORTED_SECUREBOOT">It is currently not possible to encrypt a system if SecureBoot is enabled and if VeraCrypt custom keys are not loaded into the machine firmware. SecureBoot needs to be disabled in the BIOS configuration in order to allow system encryption to proceed.</entry>
- <entry lang="en" key="PASSWORD_PASTED_TRUNCATED">Pasted text truncated because the password maximum length is 64 characters</entry>
- <entry lang="en" key="PASSWORD_MAXLENGTH_REACHED">Password already reached its maximum length of 64 characters.\nNo additional character is allowed.</entry>
- <entry lang="en" key="IDC_SELECT_LANGUAGE_LABEL">Select the language to use during the installation:</entry>
+ <entry lang="en" key="PASSWORD_PASTED_TRUNCATED">Pasted text truncated because the password maximum length is 64 characters</entry>
+ <entry lang="en" key="PASSWORD_MAXLENGTH_REACHED">Password already reached its maximum length of 64 characters.\nNo additional character is allowed.</entry>
+ <entry lang="en" key="IDC_SELECT_LANGUAGE_LABEL">Select the language to use during the installation:</entry>
<entry lang="en" key="VOLUME_TOO_LARGE_FOR_HOST">ERROR: The size of the file container is larger than the available free space on disk.</entry>
+ <entry lang="en" key="IDC_ALLOW_WINDOWS_DEFRAG">Allow Windows Disk Defragmenter to defragment non-system partition/drive</entry>
+ <entry lang="en" key="CONFIRM_ALLOW_WINDOWS_DEFRAG">WARNING: Defragmenting non-system partitions/drives may leak metadata about their content or cause issues with hidden volumes they may contain.\n\nContinue?</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c
index 6e77472..e8fb282 100644
--- a/src/Driver/Ntdriver.c
+++ b/src/Driver/Ntdriver.c
@@ -129,6 +129,7 @@ BOOL CacheBootPassword = FALSE;
BOOL CacheBootPim = FALSE;
BOOL NonAdminSystemFavoritesAccessDisabled = FALSE;
BOOL BlockSystemTrimCommand = FALSE;
+BOOL AllowWindowsDefrag = FALSE;
static size_t EncryptionThreadPoolFreeCpuCountLimit = 0;
static BOOL SystemFavoriteVolumeDirty = FALSE;
static BOOL PagingFileCreationPrevented = FALSE;
@@ -1265,7 +1266,7 @@ NTSTATUS ProcessVolumeDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION
Dump ("ProcessVolumeDeviceControlIrp (IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS)\n");
// Vista's and Windows 10 filesystem defragmenter fails if IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS does not succeed.
if (!(OsMajorVersion == 6 && OsMinorVersion == 0)
- && !(OsMajorVersion == 10 && EnableExtendedIoctlSupport && Extension->bRawDevice)
+ && !(OsMajorVersion == 10 && AllowWindowsDefrag && Extension->bRawDevice)
)
{
Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;
@@ -4249,6 +4250,7 @@ NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry)
EnableExtendedIoctlSupport = (flags & TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL)? TRUE : FALSE;
AllowTrimCommand = (flags & VC_DRIVER_CONFIG_ALLOW_NONSYS_TRIM)? TRUE : FALSE;
+ AllowWindowsDefrag = (flags & VC_DRIVER_CONFIG_ALLOW_WINDOWS_DEFRAG)? TRUE : FALSE;
}
else
status = STATUS_INVALID_PARAMETER;
diff --git a/src/Driver/Ntdriver.h b/src/Driver/Ntdriver.h
index b679952..2479d45 100644
--- a/src/Driver/Ntdriver.h
+++ b/src/Driver/Ntdriver.h
@@ -124,6 +124,7 @@ extern BOOL VolumeClassFilterRegistered;
extern BOOL CacheBootPassword;
extern BOOL CacheBootPim;
extern BOOL BlockSystemTrimCommand;
+extern BOOL AllowWindowsDefrag;
/* Helper macro returning x seconds in units of 100 nanoseconds */
#define WAIT_SECONDS(x) ((x)*10000000)
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 1d80e03..aefafe9 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -10856,6 +10856,16 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM
CheckDlgButton (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION, (driverConfig & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? BST_UNCHECKED : BST_CHECKED);
CheckDlgButton (hwndDlg, IDC_ENABLE_EXTENDED_IOCTL_SUPPORT, (driverConfig & TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL) ? BST_CHECKED : BST_UNCHECKED);
CheckDlgButton (hwndDlg, IDC_ALLOW_TRIM_NONSYS_SSD, (driverConfig & VC_DRIVER_CONFIG_ALLOW_NONSYS_TRIM) ? BST_CHECKED : BST_UNCHECKED);
+ // checkbox for Windows Defragmenter only usuable on Windows 10
+ // on previous version, we can not control Windows defragmenter so
+ // this settings is always checked.
+ if (CurrentOSMajor >= 10)
+ CheckDlgButton (hwndDlg, IDC_ALLOW_WINDOWS_DEFRAG, (driverConfig & VC_DRIVER_CONFIG_ALLOW_WINDOWS_DEFRAG) ? BST_CHECKED : BST_UNCHECKED);
+ else
+ {
+ CheckDlgButton (hwndDlg, IDC_ALLOW_WINDOWS_DEFRAG, BST_CHECKED);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_ALLOW_WINDOWS_DEFRAG), FALSE);
+ }
SYSTEM_INFO sysInfo;
GetSystemInfo (&sysInfo);
@@ -10914,6 +10924,7 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM
BOOL disableHW = !IsDlgButtonChecked (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION);
BOOL enableExtendedIOCTL = IsDlgButtonChecked (hwndDlg, IDC_ENABLE_EXTENDED_IOCTL_SUPPORT);
BOOL allowTrimCommand = IsDlgButtonChecked (hwndDlg, IDC_ALLOW_TRIM_NONSYS_SSD);
+ BOOL allowWindowsDefrag = IsDlgButtonChecked (hwndDlg, IDC_ALLOW_WINDOWS_DEFRAG);
try
{
@@ -10951,6 +10962,8 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION, disableHW);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_ENABLE_EXTENDED_IOCTL, enableExtendedIOCTL);
SetDriverConfigurationFlag (VC_DRIVER_CONFIG_ALLOW_NONSYS_TRIM, allowTrimCommand);
+ if (CurrentOSMajor >= 10)
+ SetDriverConfigurationFlag (VC_DRIVER_CONFIG_ALLOW_WINDOWS_DEFRAG, allowWindowsDefrag);
DWORD bytesReturned;
if (!DeviceIoControl (hDriver, TC_IOCTL_REREAD_DRIVER_CONFIG, NULL, 0, NULL, 0, &bytesReturned, NULL))
@@ -10982,6 +10995,14 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM
}
return 1;
+ case IDC_ALLOW_WINDOWS_DEFRAG:
+ if (IsDlgButtonChecked (hwndDlg, IDC_ALLOW_WINDOWS_DEFRAG)
+ && AskWarnYesNo ("CONFIRM_ALLOW_WINDOWS_DEFRAG", hwndDlg) == IDNO)
+ {
+ CheckDlgButton (hwndDlg, IDC_ALLOW_WINDOWS_DEFRAG, BST_UNCHECKED);
+ }
+ return 1;
+
case IDC_ENABLE_HARDWARE_ENCRYPTION:
if (!IsDlgButtonChecked (hwndDlg, IDC_ENABLE_HARDWARE_ENCRYPTION)
&& AskWarnYesNo ("CONFIRM_SETTING_DEGRADES_PERFORMANCE", hwndDlg) == IDNO)
diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc
index 07b5be0..a0eaf66 100644
--- a/src/Mount/Mount.rc
+++ b/src/Mount/Mount.rc
@@ -309,7 +309,7 @@ BEGIN
DEFPUSHBUTTON "OK",IDOK,255,158,50,14
END
-IDD_PERFORMANCE_SETTINGS DIALOGEX 0, 0, 371, 253
+IDD_PERFORMANCE_SETTINGS DIALOGEX 0, 0, 371, 265
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "VeraCrypt - Performance Options"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
@@ -327,13 +327,15 @@ BEGIN
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,198,337,10
CONTROL "Allow TRIM command for non-system SSD partition/drive",IDC_ALLOW_TRIM_NONSYS_SSD,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,212,337,10
- PUSHBUTTON "&Benchmark",IDC_BENCHMARK,7,232,59,14
- DEFPUSHBUTTON "OK",IDOK,257,232,50,14
- PUSHBUTTON "Cancel",IDCANCEL,314,232,50,14
+ PUSHBUTTON "&Benchmark",IDC_BENCHMARK,7,244,59,14
+ DEFPUSHBUTTON "OK",IDOK,257,244,50,14
+ PUSHBUTTON "Cancel",IDCANCEL,314,244,50,14
LTEXT "Processor (CPU) in this computer supports hardware acceleration for AES:",IDT_HW_AES_SUPPORTED_BY_CPU,18,23,273,9
GROUPBOX "Hardware Acceleration",IDT_ACCELERATION_OPTIONS,7,6,355,74
GROUPBOX "Thread-Based Parallelization",IDT_PARALLELIZATION_OPTIONS,7,84,355,93
- GROUPBOX "Driver Configuration",IDT_DRIVER_OPTIONS,7,183,357,44
+ GROUPBOX "Driver Configuration",IDT_DRIVER_OPTIONS,7,183,357,58
+ CONTROL "Allow Windows Disk Defragmenter to defragment non-system partition/drive",IDC_ALLOW_WINDOWS_DEFRAG,
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,226,337,10
END
IDD_FAVORITE_VOLUMES DIALOGEX 0, 0, 380, 368
@@ -500,7 +502,7 @@ BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 364
TOPMARGIN, 7
- BOTTOMMARGIN, 246
+ BOTTOMMARGIN, 258
END
IDD_FAVORITE_VOLUMES, DIALOG
diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h
index 94d5710..d66e128 100644
--- a/src/Mount/Resource.h
+++ b/src/Mount/Resource.h
@@ -189,6 +189,7 @@
#define IDT_ADVANCED_OPTIONS 1166
#define IDC_ALLOW_TRIM_NONSYS_SSD 1167
#define IDC_BLOCK_SYSENC_TRIM 1168
+#define IDC_ALLOW_WINDOWS_DEFRAG 1169
#define IDM_HELP 40001
#define IDM_ABOUT 40002
#define IDM_UNMOUNT_VOLUME 40003
@@ -265,7 +266,7 @@
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 120
#define _APS_NEXT_COMMAND_VALUE 40069
-#define _APS_NEXT_CONTROL_VALUE 1169
+#define _APS_NEXT_CONTROL_VALUE 1170
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif