From c6d63e9365a3c591e6451aeeb049c24de12649bf Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Sat, 27 Feb 2021 23:05:40 +0100
Subject: Windows: Block Windows from resizing system partition if it is
 encrypted. This avoid issues during Windows Upgrade that sometimes resizes
 system partition which create problems if it is encrypted by VeraCrypt

---
 src/Driver/DriveFilter.c  |  5 +++++
 src/Driver/Ntdriver.c     |  2 ++
 src/Driver/VolumeFilter.c | 56 ++++++++++++++++++++++++++++++++---------------
 3 files changed, 45 insertions(+), 18 deletions(-)

diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c
index 740ce949..4afb692b 100644
--- a/src/Driver/DriveFilter.c
+++ b/src/Driver/DriveFilter.c
@@ -1046,6 +1046,11 @@ static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFil
 				}
 			}
 			break;
+		case IOCTL_DISK_GROW_PARTITION:
+			Dump ("DriverFilter-DispatchControl: IOCTL_DISK_GROW_PARTITION blocked\n");
+			IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
+			return TCCompleteDiskIrp (Irp, STATUS_UNSUCCESSFUL, 0);
+			break;
 	}
 
 	status = PassIrp (Extension->LowerDeviceObject, Irp);
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c
index a5ef2472..2d025fa5 100644
--- a/src/Driver/Ntdriver.c
+++ b/src/Driver/Ntdriver.c
@@ -3381,6 +3381,8 @@ LPWSTR TCTranslateCode (ULONG ulCode)
 		return (LPWSTR) _T ("IOCTL_STORAGE_CHECK_PRIORITY_HINT_SUPPORT");
 	else if (ulCode == IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES)
 		return (LPWSTR) _T ("IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES");
+	else if (ulCode == IOCTL_DISK_GROW_PARTITION)
+		return (LPWSTR) _T ("IOCTL_DISK_GROW_PARTITION");
 	else if (ulCode == IRP_MJ_READ)
 		return (LPWSTR) _T ("IRP_MJ_READ");
 	else if (ulCode == IRP_MJ_WRITE)
diff --git a/src/Driver/VolumeFilter.c b/src/Driver/VolumeFilter.c
index 14e496bc..29d02673 100644
--- a/src/Driver/VolumeFilter.c
+++ b/src/Driver/VolumeFilter.c
@@ -125,6 +125,32 @@ static NTSTATUS OnStartDeviceCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP
 	return STATUS_CONTINUE_COMPLETION;
 }
 
+static BOOL IsSystemVolumePartition (VolumeFilterExtension *Extension)
+{
+	NTSTATUS status;
+	BOOL bRet = FALSE;
+	DriveFilterExtension *bootDriveExtension = GetBootDriveFilterExtension();
+	STORAGE_DEVICE_NUMBER storageDeviceNumber;
+
+	if (!bootDriveExtension->SystemStorageDeviceNumberValid)
+		TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
+
+	status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber));
+
+	if (NT_SUCCESS (status) && bootDriveExtension->SystemStorageDeviceNumber == storageDeviceNumber.DeviceNumber)
+	{
+		PARTITION_INFORMATION_EX partition;
+		status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &partition, sizeof (partition));
+
+		if (NT_SUCCESS (status) && partition.StartingOffset.QuadPart == bootDriveExtension->ConfiguredEncryptedAreaStart)
+		{
+			bRet = TRUE;
+		}
+	}
+
+	return bRet;
+}
+
 
 static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp)
 {
@@ -139,25 +165,10 @@ static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFi
 		case IOCTL_DISK_IS_WRITABLE:
 			{
 				// All volumes except the system volume must be read-only
-
-				DriveFilterExtension *bootDriveExtension = GetBootDriveFilterExtension();
-				STORAGE_DEVICE_NUMBER storageDeviceNumber;
-
-				if (!bootDriveExtension->SystemStorageDeviceNumberValid)
-					TC_BUG_CHECK (STATUS_INVALID_PARAMETER);
-
-				status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_STORAGE_GET_DEVICE_NUMBER, NULL, 0, &storageDeviceNumber, sizeof (storageDeviceNumber));
-
-				if (NT_SUCCESS (status) && bootDriveExtension->SystemStorageDeviceNumber == storageDeviceNumber.DeviceNumber)
+				if (IsSystemVolumePartition(Extension))
 				{
-					PARTITION_INFORMATION_EX partition;
-					status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &partition, sizeof (partition));
-
-					if (NT_SUCCESS (status) && partition.StartingOffset.QuadPart == bootDriveExtension->ConfiguredEncryptedAreaStart)
-					{
-						IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
-						return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0);
-					}
+					IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
+					return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0);
 				}
 
 				IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
@@ -194,6 +205,15 @@ static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFi
 
 			IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
 			return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0);
+
+		case IOCTL_DISK_GROW_PARTITION:
+			if (IsSystemVolumePartition(Extension))
+			{
+				Dump ("VolumeFilter-DispatchControl: IOCTL_DISK_GROW_PARTITION blocked\n");
+				IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
+				return TCCompleteDiskIrp (Irp, STATUS_UNSUCCESSFUL, 0);
+			}
+			break;
 		}
 	}
 
-- 
cgit v1.2.3