Windows: Block Windows from resizing system partition if it is encrypted. This avoid issues during Windows Upgrade that sometimes resizes system partition which create problems if it is encrypted by VeraCrypt

src/Driver/DriveFilter.c

@@ -1046,6 +1046,11 @@ static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFil
 				}
 			}
 			break;
+		case IOCTL_DISK_GROW_PARTITION:
+			Dump ("DriverFilter-DispatchControl: IOCTL_DISK_GROW_PARTITION blocked\n");
+			IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
+			return TCCompleteDiskIrp (Irp, STATUS_UNSUCCESSFUL, 0);
+			break;
 	}
 
 	status = PassIrp (Extension->LowerDeviceObject, Irp);

src/Driver/Ntdriver.c

@@ -3381,6 +3381,8 @@ LPWSTR TCTranslateCode (ULONG ulCode)
 		return (LPWSTR) _T ("IOCTL_STORAGE_CHECK_PRIORITY_HINT_SUPPORT");
 	else if (ulCode == IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES)
 		return (LPWSTR) _T ("IOCTL_STORAGE_MANAGE_DATA_SET_ATTRIBUTES");
+	else if (ulCode == IOCTL_DISK_GROW_PARTITION)
+		return (LPWSTR) _T ("IOCTL_DISK_GROW_PARTITION");
 	else if (ulCode == IRP_MJ_READ)
 		return (LPWSTR) _T ("IRP_MJ_READ");
 	else if (ulCode == IRP_MJ_WRITE)

src/Driver/VolumeFilter.c

@@ -125,21 +125,10 @@ static NTSTATUS OnStartDeviceCompleted (PDEVICE_OBJECT filterDeviceObject, PIRP
 	return STATUS_CONTINUE_COMPLETION;
 }
 
-
-static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp)
+static BOOL IsSystemVolumePartition (VolumeFilterExtension *Extension)
 {
-	NTSTATUS status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp);
-	if (!NT_SUCCESS (status))
-		return TCCompleteIrp (Irp, status, 0);
-
-	if (IsHiddenSystemRunning())
-	{
-		switch (irpSp->Parameters.DeviceIoControl.IoControlCode)
-		{
-		case IOCTL_DISK_IS_WRITABLE:
-			{
-				// All volumes except the system volume must be read-only
-
+	NTSTATUS status;
+	BOOL bRet = FALSE;
 	DriveFilterExtension *bootDriveExtension = GetBootDriveFilterExtension();
 	STORAGE_DEVICE_NUMBER storageDeviceNumber;
 
@@ -154,11 +143,33 @@ static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFi
 		status = SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &partition, sizeof (partition));
 
 		if (NT_SUCCESS (status) && partition.StartingOffset.QuadPart == bootDriveExtension->ConfiguredEncryptedAreaStart)
+		{
+			bRet = TRUE;
+		}
+	}
+
+	return bRet;
+}
+
+
+static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFilterExtension *Extension, PIO_STACK_LOCATION irpSp)
+{
+	NTSTATUS status = IoAcquireRemoveLock (&Extension->Queue.RemoveLock, Irp);
+	if (!NT_SUCCESS (status))
+		return TCCompleteIrp (Irp, status, 0);
+
+	if (IsHiddenSystemRunning())
+	{
+		switch (irpSp->Parameters.DeviceIoControl.IoControlCode)
+		{
+		case IOCTL_DISK_IS_WRITABLE:
+			{
+				// All volumes except the system volume must be read-only
+				if (IsSystemVolumePartition(Extension))
 				{
 					IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
 					return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0);
 				}
-				}
 
 				IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
 
@@ -194,6 +205,15 @@ static NTSTATUS DispatchControl (PDEVICE_OBJECT DeviceObject, PIRP Irp, VolumeFi
 
 			IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
 			return TCCompleteDiskIrp (Irp, STATUS_SUCCESS, 0);
+
+		case IOCTL_DISK_GROW_PARTITION:
+			if (IsSystemVolumePartition(Extension))
+			{
+				Dump ("VolumeFilter-DispatchControl: IOCTL_DISK_GROW_PARTITION blocked\n");
+				IoReleaseRemoveLock (&Extension->Queue.RemoveLock, Irp);
+				return TCCompleteDiskIrp (Irp, STATUS_UNSUCCESSFUL, 0);
+			}
+			break;
 		}
 	}