Menu

automatic resizing of recovery partition can destroy encrypted systems

Technical Topics
petitlou60
2019-10-02
2019-10-10

  • petitlou60

    petitlou60 - 2019-10-02

    Hello Mounir,
    When Windows update or upgrade need more space to store recovery files in recovery partition
    the following occurs systematicaly on encrypted systems:
    1) the exsiting recovery partition become orphaned
    2) C partition is shinked and a new recovery partition is builded in freed space
    But now Veracrypt volume header which contains informations about partition size become wrong
    may be now data can be writed inside place used by new recovery partition ?????

    To avoid this risk for me we need to do the following:
    1) move recovery partition data to C:
    2) destroy orphaned recovery partition and if needed new created recovery partition
    3) decrypt system
    4) resize c to reuse space
    5) encrypt system

    step 1:
    unmout all vearacrypt volumes (excepted system) (any mounted volume lock reagentc command)
    start cmd command line windows in administrative mode
    rem we suppose c is partion 3 recovery partition 4
    diskpart
    sel dis 0
    sel par 4
    ass letter=r
    sel par 3
    det par (with Ctrl-C copy offset value)
    exit
    r:
    cd r:\Recovery
    xcopy /s /h * C:\Recovery
    c:
    cd c:\Recovery\WindowsRE
    rem change offset value by Ctrl-v
    notepad reagent.xml
    cd c:\Windows\System32\Recovery
    rem change offset value by Ctrl-v
    notepad reagent.xml
    reagentc /disable
    reagentc /setreimage /path C:\Recovery\WindowsRE /target C:\Windows
    reagentc /enable
    diskpart
    sel dis 0
    sel par 4
    del par override
    exit
    exit
    now decrypt system then reboot
    start cmd in administrative mode
    diskpart
    sel dis 0
    sel par 3
    extend
    exit
    exit
    now re encrypt system
    notepad C:\Users\Default\AppData\Local\Microsoft\Windows\WSUS\setupconfig.ini
    add line
    ResizeRecoveryPartition disable

    remarks
    this line is usefull at upgrade time, but i am not sure that is used by normal windows update
    so if windows update shrink c and create recovery partition
    follow the preceeding procedure but no need of decrypt, resize, encrypt step
    simply resize C at this initial size , so volume header is now good.

    Best regards

     

    Last edit: petitlou60 2019-10-07

  • Mounir IDRASSI

    Mounir IDRASSI - 2019-10-08

    Thank you for reporing this issue. I will have a look on how to block Windows from resizing the system partition or make it compatible with it. Otherwise, the quickest way would be to change SetupConfig.inias you suggected by adding ResizeRecoveryPartition disable since we already use this file when Windows is encrypted by VeraCrypt.

     

  • petitlou60

    petitlou60 - 2019-10-10

    Hello Mounir,
    I have find that option : ResizeRecoveryPartition disable works, resizing is locked
    but also lock update of winre.wim file in \Recovery\WindowsRE.
    it is not a big issue because recovery process is unusable with crypted system (repair loop).
    Best regards

     

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.