How is TrueCrypt in-place system drive encryption implemented?

Question

TrueCrypt supports encrypting a system partition while operating system is running.

From the docs:

Note that TrueCrypt can encrypt an existing unencrypted system partition/drive in-place while the operating system is running (while the system is being encrypted, you can use your computer as usual without any restrictions). Likewise, a TrueCrypt-encrypted system partition/drive can be decrypted in-place while the operating system is running. You can interrupt the process of encryption or decryption anytime, leave the partition/drive partially unencrypted, restart or shut down the computer, and then resume the process, which will continue from the point it was stopped.

The question is :

How is it implemented? How does TrueCrypt keep one part of the partition encrypted and the other non-encrypted? And how does it provide access to both parts while constantly encrypting the unencrypted one? What happens if the systems tries to access the data (or even write it) which is being encrypted at the moment (transferred from non-encrypted section of the partition into encrypted)?

Answer 1

TrueCrypt intercepts every read and write operation. If the operation is to the part of the disk that is not encrypted, the operation is done without encryption. If the operation is to the part of the disk that is encrypted, the operation is done with encryption. Meanwhile the unencrypted portion is shrinking while the encrypted portion is expanding until the entire disk is encrypted.

The only quirk is handling an operation to a block that's in the process of being encrypted. In the unlikely event that happens, TrueCrypt simply delays the operation to the block until it is encrypted and then the operation proceeds as normal to an encrypted block.