Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2026-06-09 22:36:59 -05:00
Code Activity

Linux: refine in-kernel NTFS driver selection

Browse Source 
Keep the NTFS kernel-driver option as a generic in-kernel NTFS path rather than an ntfs3-specific path. Add --filesystem=kernel-ntfs and -m kernelntfs routes that select a registered or loadable kernel NTFS driver and mount with -i so mount.ntfs/ntfs-3g helpers are not invoked.

Preserve --filesystem=ntfs3 as a literal pin to the ntfs3 driver. Treat both ntfs3 and kernel-ntfs as mount-only selectors; volume creation continues to use filesystem type NTFS.

The preference and -m kernelntfs path only select an in-kernel NTFS driver when no explicit filesystem type was supplied and blkid detects NTFS.

Treat ntfs as the preferred in-kernel driver on Linux 7.1 and later, where the upstream read/write driver is expected. On earlier kernels, select ntfs only when module metadata identifies the standalone read/write driver and /sys/module confirms it loaded, avoiding ntfs3 read-only ntfs compatibility registrations. Fall back to ntfs3 otherwise, and report a generic kernel-driver error if neither supported driver is available or loadable.

Rename the internal preference/config field to MountNtfsWithKernelDriver, migrate the old MountNtfsWithNtfs3 preference key, and update UI strings, CLI help, documentation, release notes, and translation placeholders accordingly.

Reference: https://github.com/veracrypt/VeraCrypt/issues/1735
This commit is contained in:
Mounir IDRASSI
2026-05-17 18:33:36 +09:00
parent 9535e65bd8
commit 6bef9e009c
66 changed files with 447 additions and 147 deletions
Download Patch File Download Diff File Expand all files Collapse all files
doc/html/en/Mounting VeraCrypt Volumes.html
+1 -1
View File
@@ -53,7 +53,7 @@ Volumes</em> menu.<br>
Default mount options can be configured in the main program preferences (<em>Settings -&gt; Preferences).</em></p>
<h4>Filesystem mount options under Linux</h4>
<p>Under Linux, the <em>Mount Options</em> dialog also contains a <em>Mount options</em> field for filesystem mount options. The value entered there is passed to the system <code>mount</code> command with <code>-o</code> when the filesystem inside the VeraCrypt volume is mounted. For example, entering <code>noatime</code> prevents Linux from updating inode access times on filesystems that support this option, reducing metadata writes caused only by file access. Multiple options can be specified as a comma-separated list, for example <code>noatime,nosuid,nodev</code>. Unsupported options are handled by the operating system and may cause mounting to fail.</p>
<p>The Linux preference <em>Mount NTFS volumes with the Linux kernel ntfs3 driver</em> is disabled by default. When enabled, VeraCrypt probes the decrypted virtual device with <code>blkid -p</code> and mounts detected NTFS filesystems with the in-kernel <code>ntfs3</code> driver instead of the default NTFS backend. If NTFS detection fails, VeraCrypt uses the normal automatic filesystem selection. If <code>ntfs3</code> is unavailable or blocked by the Linux distribution, mounting may fail. This opt-in option can help on systems where suspend or hibernation can hang if user-space FUSE filesystems such as <code>ntfs-3g</code>/<code>fuseblk</code> are frozen while the kernel is syncing filesystems. The actual mounted filesystem type can be checked with <code>findmnt</code>.</p>
<p>The Linux preference <em>Mount NTFS volumes with an in-kernel Linux driver</em> is disabled by default. When enabled and no explicit filesystem type was supplied, VeraCrypt probes the decrypted virtual device with <code>blkid -p</code> and mounts detected NTFS filesystems with an available in-kernel NTFS driver instead of the default NTFS backend. VeraCrypt uses <code>ntfs</code> when it is positively identified as a modern read/write driver or expected on Linux 7.1 or later, and otherwise uses <code>ntfs3</code>. Mount helpers such as <code>mount.ntfs</code> and <code>ntfs-3g</code> are bypassed. If NTFS detection fails, VeraCrypt uses the normal automatic filesystem selection. If no supported in-kernel NTFS driver is available or loadable, mounting fails. On the command line, <code>--filesystem=ntfs3</code> pins the in-kernel ntfs3 driver, <code>--filesystem=kernel-ntfs</code> forces VeraCrypt's kernel-driver selection for an NTFS mount, and <code>-m kernelntfs</code> enables the detected-NTFS selection for the current mount. The <code>ntfs3</code> and <code>kernel-ntfs</code> filesystem selectors are mount-only; use <code>NTFS</code> when creating a new NTFS volume. This opt-in option can help on systems where suspend or hibernation can hang if user-space FUSE filesystems such as <code>ntfs-3g</code>/<code>fuseblk</code> are frozen while the kernel is syncing filesystems. The actual mounted filesystem type can be checked with <code>findmnt</code>.</p>
<p>The command line equivalent is <code>veracrypt --fs-options=noatime &lt;volume&gt; &lt;mountpoint&gt;</code>.</p>
<h4>Mount volume as read-only</h4>
<p>When checked, it will not be possible to write any data to the mounted volume.</p>