Inexperienced users should use the graphical user interface to create a hidden volume. When using the text user interface, the following procedure must be followed:
-- Create an outer volume with no filesystem.
+- Create an outer volume with no filesystem and without --quick.
- Create a hidden volume within the outer volume.
- Mount the outer volume using hidden volume protection.
- Create a filesystem on the virtual device of the outer volume.
diff --git a/doc/html/en/Creating New Volumes.html b/doc/html/en/Creating New Volumes.html
index e0be2139..93735f0d 100644
--- a/doc/html/en/Creating New Volumes.html
+++ b/doc/html/en/Creating New Volumes.html
@@ -56,10 +56,11 @@ Note that the output of a hash function is never used directly as an en
This allows you to select the encryption algorithm with which your new volume will be encrypted. Note that the encryption algorithm cannot be changed after the volume is created. For more information, please see the chapter
Encryption Algorithms.
+If you are not sure whether to enable or disable Quick Format, we recommend that you leave this option unchecked.
If unchecked, each sector of the new volume will be formatted. This means that the new volume will be
entirely filled with random data. Quick format is much faster but may be less secure because until the whole volume has been filled with files, it may be possible to tell how much data it contains (if the space was not filled with random data beforehand).
- If you are not sure whether to enable or disable Quick Format, we recommend that you leave this option unchecked. Note that Quick Format can only be enabled when encrypting partitions/devices, except on Windows where it is also available when creating file containers.
-Important: When encrypting a partition/device within which you intend to create a hidden volume afterwards, leave this option unchecked.
+ For file containers, the host filesystem may create sparse or unwritten regions, which can reveal unused areas and reduce plausible deniability. Host allocation behavior depends on filesystem sparse-file support. On filesystems without sparse-file support, creating the container may allocate most or all of its space immediately or fail if there is not enough host space. The encrypted filesystem may also report more free space than the host filesystem can actually provide. If host space runs out, later writes may fail or corrupt the encrypted filesystem. Quick Format is available for normal file containers and when encrypting partitions/devices.
+Important: When creating an outer volume within which you intend to create a hidden volume afterwards, do not use Quick Format.
Dynamic
Dynamic VeraCrypt container is a pre-allocated NTFS sparse file whose physical size (actual disk space used) grows as new data is added to it. Note that the physical size of the container (actual disk space that the container uses) will not decrease when
files are deleted on the VeraCrypt volume. The physical size of the container can only
diff --git a/doc/html/en/Release Notes.html b/doc/html/en/Release Notes.html
index c6c2ff19..36f3a478 100644
--- a/doc/html/en/Release Notes.html
+++ b/doc/html/en/Release Notes.html
@@ -48,6 +48,11 @@
- Translator note: the previous Linux ntfs3 preference strings were replaced by generic in-kernel NTFS driver strings and should be retranslated.
+- Linux and macOS:
+
+ - Enable Quick Format for normal file containers. The container is sized with
ftruncate(), so the host filesystem may keep regions unwritten or sparse until data is written to them.
+
+
1.26.27 (September 20th, 2025):
diff --git a/src/Core/VolumeCreator.cpp b/src/Core/VolumeCreator.cpp
index 895b4485..e9bf92e6 100644
--- a/src/Core/VolumeCreator.cpp
+++ b/src/Core/VolumeCreator.cpp
@@ -253,7 +253,17 @@ namespace VeraCrypt
(options->Path.IsDevice() || options->Type == VolumeType::Hidden) ? File::OpenReadWrite : File::CreateReadWrite,
File::ShareNone);
- HostSize = VolumeFile->Length();
+ if (!options->Path.IsDevice() && options->Type == VolumeType::Normal)
+ {
+ HostSize = options->Size;
+
+ if (options->Quick)
+ VolumeFile->SetLength (options->Size);
+ }
+ else
+ {
+ HostSize = VolumeFile->Length();
+ }
}
try
diff --git a/src/Main/Forms/VolumeCreationWizard.cpp b/src/Main/Forms/VolumeCreationWizard.cpp
index 0e975705..5b010f79 100644
--- a/src/Main/Forms/VolumeCreationWizard.cpp
+++ b/src/Main/Forms/VolumeCreationWizard.cpp
@@ -391,6 +391,7 @@ namespace VeraCrypt
DisplayKeyInfo (false),
LargeFilesSupport (false),
QuickFormatEnabled (false),
+ QuickFormatEnabledByWizard (false),
SelectedFilesystemClusterSize (0),
SelectedFilesystemType (VolumeCreationOptions::FilesystemType::FAT),
SelectedVolumeHostType (VolumeHostType::File),
@@ -446,6 +447,7 @@ namespace VeraCrypt
OuterVolume = false;
LargeFilesSupport = false;
QuickFormatEnabled = false;
+ QuickFormatEnabledByWizard = false;
Pim = 0;
SingleChoiceWizardPage *page = new SingleChoiceWizardPage (GetPageParent(), wxEmptyString, true);
@@ -595,15 +597,29 @@ namespace VeraCrypt
{
shared_ptr layout ((OuterVolume || SelectedVolumeType != VolumeType::Hidden)? (VolumeLayout*) new VolumeLayoutV2Normal() : (VolumeLayout*) new VolumeLayoutV2Hidden());
uint64 filesystemSize = layout->GetMaxDataSize (VolumeSize);
+ bool hiddenVolumeItself = !OuterVolume && SelectedVolumeType == VolumeType::Hidden;
+ bool normalFileContainer = !OuterVolume && SelectedVolumeType == VolumeType::Normal && SelectedVolumeHostType == VolumeHostType::File;
+ bool existingDeviceSupportedCase = SelectedVolumePath.IsDevice() && !hiddenVolumeItself;
+ bool quickFormatSupported = existingDeviceSupportedCase || normalFileContainer;
VolumeFormatOptionsWizardPage *page = new VolumeFormatOptionsWizardPage (GetPageParent(), filesystemSize, SectorSize,
- SelectedVolumePath.IsDevice() && (OuterVolume || SelectedVolumeType != VolumeType::Hidden), OuterVolume, LargeFilesSupport);
+ quickFormatSupported, OuterVolume, LargeFilesSupport);
page->SetPageTitle (LangString["FORMAT_TITLE"]);
page->SetFilesystemType (SelectedFilesystemType);
- if (!OuterVolume && SelectedVolumeType == VolumeType::Hidden)
+ if (hiddenVolumeItself)
+ {
QuickFormatEnabled = true;
+ QuickFormatEnabledByWizard = true;
+ }
+ else
+ {
+ if (!quickFormatSupported || QuickFormatEnabledByWizard)
+ QuickFormatEnabled = false;
+
+ QuickFormatEnabledByWizard = false;
+ }
page->SetQuickFormat (QuickFormatEnabled);
return page;
@@ -1332,6 +1348,7 @@ namespace VeraCrypt
SelectedFilesystemType = page->GetFilesystemType();
QuickFormatEnabled = page->IsQuickFormatEnabled();
+ QuickFormatEnabledByWizard = !OuterVolume && SelectedVolumeType == VolumeType::Hidden;
if (SelectedFilesystemType != VolumeCreationOptions::FilesystemType::None
&& SelectedFilesystemType != VolumeCreationOptions::FilesystemType::FAT)
diff --git a/src/Main/Forms/VolumeCreationWizard.h b/src/Main/Forms/VolumeCreationWizard.h
index 1f52f41f..b671909a 100644
--- a/src/Main/Forms/VolumeCreationWizard.h
+++ b/src/Main/Forms/VolumeCreationWizard.h
@@ -76,6 +76,7 @@ namespace VeraCrypt
shared_ptr MountedOuterVolume;
bool OuterVolume;
bool QuickFormatEnabled;
+ bool QuickFormatEnabledByWizard;
shared_ptr SelectedEncryptionAlgorithm;
uint32 SelectedFilesystemClusterSize;
VolumeCreationOptions::FilesystemType::Enum SelectedFilesystemType;
diff --git a/src/Main/TextUserInterface.cpp b/src/Main/TextUserInterface.cpp
index 4b563a28..defefafc 100644
--- a/src/Main/TextUserInterface.cpp
+++ b/src/Main/TextUserInterface.cpp
@@ -766,8 +766,6 @@ namespace VeraCrypt
}
}
- options->Quick = false;
-
uint32 sectorSizeRem = options->Size % options->SectorSize;
if (sectorSizeRem != 0)
options->Size += options->SectorSize - sectorSizeRem;
@@ -964,6 +962,18 @@ namespace VeraCrypt
throw_err (_("Specified volume size is too small to be used with Btrfs filesystem."));
}
+ if (options->Quick && options->Type == VolumeType::Normal)
+ {
+ if (Preferences.NonInteractive)
+ {
+ ShowWarning (_("Quick Format is enabled. Do not use --quick for an outer volume intended to contain a hidden volume. It skips writing random data to unused volume space, reducing plausible deniability. For file containers, actual disk savings depend on host filesystem sparse-file support, and later writes can fail if host space runs out."));
+ }
+ else if (!AskYesNo (LangString["WARN_QUICK_FORMAT"], false, true))
+ {
+ throw UserAbort (SRC_POS);
+ }
+ }
+
// Password
if (!options->Password && !Preferences.NonInteractive)
{
diff --git a/src/Main/UserInterface.cpp b/src/Main/UserInterface.cpp
index b563bf1d..5ad5ff8a 100644
--- a/src/Main/UserInterface.cpp
+++ b/src/Main/UserInterface.cpp
@@ -1219,7 +1219,7 @@ const FileManager fileManagers[] = {
" Inexperienced users should use the graphical user interface to create a hidden\n"
" volume. When using the text user interface, the following procedure must be\n"
" followed to create a hidden volume:\n"
- " 1) Create an outer volume with no filesystem.\n"
+ " 1) Create an outer volume with no filesystem and without --quick.\n"
" 2) Create a hidden volume within the outer volume.\n"
" 3) Mount the outer volume using hidden volume protection.\n"
" 4) Create a filesystem on the virtual device of the outer volume.\n"
@@ -1428,8 +1428,12 @@ const FileManager fileManagers[] = {
" See also options -p and --protect-hidden.\n"
"\n"
"--quick\n"
- " Do not encrypt free space when creating a device-hosted volume. This option\n"
- " must not be used when creating an outer volume.\n"
+ " Do not encrypt free space when creating a normal file-hosted or\n"
+ " device-hosted volume. This option must not be used when creating an outer\n"
+ " volume; text mode cannot infer that a normal volume will later be\n"
+ " used as an outer volume. For file containers, Quick Format may create sparse\n"
+ " or unwritten host regions; actual disk savings depend on host filesystem\n"
+ " sparse-file support, and later writes can fail if host space runs out.\n"
"\n"
"--random-source=FILE\n"
" Use FILE as a source of random data (e.g., when creating a volume) instead\n"
diff --git a/src/Platform/File.h b/src/Platform/File.h
index f91bad8d..77992f8c 100644
--- a/src/Platform/File.h
+++ b/src/Platform/File.h
@@ -87,6 +87,7 @@ namespace VeraCrypt
uint64 ReadAt (const BufferPtr &buffer, uint64 position) const;
void SeekAt (uint64 position) const;
void SeekEnd (int ofset) const;
+ void SetLength (uint64 length) const;
void Write (const ConstBufferPtr &buffer) const;
void Write (const ConstBufferPtr &buffer, size_t length) const { Write (buffer.GetRange (0, length)); }
void WriteAt (const ConstBufferPtr &buffer, uint64 position) const;
diff --git a/src/Platform/Unix/File.cpp b/src/Platform/Unix/File.cpp
index fde99117..f8e62316 100644
--- a/src/Platform/Unix/File.cpp
+++ b/src/Platform/Unix/File.cpp
@@ -385,6 +385,12 @@ namespace VeraCrypt
throw_sys_sub_if (lseek (FileHandle, offset, SEEK_END) == -1, wstring (Path));
}
+ void File::SetLength (uint64 length) const
+ {
+ if_debug (ValidateState());
+ throw_sys_sub_if (ftruncate (FileHandle, length) == -1, wstring (Path));
+ }
+
void File::Write (const ConstBufferPtr &buffer) const
{
if_debug (ValidateState());