Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2026-06-19 02:56:07 -05:00
Code Activity

macOS: stabilize FUSE-T SMB mount metadata

Browse Source 
Make /aux-device-info readable for SMB, verify that FUSE records hdiutil device info after mount and recover missing virtual devices from hdiutil before dismounting auxiliary mounts.
This commit is contained in:
Mounir IDRASSI
2026-04-22 09:27:16 +02:00
committed by Mounir IDRASSI
parent 4271b8e6f5
commit deb7f55bfb
4 changed files with 273 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Core/Unix/CoreUnix.cpp
+22 -13
View File
@@ -350,7 +350,7 @@ namespace VeraCrypt
// The list is already filtered to VeraCrypt auxiliary mounts; in
// FUSE-T builds, the mount table device name varies by backend.
#ifdef VC_MACOSX_FUSET
int controlFileRetries = 10; // 10 retries with 500ms sleep each, total 5 seconds
int controlFileRetries = volumePath.IsEmpty() ? 1 : 10; // Up to 10 attempts with 500ms sleeps for specific volume lookups
string controlFileError;
while (!mountedVol && (controlFileRetries-- > 0))
#endif
@@ -372,9 +372,12 @@ namespace VeraCrypt
{
#ifdef VC_MACOSX_FUSET
controlFileError = StringConverter::ToSingle (StringConverter::ToExceptionString (e));
// FUSE-T's SMB backend can briefly expose the auxiliary mount
// before the control file is readable and deserializable.
Thread::Sleep (500);
if (controlFileRetries > 0)
{
// FUSE-T's SMB backend can briefly expose the auxiliary mount
// before the control file is readable and deserializable.
Thread::Sleep (500);
}
#else
(void) e;
#endif
@@ -383,9 +386,12 @@ namespace VeraCrypt
catch (...)
{
controlFileError = "unknown exception";
// FUSE-T's SMB backend can briefly expose the auxiliary mount
// before the control file is readable and deserializable.
Thread::Sleep (500);
if (controlFileRetries > 0)
{
// FUSE-T's SMB backend can briefly expose the auxiliary mount
// before the control file is readable and deserializable.
Thread::Sleep (500);
}
}
#endif
}
@@ -393,12 +399,15 @@ namespace VeraCrypt
if (!mountedVol)
{
#ifdef VC_MACOSX_FUSET
stringstream logMessage;
logMessage << "Failed to read VeraCrypt auxiliary mount control file after retries: "
<< string (mf.MountPoint) << FuseService::GetControlPath();
if (!controlFileError.empty())
logMessage << ": " << controlFileError;
SystemLog::WriteError (logMessage.str());
if (!volumePath.IsEmpty())
{
stringstream logMessage;
logMessage << "Failed to read VeraCrypt auxiliary mount control file after retries: "
<< string (mf.MountPoint) << FuseService::GetControlPath();
if (!controlFileError.empty())
logMessage << ": " << controlFileError;
SystemLog::WriteError (logMessage.str());
}
#endif
continue; // Skip to the next mounted filesystem
}
src/Core/Unix/MacOSX/CoreMacOSX.cpp
+183 -1
View File
@@ -23,9 +23,170 @@
#include "CoreMacOSX.h"
#include "Driver/Fuse/FuseService.h"
#include "Core/Unix/CoreServiceProxy.h"
#include "Platform/FileStream.h"
#include "Platform/MemoryStream.h"
#include "Platform/Serializable.h"
#include "Platform/SystemLog.h"
namespace VeraCrypt
{
static string DecodePlistXmlString (const string &xmlString)
{
string decoded;
for (size_t i = 0; i < xmlString.size(); ++i)
{
if (xmlString[i] != '&')
{
decoded += xmlString[i];
continue;
}
if (xmlString.compare (i, 5, "&amp;") == 0)
{
decoded += '&';
i += 4;
}
else if (xmlString.compare (i, 4, "&lt;") == 0)
{
decoded += '<';
i += 3;
}
else if (xmlString.compare (i, 4, "&gt;") == 0)
{
decoded += '>';
i += 3;
}
else if (xmlString.compare (i, 6, "&quot;") == 0)
{
decoded += '"';
i += 5;
}
else if (xmlString.compare (i, 6, "&apos;") == 0)
{
decoded += '\'';
i += 5;
}
else
decoded += xmlString[i];
}
return decoded;
}
static bool ExtractPlistString (const string &xml, const string &key, size_t start, size_t limit, string &value, size_t *endPos = nullptr)
{
string keyTag = "<key>" + key + "</key>";
size_t p = xml.find (keyTag, start);
if (p == string::npos || p >= limit)
return false;
p = xml.find ("<string>", p + keyTag.size());
if (p == string::npos || p >= limit)
return false;
p += 8;
size_t e = xml.find ("</string>", p);
if (e == string::npos || e > limit)
return false;
value = DecodePlistXmlString (xml.substr (p, e - p));
if (endPos)
*endPos = e + 9;
return true;
}
static string NormalizeDiskImagePath (const string &path)
{
string normalized;
bool previousSlash = false;
for (string::const_iterator i = path.begin(); i != path.end(); ++i)
{
if (*i == '/')
{
if (previousSlash)
continue;
previousSlash = true;
}
else
previousSlash = false;
normalized += *i;
}
if (normalized.find ("/private/var/") == 0)
normalized.erase (0, 8);
return normalized;
}
static DevicePath FindVirtualDeviceByImagePath (const string &imagePath)
{
list <string> args;
args.push_back ("info");
args.push_back ("-plist");
string xml = Process::Execute ("/usr/bin/hdiutil", args);
string normalizedImagePath = NormalizeDiskImagePath (imagePath);
for (size_t p = 0; ; )
{
size_t imageKeyPos = xml.find ("<key>image-path</key>", p);
if (imageKeyPos == string::npos)
break;
string currentImagePath;
size_t imageValueEnd = 0;
if (!ExtractPlistString (xml, "image-path", imageKeyPos, string::npos, currentImagePath, &imageValueEnd))
{
p = imageKeyPos + 1;
continue;
}
size_t nextImageKeyPos = xml.find ("<key>image-path</key>", imageValueEnd);
if (NormalizeDiskImagePath (currentImagePath) == normalizedImagePath)
{
string devEntry;
if (ExtractPlistString (xml, "dev-entry", imageValueEnd, nextImageKeyPos, devEntry))
return StringConverter::Trim (devEntry);
}
p = imageValueEnd;
}
return DevicePath();
}
static bool AuxiliaryControlFileHasVirtualDevice (const DirectoryPath &auxMountPoint, const DevicePath &virtualDev)
{
for (int t = 0; t < 50; ++t)
{
try
{
shared_ptr <File> controlFile (new File);
controlFile->Open (string (auxMountPoint) + FuseService::GetControlPath());
FileStream controlFileReader (controlFile);
string controlFileData = controlFileReader.ReadToEnd();
if (controlFileData.empty() || controlFileData.size() > 1024 * 1024)
throw ParameterIncorrect (SRC_POS);
shared_ptr <Stream> controlFileStream (new MemoryStream (ConstBufferPtr ((const uint8 *) controlFileData.data(), controlFileData.size())));
shared_ptr <VolumeInfo> mountedVol = Serializable::DeserializeNew <VolumeInfo> (controlFileStream);
if (mountedVol && string (mountedVol->VirtualDevice) == string (virtualDev))
return true;
}
catch (...) { }
Thread::Sleep (100);
}
return false;
}
CoreMacOSX::CoreMacOSX ()
{
}
@@ -36,6 +197,17 @@ namespace VeraCrypt
shared_ptr <VolumeInfo> CoreMacOSX::DismountVolume (shared_ptr <VolumeInfo> mountedVolume, bool ignoreOpenFiles, bool syncVolumeInfo)
{
if (mountedVolume->VirtualDevice.IsEmpty() && !mountedVolume->AuxMountPoint.IsEmpty())
{
try
{
DevicePath recoveredVirtualDevice = FindVirtualDeviceByImagePath (string (mountedVolume->AuxMountPoint) + FuseService::GetVolumeImagePath());
if (!recoveredVirtualDevice.IsEmpty())
mountedVolume->VirtualDevice = recoveredVirtualDevice;
}
catch (...) { }
}
if (!mountedVolume->VirtualDevice.IsEmpty() && mountedVolume->VirtualDevice.IsBlockDevice())
{
list <string> args;
@@ -223,6 +395,16 @@ namespace VeraCrypt
try
{
FuseService::SendAuxDeviceInfo (auxMountPoint, virtualDev);
if (!AuxiliaryControlFileHasVirtualDevice (auxMountPoint, virtualDev))
{
stringstream logMessage;
logMessage << "VeraCrypt auxiliary mount did not report hdiutil device after mount: "
<< string (auxMountPoint) << FuseService::GetControlPath()
<< ", expected " << string (virtualDev);
SystemLog::WriteError (logMessage.str());
throw TimeOut (SRC_POS);
}
}
catch (...)
{
@@ -230,7 +412,7 @@ namespace VeraCrypt
{
list <string> args;
args.push_back ("detach");
args.push_back (volImage);
args.push_back (virtualDev);
args.push_back ("-force");
Process::Execute ("/usr/bin/hdiutil", args);