From d5ef46ef74cc2aa1c21deda2bfa64836b8714679 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Fri, 9 Jun 2023 22:37:53 +0200 Subject: Documentation: Document difference between normal dismount and force dismount --- doc/html/Documentation.html | 1 + doc/html/Normal Dismount vs Force Dismount.html | 77 +++++++++++++++++++++++++ 2 files changed, 78 insertions(+) create mode 100644 doc/html/Normal Dismount vs Force Dismount.html (limited to 'doc') diff --git a/doc/html/Documentation.html b/doc/html/Documentation.html index 87afdbb1..f6a46629 100644 --- a/doc/html/Documentation.html +++ b/doc/html/Documentation.html @@ -59,6 +59,7 @@
  • Program Menu
  • Mounting Volumes
  • +
  • Normal Dismount vs Force Dismount
  • Parallelization
  • Pipelining
  • Hardware acceleration diff --git a/doc/html/Normal Dismount vs Force Dismount.html b/doc/html/Normal Dismount vs Force Dismount.html new file mode 100644 index 00000000..4ebd52c8 --- /dev/null +++ b/doc/html/Normal Dismount vs Force Dismount.html @@ -0,0 +1,77 @@ + + + + +VeraCrypt - Free Open source disk encryption with strong security for the Paranoid + + + + + + +
    +VeraCrypt +
    + + + +
    +

    +Documentation +>> +Normal Dismount vs Force Dismount +

    + +
    +

    Normal Dismount vs Force Dismount

    +

    Understanding the distinction between "Normal Dismount" and "Force Dismount" operation is important due to the potential impact on user data.

    + +

    Normal Dismount Process

    + +

    During a normal dismount process, VeraCrypt performs the following steps:

    + +
      +
    1. Requests the Windows operating system to lock the volume, prohibiting further I/O operations.
    2. +
    3. Requests Windows to gracefully eject the volume from the system. This step is analogous to user-initiated device ejection via the system tray.
    4. +
    5. Instructs the Windows Mount Manager to unmount the volume.
    6. +
    7. Deletes the link between the drive letter and the volume's virtual device.
    8. +
    9. Deletes the volume's virtual device, which includes erasing the encryption keys from RAM.
    10. +
    + +

    In this flow, steps 1 and 2 may fail if there are open files on the volume. Notably, even if all user applications accessing files on the volume are closed, Windows might still keep the files open until the I/O cache is completely flushed.

    + +

    Force Dismount Process

    + +

    The Force Dismount process is distinct but largely similar to the Normal Dismount. It essentially follows the same steps but disregards any failures that might occur during steps 1 and 2, and carries on with the rest of the procedure. However, if there are files open by the user or if the volume I/O cache has not yet been flushed, this could result in potential data loss. This situation parallels forcibly removing a USB device from your computer while Windows is still indicating its active usage.

    + +

    Provided all applications using files on the mounted volume have been successfully closed and the I/O cache is fully flushed, neither data loss nor data/filesystem corruption should occur when executing a 'force dismount'. As in a normal dismount, the encryption keys are erased from RAM upon successful completion of a 'Force Dismount'.

    + +

    How to Trigger Force Dismount

    + +

    There are three approaches to trigger a force dismount in VeraCrypt:

    + +
      +
    1. Through the popup window that appears if a normal dismount attempt is unsuccessful.
    2. +
    3. Via Preferences, by checking the "force auto-dismount" option in the "Auto-Dismount" section.
    4. +
    5. Using the command line, by incorporating the /force or /f switch along with the /d or /dismount switch.
    6. +
    + +

    In order to avoid inadvertent data loss or corruption, always ensure to follow suitable precautions when dismounting a VeraCrypt volume. This includes

    +
      +
    1. Ensuring all files on the volume are closed before initiating a dismount.
    2. +
    3. Allowing some time after closing all files to ensure Windows has completely flushed the I/O cache.
    4. +
    5. Take note that some antivirus software may keep file handles open on the volume after performing a scan, hindering a successful Normal Dismount. If you experience this issue, you might consider excluding the VeraCrypt volume from your antivirus scans. Alternatively, consult with your antivirus software provider to understand how their product interacts with VeraCrypt volumes and how to ensure it doesn't retain open file handles.
    6. +
    + + +
    -- cgit v1.2.3