GNOME Bugzilla – Bug 795127
Displayed Name is incorrect for bitlocker encrypted partitions
Last modified: 2018-08-22 16:33:13 UTC
Created attachment 370729 [details] Gparted with bitlocker device gparted displays a name which is not correct. The partition is named MYDATA once you mount it with Windows 10. gparted displays it as "Ba". blkid does not show the disk nor the encryted volume (which are sdc and sdc1 respectively). They don't appear in the output. Only /dev/loop* and /dev/nvme0n1p* parted -l for the usb drive: Model: TOSHIBA External USB 3.0 (scsi) Disk /dev/sdc: 3001GB Sector size (logical/physical): 512B/4096B Partition Table: gpt Disk Flags: Number Start End Size File system Name Flags 1 135MB 3001GB 3000GB Ba msftdata NOTE: you can't know the volume label (Name) unless you enter the password/passphrase to unlock it. Check here how drive F: displays its label LEXAR once it's unlocked: https://gravitypayments.com/highlights/enable-bitlocker-windows-10/ NOTE 2: probably blkid doesn't support bitlocker drives.
As can be seen in your parted output, the GPT name of partition 1 is set to "Ba". This is what GParted is showing in the Name column of your screenshot. Description of GPT partition entry format, including partition name https://en.wikipedia.org/wiki/GUID_Partition_Table#Partition_entries_(LBA_2-33) You could use GParted to change the GPT partition if you want. GParted only detects BitLocker encrypted partitions and, as you suspect, it can't unlock them to access the volume label of the encrypted file system. Unless there is anything else, I will be closing this bug as NOTABUG.
The problem is, there is no name for a bitlocker locked partition, while gparted shows "Ba" which has been randomly read from somewhere. Of course it's not gparted fault since it's read from parted. I repeat, while the partition is locked, no name should be shown, or inform about it in a different color, like (name is encrypted). Watch here how generic "Removable Disk" is changed to Lexar once it's unlocked. Instead of using a red color it informs you with a lock emoji which is great.: https://gravitypayments.com/highlights/enable-bitlocker-windows-10/
You appear to be mixing the concepts of partition table entry name and file system (volume) label together. GParted displays both when they are available. Order of the columns is like this: Partition | Name | File System | Mount Point | Label | Size ... /dev/sdc1 | Ba | bitlocker | /mnt/mydata | MYDATA | 129.00 MiB ... However as GParted can't open bitlocker encrypted data it can't access the file system (volume) label. Also GParted suppresses columns if they are empty, including: Name, Mount Point, Label. This is why you are getting what is displayed in your screen shot.
(In reply to Mike Fleetwood from comment #3) > You appear to be mixing the concepts of partition table entry name and > file system (volume) label together. GParted displays both when they > are available. Order of the columns is like this: > Partition | Name | File System | Mount Point | Label | Size ... > /dev/sdc1 | Ba | bitlocker | /mnt/mydata | MYDATA | 129.00 MiB ... > > However as GParted can't open bitlocker encrypted data it can't access > the file system (volume) label. Also GParted suppresses columns if they > are empty, including: Name, Mount Point, Label. This is why you are > getting what is displayed in your screen shot. Ok now I mounted the bitlocker partition as read-only and I can see the data inside with any file manager or with ls, however gparted still shows it as "Not mounted". dislocker-fuse -v -V /dev/sdc1 -umypass -- /mnt/disc1 mount -o loop,ro /mnt/disc1/dislocker-file /mnt/disc2 mnt [...] dislocker-fuse on /mnt/disc1 type fuse.dislocker-fuse (rw,nosuid,nodev,relatime,user_id=0,group_id=0) /mnt/disc1/dislocker-file on /mnt/disc2 type fuseblk (ro,relatime,user_id=0,group_id=0,allow_other,blksize=4096) It seems to me that you even didn't test it, otherwise you will instantly realize that gparted doesn't know when the bitlocker partition is mounted or not. Also, you should use udevadm instead of raw reading the block device I think... unless you have a good reason for it.
Created attachment 370817 [details] gparted bitlocker mounted but not detected
I think also that gparted should shown always all the columns, so the user knows that there may be data at some point.
GParted only supports detection of BitLocker, nothing else. This includes not being able to read the contents or detecting when there is an open mapping. https://gparted.org/features.php
What is an open mapping?
An open mapping provides decrypted access to encrypted data after entering a password.
Ok this is how you can see the two labels, for both the partition and the volume: sudo lsblk -o name,mountpoint,label,partlabel,size They will display in columns PARTLABEL and LABEL respectively for partition label and filesystem label. Of course, if the bitlocker partition is not unlocked to a volume, you will only see the PARTLABEL with lsblk. But, you can still read the volume label even with the bitlocker volume being locked, if you use these commands: sudo dislocker-find | xargs sudo dislocker-metadata -V You can read it manually, or ask lsblk to implement the feature by its own.
Bug reported to them: https://bugzilla.redhat.com/show_bug.cgi?id=1567498
Created attachment 372183 [details] [review] Recognise blkid identified BitLocker encrypted partitions (v1) Hi Curtis, Here's a patch so that GParted recognises blkid reported BitLocker partitions. Will be in the next release of util-linux, assume v2.33. Plus a few tidyups. Thanks, Mike
Created attachment 372184 [details] [review] Recognise blkid identified BitLocker encrypted partitions (v2) Patchset v2, this time with the correct URLs for the gtkmm NEWS file in one of the tidyup patches.
@l15842 Adding support for bitlocker encrypted file systems is not a priority for us. Take that as patches are needed.
Hi Curtis, Patch "Make get_custom_text() and get_generic_text() return by reference" is bad. It breaks replacement of Open Encryption / Close Encryption partition menu option, leaving it as "--toggle crype busy--" and producing this error message: (gpartedbin-broken:21522): Gtk-WARNING **: Invalid input string Remove that patch if you want to apply soon. I'll have a look at resolving this shortly. Mike
Hi Mike, No worries and no rush on my part. I will wait until you are comfortable with the patch set before I commit to master. Curtis
Created attachment 372345 [details] [review] Recognise blkid identified BitLocker encrypted partitions (v3) Hi Curtis, Here's patchset v3 which fixes the issue with "Make get_custom_text() and get_generic_text() return by reference" and adds another 2 tidyup patches. P2/6 "Make get_custom_text() and get_generic_text() return by reference" Was returning a reference to a local variable still in luks::get_custom_text(). Now fixed by making that variable static so references are valid after returning from the function. P5/6 "Move the xfs_db -r flag to the start when reading XFS usage" New patch. I was asking a question on the linux-xfs email list claiming that we ran xfs_db without the -r option and saying as such that it didn't work with mounted file systems. I completely missed the fact that we use the -r option when querying the file system usage. Hence the desire to want to make it more obvious that we do in fact use the -r option, therefore moving to the start. P6/6 "Rework scope of fat16:: and ntfs::Change_UUID_Warning vectors" New patch. Thanks, Mike
Hi Mike, This patch set looks good to me. There was only one minor typo in P6/6 that I'm not overly worried about: The Change_UUID_Warning vectors were fat16 and ntfs class member variables, but are only ever access in the get_custom_text() method. ^^^^^^ || accessed I checked for a bitlocker image at the following link: https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/tree/tests/ts/blkid/images-fs but was unable to find one for testing. Were you able to find and test with a bitlocker image? If one isn't available I'm okay with committing patch set v3 as it stands now. Thanks, Curtis
Hi Curtis, Here's an image of a bitlocker encrypted NTFS. (For 30 days only. Unfortunately it's ~12.2M but the bugzilla upload limit is ~3.5M). https://ufile.io/tt0sd By the way you will need to build a pre-release version of util-linux to get blkid to identify it. Or you could fake it for example with a shell wrapper around blkid which reports TYPE="BitLocker" for a specific partition. I looked at the source code of blkid in the commit message referenced change to see what blkid would report, for the exact word and case. Which is "BitLocker". Thanks, Mike
Thank you Mike for this patch set and bitlocker image. Since BitLocker is proprietary and because my newest VM does not include a recent enough version of util-linux, I opted to perform a regression test instead. With patch set v3 applied (plus typo fix) the other file systems I have all displayed the volume label correctly. Further, operations to change UUID on FAT32 and NTFS file systems properly displayed the Windows Product Activation message. Hence this patch set looks good to me. Patch set v3 from comment #17 (including typo fix) has been committed to the master branch of the git repository. The relevant git commits can be viewed at the following links: Recognise blkid identified BitLocker encrypted partitions (#795127) https://gitlab.gnome.org/GNOME/gparted/commit/aff99307d9540d3225cb867c251d6724ccaef9bb Make get_custom_text() and get_generic_text() return by reference https://gitlab.gnome.org/GNOME/gparted/commit/d948cbcb9143dc975dd3c66defd7289eb4113b2c Simplify from Gtk::Table to HBox in FileSystem Label dialog https://gitlab.gnome.org/GNOME/gparted/commit/f760c16ba60b690f168b7a0b7f3ec764f93caefa Simplify from Gtk::Table to HBox in Partition Name dialog https://gitlab.gnome.org/GNOME/gparted/commit/eab54260a40736cd5e49b028b0c97afaa25da9c7 Move the xfs_db -r flag to the start when reading XFS usage https://gitlab.gnome.org/GNOME/gparted/commit/32df1de163f7548942fd3ab335013905f250b4b2 Rework scope of fat16:: and ntfs::Change_UUID_Warning vectors https://gitlab.gnome.org/GNOME/gparted/commit/a9e85698f2d7dd34de3c36791163a84bd60b7db0
This enhancement was included in the GParted 0.32.0 release on August 22, 2018.