[Feature Request] Better support for btrfs on BitLocker

[13xforever]

Since version 1.8.0 there's a BitLocker support of some kind introduced to winbtrfs, however there are no documentation on what's supported or how to use it.

Here's my findings so far:

1. there's some functionality is missing in winbtrfs driver in particular, no volume guid is provided to the system, this breaks different things such as assigning drive letter, no volume listing in diskpart, working with bitlocker is not possible, get-volume in powershell doesn't list btrfs volumes, and probably other issues you can check with running mountvol and observing that even physically removing disk with btrfs volume doesn't change the output
2. mkbtrfs, just like formatting with any standard windows tools, removes bitlocker
3. as a result, the only way to actually create btrfs volume on bitlocker is to convert an already existing ntfs volume with ntfs2btrfs (there's also some detection issue, which requires reboot in this case)
4. currently there's no option to add another device securely to existing volume as it requires formatting and that removes existing bitlocker data and due to 1. you can't encrypt the volume after the fact you can workaround this issue on linux by creating encrypted ntfs volume first, mounting it on linux and using btrfs dev add -f without destroying the bitlocker volume (but be warned that at least for me, winbtrfs will hang if you try to access the volume)
5. also as a result of 1. it is not possible to actually decrypt btrfs volume or change the protectors, so you're stuck with what you had before conversion (this maybe an issue with data recovery or system migrations at some point)

It would be nice to have proper support at some point:

1. Ideally, an ability to work with bitlocker directly (through drive letter or through direct volume path \\?\Volume{GUID}\
2. Some way to have explicit mapping list of windows volume guid to physical btrfs volume for use with 1.

[maharmstone]

no volume guid is provided to the system

That's not right - see the function vol_query_unique_id. If the driver didn't respond to the mountdev ioctls, mountmgr.sys wouldn't assign volumes a drive letter. I'm fairly sure you can use the \\?\Volume{GUID}\ notation in paths etc.

The underlying problem is that we have to create a pseudo-volume for RAID to work, which Windows neither likes nor expects. It's an open question as to exactly how much we can do, given that Windows is closed-source... I remember coming to the conclusion that we stuck with some of the diskpart problems, for instance.

You might want to look into VeraCrypt, see if you have any luck there. Though I think they had a bug in their driver which meant it wouldn't work with btrfs RAID, so it might not do what you want.

[13xforever]

considering windows has built-in software raid on top of dynamic disks (not to mention storage spaces), I'm pretty sure it could be worked around at least for expected case of dedicated partition per btrfs volume, but I understand this is not a priority and documentation is sparse