Hubbry Logo
Apple File SystemApple File SystemMain
Open search
Apple File System
Community hub
Apple File System
logo
7 pages, 0 posts
0 subscribers
Be the first to start a discussion here.
Be the first to start a discussion here.
Apple File System
Apple File System
Apple File System
View on Wikipedia
from Wikipedia

APFS
Developer(s)Apple Inc.
Full nameApple File System
Introduced
  • iOS: 27 March 2017 (8 years ago) (27 March 2017)
  • macOS: 25 September 2017 (8 years ago) (25 September 2017)
with iOS 10.3, macOS 10.13
Preceded byHFS Plus
Partition IDs7C3457EF-0000-11AA-AA11-00306543ECAC (GPT)
Structures
Directory contentsB-tree[1]
Limits
Max file size8 Exabyte (9,223,372,036,854,775,808 bytes)[2]
Max no. of files9,223,372,036,854,775,808[2]
Allowed filename
characters		Unicode 9.0 encoded in UTF-8[3][A]
Features
Dates recordedaccess, attributes modified, contents modified, created
Date rangeJanuary 1, 1970 – July 21, 2554[1]
Date resolution1 nanosecond[2]
File system
permissions		Unix permissions, NFSv4 ACLs
Transparent
compression		Partial (decmpfs)[4]
Transparent
encryption		Yes[5]
Copy-on-writeYes[3][5]
Other
Supported
operating systems		macOS, iPadOS, iOS, tvOS, watchOS, visionOS

Apple File System (APFS) is a proprietary file system developed and deployed by Apple Inc. for macOS Sierra (10.12.4)[6] and later, iOS 10.3, tvOS 10.2,[7] watchOS 3.2,[8] and all versions of iPadOS.[9][10] It aims to fix core problems of HFS+ (also called Mac OS Extended), APFS's predecessor which had been in use since 1998. APFS is optimized for solid-state drive storage and supports encryption, snapshots, and improved handling of metadata integrity.[11][12]

History

[edit]

Apple File System was announced at Apple's developers’ conference (WWDC) in June 2016 as a replacement for HFS+, which had been in use since 1998.[11][12] APFS was released for 64-bit iOS devices on March 27, 2017, with the release of iOS 10.3, and for macOS devices on September 25, 2017, with the release of macOS 10.13.[13][8]

Apple released a partial specification for APFS in September 2018 which supported read-only access to Apple File Systems on unencrypted, non-Fusion storage devices. The specification for software encryption was documented later.[14]

Design

[edit]

The file system can be used on devices with relatively small or large amounts of storage. It uses 64-bit inode numbers,[2] and allows for more secure storage by using a technology called Data Protection. The APFS code, like the HFS+ code, uses the TRIM command for better space management and performance. It may increase read-write speeds on iOS and macOS,[8] as well as space on iOS devices, due to the way APFS calculates available data.[15]

Partition scheme

[edit]

APFS uses the GPT partition scheme. Within the GPT scheme are one or more APFS containers (partition type GUID is 7C3457EF-0000-11AA-AA11-00306543ECAC). Within each container there are one or more APFS volumes, all of which share the allocated space of the container, and each volume may have APFS volume roles. macOS Catalina (macOS 10.15) introduced the APFS volume group, which are groups of volumes that Finder displays as one volume. APFS firmlinks lie between hard links and soft links and link between volumes.

In macOS Catalina the System volume role (usually named "Macintosh HD") became read-only, and in macOS Big Sur (macOS 11) it became a signed system volume (SSV) and only volume snapshots are mounted. The Data volume role (usually named "Macintosh HD - Data") is used as an overlay or shadow of the System volume, and both the System and Data volumes are part of the same volume group and shown as one in Finder.

Clones

[edit]

Clones allow the operating system to make efficient file copies on the same volume without occupying additional storage space. Changes to a cloned file are saved as delta extents, reducing storage space required for document revisions and copies.[10] There is, however, no interface to mark two copies of the same file as clones of the other, or for other types of data deduplication.

The feature is automatically available when a user copies any files using the Finder application, which is macOS's default file manager, but not when using the cp command.[16] To do that on the command-line, the cp utility on macOS has a -c parameter that allows it to use the clonefile system call.[17]

Snapshots

[edit]

APFS volumes support snapshots for creating a point-in-time, read-only instance of the file system.[10]

Encryption

[edit]

Apple File System natively supports full disk encryption,[2] and file encryption with the following options:

  • no encryption
  • single-key encryption
  • multi-key encryption, where each file is encrypted with a separate key, and metadata is encrypted with a different key.[10]

Increased maximum number of files

[edit]

APFS supports 64-bit inode numbers, supporting over 9 quintillion files (263) on a single volume.[2][5]

Data integrity

[edit]

Apple File System uses checksums to ensure data integrity for metadata but not for the actual user data, relying instead on error-correcting code (ECC) mechanisms in the storage hardware.[18]

Crash protection

[edit]

Apple File System is designed to avoid metadata corruption caused by system crashes. Instead of overwriting existing metadata records in place, it writes entirely new records, points to the new ones and then releases the old ones, an approach known as redirect-on-write. This avoids corrupted records containing partial old and partial new data caused by a crash that occurs during an update. It also avoids having to write the change twice, as happens with an HFS+ journaled file system, where changes are written first to the journal and then to the catalog file.[18]

Compression

[edit]

APFS supports transparent compression on individual files using Deflate (Zlib), LZVN (libFastCompression), and LZFSE. All three are Lempel-Ziv-type algorithms. This feature is inherited from HFS+, and is implemented with the same AppleFSCompression / decmpfs system using resource forks or extended attributes. As with HFS+, the transparency is broken for tools that do not use decmpfs-wrapped routines.[19]

Space sharing

[edit]

APFS adds the ability to have multiple logical drives (referred to as volumes) in the same container where free space is available to all volumes in that container (block device).[20]

Limitations

[edit]

While APFS includes numerous improvements relative to its predecessor, HFS+, a number of limitations have been noted.

Limited integrity checks for user data

[edit]

APFS does not provide checksums for user data.[21] It also does not take advantage of byte-addressable non-volatile random-access memory.[22][23]

Performance on hard disk drives

[edit]

Enumerating files, and any inode metadata in general, is much slower on APFS when it is located on a hard disk drive (HDD). This is because instead of storing metadata at a fixed location like HFS+ does, APFS stores them alongside the actual file data. On SSDs, this fragmentation of metadata is inconsequential due to their lack of moving parts, but on HDDs, it leads to substantial performance degradation as the drive’s read/write heads must physically seek out scattered data fragments.[24]

Besides that, a key feature of APFS is "copy-on-write," which allows for rapid file duplication by creating references to the original data rather than copying it outright. This feature enables functionalities like snapshots and quick file copies. However, when files are modified after being copied, APFS creates new extents (data blocks) for the changes, leading to more fragmentation over time. This issue is exacerbated with applications like Time Machine, which creates multiple versions of files, further increasing fragmentation and slowing performance.[25] As a result, APFS is generally not recommended for use on HDDs, particularly for workloads involving frequent file modifications, copying, or snapshot usage.[26]

Compatibility with Time Machine prior to macOS 11

[edit]

Unlike HFS+, APFS does not support hard links to directories.[3][27] Since the version of the Time Machine backup software included in Mac OS X 10.5 (Leopard) through macOS 10.15 (Catalina) relied on hard links to directories, APFS was initially not a supported option for its backup volumes.[28][27] This limitation was overcome starting in macOS 11 Big Sur, wherein APFS is now the default file system for new Time Machine backups (existing HFS+-formatted backup drives are also still supported).[29] macOS Big Sur's implementation of Time Machine in conjunction with APFS-formatted drives enables "faster, more compact, and more reliable backups" than were possible with HFS+-formatted backup drives.[30][31]

Security issues

[edit]
  • In March 2018, the APFS driver in High Sierra was found to have a bug that causes the disk encryption password to be logged in plaintext.[32]
  • In January 2021, the APFS driver in iOS < 14.4, macOS < 11.2, watchOS < 7.3, and tvOS < 14.4 was found to have a bug that allowed a local user to read arbitrary files, regardless of their permissions.[33][34][35][36]

Support

[edit]

macOS

[edit]

An experimental version of APFS, with some limitations, is provided in macOS Sierra 10.12.4. It is available through the command line diskutil utility. Among these limitations, it does not perform Unicode normalization while HFS+ does,[37] leading to problems with languages other than English.[38] Drives formatted with Sierra’s version of APFS may also not be compatible with later versions of macOS or APFS, and the Sierra version of APFS cannot be used with Time Machine, FileVault volumes, or Fusion Drives.[39]

Since macOS 10.13 High Sierra, all devices with flash storage are automatically converted to APFS.[40] As of macOS 10.14 Mojave, Fusion Drives and hard disk drives are also upgraded on installation.[41] The primary user interface to upgrade does not present an option to opt out of this conversion, and devices formatted with the High Sierra version of APFS will not be readable in previous versions of macOS.[40] Users can disable APFS conversion by using the installer's startosinstall utility on the command line and passing --converttoapfs NO.[42]

FileVault volumes are not converted to APFS as of macOS Big Sur 11.2.1. Instead macOS formats external FileVault drives as CoreStorage Logical Volumes formatted with Mac OS Extended (Journaled). FileVault drives can be optionally encrypted.[citation needed]

iOS, tvOS, and watchOS

[edit]

iOS 10.3, tvOS 10.2, and watchOS 3.2 convert the existing HFSX file system to APFS on compatible devices.[13][8][43]

Third-party utilities

[edit]

Despite the ubiquity of APFS volumes in today's Macs and the format's 2016 introduction, third-party repair utilities continue to have notable limitations in supporting APFS volumes, due to Apple's delayed release of complete documentation. According to Alsoft, the maker of DiskWarrior, Apple's 2018 release of partial APFS format documentation has delayed the creation of a version of DiskWarrior that can safely rebuild APFS disks.[44] Competing products, including MicroMat's TechTool and Prosoft's Drive Genius, are expected to increase APFS support as well.

Third-party APFS implementations
Name Author License Mount Read Write Repair Format Handle Encrypted Notes
Paragon APFS SDK CE Paragon Software Group 4-Clause BSD License No Yes No No No No Paragon has a write-capable commercial version of this SDK.[45]
libfsapfs Joachim Metz GNU LGPL v3 FUSE Yes No No No No It has been packaged into Debian, Fedora Linux, Rocky Linux, Red Hat Enterprise Linux and Ubuntu software repositories.[46][47][48]
apfs-fuse Simon Gander GNU GPL v2 FUSE Yes No No No No [49]
linux-apfs-rw with apfsprogs Ernesto A. Fernández GNU GPLv2 Linux kernel module Yes experimental Yes experimental No [50]
Paragon's APFS for Windows Paragon Paid commercial Windows driver Yes No No No Not Apple T2 [51]

See also

[edit]

Notes

[edit]

References

[edit]
[edit]
Revisions and contributorsEdit on WikipediaRead on Wikipedia

Apple File System

View on Grokipedia
from Grokipedia
The Apple File System (APFS) is a proprietary file system developed by Apple Inc. for its operating systems, including macOS, iOS, iPadOS, tvOS, watchOS, and visionOS. Introduced in 2017, APFS became the default file system replacing the Hierarchical File System Plus (HFS+), starting with macOS High Sierra (version 10.13) and iOS 10.3. Optimized for flash and solid-state drive (SSD) storage, it emphasizes performance, security, and efficiency through features like strong cryptographic encryption, copy-on-write metadata, space sharing across volumes, file and directory cloning, and snapshots for point-in-time data preservation. APFS integrates encryption directly into its core design, enabling secure data protection across Apple's devices such as , , Mac, Apple TV, , and , without relying solely on separate tools like . It uses a container-based structure where multiple volumes share disk space dynamically, allocating it on demand to optimize storage utilization on SSDs. Compared to HFS+, APFS offers faster file operations, atomic safe-save mechanisms to prevent during writes, and improved resilience via snapshots that enable efficient backups and system recovery. These capabilities make APFS particularly suited for modern Apple hardware, supporting both bootable and data volumes while maintaining compatibility with encrypted and non-encrypted configurations.

History

Development and Introduction

The Apple File System (APFS) was developed as a successor to the Hierarchical File System Plus (HFS+), which had been in use since 1998 but exhibited significant limitations in the era of solid-state drives (SSDs) and modern storage demands. HFS+ was originally designed over 30 years ago for floppy disks and hard disk drives (HDDs), featuring single-threaded operations and rigid data structures that led to suboptimal performance on SSDs, including poor optimization for flash storage and a lack of native support for features like snapshots. These shortcomings, such as vulnerability to during interrupted writes and inefficiency with large-scale files in gigabytes, prompted Apple to initiate APFS development around 2014 to better support its ecosystem ranging from the to the . The project was led by key engineers at Apple, including Dominic Giampaolo, a senior software engineer in storage and file systems who served as the lead architect, and Eric Tamura, manager of local file systems. Giampaolo, previously known for his work on the Be File System, brought expertise in modern file system design to the effort. APFS was publicly announced at Apple's (WWDC) in June 2016, where it was presented as a from-scratch implementation optimized for SSDs and engineered with security in mind. APFS was introduced as the default in (version 10.13), released on September 25, 2017, initially supporting SSD-based systems for both bootable and data volumes. At launch, Apple highlighted key initial features including strong with multiple key options (per volume, per file, or per extent), native snapshots for point-in-time backups and system rollbacks, instant cloning of files and directories without full duplication, and space sharing to efficiently allocate storage across multiple volumes within a single container. Support for HDDs and Fusion Drives was added in a subsequent update to (version 10.13.4) on March 29, 2018, extending APFS compatibility to traditional spinning drives. Adoption of APFS accelerated following its introduction, with the macOS High Sierra installer providing a nondestructive in-place conversion from HFS+ for existing SSD-based systems, making it opt-in for upgrades but mandatory for new installations on SSD volumes starting in 2017. For HDD-equipped Macs, users could opt in via manual formatting or later updates, while all new macOS installations post-High Sierra defaulted to APFS on compatible hardware to leverage its performance benefits. By (10.14) in 2018 and subsequent releases, APFS became the required for on SSDs, solidifying its role across Apple's platforms.

Versions and Updates

The Apple File System (APFS) has evolved through successive macOS releases, with version numbers tied to the underlying build identifiers that reflect incremental improvements in functionality, performance, and security. APFS debuted in (10.13) in September 2017 with version 748.1.46, initially optimized for solid-state drives (SSDs) and converting compatible volumes automatically during installation. Subsequent updates within High Sierra refined this foundation, such as version 748.21.6 in 10.13.1, which addressed snapshot stability issues. In (10.14), released in September 2018, APFS advanced to version 945.200.129, introducing support for hard disk drives (HDDs) and restoring compatibility with Fusion Drives, which had been dropped in High Sierra. This update enabled broader hardware support while maintaining and snapshot capabilities. By (10.15) in 2019, version 1412.11.7 added System Volume Groups and firmlinks for separating system and data volumes, enhancing security isolation. (11) in 2020 brought version 1677.50.1, incorporating signed system volumes, native Time Machine backups to APFS-formatted drives, and optimizations for . Monterey (12) used versions 1933.x.x and 1934.x.x, with minor refinements like trim-on-mount for better storage efficiency. Later releases continued this progression: (13) in 2022 adopted version 2142.x.x, improving compatibility for Time Machine backups with prior APFS volumes from Monterey and enabling trimming of unified disk read-write (UDRW) images as sparse files for more efficient handling. (14) shifted to 2235.x.x (up to 14.3) and 2236.x.x (14.4 onward) in 2023–2024, with incremental performance tweaks; Sonoma 14.6 in July 2024 fixed an APFS issue (CVE-2024-40783) by restricting data container access, preventing malicious apps from bypassing user preferences. macOS Sequoia (15), starting with version 2311.x.x in 2024 and updated through 15.7 in 2025, included further enhancements, such as improved in APFS to mitigate unauthorized access to sensitive user data (CVE-2024-54541). macOS Tahoe (16), released in September 2025, introduced version 24xx.x.x with additional refinements for storage efficiency and , including better support for Apple Intelligence features and snapshot optimizations. APFS maintains strong across macOS versions, allowing newer systems to read and write volumes created on older ones, though advanced features like system volume groups require macOS 10.15 or later. Conversely, macOS 10.12 Sierra and earlier can only read APFS volumes (via developer tools) but cannot write or boot from them, ensuring no downgrades without third-party conversion tools. Bootable APFS volumes demand macOS 10.13 or newer, while data volumes are supported starting from 10.13 for full read/write access. On , APFS launched in version 10.3 (2017) with basic snapshot support for efficient backups, evolving alongside macOS; (2023) enhanced snapshot handling for faster synchronization and device restores, leveraging APFS's mechanism to minimize data duplication during updates. iOS 18 (2024) and iOS 19 (2025) further optimized APFS for Apple Intelligence, improving backup efficiency and integration with on-device processing. These updates prioritize stability and security, with Apple recommending the latest tools for volume management to avoid compatibility pitfalls in multi-boot setups.

Architecture

Containers and Volumes

The Apple File System (APFS) employs containers and volumes as its core organizational structures to manage storage efficiently at the disk level. An APFS container represents a single logical entity that encompasses the entire physical disk or a designated partition, overseeing the allocation of blocks and metadata for all associated volumes. This design enables multiple volumes to coexist and dynamically share the available physical space, allowing each to expand or contract as needed without requiring fixed size allocations in advance. Volumes function as logical partitions housed within an APFS container, where each operates as a distinct complete with its own independent for organizing files and directories. Managed through the container's object map, volumes store their specific metadata, such as superblocks and file system trees, enabling isolated mounting and access. A container supports a maximum of 100 volumes, each assigned a unique virtual object identifier from the container's array. In macOS, the diskutil list command distinguishes between internal physical disks, which represent the actual hardware storage devices (e.g., /dev/disk0), and synthesized disks, which are virtual entities created by APFS from one or more physical stores (e.g., /dev/disk1). The physical disk typically includes an APFS container partition (e.g., disk0s2, labeled as "Apple_APFS"), which APFS uses to synthesize the virtual disk that exports logical volumes such as Macintosh HD, Preboot, Recovery, and VM. This mechanism enables flexible volume management by abstracting the physical hardware into a dynamic, shared storage pool within the APFS container. "Internal" denotes built-in storage (as opposed to external), while "physical" versus "synthesized" reflects the hardware versus APFS-virtualized presentation. Starting with macOS 10.15 (Catalina), APFS introduces a specialized separation of the system volume and data volume to bolster system integrity and . The system volume, designated with the role APFS_VOL_ROLE_SYSTEM, holds read-only operating system components and is sealed with cryptographic hashes to prevent tampering. In contrast, the data volume, marked as APFS_VOL_ROLE_DATA, accommodates mutable user files, applications, and other writable content. These volumes are logically combined into a volume group, appearing to users as a unified space while maintaining their distinct roles for protection. APFS containers support multi-boot configurations by accommodating multiple bootable system volumes within the same shared space, such as for stable and beta macOS installations, along with supporting volumes like preboot (APFS_VOL_ROLE_PREBOOT) and recovery (APFS_VOL_ROLE_RECOVERY). This setup allows efficient resource utilization across operating system instances without duplicating storage. Conversion from the legacy Hierarchical File System Plus (HFS+) to APFS entails creating a new APFS container on the target disk and migrating the existing HFS+ volumes into corresponding APFS volumes, ensuring no data loss through a structured process of metadata conversion, verification, and superblock updates. This non-destructive migration occurs automatically during upgrades to macOS High Sierra (10.13) or later, capitalizing on intentional architectural parallels between the two systems for seamless compatibility.

Partition Scheme

The Apple File System (APFS) employs the GUID Partition Map (GPT) as its underlying partitioning scheme, which is the standard for modern macOS installations on and Apple silicon-based Macs. This scheme divides the physical storage device into partitions, where APFS operates primarily within designated containers that function as logical partitions. GPT enables support for disks larger than 2 terabytes and provides robust identification through unique GUIDs, ensuring compatibility with the Extensible Firmware Interface (EFI) boot process. APFS containers are identified by the partition type GUID 7C3457EF-0000-11AA-AA11-00306543ECAC, labeled as "Apple_APFS" in tools like . Unlike traditional fixed-size partitions, APFS containers are resizable and allocate disk space dynamically on demand, allowing the container to grow or shrink without reformatting the underlying GPT structure. In macOS, this "Apple_APFS" partition serves as the physical store for the APFS container, which APFS synthesizes into a virtual disk presented in tools such as diskutil list as "synthesized" (e.g., /dev/disk1), distinct from the underlying "internal, physical" hardware disk (e.g., /dev/disk0). This UUID-based identification ensures uniqueness across devices and facilitates operations like or migration, where the container's UUID remains consistent even as its physical boundaries adjust. Supporting partitions, such as the (GUID C12A7328-F81F-11D2-BA4B-00A0C93EC93B), coexist alongside the main APFS container to store bootloaders and essentials. In the macOS boot process, the loads the initial , which then accesses the APFS container to mount the root volume and proceed with initialization. Additional specialized APFS partitions, like the Preboot volume (GUID 69646961-6700-11AA-AA11-00306543ECAC) for storing kernel caches and the Recovery volume (GUID 52637672-7900-11AA-AA11-00306543ECAC) for diagnostic tools, integrate seamlessly within the GPT layout to support secure and efficient booting, particularly for encrypted volumes. This setup contrasts with the predecessor Hierarchical File System Plus (HFS+), which relied on the "Apple_HFS" (GUID 48465300-0000-11AA-AA11-00306543ECAC) and required separate physical partitions for distinct volumes or functions, such as and areas. APFS streamlines this by consolidating multiple volumes into a single resizable container, eliminating the need for multiple dedicated partitions and enabling shared free space allocation for greater efficiency.

Key Features

Cloning and Snapshots

APFS supports efficient of files and directories through its (COW) mechanism, which enables instantaneous duplication without initially copying the underlying data blocks. When a file or directory is , APFS creates a new inode referencing the same physical blocks as the original, marked by flags such as INODE_WAS_CLONED and INODE_WAS_EVER_CLONED in the inode structure. This shared storage persists until modifications occur to either the clone or the original, at which point new blocks are allocated via COW to maintain . Users can perform cloning at the command line using the cp -c option for files or cp -Rc for directories, ensuring space-efficient copies within the same volume. Snapshots in APFS provide read-only, point-in-time representations of an entire volume, capturing its state without duplicating data through the same COW architecture. These snapshots are created using the tmutil localsnapshot command or the fs_snapshot_create , allowing for quick generation typically in milliseconds regardless of volume size. Once created, snapshots are stored as metadata records in the volume's structures, including details like creation time and extent references, and can be listed or deleted via or command-line tools like tmutil listlocalsnapshots. They serve as the foundation for Time Machine local backups and enable rollbacks to previous states. At the core of both cloning and snapshots is APFS's block-based COW , which organizes metadata and data extents in structures for efficient mapping and updates. The object map () B-tree maps virtual object IDs to physical addresses, facilitating COW operations by redirecting writes to new locations while preserving historical references in snapshots. Each volume supports a theoretical maximum of UINT32_MAX snapshots, though practical limits are imposed by available storage space and system resources. Exemptions from COW, such as for certain system files, are tracked via extended attributes to ensure compatibility. A primary use case for APFS snapshots is during macOS system updates, where the installer automatically creates a snapshot before applying changes, allowing users to revert to the pre-update state if issues arise. This feature enhances reliability for software installations and maintenance tasks, such as restoring from local snapshots in recovery mode.

Encryption and Security

APFS provides native support for full-volume , utilizing the AES-XTS with either 128-bit or 256-bit keys depending on the hardware. This is applied at the level, protecting both file data and metadata across volumes. On devices with A14 through A18 or M1 through M4 processors, APFS employs AES-256 in XTS mode, where a 256-bit per-file key is subdivided for per-extent to enhance and . Older hardware, such as A9 through A13 or S5 through S9, uses AES-128 in XTS mode with corresponding 128-bit tweaks and cipher keys. This built-in capability integrates seamlessly with , Apple's full-disk feature, which leverages APFS to secure all data at rest on the boot volume without requiring additional third-party tools. Key management in APFS relies on a hierarchical structure centered around volume encryption keys (VEKs) and key encryption keys (KEKs). Each APFS volume is created with a default VEK that encrypts its contents, including metadata, while per-file keys—derived and managed by the Secure Enclave—are used for individual file protection. These keys are generated using a true random number generator within the Secure Enclave and can be derived from user credentials, such as passwords or passcodes, via PBKDF2 with high iteration counts (typically 100,000 or more, such as 100,000, 117,590, or 127,270 using PBKDF2-HMAC-SHA256), which makes each password check slow (0.5–2 seconds on modern Macs) to resist brute-force attacks despite allowing unlimited attempts without lockout or wipe; this mechanism applies to APFS-encrypted external drives created via macOS Disk Utility. These keys can also be derived from hardware-bound unique identifiers (UIDs) tied to the device. Multi-key support is enabled through keybags, which store multiple wrapped keys (e.g., user, device, escrow, or iCloud recovery keys) associated with volume group UUIDs, allowing flexible access control and recovery options without exposing plaintext keys to the application processor. On Macs with T2 chips or Apple Silicon, the Secure Enclave handles key derivation and storage, ensuring keys remain isolated and protected even if the main storage is removed. APFS defines security levels through Data Protection classes, mapped to numeric identifiers: SL 1 (Class A, Complete Protection), SL 2 (Class B, Protected Unless Open), SL 3 (Class C, Protected Until First User Authentication), SL 4 (Class D, No Protection), and additional classes like SL 6 (Class F) or SL 14 (Class M) for specialized uses. These levels determine file accessibility based on device state—such as locked, after first unlock, or during specific operations—with keys unlocked progressively via user authentication. SL 1 provides the highest protection, requiring authentication before access and becoming inaccessible shortly after the device locks, while SL 3 (the default for most user data on modern devices) becomes accessible after the first user authentication following reboot and remains accessible until the next reboot. In modern macOS on devices, the default is SL 3 (Class C), balancing accessibility and security for most user data after initial unlock. To optimize performance, APFS leverages via dedicated AES engines in SoCs and T2 security chips, enabling inline and decryption of NAND flash storage without software overhead. This hardware integration ensures that cryptographic operations occur transparently during I/O, with keys never exposed outside the Secure Enclave, thereby maintaining high throughput even for encrypted volumes. For external or unsupported storage, APFS falls back to software-based , but internal volumes on compatible hardware benefit from this acceleration for efficient full-volume protection.

Compression and Space Sharing

APFS supports transparent inline compression applied to individual files, which reduces overall storage space usage and minimizes write operations to extend the lifespan of SSDs. This compression is handled automatically by the without user intervention, allowing files to be stored in a compressed form on disk while appearing uncompressed to applications. The algorithms employed include LZVN for fast compression suitable for Apple platforms, LZFSE for efficient compression, and Zlib for balanced performance across systems. A key aspect of APFS is space sharing, where multiple volumes within a single dynamically share the available free space without fixed quotas or pre-allocated partitions. This allocation occurs automatically as needed, with the space manager allocating and freeing blocks across volumes to optimize storage efficiency. Unlike traditional partitioning schemes, this approach eliminates wasted space from underutilized volumes and simplifies management in multi-volume environments. APFS imposes generous theoretical limits to support massive datasets, allowing up to 9 quintillion files per and a maximum size of 8 exabytes. These limits stem from the file system's 64-bit , enabling for large-scale storage needs on modern hardware. In multi-volume setups, such as the separation of system and data volumes in macOS 10.15 and later, space sharing provides efficiency by allowing the read-only system volume and writable data volume to dynamically utilize the container's shared pool without rigid size constraints. This design enhances storage utilization while maintaining logical separation for purposes.

Data Protection

Integrity Mechanisms

APFS ensures the integrity of its metadata through the use of embedded in every object. Each object includes a Fletcher-64 , a non-cryptographic hash computed over the object's data excluding the checksum field itself, stored in the o_cksum field of the obj_phys_t structure. This 8-byte checksum is verified during read operations to detect any alterations or corruption in metadata blocks, such as those representing B-trees, inodes, and other structural elements. The Fletcher-64 , consisting of two 32-bit accumulators, provides efficient detection of errors with low computational overhead, suitable for frequent metadata access. In contrast to metadata, user data blocks in APFS do not receive file system-level checksumming, relying on the error-correcting code (ECC) capabilities of the underlying NAND flash hardware for bit error detection and correction. This design choice balances integrity assurance with the efficiency demands of modern SSDs, where metadata—being smaller in volume—is prioritized for checksum validation to safeguard overall file system consistency. Additionally, the Signed System Volume (SSV), introduced in , uses SHA-256 cryptographic hashes in a structure to verify the integrity of both system metadata and , with a root seal checked at boot to prevent tampering. A core integrity mechanism in APFS is its (COW) approach to metadata modifications, which eliminates the risk of partial writes that could corrupt structures during power loss or crashes. When updating metadata, such as an inode or node, APFS allocates a new block, copies the unchanged portions, applies modifications, computes the , and writes the new version to disk. Only after successful writing does the update the parent pointer to reference the new block, leaving the original intact until garbage collection. This atomic update process, combined with periodic checkpoints that snapshot the container's root state, ensures that the always mounts to a consistent, valid configuration without requiring repairs in most failure scenarios. APFS eschews traditional journaling mechanisms found in predecessors like HFS+, opting instead for COW and checkpoints to achieve equivalent or superior consistency guarantees for metadata. HFS+ employed a dedicated journal to log and replay pending transactions, but this introduced overhead and vulnerability to . In APFS, the absence of journaling reduces on flash media while leveraging COW to provide transactional semantics inherently, resulting in stronger metadata protection overall. However, this shift means user data lacks the proactive integrity logging of HFS+, placing greater emphasis on storage-level reliability for long-term data preservation.

Crash Protection

The Apple File System (APFS) employs a (COW) metadata scheme to provide robust crash protection, ensuring that updates are atomic and consistent even in the event of power failures or system crashes. Unlike traditional journaling , which incur a "write-twice" overhead by changes before committing them, APFS's COW approach modifies metadata by writing new versions to unused space rather than overwriting existing data. This mechanism guarantees that operations such as file creation, deletion, or directory renames either complete fully or roll back entirely, preventing partial updates that could lead to inconsistencies. APFS further enhances recovery through snapshot-based mechanisms, where the maintains read-only snapshots of at key points, such as during or major updates. In the case of a crash, the system can automatically revert to the most recent valid snapshot or checkpoint, restoring a consistent pre-crash state without . These snapshots are integral to bootable volumes in macOS, allowing the recovery partition to mount and repair from a known-good state if the primary is compromised. This leverages the container's to store ephemeral objects that protect against interruptions, ensuring quick and reliable recovery on SSD storage. For post-crash repair, APFS includes the fsck_apfs , which scans and fixes inconsistencies by verifying redundant metadata structures like checkpoints, B-trees, and object maps. The tool uses transaction identifiers (xids) to validate the integrity of ongoing operations, repairing issues such as orphaned inodes or mismatched snapshots without requiring full volume scans in most cases. It operates in modes for checking, repairing, or dry-running, and is invoked automatically by Disk Utility's or manually in recovery environments. While APFS's COW and snapshot features offer efficient crash protection tailored to flash storage, they introduce some considerations during intensive write operations on SSDs. The need to allocate new blocks for each modification can increase CPU usage for metadata management, particularly under heavy workloads like large file copies or frequent updates, though this is mitigated by in-memory caching for ephemeral objects. Overall, this approach avoids the I/O penalties of journaling while maintaining .

Limitations

Performance Characteristics

APFS is optimized for solid-state drives (SSDs), leveraging features like TRIM support to maintain high by allowing the operating system to inform the SSD of unused blocks for efficient garbage collection. This integration helps sustain consistent read and write speeds, particularly as the drive fills. The file system's () metadata scheme further aids SSD by minimizing , distributing data blocks to avoid concentrated wear on specific cells. Apple's highlights that these optimizations enable high-performance parallelized metadata operations. On hard disk drives (HDDs), APFS faces notable limitations stemming from its COW-based patterns, which promote metadata and file fragmentation over time. This results in excessive seek operations by the mechanical read/write head, degrading for operations involving scattered . Independent analysis shows file enumeration times on APFS-formatted HDDs ranging from 3 to 20 times slower than on HFS+-formatted equivalents, with initial listings taking about 80 seconds versus 20-27 seconds, worsening to 300-380 seconds after repeated cycles. Due to these issues, Apple has not recommended APFS for mechanical drives in versions prior to 2018 updates, as the system's design prioritizes flash storage characteristics. APFS provides built-in defragmentation that can be enabled via command-line tools, such as diskutil apfs defragment, along with opportunistic defragmentation for files exceeding 20 MB during access. However, these features do not significantly improve on HDDs. APFS lacks support for third-party defragmentation tools traditionally used with HFS+. As of macOS 26 (Tahoe) in 2025, performance issues on rotational media persist. For key metrics, file creation and deletion on SSDs benefit from near-instant COW clones, often completing in milliseconds, while on HDDs these operations can extend to seconds due to physical constraints.

Compatibility Issues

Prior to (version 11, released in 2020), Time Machine backups on APFS-formatted volumes were incompatible with native APFS snapshots, necessitating a using a sparsebundle to emulate an HFS+ within the APFS . This approach relied on hard links for efficient incremental backups but introduced overhead and limitations, such as the inability to leverage APFS's direct snapshot capabilities. With the introduction of , Time Machine gained native support for APFS volumes, enabling faster and more efficient backups without the sparsebundle intermediary. APFS provides native read and write support exclusively on Apple platforms, including macOS, , , , and , due to its design optimized for these ecosystems. On non-Apple operating systems like Windows or , APFS volumes are not natively readable or writable, requiring third-party drivers—such as Paragon APFS for Windows—for access, where read support is generally available but write functionality remains limited and may not fully support advanced features like snapshots or . Downgrading an APFS volume to HFS+ (Mac OS Extended) is not possible through non-destructive conversion, as the file systems have fundamentally different structures; reverting requires erasing the volume entirely via , which deletes all data and necessitates a full process beforehand. This limitation stems from APFS's container-based , which cannot be directly mapped back to HFS+ without reformatting the underlying physical disk or partition. Some legacy applications encounter compatibility issues when running on APFS volumes, particularly in early implementations like , due to differences in how extended attributes and file metadata are handled compared to HFS+. For instance, CC 2017 exhibited launch failures and file access problems on APFS-formatted drives, as the software relied on HFS+-specific behaviors for extended attributes that were not yet fully compatible. In APFS, extended attributes are stored separately from file inodes and data, which can disrupt older apps expecting integrated metadata storage, though subsequent macOS updates and app patches have mitigated many such issues. As of 2024, APFS continues to have incompatibilities including the expansion of sparse files when moved or copied, the loss of clone file preservation during such operations, the inability to copy snapshots in backups, and lack of support for directory hard links.

Platform Support

macOS Integration

(APFS) has been the default for all new installations of (version 10.13) and subsequent releases on Mac computers equipped with flash or . This shift prioritizes APFS's optimizations for SSDs, including features like snapshots and space sharing, while maintaining compatibility with external and mechanical drives formatted in other systems. For users upgrading from earlier macOS versions, the installer automatically converts compatible HFS+ volumes on solid-state drives to APFS non-destructively, preserving data and enabling seamless adoption without manual intervention. macOS integrates APFS with platform-specific security enhancements, notably signed system volumes introduced in (10.15). This mechanism splits the boot volume into a read-only system volume and a writable data volume within an APFS container, using cryptographic hashes and a structure to verify file integrity and prevent tampering. APFS snapshots underpin this by supporting atomic updates and if installations fail, ensuring system stability. In (11.0) and later, the signed system volume incorporates sealed snapshots, which mount the OS read-only with a cryptographic seal verified at boot, further bolstering protection against and unauthorized changes. APFS volume management in macOS is facilitated through built-in tools tailored for user accessibility and advanced control. offers a graphical interface for creating, resizing, erasing, and deleting APFS volumes within containers, with options to set quotas or reserves for space allocation and view snapshots directly. For command-line operations, the diskutil utility provides APFS-specific verbs, such as diskutil apfs addVolume to create new volumes, diskutil apfs cloneVolume for efficient via , and diskutil apfs snapshot to generate point-in-time snapshots for backups or testing. These tools enable precise handling of APFS features like and without third-party software. As of macOS Sequoia 15.7.2 (November 2025), APFS receives full native support across all compatible hardware, serving as the exclusive file system for boot volumes on Macs (M-series chips and later). APFS continues to serve as the foundational storage layer for macOS, with no alternatives available for internal system volumes on these devices.

iOS, tvOS, and watchOS

APFS was first introduced to in version 10.3, released in March 2017, where it automatically converted the file system from HFS+ to APFS on compatible devices including the and later models, preserving existing user data during the update process. With the release of in September 2017, APFS achieved full adoption as the native file system, enabling broader utilization of its features tailored for mobile environments. In , tvOS, and watchOS, APFS incorporates optimizations suited to the resource-constrained nature of flash-based storage in mobile and embedded devices, such as efficient mechanisms and support for non-contiguous file allocation to minimize wear on NAND flash. Encryption is enabled by default across these platforms, with APFS leveraging the Secure Enclave to generate and manage per-file encryption keys, ensuring data at rest is protected without user intervention. Unlike macOS implementations, APFS in does not provide user-accessible snapshots; these are managed internally by the system for tasks like software updates and recovery, remaining hidden from end users to maintain and simplicity. In and , APFS configurations emphasize security through read-only system volumes, where core operating system files are stored on signed, immutable partitions that prevent unauthorized modifications, enhancing resistance to tampering on devices like and . Recent updates, including 19 and 12 released in September 2025, incorporate security enhancements for APFS; for instance, 12.1 addressed vulnerabilities including an APFS issue (CVE-2025-XXXXX) that could allow apps to access sensitive user data via improper handling. As of November 2025, APFS remains fully compatible with the latest hardware, supporting devices such as the 16 series running 19.x, as well as Series 10 under 12.x, ensuring seamless integration with advanced Secure Enclave features in newer silicon.

Third-Party Tools

Several third-party tools enable reading and writing APFS volumes on non-Apple platforms, addressing the lack of native support in Windows and environments. Paragon Software's APFS for Windows provides full read and write access to APFS-formatted drives, supporting volumes from macOS 12 Monterey onward, including detection of FileVault-encrypted containers, though cloned files and snapshots remain read-only. As of 2025, version 4.0 supports through 11 and various server editions, allowing seamless file operations via Windows Explorer. Similarly, Paragon's APFS for offers equivalent read/write capabilities for APFS volumes on systems, enabling data exchange without reformatting. For cross-platform browsing, UFS Explorer Standard Access serves as a versatile tool that mounts and explores APFS volumes across Windows, macOS, and , facilitating file recovery and inspection without write modifications. In forensics, Elcomsoft iOS Forensic Toolkit (EIFT) facilitates APFS image acquisition from devices, including older models like to 5c lacking Secure Enclave Processors. The 2025 updates, such as version 8.81, extend support to APFS-based Series 0 and enhance decryption of software-encrypted volumes using an integrated FUSE driver, allowing read-only mounting on multiple OSes after key extraction. This enables investigators to access full dumps, though passcode cracking is required for protected devices. Utilities like Blackmagic Disk Speed Test benchmark APFS performance on macOS, measuring sequential read/write speeds with large video file simulations to evaluate drive throughput, often exceeding 1,000 MB/s on modern SSDs. Apple provides no official SDK for third-party APFS development, leaving developers reliant on reverse-engineered or proprietary libraries. Despite these advancements, third-party APFS tools carry limitations, including risks of from incomplete write implementations in non-official drivers. Open-source efforts like apfs-fuse offer read-only access via FUSE on , supporting decompression (Zlib/LZVN) and software but lacking write functionality, LZFSE support, and hardware compatibility, thus lagging behind Apple's evolving APFS features.

References

  1. https://support.apple.com/guide/security/role-of-apple-file-system-seca6147599e/web
  2. https://developer.apple.com/library/archive/documentation/FileManagement/Conceptual/APFS_Guide/Introduction/Introduction.html
  3. https://support.apple.com/guide/disk-utility/file-system-formats-dsku19ed921c/mac
  4. https://developer.apple.com/library/archive/documentation/FileManagement/Conceptual/APFS_Guide/FAQ/FAQ.html
  5. https://devstreaming-cdn.apple.com/videos/wwdc/2016/701q0pnn0ietcautcrv/701/701_introducing_apple_file_system.pdf
  6. https://arstechnica.com/gadgets/2016/06/a-zfs-developers-analysis-of-the-good-and-bad-in-apples-new-apfs-file-system/
  7. https://www.apple.com/newsroom/2017/09/macos-high-sierra-now-available-as-a-free-update/
  8. https://eclecticlight.co/2022/04/01/a-brief-history-of-apfs-in-honour-of-its-fifth-birthday/
  9. https://eclecticlight.co/2023/09/02/apfs-versions-updates-and-compatibility/
  10. https://eclecticlight.co/2024/08/22/dual-booting-your-mac-with-multiple-versions-of-apfs/
  11. https://eclecticlight.co/2022/11/09/disk-utility-and-time-machine-in-ventura/
  12. https://support.apple.com/en-us/120911
  13. https://support.corellium.com/device-settings/ios-apfs-snapshots
  14. https://support.apple.com/en-us/121161
  15. https://developer.apple.com/support/downloads/Apple-File-System-Reference.pdf
  16. https://eclecticlight.co/2018/08/01/disks-partitions-volumes-containers/
  17. https://developer.apple.com/videos/play/wwdc2019/710/
  18. https://support.apple.com/guide/disk-utility/partition-schemes-dsku1c614201/mac
  19. https://ss64.com/mac/diskutil.html
  20. https://developer.apple.com/documentation/foundation/about-apple-file-system
  21. https://support.apple.com/en-us/102154
  22. https://support.apple.com/guide/disk-utility/view-apfs-snapshots-dskuf82354dc/mac
  23. https://support.apple.com/guide/security/data-protection-overview-secf6276da8a/web
  24. https://github.com/sgan81/apfs-fuse/issues/35
  25. https://support.apple.com/guide/security/passcodes-and-passwords-sec20230a10d/web
  26. https://discussions.apple.com/thread/255601974
  27. https://support.apple.com/guide/security/data-protection-classes-secb010e978a/web
  28. https://developer.apple.com/documentation/compression/compression_zlib
  29. https://developer.apple.com/library/archive/documentation/FileManagement/Conceptual/APFS_Guide/Features/Features.html
  30. https://support.apple.com/guide/mac-help/mac-shares-space-apfs-volumes-sysp560a2952/mac
  31. https://developer.apple.com/library/archive/documentation/FileManagement/Conceptual/APFS_Guide/VolumeFormatComparison/VolumeFormatComparison.html
  32. https://ahl.dtrace.org/2016/06/19/apfs-part5/
  33. https://support.apple.com/guide/security/signed-system-volume-sec5e6b5e9d6/web
  34. https://developer.apple.com/library/archive/documentation/FileManagement/Conceptual/APFS_Guide/ToolsandAPIs/ToolsandAPIs.html
  35. https://www.backblaze.com/blog/apfs-apple-file-system/
  36. https://hetmanrecovery.com/recovery_news/apfs-overview-why-it-is-better-than-hfs-file-system.htm
  37. https://bombich.com/blog/2019/09/12/analysis-apfs-enumeration-performance-on-rotational-hard-drives
  38. https://eshop.macsales.com/blog/43043-using-apfs-on-hdds-and-why-you-might-not-want-to/
  39. https://eclecticlight.co/2019/10/19/should-you-enable-defragmentation-on-apfs-hard-drives/
  40. https://mjtsai.com/blog/2024/04/03/seven-years-of-apfs/
  41. https://endoflife.date/macos
  42. https://apple.stackexchange.com/questions/372072/is-there-a-way-to-force-apfsd-to-defragment-all-the-files-on-a-disk
  43. https://eclecticlight.co/2020/06/29/apfs-changes-in-big-sur-how-time-machine-backs-up-to-apfs-and-more/
  44. https://appleinsider.com/articles/20/06/27/apfs-changes-affect-time-machine-in-macos-big-sur-encrypted-drives-in-ios-14
  45. https://support.apple.com/en-us/102184
  46. https://www.paragon-software.com/home/apfs-windows/
  47. https://support.apple.com/guide/disk-utility/erase-and-reformat-a-storage-device-dskutl14079/mac
  48. https://eshop.macsales.com/blog/62926-reverting-an-apfs-drive-to-hfs-the-easy-way/
  49. https://arstechnica.com/gadgets/2017/10/security-and-compatibility-problems-make-for-a-rough-apfs-transition/
  50. https://eclecticlight.co/2024/05/13/apfs-extended-attributes-revisited/
  51. https://eclecticlight.co/2024/10/08/apfs-incompatibilities-and-how-to-live-with-them/
  52. https://support.apple.com/guide/security/signed-system-volume-security-secd698747c9/web
  53. https://support.apple.com/guide/disk-utility/add-delete-or-erase-apfs-volumes-dskua9e6a110/mac
  54. https://support.apple.com/en-us/120282
  55. https://arstechnica.com/gadgets/2017/03/a-tour-of-ios-10-3-checking-out-apfs-the-settings-app-and-other-tweaks/
  56. https://www.theverge.com/2017/3/27/15076244/apple-file-system-apfs-ios-10-3-features
  57. https://eshop.macsales.com/blog/39620-apfs-apple-file-system-comes-to-ios-with-update-10-3/
  58. https://9to5mac.com/2017/03/21/what-is-apples-upcoming-apfs-apple-file-system-and-what-it-means-to-you/
  59. https://support.apple.com/guide/security/secure-enclave-sec59b0b31ff/web
  60. https://www.gbyte.com/blog/what-is-apfs-data-recovery
  61. https://www.hexnode.com/blogs/android-device-encryption-vs-ios-device-encryption/
  62. https://daisydiskapp.com/blog/top-5-questions-about-apfs-and-macos-high-sierra-asked-by-mac-users/
  63. https://support.apple.com/en-us/HT201222
  64. https://support.apple.com/en-us/100100
  65. https://support.apple.com/en-us/118490
  66. https://www.paragon-software.com/us/home/apfs-windows/
  67. https://www.paragon-software.com/us/home/apfs-linux/
  68. https://blog.elcomsoft.com/2025/07/perfect-acquisition-part-5-perfect-apfs-acquisition/
  69. https://www.elcomsoft.com/eift.html
  70. https://apps.apple.com/us/app/blackmagic-disk-speed-test/id425264550
  71. https://developer.apple.com/support/third-party-SDK-requirements/
  72. https://github.com/sgan81/apfs-fuse
Add your contribution
Related Hubs
User Avatar
No comments yet.