Apple File System

Apple File System (APFS) is a proprietary file system developed and deployed by Apple Inc. for macOS Sierra (10.12.4) and later, iOS 10.3, tvOS 10.2, watchOS 3.2, and all versions of iPadOS. It aims to fix core problems of HFS+ (also called Mac OS Extended), APFS's predecessor on these operating systems. APFS is optimized for solid-state drive storage and supports encryption, snapshots, and increased data integrity, among other capabilities.

History
Apple File System was announced at Apple's developers’ conference (WWDC) in June 2016 as a replacement for HFS+, which had been in use since 1998. APFS was released for 64-bit iOS devices on March 27, 2017, with the release of iOS 10.3, and for macOS devices on September 25, 2017, with the release of macOS 10.13.

Apple released a partial specification for APFS in September 2018 which supported read-only access to Apple File Systems on unencrypted, non-Fusion storage devices. The specification for software encryption was documented later.

Design
The file system can be used on devices with relatively small or large amounts of storage. It uses 64-bit inode numbers, and allows for more secure storage by using a technology called Data Protection. The APFS code, like the HFS+ code, uses the TRIM command for better space management and performance. It may increase read-write speeds on iOS and macOS, as well as space on iOS devices, due to the way APFS calculates available data.

Partition scheme
APFS uses the GPT partition scheme. Within the GPT scheme are one or more APFS containers (partition type GUID is 7C3457EF-0000-11AA-AA11-00306543ECAC). Within each container there are one or more APFS volumes, all of which share the allocated space of the container, and each volume may have APFS volume roles. macOS Catalina (macOS 10.15) introduced the APFS volume group, which are groups of volumes that Finder displays as one volume. APFS firmlinks lie between hard links and soft links and link between volumes.

In macOS Catalina the System volume role (usually named "Macintosh HD") became read-only, and in macOS Big Sur (macOS 11) it became a signed system volume (SSV) and only volume snapshots are mounted. The Data volume role (usually named "Macintosh HD - Data") is used as an overlay or shadow of the System volume, and both the System and Data volumes are part of the same volume group and shown as one in Finder.

Clones
Clones allow the operating system to make efficient file copies on the same volume without occupying additional storage space. Changes to a cloned file are saved as delta extents, reducing storage space required for document revisions and copies. There is, however, no interface to mark two copies of the same file as clones of the other, or for other types of data deduplication.

Snapshots
APFS volumes support snapshots for creating a point-in-time, read-only instance of the file system.

Encryption
Apple File System natively supports full disk encryption, and file encryption with the following options:
 * no encryption
 * single-key encryption
 * multi-key encryption, where each file is encrypted with a separate key, and metadata is encrypted with a different key.

Increased maximum number of files
APFS supports 64-bit inode numbers, supporting over 9 quintillion files (263) on a single volume.

Data integrity
Apple File System uses checksums to ensure data integrity for metadata but not for user data.

Crash protection
Apple File System is designed to avoid metadata corruption caused by system crashes. Instead of overwriting existing metadata records in place, it writes entirely new records, points to the new ones and then releases the old ones, an approach known as redirect-on-write. This avoids corrupted records containing partial old and partial new data caused by a crash that occurs during an update. It also avoids having to write the change twice, as happens with an HFS+ journaled file system, where changes are written first to the journal and then to the catalog file.

Compression
APFS supports transparent compression on individual files using Deflate (Zlib), LZVN (libFastCompression), and LZFSE. All three are Lempel-Ziv-type algorithms. This feature is inherited from HFS+, and is implemented with the same AppleFSCompression / decmpfs system using resource forks or extended attributes. As with HFS+, the transparency is broken for tools that do not use decmpfs-wrapped routines.

Space sharing
APFS adds the ability to have multiple logical drives (referred to as volumes) in the same container where free space is available to all volumes in that container (block device).

Limitations
While APFS includes numerous improvements relative to its predecessor, HFS+, a number of limitations have been noted.

Limited integrity checks for user data
APFS does not provide checksums for user data. It also does not take advantage of byte-addressable non-volatile random-access memory.

Performance on hard disk drives
Enumerating files, and any inode metadata in general, is much slower on APFS when it is located on a hard disk drive. This is because instead of storing metadata at a fixed location like HFS+ does, APFS stores them alongside the actual file data. This fragmentation of metadata means more seeks are performed when listing files, acceptable for SSDs but not HDDs.

Compatibility with Time Machine prior to macOS 11
Unlike HFS+, APFS does not support hard links to directories. Since the version of the Time Machine backup software included in Mac OS X 10.5 (Leopard) through macOS 10.15 (Catalina) relied on hard links to directories, APFS was initially not a supported option for its backup volumes. This limitation was overcome starting in macOS 11 Big Sur, wherein APFS is now the default file system for new Time Machine backups (existing HFS+-formatted backup drives are also still supported). macOS Big Sur's implementation of Time Machine in conjunction with APFS-formatted drives enables "faster, more compact, and more reliable backups" than were possible with HFS+-formatted backup drives.

Security issues

 * In March 2018, the APFS driver in High Sierra was found to have a bug that causes the disk encryption password to be logged in plaintext.
 * In January 2021, the APFS driver in iOS < 14.4, macOS < 11.2, watchOS < 7.3, and tvOS < 14.4 was found to have a bug that allowed a local user to read arbitrary files, regardless of their permissions.

macOS
An experimental version of APFS, with some limitations, is provided in macOS Sierra 10.12.4. It is available through the command line  utility. Among these limitations, it does not perform Unicode normalization while HFS+ does, leading to problems with languages other than English. Drives formatted with Sierra’s version of APFS may also not be compatible with later versions of macOS or APFS, and the Sierra version of APFS cannot be used with Time Machine, FileVault volumes, or Fusion Drives.

Since macOS 10.13 High Sierra, all devices with flash storage are automatically converted to APFS. As of macOS 10.14 Mojave, Fusion Drives and hard disk drives are also upgraded on installation. The primary user interface to upgrade does not present an option to opt out of this conversion, and devices formatted with the High Sierra version of APFS will not be readable in previous versions of macOS. Users can disable APFS conversion by using the installer's  utility on the command line and passing.

FileVault volumes are not converted to APFS as of macOS Big Sur 11.2.1. Instead macOS formats external FileVault drives as CoreStorage Logical Volumes formatted with Mac OS Extended (Journaled). FileVault drives can be optionally encrypted.

iOS, tvOS, and watchOS
iOS 10.3, tvOS 10.2, and watchOS 3.2 convert the existing HFSX file system to APFS on compatible devices.

Third-party utilities
Despite the ubiquity of APFS volumes in today's Macs and the format's 2016 introduction, third-party repair utilities continue to have notable limitations in supporting APFS volumes, due to Apple's delayed release of complete documentation. According to Alsoft, the maker of DiskWarrior, Apple's 2018 release of partial APFS format documentation has delayed the creation of a version of DiskWarrior that can safely rebuild APFS disks. Competing products, including MicroMat's TechTool and Prosoft's Drive Genius, are expected to increase APFS support as well.

Paragon Software Group has published a software development kit under the 4-Clause BSD License that supports read-only access of APFS drives. An independent read-only open source implementation by Joachim Metz, libfsapfs, is released under GNU Lesser General Public License v3. It has been packaged into Debian, Fedora Linux, Rocky Linux, Red Hat Enterprise Linux and Ubuntu software repositories. Both are command-line tools that do not expose a normal filesystem driver interface. There is a Filesystem in Userspace (FUSE) driver for Linux called apfs-fuse with read-only access. An "APFS for Linux" project is working to integrate APFS support into the Linux kernel.

A commercial product, Paragon's APFS for Windows allows for read and write support to APFS volumes in all versions of Windows from Windows 7 through Windows 11 and Windows Server 2008 R2 through Windows Server 2022, but it is unable to format or verify APFS volumes, and it cannot read APFS volumes which are hardware-encrypted against the Apple T2 security chip.

MacDrive, developed by Mediafour, first shipped in 1996 with support for Mac-formatted HFS disks, to address the growing need for cross-platform file sharing between Mac and Windows computers. Over the years, MacDrive has undergone numerous updates, enhancing its capabilities and adding full support for newer macOS file systems like HFS+ and APFS. In 2017, Mediafour was acquired by OWC (Other World Computing), which has continued to develop and improve MacDrive.

Unlike Paragon, MacDrive offers a more comprehensive solution compared to Paragon. MacDrive’s APFS support is native and not an open source solution enabling greater APFS disk support like full crash protection if a disk is unexpectedly disconnected. MacDrive can also format APFS volumes and offers full read/write support, even if the APFS volume has duplicated files or has been backed up by Time Machine. MacDrive's user-friendly interface and performance make it a more robust choice for users needing reliable and comprehensive APFS support on Windows systems.