* Adds support for mixed adopted storage + removable
storage partitioned sdcards.
* Also symlinks Adopted Storage datamedia folder to an
available /sdcardN (N being 2 through 9) folder.
* Requires a suitable entry in fstab, for example:
# Removable Storage
/sd_ext ext4 /dev/block/mmcblk1p2 /dev/block/mmcblk1
flags=storage;wipeingui;removable;encryptable=footer
/external_sd vfat /dev/block/mmcblk1p1 /dev/block/mmcblk1
flags=storage;wipeingui;removable;encryptable=footer
/sd_ext will be the mountpoint for adopted storage, and /sdcardN
will become symlinked to /sd_ext/data/media[/0]
* Fix adopted storage nickname being ""
* Output adopted partition info after successful decrypt
* Mimic single lun code for multi lun devices:
"Mount CurrentStoragePath if it's not /data"
Change-Id: I3874c09f1a1c3a81f04277e17f17cc03ecb4184a
Move setting crypto state and type to functions and call those
functions rather than arbitrarily setting those props in every
case. This cleans up all the log spam from trying to set
read-only props, since they will now only get set if
they aren't already.
Change-Id: I392bee060d71c6ee50d0d92bf1b118d9049be41a
Since we don't re-create data/media on FBE devices,
don't create an MTP storage device for it.
This fixes the bug when, after formatting data on
and FBE device, an empty Internal Storage appears
on the PC.
This also prevents an empty storage device from
being created if recovery is rebooted after formatting
data before booting to Android. A warning will appear
in the console that MTP is disabled in that case.
Currently the path is hardcoded to data/media; this
should probably be adjusted for cases where adoptable
storage is being used.
Change-Id: Iaafc5e3cde54c3ef6ffaf33f76d14c626b6e590d
Now in android-11 we can now process legacy and newer wrappedkey
support in our libfscrypt library. TWRP doesn't need to set a
property to check for wrapped key. libfscrypt will just process
wrappedkey fs_mgr flag for legacy wrapped key or wrappedkey_v0
for the newer wrapped key supported in android-11.
Change-Id: Ia94c7ebe34a05c9b25bbb7a5b2e899902c93d203
To support all partitions that are on the super partition
we now parse for the logical flag in fstab to denote super
status.
- Remove guards for the first character being '/'.
- Skip commented lines in fstab
- Build Backup_Display_Name from partitions in super.
The first four lines that are in fstab will be
displayed.
Change-Id: I3f8980187bd4a136257dd6eeaeddd7ea71706cd3
Change-Id: I1ee7c02f91aafb646beaf401a43bcb22fa8c8c7a
This patchset introduces support decryption for Android 11.
In this update we deprecate ext4crypt. To specify the
policy version to use, use TW_USE_FSCRYPT_POLICY := 1 or
TW_USE_FSCRYPT_POLICY := 2. By default policy version will
be set to 2 if this variable is omitted.
Change-Id: I62a29c1bef36c259ec4b11259f71be613d20a112
In this patchset we will store and reset the android system
root context after a wipe and restore to prevent issues
with no context labels in the file_contexts being applied.
This will prevent no boot issues in android with selinux
denials on the system root partition.
Change-Id: I87fd3a6060fbaa3e7bdfd7a4b1d09feeb4fa3f27
(cherry picked from commit 35d2bfda3c89ebd212a9bd2328bffd7464f95d47)
* On some mediatek devices we must use symlinked path instead of the
real block device. Needed for decryption on some MTK HW FDE devices.
Change-Id: Ib48d745fd442c590aea2baf6d2dbe20aaaef9eec
* On some devices, the external mmc driver will only load the card after
a certain delay. The original code will break and fail to mount any
adopted storage in this case.
* Add a special fstab flag to allow the partitionmanager to retry after
a delay.
Change-Id: I219978850ff3ba7ad9dc7ca96fc30634c9574164
* Add CLI support using the command "twrp decrypt <PASSWORD> [USER ID]"
* Add GUI support using the menu Advanced --> Decrypt User
multiuser: Parse users only when Decrypt_DE runs successfully
multiuser: Warn when not all users are decrypted
Change-Id: Ia5e943b13c2d5ec5c34ae97661133c19ff471e6d
* Since some devices are unable to decrypt after processing of the fstab,
because of the partition details updation, and after intro of dynamic partitioning
here decryption process was going on after complete processing of the dynamic volumes.
* This patch fix these issue, it process the logical volumes at their time not after all processing fstabs.
This fixes the decryption issue.
Translate more partitions i.e., ODM, Product.
Added more partitions in unmount partitions.
Change-Id: I977c0cf0c40e5311f54a78c98f1fd89f71c6ac57
Signed-off-by: Mohd Faraz <androiabledroid@gmail.com>
for android-10
This will support updating the ramdisk to a different
compression format and co-exist with magisk.
We are also cleaning up and removing non android-10
api makefile actions.
We are also moving twrp repacking to its own class. We
check the new ramdisk format and if it's different
we have magisk compress using the new ramdisk format.
Change-Id: I770030aae7797e75817178b2f0fccd9f39dc23af
partitions.
Too many problems have been reported for TWRP attempting to store
logs in the persist partition. Selinux denials have caused issues
booting Android, and filling up persist has caused IMEI issues.
This patchset will remove persist from the list of available log
directories by default in order to avoid these and other possible
issues.
Change-Id: I29889d69f76270a8fbb764a79be3523821d8579c
When running e2fsdroid on persist, lost+found doesn't have any
entries in file_contexts. We are removing the lost+found directory
after a wipe now, and before the restore of the tar.
Change-Id: If5db0971884e296fae0211ff4806f3e16e394632
Change-Id: I9fa51dc9ef558cd82445df9a8fa377b1feda11aa
* missed in 3754fabbea
Change-Id: I8fc3719e7f98c3d9b5fd96a9820b84773d4f5d7d
Signed-off-by: Mohd Faraz <androiabledroid@gmail.com>
(cherry picked from commit 25371a7e1f7f7d690755e3b12140b39567456a98)
This patchset is now exlcuding /data/cache from backup, and removing it
from the wipe exclusion list to prevent errors on restore and wiping
/data.
This patchset changes the directory from /data/cache to /data/recovery for TWRP
to store logs and other file information. This will help with AB
devices that don't want recovery to mess with /data/cache.
This patchset will make ORS use /data/cache for AB devices.
Remove policy code because we don't need to set a policy for the
recovery directory.
Change-Id: I1d140276314fd34804a72297d6e25a52e58210a0
fscrypt aosp doc: https://source.android.com/security/encryption/file-based
kernel fscrypt doc: https://www.kernel.org/doc/html/v4.18/filesystems/fscrypt.html
This commit implements the ability for TWRP to use fscrypt to decrypt
files on the fscrypt implementation. It has been implemented mostly
in a new successor library to e4crypt called libtwrpfscrypt. Most of the
code was ported from AOSP vold.
Notable updates include:
- updated policy storage by libtar
- lookup of fbe policies by libtwrpfscrypt
- threaded keystore operations
Big thanks to Dees_Troy for the initial trailblazing
of encryption in TWRP.
Change-Id: I69cd2eba3693a9914e00213d4943229635d0cdae
- Should not be determined by whether support exists in TWRP
- Set to 0 by default if FBE is not detected
This also prevents the wrappedkey check from running
on FDE devices
Change-Id: I85d1952facdfafdaa1571fc1b11d4b4b7d9ba48e
(cherry picked from commit cf0dffce3413261f149a3565d8f27cb32490ae54)
This patch uses the loop device to mount files under
/sbin/ from /system/apex in order for the device to
use libraries or other files store inside these files.
Each apex file is mounted over a loop device into a
directory correpsonding to the apex filename under
/sbin/.
Once apex mounting is completed, TWRP will set a
property twrp.apex.loaded to true so that init
can use them as a LD_LIBARY_PATH source.
Change-Id: I69f14a969123ac9cf1afc85b6cf76836cb092fb2
Change-Id: Ica6a7d8e479bcaec8bec4483b5e8d2b45ee105fb
We are now requiring fstab v2 for android-10+ trees. You can
specify twrp flags using /etc/twrp.flags to label and
annotate partitions.
This patchset uses fs_mgr to load the super partition and build
device mapper blocks off vendor and system depending on the slot
in use. These are mapped to partitions in TWRP and allowed to
be mounted read-only. The super partition is also mapped into a
TWRP partition in order to backup the entire partition. You cannot
backup individual device mapper blocks due to the device can only
be read-only. Therefore you cannot write back to the device mapper.
Change-Id: Icc1d895dcf96ad5ba03989c9bf759419d83673a3
This reverts commit 0b25b1d79b.
Reason for revert: Changes need to be made to libtwrpfscrypt to include this patchset. Will cherry-pick this patch later and make necessary modifications.
Change-Id: I7601d7b820129709b05d9b4368573b6f1048de02
* Add CLI support using the command "twrp decrypt <PASSWORD> [USER ID]"
* Add GUI support using the menu Advanced --> Decrypt User
Change-Id: Id2681bc2b1012a0571417f7a6e0b980b1b25c61c
(cherry picked from commit 5a79f67a1b1bd1bcadeca0a4896a871646652534)
This commit is used to directly use the wrapped key
decryption when the "wrappedkey" flag is set in the
fstab.
Change-Id: I74310c3bbec378ee684a8f6d0395a9776dd22abf
(cherry picked from commit 1db943295de9728e364bf0e75bfe9f1a98d413a1)
In change I79c2855d577156670b45c10c7c7b1fcd9fece8d9 we introduced a
property to enable wrappedkey mode. This change supports an extra
`wrappedkey` flag in fstab to automatically set the property to true.
Change-Id: I4f060d4ed6b2a5680649b8746dfa7fd903fe2d35
(cherry picked from commit 40ed06e850de2dc7cc06c2e647688212563f1ec2)
This reverts commit 8a411c8d25.
* Always use "/system" to interact with the frontend and replace it
with the detected path before taking actions.
* Don't replace the pretty display name and backup name set during
processing fstab after wipe. This improves UX and ensures that the
system backup is always named system.ext4.win despite the actual
mount point is /system_root so TWRP is able to recover either SAR or
non-SAR backups.
Change-Id: Ie2594d2678d0c75ce25c0d1087d47b035b3f10e9
This will detect whether SAR is present in the currently installed
OS and set the property ro.twrp.sar accordingly.
After setting the property it will call the bootscript
/sbin/sarsetup.sh (if present) to give device maintainers the
option to do setup operations depending on SAR-status, such
as modifiyng the fstab.
If no system is detected and AB_OTA_UPDATER is defined or built with
Android 10 and upwards, it will fallback to using SAR, otherwise it
will use ro.build.system_root_image as basis for deciding whether SAR
is required or not.
The property ro.twrp.sar will also be used by
TWPartitionManager::Get_Android_Root_Path()
This allows maintaining a single TWRP-build for devices switching
to SAR for Android 10.
The default behavior (when no system is installed)
is determined by the build-flags AB_OTA_UPDATER and
BOARD_BUILD_SYSTEM_ROOT_IMAGE
Change-Id: I2a48c6c81a6ea6fad6e452c06bfbe4d9da0f1e5c
This will automatically create and remove a bind mount
/system -> /system_root/system
everytime "System" is mounted via the GUI or ORS.
This should get rid of issues with ZIPs trying to mount
the system-partition to /system on SAR-devices, while keeping
the filesystem-layout in sync with AOSP from a user-perspective.
Change-Id: I7f531d113b07c31b39d8f87edac76a7fc79075e7
This sets the system mount point to either /system_root or /system
depending on whether SAR is detected or not irregardless of what
is specified in fstab.
This removes the need to edit fstab for SAR-builds and simplifies
building unified (SAR/non-SAR) builds.
Change-Id: I154fd76f842702be9e5d09005463c8e5f1d289a4
This allows flame to boot TWRP. Still will need to work on
super partition for vendor and system access.
The plan will be to cherry-pick any updates to android-9.0
through gerrit.twrp.me to this branch as a WIP.
