* The dm-crypt device needs to be removed from
the device-mapper driver list otherwise it will
remain busy and cannot be used later on by
other processes (eg vold_decrypt) or for further
testing/debugging in recovery.
Change-Id: I35e43a79ecc3de234ddb9f87f7d75c6439ea7454
If TWRP crypto fails to decrypt partition, mount the system
partition and use system's own vold to attempt decryption.
This provides a fallback for proprietary OEM encryption as well as
encryption methods which TWRP hasn't been updated for.
Requirements in device tree:
* fstab.{ro.hardware} in device/recovery/root
The fstab does not need to be complete, but it does need the
data partition and the encryption entries.
* 'TW_CRYPTO_USE_SYSTEM_VOLD := true' in BoardConfig
or
* 'TW_CRYPTO_USE_SYSTEM_VOLD := <list of services>'
Notes:
* Setting the flag to 'true' will just use system's vdc+vold
or
* Setting the flag with additional services, will also start them
prior to attempting vdc+vold decryption, eg: for qualcomm based
devices you usually need 'TW_CRYPTO_USE_SYSTEM_VOLD := qseecomd'
* For each service listed an additional import will be automatically
added to the vold_decrypt.rc file in the form of
init.recovery.vold_decrypt.{service}.rc
You will need to add any not already existing .rc files in
your device/recovery/root folder.
* The service names specified in the vold_decrypt.{service}.rc files
have to be named 'sys_{service}'
eg: 'service sys_qseecomd /system/bin/qseecomd'
* Any service already existing in TWRP as {service} or sbin{service} will
be stopped and restarted as needed.
* You can override the default init.recovery.vold_decrypt.rc file(s)
by placing same named ones in your device/recovery/root folder.
If you do, you'll need to manually add the needed imports.
* If /vendor and /firmware folders are temporarily moved and symlinked
to the folders and files in the system partition, the properties
'vold_decrypt.symlinked_vendor' and 'vold_decrypt.symlinked_firmware'
will be set to 1.
This allows for additional control in the .rc files for any extra
actions (symlinks, cp files, etc) that may be needed for decryption
by using: on property:vold_decrypt.symlinked_vendor=1 and/or
on property:vold_decrypt.symlinked_firmware=1 triggers.
Debug mode: 'TW_CRYPTO_SYSTEM_VOLD_DEBUG := true' in BoardConfig
* Specifying this flag, will enable strace on init and vdc, which will
create separate log files in /tmp for every process created, allowing
for detailed analysis of which services and files are being accessed.
* Note that enabling strace will expose the password in the logs!!
* You need to manually add strace to your build.
Thanks to @Captain_Throwback for co-authoring and testing.
Tested successfully on HTC devices:
M8 (KK through MM), M9 (MM and N), A9 (N), 10 (N), Bolt (N),
Desire 626s (MM), U Ultra (N)
HTC One X9 (MTK device)
And by Nikolay Jeliazkov on: Xiaomi Mi Max
Change-Id: I4d22ab55baf6a2a50adde2e4c1c510c142714227
Ioctl BLKGETSIZE expects pointer to unsigned long as argument.
On 64bit target using pointer to unsigned int can cause stack
corruption due to type mismatch.
props to f8b8787317
Change-Id: I1d76c65e29479c8f0cd44b6892069b21b8249b95
only if not defined fallback to the default
more flexible device config where the cryptfs_hw is located
Change-Id: I7d1c18eeae877e48dceff06a7cfead28c89797b4
- Breaks decryption on some hw_crypto devices
- Default value already defined in preceding ifdef
- PS2: Move crypt_params definition prior to ifdef
(matches corresponding code from CAF)
Huge thanks to @beaups for figuring out the issue!
Change-Id: I1fd4e3a4862f022b17a555773feb1d6deac9d34c
I am not sure if we are really fixing anything other than we are
allowing the decrypt process to continue. On hardware crypto the
password never seems to match what is expected from the data in
the footer, probably because the data is not stored in the footer
and TZ does all the work. Still, if it works, it is hard to fault
the patch.
Change-Id: Ibbb286382e82523bec2064f51fa07194f84820c2
Some of the convoluted convert_hex_ascii_to_key code is needed to
properly decrypt CM 12.1 patterns where grid size is larger than
3x3.
Change-Id: I497e17980046c60d2c69ba56e4b83c8b64b0b80e
- Don't upgrade HW encrypted Lollipop devices to Marshmallow crypto
- Fix support for passwords and patterns with an odd number of elements
- Remove unused code
- Fix build warnings
Change-Id: I25f015085e5c859d0353f42f6a2fbc7ccecd48ed
-Detects, decrypts, and mounts an adopted SD card if a
secondary block device is defined (usually mmcblk1)
-Handles unified storage
-Displays the adopted storage in MTP along with internal
-Factory Reset - wiped just like a data media device, we
retain the keys folder and the storage.xml during a
factory reset
-Backup / Restore
-Disable mass storage when adopted storage is present
-Read storage nickname from storage.xml and apply it to
display names in the GUI
-Read storage.xml and determine what storage location is in
use for /sdcard and remap accordingly
libgpt_twrp is source code mostly kanged from an efimanager
project. It is GPL v2 or higher, so we will opt for GPL v3.
Change-Id: Ieda0030bec5155ba8d2b9167dc0016cebbf39d55
In order to maintain compatibility with older trees, we now have
minadbd.old and minui.old. I had to use a TARGET_GLOBAL_CFLAG to
handle ifdef issues in minui/minui.d because healthd includes
minui/minui.h and there was no other alternative to make minui.h
compatible with older trees without having to modify healthd rules
which is outside of TWRP.
Note that the new minui does not currently have support for qcom
overlay graphics. Support for this graphics mode will likely be
added in a later patch set. If you are building in a 6.0 tree and
have a device that needs qcom overlay graphics, be warned, as off
mode charging may not work properly. A dead battery in this case
could potentially brick your device if it is unable to charge as
healthd handles charging duties.
Update rules for building toolbox and add rules for making toybox
Use permissive.sh in init.rc which will follow symlinks so we do
not have to worry about what binary is supplying the setenforce
functionality (toolbox, toybox, or busybox).
Fix a few warnings in the main recovery binary source code.
Fix a few includes that were missing that prevented compiling in
6.0
Change-Id: Ia67aa2107d260883da5e365475a19bea538e8b97
With 5.0 L, we decrypt automatically if the default_password is
used. Non datamedia devices do not get the format data button so
they cannot wipe encryption off the device. This patch add a wipe
encryption button where the format data button would normally be
located on the Wipe page.
This patch also attempts to remove / delete the dm-crypt block
device before formatting.
Change-Id: I100d5d154d6c49254fd48e23279df973db5f23ae
Some of these fixes needed to be made anyway. Note that older
trees will still need to have files / repos copied into them from
newer trees. Namely we need:
system/security/softkeymaster
hardware/libhardware/include/hardware/keymaster.h
Maybe others as I did not document very carefully what I was
pulling in.
Change-Id: I465fd1fbe228803ec02fba047b151f07ea13d5ca
Trim cryptfs.c to remove functions that TWRP does not use for
decrypt and remove the need for libfs_mgr from cryptfs.c by
passing some items to cryptfs.c from the partition manager.
Add support for new fstab flags:
encryptable and forceencrypt=/path/to/cryptokey
For example:
flags=forceencrypt=/dev/block/platform/sdhci-tegra.3/by-name/MD1
Note that "footer" is the default, so you do not need to set this
flag on devices that use the footer for the crypto key.
Also add mounttodecrypt if you need to mount a partition during
the decrypt cycle for firmware of proprietary libs.
Clean up decrypt and only support one version
Android 5.0 lollipop decrypt should be backwards compatible with
older versions so we will only support one version, 1.3 that came
with 5.0 lollipop.
Remove support for Samsung TouchWiz decrypt. It does not work with
the latest versions of Samsung encryption anyway and it has not
been updated to work with any AOSP decryption higher than 1.1
Change-Id: I2d9c6e31df50268c91ee642c2fa090f901d9d5c9
Mount the vendor partition if it exists so we can use any
proprietary files we may need.
Relocate auto decrypt when default_password is in use to after all
partitions are added so that we can mount the vendor partition.
Change-Id: I93455a35695779f53ef57a82d3d45c7216c13639
Kang in cryptfs.c and cryptfs.h from vold.
Use TW_INCLUDE_L_CRYPTO := true to enable.
Ramdisk must contain the normal fstab file in the root in the
usual format of:
fstab.{ro.hardware}
For examble for Nexus 5:
fstab.hammerhead
Or on many Qualcomm devices:
fstab.qcom
Tested against Android 5.0 lollipop on Nexus 7 2012 grouper. Not
sure if or how this will work when we are dealing with a device
with a hardware keystore. Long term we need to add a GUI element
to allow entering a pattern. For now you can decrypt a pattern
unlock by converting the dots to numbers in the following format:
123
456
789
So an upper-case L would translate to 14789 as a password entered
on the keyboard.
Change-Id: I02c29e1f1c2eb29bf002c9fe0fc118357300b5b3
Update makefiles to no longer rely on INTERNAL_RECOVERY_FILES. Define
LOCAL_ADDITIONAL_DEPENDENCIES instead.
Set LOCAL_LDFLAGS to properly link recovery executable.
Change-Id: I4542104c69399b5a19674b9772ab89c3709efa72
Enable TWRP to reside alongside other recoveries with the naming
convention: bootable/recovery(-flag). If TWRP resides at
bootable/recovery and a device does not specify RECOVERY_VARIANT, then
it will build like normal. If TWRP resides at bootable/recovery-twrp,
then its makefiles will only be parsed if a device specifies
'RECOVERY_VARIANT := twrp'. This prevents TWRP specific makefile
warnings/errors (notably, missing DEVICE_RESOLUTION) when another
recovery is being built.
Change-Id: I8f02fffcd79c309c7123b9428eedc69af02e126e
Verify that we have a valid footer with proper magic before
setting things up for decryption to help prevent user confusion
when dealing with data partitions that fail to mount. Also check
to make sure that the block device for /data is present.
Change-Id: Ie87818fe4505a8bf71df7d3934c114e7328ef3ca
- libmincrypt renamed to libmincrypttwrp that is an static library
- libjpegtwrp does not exist
- libfs_mgrtwrp is for JB decryption methods
This fixes making full builds when TW_INCLUDE_CRYPTO_SAMSUNG := true and TW_INCLUDE_CRYPTO := true are set.
Somehow typing make recoveryimage doesnt push the mentioned issue.
Change-Id: I7cad5db4f51152a1a8209e619b188ca88d7c74d1
This was causing the mm command to fail when it was run from
bootable/recovery and no crypto features had been specified in
a device's configuration files
Change-Id: Iddbeea5349bbf75cddb0250cd71821dfe3b7b9d8
Add partition list GUI element and update backup, restore, mount,
storage selection, and wipe sections of GUI and partition manager
code to reflect the new GUI element. Update ORS engine to handle
new backup and restore setup.
Fix a bug with decrypt.
Add 1080x1920 layout.
Change-Id: Iaa2f44cb707167e66f935452f076ba00e68a2aa4
