From 3ca55b2c318af6aecfa2d6e923daf481ff6f83ed Mon Sep 17 00:00:00 2001 From: Konsta Date: Tue, 16 Aug 2022 23:07:09 +0300 Subject: [PATCH] fstab: remove option to use FDE * Full-disk encryption (FDE) has been deprecated for devices launching with Android 10 or higher but now it's been removed in Android 13. * File-based encryption (FBE) i.e. replacing this with 'fileencryption=aes-256-xts' works but there's some performance issues with it especially when running from slow storage devices such as sdcards that are used on Raspberry Pi. Recovery also can't decrypt FBE which is another issue. * There's no longer need to resize userdata partition to leave space for crypto footer. --- mkimg.sh | 1 - ramdisk/fstab.rpi4 | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/mkimg.sh b/mkimg.sh index 5c8383d..0a89fb2 100755 --- a/mkimg.sh +++ b/mkimg.sh @@ -63,7 +63,6 @@ echo "Copying vendor..." sudo dd if=${OUTDIR}/vendor.img of=/dev/mapper/${LOOPDEV}p3 bs=1M echo "Creating userdata..." sudo mkfs.ext4 /dev/mapper/${LOOPDEV}p4 -I 512 -L userdata -sudo resize2fs /dev/mapper/${LOOPDEV}p4 1212156 sync sudo kpartx -d "/dev/${LOOPDEV}" diff --git a/ramdisk/fstab.rpi4 b/ramdisk/fstab.rpi4 index ea20614..18675af 100644 --- a/ramdisk/fstab.rpi4 +++ b/ramdisk/fstab.rpi4 @@ -5,6 +5,6 @@ # /dev/block/mmcblk0p2 /system ext4 ro,barrier=1 wait,first_stage_mount /dev/block/mmcblk0p3 /vendor ext4 ro,barrier=1 wait,first_stage_mount -/dev/block/mmcblk0p4 /data ext4 noatime,nosuid,nodev,nomblk_io_submit,errors=panic wait,check,formattable,encryptable=footer,quota +/dev/block/mmcblk0p4 /data ext4 noatime,nosuid,nodev,nomblk_io_submit,errors=panic wait,check,formattable,quota /devices/platform/scb/*.pcie/*/*/*/usb* auto auto defaults voldmanaged=usb:auto /devices/platform/soc/*.usb/usb* auto auto defaults voldmanaged=usb:auto