Hi all,
after days of searching the web I hope maybe someone here can help me.
I try to encrypt my Galaxy GT-I9305. My Rom is currently "S5 Elite Lite v3.1" but I also had this prob with CyanogenMod.
So here is what happens:
I start encryption out of the menu (tried also the vdc command) with a password set. Then my device shows the green encryption sign and after that the device reboots without having encrypted. I found several solutions regarding this Problem like shrinking the Partition etc. which i tried but nothing changed.
In the logs I found theese Messages (full Logcat is attached):
I/MountService( 2685): encrypting storage...
D/VoldCmdListener( 2170): cryptfs inplace {}
E/CryptfsEE( 2170): Error reading fstab(/fstab.smdk4x12)(0)
E/CryptfsEE( 2170): Encryption type is enable inplace, remove footer
E/CryptfsFK( 2170): Unexpected value for crypto key location
E/CryptfsEE( 2170): Error inplace after framework is shutdown, no data changed, restarting system
So maybe it is the key location, but I dont have a clue how to solve this...
Does someone know this error?
Thanks in advance
Heiko
Related
Hello,
today I was working with my Xperia Z (C6603) and flashed a CM12 build. After having some problems with TWRP, I solved it in the end an TWRP and CM12 were working fine. But WiFi and Bluetooth won't turn on anymore. When I press "turn on" it takes some time and then the switch turns off again. A MAC address is not shown anymore. I tried to flash stock firmware with Flashtool, but didn't change anything.
Can someone help me to solve this? Is my phone partially bricked?
Thanks a lot!
Some update as I try to find the problem. I looked into logcat and only find this info when I try to turn on WiFi:
Code:
D/WifiService( 814): setWifiEnabled: true pid=1072, uid=10008
E/WifiStateMachine( 814): Failed to load driver
And when I try to execute wpa_suuplicant manually with "/system/bin/wpa_supplicant -Dnl80211 -iwlan0 -c/system/etc/wifi/wpa_supplicant.conf"
Code:
I/wpa_supplicant( 9440): rfkill: Cannot open RFKILL control device
E/wpa_supplicant( 9440): Could not read interface wlan0 flags: No such device
E/wpa_supplicant( 9440): Could not read interface wlan0 flags: No such device
E/wpa_supplicant( 9440): wlan0: Failed to initialize driver interface
Anyone? Just a hint to narrow down the problem?
Hi,
I have similar problem. My WiFi stopped working out of the blue.
I am quite sure I didn't changed anything. System crash occured when I was switching from Airplane mode to Normal mode (this usually turns WiFi on, if it was activated (and then deactivated) in Airplane mode). Then I got stucked in bootloop. Wiping dalvik-cache helped, but it was not the cause. At first, bluetooth was crashing too, but now it seems it works.
In *#*#INFO#*#* I can see
Code:
Supplicant state: UNINITALIZED
. LogCat issues are almost the same.
I've tried factory reset, but it didn't solved the problem. I've checked permissions, reflashed wifi-modules, tried WiFi Fixer app, reinstalled kernel, flashed another kernel, checked the wpa_supplicant.conf…but it still doesn't work.
EDIT: Oh, I forgot to mention my device: Xperi Mini St15i (Smultron), rooted, unlocked bootloader, Stock ICS ROM (only de-bloated, it worked until now) 4.0.4, build number 4.1.B.0.587. I've used kernel Kappa v1.6, but after the error occured, I tried switch to Rage kernel v2.32.
EDIT2: I've tried to restore original hosts, wpa_supplicant.conf, modules, wifi/*, etc....almost everything and nothing helped. I've flashed original stock ROM (you can find flashable stock ICS ROM for st15i here). I still don't know what happend and I'd like to know it. Hope I'll never see this problem again…
I've rooted my phone and vdc cryptfs doesn't seem to work. What I'm trying to do is change the disk encryption password to be a nice long password which is NOT the screen unlock PIN (since clearly a long unlock password would be incredibly inconvenient). So I'm following the instructions found at nelenkov's blogspot (can't post links since I'm new here).
When I run the command vdc cryptfs in the terminal as the root user on my OnePlus 3T, I don't get any return code at all. I've also tried apps like Cryptfs Password to try to change the encryption password but they fail. However, when I run vdc cryptfs on my rooted HTC One m7 and Nexus 2013, I do get a return code of "500 0 Missing Argument"
It seems like this command is missing or something from OxygenOS. Does anybody know a workaround?
Are you sure that your device is indeed encrypted?
Yes. Under the Security & Fingerprint menu in the settings, at the bottom it says Encrypted under Encrypt Phone. Furthermore, when booting into TWRP, it prompts me for the disk encryption password. If I don't enter it then data and system aren't mounted (and refuse to mount without the password).
I know this is an old thread, but the reason for this behavior is most likely that the phone uses file-based encryption. The password you are trying to change is for full-disk encryption, which doesn't exist.
For example, on my new OP 5T, logcat says:
Code:
D VoldCryptCmdListener: cryptfs getpw
E Cryptfs : cryptfs_get_password not valid for file encryption
When you set a pin to unlock, does it ask 'Require PIN to start device"? If not, you have file-based encryption.
Once file-based encryption is enabled, it is probably very hard to go back to full-disk encryption. The only way I can see is to reformat /data (and possibly /system), and start unencrypted. Then you could run disk encryption.
Hello,
are you able to understand if the filesystem is encrypted?
Best regards,
If FS is encrypted, you will have to provide a password in order to boot the phone. Without that password, phone cannot read the "disk".
Sent from my VTR-L09 using Tapatalk
I am afraid this does not need to be true anymore...:
Android 7 should come with File Based encryption in contrast to the android versions before...used exactly with the same reasoning (you cannot boot otherwise).
(https://source.android.com/security/encryption/file-based#enabling-file-based-encryption)
Does anybody know more?
Just bought this phone as I expected all Android 7 phones to be encrypted....would be curious to know!
To further add information/confusion here my today's tests:
- Moving the primary storage to SD card warns me that this (external) storage is not encrypted, while the internal storage is. Indicating the phone is encrypted.
- In AIDA64 you find the Device feature android.software.file_based_encryption. Indicating that the phone CAN do that, not sure if it DOES.
- Using the app Activity Launcher, you can start the (otherwise hidden) Encryption dialog. It attempts to reboot, but does nothing. Dialog shows it as un-encrypted though...
- In Settings you can search for options. If you search for " encr..." it will find the dialog "Convert to file encryption". However clicking on it does nothing.
- I could set up my companies exchange connection. This says it requires an encrypted 'application' storage. So some parts at least should be encrypted.
Oh, I am talking about the P10 lite. But I am sure, this also helps for the P10. If the lite has encryption, the P10 clearly should have.
This other thread seems to indicate that data is indeed encrypted on these phones.
https://forum.xda-developers.com/p10/help/twrp-strange-folder-names-crypted-t3615989
This because of force encryption in boot.img it can be disabled by flashing a zip which removes dm-varity and force encryption from boot.img
Hi there,
I recently got my OnePlus 9, and am converting the scripts I use to run luks to the new phone. Everything seems fine, losetup creates the node and loads the file as a block device, dmcrypt unlocks it, mount /dev/mapper/<partition-name> mounts it fine, but it's only visible as root (the user that mounted it). I've verified that the Magisk (22100) setting is to use the globalname space and just to make certain I've explicitly run mount within "su -mm", but regardless can only see the unmounted directory (verified by containing a file that isn't present within the encrypted partition).
Dmesg doesn't mention anything about the mount namespace (but I don't know that it would), so I wanted to verify that others have managed to use the su -mm/-M/--mount-master option successfully under android 11 (or, I guess more specifically Oxygen OS 11.2.4.4)?
As a side-note, this same script has been tested and worked with a OnePlus 7 on android 10 with magisk set to use globalnamespaces. Happy to provide further information or run tests if it'll help to get to the bottom of what's going on...
Thanks!
This also occurs in Magisk 23000.
I've discovered this thread:
https://twitter.com/i/web/status/1279508461370269696, however, I'm calling `su -mm` and I've set the mount namespace mode to "All root sessions use the global mount namespace", so I don't think that's relevant.
As best I can tell, once root mounts a directory, any other process running as root can see it (because of the global mount namespace), but normal processes can't access it. This seems to be due to mount namespaces, so the device now needs to be mounted with `-o shared` or `--make-shared`, but unfortunately that gives an unhelpful "invalid argument" message. Trying to change it with `-o remount` seems to succeed but the change to shared appears to be ignored.
When running the command, I get a single log entry that might provide more details:
05-15 03:02:54.184 30090 30090 I su : type=1400 audit(0.0:1523): avc: denied { ioctl } for path="/dev/pts/3" dev="devpts" ino=6 ioctlcmd=0x5404 scontext=u:r:magisk:s0 tcontext=u:object_r:devpts:s0 tclass=chr_file permissive=1
But I can't quite tell what's causing that to be stopped. I don't know whether it's related or not and whether I should be digging into audit/selinux permissions, or figuring out what the ioctlcmd is. Any help would be much appreciated...
Well, I've confirmed that any app that launches root can see the mountpoint, but otherwise can't. The `-o shared` option seems to cause either a parsing error, or at least no success with both the native toybox implementation and with busybox.
I found this excellent article suggesting that `nsenter -t 1 -m <shell-command>` should get me into the pid 1 namespace, which should then be inherited by everyone. I can get in there, and carry out the mount, but I can only get apps to see the mount point if I enter their specific pid namespace and mount the directory I want. This happens if root namespace is both global or inherited (I haven't tried isolated, but I can't see why that would work?). So essentially, even though I seem to be doing all the right things, I'm getting nowhere. Clearly it's possible to mount things so that everyone can see them (because magisk does it when it bind mounts various programs from modules), so could anyone that knows the internals of magisk better shed some light on what might be going wrong and how I could get global mounting working properly? I tried the pid for zygote64 as well (which seemed to be part of `main` which was at the top of the process tree), but again it wasn't seen by the test program.
Any help would be much appreciated...
I recently downgraded my rog phone 3 from android 12 to android 11 while rooting it with twrp and magisk. After I did this, everything worked fine on my system (besides mms for a moment), once it is flashed, the first reboot afterwards completely stops bluetooth from functioning. No startup, nothing. The drivers are just nonfunctional I guess. Anyone else have this issue/ know how to solve? Not very fluent in this and just looking to fix this asap.
Also here is a logcat error that shows itself when I try to enable bluetooth.
FATAL EXCEPTION: BluetoothDatabaseManager
Process: com.android.bluetooth, PID: 2430
android.database.sqlite.SQLiteCantOpenDatabaseException: Cannot open database '/data/user_de/0/com.android.bluetooth/databases/bluetooth_db': Directory /data/user_de/0/com.android.bluetooth/databases doesn't exist
at android.database.sqlite.SQLiteConnection.open(SQLiteConnection.java:252)
at android.database.sqlite.SQLiteConnection.open(SQLiteConnection.java:205)
at android.database.sqlite.SQLiteConnectionPool.openConnectionLocked(SQLiteConnectionPool.java:505)
at android.database.sqlite.SQLiteConnectionPool.open(SQLiteConnectionPool.java:206)
at android.database.sqlite.SQLiteConnectionPool.open(SQLiteConnectionPool.java:198)
at android.database.sqlite.SQLiteDatabase.openInner(SQLiteDatabase.java:918)
at android.database.sqlite.SQLiteDatabase.open(SQLiteDatabase.java:898)
at android.database.sqlite.SQLiteDatabase.openDatabase(SQLiteDatabase.java:762)
at android.database.sqlite.SQLiteDatabase.openDatabase(SQLiteDatabase.java:751)
at android.database.sqlite.SQLiteOpenHelper.getDatabaseLocked(SQLiteOpenHelper.java:373)
at android.database.sqlite.SQLiteOpenHelper.getWritableDatabase(SQLiteOpenHelper.java:316)
at androidx.sqlite.db.framework.FrameworkSQLiteOpenHelper$OpenHelper.getWritableSupportDatabase(FrameworkSQLiteOpenHelper.java:145)
at androidx.sqlite.db.framework.FrameworkSQLiteOpenHelper.getWritableDatabase(FrameworkSQLiteOpenHelper.java:106)
at androidx.room.RoomDatabase.inTransaction(RoomDatabase.java:476)
at androidx.room.RoomDatabase.assertNotSuspendingTransaction(RoomDatabase.java:281)
at com.android.bluetooth.btservice.storage.MetadataDao_Impl.load(MetadataDao_Impl.java:258)
at com.android.bluetooth.btservice.storage.MetadataDatabase.load(MetadataDatabase.java:95)
at com.android.bluetooth.btservice.storage.DatabaseManager$DatabaseHandler.handleMessage(DatabaseManager.java:124)
at android.os.Handler.dispatchMessage(Handler.java:106)
at android.os.Looper.loop(Looper.java:248)
at android.os.HandlerThread.run(HandlerThread.java:67)
Caused by: android.database.sqlite.SQLiteCantOpenDatabaseException: unknown error (code 14 SQLITE_CANTOPEN): Could not open database
at android.database.sqlite.SQLiteConnection.nativeOpen(Native Method)
at android.database.sqlite.SQLiteConnection.open(SQLiteConnection.java:224)
... 20 more
I really need help with this if anyone could spare the time.
I have dumped the same stock rom I installed and I have noticed it is missing the bluetooth APEX file. Is it even possible to install an APEX file without reinstalling an entire system? I know the format is similar to APK and i have read/write access to my system partition, so is it possible to do?
Try setting selinux to permissive (from a root command line, run "setenforce 0"). I have a similar issue (messed up permissions when downgrading and I'm trying to debug it now. I'm trying to figure out how to fix those permissions without disabling selinux entirely, as disabling it is a massive security hole.