Reading dd dump to extract data from internal storage? - General Questions and Answers

hi, i have a xiaomi mi mix 2s that was running los18. one morning i woke up before my alarm, checked my phone and went back to sleep. when i woke up again, i found the phone was on the splash screen and then started bootlooping. going into orangefox recovery, i was greeted with numerous /data mount errors, namely:
Code:
Could not mount /data and unable to find crypto footer.
Failed to mount '/data' (Invalid argument)
Unable to recreate /data/media folder.
Unable to mount storage
from what i can tell, the only way to get the device working again is to format the /data partition, which means losing all my data which im trying to avoid. i did manage to obtain a dd dump of /dev/block/bootdevice/by-name/userdata through usb otg, though ive been unable to read the img file, either through windows or ubuntu. is there any way to mount it and retrieve the data? i did specifically flash dfe from the start, so it should be unencrypted. the file system is ext4.
would also greatly appreciate other suggestions on how to recover the data.

bump, any input is appreciated!

You restore the data backed up with DD command as following
Code:
dd if=dump.img of=/dev/mmcblk0p29
assuming partition named userdata is block device named mmcblk0p29

check getprop ro.crypto.type and ro.crypto.state from adb shell. also check dump.img with xxd or hexdump has ext4 / f2fs magic 53.ef / 10.20.f5.f2 starting at 1080 / 1024 byte

apologies for the late reply, dont really check xda that often.
xXx yYy said:
You restore the data backed up with DD command as following
Code:
dd if=dump.img of=/dev/mmcblk0p29
assuming partition named userdata is block device named mmcblk0p29
Click to expand...
Click to collapse
is that after wiping? wouldnt that make the data partition unreadable again?
aIecxs said:
check getprop ro.crypto.type and ro.crypto.state from adb shell. also check dump.img with xxd or hexdump has ext4 / f2fs magic 53.ef / 10.20.f5.f2 starting at 1080 / 1024 byte
Click to expand...
Click to collapse
ro.crypto.type=file
ro.crypto.state=encrypted
as for checking the dump, are you referring to the commands:
Code:
xxd -l 1080 dump.img | grep 53ef
xxd -l 1024 dump.img | grep 1020.f5f2
if so, i did not receive any output. if they are wrong commands please let me know what i should enter.

looks like (FBE) file-based encryption. if dump is really encrypted there is nothing you can do on PC.
you can only restore + decrypt on device (as long as you did not factory reset)

aIecxs said:
looks like (FBE) file-based encryption. if dump is really encrypted there is nothing you can do on PC.
you can only restore + decrypt on device (as long as you did not factory reset)
Click to expand...
Click to collapse
i havent factory reset as i read some things about tee keys that would be wiped during data format, so i thought it would be handy to keep if i needed them. how would i go about trying to decrypt on device though?
also, what would have been the point of flashing dfe if in the end data is still encrypted?

right, encryption is bonded to TEE (which is flushed on factory reset). just restore and let orangefox or twrp decrypt (assuming it has well implemented encryption support). otherwise your only chance to decrypt is via regular booting into android (to at least stage with lockscreen or adb).
FBE data is encrypted with screen lock credentials, remember old pin, pattern, password used at time of dump.
"dfe" stands for disable force encryption (encryption will no longer forced after formatting) and there is a good chance this is the reason for failed decrypts. you can undo by restoring vendor partition.

aIecxs said:
just restore and let orangefox or twrp decrypt (assuming it has well implemented encryption support).
Click to expand...
Click to collapse
do you mean restore as in simply
Code:
dd if=/dump.img of=/dev/block/sda21
as @xXx yYy mentioned? would that make a difference? since the block device is fundamentally holding the same bits before and after doing so, at least to my understanding. im also quite apprehensive about making any modifications to the data partition as it is right now.
aIecxs said:
otherwise your only chance to decrypt is via regular booting into android (to at least stage with lockscreen or adb).
Click to expand...
Click to collapse
the phone doesnt get to lockscreen... i did enable usb debugging, but not sure if it is possible to access while bootlooping.
aIecxs said:
"dfe" stands for disable force encryption (encryption will no longer forced after formatting) and there is a good chance this is the reason for failed decrypts. you can undo by restoring vendor partition.
Click to expand...
Click to collapse
the thing is, i flash dfe right after flashing the rom with a data format, so i thought i would be safe from this kind of things happening. plus, i had been running this setup since the start of the year, and hadnt so much as changed any system settings recently, so its quite odd that the problem would just randomly manifest. it is not the first time it has happened either, in fact this happening the first time was what prompted me to start using dfe, so it is quite disappointing to see that it did not have its intended effect.
so to clarify, should i dd to the userdata block device and restore vendor (presumably from rom zip) or is dd enough?

yes, dd is fine (one could also use of=/dev/block/bootdevice/by-name/userdata)
and no, of course it doesn't make sense in that case.
I don't know what is the cause but I am afraid the only way to access that data is fix boot-loop.
It is unclear to me if encryption worked for a year or if you encrypted recently. Open dump with HxD and check first 1088 bytes for ext4 magic, or at least you should see many zeros on plain disk image.
Also check /vendor/etc/fstab* for flags in line /dev/block/bootdevice/by-name/userdata with notepad++ this could help to identify encryption is broken by dfe or healthy.

I checked two devices offhand, one was block encrypted, the other file encrypted.
I looked at the last 1M of the partitition of the file encrypted.
I thought that there was a footer there, there wasn't.
Your original message said that it couldn't find the footer.
I know some things use footers and they are usually a specific number of blocks before the end of the partition.

@Renate unable to find crypto footer - is misleading message from orangefox twrp recovery - it always check for any type of encryption but FBE encryption requires no crypto footer (only FDE or metadata encryption)

aIecxs said:
yes, dd is fine (one could also use of=/dev/block/bootdevice/by-name/userdata)
and no, of course it doesn't make sense in that case.
Click to expand...
Click to collapse
so should i still do it?
aIecxs said:
I don't know what is the cause but I am afraid the only way to access that data is fix boot-loop.
Click to expand...
Click to collapse
but it also seems that the bootloop is caused by the inability to mount data...
also it seems adb is not accessible while it bootloops.
aIecxs said:
It is unclear to me if encryption worked for a year or if you encrypted recently.
Click to expand...
Click to collapse
i flashed dfe along with the rom and magisk at the start of the year, havent flashed anything since. i also did not initiate any encryption process the whole time.
aIecxs said:
Open dump with HxD and check first 1088 bytes for ext4 magic, or at least you should see many zeros on plain disk image.
Click to expand...
Click to collapse
it is mostly 0000 or ffff, though there is mention of ext4 map blocks a little further down.
Spoiler: long image
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
aIecxs said:
Also check /vendor/etc/fstab* for flags in line /dev/block/bootdevice/by-name/userdata with notepad++ this could help to identify encryption is broken by dfe or healthy.
Click to expand...
Click to collapse
Code:
<src> <mnt_point> <type> <mnt_flags and options> <fs_mgr_flags>
/dev/block/bootdevice/by-name/userdata /data ext4 noatime,nosuid,nodev,barrier=0,noauto_da_alloc latemount,wait,check,=ice,quota

okay the good news it's probably not encrypted (at least no FDE) no need to decrypt disk image on phone.
the bad news it doesn't look like valid ext4 file system, you cannot mount it.
on linux pc, try fsck on dump2.img (make a copy first) then try to loop mount file. you can also try testdisk or photorec
the flag fileencryption=ice is broken by dfe (which is intended) so encryption/decryption won't work (as desired, not required on plain ext4)

aIecxs said:
on linux pc, try fsck on dump2.img (make a copy first) then try to loop mount file. you can also try testdisk or photorec
Click to expand...
Click to collapse
THANK YOU SO MUCH! my data is now readable on linux, will copy as much over before doing anything else. i was legitimately not expecting it to work.
should i also dd the repaired img to my userdata block device? i know twrp/ofox has e2fsck command, seems like it may be able to repair the partition on device in a similar manner.

didn't expect it's so easy lol.. yeah try e2fsck on /dev/block/bootdevice/by-name/userdata directly first.
NightRaven49 said:
ro.crypto.type=file
ro.crypto.state=encrypted
as for checking the dump, are you referring to the commands:
Code:
xxd -l 1080 dump.img | grep 53ef
xxd -l 1024 dump.img | grep 1020.f5f2
if so, i did not receive any output.
Click to expand...
Click to collapse
TWRP/Orangefox properties was bit misleading...
sometimes the solution is simpler than we think

aIecxs said:
didn't expect it's so easy lol..
Click to expand...
Click to collapse
same, actually the last time it happened (over 1.5 years ago) i also tried something similar, but didnt work because it was f2fs if i remember correctly. so i didnt think of trying e2fsck this time around. i suspect it may be a hardware flaw that caused it, since i am running a different rom now.
aIecxs said:
yeah try e2fsck on /dev/block/bootdevice/by-name/userdata directly first.
Click to expand...
Click to collapse
it works now, again thank you so much. funny how i was stuck without a phone for a month, went to so many data recovery specialists that told me that there was no hope and yet the fix was finished in mere seconds.

Related

e2fsck command on cleanly formatted partition?

Last night I started to run e2fsck on my /data partition to do a bit of investigation to see if had any corruption (again)
Anyway I unmounted /data in TWRP and went to the terminal and issued the following command:
e2fsck -fvyD /dev/block/mmcblk0p8
12 hours later and it was still running mainly reporting "Clone multiply-claimed blocks? Yes" Yes is because I have y flag turned on to answer yes to all questions.
So I killed it as it has never run this long before (previously 3 hours max).
I then formatted data which I thought would make it unnecessary and ran the command again after unmounting data and it is doing the same thing.....
Why?
Code:
.
.
.
(
inode
#
869248
. mod time
Sat Aug 25 18:23:27 2012
)
Clone multiply-claimed blocks? Yes
It appears to be doing this for many (if not all) inodes
Over and over.
This makes it seem like my /data partition is very corrupted and also Aug 25 is when I bought the device in 2012 so it has gone right back to the start.
I suspect it is somehow related to turning data journaling off whilst testing hunds kernels.
What is the definitive command to ensure data journaling is on please?
sbdags said:
I then formatted data which I thought would make it unnecessary and ran the command again after unmounting data and it is doing the same thing.....
Click to expand...
Click to collapse
That's strange - after formatting a partition, e2fsck must run in seconds and without errors, and it should definitely not bring up anything related to the old data. How did you format it?
_that said:
That's strange - after formatting a partition, e2fsck must run in seconds and without errors, and it should definitely not bring up anything related to the old data. How did you format it?
Click to expand...
Click to collapse
I formatted it using the big format data button in TWRP but yes I agree it doesn't appear to have done what would call a format? Maybe the equivalent of a quick format? How do I properly format the mmcblk0p8 partition?
If I just issue e2fsck -n /dev/block/mmcblk0p8 it comes back with clean. It is only when I force a scan that it finds all these errors.
Just reformatted and run again and it is dong the same again. ??
Btw what is the command to turn data journaling on? Or once formatted does journaling reset itself?
sbdags said:
Just reformatted and run again and it is dong the same again. ??
Btw what is the command to turn data journaling on? Or once formatted does journaling reset itself?
Click to expand...
Click to collapse
Can you find the following line in your recovery log? This would be the command that TWRP used to format.
Code:
make_ext4fs command:
Normally, formatting ext4 with default options enables the journal.
_that said:
Can you find the following line in your recovery log? This would be the command that TWRP used to format.
Code:
make_ext4fs command:
Normally, formatting ext4 with default options enables the journal.
Click to expand...
Click to collapse
It reports the following:
Code:
make_ext4fs -l -16384 -a /data /dev/block/mmcblk0p8
sbdags said:
It reports the following:
Code:
make_ext4fs -l -16384 -a /data /dev/block/mmcblk0p8
Click to expand...
Click to collapse
Looks plausible. And look what I've found:
http://sourceforge.net/p/e2fsprogs/bugs/292/
You could try running the make_ext4fs command manually with the "-w" (wipe) option added - if I understand the code correctly, that should issue discard requests for all blocks, similar to fstrim.
sbdags said:
I formatted it using the big format data button in TWRP but yes I agree it doesn't appear to have done what would call a format? Maybe the equivalent of a quick format? How do I properly format the mmcblk0p8 partition?
If I just issue e2fsck -n /dev/block/mmcblk0p8 it comes back with clean. It is only when I force a scan that it finds all these errors.
Just reformatted and run again and it is dong the same again. ??
Btw what is the command to turn data journaling on? Or once formatted does journaling reset itself?
Click to expand...
Click to collapse
I mentioned this during the fiasco we had in the cromi thread awhile back, but I think it got lost in the rush of comments, let me know if you get it fixed, would love to be able to complete a check.
faustus1005 said:
I mentioned this during the fiasco we had in the cromi thread awhile back, but I think it got lost in the rush of comments, let me know if you get it fixed, would love to be able to complete a check.
Click to expand...
Click to collapse
Yeah something is not quite right with running fsck on the TF700. Oddly on my prime it runs without issue. I wonder if Asus has changed the way inodes are mapped. I know Samsung do this. I wonder if contributes to any lag as well?
_that said:
Looks plausible. And look what I've found:
http://sourceforge.net/p/e2fsprogs/bugs/292/
You could try running the make_ext4fs command manually with the "-w" (wipe) option added - if I understand the code correctly, that should issue discard requests for all blocks, similar to fstrim.
Click to expand...
Click to collapse
Let me do another backup and try the -w command as well. It's quite frustrating as I wonder if being able to run fsck correctly would help solve some of the lag issues we see.
_that said:
Looks plausible. And look what I've found:
http://sourceforge.net/p/e2fsprogs/bugs/292/
You could try running the make_ext4fs command manually with the "-w" (wipe) option added - if I understand the code correctly, that should issue discard requests for all blocks, similar to fstrim.
Click to expand...
Click to collapse
Adding the -w command fixed it (I think) e2fsk now completes in about a minute with no errors
Problem is now when I check if data journaling is on with a mount command there is no indication that it is - how to turn it off?
This is the command issued that turned it off I believe it's the "-O" that turns the journaling off:
Code:
run_program("/tmp/tune2fs.ext4", "-O", "^has_journal", "-c", "1", "-i", "1d", "-m", "0", "-o", "^journal_data_writeback", "/dev/block/mmcblk0p8");
is it as easy as issuing the same command without the "-O", "^has_journal" to get it back on?
OK I found some info looks like I need to issue this command in the installer?
Code:
run_program("/tmp/tune2fs.ext4", "-O", "+has_journal", "-c", "5", "-i", "5d", "-m", "0", "-o", "^journal_data_ordered", "/dev/block/mmcblk0p8");
I'll try that out now
Thanks for all the help @_that - I'm slowly getting there I think. :good:
sbdags said:
Last night I started to run e2fsck on my /data partition to do a bit of investigation to see if had any corruption (again)
Anyway I unmounted /data in TWRP and went to the terminal and issued the following command:
e2fsck -fvyD /dev/block/mmcblk0p8
12 hours later and it was still running mainly reporting "Clone multiply-claimed blocks? Yes" Yes is because I have y flag turned on to answer yes to all questions.
So I killed it as it has never run this long before (previously 3 hours max).
I then formatted data which I thought would make it unnecessary and ran the command again after unmounting data and it is doing the same thing.....
Why?
Code:
.
.
.
(
inode
#
869248
. mod time
Sat Aug 25 18:23:27 2012
)
Clone multiply-claimed blocks? Yes
It appears to be doing this for many (if not all) inodes
Over and over.
This makes it seem like my /data partition is very corrupted and also Aug 25 is when I bought the device in 2012 so it has gone right back to the start.
I suspect it is somehow related to turning data journaling off whilst testing hunds kernels.
What is the definitive command to ensure data journaling is on please?
Click to expand...
Click to collapse
You can try this.
tune2fs -l /dev/block/mmcblk0p8
You should see your system mounting has a "has_journal".
If it is not there, then your journal is off.
To turn it on.
tune2fs -O +has_journal /dev/block/mmcblk0p8
You should use the data_write for your journal to improve performance.
If you do a clean installation for your rom, the e2fsck should run less than a minute if you have a minimal apps installed. However, if you restore a nandroid backup for your system, it will take forever even though you don't have any app. I don't know why it does that with the nandroid backup..
I think that when you use e2fsck with a nandroid restore from your backup, the e2fsck is trying to convert your ext4 system to ext3 system.. It is just my guess. Maybe you and _that can figure why it does that.. Good luck...:fingers-crossed:
LetMeKnow said:
You can try this.
tune2fs -l /dev/block/mmcblk0p8
You should see your system mounting has a "has_journal".
If it is not there, then your journal is off.
To turn it on.
tune2fs -O +has_journal /dev/block/mmcblk0p8
You should use the data_write for your journal to improve performance.
If you do a clean installation for your rom, the e2fsck should run less than a minute if you have a minimal apps installed. However, if you restore a nandroid backup for your system, it will take forever even though you don't have any app. I don't know why it does that with the nandroid backup..
I think that when you use e2fsck with a nandroid restore from your backup, the e2fsck is trying to convert your ext4 system to ext3 system.. It is just my guess. Maybe you and _that can figure why it does that.. Good luck...:fingers-crossed:
Click to expand...
Click to collapse
Interesting, however, restored a nandroid and reran e2fsck and it finished in 30 secs with no errors Installed my ROM and ran it again and same again so it seems my problems are resolved for now
Thanks for the tips on data journaling.
BTW can you reup or send me the latest ET please - ready and confident to test it again now
sbdags said:
Interesting, however, restored a nandroid and reran e2fsck and it finished in 30 secs with no errors Installed my ROM and ran it again and same again so it seems my problems are resolved for now
Thanks for the tips on data journaling.
BTW can you reup or send me the latest ET please - ready and confident to test it again now
Click to expand...
Click to collapse
Haha, I found out that when I restore a good backup from nandroid and have more than 50% of problem with e2fsck.
I am still on a business trip. Let see if my thumb drive has the latest ET. Otherwise, I have it on my personal laptop at home. I will let you know in bit..

[Q] Mounting userdata partition on PC

Hello all,
Last night I ran the following command (with the phone in recovery and everything unmounted) to back up my Nexus 5's userdata partition to my computer:
Code:
adb pull /dev/block/platform/msm_sdcc.1/by-name/userdata
My phone is encrypted, so I use "cryptsetup --type=plain open" to obtain a plaintext version on /dev/mapper/my-nexus-backup. But I cannot mount the mapped device using "mount"! It complains that iit can't find the filesystem.
So, how would I mount such an image? Or, even better, what's the best way to dd it back to the userdata partition on the device?
And yes, next time I will just use a Nandroid, even if it means having to erase things to make room.
See if @rootSU or @bitdomo can help. They're gurus at this type of stuff
Sent from my Nexus 5 using XDA Free mobile app
Sorry, where are you mounting exactly? Are you trying to mount an image on a Linux box after the pull?
If not can you please share the full step of commands and what you expect to happen please?
Sent from my Nexus 5 using Tapatalk
rootSU said:
Sorry, where are you mounting exactly? Are you trying to mount an image on a Linux box after the pull?
If not can you please share the full step of commands and what you expect to happen please?
Sent from my Nexus 5 using Tapatalk
Click to expand...
Click to collapse
Hey rootSU. I pulled the image from my phone, decrypted it, and tried to mount it:
Code:
$ adb pull /dev/block/platform/msm_sdcc.1/by-name/userdata
$ su
# losetup /dev/loop1 userdata
# cryptsetup open --type plain /dev/loop1 nexus
Enter passphrase:
# mount /dev/mapper/nexus /mnt/tmp
mount: wrong fs type, bad option, bad superblock on /dev/mapper/nexus,
missing codepage or helper program, or other error
In some cases useful info is found in syslog - try
dmesg | tail or so.
I'm not sure why that doesn't work. It's just ext4, right? I'd still find it instructive to figure out how to mount it; hopefully you can shed some light?
As far as getting the image back on the device's partition, I was a bit stuck, because there's obviously no room on the device to copy it to. I finally figured out a method involving netcat. Essentially I forwarded a local TCP port to my device (in recovery) using adb, then used netcat to feed dd the image.
Code:
$ adb forward tcp:4444 tcp:4444
$ adb shell
# nc -l -p 4444 -e dd of=/dev/block/platform/msm_sdcc.1/by-name/userdata
This will hang as it waits for an inbound connection. From a second shell:
Code:
$ dd if=userdata | nc localhost 4444
My 28GiB image took around 6 hours (!) to complete. Nandroid is probably the way to go.
Nandroid won't backup sdcard but you can use foldersync to back that up.
Yes it is just ext4
I've never done anything like this before with an encrypted device but my assumption was if you adb pull a file, it would decrypt it on the fly.. Does it not?? If it does, I'd just dd it to an img.
Sent from my Nexus 5 using Tapatalk
rootSU said:
Nandroid won't backup sdcard but you can use foldersync to back that up.
Yes it is just ext4
I've never done anything like this before with an encrypted device but my assumption was if you adb pull a file, it would decrypt it on the fly.. Does it not?? If it does, I'd just dd it to an img.
Sent from my Nexus 5 using Tapatalk
Click to expand...
Click to collapse
Nope, in this case, userdata is the encrypted *device*; in any case TWRP knows nothing about the encryption. The pull was identical to using dd to copy the file. Of course, if you wanted to decrypt your device without wiping data, you could probably have TWRP decrypt the data partition, then dd or pull the resulting /dev/block/dm-0 file (which is equivalent to my /dev/mapper/nexus file I created). Haven't tried it though; ain't nobody got time for that.
I wonder why it wouldn't mount. Oh well. I'm just happy that my device is the way it was yesterday.
I'd love to have a play with this but I just don't have the time to start encrypting and decrypting stuff
Out of interest what about adb whilst in android?
Sent from my Nexus 5 using Tapatalk
rootSU said:
I'd love to have a play with this but I just don't have the time to start encrypting and decrypting stuff
Out of interest what about adb whilst in android?
Sent from my Nexus 5 using Tapatalk
Click to expand...
Click to collapse
You would have the exact same results, as the /dev/* files are the physical disks represented as a file. The crypto drivers read/write this block device file to present a decrypted /dev/block/dm-0 device. Then the kernel mounts dm-0 as an ext4 filesystem on /data. All the files I mentioned are pullable with adb, assuming you have sufficient privileges. You don't need fancy tools to read/write them, which is why the netcat hack worked. Thus is the power of Unix!
You can screw around with it if you want in regular desktop Linux with a "device" you make from a bunch of 0s. Do:
Code:
# dd if=/dev/zero of=disk.image count=100000
# losetup /dev/loop0 disk.image
Now you can do "mkfs.ext4 /dev/loop0" and "mount ..." or whatever, and the data will be written to the "device" disk.image.
some time ago I backed up /dev/block/sda from my android 12 phone.
I forgot it was encrypted..
and that it had 34 partitions.
userdata partition WAS sda34.
how can I momentarily mount the backup in android?
losetup is present...

Please Help This Has Ruined My Day. Accidentally Disabled or Deleted I Don't Know which one com.android.systemui

Please Help This Has Ruined My Day. Accidentally Disabled or Deleted I Don't Know which one com.android.systemui
So I have a OnePlus 6 with Lineage OS, TWRP and Magisk all installed and i was just looking at apps in App Manager and i accidentally press the same area twice and Disabled or Deleted I don't know com.android.systemui and the screen went black so i rebooted the phone and it says "Android Is Starting" and never fully boots up and I don't know how to fix It without losing my files I tried to flash the Lineage OS image again but didn't work also I have a password (I Know The Password but can't decrypt my files in TWRP) and I don't want to lose my files, i won't reset the storage without decrypting and backing up my files, also pm command In ADB shell does not work it says its "inaccessible or not found". Is there a way i can decrypt my files and move them off my phone or a way i can fix com.android.systemui this has ruined my day please help if you smart. Also maybe i could Reinstall/Reenable com.android.systemui by changing some config file or doing something else just help please If someone can help me get my files off of my phone and/or fix it without a reset I would be so happy and you would be a really good person
My First Thread on this please reply to this that one if you can https://forum.xda-developers.com/t/...-know-which-one-com-android-systemui.4480157/
This is what is in com.android.systemui/cache/
a file called lockscreen_capture_port.png but the image might be different for you device.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Raffles727 said:
This is what is in com.android.systemui/cache/
a file called lockscreen_capture_port.png but the image might be different for you device.
View attachment 5686769
Click to expand...
Click to collapse
so what do i do to fix it? do i delete some file or what do i do
If you accidentally deleted the folder I suggest to re-create it and then put the png image , try my image but it is for a Samsung, it may not be the correct dimensions. On my device (Samsung) the folder only had the .png image in it. The full path is Android > data > com.android.systemui > cache > which contains the image lockscreen_capture_port.png
You can try connecting the device to your computer in order to do this.
Oh, so you killed your Android subsystem? What do you need that for? (Just a little joke.)
You do have ADB? Is it rooted? #?
If you can get to ADB, the first thing to do is:
Code:
C:\>adb shell
# stop
# logcat
That stops the Android subsystem from trying to start. Then the logcat will show you what it doesn't like.
You don't have to be a rocket scientist to see what it's complaining about.
===============================
Are you trying to get photos off /sdcard or data in Whatsapp?
Code:
# adb pull /sdcard/Books
Or whatever.
In short, getting stuff off /sdcard is easy, getting application data off requires root.
===============================
Then there's the question of fixing this.
As @Raffles727 says, you need to recreate the directory and the two subdirectories (cache and code_cache).
It's not certain thay you have both, but it wouldn't hurt.
On my device there is /data/data/com.android.systemui/gestures_config
I don't think that any "cache" files are that important, although a missing directory could cause crashes.
A missing XML JSON file could make it unhappy, what does logcat say? Here's my gestures_config:
Code:
{"displayIndicator":false,"enable":true,"enableBehindKeyboard":true,"guestConfigMap":{"gestures_bottom_left":"BACK","gestures_bottom_middle":"HOME","gestures_bottom_right":"TASK_SWITCH","gestures_left_bottom":"NONE","gestures_left_middle":"NONE","gestures_left_top":"NONE","gestures_right_bottom":"NONE","gestures_right_middle":"NONE","gestures_right_top":"NONE","gestures_top_left":"NONE","gestures_top_middle":"NONE","gestures_top_right":"NONE","slide_gestures_left":"VOLUME","slide_gestures_right":"WARM_LIGHT"},"indicatesHeight":50,"indicatesTransparency":50,"indicatesWidth":50,"preventMiscontact":false,"slideEnable":false,"slidingDistance":100}
(Although, since this is JSON, I kind of doubt that you have this.)
Try to fix something, then reboot.
Raffles727 said:
If you accidentally deleted the folder I suggest to re-create it and then put the png image , try my image but it is for a Samsung, it may not be the correct dimensions. On my device (Samsung) the folder only had the .png image in it. The full path is Android > data > com.android.systemui > cache > which contains the image lockscreen_capture_port.png
You can try connecting the device to your computer in order to do this.
View attachment 5686775
Click to expand...
Click to collapse
i think that path is encrypted so i cant do that
Renate said:
Oh, so you killed your Android subsystem? What do you need that for? (Just a little joke.)
You do have ADB? Is it rooted? #?
If you can get to ADB, the first thing to do is:
Code:
C:\>adb shell
# stop
# logcat
That stops the Android subsystem from trying to start. Then the logcat will show you what it doesn't like.
You don't have to be a rocket scientist to see what it's complaining about.
===============================
Are you trying to get photos off /sdcard or data in Whatsapp?
Code:
# adb pull /sdcard/Books
Or whatever.
In short, getting stuff off /sdcard is easy, getting application data off requires root.
===============================
Then there's the question of fixing this.
As @Raffles727 says, you need to recreate the directory and the two subdirectories (cache and code_cache).
It's not certain thay you have both, but it wouldn't hurt.
On my device there is /data/data/com.android.systemui/gestures_config
I don't think that any "cache" files are that important, although a missing directory could cause crashes.
A missing XML file could make it unhappy, what does logcat say? Here's my gestures_config:
Code:
{"displayIndicator":false,"enable":true,"enableBehindKeyboard":true,"guestConfigMap":{"gestures_bottom_left":"BACK","gestures_bottom_middle":"HOME","gestures_bottom_right":"TASK_SWITCH","gestures_left_bottom":"NONE","gestures_left_middle":"NONE","gestures_left_top":"NONE","gestures_right_bottom":"NONE","gestures_right_middle":"NONE","gestures_right_top":"NONE","gestures_top_left":"NONE","gestures_top_middle":"NONE","gestures_top_right":"NONE","slide_gestures_left":"VOLUME","slide_gestures_right":"WARM_LIGHT"},"indicatesHeight":50,"indicatesTransparency":50,"indicatesWidth":50,"preventMiscontact":false,"slideEnable":false,"slidingDistance":100}
Try to fix something, then reboot.
Click to expand...
Click to collapse
adb does not work (it says "adb: no devices/emulators found when i run" adb shell) unless in twrp but in twrp /sdcard is encrypted and twrp cant unencrypt lineage os for some reason also its not a missing driver issue im on linux witch has all android drivers by default when you install platform tools
Renate said:
Oh, so you killed your Android subsystem? What do you need that for? (Just a little joke.)
You do have ADB? Is it rooted? #?
If you can get to ADB, the first thing to do is:
Code:
C:\>adb shell
# stop
# logcat
That stops the Android subsystem from trying to start. Then the logcat will show you what it doesn't like.
You don't have to be a rocket scientist to see what it's complaining about.
===============================
Are you trying to get photos off /sdcard or data in Whatsapp?
Code:
# adb pull /sdcard/Books
Or whatever.
In short, getting stuff off /sdcard is easy, getting application data off requires root.
===============================
Then there's the question of fixing this.
As @Raffles727 says, you need to recreate the directory and the two subdirectories (cache and code_cache).
It's not certain thay you have both, but it wouldn't hurt.
On my device there is /data/data/com.android.systemui/gestures_config
I don't think that any "cache" files are that important, although a missing directory could cause crashes.
A missing XML JSON file could make it unhappy, what does logcat say? Here's my gestures_config:
Code:
{"displayIndicator":false,"enable":true,"enableBehindKeyboard":true,"guestConfigMap":{"gestures_bottom_left":"BACK","gestures_bottom_middle":"HOME","gestures_bottom_right":"TASK_SWITCH","gestures_left_bottom":"NONE","gestures_left_middle":"NONE","gestures_left_top":"NONE","gestures_right_bottom":"NONE","gestures_right_middle":"NONE","gestures_right_top":"NONE","gestures_top_left":"NONE","gestures_top_middle":"NONE","gestures_top_right":"NONE","slide_gestures_left":"VOLUME","slide_gestures_right":"WARM_LIGHT"},"indicatesHeight":50,"indicatesTransparency":50,"indicatesWidth":50,"preventMiscontact":false,"slideEnable":false,"slidingDistance":100}
(Although, since this is JSON, I kind of doubt that you have this.)
Try to fix something, then reboot.
Click to expand...
Click to collapse
sould i try to run adb shell wile booted into twrp and cd to /data/data and use mkdir to make a new /data/data/com.android.systemui
Is /data even mounted?
Code:
# cd /data
# ls -l
Didn't you have ADB enabled on your normal system?
Do you see the normal bootanimation?
Is the USB showing anything in normal system? MTP?
iwanttoroota11walmart said:
sould i try to run adb shell wile booted into twrp and cd to /data/data and use mkdir to make a new /data/data/com.android.systemui
Click to expand...
Click to collapse
never mind it says required key not available so i cant modify /data/data so am i just screwed
Renate said:
Is /data even mounted?
Code:
# cd /data
# ls -l
Didn't you have ADB enabled on your normal system?
Do you see the normal bootanimation?
Is the USB showing anything in normal system? MTP?
Click to expand...
Click to collapse
no i cannot access my phone on my pc from the normal system only in twrp and it shows my normal boot animation
Right, but in TWRP /data is not mounted, it's encrypted and TWRP can't decrypt/mount it?
iwanttoroota11walmart said:
no i cannot access my phone on my pc from the normal system only in twrp and it shows my normal boot animation
Click to expand...
Click to collapse
its liveboot so i can see my logcat when the phones turning on could that help at all
Renate said:
Right, but in TWRP /data is not mounted, it's encrypted and TWRP can't decrypt/mount it?
Click to expand...
Click to collapse
it is encrypted and if i try to do adb pull /data only a coupple folders can copy over to my pc and when i try to decrypt when turning it on it cant decrypt also i have a pattern set and a fingerprint set if that helps at all
iwanttoroota11walmart said:
it is encrypted and if i try to do adb pull /data only a coupple folders can copy over to my pc and when i try to decrypt when turning it to twrp on it cant decrypt also i have a pattern set and a fingerprint set if that helps at all
Click to expand...
Click to collapse
iwanttoroota11walmart said:
it is encrypted and if i try to do adb pull /data only a coupple folders can copy over to my pc and when i try to decrypt when turning it on it cant decrypt also i have a pattern set and a fingerprint set if that helps at all
Click to expand...
Click to collapse
and /scard (where my files are that i need off of it before i would reset the phone) is encrypted
iwanttoroota11walmart said:
and /scard (where my files are that i need off of it before i would reset the phone) is encrypted
Click to expand...
Click to collapse
also i can boot other recoverys if there is a recovery that can decrypt lineage os stuff
Encrypted data makes life awfully difficult.
Yeah, liveboot could give us some info. Does it just keep running and restarts by itself?
Is the bootloader unlocked?
Was ADB enabled before it died?
Was this Magisk'ed?
I can think of two solutions
1) Force ADB to run
2) See if adding the directories to a ramdisk would work.
Renate said:
Right, but in TWRP /data is not mounted, it's encrypted and TWRP can't decrypt/mount it?
Click to expand...
Click to collapse
also twrp can mount /sdcard to mtp but its encrypted
Renate said:
Encrypted data makes life awfully difficult.
Yeah, liveboot could give us some info. Does it just keep running and restarts by itself?
Is the bootloader unlocked?
Was ADB enabled before it died?
Was this Magisk'ed?
I can think of two solutions
1) Force ADB to run
2) See if adding the directories to a ramdisk would work.
Click to expand...
Click to collapse
liveboot runs until the boot animation is over
the bootloader is unlocked i could wipe and reinstall the os but then i lose my data that i really really do not want to lose
adb was enabled before it died and also when the phone is turned on to system it shows "Android is starting' but it never stops doing that
it has magisk installed yes
how would i force adb to run?

[SOLVED] Help to mount userdata in linux or repair userdata.img

After an Update of Two magisk modules, my Ulefone Armor 11 5G staied stucked on boot logo, I can only enter in recovery or fastboot.
I try to build a TWRP, but it is not able to mount userdata.
I was able to download with the help of mtkclient all the partition on my phone, even userdata , it took 7 hours.
I wanted to load the image in linux but using mount disk imag or using the command sudo mount -o loop userdata.img ~/Armor_11_5G doesn't do anything not even an error message.
I'm wondering if the filesystem was corrupted during the update.
Is it possible to repair the fylesystem like in Windows?
Thanks
did you previously disable encryption and factory reset long time before the modules updates failed?
what do you mean mount doesn't do anything not even an error message? either it give error message or it succeed.
I didn't disable encryption before updating the modules, I already updated this modules many times.
what do you mean mount doesn't do anything not even an error message? either it give error message or it succeed.
Click to expand...
Click to collapse
That is the problem, it doesn't succed and I don't have an error message. The file is 256 Gbyte big, I don't know if it plays a role. I'm using Ubuntu 22
if phone is encrypted that's just 256G garbage. post the output of
Code:
$ parted <file> unit B print
Here are the results of parted
Code:
Error: /home/*****/Public/userdata.bin.img: unrecognised disk label
Model: (file)
Disk /home/osboxes/Public/userdata.bin.img: 249208733696B
Sector size (logical/physical): 512B/512B
Partition Table: unknown
Disk Flags:
Thanks
You may try https://www.cgsecurity.org/wiki/TestDisk_Download
I'd be glad for your feedback.
sorry thought it's whole disk, but it's only 232G file therefore parted won't print partition table
does apply to FDE only
assuming this file is dump of single userdata partition, open with HxD editor. if the partition image is not encrypted, you will see lot zeros within first 1024 bytes.
in that case you can check for file system type is ext4 or f2fs.
Code:
$ xxd -l 1080 dump.img | grep 53ef
$ xxd -l 1024 dump.img | grep 1020.f5f2
But most likely the userdata partition is encrypted, therefore no way to recover data offline.
The easiest way not to load Magisk modules is, not to load Magisk. Flashing stock boot.img will solve it.
Beware, in case you disabled encryption beforehand, booting stock boot.img will force encryption. This may take long time without notice.
I never disabled encryption, I don't know if Magisk do it without informing. I used this phone for an year without a problem.
After the update I left the phone on for one night but nothing happens. I tried to reflash the stock boot image, and again a whole night wait, but again nothing happens.
Reading the fstab the file system should be ext4.
The file is the dump of the whole userdata partition of my Ulefone Armor 11 5G.
I did a backup of the whole system before doing any experiment so if the partition table is corrupted maybe if I reflash back the userdata partition with a working partition table I have again access to the datas.
there is no partition table in userdata partition, I just gave you wrong advise. because the phones total storage is 256G, I made wrong assumptions (you can view partition table from file pgpt.bin)
full 1:1 backup is impossible for FBE encryption because encryption keys are stored in TEE. once you factory reset device backup of userdata + metadata becomes useless.
fstab doesn't tell you what file you just have dumped. if you can't find ext4 super magic (#7) it's impossible to loop mount that file (and impossible to decrypt on linux PC)
if you can't fix boot-loop by stock boot.img then it's unrelated to magisk modules. you can however enable adb in default.prop and capture adb logcat during boot-loop for further analysis. you could also inject own script that deletes some files (only DE encrypted files, CE encrypted files requires lock screen credentials aka pin/pattern)
boot this TWRP and get log from adb
Code:
$ fastboot boot recovery.img
$ adb shell twrp decrypt '1234'
$ adb pull /tmp/recovery.log
https://twrp.me/faq/openrecoveryscript.html
full 1:1 backup is impossible for FBE encryption because encryption keys are stored in TEE. once you factory reset device backup of userdata + metadata becomes useless.
Click to expand...
Click to collapse
With mtk client I was able to do the backup of tee1 and tee2 and also of gpt_backup and gpt_main.
$ xxd -l 1080 dump.img | grep 53ef
$ xxd -l 1024 dump.img | grep 1020.f5f2
Click to expand...
Click to collapse
Doesn't produce any results.
I have immediately the command prompt.
you can however enable adb in default.prop
Click to expand...
Click to collapse
How can I do that? Which value should I change in default.prop?
so your "backup" is encrypted. please note Trustonic Kinibi is TEE OS running in secure memory one can't access or backup with mtkclient. the tee partitions in phone storage do not contain any encryption key (none of the partitions does, secure memory is not even a partition). the only crypto related partition is metadata used for keydirectory of metadata encryption (on top of FBE encryption) but it is useless for backup purposes.
yes you can modify default.prop in boot.img, ro.secure=0 should give root access.
https://forum.xda-developers.com/t/...hone-with-broken-screen.2965462/post-85905033
Code:
ro.secure=0
ro.debuggable=1
persist.service.adb.enable=1
in case the default.prop modification is not sufficient, you need additional command to be executed as root.
Code:
# settings put global adb_enabled 1
as you installed magisk, you could use magisk overlay.d/sbin/ for running startup script.
https://forum.xda-developers.com/t/...ithout-losing-your-data.4383255/post-86934375
aIecxs said:
boot this TWRP and get log from adb
Code:
$ fastboot boot recovery.img
$ adb shell twrp decrypt '1234'
$ adb pull /tmp/recovery.log
https://twrp.me/faq/openrecoveryscript.html
Click to expand...
Click to collapse
How about this TWRP? it should be able to decrypt userdata. if decryption failed, provide recovery.log
Until tomorrow I cannot do a logcat and I cannot find my view logcat on my laptop.
I unpacked boot.img with Carliv Image Kitchen and there is no default.prop, that is present in the recovery as prop.default.
Is there a way to backup secure memory of Trustonic?
How about this TWRP? it should be able to decrypt userdata. if decryption failed, provide recovery.log
Click to expand...
Click to collapse
I already tried that version but it cannot decrypt, that' why I'm trying to build my own version of TWRp with the help of the creator of that version of TWRP, but I'm stucked.
oh, you know how to build TWRP with proper FBE + metadata encryption support? have a look at other Oppo devices how they did... good luck.
regarding default.prop in boot.img (it's a symlink to system unfortunately) you can do it the other way
use magisk overlay.d/sbin/
create a boot script that does the thing with resetprop -n <prop_name> <prop_value>
don't use outdated Carliv Image Kitchen! use osm0sis AIK from link above.
oh, you know how to build TWRP with proper FBE + metadata encryption support? have a look at other Oppo devices how they did... good luck.
Click to expand...
Click to collapse
I'm learning.
I try to integrate the decryption service following the suggestion of ADeadTrouser on Github, but the service doesn't want to start and I don't understand why.
I never checked Oppo, I will take a look at them also, thanks for the suggestion.
I think I figured out now the adb logcat at least. hope that helps
https://forum.xda-developers.com/t/accessing-my-phone-with-a-dead-screen.4542763/post-88016019
I tried your script butr nothing happens, the telephone is not listed when I type
Code:
adb devices
and if I type
Code:
adb logcat
I receive the message waiting for device
you might follow the thread
wenyendev said:
You may try https://www.cgsecurity.org/wiki/TestDisk_Download
I'd be glad for your feedback.
Click to expand...
Click to collapse
I run the software on the image and it identify the contents and can read the encrypted and not encrypted part, that means that all the files are there, but I cannot mount in Linux or in TWRP
The fact that I cannot mount in Linux or TWRP the userdata image/partition can be that is corrupted the partition or the file index?
That would also explain why the script for Magisk provided by aIecxs is not able to copy the adb_key from the cache in the data partition.

Accessing my phone with a dead screen

So my phone screen connector was liquid damaged. No touch or display. It's an Essential Phone which supports HDMI output, however I can't unlock it because I don't see the lock screen on the monitor I just see a lock icon. I have fingerprint/pattern set up but I can't use fingerprint because it wants me to do the pattern first after a reboot. I do not have access to ADB since for whatever reason MTP is always enabled. I do have TWRP except the contents of the phone are encrypted so I can't get the data off that way. I am running an Android 12 custom rom. Any ideas on how I can access my files/unlock the phone?
we can enable adb in boot.img - please backup from adb while in TWRP recovery, share zip here so I will have a look.
Code:
adb pull /dev/block/bootdevice/by-name/boot boot.img
with adb enabled we can use scrcpy to mirror lock screen and unlock from PC.
aIecxs said:
we can enable adb in boot.img - please backup from adb while in TWRP recovery, share zip here so I will have a look.
Code:
adb pull /dev/block/bootdevice/by-name/boot boot.img
with adb enabled we can use scrcpy to mirror lock screen and unlock from PC.
Click to expand...
Click to collapse
Thanks for the response, I've got the boot image backed up.
Just for fun a built a digitizer emulator. It will work even when the ADB is turned off.
are you sure that is actually the boot.img dumped off your current boot partition? there is a twrp.fstab inside? However, I have modified prop.default and added custom.rc in overlay.d to enable adb. try this without flashing, then check adb. if it works, you can run scrcpy (link above)
Code:
fastboot devices
fastboot boot boot.img
adb devices
in case it does not work, you could also try to boot this TWRP (do not flash)
https://forum.xda-developers.com/t/official-twrp-3-2-3-0-for-essential-ph-1.3840931
you can decrypt pattern from adb too
https://twrp.me/faq/openrecoveryscript.html
(attachment removed)
aIecxs said:
are you sure that is actually the boot.img dumped off your current boot partition? there is a twrp.fstab inside? However, I have modified prop.default and added custom.rc in overlay.d to enable adb. try this without flashing, then check adb. if it works, you can run scrcpy (link above)
Code:
fastboot devices
fastboot boot boot.img
adb devices
in case it does not work, you could also try to boot this TWRP (do not flash)
https://forum.xda-developers.com/t/official-twrp-3-2-3-0-for-essential-ph-1.3840931
you can decrypt pattern from adb too
https://twrp.me/faq/openrecoveryscript.html
md5: 2baeb682f45ac1da8fcdbf75a60c99a4
Click to expand...
Click to collapse
Yeah it is, that is there probably because you need to install TWRP to the boot partition for the Essential Phone. Anyway, it didn't work sadly. I get the same result, all I got in device manager is "Essential MTP Device" and an inaccessible folder cause it's still locked. and it appears that twrp for the Essential Phone can't decrypt Android 12 data. I couldn't get it decrypted back when I could see my screen & used a pin either iirc
Renate said:
Just for fun a built a digitizer emulator. It will work even when the ADB is turned off.
Click to expand...
Click to collapse
How do I use it?
okay flash this boot.img to boot_a and boot_b and try again. I have added some flags for TWRP in recovery ramdisk too, maye it decrypts now. at least, it should enable adb. it may require ADB Interface Driver re-installed from device manager.
aIecxs said:
okay flash this boot.img to boot_a and boot_b and try again. I have added some flags for TWRP in recovery ramdisk too, maye it decrypts now. at least, it should enable adb. it may require ADB Interface Driver re-installed from device manager.
Click to expand...
Click to collapse
Unfortunately neither situation has changed, also reinstalled the ADB drivers
Zumbuh said:
Unfortunately neither situation has changed, also reinstalled the ADB drivers
Click to expand...
Click to collapse
can you please provide TWRP recovery.log after passing encoded pattern from cmd line?
Code:
adb shell twrp decrypt '12357'
adb pull /tmp/recovery.log
what custom ROM you are running?
maybe startup script requires u:r:init:0 secontext, or it is executed too early and just dropped before zygote? or maybe it is too late, as usually build.prop properties are triggers for init.rc so the resetprop is not working.
this is how I did
https://topjohnwu.github.io/Magisk/guides.html#root-directory-overlay-system
it will work, it's just a matter of right parameters. you can unpack boot.img your own and replace late-init with boot or post-fs-data or something different.
you can also try to write log to /cache partition and view from TWRP afterwards, so you will figure out script is even executed.
Zumbuh said:
How do I use it?
Click to expand...
Click to collapse
This was really just a proof of concept using a microcontroller that gets the swipe/click details from a desktop.
If you had a 2nd rooted Android that had HID USB Gadget built in (g_hid) it would be possible to write an app to do this.
You'd tether the two Androids together.
Edit: I did get it working with just the rooted Android and the target Android.
It's just a bit cumbersome to install. You need a custom USB config daemon and a udevd.
No design awards here, but it works.
I spend mostly 2 hours, I could change properties from overlay.d and also confirmed double check after boot. However, my Xiaomi denies any usb connection in case of modifications. So the default.prop trick did not work for me.
What worked is get a copy of %UserProfile%\.android\adbkey.pub rename it to adb_keys and copy to cache partition.
Code:
adb push %UserProfile%\.android\adbkey.pub /cache/adb_keys
adding these two files in boot.img overlay.d will copy /cache/adb_keys -> to /data/misc/adb/adb_keys. this worked for me, so give it one more shot.
aIecxs said:
I spend mostly 2 hours, I could change properties from overlay.d and also confirmed double check after boot. However, my Xiaomi denies any usb connection in case of modifications. So the default.prop trick did not work for me.
What worked is get a copy of %UserProfile%\.android\adbkey.pub rename it to adb_keys and copy to cache partition.
Code:
adb push %UserProfile%\.android\adbkey.pub /cache/adb_keys
adding these two files in boot.img overlay.d will copy /cache/adb_keys -> to /data/misc/adb/adb_keys. this worked for me, so give it one more shot. (edit: fixed)
Click to expand...
Click to collapse
I actually saw your earlier version of this reply so I was trying it myself, then when I went to reply I saw that you added a boot image and tried that as well. Though neither worked for me. I've attached my recovery.log though I assume the part you wanted to see was this.
I:operation_start: 'TWRP CLI Command'
Attempting to decrypt data partition via command line.
get_crypt_ftr_info crypto key location: ''
Unexpected value for crypto key location
Error getting crypt footer and key
Failed to decrypt data.
I:Done reading ORS command from command line
does phone have cache partition at all? you can check if /cache/adb_keys still exist. if you can see /cache/adb_keys.bak that is dump including all the existing keys. if not increase the timeout 60 seconds.
What ROM you are using? crypto-footer sounds more like FDE encryption, but I did only add flags FBE + metadata encryption.
kindly provide recovery.log. you can share via pastebin.com with expire date
aIecxs said:
does phone have cache partition at all? you can check if /cache/adb_keys still exist. if you can see /cache/adb_keys.bak that is dump including all the existing keys. if not increase the timeout 60 seconds.
What ROM you are using? crypto-footer sounds more like FDE encryption, but I did only add flags FBE + metadata encryption.
kindly provide recovery.log. you can share via pastebin.com with expire date
Click to expand...
Click to collapse
I'm using this Pixel Extended 12L rom. For whatever reason it wouldn't attach recovery.log to the last post, anyways here's the pastebin link
Starting TWRP 3.2.3-0-007de98f-dirty on Thu Jan 1 00:00:13 1970 (pid 601)I: - Pastebin.com
Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
pastebin.com
the log is not from my (3) boot.img
I:Mount: Unable to find partition for path '/cache'
where did you place your adb_keys?
aIecxs said:
I:Mount: Unable to find partition for path '/cache'
where did you place your adb_keys?
Click to expand...
Click to collapse
In cache originally, but yeah I noticed that it didn't mount earlier as well. I did try placing them in a new directory I created and modifying the adbguard.sh file but it didn't work. The adb_keys file is still in that directory but there is no .bak file. Got anywhere else I could place it?
what directories can you access unencrypted on /data?
aIecxs said:
what directories can you access unencrypted on /data?
Click to expand...
Click to collapse
Seems the only one that isn't encrypted is /data/gsi
so you can place adbkey.pub there instead. change these lines in overlay.d/sbin/adbguard.sh. increase the timeout. you can also add some output to see if script is running at all.
Bash:
while [ ${i:-0} -le 60 ]; do
set_adbkey /data/gsi/adb_keys
echo "Hello World ($i)" >> /data/gsi/hello.txt
Code:
adb push adbkey.pub /data/gsi/adb_keys
according to the ROM you linked, that is just FBE encryption, I bet some dev can fix that TWRP.
/vendor/etc/fstab.mata
Code:
# Android fstab file.
# The filesystem that contains the filesystem checker binary (typically /system) cannot
# specify MF_CHECK, and must come before any filesystems that do specify MF_CHECK
#<src> <mnt_point> <type> <mnt_flags and options> <fs_mgr_flags>
/dev/block/platform/soc/1da4000.ufshc/by-name/system / ext4 ro,barrier=1 wait,slotselect,verify
/dev/block/platform/soc/1da4000.ufshc/by-name/userdata /data ext4 noatime,nosuid,nodev,barrier=1,noauto_da_alloc latemount,wait,check,formattable,fileencryption=ice,quota
/dev/block/platform/soc/1da4000.ufshc/by-name/misc /misc emmc defaults defaults
/dev/block/platform/soc/1da4000.ufshc/by-name/modem /vendor/firmware_mnt vfat ro,shortname=lower,uid=1000,gid=1000,dmask=222,fmask=333,context=u:object_r:firmware_file:s0 wait,slotselect
/dev/block/platform/soc/1da4000.ufshc/by-name/dsp /vendor/lib/dsp ext4 ro,nosuid,nodev,barrier=1,context=u:object_r:adsprpcd_file:s0 wait,slotselect
/devices/*/xhci-hcd.0.auto* auto auto defaults voldmanaged=usb:auto
/devices/*/0000:01:00.0* auto auto defaults voldmanaged=usb:auto
/dev/block/zram0 none swap defaults zramsize=2147483648,max_comp_streams=8
aIecxs said:
so you can place adbkey.pub there instead. change these lines in overlay.d/sbin/adbguard.sh. increase the timeout. you can also add some output to see if script is running at all.
Bash:
while [ ${i:-0} -le 60 ]; do
set_adbkey /data/gsi/adb_keys
echo "Hello World ($i)" >> /data/gsi/hello.txt
Code:
adb push adbkey.pub /data/gsi/adb_keys
according to the ROM you linked, that is just FBE encryption, I bet some dev can fix that TWRP.
/vendor/etc/fstab.mata
Code:
# Android fstab file.
# The filesystem that contains the filesystem checker binary (typically /system) cannot
# specify MF_CHECK, and must come before any filesystems that do specify MF_CHECK
#<src> <mnt_point> <type> <mnt_flags and options> <fs_mgr_flags>
/dev/block/platform/soc/1da4000.ufshc/by-name/system / ext4 ro,barrier=1 wait,slotselect,verify
/dev/block/platform/soc/1da4000.ufshc/by-name/userdata /data ext4 noatime,nosuid,nodev,barrier=1,noauto_da_alloc latemount,wait,check,formattable,fileencryption=ice,quota
/dev/block/platform/soc/1da4000.ufshc/by-name/misc /misc emmc defaults defaults
/dev/block/platform/soc/1da4000.ufshc/by-name/modem /vendor/firmware_mnt vfat ro,shortname=lower,uid=1000,gid=1000,dmask=222,fmask=333,context=u:object_r:firmware_file:s0 wait,slotselect
/dev/block/platform/soc/1da4000.ufshc/by-name/dsp /vendor/lib/dsp ext4 ro,nosuid,nodev,barrier=1,context=u:object_r:adsprpcd_file:s0 wait,slotselect
/devices/*/xhci-hcd.0.auto* auto auto defaults voldmanaged=usb:auto
/devices/*/0000:01:00.0* auto auto defaults voldmanaged=usb:auto
/dev/block/zram0 none swap defaults zramsize=2147483648,max_comp_streams=8
Click to expand...
Click to collapse
Alright I have replaced those lines and that file was never created, so it looks like it never runs the script

Categories

Resources