[Help][TWRP] Stuck on half decrypted /data

Search This thread

a-dead-trousers

Senior Member
Jul 28, 2016
501
1
190
Samsung Galaxy S5 Mini
Hi.

I need some help on decryption. I'm developing a TWRP recovery for the Atom XL and am stuck at the moment. I was able to set up the stock trustkernel (teed) and keymaster. The recovery boots fine and "/data/system" gets decrypted and is readable BUT everything else is still encrypted.
In the log I get the message "Unable to locate gatekeeper password file '/data/system/gatekeeper.pattern.key'" but checking after booting into the OS there is no such file anywhere on "/data". I did a little bit of research in the source code and as far as I understand the function "Get_Password_Type" in "Decrypt.cpp" the check for "/data/system/gatekeeper.pattern.key" is just a fallback if "/data/system_de/0/spblob/" cannot be read.
And I have in fact that folder but it's still encrypted in TWRP while it is fully readable in the OS. Now my guess is that "/data/system_de" doesn't get decrypted properly. DE means Device Encryption and that should be done the same way as the decryption of "/data/system" or am I wrong? So what am I missing?
I checked with many other TWRP device trees who claimed to be able to decrypt but I can't find any (significant) differences.

wkr ADT

EDIT: It's an Android 10 (LineageOS 17.1) device with FBE. TWRP is 3.5.1_10.0
 
Solution
So I was finally able to figure everything out.
Here is my story for those who are struggling like me:
It's for a mediatek helios p60 (mt6771) device using "trustkernel" (teed / app/t6) as it's security framework.

a-dead-trousers

Senior Member
Jul 28, 2016
501
1
190
Samsung Galaxy S5 Mini
So I was finally able to figure everything out.
Here is my story for those who are struggling like me:
It's for a mediatek helios p60 (mt6771) device using "trustkernel" (teed / app/t6) as it's security framework.
 
Solution