[Help][TWRP] Stuck on half decrypted /data

Search This thread

a-dead-trousers

Senior Member
  • Jul 28, 2016
    321
    1
    147
    Hi.

    I need some help on decryption. I'm developing a TWRP recovery for the Atom XL and am stuck at the moment. I was able to set up the stock trustkernel (teed) and keymaster. The recovery boots fine and "/data/system" gets decrypted and is readable BUT everything else is still encrypted.
    In the log I get the message "Unable to locate gatekeeper password file '/data/system/gatekeeper.pattern.key'" but checking after booting into the OS there is no such file anywhere on "/data". I did a little bit of research in the source code and as far as I understand the function "Get_Password_Type" in "Decrypt.cpp" the check for "/data/system/gatekeeper.pattern.key" is just a fallback if "/data/system_de/0/spblob/" cannot be read.
    And I have in fact that folder but it's still encrypted in TWRP while it is fully readable in the OS. Now my guess is that "/data/system_de" doesn't get decrypted properly. DE means Device Encryption and that should be done the same way as the decryption of "/data/system" or am I wrong? So what am I missing?
    I checked with many other TWRP device trees who claimed to be able to decrypt but I can't find any (significant) differences.

    wkr ADT

    EDIT: It's an Android 10 (LineageOS 17.1) device with FBE. TWRP is 3.5.1_10.0
     
    Solution
    So I was finally able to figure everything out.
    Here is my story for those who are struggling like me:
    It's for a mediatek helios p60 (mt6771) device using "trustkernel" (teed / app/t6) as it's security framework.

    a-dead-trousers

    Senior Member
  • Jul 28, 2016
    321
    1
    147
    So I was finally able to figure everything out.
    Here is my story for those who are struggling like me:
    It's for a mediatek helios p60 (mt6771) device using "trustkernel" (teed / app/t6) as it's security framework.
     
    Solution