Development [RECOVERY][3.7.0-12.1][UNOFFICIAL][UNIFIED] TWRP with A12/A13 encryption support

Search This thread
By:
Advanced…
D

der_akinator

Senior Member
Mar 27, 2015
211
336
Berlin
OnePlus 3T
OnePlus 9 Pro
TheGhost1951 said:
Yeah, if your TMO phone is TargetID IN, you can flash an original param.bin in fastbootd mode and get back to TargetID of TMO.... that is the only reason I inquired...
Click to expand...
Click to collapse
If it's a normal partition and is normally flashed with "fastboot flash ... param.bin", it probably works. But I can't confirm it since I don't own a TMO device.
 
  • Like
Reactions: TheGhost1951
osm0sis

osm0sis

Senior Recognized Developer / Contributor
Mar 14, 2012
15,435
34,979
Halifax
GT-i9250
Google Nexus 4
osm0sis said:
I figured out how to workaround the issue of TWRP itself not showing backups in the Restore list (shows contents of / or /data instead).

Copy /data/recovery/.twrps to /sdcard/TWRP/.twrps

You can then safely use the advanced setting to Change TWRP directory as well.

@der_akinator, this sounds like another unintended regression from the /data/recovery/.twrps patchset @apophis9283 was talking about, along with the bad context/ownership/permissions issue. Might be worth reverting?
Click to expand...
Click to collapse
der_akinator said:
Update
  • Fix backups and logs not accessible from system
If you already have backups that aren't accessible from system, flash change_backup_selinux_context.zip which is available in the latest download folder. All backups made with TWRP builds starting from 14-01-23 (aka 3.7.0-12.1-4) are affected.

14-03-23 - Google Drive

drive.google.com drive.google.com
Click to expand...
Click to collapse

The Restore list issue is still present, unfortunately.

Steps to reproduce:
1) Use Advanced > File Manager to ensure /sdcard/TWRP/.twrps is deleted
2) Reboot Recovery to ensure using /data/recovery/.twrps
3) Make a backup of something small for our testing, like boot partition
4) Advanced > Change TWRP folder to name: Recovery
5) Reboot to Recovery to start fresh
6) Check Restore list, it'll just show contents of /sdcard instead of actual backups
 
Last edited:
D

der_akinator

Senior Member
Mar 27, 2015
211
336
Berlin
OnePlus 3T
OnePlus 9 Pro
osm0sis said:
The Restore list issue is still present, unfortunately.

Steps to reproduce:
1) Use Advanced > File Manager to ensure /sdcard/TWRP/.twrps is deleted
2) Reboot Recovery to ensure using /data/recovery/.twrps
3) Make a backup of something small for our testing, like boot partition
4) Advanced > Change TWRP folder to name: Recovery
5) Reboot to Recovery to start fresh
6) Check Restore list, it'll just show contents of /sdcard instead of actual backups
Click to expand...
Click to collapse
Sorry, I forgot to add latest patch. Latest build is now replaced with fixed version.
 
  • Like
Reactions: osm0sis and solar666
ankitstha

ankitstha

Member
Oct 23, 2018
9
1
OnePlus 7 Pro
OnePlus 9
Releece said:
I was running OOS11 before with TWRP3.7.0 built for denniz (OnePlus Nord 2) Android 11. I remember that booting this build always failed, but for some reason flashing it worked without any problems, I was even able to decrypt my /media/data/ folder strange enough...
Just don't forget flashing vbmeta.img with the right command before flashing recovery.

Have you tried flashing it yet?
Click to expand...
Click to collapse
yes its working fine for now
 
  • Like
Reactions: Releece
osm0sis

osm0sis

Senior Recognized Developer / Contributor
Mar 14, 2012
15,435
34,979
Halifax
GT-i9250
Google Nexus 4
der_akinator said:
Update
  • Fix backups and logs not accessible from system
If you already have backups that aren't accessible from system, flash change_backup_selinux_context.zip which is available in the latest download folder. All backups made with TWRP builds starting from 14-01-23 (aka 3.7.0-12.1-4) are affected.

14-03-23 - Google Drive

drive.google.com drive.google.com
Click to expand...
Click to collapse
der_akinator said:
Sorry, I forgot to add latest patch. Latest build is now replaced with fixed version.
Click to expand...
Click to collapse
Awesome! Can confirm it works as expected now. 😁

Only thing I noticed is that there now seems to be a rogue empty TWRP folder created at /TWRP which I don't recall happening before.
 
  • Like
Reactions: Smedslund and galaxys
D

der_akinator

Senior Member
Mar 27, 2015
211
336
Berlin
OnePlus 3T
OnePlus 9 Pro
Good new for OOS users. One of the TWRP devs found a workaround for data restore on OOS. Just delete "/data/system/users/0/package-restrictions.xml", after data is restored. I will exclude this file by default in a future build, but for existing backups, the file must always be removed manually.

Edit:
This is also useful for custom ROMs, because it makes first boot faster and eliminates the need to reboot again.
 
Last edited:
  • Like
Reactions: Steve0007, ikram.senguen, Mogster2K and 7 others
Need4Sneed

Need4Sneed

Senior Member
Jul 14, 2014
72
92
Atlanta
Hey, quick question. To update this TWRP, when the OP says flash the twrp-installer.zip, that means flash the zip in TWRP, then reboot to recovery into said updated TWRP, correct? Just wanna be 100% sure, since this is my first A/B device (been using a OP5 since it was released and only JUST switched to a OP9). If I'm just updating TWRP, I don't need to flash to any specific slot, right? Since there's other ways to flash ZIPs, it seemed like a prudent question . . at least in my case.

Thanks you for this TWRP! It always nice to have a backup(s) of all of my partitions on my backup SSD, just in case my device decides to have a bad time! So thank you for your contributions to the community!
 
Need4Sneed

Need4Sneed

Senior Member
Jul 14, 2014
72
92
Atlanta
Maybe someone can answer a question for me: If I wanna replace this TWRP with LineageOS recovery, can I still follow the instructions for installing LOS 20, or do I need to take any extra steps? I remember reading that there is no dedicated recovery partition anymore, so it says to flash it to boot, but just wanted to confirm that that'll replace TWRP with LineageOS revovery.

Thanks!
 
TheGhost1951

TheGhost1951

Senior Member
Feb 11, 2009
1,722
426
Garfield
OnePlus 9 Pro
Need4Sneed said:
Maybe someone can answer a question for me: If I wanna replace this TWRP with LineageOS recovery, can I still follow the instructions for installing LOS 20, or do I need to take any extra steps? I remember reading that there is no dedicated recovery partition anymore, so it says to flash it to boot, but just wanted to confirm that that'll replace TWRP with LineageOS revovery.

Thanks!
Click to expand...
Click to collapse
Flash the required boot.img will replace TWRP.
 
  • Like
Reactions: der_akinator
D

der_akinator

Senior Member
Mar 27, 2015
211
336
Berlin
OnePlus 3T
OnePlus 9 Pro
Need4Sneed said:
Hey, quick question. To update this TWRP, when the OP says flash the twrp-installer.zip, that means flash the zip in TWRP, then reboot to recovery into said updated TWRP, correct? Just wanna be 100% sure, since this is my first A/B device (been using a OP5 since it was released and only JUST switched to a OP9). If I'm just updating TWRP, I don't need to flash to any specific slot, right? Since there's other ways to flash ZIPs, it seemed like a prudent question . . at least in my case.

Thanks you for this TWRP! It always nice to have a backup(s) of all of my partitions on my backup SSD, just in case my device decides to have a bad time! So thank you for your contributions to the community!
Click to expand...
Click to collapse
Yes, just flash in TWRP.
 
O

olmiks

Member
Feb 22, 2023
15
1
der_akinator said:
Good new for OOS users. One of the TWRP devs found a workaround for data restore on OOS. Just delete "/data/system/users/0/package-restrictions.xml", after data is restored. I will exclude this file by default in a future build, but for existing backups, the file must always be removed manually.

Edit:
This is also useful for custom ROMs, because it makes first boot faster and eliminates the need to reboot again.
Click to expand...
Click to collapse
Hello! If not difficult, tell me. Is there a custom TWRP today, capable of not only creating a backup system, but also restore data from a backup? I have an OnePlus 9PRO phone, T-Mobile operator (LE-2127), Oxygenos, Android 12, the bootloader is unlocked, there is a root. Would be very grateful!
 
You must log in or register to reply here.

Similar threads

eng.stk
Development [KERNEL] [blu_spark r145 OP9/Pro] [A13 Custom]
Replies
916
Views
115K
LOTIN
LOTIN
Steve0007
  • Sticky
How To Guide [GUIDE] [Magisk] [Unlock / ROOT / Keep Root] OOS 13.1.0.500
Replies
2K
Views
328K
TheGhost1951
TheGhost1951
pranavasri
Development [ROM][OOS Cam][Android 12.1]StagOS 12.1[lemonadep][FINAL][08/09/2022]
Replies
498
Views
73K
V
vsinha71
Nebrassy
Development [RECOVERY] [11] [OFFICIAL] TeamWin Recovery Project
Replies
613
Views
101K
TheGhost1951
TheGhost1951
mukesh22584
Development [ROM][A13][OP9Pro][r43][OOS-CAM] XTENDED XT-v7.0 [GAPPS][16-05-2023]
Replies
361
Views
55K
Beytullah61
Beytullah61

Top Liked Posts

24 Hours 30 Days All time
  • 3
    [GR]Frostbyte
    [GR]Frostbyte
    der_akinator said:
    TWRP essential does the same as default android, and there is no password stored. That would defeat the whole purpose of encryption. I'm not sure about the internals, but broadly speaking the system tries to decrypt with your provided pattern and if the result doesn't make sense, you get an error.
    Click to expand...
    Click to collapse

    shadabkiani said:
    Lock settings are stored in /data/system/locksetting.db and other files with filenames locksettings. Now since /data/ is encrypted, you cannot access it without decrypting. And, even if you decrypt phone by entering correct pattern, and then you delete those files, that would make the entire /data useless and forever encrypted because there would be no way to decrypt it anymore.

    On my HTC 10, I have custom ROM installed and /data isn't encrypted by default, unlike OnePlus 9. You have to manually encrypt from Settings > Security if you want. So, if I don't have encryption, I can go to TWRP and simply delete /data/system/locksettings.db and phone lock would just go away. However, if encryption is enabled, and I go to TWRP, decrypt with correct lock code, then delete the same files, it would not work. The phone will boot up and would be stuck after bootanimation. I would have to format data and only then it would work again.

    Ain't no way you can bypass encryption. You either enter the correct lock code, or just get super lucky and try again again through brute forcing.
    Click to expand...
    Click to collapse

    I would also like to add my own two cents, as a senior UNIX/Linux system administrator, to these already helpful excerpts of information.

    @PartyZone

    Even if the stars could align and a decrypted version of the file that the pattern/pin is stored in could be found, one could never get the actual pattern/pin out of it; the reason being that the actual pattern/pin is being hashed (with blowfish/bcrypt being the latest trend) and usually salted too.

    This means that when one enters a password/pattern/pin, the input is being hashed once more and compared against the stored hash. Hashing is typically considered to be a one-way process, which cannot be reversed (while in theory it technically could, it would require immeasurable processing power to do so).
    As you also might've guessed, an added salt makes the possibility of a successful decryption even more unfathomable. (Further details and explanation can be found here)

    As @der_akinator most eloquently and accurately put; an encryption process which could be reversed (at least not without an insurmountable cost), would defeat it's whole purpose and existence in the first place.
    View
  • 6
    osm0sis
    osm0sis
    fastbootd should work...

    Also you can also flash abl while booted if you are rooted and want to do it manually, like `dd if=/sdcard/abl.img of=/dev/block/bootdevice/by-name/abl_a`

    Same works in TWRP Terminal/adb shell.
    View
    6
    S
    shadabkiani
    orifori said:
    Hello, I installed an Android 13 custom rom on a Samsung device with twrp-3.7.0_9-0 but unfortunately there is no encryption. Does encryption depend on the rom or on TWRP and will this TWRP version work on a Samsung phone? And is there some trick to enforce encryption when flashing custom rom with TWRP?
    Click to expand...
    Click to collapse
    First of all, this is a thread for OnePlus 9/Pro; not Samsung. Please refer to your phone's forum for better support.

    Secondly, you should have written your phone model and ROM specifically in your message, rather than just "Android 13 custom rom on a Samsung device".

    Thirdly, encryption depends on the ROM you are using. Most latest phones/ROMs automatically encrypt data upon first boot. And if they don't, you can manually enable encryption from Settings > Security (requires charger plugged in). Just go to Settings > Security to see if it's already encrypted or not. There is no trick to enforce encryption at the time of flashing ROM in TWRP; not to my knowledge at least. It's a ROM-dependent feature (and "almost" all ROMs support it).

    Lastly, looking at the TWRP version, I assume your phone is from 2017-18, and most probably TWRP would be official for your phone, and it would support decryption. If your phone/ROM is encrypted, it would ask for decryption when TWRP boots.
    View
    6
    D
    der_akinator
    andrew_yousry said:
    I can'y thank you enough @der_akinator for reviving the TWRP recovery for OnePlus 9 Pro. I'm really happy for it.
    Thank you so much, everything works fine, except MTP. I can't see my storage when connected to my PC using USB cable.
    if you can fix this it would be great.
    Thank you again.
    Click to expand...
    Click to collapse
    I can't reproduce your issues too, and it's the same for the sideloading issues addressed by @Rallyharry. I tested under windows and linux with the latest builds. The only thing I noticed was that I had to switch drivers under windows manually to WinMTP and I couldn't use mtp and adb simultaneously. But the whole windows driver system is a mess anyway.

    I pulled some minimal changes from qcom's upstream usb repo and also added a proposed patch series regarding mtp into twrp source. My tests with those changes are fine, and I can upload a new build tomorrow, if you want.
    View
    6
    D
    der_akinator
    Update
    • unified boot image (tested on los-20221227 (OOS 12) and latest crdroid (OOS 13))
    • update usb/mtp stuff
    • exclude "/data/system/users/0/package-restrictions.xml" from backup
    Testers for the unified boot image are welcome, especially OP9 users. I think for existing backups "/data/system/users/0/package-restrictions.xml" has to be deleted manually after restore, but I haven't tested it.

    16-05-23 - Google Drive

    drive.google.com drive.google.com
    View
    5
    D
    der_akinator
    Of course, I'm talking about his existing device tree. But enough with Samsung.
    View
  • 54
    D
    der_akinator
    This is an unofficial build of TWRP, based on the Android 12.1 branch, that supports encryption used by Android 12 and 13 ROMs. This build is tested on OP9 pro, but it was confirmed to work on regular OP9 too.

    As always I'm not responsible for any bricked device or data loss resulting from the use of this TWRP builds. You use this at your own risk.

    For ROMs using FBEv1 encryption aka A11 encryption, please use the official builds by     @Nebrassy from:

    [RECOVERY] [11] [OFFICIAL] TeamWin Recovery Project

    Introduction: Team Win Recovery Project or...
    forum.xda-developers.com forum.xda-developers.com

    Download:

    twrp-3.7.0-12.1 - Google Drive

    drive.google.com drive.google.com

    Installation:

    Permanent installation is not possible with TMO stock ROM installed.

    Installation overwrites all boot partition changes done previously (e.g. by Magisk or custom kernel). So you have to reflash all zips that change the boot partition after TWRP is installed.

    For permanent installation, you have three options depending on your current system.

    1. Option for rooted devices:
    1. Download the twrp-installer zip
    2. Flash it with Magisk manager or some other kernel flash utility
    3. Reflash your custom kernel and Magisk.apk if previously installed (see example of how to install with Magisk manager below). Or alternatively flash zips in TWRP.
      1. Don't reboot
      2. Rename downloaded Magisk.apk to Magisk.zip
      3. Open Magisk app
      4. Select Modules tab
      5. Click "Install from storage"
      6. Select Magisk.zip
    2. Option for users with other custom recoveries but without root:
    1. Download the twrp-installer zip
    2. Reboot to recovery
    3. Flash it with "adb sideload twrp-installer*.zip"
    4. Reboot to recovery
    5. Reflash your custom kernel and Magisk.apk if previously installed
    3. Option is universal:
    1. Download boot.img
    2. Reboot to bootloader
    3. Run "fastboot boot boot.img" with the boot image
    4. Go to Advanced > Flash Current TWRP
    5. Reflash your custom kernel and Magisk.apk if previously installed

    Try without installation:
    1. Download boot.img
    2. Reboot to bootloader
    3. Run "fastboot boot boot.img" with the boot image

    Uninstall:

    Just flash the boot partition with your current ROMs boot image with the following steps.
    Replace "YOUR ROM BOOTIMAGE" with the filename of the extracted boot image of your current ROM.
    1. Reboot to bootloader
    2. Run "fastboot flash boot_a YOUR ROM BOOTIMAGE"
    3. Run "fastboot flash boot_b YOUR ROM BOOTIMAGE"
    Alternatively you can flash your currently installed OTA zip, which overwrites boot on the unused slot, but not on the currently used one.

    TWRP Updates:
    1. Download and flash the twrp-installer zip
    2. After that reflash your custom kernel and Magisk if previously installed

    ROM Updates:

    Please follow the official update instructions for your ROM!

    If they give an option to update via recovery you have to substitute adb sideload commands with zip installations. Also use the "Automatically reflash TWRP after flashing a ROM" option, if you are going to install a ROM zip to preserve TWRP installation.

    In case your ROM does not provide a recovery update instruction you can try to update via recovery but you are on the safe side if you follow the official instructions. They always have a reason for their particular update instructions!

    Instructions that work for me (on LOS based ROMs):
    1. Flash ROM zip with "Automatically reflash TWRP after flashing a ROM" checked
    2. Flash your previously installed zips (custom kernel, Gapps, Magisk, etc)
    3. Reboot to system
    4. If Gapps packages keep crashing:
      1. Reboot to TWRP
      2. Flash Gapps again
      3. Reboot to system
    For OOS updates should work out of the box, but if you have issues you can follow these steps (I haven't tested them):

    [RECOVERY][3.7.0-12.1][UNOFFICIAL][UNIFIED] TWRP with A12/A13 encryption support

    This is an unofficial build of TWRP, based on...
    forum.xda-developers.com forum.xda-developers.com

    About backups/restore:

    Restore data only WITHOUT pin/pattern set.

    If you restore a backup made from another ROM, then the currently installed, you may have to format data. So please manually copy all contents from /sdcard to a PC or flash drive.

    Backups can be made with or without pin/pattern set. It is always good practice to copy your backups to your PC or an USB drive. Also after you restored your data partition you have to reboot to system and do a second reboot to get a working system.
    To make first boot faster and eliminate the need to reboot again, additionally use the step mandatory for OOS users.

    If you want to copy your backup to PC, but it doesn't show up, flash change_backup_selinux_context.zip, which is available in download folder.

    For OOS users:
    When data is restored, you have to delete "/data/system/users/0/package-restrictions.xml" before rebooting to system.

    In case you restore a backup with pin/pattern set or have some other issues I have a guide that works for me:

    [RECOVERY][3.7.0-12.1][UNOFFICIAL][UNIFIED] TWRP with A12/A13 encryption support

    This is an unofficial build of TWRP, based on...
    forum.xda-developers.com forum.xda-developers.com

    How to use MTP, adb and fastbootD:

    Windows:
    Install official Google USB drivers and select the right USB drivers. For MTP and adb, the WinUSB driver is sufficient on Windows 11. For fastbootD, Google drivers (Android Bootloader interface) has to be chosen.
    You may have to select WinMTP for MTP and Google USB drivers for adb, if you run Windows 10.

    To use adb on Windows, MTP has to be disabled with "Mount->Disable MTP" in TWRP.

    Steps for choosing a specific driver (no the exact wording):
    1. Connect phone in specific mode
    2. Open device manager
    3. Right click on phone either under "Android device" or "USB device", depending on mode
    4. Select "update driver"
    5. Select 2. option "browse my computer"
    6. Select "pick from available drivers"
    7. Pick driver according to above description
    Linux:
    1. Intall the fastboot and adb packages for your distribution
    2. Set udev rules. There might be a package for your distro or use this gh repo: https://github.com/M0Rf30/android-udev-rules
    3. Add user to the group used in udev rules. Most common are "plugdev" and "adbusers"

    Source Code:

    Bugs:
    • Permanent installation alongside TMO stock isn't possible
    • Error message regarding vendor_dlkm in fastbootD for OOS users (just cosmetic and not problematic)
    • In case you notice anything else please let me know.
    If you encounter any bug, please give me description with logcat.txt and recovery.log output attached. You can copy those to your data folder in TWRP, if you go to Advanced->Copy Logs.

    Thanks to:
    • @Nebrassy for the original device tree
    • @osm0sis for the zip installer
    • TWRP team
    • LineageOS
    View
    13
    D
    der_akinator
    Update
    • /data/fonts/* is excluded from backups (has to be verified by someone with backup errors)
    • screen turns completely off now
    • updated firmware files from LE2125_11.C.63 (maybe this helps with OOS13 problems)
    • initial installation is now possible without flashing vendor_boot (I tested a few combinations of installation methods and initial system configurations. So hopefully nothing is broken this time.)
    Have a happy New Year tomorrow!

    22-12-30 - Google Drive

    drive.google.com drive.google.com
    View
    10
    D
    der_akinator
    Update
    • improve vibration support
    • fix kernel modules loading in fastbootd mode for custom roms (might result in an error message regarding vendor_dlkm for OOS users, but it's just cosmetic)
    Tested on LOS 19.1 (OOS 12 firmware) and crdroid 13 (OOS 13 firmware).

    08-02-23 - Google Drive

    drive.google.com drive.google.com
    View
    10
    D
    der_akinator
    Update
    • add vendor_boot and dtbo to backup targets
    • add CPU temperature output
    • fix vibration (still doesn't work in fastbootd mode)
    I tested this build on LOS 19.1 (OOS 12 firmware) and crdroid 13 (OOS 13 firmware). Also keep in mind that you have to use the boot image according to your installed firmware, if you want to install/test via fastboot.

    04-02-23 - Google Drive

    drive.google.com drive.google.com
    View
    10
    D
    der_akinator
    Good new for OOS users. One of the TWRP devs found a workaround for data restore on OOS. Just delete "/data/system/users/0/package-restrictions.xml", after data is restored. I will exclude this file by default in a future build, but for existing backups, the file must always be removed manually.

    Edit:
    This is also useful for custom ROMs, because it makes first boot faster and eliminates the need to reboot again.
    View

New posts