Related
I somehow got my filesystem encrypted when I flashed TWRP and rooted. When I try to boot into TWRP, I have to enter a password to be able to see anything or do any modifications. What happened?
I didnt have this problem on my Axon but googled.
http://forum.xda-developers.com/google-nexus-5/help/twrp-password-t2511049
I have no idea if this will help you or not but it will wipe data so your phone will be factory reset. Do at your own risk.
Twerkules said:
I somehow got my filesystem encrypted when I flashed TWRP and rooted. When I try to boot into TWRP, I have to enter a password to be able to see anything or do any modifications. What happened?
Click to expand...
Click to collapse
bhint15 said:
I didnt have this problem on my Axon but googled.
http://forum.xda-developers.com/google-nexus-5/help/twrp-password-t2511049
I have no idea if this will help you or not but it will wipe data so your phone will be factory reset. Do at your own risk.
Click to expand...
Click to collapse
This is from the Thread @bhint15 posted ,
Hit cancel at the password screen, then go into Wipe and then do a factory reset by swiping. Then go back into Wipe and press the 'Format data' button. You have to type 'Yes', and it will take a few seconds. After that everything should work normally.
Click to expand...
Click to collapse
and the reason why ask for password is cuz Axon 7 Data/Storage is Automatically encrypted out of the box, that's why you don't or not going to find any sort of encryption data setting under Settings and That's the reason a lot of users here have issues trying to get back to stock or something similar.....
This may give you some insight.
https://youtu.be/y0fHGJY-vFE
For me it's the Axon 7. I like the bigger res screen, the upcoming daydream compatibility and superior audio and non-Apple like OS.
The Honor 8 dies seem to have a better camera, but I can live with that. Plus I have an LG G5 for when I want photos.
You just have to decide witch Frasier is more important to you.
RojasTKD said:
This may give you some insight.
https://youtu.be/y0fHGJY-vFE
For me it's the Axon 7. I like the bigger res screen, the upcoming daydream compatibility and superior audio and non-Apple like OS.
The Honor 8 dies seem to have a better camera, but I can live with that. Plus I have an LG G5 for when I want photos.
You just have to decide witch Frasier is more important to you.
Click to expand...
Click to collapse
Wrong Thread mate LoL,
DrakenFX said:
Wrong Thread mate LoL,
Click to expand...
Click to collapse
What the neck how did u end up here....
Disregard ?
DrakenFX said:
This is from the Thread @bhint15 posted ,
and the reason why ask for password is cuz Axon 7 Data/Storage is Automatically encrypted out of the box, that's why you don't or not going to find any sort of encryption data setting under Settings and That's the reason a lot of users here have issues trying to get back to stock or something similar.....
Click to expand...
Click to collapse
Alright, I managed to be able to write to /system temporarily by formatting the Data partition in TWRP, then rebooting back into TWRP. However, after rebooting into OS and setting up my phone, I rebooted into TWRP and was faced with the encryption password prompt again! Does the filesystem just re-encrypt itself when you start the OS, or am I doing something wrong?
Twerkules said:
Alright, I managed to be able to write to /system temporarily by formatting the Data partition in TWRP, then rebooting back into TWRP. However, after rebooting into OS and setting up my phone, I rebooted into TWRP and was faced with the encryption password prompt again! Does the filesystem just re-encrypt itself when you start the OS, or am I doing something wrong?
Click to expand...
Click to collapse
I gave up for now. I tried for 4 days to fix this. In the end I have 30 days to return the phone. Hopefully someone will figure out a work around for this issue. I really like using twrp. I have not read a comment on here of anyone being able to boot into system then back into twrp with out having to enter a password to decrypt. I hope someone out there can do it and they figure out a way to fix it for the rest of us..
HonestOtter said:
I gave up for now. I tried for 4 days to fix this. In the end I have 30 days to return the phone. Hopefully someone will figure out a work around for this issue. I really like using twrp. I have not read a comment on here of anyone being able to boot into system then back into twrp with out having to enter a password to decrypt. I hope someone out there can do it and they figure out a way to fix it for the rest of us..
Click to expand...
Click to collapse
When does twrp prompt for password? I just booted into TWRP and it didn't prompt me. Then I simply booted back into the rom. Never prompted for a password.
runderekrun said:
When does twrp prompt for password? I just booted into TWRP and it didn't prompt me. Then I simply booted back into the rom. Never prompted for a password.
Click to expand...
Click to collapse
As soon as I get into TWRP it asks me for the password. I can continue into TWRP but I can't mount or modify the /system partition (it reads as 0b in TWRP File Browser). No idea how to fix, but I'm glad it's not just me having this issue.
As of right now, it looks like we are going to have to wait for custom ROMs for a fix, unless TWRP gets an update just for this. I saw a thread here asking users for info for final tweaks on a CM13 port to the Axon 7.
Twerkules said:
As soon as I get into TWRP it asks me for the password. I can continue into TWRP but I can't mount or modify the /system partition (it reads as 0b in TWRP File Browser). No idea how to fix, but I'm glad it's not just me having this issue.
As of right now, it looks like we are going to have to wait for custom ROMs for a fix, unless TWRP gets an update just for this. I saw a thread here asking users for info for final tweaks on a CM13 port to the Axon 7.
Click to expand...
Click to collapse
Which bootloader unlock did you do? I wonder, why would this not happen to me but happen to you? I am willing to test anything that needs to be tested.
You cannot fix that. Like DrakenFX said, the partition encrypts itself in the OS. You cannot disable/bypass this!
XblackdemonX said:
You cannot fix that. Like DrakenFX said, the partition encrypts itself in the OS. You cannot disable/bypass this!
Click to expand...
Click to collapse
Auto-encrypted can be disabled but that's way, way out of my league, need to rebuild boot. Img with that feature disabled.
There are two different scenarios that will be in play here. Is the bootloader unlocked or not. If the bootloader is unlocked then boot.img can be patched with the zip from idlekernle that disables the dm-verity and fstab. You cannot do this if your BL is locked, because it will modify the signed boot.img that that provides root, and will not boot anymore.
After it's patched, the system will not encrypt after /data wipe and TWRP will access it without problem. The downside is no encryption.
For the BL locked crowed, the /data has to be reformatted after flashing new rooted boot.img. This image also enforces encryption so one way to solve this would be for @tenfar to provide us with signed boot.img that set encryption of as well as. Otherwise the TWRP will need a password to decrypt /data if it can't use the default_password. In this case you should be able to enter the same pin you have setup for lock screen to decrypt the main encryption key.
The system re-encrypts itself on every system start after factory reset or /data format because of the forceencrypt flag in fstab, so the pin will be needed as long as that's the case. While TWRP should be able to try to decrypt with "default_password" in case you have not setup any on lockscreen, this sometimes fails, so having a pin on lockscreen usually helps. The cause is most likely that /cryptkey is altered somehow and TWRP can't use it. Wiping /data and rebooting should generate an fresh /cryptkey. I have been able to just flash modded recovery while still on stock boot and backup the /data with no key.
/system should not be encrypted ever since it would make block level OTA impossible to do. Why TWRP is not mounting it or seeing it 0b is a separate question.
Twerkules said:
As soon as I get into TWRP it asks me for the password. I can continue into TWRP but I can't mount or modify the /system partition (it reads as 0b in TWRP File Browser). No idea how to fix, but I'm glad it's not just me having this issue.
As of right now, it looks like we are going to have to wait for custom ROMs for a fix, unless TWRP gets an update just for this. I saw a thread here asking users for info for final tweaks on a CM13 port to the Axon 7.
Click to expand...
Click to collapse
That would be dreamy. I have no issues waiting, fingers crossed.
---------- Post added at 09:53 PM ---------- Previous post was at 09:49 PM ----------
peramikic said:
There are two different scenarios that will be in play here. Is the bootloader unlocked or not. If the bootloader is unlocked then boot.img can be patched with the zip from idlekernle that disables the dm-verity and fstab. You cannot do this if your BL is locked, because it will modify the signed boot.img that that provides root, and will not boot anymore.
After it's patched, the system will not encrypt after /data wipe and TWRP will access it without problem. The downside is no encryption.
For the BL locked crowed, the /data has to be reformatted after flashing new rooted boot.img. This image also enforces encryption so one way to solve this would be for @tenfar to provide us with signed boot.img that set encryption of as well as. Otherwise the TWRP will need a password to decrypt /data if it can't use the default_password. In this case you should be able to enter the same pin you have setup for lock screen to decrypt the main encryption key.
The system re-encrypts itself on every system start after factory reset or /data format because of the forceencrypt flag in fstab, so the pin will be needed as long as that's the case. While TWRP should be able to try to decrypt with "default_password" in case you have not setup any on lockscreen, this sometimes fails, so having a pin on lockscreen usually helps. The cause is most likely that /cryptkey is altered somehow and TWRP can't use it. Wiping /data and rebooting should generate an fresh /cryptkey. I have been able to just flash modded recovery while still on stock boot and backup the /data with no key.
/system should not be encrypted ever since it would make block level OTA impossible to do. Why TWRP is not mounting it or seeing it 0b is a separate question.
Click to expand...
Click to collapse
Well i have formatted my data maybe 30 times with all sorts of different recoveries and boot images. My original boot image is long gone so hopefully that isn't the key. I also don't use a lock screen, I guess I could if it unlocks the data, but I certainly wouldn't want to keep using a lock screen. Anyways I am done with the phone for now, will revisit it when someone fixes posts they had the decrypt PW issue and fixed it.
HonestOtter said:
That would be dreamy. I have no issues waiting, fingers crossed.
---------- Post added at 09:53 PM ---------- Previous post was at 09:49 PM ----------
Well i have formatted my data maybe 30 times with all sorts of different recoveries and boot images. My original boot image is long gone so hopefully that isn't the key. I also don't use a lock screen, I guess I could if it unlocks the data, but I certainly wouldn't want to keep using a lock screen. Anyways I am done with the phone for now, will revisit it when someone fixes posts they had the decrypt PW issue and fixed it.
Click to expand...
Click to collapse
See if you can set the pin, go into TWRP and us it. If it works, go back to OS and remove lockscreen, set to none and then go back to TWRP and see if it still asks for one. Did you run TWRP in read only mode or did you swipe to mount as RW?
peramikic said:
See if you can set the pin, go into TWRP and us it. If it works, go back to OS and remove lockscreen, set to none and then go back to TWRP and see if it still asks for one. Did you run TWRP in read only mode or did you swipe to mount as RW?
Click to expand...
Click to collapse
I assume you mean the lock screen pin? I set a lock screen pin of 1234, but "password failed, please try again". So that didn't work. Is there a different pin for the encryption?
***update
That sucked. I don't use a lock screen but after I tried the pin it won't let be go back to none for the lock screen. I was just starting to use this phone to, now its back to the old phone because I can't use a phone with a lock screen . So sad. Hopefully someone figures out a solution to all this security crap.
I'm having the same issue on B27. Do a factory Reset, then a Format, and after it boots to the OS, the data is encrypted again. I'd be somewhat ok with it but I'm not clear on how to install things like Xposed if the drive is encrypted? I assumed ADB SIDELOAD... but not through encryption.
If the answer is "I don't know" -- then can someone help me restore to stock B27. I have a locked bootloader.
zigzampow said:
I'm having the same issue on B27. Do a factory Reset, then a Format, and after it boots to the OS, the data is encrypted again. I'd be somewhat ok with it but I'm not clear on how to install things like Xposed if the drive is encrypted? I assumed ADB SIDELOAD... but not through encryption.
If the answer is "I don't know" -- then can someone help me restore to stock B27. I have a locked bootloader.
Click to expand...
Click to collapse
Xposed should install just fine if you're getting the message in TWRP. Id you're getting the encryption message after the phone is booted and can't access the phone, then you need to format data, then install Xposed so you can use the phone.
Some zips like SuperSU zip will not be able to be installed when the partition is encrypted. Xposed zip should install just fine
mmamedov said:
Xposed should install just fine if you're getting the message in TWRP. Id you're getting the encryption message after the phone is booted and can't access the phone, then you need to format data, then install Xposed so you can use the phone.
Some zips like SuperSU zip will not be able to be installed when the partition is encrypted. Xposed zip should install just fine
Click to expand...
Click to collapse
But if TWRP cannot access the encrypted data, how can one select and flash the TWRP flashable zip that accompanies the Xposed APK? Is the only solution to sideload? I see the option in TWRP but I am not familiar with how to do it.
Hi
I am unable to understand the concept of Decryption. I have been rooting my phone since the time of Samsung S3. I currently own a 64gb Nexus 6p with build number N4F26T. I use the sticky guide given here to root my phone and install custom recovery.
Now I want to apply pixel mods, but they demand verity check disabled. When I go in the security of my phone, it says Phone Encrypted in Encryption. I have checked all of the threads and forums regarding this but there is no clear guideline.
Do I have to decrypt my data? If yes, how will I be going on with this process? I see the format user data command but I am on Nougat 7.1.1 so I think this is not applicable to me. But no where has it been mentioned that I have to decrypt any other way.
Any help would be appreciated as I have always received from this community. How will I go on about the decryption? Please help soon as I currently have no data in it so its easier to format it.
You do not have to decrypt your data to use those MOD's. To disable variety check all you need to do is install a custom kernel or rom that does this by default. You will not lose any data by doing this. If you wanted to decrypt your data then you would have to format the data partition on your phone. This would obviously wipe your data so you would need to make a backup first on your PC. Some people think that decrypting your data will give you a slight speed bump but I've tried both ways and haven't noticed any real difference. So far I haven't run into any reason that the data partition would need to be decrypted to install anything.
This is a Question, so you are supposed to post in the Q/A section, not General.
First, you can't just decrypt the existing data on the phone, you'll have to wipe the device first and then NOT allow the encryption to happen on your fresh install. Make sure you already have USB debugging enabled. You need to perform a factory reset to wipe the phone. Then transfer from your PC either SuperSU (zipfile) or a no force-encrypt custom kernel such as EX Kernel or Franco (zipfile) to the root of the phone (or both). You can do this with TWRP's file manager. Before booting for the first time use TWRP's "Install" to flash either SU or your kernel. Now you can boot to system and your device will not be encrypted by default. Going forward with any updates that include flashing a new boot.img you need to reflash SU or the kernel (before booting) to avoid encryption.
First of all apologies about posting in the wrong section. Secondly, I have already rooted with Supersu. So now all I need to do is format the user data and I will have decrypted data right? It won't again get encrypted, right?
Secondly, thanks alot for such prompt responses. I am unable to find the thanks button that used to be there.
Here is a quick review of what happened:
The phone was running well on Lineageos 14.1, encrypted with a pattern, with TWRP 3.1.1 as recovery. I’ve then been notified of an LOS update to 15.1 Oreo and got excited. Booted in recovery, entered my pattern to decrypt, took a full TWRP backup, flashed Oreo modem and firmware and dirty flashed (I know, bad idea) the LOS 15.1 zip.
It got stuck at boot logo. Even if I didn't have high expectations for it to work I just thought I would try the lazy way to see and use my fresh backup to restore in case of failure like I always did successfully since my Nexus One.
This time was different because as I rebooted in TWRP to restore, it didn't ask for my pattern. You guessed it, the data partition is encrypted, no access to my backup or anything on the external storage. I can mount data and see the weird encrypted file names but that's it. I tried different version of TWRP, but it never ask the pattern. Even the terminal command 'twrp decrypt *******' doesn’t work.
I then tried to wipe data and flash LOS 14.1 again but it gets stuck saying that android has no access to data partition because it’s encrypted and that I need to format. I pulled out my sim card and started to use my old oneplus one while waiting for the new version of TWRP 3.2.1.1 with the feb security patch support thinking it might then be able to decrypt but no luck still.
I can go without the phone for a while, I’ll buy another one if I have to because there is some precious data on that phone and I can’t make my mind that the data is there, I know the encryption key but I have no access to it. There must be a way, I just don’t have enough knowledge about how this encryption thing is working.
Any help would be appreciated, Thank you
jpitou said:
Here is a quick review of what happened:
The phone was running well on Lineageos 14.1, encrypted with a pattern, with TWRP 3.1.1 as recovery. I’ve then been notified of an LOS update to 15.1 Oreo and got excited. Booted in recovery, entered my pattern to decrypt, took a full TWRP backup, flashed Oreo modem and firmware and dirty flashed (I know, bad idea) the LOS 15.1 zip.
It got stuck at boot logo. Even if I didn't have high expectations for it to work I just thought I would try the lazy way to see and use my fresh backup to restore in case of failure like I always did successfully since my Nexus One.
This time was different because as I rebooted in TWRP to restore, it didn't ask for my pattern. You guessed it, the data partition is encrypted, no access to my backup or anything on the external storage. I can mount data and see the weird encrypted file names but that's it. I tried different version of TWRP, but it never ask the pattern. Even the terminal command 'twrp decrypt *******' doesn’t work.
I then tried to wipe data and flash LOS 14.1 again but it gets stuck saying that android has no access to data partition because it’s encrypted and that I need to format. I pulled out my sim card and started to use my old oneplus one while waiting for the new version of TWRP 3.2.1.1 with the feb security patch support thinking it might then be able to decrypt but no luck still.
I can go without the phone for a while, I’ll buy another one if I have to because there is some precious data on that phone and I can’t make my mind that the data is there, I know the encryption key but I have no access to it. There must be a way, I just don’t have enough knowledge about how this encryption thing is working.
Any help would be appreciated, Thank you
Click to expand...
Click to collapse
Try flash codeworkx TWRP ...
it should decrypt your data partition ...
https://downloads.sourceforge.net/project/cheeseburgerdumplings/15.1/cheeseburger/recovery/twrp-3.2.1-0-20180309-codeworkx-cheeseburger.img?r=https%3A%2F%2Fsourceforge.net%2Fprojects%2Fcheeseburgerdumplings%2Ffiles%2F15.1%2Fcheeseburger%2Frecovery%2F&ts=1521806282&use_mirror=netix
PS-DEV said:
Try flash codeworkx TWRP ...
it should decrypt your data partition ...
https://downloads.sourceforge.net/project/cheeseburgerdumplings/15.1/cheeseburger/recovery/twrp-3.2.1-0-20180309-codeworkx-cheeseburger.img?r=https%3A%2F%2Fsourceforge.net%2Fprojects%2Fcheeseburgerdumplings%2Ffiles%2F15.1%2Fcheeseburger%2Frecovery%2F&ts=1521806282&use_mirror=netix
Click to expand...
Click to collapse
I had tried it when it came out and I just tried it again. No difference!! It looks like twrp doesn't even see that my phone is encrypted. I've read a lot and tried many different things and I'm out of idea. All of the people I've seen with this problem have given up so they could get their phone back and running by formatting the partition, losing their data. This option is not one for me. I'd rather buy a new phone hoping for an eventual possible solution. I know the data is there, and I know the pattern key...... I mean, there's got to be a way......
So, I've been reading ad nauseum on this topic with regards to flashing new ROMs on my 6t and getting locked out due to decryption.
Among other threads and places across the interweb, I've read all of these:
https://forum.xda-developers.com/search/forum/8259?query=Encryption
During my travels I've discovered that the s**t doesn't really hit the fan until "data" is wiped via TWRP. I see that the recommend process for flashing new ROMs goes like this:
Boot on twrp
Flash ROM
Flash twrp installer
Reboot to twrp
Factory reset
Reboot to system
Am I understanding this correctly that if I transpose steps 4 and 5, then I shall plan on losing all of my data, but if I reboot from TWRP (right back into TWRP) before step 5 (aka data wipe), I shouldn't loose my data?
Assuming that is correct, does it matter if I leave a lock screen password enabled before rebooting to TWRP from the soon-to-be replaced ROM? I ask this because removing the lock screen password did not seem to reduce my chances of encountering permananly encrypted data.
Thanks!
notorious.dds said:
So, I've been reading ad nauseum on this topic with regards to flashing new ROMs on my 6t and getting locked out due to decryption.
Among other threads and places across the interweb, I've read all of these:
https://forum.xda-developers.com/search/forum/8259?query=Encryption
During my travels I've discovered that the s**t doesn't really hit the fan until "data" is wiped via TWRP. I see that the recommend process for flashing new ROMs goes like this:
Boot on twrp
Flash ROM
Flash twrp installer
Reboot to twrp
Factory reset
Reboot to system
Am I understanding this correctly that if I transpose steps 4 and 5, then I shall plan on losing all of my data, but if I reboot from TWRP (right back into TWRP) before step 5 (aka data wipe), I shouldn't loose my data?
Assuming that is correct, does it matter if I leave a lock screen password enabled before rebooting to TWRP from the soon-to-be replaced ROM? I ask this because removing the lock screen password did not seem to reduce my chances of encountering permananly encrypted data.
Thanks!
Click to expand...
Click to collapse
Yes. For the love of god. Someone please clear up how we can flash on the go. I don't always have access to a computer with Adb/fastboot.
Every time I try to switch roms, upon rebooting to TWRP, my folders encrypt. Then I have to format data and voila, no fricking ROM to flash and I'm stuck
idkwhothatis123 said:
Yes. For the love of god. Someone please clear up how we can flash on the go. I don't always have access to a computer with Adb/fastboot.
Every time I try to switch roms, upon rebooting to TWRP, my folders encrypt. Then I have to format data and voila, no fricking ROM to flash and I'm stuck
Click to expand...
Click to collapse
Yeah A/B partition are a nuisance when it comes to flashing. I'd recommend you to do a clean flash of the ROM. Follow these steps.
1. Download the Latest Stable OOS from OnePlus's Website. Download the ROM ZIP of your Choice as well as the latest TWRP Installer. Transfer these to your phone and also copy them to a Laptop as you might have to Format Data.
2. Now Reboot to Recovery and flash OOS ZIP and TWRP Installer. Let it finish. Once it's done Reboot to Recovery from Within TWRP.
3. Again flash OOS and TWRP Installer. If for some reason your folders are messed up (as you posted in the image earlier) just go to Wipe and Format Data. And transfer the OOS and TWRP Installer to Internal and Flash them. Let it finish.
4. Once that's done, now again Reboot to Recovery and now flash ROM and TWRP Installer. After that's done, again Reboot to Recovery.
5. Again, flash ROM and TWRP Installer. Once done, Reboot to Recovery.
6. Now flash Gapps of your Choice. Stock are Recommend while anything above Nano will work. AROMA won't work. Once Gapps are flashed now go to Wipe and do a Factory Reset (Swipe to Factory Reset). Once that's Done, hit Reboot System and wait for the ROM to Load.
7. After the Initial Setup, Reboot to Recovery and flash Magisk and Custom Kernel if you want.
Personally I Format Data after flashing Gapps to get a "clean install". But that's not necessary. Also if you want to flash ROMs often I'd suggest investing in Swift Backup. It's an excellent app for Backups and can Backup almost Anything. Hope this helps.
This is what I do. Occasionally I get the Encrypted Folders but if followed correctly all is smooth. I can flash any ROM without Encryption. Except maybe stock OOS.
Thanks Mannan.
However, what I'm really looking for is someone to explain the following:
1. Which action or actions is it that triggers the phone to be encypted without a way to decrypt when flashing a new rom? My suspicion is that if the phone was encrypted while having been boot from slot A, then wiping data while in slot A results in data loss. By extension, rebooting into slot B and then wiping data allows slot B to now hold the encryption key. I'm sure this theory has got some errors, but it's the best I can come up with having no intrinsic knowledge on the topic.
2. Are there any means of mitigating data loss should the phone become encrypted? I.e. If possible, can I back up data (minus /data/media) and then restore that when I can't get access to /data/media?
With regards to question #1, I developed my "suspicion" after lossing ambition to test it. When I get my ambition back to fight this issue, I'll try again. I'm just getting sick of transfering 25+ gigs of data via adb every time the data gets encrypted and I can't get it decrypted.
notorious.dds said:
Thanks Mannan.
However, what I'm really looking for is someone to explain the following:
1. Which action or actions is it that triggers the phone to be encypted without a way to decrypt when flashing a new rom? My suspicion is that if the phone was encrypted while having been boot from slot A, then wiping data while in slot A results in data loss. By extension, rebooting into slot B and then wiping data allows slot B to now hold the encryption key. I'm sure this theory has got some errors, but it's the best I can come up with having no intrinsic knowledge on the topic.
2. Are there any means of mitigating data loss should the phone become encrypted? I.e. If possible, can I back up data (minus /data/media) and then restore that when I can't get access to /data/media?
With regards to question #1, I developed my "suspicion" after lossing ambition to test it. When I get my ambition back to fight this issue, I'll try again. I'm just getting sick of transfering 25+ gigs of data via adb every time the data encryption kicks in.
Click to expand...
Click to collapse
You're not that far off, actually. And while I'm no developer I suspect that Encryption kicks in when
a). You flash stock OOS. No matter what ROM you are on, when you flash OOS it's possible you can get encrypted. I'm not sure about this but if a developer could confirm that'd be great. This one time, I flashed OOS Stable while on Beta and it Encrypted my Storage. So I had to retransfer with a computer to flash it the required two times. So basically avoid flashing OOS when on a Custom ROM. Even when switching ROMs.
b). Just as you said, when you Wipe Data within TWRP and then Reboot to TWRP it also Encrypts the Device. So I usually Wipe Data after flashing ROM & Gapps. Otherwise if you Wipe Data after flashing ROM it will Encrypt you.
And to answer that last Question the app I personally use is called Swift Backup. It's an amazing app and although it costs $5.49 it can Backup Apps and Data. It can also backup the Files in Android/obb. Give it a go.
Mannan Qamar said:
You're not that far off, actually. And while I'm no developer I suspect that Encryption kicks in when
a). You flash stock OOS. No matter what ROM you are on, when you flash OOS it's possible you can get encrypted. I'm not sure about this but if a developer could confirm that'd be great. This one time, I flashed OOS Stable while on Beta and it Encrypted my Storage. So I had to retransfer with a computer to flash it the required two times. So basically avoid flashing OOS when on a Custom ROM. Even when switching ROMs.
Click to expand...
Click to collapse
I've been fiddling around with OOS and The Pixel Experience (aka TPE) ROM. I've yet to need to flash OOS in order to loose my ability to decrypt. Flashing TPE screws everything up quite nicely as well. That said, I have gotten into the situation where TWRP (booted from either slot) has got everything encrypted. However, in one case, I was able to get the data back by recreating the boot_a partition as it existed before I wiped data. I think there may be something to be learned here. However, subsequent attempts to use this method have not been successful. In other words, I'm not sure what I actually learned.
Mannan Qamar said:
And to answer that last Question the app I personally use is called Swift Backup. It's an amazing app and although it costs $5.49 it can Backup Apps and Data. It can also backup the Files in Android/obb. Give it a go.
Click to expand...
Click to collapse
I'm still using Titanium Backup (paid version as well). It works quite well and I'm happy with it. That said, it's still a much bigger pain in the butt to restore vs performing a nandroid restore of the data. It's apples and oranges though. In order for the nandroid to provide any real value, you pretty much have to do right before need it... unless you never do anything on your phone. It also only works with the ROM from which it was created... obviously. Since my current nandroid backup of /data is > 22 gb, its fairly cumbersome.
notorious.dds said:
I've been fiddling around with OOS and The Pixel Experience (aka TPE) ROM. I've yet to need to flash OOS in order to loose my ability to decrypt. Flashing TPE screws everything up quite nicely as well. That said, I have gotten into the situation where TWRP (booted from either slot) has got everything encrypted. However, in one case, I was able to get the data back by recreating the boot_a partition as it existed before I wiped data. I think there may be something to be learned here. However, subsequent attempts to use this method have not been successful. In other words, I'm not sure what I actually learned.
I'm still using Titanium Backup (paid version as well). It works quite well and I'm happy with it. That said, it's still a much bigger pain in the butt to restore vs performing a nandroid restore of the data. It's apples and oranges though. In order for the nandroid to provide any real value, you pretty much have to do right before need it... unless you never do anything on your phone. It also only works with the ROM from which it was created... obviously. Since my current nandroid backup of /data is > 22 gb, its fairly cumbersome.
Click to expand...
Click to collapse
I dunno if it will work but when you get Encrypted try booting the TWRP image. Maybe that'll work.
Doesn't this problem occur with backups and restore from twrp as well?.... This A/B stuff I'm not used to but I'll keep reading and hopefully something in my brain will kick in lol...
Mannan Qamar said:
I dunno if it will work but when you get Encrypted try booting the TWRP image. Maybe that'll work.
Click to expand...
Click to collapse
Yeah, that I defintitely tried. No dice. However, I just backed up everthing and I'm about to start blowing the thing up with ROM flashes. Consider it a stress test. I'll report back.
What I've got so far...
Coming from OOS 9.0.14 running on slot B with a lock screen pattern enabled, I boot into TWRP on slot B.
I then flashed The Pixel Experiance ROM via it's .zip file. (The flash is then applied to slot A because it goes to the inactive slot).
Flashed the TWRP install .zip
Changed active slot to A
Reboot to recovery (aka TWRP) ... now in slot A.
wiped data (minus storage)
Flashed magisk
Reboot system
This got me into the new ROM with data intact. However, when rebooting to recovery (still slot A), it would ask for a pattern but yet wouldn't accept the pattern to decrypt. Rebooting back into Pixel Experience the data was decrypted. So, even the data would decrypt when booted into system, I could no longer get to the data from within TWRP. I then changed the lock pattern from within Pixel Experience and reboot to TWRP, it still couldn't decrypt the data. Rebooting back to system succeeded in that it actually boot, but I could no longer unlock the phone (stuck on "phone is starting"). My presumption at this point was that Pixel Experience could no longer decrypt the data.
I then:
Reboot to TWRP (slot A still)
Flashed OOS
Flashed TWRP
Set active slot to B
Reboot to recovery (aka TWRP)
wiped data (minus storage)
reboot to system
At this point OOS failed to boot and I was returned to TWRP. Data was still not able to be decrypted. I then did a factory reset plus wiped storage (aka data, dalvik, and internal storage) and tried to boot to system... still failed and sent me back to TWRP. This time, although data was empty, it was decrypted. I tried to reboot system again. It failed again and sent me back to TWRP.
So, at this point , I've wiped data and internal storage but I cannot get stock OOS to boot. So, I reboot to bootloader and executed:
Code:
fastboot -w
My understanding is that this should do the same this as performing a factory reset from within TWRP. However, rebooting to system succeeded this time.
So, the new questions are:
1. How is it that I can decrypt data when booted into Pixel Experience on slot A, but I cannot decrypt the data via TWRP?
2. If I removed the lock screen pattern from OOS before flashing PixelExperience, would I have been able to decrypt the data in both the ROM and within TWRP?
3. Why is factory resetting via fastboot effective when doing so in TWRP is not?
notorious.dds said:
What I've got so far...
Coming from OOS 9.0.14 running on slot B with a lock screen pattern enabled, I boot into TWRP on slot B.
I then flashed The Pixel Experiance ROM via it's .zip file. (The flash is then applied to slot A because it goes to the inactive slot).
Flashed the TWRP install .zip
Changed active slot to A
Reboot to recovery (aka TWRP) ... now in slot A.
wiped data (minus storage)
Flashed magisk
Reboot system
This got me into the new ROM with data intact. However, when rebooting to recovery (still slot A), it would ask for a pattern but yet wouldn't accept the pattern to decrypt. Rebooting back into Pixel Experience the data was decrypted. So, even the data would decrypt when booted into system, I could no longer get to the data from within TWRP. I then changed the lock pattern from within Pixel Experience and reboot to TWRP, it still couldn't decrypt the data. Rebooting back to system succeeded in that it actually boot, but I could no longer unlock the phone (stuck on "phone is starting"). My presumption at this point was that Pixel Experience could no longer decrypt the data.
I then:
Reboot to TWRP (slot A still)
Flashed OOS
Flashed TWRP
Set active slot to B
Reboot to recovery (aka TWRP)
wiped data (minus storage)
reboot to system
At this point OOS failed to boot and I was returned to TWRP. Data was still not able to be decrypted. I then did a factory reset plus wiped storage (aka data, dalvik, and internal storage) and tried to boot to system... still failed and sent me back to TWRP. This time, although data was empty, it was decrypted. I tried to reboot system again. It failed again and sent me back to TWRP.
So, at this point , I've wiped data and internal storage but I cannot get stock OOS to boot. So, I reboot to bootloader and executed:
My understanding is that this should do the same this as performing a factory reset from within TWRP. However, rebooting to system succeeded this time.
So, the new questions are:
1. How is it that I can decrypt data when booted into Pixel Experience on slot A, but I cannot decrypt the data via TWRP?
2. If I removed the lock screen pattern from OOS before flashing PixelExperience, would I have been able to decrypt the data in both the ROM and within TWRP?
3. Why is factory resetting via fastboot effective when doing so in TWRP is not?
Click to expand...
Click to collapse
Well starting from the way you flashed the ROM, the rule of thumb is that you NEVER manually change slots. Now since you are on stock follow the instructions I posted earlier to flash PE or any other ROM for that matter. I think when you manually set the slot it somehow messed up Decryption. Next, after flashing OOS from TWRP when you are on a Custom ROM, you must always Format Data. The command you ran via Fastboot (fastboot -w) does just that.
So I just flashed Bootleggers from Stock OpenBeta 11. These are the steps I followed. I was successfully able to flash and was able to keep my Data intact. These are the steps I followed.
Starting from OpenBeta 11 I flashed ROM (Bootleggers) and then TWRP Installer. Then go to Reboot and Select Recovery. Once in Recovery, again flash ROM and TWRP Installer. Once done, reboot to Recovery. Flash Gapps and then go to Wipe and do a Swipe to Fa Tory Reset. This will Delete all your Data except Internal Storage. This is a necessary step when flashing a ROM. Once done, reboot to System. After this I was able to boot up Successfully with my Internal Storage as it was before flashing. After that I restored my backup. Everything is working and I can enter and Decrypt TWRP without error.
This thread should be pined as a guide because instalation notes in ROM threads are so basic.
A couple of things come to mind reading this thread in reference to encryption
1) if security patches dont match on A/B, it seems to trigger a lockout with encryption. i may be wrong.
2) if internal storage isnt wiped, i.e.-if you use the "factory reset' option in twrp, your data is still there and that in itself post-flash can trigger encryption error as the data is still there.
I think about it like this, despite it being A/B partitions, the data is like a middle layer that isnt individualized to one partition or the other. so a trigger/failure for secure boot encrypts it all.
kitcostantino said:
A couple of things come to mind reading this thread in reference to encryption
1) if security patches dont match on A/B, it seems to trigger a lockout with encryption. i may be wrong.
2) if internal storage isnt wiped, i.e.-if you use the "factory reset' option in twrp, your data is still there and that in itself post-flash can trigger encryption error as the data is still there.
I think about it like this, despite it being A/B partitions, the data is like a middle layer that isnt individualized to one partition or the other. so a trigger/failure for secure boot encrypts it all.
Click to expand...
Click to collapse
I'm pretty sure, that if you flash anything with a security patch earlier than the one you're currently using your data will get encrypted.
Which is why it happens with going back to OOS from custom, because they're always late with security patches compared to custom roms.
The hardest thing for.me coming from an A only device (Axon 7) has been learning order of operations. as long as one flashes rom followed by twrp and then a reboot into recovery, followed by installing magisk, things usually go okay. Going from aosp to aosp went okay, but like you said moving from OOS to AOSP or vice versa always yielded encryption lock. maybe we could make a merged security patch or something of the sort to bridge the gap. im no dev, so im sure someone who knows more than i can tell us why that wouldnt work. it would be really cool for One Plus to gain a better foothold in custom OS before the majority of crack flashers and devs swear off. Dont get me wrong, OOS is amazing and i feel with the inherent features, is superior to any other stock rom, but android is all about choice.
i really and truly wish someone would make a version of TWRP that had a dual boot set up vs A/B. I have had devices (looking at you, Droid Bionic) that never had proper root/bl unlock and had amazing rom communities bc of safestrap/dual boot/etc. i am more than willing to give up internal storage space to duplicate/clone /data and anything else that is on both systems. i also wish recovery had its own partition again, but that one is beyond our control at this point as it resides in boot now.
Maybe its conceivable. Who knows.
I have no issues. I don't lose anything when I flash ROMs. I boot to twrp, factory reset(not wipe storage), flash ROM, flash twrp installer....boot ROM, reboot twrp, flash gapps, custom kernel. Then I factory reset again (not wipe storage) and then install magisk..done....no issues. It will fail boot once and then boot fine because of this process but only after you do this. So if you reboot later you are fine...I keep all my stuff
First off, I want to thank all of you who contributed to this thread. I'm defintely gaining a better understanding of some of the pitfalls associated with A/B devices and encryption. Thanks!
Mannan Qamar said:
Well starting from the way you flashed the ROM, the rule of thumb is that you NEVER manually change slots. Now since you are on stock follow the instructions I posted earlier to flash PE or any other ROM for that matter. I think when you manually set the slot it somehow messed up Decryption.
Click to expand...
Click to collapse
So, my understand is that flashing a new ROM from within TWRP flashes it to the inactive slot. Therefore, my assumptions as to the reasoning behind rebooting from TWRP back into TWRP before wiping data were that:
Any modifiations made to the boot partition intended to affect the new ROM need to be made to the boot partition that shares the same slot as that of the new ROM, and
Wiping data while booted into image of TWRP which shares the same slot as the new ROM has some magical effect on preserving the ability to decrypt data vs wiping data while booted into the image of TWRP that resides in the slot of the ROM to be replaced.
It is these assumptions (combined with my execution of the basic recipe failing to prevent encryption lock-out) which led me to manually changing slots. I will say this... after flashing PE and TWRP.zip from within TWRP on slot B, simply rebooting to recovery brought me right back to TWRP on slot B. If PE is now on slot A, how does installing magisk, etc. do me any good while in slot B? Also, are my assumptions misguided as to the "why" rebooting to TWRP before installing magisk, wiping data, etc is necessary?
Mannan Qamar said:
Next, after flashing OOS from TWRP when you are on a Custom ROM, you must always Format Data. The command you ran via Fastboot (fastboot -w) does just that.
Click to expand...
Click to collapse
Lightbulb status: on
Thanks!
kitcostantino said:
If security patches dont match on A/B, it seems to trigger a lockout with encryption. i may be wrong.
Click to expand...
Click to collapse
Is this why in Mannan Qamar's earlier post he appears to be flashing the new ROM to BOTH slots before trying to boot into system?
ebproject said:
I'm pretty sure, that if you flash anything with a security patch earlier than the one you're currently using your data will get encrypted.
Which is why it happens with going back to OOS from custom, because they're always late with security patches compared to custom roms.
Click to expand...
Click to collapse
I'm assuming that flashing OOS to BOTH slots as is mentioned earlier with regards to flashing a custom ROM won't help when going back to OOS given the old vs new issue. Has anyone verified that yet?
It's my understanding that the sure security patch is applied to the system partition, correct? Is part of that patch included in boot, or no?
jamescable said:
I have no issues. I don't lose anything when I flash ROMs. I boot to twrp, factory reset(not wipe storage), flash ROM, flash twrp installer....boot ROM, reboot twrp, flash gapps, custom kernel. Then I factory reset again (not wipe storage) and then install magisk..done....no issues. It will fail boot once and then boot fine because of this process but only after you do this. So if you reboot later you are fine...I keep all my stuff
Click to expand...
Click to collapse
I notice that the FIRST thing you do is "factory reset". That's definitely not standard with the install threads I've read. Hmmmmm, interesting.
Also, why do you boot the ROM before flashing gapps, and kernel? It seems unnecessary since you're just factory resetting again. I'm sure I'm missing something on this one.
notorious.dds said:
I notice that the FIRST thing you do is "factory reset". That's definitely not standard with the install threads I've read. Hmmmmm, interesting.
Also, why do you boot the ROM before flashing gapps, and kernel? It seems unnecessary since you're just factory resetting again. I'm sure I'm missing something on this one.
Click to expand...
Click to collapse
Booting to ROM solved the encryption issues
idkwhothatis123 said:
Yes. For the love of god. Someone please clear up how we can flash on the go. I don't always have access to a computer with Adb/fastboot.
Every time I try to switch roms, upon rebooting to TWRP, my folders encrypt. Then I have to format data and voila, no fricking ROM to flash and I'm stuck
Click to expand...
Click to collapse
If you stuck on encrypted storage ever, reboot to system and after you see the setup screen, reboot to recovery again. Voila, your storage is decrypted now.
It happened to me all the time when I flash OOS and this way I am able to decrypt my internal storage.
My device bootlooped after new update, it seemed fine, i update it normally last week and it worked fine. today i did a TWRP backup of all of the partitions and then rebooted and it went into bootloop. I was able to flash all the partitions again with the flash-all-partitions.bat and got it out of fastboot. Now i can boot TWRP with an .img again.
The problem is that my data is all encrypted, like it mounts but its all in ramdom folders with ramdom names, and TWRP is not asking for the code to decrypt it. I dont know how to decrypt the data. How can i decrypt it? ( i know the code as it was my password).
Thank you
I would say format data and re-flash rom via twrp, that should remove encryption (but you loose all of your data) and you should be able to normally boot.
marahlad said:
I would say format data and re-flash rom via twrp, that should remove encryption (but you loose all of your data) and you should be able to normally boot.
Click to expand...
Click to collapse
yes but the problem is im trying to preserve data, it was pretty sudden i need to acces my 2fa backups and other important files, thats why i havent formatted everything and reflashed. bc im trying to look for solutions whre i can decrypt my data and get the important stuff out of there.