Problems with NTFS-formatted Truecrypt volume.

[GoogleCodeExporter]

Hi,

I've been using cryptonite on a Galaxy Note (now updated to ICS, and rooted). I 
mostly use cryptonite to get access to the truecrypt binary on Android (i.e. I 
use it from the command line).

I went to mount my secure volume the other day - which completed Ok, but when I 
cd into the mountpoint - it's got files in it, just not *my* files!?

e.g. from a root Shell I do:

/data/data/csh.cryptonite/truecrypt -k "" -m ro /sdcard/Files/volume.tc 
/sdcard/Secure

This completes without error - if I then do:

cd /sdcard/Secure
ls -l

I get:

-rwxrwxrwx root root 42023 1970-01-01 01:00 ani_upload_1_kernel_panic.jpg
-rwxrwxrwx root root 39255 1970-01-01 01:00 ani_upload_2_cp_crash.jpg
(whole bunch of other similar file names)

Basically, these are not the files I'm looking for...

Without anything mounted, 'losetup -f' gives:

/dev/block/loop0

The 'phone has full disk encryption turned on, and sdcard encryption turned on.

It looks like something is picking the 'wrong' thing up somewhere, and mounting 
it.

From memory - I think this all worked OK before I turned on SD encryption.

I've double checked 'volume.tc' on a PC - and it definitely contains my files - 
not the files the 'phone shows when it's mounted.

This is with Cryptonite 0.6.17 (installed from Google Play).

Any suggestions what I can do to fix this, or troubleshoot it further?

Thanks,

-Karl

Original issue reported on code.google.com by karl.pie...@googlemail.com on 20 Aug 2012 at 9:37

• Merged into: #34

[GoogleCodeExporter]

1. On a root terminal, what's the output of "df" or "mount" (without any 
options)?
2. Have you tried a target directory other than "/sdcard/Secure"? There's a 
chance that Android's encryption uses "/sdcard/Secure" itself.

Original comment by christoph.schmidthieber@gmail.com on 20 Aug 2012 at 12:08

[GoogleCodeExporter]

> 1. On a root terminal, what's the output of "df" or "mount" (without any 
options)?

I should add: before and after mounting your truecrypt volume.

Original comment by christoph.schmidthieber@gmail.com on 20 Aug 2012 at 12:17

[GoogleCodeExporter]

Hi,

I already tried a couple of different directories (e.g. '/sdcard/Stuff' and 
'/sdcard/MySecureStuff') - with the same result.

Output of 'mount' before mounting the TC volume:

rootfs / rootfs ro,relatime 0 0
tmpfs /dev tmpfs rw,nosuid,relatime,mode=755 0 0
devpts /dev/pts devpts rw,relatime,mode=600 0 0
proc /proc proc rw,relatime 0 0
sysfs /sys sysfs rw,relatime 0 0
none /acct cgroup rw,relatime,cpuacct 0 0
tmpfs /mnt/asec tmpfs rw,relatime,mode=755,gid=1000 0 0
tmpfs /mnt/obb tmpfs rw,relatime,mode=755,gid=1000 0 0
none /dev/cpuctl cgroup rw,relatime,cpu 0 0
/dev/block/mmcblk0p9 /system ext4 ro,noatime,barrier=1,data=ordered 0 0
/dev/block/mmcblk0p7 /cache ext4 rw,nosuid,nodev,noatime,barrier=1,data=ordered 
0 0
/dev/block/mmcblk0p1 /efs ext4 rw,nosuid,nodev,noatime,barrier=1,data=ordered 0 
0
/dev/block/mmcblk0p4 /mnt/.lfs j4fs rw,relatime 0 0
/sys/kernel/debug /sys/kernel/debug debugfs rw,relatime 0 0
/dev/block/mmcblk0p12 /preload ext4 
ro,nosuid,nodev,noatime,barrier=1,data=ordered 0 0
/dev/block/dm-0 /data ext4 
rw,nosuid,nodev,noatime,barrier=1,data=ordered,noauto_da_alloc 0 0
/dev/block/vold/254:1 /mnt/sdcard vfat 
rw,dirsync,nosuid,nodev,noexec,noatime,nodiratime,uid=1000,gid=1015,fmask=0002,d
mask=0002,allow_utime=0020,codepage=cp437,iocharset=iso8859-1,shortname=mixed,ut
f8,errors=remount-ro,discard 0 0
tmpfs /mnt/sdcard/external_sd tmpfs 
rw,dirsync,nosuid,nodev,noexec,noatime,nodiratime,size=0k,mode=755,gid=1000 0 0
tmpfs /mnt/sdcard/usbStorage tmpfs 
rw,dirsync,nosuid,nodev,noexec,noatime,nodiratime,size=0k,mode=755,gid=1000 0 0
/dev/block/vold/179:9 /mnt/sdcard/external_sd vfat 
rw,dirsync,nosuid,nodev,noexec,noatime,nodiratime,uid=1000,gid=1023,fmask=0002,d
mask=0002,allow_utime=0020,codepage=cp437,iocharset=iso8859-1,shortname=mixed,ut
f8,errors=remount-ro 0 0
/mnt/sdcard/external_sd /mnt/sdcard/external_sd ecryptfs 
rw,nodev,relatime,ecryptfs_sig=2c5fb613de01bc98,ecryptfs_cipher=aes,ecryptfs_key
_bytes=32,ecryptfs_passthrough 0 0

And, after mounting the TC volume:

rootfs / rootfs ro,relatime 0 0
tmpfs /dev tmpfs rw,nosuid,relatime,mode=755 0 0
devpts /dev/pts devpts rw,relatime,mode=600 0 0
proc /proc proc rw,relatime 0 0
sysfs /sys sysfs rw,relatime 0 0
none /acct cgroup rw,relatime,cpuacct 0 0
tmpfs /mnt/asec tmpfs rw,relatime,mode=755,gid=1000 0 0
tmpfs /mnt/obb tmpfs rw,relatime,mode=755,gid=1000 0 0
none /dev/cpuctl cgroup rw,relatime,cpu 0 0
/dev/block/mmcblk0p9 /system ext4 ro,noatime,barrier=1,data=ordered 0 0
/dev/block/mmcblk0p7 /cache ext4 rw,nosuid,nodev,noatime,barrier=1,data=ordered 
0 0
/dev/block/mmcblk0p1 /efs ext4 rw,nosuid,nodev,noatime,barrier=1,data=ordered 0 
0
/dev/block/mmcblk0p4 /mnt/.lfs j4fs rw,relatime 0 0
/sys/kernel/debug /sys/kernel/debug debugfs rw,relatime 0 0
/dev/block/mmcblk0p12 /preload ext4 
ro,nosuid,nodev,noatime,barrier=1,data=ordered 0 0
/dev/block/dm-0 /data ext4 
rw,nosuid,nodev,noatime,barrier=1,data=ordered,noauto_da_alloc 0 0
/dev/block/vold/254:1 /mnt/sdcard vfat 
rw,dirsync,nosuid,nodev,noexec,noatime,nodiratime,uid=1000,gid=1015,fmask=0002,d
mask=0002,allow_utime=0020,codepage=cp437,iocharset=iso8859-1,shortname=mixed,ut
f8,errors=remount-ro,discard 0 0
tmpfs /mnt/sdcard/external_sd tmpfs 
rw,dirsync,nosuid,nodev,noexec,noatime,nodiratime,size=0k,mode=755,gid=1000 0 0
tmpfs /mnt/sdcard/usbStorage tmpfs 
rw,dirsync,nosuid,nodev,noexec,noatime,nodiratime,size=0k,mode=755,gid=1000 0 0
/dev/block/vold/179:9 /mnt/sdcard/external_sd vfat 
rw,dirsync,nosuid,nodev,noexec,noatime,nodiratime,uid=1000,gid=1023,fmask=0002,d
mask=0002,allow_utime=0020,codepage=cp437,iocharset=iso8859-1,shortname=mixed,ut
f8,errors=remount-ro 0 0
/mnt/sdcard/external_sd /mnt/sdcard/external_sd ecryptfs 
rw,nodev,relatime,ecryptfs_sig=2c5fb613de01bc98,ecryptfs_cipher=aes,ecryptfs_key
_bytes=32,ecryptfs_passthrough 0 0
truecrypt /mnt/sdcard/Android/data/csh.cryptonite/.truecrypt_aux_mnt1 
fuse.truecrypt rw,nosuid,nodev,relatime,user_id=0,group_id=0,allow_other 0 0
/dev/block/loop0 /mnt/sdcard/Secure j4fs ro,relatime 0 0

'/dev/block/loop0' has been added, the TC file contains an ntfs filesystem, not 
j4fs :-)

-Karl 

Original comment by karl.pie...@googlemail.com on 20 Aug 2012 at 1:01

[GoogleCodeExporter]

Hi,

Sorry to be pushy - but is there any news on this issue? Or anything you want 
me to try / test / document etc?

Thanks,

-Karl

Original comment by karl.pie...@googlemail.com on 28 Aug 2012 at 10:13

[GoogleCodeExporter]

I don't have a device with full disk encryption myself so that it's difficult 
for me to debug this issue. Other users have reported problems with ntfs file 
systems (e.g. issue #34). Are other file systems (e.g. ext4) working? Might be 
worth trying to create a filesystem-agnostic loop device with truecrypt and 
then use Paragon NTFS to mount the loop device (see comment 1 in issue #34 for 
instructions). If all fails, it would seem that truecrypt is currently 
incompatible with full disk encryption on Android :-(

Original comment by christoph.schmidthieber@gmail.com on 28 Aug 2012 at 11:22

[GoogleCodeExporter]

Changed the summary to make it easier to find for users with similar problems.

Original comment by christoph.schmidthieber@gmail.com on 28 Aug 2012 at 11:24

• Changed title: Truecrypt fails when full disk encryption is turned on

[GoogleCodeExporter]

Hi,

Ok - I appreciate it's not easy to debug/look at if you don't have a device :(

I did find 'where' the imposter files are coming from. *Without* the TC volume 
mounted, in my mount output I have:

/dev/block/mmcblk0p4 /mnt/.lfs j4fs rw,relatime 0 0

If I look in '/mnt/.lfs' - it has those same files (e.g. 
'ani_upload_1_kernel_panic.jpg') in it.

Once I run the TC mount, I end up with:

/dev/block/loop0 /mnt/sdcard/MySecure j4fs ro,relatime 0 0

Which is that same file system (i.e. files) re-mounted to that point.

I'm not overly familar with Linux - is the '.lfs' directory a special directory 
/ of some significance?

If I use something like:

truecrypt --filesystem=none -k "" /sdcard/volume

I can 'see' that data is now available as '/dev/block/loop0' (e.g. if I do 
'strings /dev/block/loop0 | more' - I can see the NTFS file system markers 
etc.) - but a subsequent:

mount -r -t ntfs /dev/block/loop0 /sdcard/Secure

Fails with just 'mount: No such device'

I'm begining to wonder if enabling encryption has caused the NTFS module to not 
be loaded or something. Should the output of 'lsmod' show some reference to 
NTFS?

-Karl

Original comment by karl.pie...@googlemail.com on 28 Aug 2012 at 12:20

[GoogleCodeExporter]

As a footnote - I unencrypted the entire 'phone - and the problem still 
happens. A file system gets mounted, but it's the weird j4s "dupe" that ends up 
being mounted.

I'm about to look at either putting a previous version of Cryptonite on the 
'phone - or seeing if the truecrypt-3 binary that's available for download will 
do anything to help.

Regards,

-Karl

Original comment by karl.pie...@googlemail.com on 29 Aug 2012 at 9:13

[GoogleCodeExporter]

Have you tested an ext4 volume yet? Have you tried to mount the loop device 
with paragon?

Original comment by christoph.schmidthieber@gmail.com on 29 Aug 2012 at 9:25

[GoogleCodeExporter]

ext4 - I don't have easy access to a linux box, so I can't try that very easily.

I just installed Paragon - and indeed, it will mount /dev/block/loop0 - and it 
does contain my data - I'm hoping it's scriptable or something. It's also 
crashed a couple of times now - so I'll have to see how stable it is in the 
long run.

I hate computers sometimes - all of this worked 'flawlessly' for months. After 
I put the ICS update on it worked as well (as I tested it) - so something since 
then has broken. Fun, not :)

Trying to understand how all this ties together - TC uses fuse, right? - Does 
it have the code in to do the NTFS mount, or is it relying on something else on 
the 'phone to handle this?

-Karl

Original comment by karl.pie...@googlemail.com on 29 Aug 2012 at 9:49

[GoogleCodeExporter]

Seems to be an NTFS problem in the end. I've changed the summary accordingly, 
and marked it as a duplicate of issue #34. Truecrypt relies on your device to 
provide NTFS support. If Paragon doesn't work reliably for you, you might find 
this thread interesting:
http://forum.xda-developers.com/showthread.php?t=1724078
You should be able to create at least an ext2 volume with truecrypt on your 
phone if you have "mkfs.ext2" installed (test with "which mkfs.ext2"). If so, 
start the wizard with "./truecrypt -t -c".

Original comment by christoph.schmidthieber@gmail.com on 29 Aug 2012 at 10:25

• Changed title: _Problems with NTFS-formatted Truecrypt volume. _
• Changed state: Duplicate