Core recovery files for the Team Win Recovery Project (T.W.R.P) - this is not up to date, please see https://github.com/TeamWin/android_bootable_recovery/
I have searched for my issue and it does not already exist
Device codename: Sailfish (original Google Pixel)
TWRP version: 3.3.1-0
WHAT STEPS WILL REPRODUCE THE PROBLEM?
I don't know how to reproduce my problem. A few days ago, I wanted to boot into TWRP temporarily for reasons that are beyond the scope of this issue. I had the foresight to wonder how a minimal system like TWRP would be able to access the encrypted data if I had an unlock code set (in my case a pattern). I searched for the question and the answer I found was to remove my unlock pattern. This way, the device encryption key will not be encrypted and TWRP will be able to use it to mount/decrypted the encrypted data on the data partition.
I removed my device lock and, upon entering fastboot mode, I ran fastboot boot twrp-3.3.1-0-sailfish.img. I was not asked for a password to decrypt anything that first time around, but I'm actually no longer sure of this. I poked around the filesystem using add shell and I'm almost sure that I mounted the data partition. When I was looking through it, I looked for the folder that gets mounted at /sdcard, the one that contains a user's documents, pictures, and so forth. I spent little time looking and did not actually find it, but I swear that somewhere under /data/user/0, I at least saw the folders inside which each application's private data is stored.
I rebooted into the normal Android software and I set my password again; a little while later, I removed it to boot into TWRP a second time. I think I did, anyway. This might have been something I did after I removed my password the first time but still before I booted into TWRP for the first time. In subsequent attempts at using TWRP to access the data usually mounted at /sdcard while Android is running, TWRP prompts me for a pattern to decrypt the data. I presume that this is supposed to be the same as the password/PIN/pattern I'd use to unlock Android after powering my device on. My usually pattern did not work. Clicking "Cancel" and then mounting the data partition did not result in me getting access to the files underneath /data/user/0 though I can access a lot of the other files on the data partition that I guess are not meant to be encrypted (e.g., /data/system/*). Running twrp decrypt default_password did not work either.
This may be tangential, but since I rebooted into Android after booting into TWRP the second time, I cannot set a password for my phone. Settings crashes whenever I try to.
WHAT IS THE EXPECTED RESULT?
I am not asked for a password when I boot my phone up now. This would mean that the device encryption key is not itself encrypted, therefore TWRP should not be asking me for a pattern to decrypt the data.
WHAT HAPPENS INSTEAD?
I already described what happens two sections above.
Melab
commented
5 years ago
Device codename: Sailfish (original Google Pixel) TWRP version: 3.3.1-0
WHAT STEPS WILL REPRODUCE THE PROBLEM?
I don't know how to reproduce my problem. A few days ago, I wanted to boot into TWRP temporarily for reasons that are beyond the scope of this issue. I had the foresight to wonder how a minimal system like TWRP would be able to access the encrypted data if I had an unlock code set (in my case a pattern). I searched for the question and the answer I found was to remove my unlock pattern. This way, the device encryption key will not be encrypted and TWRP will be able to use it to mount/decrypted the encrypted data on the data partition.
I removed my device lock and, upon entering fastboot mode, I ran
fastboot boot twrp-3.3.1-0-sailfish.img. I was not asked for a password to decrypt anything that first time around, but I'm actually no longer sure of this. I poked around the filesystem usingadd shelland I'm almost sure that I mounted the data partition. When I was looking through it, I looked for the folder that gets mounted at/sdcard, the one that contains a user's documents, pictures, and so forth. I spent little time looking and did not actually find it, but I swear that somewhere under/data/user/0, I at least saw the folders inside which each application's private data is stored.I rebooted into the normal Android software and I set my password again; a little while later, I removed it to boot into TWRP a second time. I think I did, anyway. This might have been something I did after I removed my password the first time but still before I booted into TWRP for the first time. In subsequent attempts at using TWRP to access the data usually mounted at
/sdcardwhile Android is running, TWRP prompts me for a pattern to decrypt the data. I presume that this is supposed to be the same as the password/PIN/pattern I'd use to unlock Android after powering my device on. My usually pattern did not work. Clicking "Cancel" and then mounting the data partition did not result in me getting access to the files underneath/data/user/0though I can access a lot of the other files on the data partition that I guess are not meant to be encrypted (e.g.,/data/system/*). Runningtwrp decrypt default_passworddid not work either.This may be tangential, but since I rebooted into Android after booting into TWRP the second time, I cannot set a password for my phone. Settings crashes whenever I try to.
WHAT IS THE EXPECTED RESULT?
I am not asked for a password when I boot my phone up now. This would mean that the device encryption key is not itself encrypted, therefore TWRP should not be asking me for a pattern to decrypt the data.
WHAT HAPPENS INSTEAD?
I already described what happens two sections above.