search

TeamWin / Team-Win-Recovery-Project

Core recovery files for the Team Win Recovery Project (T.W.R.P) - this is not up to date, please see https://github.com/TeamWin/android_bootable_recovery/
http://twrp.me
1.95k stars 741 forks source link

Unable to decrypt metadata encryption #1638

Closed powellnorma closed 1 year ago

powellnorma commented 1 year ago

This happens on multiple devices:

E KeyMasterHalDevice: Begin send cmd failed
E KeyMasterHalDevice: ret: 0
E KeyMasterHalDevice: resp->status: -62
E KeyMasterHalDevice: Upgrade key send cmd failed
E KeyMasterHalDevice: ret: 0
E KeyMasterHalDevice: resp->status: -38
E keystore2: keystore2::error: In create_operation: Failed to begin operation.
E keystore2: Caused by:
E keystore2:     0: In upgrade_keyblob_if_required_with: Upgrade failed.
E keystore2:     1: Error::Km(ErrorCode(-38))
E recovery: keystore2 Keystore createOperation returned service specific error:-38

Places where I saw this:

The -62 means KM_ERROR_KEY_REQUIRES_UPGRADE, and -38 means ErrorCode.INVALID_ARGUMENT.

My first thought was that this happens when PLATFORM_SECURITY_PATCH is set too high, and thus this code reports to the caller that the key should be "upgraded" (which in succession fails): https://android.googlesource.com/platform/system/keymaster/+/tags/android-12.1.0_r27/android_keymaster/android_keymaster.cpp#66

However even adjusting PLATFORM_SECURITY_PATCH to what my normal ROM is using, this kept happening. I checked that my adjustment was working via these commands:

getprop ro.vendor.build.security_patch
getprop ro.build.version.security_patch

Unfortunately my Device (pixel 4a) uses an propitiatory keymaster implementation - Otherwise I would have tried to patch the previously mentioned function.

IMO the question is: Why does TWRP make the keymaster want to upgrade the key, and normal ROM does not?

bigbiff commented 1 year ago

Decryption should be device specific issues. What device is this so I can move it to the appropriate project?

We upgrade the key all the time because we do not want to mess with the key on /data/

We upgrade it in /tmp and use it there, and the key will exist simultaneously while TWRP decrypts with the upgraded key.

powellnorma commented 1 year ago

Decryption should be device specific issues. What device is this so I can move it to the appropriate project?

In my case its a pixel 4a, I use tnakamur/android_device_google_sunfish

We upgrade the key all the time because we do not want to mess with the key on /data/

Ah, that explains the high value for PLATFORM_SECURITY_PATCH. But why does it still try to upgrade the key even when I set PLATFORM_SECURITY_PATCH to the the value of the normal ROM?

AFAIU, the encrypted key is stored in a blob on the /metadata partition, and TEE generates a one-time key with which we can decrypt the blob. Is this correct? And why would the original key/blob (on /metadata) be changed when we don't upgrade the key? Would that mean that we can't access /data from the normal ROM anymore?

TWRP decrypts with the upgraded key

Do you by any chance have an idea/guess, why this upgrade is failing here? E keystore2: 0: In upgrade_keyblob_if_required_with: Upgrade failed. It seems to be an issue that is not only specific to the pixel 4a?

bigbiff commented 1 year ago

Sorry, we do not support the pixel 4a officially.

powellnorma commented 1 year ago

I understand - If anyone finds the time to answer some of my questions, I'd be really greatful! I am trying to get this working for some time now.

It feels to me as if this is a "bug"/situation which comes up on multiple different devices: Sony Xperia XZ3, Xiaomi Mi 10T Lite, Xperia XZ Premium, Pixel 4a

powellnorma commented 1 year ago

and thus this code reports to the caller that the key should be "upgraded" (which in succession fails):

I now think this is just the software KeyManager, the actual (propitiatory) QCom KeyManager gives its Tee Application some parameters, with which the TEE App then decides if an update is needed.

So AFAIU, one would have to figure out what parameters the QCom KeyManager passes to the QCom TEE app, and why they are different from normal ROM.

But since the QCom KeyManager propitiatory, I see no straightway to do this? However the Pixel 4 (and 3+5) are officially supported, and they probably also use a QCom KeyManager - So maybe one could look there for inspiration

powellnorma commented 1 year ago

@bigbiff I assume it does, but have you checked weather metadata decryption works on Pixel 4?

I saw your commit https://github.com/TeamWin/android_device_google_coral/commit/4f6afd2878268f917c13f0ec47f134451bc641c1 - Was that needed to get metadata decryption working on Pixel 4 A13?

I tried the same value for pixel4a, but sadly still the same problem

bigbiff commented 1 year ago

I haven't had time to look at the pixels in a while due to personal time constraints especially in A13.

powellnorma commented 1 year ago

What device is this so I can move it to the appropriate project?

Maybe it would be worth / make sense to open an Issue for Pixel 4 to check if A13 metadata decryption is working? So that once once you or someone else finds the time this is not forgotten. Maybe it also just works on the Pixel 4, and that issue can then be simply closed