search

TeamWin / android_bootable_recovery

1.28k stars 401 forks source link

Major bug: TWRP 3.7.X is hazardous to use on OnePlus 7 Pro #332

Open technodrome opened 8 months ago

technodrome commented 8 months ago

Device codename: guacamole TWRP version: 3.7.0_12-0-guacamole

WHAT STEPS WILL REPRODUCE THE PROBLEM?

Use the latest TWRP twrp-3.7.0_12-0-guacamole.img

WHAT IS THE EXPECTED RESULT?

Have working TWRP

WHAT HAPPENS INSTEAD?

On Android 11:

ADDITIONAL INFORMATION

"Solutions" listed above, logs are present in linked tickets. This is NOT Magisk issue.

elbeardmorez commented 8 months ago

same issues with the vayu image (Xaiomi POCO X3 Pro): twrp-3.7.0_12-0-vayu.img

appears this has been known for a year or so (see: this Reddit thread)

..very painful when people are suggesting a 'fix' which contains a factory reset step ..that has to be overkill! :-1:

this on XDA is the exact BT fail log and inability to create a databases dir seems permission related as the post mentions, and I can confirm that termux -> su -> setenforce 0 is sufficient for me to successfully toggle BT on, which is a huge relief

running in permissive mode is less than ideal (I understand that it's outright dangerous) ..and obviously I'll have to do this on each reboot going forward (or automate it), but this seems slightly less horrific than having to prepare for a factory reset. if it's not addressed in any forthcoming builds, I'll likely risk the TWRP downgrade - I'm not too sure how evolved the 3.6.x series is as compared to the original (first ever) vayu image I was previously running that couldn't mount anything (data / external_sd), but regardless it'll likely sport the second bug referenced by @technodrome above in any case ..so 'rock and a hard place'*.

another likely dupe issue raised on XDA here

[*having said this, I'm unsure as to whether the 'Enter Pattern for User [0]' entry screen is even required or not ..if I attempt to enter my pattern it yields Pattern failed, please try again!, with the underlying error from the data decrypt attempt stating Attempting to decrypt FBE for user 0... Failed to decrypt user 0, but if one cancels the dialog, the data partition is populated. I also note that having disabled both pattern and fingerprint locks, that same dialog still appears, and thus given no pattern is set, cancelling is the only obvious (if disconcerting) step to take. this all makes me think that the whole feature is a WIP that shouldn't have made it into a stable release?!]

tort32 commented 8 months ago

Same here with OnePlus Nord, custom rom los 17.1 (based on AOSP10) and BT crashes every time since booting once into TWRP 3.7

elbeardmorez commented 8 months ago

@technodrome, @tort32 ..probably worth noting that the version suffix stipulates the targeted AOSP version (I didn't know this :facepalm:), and although I'd be happy for some clarification on backward compatibility I'm currently going with "wow, how dumb am I?!". MIUI 12.0.6 is AOSP 11 (stupid bl00dy 1-off versioning convention :angry:) ..@technodrome, you've stated 'android 11', and @tort32, worse, you've stated 'AOSP 10'

why does this matter? my guess is that some not insignificant part of the device specific customisations of the core TWRP codebase (e.g. for vayu, guacamole, etc. images) will be extracting the appropriate ROMs' SELinux contexts ..a large proportion of which are the file based permission sets, in order to meddle with the file systems in the beautiful way it does. taking a set of security contexts from a ROM based on a newer AOSP which might do things radically different (think of something as basic as changing the user name / group that is used for starting the MySQL database service for example) and applying them to an older AOSP based ROM is likely to reap havoc (aka 'be incompatible')

the following sources are probably worth a read:

based on the above reading I came up with..

[termux] -> su -> restorecon -R -F /data

as a way to fix my bluetooth ..amongst a whole rift of other peculiar symptoms my phone had started exhibiting (settings not being saved left right and center). I can now toggle my bluetooth, and I don't have to contemplate the pain of a backup / factory reset etc.

notes:

technodrome commented 8 months ago

Hey @elbeardmorez ,

On https://twrp.me/oneplus/oneplus7pro.html, there's no mention of using TWRP with AOSP exclusively. Quite the contrary, stock ROMS are mentioned explicitly. I followed the instructions and ended up with a broken device.

While I agree that applying a specific TWRP to a specific Android version is of key importance here, the ONLY implicit warning you might get is if you look hard enough and deduce from download's version number that a specific TWRP version is tied to a specific Android version as download name suggests: twrp-3.7.0>>>>12-0<<<<-guacamole.img_

While we might consider this an information in itself, it can be hardly considered a warning or user friendly. I say honestly that I totally overlooked this, as I usually do not read every single digit in a semver just to be able to divine from it to which Android version it applies.

I did, however, read https://twrp.me/oneplus/oneplus7pro.html where there's no mention of big fat "read version number in download name carefully, otherwise you'll break your BT and a bunch of other things".

So all in all, as developer did not respond in quite some time, it seems users are left to their own devices (literally) and my novels here are written to warn people and give them some advice on how to fix this. Ideally, one would find this liked on TWRP page, but hey...

elbeardmorez commented 8 months ago

@technodrome, yep, apologies, I should have stated that the suffix likely stipulates the supported AOSP base as it is only guess work on my part (post reading the linked posts) that has led to this element of my narrative.

I'm with you completely on the sentiment that this alone (if accurate) is insufficient to forewarn users ..security concerns always mandate using the latest version (the one with the biggest numbers :laughing:) so it is a fairly opaque trap for us to have fallen into!

tort32 commented 8 months ago

I fell into the same pitfall. No warnings, no links to previous recovery versions, nor FAQ point regarding OS version at TWRP site. So I couldn't even think that just temporary booting of recovery image can has side-effects.

BTW, restoring context with restorecon -R -F /data (--root is required--) has fixed my device. Thanks @elbeardmorez

xiaofengjue commented 6 months ago

@technodrome, @tort32 ..probably worth noting that the version suffix stipulates the targeted AOSP version (I didn't know this 🤦), and although I'd be happy for some clarification on backward compatibility I'm currently going with "wow, how dumb am I?!". MIUI 12.0.6 is AOSP 11 (stupid bl00dy 1-off versioning convention 😠) ..@technodrome, you've stated 'android 11', and @tort32, worse, you've stated 'AOSP 10'

why does this matter? my guess is that some not insignificant part of the device specific customisations of the core TWRP codebase (e.g. for vayu, guacamole, etc. images) will be extracting the appropriate ROMs' SELinux contexts ..a large proportion of which are the file based permission sets, in order to meddle with the file systems in the beautiful way it does. taking a set of security contexts from a ROM based on a newer AOSP which might do things radically different (think of something as basic as changing the user name / group that is used for starting the MySQL database service for example) and applying them to an older AOSP based ROM is likely to reap havoc (aka 'be incompatible')

the following sources are probably worth a read:

based on the above reading I came up with..

[termux] -> su -> restorecon -R -F /data

as a way to fix my bluetooth ..amongst a whole rift of other peculiar symptoms my phone had started exhibiting (settings not being saved left right and center). I can now toggle my bluetooth, and I don't have to contemplate the pain of a backup / factory reset etc.

notes:

  • ensure you've downgraded to the appropriate TWRP version (I went for 3.6.2_11 given my ROM!!)
  • prefer to use the terminal OS-side to modify / fix contexts ..the ROM knows better than the TWRP image what the correct contexts are ..and hence the words of caution when trying to execute the blanket 'Fix Contexts' option in the TWRP menu
  • MIUI 12 (and thus I assume all AOSP 11 based OSs) use dynamic partitions, the use of touch /.autorelabel failed for me (even as root) given the / root is mounted ro. I also tried the above command on bluetooth specific directories only to begin with and this did not fix anything. with the likes of ls -alZ to see the SELinux label before and after the highly targeted command (i.e. on the com.android.bluetooth directory), I saw no change ..and hence those permissions weren't the one(s) at fault

use restorecon -R -F /data , it works, thank u very much

crackeren commented 3 months ago

@technodrome, @tort32 ..probably worth noting that the version suffix stipulates the targeted AOSP version (I didn't know this 🤦), and although I'd be happy for some clarification on backward compatibility I'm currently going with "wow, how dumb am I?!". MIUI 12.0.6 is AOSP 11 (stupid bl00dy 1-off versioning convention 😠) ..@technodrome, you've stated 'android 11', and @tort32, worse, you've stated 'AOSP 10'

why does this matter? my guess is that some not insignificant part of the device specific customisations of the core TWRP codebase (e.g. for vayu, guacamole, etc. images) will be extracting the appropriate ROMs' SELinux contexts ..a large proportion of which are the file based permission sets, in order to meddle with the file systems in the beautiful way it does. taking a set of security contexts from a ROM based on a newer AOSP which might do things radically different (think of something as basic as changing the user name / group that is used for starting the MySQL database service for example) and applying them to an older AOSP based ROM is likely to reap havoc (aka 'be incompatible')

the following sources are probably worth a read:

based on the above reading I came up with..

[termux] -> su -> restorecon -R -F /data

as a way to fix my bluetooth ..amongst a whole rift of other peculiar symptoms my phone had started exhibiting (settings not being saved left right and center). I can now toggle my bluetooth, and I don't have to contemplate the pain of a backup / factory reset etc.

notes:

  • ensure you've downgraded to the appropriate TWRP version (I went for 3.6.2_11 given my ROM!!)
  • prefer to use the terminal OS-side to modify / fix contexts ..the ROM knows better than the TWRP image what the correct contexts are ..and hence the words of caution when trying to execute the blanket 'Fix Contexts' option in the TWRP menu
  • MIUI 12 (and thus I assume all AOSP 11 based OSs) use dynamic partitions, the use of touch /.autorelabel failed for me (even as root) given the / root is mounted ro. I also tried the above command on bluetooth specific directories only to begin with and this did not fix anything. with the likes of ls -alZ to see the SELinux label before and after the highly targeted command (i.e. on the com.android.bluetooth directory), I saw no change ..and hence those permissions weren't the one(s) at fault

This command "recoreston -R -F /data" still does not solve my problem and unfortunately i have to use unofficial recovery (same mtk device problems). What should i do?