Open ShadowEO opened 9 years ago
Please test v0.7.12, available here: https://github.com/neurodroid/cryptonite/releases/tag/v0.7.12 The binaries were compiled with PIE flags.
With this version I didn't receive "Only Position Independent Executables are supported" error. But I still can't mount.
I/ActivityManager( 768): START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=csh.cryptonite/.Cryptonite bnds=[276,871][540,1167] (has extras)} from uid 10022 on display 0
I/ActivityManager( 768): Start proc csh.cryptonite for activity csh.cryptonite/.Cryptonite: pid=8797 uid=10139 gids={50139, 9997, 1028, 1015, 3003} abi=armeabi-v7a
V/cryptonite( 8797): EncFS 1.7.5 OpenSSL 1.0.0q 15 Jan 2015
E/cryptonite( 8797): Couldn't decrypt DB access keys
I/cryptonite-jni( 8797): checkGRoot(): Root volume is NULL
I/cryptonite-jni( 8797): checkGRoot(): Root volume is NULL
I/cryptonite-jni( 8797): checkGRoot(): Root volume is NULL
I/cryptonite-jni( 8797): checkGRoot(): Root volume is NULL
I/cryptonite-jni( 8797): checkGRoot(): Root volume is NULL
V/cryptonite( 8797): EncFS mount state: false; FUSE support: true
I/cryptonite-jni( 8797): checkGRoot(): Root volume is NULL
V/cryptonite( 8797): EncFS mount state: false; FUSE support: true
I/ActivityManager( 768): Displayed csh.cryptonite/.Cryptonite: +805ms
I/cryptonite-jni( 8797): checkGRoot(): Root volume is NULL
I/cryptonite-jni( 8797): checkGRoot(): Root volume is NULL
I/cryptonite-jni( 8797): checkGRoot(): Root volume is NULL
V/cryptonite( 8797): EncFS mount state: false; FUSE support: true
I/ActivityManager( 768): START u0 {cmp=csh.cryptonite/.FileDialog (has extras)} from uid 10139 on display 0
I/ActivityManager( 768): Displayed csh.cryptonite/.FileDialog: +116ms
E/AmanattoDataUpdaterHelper( 1125): package name: csh.cryptonite
V/cryptonite( 8797): Running encfs with /sdcard/cryptonite/2 /sdcard/csh.cryptonite/mnt
E/cryptonite( 8797): Unknown request code
I/cryptonite-jni( 8797): checkGRoot(): Root volume is NULL
I/cryptonite-jni( 8797): checkGRoot(): Root volume is NULL
I/cryptonite-jni( 8797): checkGRoot(): Root volume is NULL
V/cryptonite( 8797): EncFS mount state: false; FUSE support: true
encfs from v0.7.12 works for me without problems, but only if I run it manually from shell (like encfs /sdcard/encrypted /sdcard/decrypted
). Mount from Cryptonite app doesn't work. So this is problem with Cryptonite, not with encfs build. This is on Android 5.0 (rooted with SuperSU).
@xmikos Are you seeing issue #85 with v0.7.12 on Android 5.0?
@neurodroid I didn't tested it for issue #85 yet. I have only copied some small files and this worked without problems, but not big files. encfs from v0.7.13 doesn't work at all in Android 5.0 (you absolutely need PIE there). encfs from v0.7.12 works, but only if I mount it manually from shell. Mount in Cryptonite app doesn't work (and the error message is empty, so unfortunately I can't tell you what is wrong).
@xmikos There's a new option at the bottom of the preferences page, "Hijack system process...". Try enabling or disabling it to see if it helps mounting from the app.
@neurodroid which process does it exactly hijack? Is it really needed? If SELinux is the problem, right answer is to update SELinux policy at runtime. You can use sepolicy-inject
utility for that, here is the code: https://github.com/xmikos/setools-android/
@neurodroid OK, I have tried this "Hijack system process" option, but mount still doesn't work
@neurodroid I was wrong, it said "Failed to mount volume", but volume is actually mounted (I can see it if I exit app and start it again. I see it as mounted after this)
@neurodroid But there must be some better way than hijacking system process... do you know what is exactly the problem why you need to hijack it?
@neurodroid I have tried injecting SELinux policies, according to dmesg those were missing:
avc: denied { mounton } for pid=16850 comm="encfs" path="/storage/emulated/legacy/encfs/decrypted" dev="fuse" ino=3096235160 scontext=u:r:init:s0 tcontext=u:object_r:fuse:s0 tclass=dir
avc: denied { getattr } for pid=13617 comm="csh.cryptonite" path="/persist" dev="mmcblk0p20" ino=2 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:persist_file:s0 tclass=dir
Now I don't get any other SELinux related errors, but mount still doesn't work. Now it tells me:
Failed to mount volume: fuse: mountpoint is not empty
But the mountpoint is empty. There must be something wrong in how encfs is invoked from your app (because from root shell, it works without problems, even if I don't inject SELinux policies and without that debuggerd hijack hack).
With the release of 5.0, Google has made Position Independent Executables a mandatory item. It does not seem to run them without them being compiled for PIE.
There's an issue ticket on the Android google code page found here: https://code.google.com/p/android-developer-preview/issues/detail?id=888
Regarding the issue, because of this, when I attempt to mount my encFS volume in Cryptonite I get "could not mount: Only Position Independent Executables are supported."