LineageOS, Current status : 16.0 Test Builds

[david 914]

9 minutes ago, tdm said:

Nope there are no problems with encryption disabled.  It just leaves your data open to anyone with access to your device.  I always used to run unencrypted because entering a pin to unlock the device was a pain.  But with the advent of fingerprint readers, this is mostly mitigated.

 

Just so you know, if your data is not encrypted, it is trivial to boot into recovery and remove the screen lock.

 

I haven't actually used an external sdcard in some time.  But generally speaking, my sensitive data isn't there anyway.  The stuff that's sensitive is usernames and passwords to various things.  If you do care about your sdcard data, Android can encrypt the sdcard also.  It just makes the sdcard unreadable on other devices.

 

I always encrypt my personal devices.  They run Linux and decryption is very standard and straightforward.  No need to worry about recovery.  I understand that Android devices aren't quite as straightforward but at least there are various ways to backup your data.

 

Ultimately it's your device and your choice.

 

Finally, no, stock has no way to disable encryption.  And neither does Lineage.  But in both cases all you need to do is edit the fstab.  Which will also require disabling other things like vbmeta and verity.  Or, once Lineage is stable, you can do your own build with the fstab change.

 

Thanks for all the info, and obviously, for the LOS work.  Greatly appreciated.

Regarding diabling the lock code in recovery, that is by modifying a file?

Yeah, I meant running the SD card unencrypted so that it can be accessed in another computer, which is how a lot of people run it.

If we factory reset, will something try to force encryption again on first boot?  I believe I read the way to get around that is to install Magisk after factory reset and before boot.  But I wasn't sure how the Pro1 would behave if a factory reset is done or /data is formatted.

[tdm 2,322]

1 minute ago, david said:

Thanks for all the info, and obviously, for the LOS work.  Greatly appreciated.

Regarding diabling the lock code in recovery, that is by modifying a file?

Yeah, I meant running the SD card unencrypted so that it can be accessed in another computer, which is how a lot of people run it.

If we factory reset, will something try to force encryption again on first boot?  I believe I read the way to get around that is to install Magisk after factory reset and before boot.  But I wasn't sure how the Pro1 would behave if a factory reset is done or /data is formatted.

It is relatively well known that all you do is remove /data/system/locksettings.* to remove the lock screen.  This can be done very easily in TWRP with the file browser.  But if your data is unencrypted, why bother?  Just suck the data out directly.

 

Yes, Android will force encryption on first boot.  How it does that depends on FDE or FBE.  With FDE (stock), it will encrypt in-place and then reboot.  With FBE (Lineage), it will just encrypt files as per usual.  Now, if you have files that are unencrypted under FBE, I don't know exactly how that would be handled.  It may just continue to read them and only encrypt new files, or it may treat the unencrypted files as corrupt.  I don't really know.  Might be an interesting thing to test.

 

[david 914]

3 minutes ago, tdm said:

It is relatively well known that all you do is remove /data/system/locksettings.* to remove the lock screen.  This can be done very easily in TWRP with the file browser.  But if your data is unencrypted, why bother?  Just suck the data out directly.

 

Yes, Android will force encryption on first boot.  How it does that depends on FDE or FBE.  With FDE (stock), it will encrypt in-place and then reboot.  With FBE (Lineage), it will just encrypt files as per usual.  Now, if you have files that are unencrypted under FBE, I don't know exactly how that would be handled.  It may just continue to read them and only encrypt new files, or it may treat the unencrypted files as corrupt.  I don't really know.  Might be an interesting thing to test.

 

I was just curious how much work a casual bad guy would have to go through.  For a real casual one, who doesn't know how to transfer data through adb, that does seem like an easy way for them to disable it and then boot into the phone to get at the goodies.  Also good for someone who doesn't remember their code/pattern or it gets set wrong or fails for some reason.

Magisk must be intercepting that functionality that is auto enabling encryption on first boot I guess.  Maybe by setting whatever the system settings set when they allow disabling it?

[tdm 2,322]

7 minutes ago, david said:

I was just curious how much work a casual bad guy would have to go through.  For a real casual one, who doesn't know how to transfer data through adb, that does seem like an easy way for them to disable it and then boot into the phone to get at the goodies.  Also good for someone who doesn't remember their code/pattern or it gets set wrong or fails for some reason.

Magisk must be intercepting that functionality that is auto enabling encryption on first boot I guess.  Maybe by setting whatever the system settings set when they allow disabling it?

 

I avoid magisk like the plague but my first guess is bind-mounting the fstab file with a copy that removes the encryption parameters from the userdata partition.

 

[EvilDragon 164]

What do you suggest to use for rooting if not Magisk? Good old supersu?

[silversolver 849]

4 hours ago, tdm said:

 

I avoid magisk like the plague but my first guess is bind-mounting the fstab file with a copy that removes the encryption parameters from the userdata partition.

 

I'd be very interested to know why you hate magisk. Also, I want my device unencrypted. I am much more worried about being able to recover my stuff if things go badly than I am someone else getting it.

[tdm 2,322]

2 hours ago, EvilDragon said:

What do you suggest to use for rooting if not Magisk? Good old supersu?

Lineage has an su addon package. AOKP (which I love and always use) has su builtin.

 

But most of the time, I keep su disabled and use "adb root" from my PC if I need to tinker with things.

[tdm 2,322]

2 hours ago, silversolver said:

I'd be very interested to know why you hate magisk. Also, I want my device unencrypted. I am much more worried about being able to recover my stuff if things go badly than I am someone else getting it.

By its nature, it hijacks basic system functions and hides/overrides things. That's bad in my book. Same as xposed. After 7 years of working with Android ROM development, I've seen the trouble these types of things can cause.

 

And since they usually work fine, the device maintainer (me) gets blamed when they break in odd ways. Lineage (and previously CyanogenMod) bug forums are littered with crashes caused by these things. So the first thing the alert developer does is look for evidence of these tools and reject the bug report if found.

 

So basically, they cause much pain and lost time for people like me. It's so not worth it.

 

[Ralf 14]

12 hours ago, tdm said:

So I'll work on those and hopefully will have a working build within a few days.  After that the bugs should fall quickly and official support won't be far off.

Thank you for all this work! I have some questions regarding "official support": what part of your code will later go into the "official" LOS sources, is it all that is in android_device_fxtec_pro1 (this is what people call the device-tree I suppose) or are there other changes in the "generic" LOS sources needed as well?

In other words: as long as the device code is not included in the LOS sources the builds are "unofficial", once it is included it becomes "official"?

Also: what happens if the code became "official", but for whatever reason you stop to maintain the pro1 part. Will it be removed from the official sources?

These are rather LOS generic questions, but I could not find this information on xda and since you are here I decided it would not hurt to ask 😉

[Zamasu 258]

7 hours ago, silversolver said:

I'd be very interested to know why you hate magisk. Also, I want my device unencrypted. I am much more worried about being able to recover my stuff if things go badly than I am someone else getting it.

Lineage OS devs in general seem to hate Magisk, I think for valid reasons. I saw a dev on reddit make a good case for why it's bad once, but I can't find it now. Basically, the whole point of Magisk is that it allows you to change important things, while hiding itself from the rest of the system. This allows you to have root and pass safetynet so you can use banking apps, but if anything malicious gets access to that it can just hide itself as well and do some very nasty stuff. I'm not sure how likely it is something malicious will get access to Magisk, but it's definitely something to keep in mind, that there's a path for something malicious to be completely hidden and have complete access.

And then there's also the part where people use Magisk and break things, and then blame Lineage OS. I'm sure that's extremely annoying, and disrupts actual bug-fixing. So if you use it, at least know what you're doing.

Sadly it does seem like the su addon package for lineage is going away with version 17, so Magisk might be the best option then. I think there's also an option to just make it do root without hiding stuff or using the modules.

[Ralf 14]

3 minutes ago, Zamasu said:

Sadly it does seem like the su addon package for lineage is going away with version 17, so Magisk might be the best option then. I think there's also an option to just make it do root without hiding stuff or using the modules.

Wouldn't as @tdm mentioned just using adb root from the PC be enough for most use cases anyway?

[Polaris 423]

5 hours ago, tdm said:

Lineage has an su addon package.

Sadly, I believe it's more correct to say Lineage HAD a su addon package.

[Zamasu 258]

5 minutes ago, Ralf said:

Wouldn't as @tdm mentioned just using adb root from the PC be enough for most use cases anyway?

Probably. Depends on what you want to do I guess. Honestly, I'd trust @tdm over what I'd have to say about this, I just know enough that I'm personally willing to accept the risk of Magisk. Also I don't know how fast 17 might be available, I don't think it's soon for most devices.

[VaZso 1,988]

15 hours ago, Hook said:

I've always hated encryption.  Just another layer of nonsense.  Always appreciated that Dirty Unicorns, which I used on both my Nexus 5 and Nexus 6p, shared my preference.  😉 

Not saying this is something you should do, @tdm, just expressing personal philosophy.  Looking forward to LOS in my future.

I don't think encryption is a huge problem unless the keys are hidden from users...
...and here comes the problem with it.

If system locks you then prevents you to reach your data in case of a failure as not giving its keys - then it means this encryption is definitively not made for you.
...so that way I rather would like to see my phone unencrypted.

So nobody should say encryption is for users till the OS is not willing to give keys for users to able to access encrypted data.
...as they don't do it, then it means basically encryption go against the user thus it allows the manufacturer to have access of data (being the "God" there) but prevents user to do anything with it even in case of a failure. It is very sad anyway.
So in such a word, I don't need encryption - simply because I would like to keep the possibility to assess my _OWN_ data also in case of a hardware failure.
Who need it is the manufacturer, including G and not me.

 

Edited January 25, 2020 by VaZso

[Rob. S. 1,616]

4 hours ago, Ralf said:

Wouldn't as @tdm mentioned just using adb root from the PC be enough for most use cases anyway?

Just a guess, contrary to Magisk it does nothing to conceal it and therefore makes you unable to use apps which check for root?

[Ralf 14]

40 minutes ago, Rob. S. said:

Just a guess, contrary to Magisk it does nothing to conceal it and therefore makes you unable to use apps which check for root?

No, this gives an adb shell with root permissions. So this would be for "thinkering" (eg changing otherwise unavailable settings), but not for running apps that require root. Different use cases, if you want to run apps as root you still need Magisk or some other way of running a su (=SuperUser) binary.

[Rob. S. 1,616]

Ah, ok, thanks! 

[Gigadoc2 54]

@tdm: I figured out what went wrong with the doze apk, and someone else did simultaneously: https://github.com/tdm/android_device_idealte_msm8998-common/issues/1

[tdm 2,322]

8 hours ago, Ralf said:

Thank you for all this work! I have some questions regarding "official support": what part of your code will later go into the "official" LOS sources, is it all that is in android_device_fxtec_pro1 (this is what people call the device-tree I suppose) or are there other changes in the "generic" LOS sources needed as well?

In other words: as long as the device code is not included in the LOS sources the builds are "unofficial", once it is included it becomes "official"?

Also: what happens if the code became "official", but for whatever reason you stop to maintain the pro1 part. Will it be removed from the official sources?

These are rather LOS generic questions, but I could not find this information on xda and since you are here I decided it would not hurt to ask 😉

The device tree and kernel tree will be imported into Lineage github for official support. Any changes needed for this particular device in the other Lineage code will need submitted and approved by the Lineage team. I don't have any of these changes yet, and may or may not eventually need them.

 

The device becomes official when I tell the Lineage team that it's ready and request that they import the code. I also need to add a Lineage wiki page and etc.

 

The device will continue to receive builds add long as at least one person is maintaining it. (There are at least 3 people with the pro1 and the ability to maintain it so far.) When nobody is left, official builds will stop.

[tdm 2,322]

6 hours ago, VaZso said:

I don't think encryption is a huge problem unless the keys are hidden from users...
...and here comes the problem with it.

If system locks you then prevents you to reach your data in case of a failure as not giving its keys - then it means this encryption is definitively not made for you.
...so that way I rather would like to see my phone unencrypted.

So nobody should say encryption is for users till the OS is not willing to give keys for users to able to access encrypted data.
...as they don't do it, then it means basically encryption go against the user thus it allows the manufacturer to have access of data (being the "God" there) but prevents user to do anything with it even in case of a failure. It is very sad anyway.
So in such a word, I don't need encryption - simply because I would like to keep the possibility to assess my _OWN_ data also in case of a hardware failure.
Who need it is the manufacturer, including G and not me.

 

 

Yes this is true. The actual encryption key is not accessible. There are valid(ish) reasons for this. If that is not acceptable to you, feel free to change your fstab and run unencrypted. I won't do it and I won't support it. IMO the benefits far outweigh the lack of knowing the actual key.

 

If the hardware fails to the point that you cannot decrypt using the Android scheme, how do you expect to extract unencrypted data? And don't say backups, because backups can be made in both cases (TWRP will happily decrypt and backup).

[tdm 2,322]

2 hours ago, Gigadoc2 said:

@tdm: I figured out what went wrong with the doze apk, and someone else did simultaneously: https://github.com/tdm/android_device_idealte_msm8998-common/issues/1

Good catch thanks. Obviously I started with a lineage tree that had built other devices which pulled in these dependencies previously. I'll make a note to fix that.

 

[tdm 2,322]

9 hours ago, Polaris said:

Sadly, I believe it's more correct to say Lineage HAD a su addon package.

Indeed, sad but true. It's currently not working in 17. I'm hoping they will figure that out. And if they don't, me or someone else likely will.

 

[Gigadoc2 54]

9 minutes ago, tdm said:

Indeed, sad but true. It's currently not working in 17. I'm hoping they will figure that out. And if they don't, me or someone else likely will.

 

But I thought it was officially not wanted anymore? The xda post and https://review.lineageos.org/c/LineageOS/android_device_lineage_sepolicy/+/257100 kinda sound like it is being dropped deliberately.

Well, I'd be glad to be wrong :) 

Edited January 25, 2020 by Gigadoc2

[tdm 2,322]

35 minutes ago, Gigadoc2 said:

But I thought it was officially not wanted anymore? The xda post and https://review.lineageos.org/c/LineageOS/android_device_lineage_sepolicy/+/257100 kinda sound like it is being dropped deliberately.

Well, I'd be glad to be wrong 🙂 

I've not seen a thorough discussion on the subject, even on internal lineage slack. With several hundred people making up lineage, there are undoubtedly people who want it and people that don't. The major reason it's been dropped is that the security changes in Q make it even more difficult to support. Since it's not really a core feature it will get done last. And if it turns out to be really difficult or intrusive, it may just get dropped. At least until someone with the motivation and ability comes along.

 

 

[Derecho 7]

First of all, thanks for working on LineageOS support for this phone.

I've obtained the phone yesterday and I put your test build 2 of LOS on it and I've been playing around with it since. I noticed the WiFi symbol issue, but it doesn't seem to affect anything so that's nothing really. I did also notice the problem wih the / key, especially when typing URLs, which was a little problematic. When I then noticed that Esc and other modifier keys weren't working well on ConnectBot, I got FinQwerty's keyboards installed and I'm now using a US International one, this solves most of those issues.

One thing remains with the keyboard though, regardless of whether I'm using stock keyboard mappings or FinQwerty's, and that is that I can't type special characters from the locale I set the keyboard to. From my Photon Q and previous keyboard phones I'm used that if I long press for example an l, I see a menu popup with characters similar to it that I can then tap to insert, like the ł symbol. I normally use this to be able to somewhat comfortably type Polish on such a hardware keyboard. However, when on this build (not sure about stock Android, hadn't tried really) I long press a key, it just repeats itself endlessly. Is there any way to configure this behaviour? Is a modification to the OS required?