给TWRP增加Data解密功能(MTK)
给TWRP增加Data解密功能(MTK)
『Momo5418』
是的,你没有看错,给TWRP添加解密功能.
先说一下解密思路:twrp启动——加载servicemanager hwservicemanager vndservicemanager——加载TrustonicTEE(Start mcDriverDaemon)——加载gatekeeper——加载keymaster——TEE解密——读取data
个人总结
下面演示机型Vivo Y97(Vivo V11i)
参考设备树:momo54181/android_device_vivo_k71v1_64_bsp (github.com)
设备树配置-BoardConfig.mk
Crypto
TW_INCLUDE_CRYPTO := true # Add加密功能
TW_INCLUDE_CRYPTO_FBE := true # Add FBE加密支持
Test
TWRP_INCLUDE_LOGCAT := true #开启Logcat,方便看log
TARGET_USES_LOGD := true #开启logd,方便看log
Properties
TARGET_SYSTEM_PROP += $(DEVICE_PATH)/system.prop
init.recovery.mt****.rc
on property:hwservicemanager.ready=true
start vendor.keymaster-3-0-trustonic
start gatekeeper-1-0
on property:ro.crypto.state=unsupported
stop vendor.keymaster-3-0-trustonic
stop gatekeeper-1-0
stop servicemanager
stop hwservicemanager
on property:ro.crypto.state=unencrypted
stop vendor.keymaster-3-0-trustonic
stop gatekeeper-1-0
stop servicemanager
stop hwservicemanager
可能遇到的问题
Keymaster不加载
解决办法:检查是否存在mcDriverDaemon
1.可能是system/或者vendor/vintf/manifest.xml配置有短缺
解决办法:将vendor/vintf/manifest.xml复制到system/vintf/manifest.xml
2.可能是init.recovery.cpu代号.rc 未加载keymaster 例如:
TEE加载错误-一般不用管他(FBE不需要密码来解密data)
检查/vendor/app/mcRegistry
暂时无解
