I encrypted practically right after flashing FP OSOS.
The system does not make a copy of your files when encrypting but rather encrypts them on the fly. In order to encrypt a partition Android adds a crypto-footer (additional space after the partition) and this space was missing/not enough. So the problem was not that the filesystem was too full but that the size of the partition was too large and the crypto footer could not be added anymore.
If less there are less than 32 (CRYPT_FOOTER_OFFSET / CRYPT_SECTOR_SIZE) sectors available after the filesystem, the encryption is aborted.
Now the question remains: Why are there less than 32 sectors available on some installations? How can the partition be different when the same image is used?
Unfortunately the update to the 16.05 version didn’t work for me, so I flashed the whole system. Then I ran also into the problem that I couldn’t encrypt the device anymore.
Anyhow, following @tphysm’s workaround I was able to encrypt the device again! So thanks for that tips. I can confirm now that this workaround also worked for me.
Hi there, this is indeed the lack of space after the userdata partition. I cured it with the following steps:
Boot into twrp and open a terminal console
Make sure that my userdata partition is /dev/block/mmcblk0p20 by running “fdisk -l /dev/block/mmcblk0” and inspecting the output.
Run resize2fs /dev/block/mmcblk0p20 6798000 (I tried an insanely large number first, and it refused to resize telling me the current number of blocks (I think it was 6790139 but I am not sure).
No wiping at all, simply reboot, and try to encrypt. Joy!
@tphysm 's method worked for me as well on a fastboot installation for 16.06.
Anyway I experienced some weird behaviour with the decryption of the device: When switching the screen on and of multiple times while in the decryption PIN/Password entry screen at some point the SIM-Card unlock dialogue overrides the decryption dialog. After unlocking the SIM I can continue with entering the decryption PIN/Password.
At the time of the next shutdown and the following reboot the info icon “SIM cards have changed” appears.
What really is important is to be able to mount /data in recovery to be able to make complete backups. I’ve not heard anything official that this prooblem is looked into!
I am not sure if that is ture. While I don’t know how TWRP makes backups, but if it would just copy the whole filesystem or partition, like dd, then it should also be able to backup an encrypted partition (no need to be mounted).
@lklaus mentioned that maybe TWRP v. 3 should be able to backup encrypted /data partitions:
I encrypted my Phone with the user shipped (proprietary) FP2 OS and then switched over to the FPOSOS. In the beginning (16.04) I had to enter my PIN to decrypt my userdata. But now (16.06) i noticed, I no more have to enter my PIN to decrypt userdata. In Settings it still says “Encrypted” and also TWRP can´t access the userdata. I also switched it off totally and removed the the battery to be sure the PIN is not kept in memory.
This really strange, it would mean my encryption key is no more PIN-protected. This is not what the encryption should be. Is someone of you recognising the same issue, or Is there something wrong with my settings?
Encryption should be better tested and promoted, so users are more secure! Also TWRP needs a fix to be able to access decrypted /data for full backups.
There are two layers to encrypt the /data partition, one that is built into the hardware, and one is the password or pin you enter, and they are supposed to work together/be combined. So it should be possible theoretically that the encryption is in place without your password, by only using the hardware key.
I also experienced that already a few times during updates or OS changes that encryption seemed to be in place though I didn’t get asked for my pw, which is not the behaviour I expect or want to have, as it makes my data easier accessible.
I use the app snooperstopper to have a different password than for the lock screen, and resetting the password there solves the problem and I get asked again for my password on start up.
What happens if you set a new PIN, pattern or password? My FP2 with 16.06 then asks me if this should also be needed at boot:
Thank you for the suggestion and the confirmation that this works on FP2. Is it compatible with a pattern to unlock the screen? Snooperstopper asks for my current password though I have a pattern. And what happens if you change the pattern or PIN afterwards, does it overwrite the encryption password as well?
Thank you @m4lvin for your hint, it was set to No thanks and I switched to Require password and it worked! Afterwards I installed snooperstopper which is really what I was “searching” for a long time. You may even set a pattern or short PIN for the display lock and have a long random passphrase for encryption.
Security note:
If you change the pattern, PIN or passphrase for the display lock it will automatically remove the encryption passphrase on Startup (Hardwarekey only) so make sure you set an encryption passphrase with snooperstopper directly after changing the display lock (snooperstopper will popup automaticaly!). Thank you @freibadschwimmer!
Trying to encrypt with Fairphone Open OS 17.02.
After starting the encryption an Android picture was shown, then the phone rebooted immediately and is now showing the flashing “LOADING” since approx. 3 hours …
I would guess that the phone is not encrypting, or is it?
Edit: Took the battery out, put it in again and started the phone, seems like nothing happened.
Edit:
Thanks @sil-van, that did the trick … now on to struggling with an unresponsive touchscreen …
Edit: Ok, checked this touchscreen thread and it seems my charger is causing the touchscreen issue … but only after encrypting the phone … This feels like an adventure game, I don’t know whether I like this gamification trend nowadays …
For some reason, the afforementionned commands does not work for me. No error, the logs show the commands are executed proprely. But when I reboot, system is still unencrypted (and relaunching the encryption setup does not work).
As I’m completely new to both android and fair phone, I’m not sure what I can do to achieve encryption on my system. It’s a FP2, running FairPhone Open OS 17.09.3 (I used the OTA build switcher from here.
At least the system is booting properly and my data still there. I just fill a bit naked with my data stored in clear
I’ve got no log of any kind (at least nothing visible). The system simply reboot unencrypted.
Anyway, I’ve wiped the data partition from the phone, as suggestion in another post, and encryption worked. But I had to reconfigure everything from scratch, which is a bit sad
The phone doesn’t completely reboot - the only part that is being restarted is the user interface. Your USB connection and both adb processes (the one on your phone and the one on your PC) will stay alive.
The first time, I tried to enable the encryption, I got the same error that someone posted here in this thread.
After resizing, everything went well for me.
