✏ Porting TWRP recovery

You just can’t access userdata from TWRP.

Hey guys,

I just followed the installation guide in the first post and it works like a charm. I’m still using the stock rom and installed xposedv79-sdk22-arm. Thank you very much for your effort, Max! Finally this thing feels like a fairphone again (instead of a proprietary sh** that I don’t really own) :smiley:
Now I can focus on setting up my beloved first batch FP1 for my mom :wink:

1 Like

Note: by now v80 of exposed framework is available from the link mentioned above. Not sure what difference it makes, but it installs just the same as v79 on my FP2…

@freibadschwimmer:
So finally I tried to take a copy of /dev/block/platform/msm_sdcc.1/by-name/recovery
by using
dd if=/dev/block/platform/msm_sdcc.1/by-name/recovery of=/storage/sdcard1/recovery.img
which gives me a 16MB file, which sounds reasonable. But I am not sure if I actually copied the right source location …”

Yes, you did:
After installing TWRP-Recovery I successfully reinstalled the stock-recovery with this method. Great, thanks a lot
Joachim

4 Likes

Is it possible to restore a twrp backup on a second / different Fairphone? I’m asking cause my phone has to be exchanged and I want to use twrp to backup the old one and restore on the new one. Both are Fairphone 2.

1 Like

It’s supposed to. But honestly, I don’t know (yet).
It looks as is full functionality is there, except for encrypted devices. Though I’m counting on it, because I will need it when I switch from stock to fpoos, which I hadn’t time to do up to now (factory reset)

1 Like

Hi,

I’ve made another build of TWRP v3.0.0-0 for the Fairphone 2.

This port is based on this code : https://github.com/TeamWin/Team-Win-Recovery-Project
The changelog between v2 is here : https://twrp.me/site/update/2016/02/05/twrp-3.0.0-0-released.html

With the help of @Max_S, I’ve made a fully fonctionnal build with no SELinux errors and all the partitions includes in the .fstab.

For info, here is the fstab I’ve use in regard of the Fairphone 2 hardware :

/boot emmc /dev/block/platform/msm_sdcc.1/by-name/boot /system ext4 /dev/block/platform/msm_sdcc.1/by-name/system /cache ext4 /dev/block/platform/msm_sdcc.1/by-name/cache /data ext4 /dev/block/platform/msm_sdcc.1/by-name/userdata length=-16384 /sdcard vfat /dev/block/mmcblk1p1 /dev/block/mmcblk1 flags=display="Micro SDcard";storage;wipeingui;removable /recovery emmc /dev/block/platform/msm_sdcc.1/by-name/recovery /persist ext4 /dev/block/platform/msm_sdcc.1/by-name/persist flags=display="Persist" /firmware vfat /dev/block/platform/msm_sdcc.1/by-name/modem flags=display="Firmware"

In order to work, the file must be in /device/fairphone_devices/FP2 and replace the original recovery.fstab

For removing SELinux errors, I’ve need to add lots of lines in the /external/sepolicy/recovery.te and some in /external/sepolicy/domain.te

Be aware, in order to remove all SELinux errors, I’ve add the line allow recovery kernel:security setenforce; in recovery.te witch mean that recovery can disable SELinux enforcement
If you don’t trust TWRP Team don’t use this build !

I can make, if someone want, a version without this permission but with some SELinux errors.

For the installation, it’s the same process that Max-S’s build.

The image is bigger because I doesn’t reconfigure the kernel but there’s no problem for flashing it.

Here is the recovery image to flash. md5sum : 8a634c3be94136d6c4abb859057599c7

This is the ramdisk for testing with an emulator. md5sum : 7bfd1ed1648cd402313c4648d14188f0

This and this are the domain.te and recovery.te I’ve need to modify.

This is the original recovery in case of problems or if you want to go back. md5sum : 8f29304f47b5d3e070fb8b4de33051ad

What I’ve testing and work with my phone :

  • Install ZIPs
  • Wipe partitions
  • Mount partitions
  • Backup partitions
  • Restore backup
  • Terminal Emulation
  • File Manager
  • ADB Sideload
  • ADB Shell
  • Language translation
  • Reboot

For information, TWRP can’t access to encrypted data partition.

Please not that I provide this build “as is” WITHOUT any warranties about damages it can produice on your device.

Note that’s possible to root your phone if you install SuperSU.zip from TWRP on a stock firmware. :wink:

If you want more informations, don’t hesitate to ask me and good flash !

16 Likes

Thank you very much for releasing this!

Since a secure system is really important to me, I wonder what are the downsides of using a version with some SELinux errors?

If you get selinux denials than some operation was blocked. Most of the time it’s access to files or execution of programs. Which is interesting if it works nonetheless…

1 Like

First great news, post and work @OuinOuin!

I hate to be that guy, but maybe we should start an article to better explain the different “su” programs.
If I understand it correctly, there is not code available for SuperSU, is that correct?

1 Like

Hey, this sounds great. Will try it as soon as I have time for.
Please feel free to add it to the wiki article. Did you got the chance to try with encrypted userdata?

1 Like

Thanks for the compliment !

You’re right about SuperSU, the code of the program isn’t open but it’s the most used for rooting Android devices.
Now, if you want a Open Source way to root your phone, you can follow the excellent tuto from @Max_S here.

1 Like

Thanks !

Unfortunately my device isn’t encrypted so I can’t make test but if someone want to test. If I have enough time this weekend, I’ll encrypt my device and make a try.

Hi,

I’ve made this changes to erase this error encounter by @Max_S build : type=1400 audit(1453078388.170:5): avc: denied { write } for pid=33 comm="toolbox" name="enforce" dev="selinuxfs" ino=4 scontext=u:r:recovery:s0 tcontext=u:object_r:selinuxfs:s0 tclass=file permissive=1

For what I see, SELinux protection is still active when TWRP run but the program needs to change SELinux enforcement in the init procedure. See in domain.te :

# Only init prior to switching context should be able to set enforcing mode.
# init starts in kernel domain and switches to init domain via setcon in
# the init.rc, so the setenforce occurs while still in kernel. After
# switching domains, there is never any need to setenforce again by init.

But in fact, it doesn’t work in my case so I add -recovery to authorize it for modifying SELinux enforcement.

I think the line who produce this error is in the init.rc of recovery :

service set_permissive /sbin/permissive.sh oneshot seclabel u:r:recovery:s0

However, as recovery can change SELinux enforcement, it can do it at every time when it run so to be sure there is no risk, a code inspection is needed but I haven’t time and knowledge for doing that. :wink:

Keep also in mind that in order to TWRP working, it must run in permissive mode which mean that SELinux errors are just logged but not applied. This is doing by adding this line :
# Allow recovery to set permissive mode permissive recovery;
in recovery.te

I can make, if you want, a version without the authorization for recovery to modify SELinux enforcement but I think it will change nothing but show SELinux errors as recovery already run in permissive mode.

Just a short feedback on this topic.

As I mentioned here ✏ Porting TWRP recovery
I had to replace my Fairphone.

Used TWRP from @Max to backup the old one.
The restore on the new one worked.

The only think I had to do was, make a new backup to have a folder with the serialnumber of the new phone and copy the the old backup in this folder.
After restore wipe cache and dalvik cache. Thats it!

4 Likes

I tried the xposed-v80-sdk23-arm.zip and I had an error. I then installed the xposed-v80-sdk22-arm.zip and it works :slight_smile:

sdk23 is for Marshmallow and sk22 is for Lollipop. :wink:

1 Like

That might be the reason, indeed ^^'
Thanks for the info

Thanks for your work.
I tried to flash SuperSU but it doesnt download the new SU Binarys.
Maybe you have a hint for a solution?
There are Root Apps, which only works with chainfires SuperSU.

Following this procedure here does not wipe or erase any user data correct? Fastboot flashing a new recovery does not require any fp2 unlock procedure that would wipe the phone (as read somewhere else)?