Android全设备加密
这里有大概的步骤和常见问题处理。
值得一提的是Orig filesystem overlaps crypto footer region. Cannot encrypt in place这个问题。CM的JIRA上有人贴出了详细步骤:
Reboot into recovery (I’m using 4EXT Recovery, though CWM Recovery should work too)
Make sure /system, /sdcard, and /data are all mounted
From an adb shell, make a tar backup of /data (make sure you first have enough space on your SD card):
/system/xbin/tar -C / -cf /sdcard/data.tar data
Figure out device name of /data partition:
grep /data /proc/mounts
As an example, let’s say the previous step gave you /dev/block/mmcblk0p23
Figure out the partition’s size and the new size of the /data filesystem:
data_dev_size=$(cat /sys/class/block/mmcblk0p23/size)
new_fs_size=$(( ((data_dev_size/2)-16)*1024 ))
Reformat /data with correct size (continuing with the example of mmcblk0p23):
umount /data
/system/bin/make_ext4fs -a /data -l $new_fs_size /dev/block/mmcblk0p23
Remount /data
Restore the backup of /data:
/system/xbin/tar -C / -xf /sdcard/data.tar
Reboot
The “Encrypt phone” option in the Settings app now properly encrypts /data on the phone.
注意备份还原一定不要用Recovery内置的,一定要按原文走tar手动,因为Recovery的还原会自动format,才做好的特殊大小的分区就没了……
当然我的C8950D在折腾了这么多后依然是报这个错误,哪怕我已经留了16MB的大小了。考虑到这手机在其它诸多方面的奇葩之处以及这个功能其实在设置里是被隐藏起来的,很可能底层还被改变了什么。总之更加坚定了我换手机的想法。
开全设备加密的最大意义,就是手机一旦丢了,没有密码,无法从/data里读取出个人数据,从而防止身份盗用的问题。毕竟现在太多的账号可以通过手机短信找回密码了。