In order to improve the installation documentation, we are trying to figure out which devices support user data encryption, and which devices do not support it.
At the moment we have found that those devices don’t support data encryption:
- LeEco Le2 (“s2”) for /e/-oreo and /e/-pie
In order to check if your smartphone is already encrypted or not, go to Settings->Security
If it’s already encrypted, “Phone encrypted” is displayed:
If it’s not already encrypted, “Phone not encrypted” is displayed:
If the smartphone is not encrypted, you can encrypt it by touching “Encrypt phone”, and there you go:
Please note: you won’t be able to revert this action!
If your device doesn’t support data encryption, please report your model and your /e/OS version into this thread below!
Regain your privacy! Adopt /e/ the unGoogled mobile OS and online services
For the S2 part, are you aware of this topic? As you might know i did a lot of encryption testing on S2, and found some problems (it has to do with the data partition size). When you dirty flash the Leeco S2 encryption does not work. I also found that after wiping the device and format data the encryption does work. If you like i can do some testing on this.
first of all the encryption works on all the smartphones that I could test on.
Samsung Galaxy S4 mini; serranoltexx
HTC one (GSM); m7
Xiaomi Redmi Note 4x; mido
Xiaomi Pocophone f1; beryllium
for Samsung Galaxy S4 mini I tested the updating from official nougat version to, as of yesterday, latest official nougat version and then upgrading to a Pi/e/ build that I made for it, all that worked well if done manually. So to say, I had to download or extract the update from updater and then boot into recovery, decrypt data partition and then update. it did not work automatically yet. on the nougat versions the decrypt screen during boot up was not showing the dialpad to unlock, but after a screen lock and unlock it worked, as well as after upgrading to pi/e/, out of the box.
for HTC one I could only test wit an unofficial nougat build made by unknown anonymous last year, I did not encounter any bugs at all.
for Xiaomi Redmi Note 4x I came from a testing version, so I had to do a factory wipe to install the official nougat version, that went good and encryption remained also the following upgrade to unofficial Pi/e/ went well. only thing again on official nougat, is some lag during the decrypt process in boot up, the phone doesn t recognize the touches, dial pad is shown, either waiting some time or screen lock and unlock is fixing that.
for Xiaomi Pocophone f1 I couldn’t do that wide range of tests, as I use it as daily driver. anyway I use it with encryption, only bug I faced is again the screen of decryption during boot process, that seems to be dependent of firmware and drivers installed as with different vendor, firmware or kernel it is different experiences.
All these tests were made on clean installs without formating data partition.
Works fine on PH1 Essential under Pie /e/
For your information: I just encrypted my as of yesterday brand-new /e/-provisioned and -provided Samsung Galaxy S9+ (SM-G965F) without a hich.
I also wanted to thank you and your people for all the excellent work and efforts you are providing since so long.
For example: I’ve ordered and payed for the /e/-S9+ and a mere 25 hours later, I held it in my hands and was able to finaly use my very own smarthphone the way it should have been from the beginning: Without the likes of Google, Apple, Samsung etc., etc. cluttering up my device and constantly watching over my shoulder!
3 thumbs up… out of three!
I also want to congratulate you on the core-usage of Nextcloud… : Exactly right!!
I will refer to /e/ in the future when ever appropriate, as THE alternative.
Please keep it up. To offer fully configured /e/-devices is the way to go for the vast majority of end-users. Maybe you should also offer /e/-tablets from Samsung and Huawei, since there is a specific use-case for tablets.
Thank you again.
on this test Pie build by Manoj for my Samsung Galaxy A3 (2016) encryption works, my phone displays it is encrypted
Samsung Galaxy J5 2015 | SM-J500FN | j5nlte
The encryption works but I think I had to do something, like “Resize data partition” in TWRP. I’m not sure at all if it’s still the case, but I think it was.
(On other similar Samsung phones with LineageOS that’s also the case, but it’s worse, I had to change the value of the data partition with the terminal in TWRP)
What is sure is that once the phone is encrypted, TWRP can’t decrypt it (I think it’s a Samsung specific issue). Which means I can’t use the backup and restore feature of TWRP for instance.
[[ When I do an OTA update, it just brings me into TWRP main menu, without installing. After a fresh install and encryption, it works once or twice and then it doesn’t work anymore. Probably because of Magisk or Xposed so not sure it’s directly an issue of /e/OS. ]]
(Since it’s my main phone, and that the backup and restore feature can’t be used, I can’t redo everything in order to test, it would take too much time)
EDIT : somebody with the same phone not encrypted AND without Magisk have the same OTA update issue, so looks like it’s not an encryption issue.
EDIT : I finally re-installed everything and I confirm the encryption issue.
To make it easier for all to contribute and to collect the data …this post is editable
Please add the device name only
Encryption Does NOT work on
Motorola Moto X Play (lux) - Nougat build
Motorola G - Android 7.1.2
Motorola Moto G4/Plus (Athene) - Nougat build
Nexus 5x (LGH791F)
Oneplus 5T pie build
Encryption Works on
Essential PH-1 mata
Fairphone 2 (FP2) - Pie build
Fairphone 3 (FP3) - Pie build
Google Nexus 5, nougat
HTC one (GSM); m7
LeEco Le2 (s2) - Oreo and Pie builds - requires manual partition resizing
LeEco Le2 (s2) - Nougat build
LeEco Le2 (s2) - Pie build
Motorola Moto E XT1527(Surnia) - Nougat build
Motorola Moto G4 Play (Harpia) - Nougat build - requires manual partition resizing
Nexus 5X (LG, Platform msm8992, 1.8GB)
OnePlus 5T - Oreo build
OnePlus 7 Pro
Samsung Galaxy A3 (2016) - pie build
Samsung Galaxy A5 2017 (a5y17lte) - Issue: Reboot loop if Magisk is installed
Samsung Galaxy A5 SM 510F (a5xelte) - Pie build
Samsung Galaxy J5 2015 | SM-J500FN | j5nlte - with issues
Samsung Galaxy S4 mini; serranoltexx
Samsung Galaxy S4 Mini I9195 (serranoltexx) - Nougat build
Samsung Galaxy S7 (SM-G930F)
Samsung Galaxy S9+ (SM-G965F)
Xiaomi Pocophone F1; beryllium
Xiaomi Redmi Note 4x; mido
Xiaomi Mi Mix 2 (Chiron) - Oreo and Pie builds
Xiaomi Mi Note 3 (Jason) Oreo
Xiaomi Redmi 4x (santoni) - Oreo and Pie builds
My oneplus 7 pro is encrypted
After further tests with encrypted Samsung Galaxy A5 2017 (a5y17lte) I had a major issue: Reboot Loop after installing Magisk on encrypted device!
Steps to reproduce:
- Installed e-0.8-p-2020041049061-dev-a5y17lte.zip -> OK
- encrypted device -> OK
- Installed Magisk-v20.4.zip using TWRP (Version 3.3.1-1) -> Reboot loop (only gets to Samsung start-screen before device reboots again)
- Same issue with version e-0.7-p-2020033047438-dev-a5y17lte.zip
- On one attempt /e/ started successfully after about 15 reboots. But I only saw this once.
- No problems with Magisk on not-encrypted device
Encryption works, but only if not installing Magisk!
My Motorola G4 plus (7.1.2 - Nougat athene build) is encrypted. I think I had to encrypt it after installation (but it’s that long ago I’m not sure)
As @andrelam points out, LeEco Le2 (s2) does work with some assistance. Edited to reflect this.
In Addition to
Samsung Galaxy S7 (SM-G930F):
Might be some issues while updating, saw a message that mounting of storage failed, butvUpdate succeeded
Added to list… removed here
I found some time to check the issue. The encryption does not work indeed (using LineageOS source).
To fix this the BoardConfig.mk in the source must be changed. For the 32GB version:
BOARD_USERDATAIMAGE_PARTITION_SIZE := 25765040128
The current configuration is incorrect, the encryption needs 16kb of space for the encryption key.
A quick fix are these commands in TWRP:
/dev/block/mmcblk0p56 on /data type ext4 (rw,seclabel,relatime,resgid=1065,data=ordered)
resize2fs -f /dev/block/mmcblk0p56 6290293
(For 32Gb version, i don’t have 64Gb to test)
But again this issue comes from wrong board configuration.
Edit: For people interested in the math (i would have been)
Original size from LineageOS sources:
Size is first 6290297 4k blocks, (1k = 1024 bytes, so 4 of them are 4096 bytes.)
Total bytes: 6290297*4096 = 25765056512 bytes
Encryption needs 16k bytes at the end of the data partition, 16*1024 =16384 bytes.
To get them we subtract 4*4k blocks of the data partion (4*4096).
6290293 4k blocks, 6290293*4096 = 25765040128 bytes.
Check (old - new)
25765056512 - 25765040128 = 16384
16384/1024 = **16** So now it should work.
Just verified above, i’ve build /e/ Pie for S2 using the mentioned board config and it works. Method to encrypt:
- Use TWRP 220.127.116.11
- Wipe > Advanced wipe : select all and wipe.
- Wipe > Format Data : type yes and format.
Install the new /e/ ROM
- Advanced > ADB side load
- open cmd or terminal
- adb sideload e-rom-name.zip
After that boot /e/ and setup a pattern or pin, after that encryption works. So @GaelDuval the BoardConfig.mk must be changed in s2 source, but i’m not sure how to do it for 32Gb AND 64Gb. Maybe your dev’s know this, or maybe seperate the roms depending on the model.
This could also be the reason for encryption errors for other models.
Please update the device names here it is an editable post - will make data collection easier.
I am using a MOTO E phone ( not a fast mobile).
My understanding of the value of encrypting our phone is thaT if someone has physical access to our phone, they could access the DATA on the SD CARD OR connected the phone to a USB Cable and access or DATA (internal storage).
But, does it make the phone slower ? I bought that Motorola to test /e/ as I’m an iPhone user ( all my life), now that I love /e/ I will may be buy a faster one but while I’m still using my Moto E, I wanted to be sure ENCRYPTING the phone will not make it painful to use…
In case it’s really slow, you will still be able to wipe everything and re-install thanks to “Backup” and “Restore” features of TWRP. (Of course do a backup before encrypting). Everything will be as it was before.
(Do another backup with another method in case this method fails to restore)
This is correct, they also can remove your pin and fingerprint. Encryption helps here. I use encrypted Leeco S2 and do not notice speed issues. Not sure about Motorola.