- NXP Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- Wireless Connectivity
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- Vigiles
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
-
- Home
- :
- i.MX Forums
- :
- i.MX Processors
- :
- Re: can't encrypt on android port of Nitrogen6_max
can't encrypt on android port of Nitrogen6_max
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
We are using Nitrogen6_max from Boundary Devices for our development.
We are facing problems in the device encryption feature of android. When ever we try to encrypt the device goes into a infinite screen with the android logo.
After adding the "encryptable=userdata" flag against "/data" in the device/boundary/nitrogen6x/fstab.freescale , we were able to get the encrypt screen with progress-bar. but that also gets stuck between 13% - 27%.
On analysing the logcat, we came to know that the progress stops after the following prints.
============== Logs =============
W/MountService( 1313): Thread Binder_5 still waiting for MountService ready...
W/MountService( 1313): Thread Binder_3 still waiting for MountService ready...
W/MountService( 1313): Thread Binder_5 still waiting for MountService ready...
E/MountService( 1313): Error processing initial volume state
E/MountService( 1313): com.android.server.NativeDaemonConnector$NativeDaemonFailureException: command '1 volume list' failed with 'null'
E/MountService( 1313): at com.android.server.NativeDaemonConnector.execute(NativeDaemonConnector.java:376)
E/MountService( 1313): at com.android.server.NativeDaemonConnector.executeForList(NativeDaemonConnector.java:327)
E/MountService( 1313): at com.android.server.MountService$4.run(MountService.java:728)
E/VoldConnector( 1313): timed-out waiting for response to 2 volume mount /storage/extsd
E/MountService( 1313): Boot-time mount exception
E/MountService( 1313): java.lang.NullPointerException
E/MountService( 1313): at com.android.server.NativeDaemonConnectorException.getCode(NativeDaemonConnectorException.java:44)
E/MountService( 1313): at com.android.server.MountService.doMountVolume(MountService.java:995)
E/MountService( 1313): at com.android.server.MountService.handleSystemReady(MountService.java:541)
E/MountService( 1313): at com.android.server.MountService.access$500(MountService.java:109)
E/MountService( 1313): at com.android.server.MountService$MountServiceHandler.handleMessage(MountService.java:493)
E/MountService( 1313): at android.os.Handler.dispatchMessage(Handler.java:102)
E/MountService( 1313): at android.os.Looper.loop(Looper.java:136)
E/MountService( 1313): at android.os.HandlerThread.run(HandlerThread.java:61)
============== Logs End =============
Has anyone faced this before? How do we get the encryption working?
Thanks and Regards,
Anand Mistry
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Gary,
We've got the encryption working on KK.
We had to add CAAM drivers from MM kernel and do the following changes to the .dtsi file.
Thanks for the support.
------------------------ arch/arm/boot/dts/imx6qdl.dtsi ------------------------
reg = <0x2100000 0x40000>;
ranges = <0 0x2100000 0x40000>;
interrupt-parent = <&intc>; /* interrupts = <0 92 0x4>; */
- clocks = <&clks 213>, <&clks 214>, <&clks 215> ,<&clks 196>;
+ clocks = <&clks 246>, <&clks 247>, <&clks 248> ,<&clks 196>;
clock-names = "caam_mem", "caam_aclk", "caam_ipg", "caam_emi_slow";
----------------- arch/arm/boot/dts/imx6qdl-nitrogen6_max.dtsi -----------------
status = "okay";
};
+ caam_keyblob {
+ compatible = "fsl,sec-v4.0-keyblob";
+ };
+
backlight_lcd: backlight_lcd {
compatible = "pwm-backlight";
pwms = <&pwm1 0 5000000>;
Thanks & Regards,
Anand Mistry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
HI Anand,
Please specify which version of Android you are using. As a FYI, encryption has been added and tested on Marshmallow, earlier versions won't work:
Make sure to set a PIN password before starting the encryption, otherwise Android will not allow you to log in.
Regards,
Gary
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Gary,
We are using kitkat release boundary-imx-kk4.4.3_2.0.0-ga.
We understand that Encryption is not supported in this release.
So, any pointer regarding enabling it would be appreciated.
Thanks and Regards,
Anand Mistry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Anand,
Why don't you switch to Marshmallow? It provides better UI, improved security and best support.
The KitKat release is missing a 9th partition that is used to store the keys. So you first need to update the sdcard partitioning script and then the fstab accordingly.
Good luck.
Regards,
Gary
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Gary,
For some reasons, we cannot shift to marshmallow. Hence we need support in making it work on kitkat.
Can you tell us of other imx6 kitkat platforms that you might've tested and seen encryption working with the 9th partition?
Thanks and regards,
Anand Mistry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Anand,
SabreSD release should have encryption working fine.
Regards,
Gary
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Gary,
We've got the encryption working on KK.
We had to add CAAM drivers from MM kernel and do the following changes to the .dtsi file.
Thanks for the support.
------------------------ arch/arm/boot/dts/imx6qdl.dtsi ------------------------
reg = <0x2100000 0x40000>;
ranges = <0 0x2100000 0x40000>;
interrupt-parent = <&intc>; /* interrupts = <0 92 0x4>; */
- clocks = <&clks 213>, <&clks 214>, <&clks 215> ,<&clks 196>;
+ clocks = <&clks 246>, <&clks 247>, <&clks 248> ,<&clks 196>;
clock-names = "caam_mem", "caam_aclk", "caam_ipg", "caam_emi_slow";
----------------- arch/arm/boot/dts/imx6qdl-nitrogen6_max.dtsi -----------------
status = "okay";
};
+ caam_keyblob {
+ compatible = "fsl,sec-v4.0-keyblob";
+ };
+
backlight_lcd: backlight_lcd {
compatible = "pwm-backlight";
pwms = <&pwm1 0 5000000>;
Thanks & Regards,
Anand Mistry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Anand,
Good to hear it works. Is the caam_keyblob only meant for this? Strange I didn't have to add it for Marshmallow, it must fallback to some sw back-end.
Regards,
Gary
