PINE64
Recover LUKS volume, rpmb, "Replay Protected Memory Block" - Printable Version

+- PINE64 (https://forum.pine64.org)
+-- Forum: Pinebook Pro (https://forum.pine64.org/forumdisplay.php?fid=111)
+--- Forum: General Discussion on Pinebook Pro (https://forum.pine64.org/forumdisplay.php?fid=112)
+--- Thread: Recover LUKS volume, rpmb, "Replay Protected Memory Block" (/showthread.php?tid=17896)



Recover LUKS volume, rpmb, "Replay Protected Memory Block" - regivanx - 02-06-2023

Hi,

For the record, I have two pinebook pro, pbp1 and pbp2, and they both crashed at the same time after an update and/or a reinstallation with manjaro-arm-installer.

pbp2 was fixed thanks to this thread.

pbp1 couldn't boot to emmc at all, even abnormally, but could boot normally to SDcard. It is from pbp1 that I repaired pbp2.

pbp1 is older than pbp2.

On pbp1, after booting on the SDcard:

Code:
$ ls /dev/mmcblk2*
mmcblk2
mmcblk2boot0
mmcblk2boot1
mmcblk2p1
mmcblk2p2

According to lsblk, mmcblk2 mmcblk2boot0 and mmcblk2boot1 are of type "Disk". mmcblk2p1 mmcblk2p2 are partitions.

mmcblk2p1 contains the /boot partition and mmcblk2p2 the root partition of the emmc, and was a bootable operating system before the crash.

mmcblk2p2 is an encrypted volume, usable with cryptsetup.

Since the problem of pbp1 and pbp2 seemed similar, I installed Tow Boot on the emmc of pbp1.

However, that didn't solve the problem: now Tow Boot informs me that the emmc is not bootable, but can still boot an OS on a USB stick or sdcard.

However, after installing Tow Boot on the emmc, the presentation of devices is different:

Code:
$ ls /dev/mmcblk2*
mmcblk2
mmcblk2boot0
mmcblk2boot1
mmcblk2p1
mmcblk2rpmb

and mmcblk2rpmb does not appear under the lsblk command.

However, testdisk says:

Code:
Disk /dev/mmcblk2 - 62 GB / 58 GiB CHS 1908480 4 16

The harddisk (62 GB / 58 GiB) seems too small! (< 803 GB / 562 GiB)
Check the harddisk size: HD jumper settings, BIOS detection...

The following partition can't be recovered:
Partition Start End Size in sectors
> Linux filesys. data 500001 1178983610 1178983610

[ Continue ]
LUKS 2 (Data size unknown) 603 GB / 561 GiB
  • Is mmcblk2rpmb another name for mmcblk2p2, or does it have nothing to do with it?

According to wikipedia, the initials "rpmb" stands for "Replay Protected Memory Block", a volume requiring authentication before it can be accessed (authentication in addition to LUKS?)
  • Do you think it is still possible to access the mmcblk2p2 encrypted volume?
  • Do you think installing Tow Boot on the first few sectors of the emmc made mmcblk2p2 permanently inaccessible?

I ask these two questions beforehand because if mmcblk2p2 is permanently inaccessible, I have to reinstall everything.


RE: Recover LUKS volume, rpmb, "Replay Protected Memory Block" - wdt - 02-07-2023

I don't know why you think to disregard my advice to back up (emmc) mbr
Your mbr 's partition table is wrong
boot1, boot0, rpmb are sections on the emmc, made by the disk controller
Check the size,, 4M x2 and 12M(??)
Not used for rk3399 cpus
With manjaro, p1 starts at 62500 if that helps
-----
for that matter, if you backed up the 1st 16M of emmc, run fdisk on that file,
then open another tab in xterm (konsole) and fdisk on emmc
edit a partition table by deleting and then re-creating partition with RIGHT sector numbers (from 1st-16M)
if you run fdisk on shared.disk-image.img you will see 64 24639 24576 12M ff BBT
(and this is wrong, OK for a tow-boot install, but NOT to boot emmc, delete this partition)
This represents start of idbloader to end of u-boot.itb
the uboot loader package needs NO partition, it is a RAW read (from cpu specified and fixed locations)


RE: Recover LUKS volume, rpmb, "Replay Protected Memory Block" - z4v4l - 03-07-2023

Quote:Is mmcblk2rpmb another name for mmcblk2p2, or does it have nothing to do with it?
no. it does have nothing to do with it. mmcblkNboot0, mmcblkNboot1 and mmcblkNrpmb are special purpose subdevicies on an eMMC module, the first 2 are for booting from them, but rockhip rom code seems to not support this. this would be a good place for FW if it did. the rpmb is a "security" device, for storing there secrets. can be accessed only after authentication. none of these have something to do with your data, no matter are the latter encrypted or not. user data go to the general puspose area, this is what linux designates as mmcblkN as a whole and mmcblkNpM as a partition.