How to back up encrypted /data atomically in Android 12?

Question

I accidentally upgraded my phone to Android 12 instead of a newer Android 11 and, to my dismay, it seems encryption was changed in a way that makes TWRP unable to decrypt my /data.

For backups, I ran borgbackup on /data from TWRP and would like to continue doing so. This strategy relied on TWRP being able to decrypt /data however.

Is there another way to get:

Decrypted /data
No active processes modifying /data (ideally have it readonly)
Shell access
A writable rootfs where I can create a subdirectory to mount a tmpfs on

I tried using Magisk to mount -o remount,ro /data in a running system but that didn't work: mount: '/dev/block/bootdevice/by-name/userdata'->'/data': Device or resource busy

Is that an answer? If so, post it as one. Also, does that even fit in here? Is its backup mechanism atomic? — Atemu, Jan 12 '23 at 18:53
TWRP does not support Samsung encryption, just left a link for alternative backup method — alecxs, Jan 12 '23 at 19:41

score 1 · Accepted Answer · answered Jan 11 '23 at 15:50

With 3.7.0, TWRP now supports Android 12's decryption, so that fixes that.

Should something like this happen again in the future, Shut down the Android OS partially into a "recovery mode"/recovery runlevel could also be used to back up data without any process writing but I haven't tried to make that work with my special setup yet.

How to back up encrypted /data atomically in Android 12?

1 Answers1

Linked