In the guideline for the disk encryption it is specified that I need to generate the EKB in this manner:
echo “00000000000000000000000000000000” > ekb.key
If I want to use my random bytes such as
echo “cf794188bf85f31929018ffdd149a71f” > ekb.key without a kernel panic, what is the procedure to follow?
evilinux,
There’s also a nvidia-jetson-optee-source.tbz2 tarball within the JP5.1 public sources (I’m not sure if this is also supported in JP5.0.2) with some scripts that could help you generate the EKB.
The scripts are located on: /$HOME/Linux_for_Tegra/source/public/nvidia-jetson-optee-source/optee/samples/hwkey-agent/host/tool/gen_ekb . It contains a gen_ekb.py that generates the EKB, and an example.sh that guides you on how to do it.
Thanks a lot jdiegodelgado. A couple of days ago I did the same by using the same package in the version 5.0.2. The most important thing is that the sym2.key in the example.sh is correspondent to the ekb.key. However, thank you for your support.