hello _Becu,
we’ve test again locally to confirm disk encryption is working.
here’re our test steps for your reference,
Preparation: $ sudo apt-get install cryptsetup.
note, it’s cryptsetup utility to create encrypted rootfs for image flashing.
- Generate images for QSPI:
$ sudo ./tools/kernel_flash/l4t_initrd_flash.sh --showlogs -p "-c bootloader/t186ref/cfg/flash_t234_qspi.xml" --no-flash --network usb0 jetson-orin-nano-devkit internal - Generate the key:
$ echo "f0e0d0c0b0a001020304050607080900" > ekb.key - Generate images for external storage device:
$ sudo ROOTFS_ENC=1 ./tools/kernel_flash/l4t_initrd_flash.sh --showlogs --no-flash --external-device nvme0n1p1 -i ./ekb.key -c ./tools/kernel_flash/flash_l4t_t234_nvme_rootfs_enc.xml --external-only --append --network usb0 jetson-orin-nano-devkit external - Flash images into the both storage devices:
$ sudo ./tools/kernel_flash/l4t_initrd_flash.sh --showlogs --network usb0 --flash-only
Flash success and boot up:
$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/crypt_root 54G 5.6G 46G 12% /
/dev/mapper/crypt_UDA 374M 14K 350M 1% /mnt/crypt_UDA
none 7.5G 0 7.5G 0% /dev
tmpfs 7.6G 36K 7.6G 1% /dev/shm
tmpfs 1.6G 19M 1.5G 2% /run
tmpfs 5.0M 4.0K 5.0M 1% /run/lock
tmpfs 7.6G 0 7.6G 0% /sys/fs/cgroup
/dev/nvme0n1p1 371M 97M 247M 29% /boot
tmpfs 1.6G 72K 1.6G 1% /run/user/1000