Hello,
I am using Jetson Xavier NX production board. I have been trying to enable disk encryption for last few weeks with no success. I am not considering secure boot at this moment. Now my question is “Does it necessary to enable secure boot before disk encryption?”.
I’ve never test this, however, it’s worth a try to test disk encryption without SBK.
it’s Trusty retrieves user_key from eks.img, and loads the key for decryption.
so,
you should see this session, Tool for EKB Generation, for using EKB generation tool by running the python script, gen_ekb.py to generate eks.img
(note, sym.key is the user_key has mentioned above.)
please update the eks.img to the target accordingly then test the disk encryption functions.
thanks