Hello,
I am using Jetson Xavier NX production board. I have been trying to enable disk encryption for last few weeks with no success. I am not considering secure boot at this moment. Now my question is “Does it necessary to enable secure boot before disk encryption?”.

Thanks in advance

hello user159607,

I’ve never test this, however, it’s worth a try to test disk encryption without SBK.
it’s Trusty retrieves user_key from eks.img, and loads the key for decryption.

so,
you should see this session, Tool for EKB Generation, for using EKB generation tool by running the python script, gen_ekb.py to generate eks.img
(note, sym.key is the user_key has mentioned above.)
please update the eks.img to the target accordingly then test the disk encryption functions.
thanks

Hi @JerryChang ,
Thanks for your reply. I can give a try but I didn’t find the python file gen_ekb.py. Can you help me to locate the file path?

Best,
Akter

hello user159607,

it’s in the public release sources package. please download L4T Driver Package (BSP) Sources via Jetson Linux | NVIDIA Developer page,
you should extract trusty_src.tbz2 and you’ll see the python file, ../trusty/app/nvidia-sample/hwkey-agent/CA_sample/tool/gen_ekb/gen_ekb.py

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.