I am just trying to flash a external device with encrypted filesystem with:
sudo ROOTFS_ENC=1 ./tools/kernel_flash/l4t_initrd_flash.sh --external-device nvme0n1p1 -c ./tools/kernel_flash/flash_l4t_nvme_rootfs_enc.xml --external-only -S 8GiB jetson-xavier-nx-devkit externa
After flashing my device can boot and file system are encrypted. What I am confuse is that, my ssd have the volume of 1T, but only 279MB is availiable.
The physical size of your NVMe SSD is 945.57GiB
If you want to have 500 GB for rootfs, you could use -S 500GiB in your flash command, and modify num_sectors to 1073741824, which resulting 512*1073741824 = 512GiB
One other question:
If i flash through the default parameter, the passphrase is generate automatically, and the disk is decrypted after boot without entering any passphrase. So I wonder is there any way that I can define my own passphrase and enter the passphrase to decrypt? Any doc that I can refer to ?
Thank you again for your help!