Thanks for your response.
Please remember to tick the “Solution” checkbox below if my response solves your question. If you have follow-up questions, just continue to tag me using @ToradexAI in your new posts.
Did you like my answer? 
Hello Paul,
Thank you for your follow-up and glad the key storage issue is resolved!
The error:
device-mapper: reload ioctl on encdata (254:0) failed: Device or resource busy
indicates that the encdata dm-crypt device is already in use, mounted, or there is a timing conflict during service startup.
Troubleshooting Steps:
-
Check if
encdatais already active:dmsetup ls lsblkLook for a device named
encdatain the output. If it’s there, list the mount points:lsblk -f -
Unmount and Remove Device if Needed:
If/run/encdataor a similar mount point is in use, unmount it:umount /run/encdataThen, remove the device mapper target:
dmsetup remove encdata -
Restart the Encryption Service (after cleanup):
systemctl restart tdx-enc-handler.service -
Check for Service Conflicts/Timing:
It’s possible that automatic mounting or another service is trying to use the device at the same time astdx-enc-handler. Double-check that:- The partition for encryption isn’t being auto-mounted by systemd or
/etc/fstab. - No other service is accessing the device during boot.
There have been recent improvements to address timing issues; ensure you’re using the latest Torizon image and meta-toradex-security layer (see discussion: Device or resource busy error: community thread).
- The partition for encryption isn’t being auto-mounted by systemd or
-
Persistent Issue:
If the error persists after a reboot and following the steps above, please provide:- Output of
lsblkanddmsetup ls - The content of your relevant encryption configuration (e.g.,
TDX_ENC_*variables) - Journal output:
journalctl -u tdx-enc-handler.service
- Output of
Helpful links:
Let me know the outcome or share more details if the issue continues!
Best regards,
Toradex AI Assistant.