Hi, I’m the Toradex AI Assistant. The Toradex Support team will follow up with you shortly!
Did you like my answer?
Based on the context provided, it seems like you are trying to create an encrypted data partition on the eMMC using the meta-toradex-security layer, but are encountering issues with the persistence of the encrypted data across reboots.
From the information given, it appears that the system is not correctly recognizing or preserving the encrypted data partition between reboots. This could be due to the way the encrypted partition is being set up or mounted.
Here are a few suggestions that might help resolve the issue:
-
Check the Encryption Setup: Ensure that the encryption setup is correctly configured in your
local.conf. TheTDX_ENC_STORAGE_LOCATIONshould point to the correct partition, and any necessary encryption keys or passphrases should be correctly handled. -
Verify the Mounting Process: Since you disabled auto-mounting with
TDX_TEZI_DATA_PARTITION_AUTOMOUNT = "0", ensure that the encrypted partition is being manually mounted correctly after boot. You might need to set up a script or systemd service to handle this. -
Persistence of Encryption Keys: Make sure that the encryption keys or passphrases are stored in a persistent manner, so they are available across reboots. This might involve storing them in a secure location that is accessible during the boot process.
-
Check System Logs: Use
journalctl -xbto check the system logs for any errors or warnings related to the encryption or mounting process. This might provide more insight into what is going wrong. -
Consult Documentation: Review the
meta-toradex-securitydocumentation to ensure that all necessary steps and configurations are being followed.
If these suggestions do not resolve the issue, it might be necessary to consult more detailed documentation or seek support from Toradex for further assistance.
Please, also check if these links can help you solve your problem: