MMG-DG
commented
6 months ago Have made a quick fix for this issue. Please ignore the first linked changes (I am on windows and managed to mess up the commit).
Closed MMG-DG closed 5 months ago
MMG-DG
commented
6 months ago Have made a quick fix for this issue. Please ignore the first linked changes (I am on windows and managed to mess up the commit).
sergioprado
commented
6 months ago Interesting. I am not sure if this can be done transparently via dmsetup, but can certainly be done by the script that handles the encryption.
I linked your PR (https://github.com/toradex/meta-toradex-security/pull/26) to this issue.
MMG-DG
commented
6 months ago @sergioprado - Can you unlink the old PR and link the new one #27 to this now I have updated it correctly this time.
Howdy,
I have been playing with the latest caam encryption code in my dev environment and have noticed that the partition to be encrypted will be formatted on initial setup.
Is it (or could it be) possible to check if the partition contains data and move it before encrypting the partition and then move the data back after? I have my build configured to put data into my "soon-to-be-encrypted" partition, but then once it is mounted it is empty. It would be nice if the encryption setup accounted for any data on the partition before potentially wiping it.
Not sure if dmsetup has the ability to encrypt the partition with data in-place, or if it would be possible to "detect" any data and move to a RAM-Drive while setting up the encrypted partition, and then move back once setup is completed?