My goal is to be able to write encrypted files to disk with high performance on an LS1046A platform.
I’m testing LUKS (cryptsetup) to encrypt a drive partition on an SSD connected via SATA to the LS1046ARDB development board.
I’ve built Linux with both QorIQ(v2.0-1703) and LSDK(19.09) with several options for encryption enabled including:
DM_CRYPT
CRYPTO_DEV_FSL_CAAM_JR
I’ve added cryptsetup, either by
apt-get install cryptsetup (QorIQ)
or
Adding IMAGE_INSTALL_append = “ cryptsetup” to conf/local.conf (LSDK)
With both builds I can create and open the LUKS format mapped device using:
cryptsetup -y luksFormat /dev/sda1
cryptsetup luksOpen /dev/sda1 encrypted_ssd
When I try to format to ext4, there is a hang at “Writing superblocks and filesystem accounting information:”
If I create the LUKS partition and format in another Ubuntu PC and then move the drive to the LS1046ARDB platform, it can see and interact with the partition. However, copying files to the drive doesn’t seem to actually write the files and a “sync” command hangs the system.
I attempted to apply the kernel patch from this thread but received the same partially failed output as others: https://community.nxp.com/thread/476928
My kernel version is 4.19.68 and doesn’t seem compatible with the patch.
Two main questions:
1) What do I need to do to get dm-crypt/LUKS drive encryption on the LS1046ARDB?
2) Should I follow another path to encrypting files with CAAM support?
Thanks,
Alex
