- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- Wireless Connectivity
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- MCUXpresso Training Hub
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
-
- Home
- :
- i.MX Forums
- :
- i.MX Processors
- :
- DM-Crypt with CAAM key Encrypted Filesystem Corrupt After Reboot
DM-Crypt with CAAM key Encrypted Filesystem Corrupt After Reboot
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
DM-Crypt with CAAM key Encrypted Filesystem Corrupt After Reboot
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello, I am using the iMX8M Mini SoC and am going through the app note (Rev 1 11/2020) Section 3.2 Usage (https://www.mouser.com/pdfDocs/AN12714.pdf). Kernel version is 5.4.70. I am able to complete everything (create tagged key, dummy image, ext4 filesystem, encrypt using dmsetup target crypt, etc). However, after the reboot and following the steps to mount the encrypted image fails. This is what is shown:
sudo mount /dev/mapper/encrypted /mnt/encrypted/
mount: /mnt/encrypted: wrong fs type, bad option, bad superblock on /dev/mapper/encrypted, missing codepage or helper program, or other error.And when checking the integrity of the filesystem using fsck, it also reports bad superblock, leading me to believe something might be corrupted after rebooting.
e2fsck /dev/mapper/encrypted
e2fsck 1.44.5 (15-Dec-2018)
ext2fs_open2: Bad magic number in super-block
e2fsck: Superblock invalid, trying backup blocks...
e2fsck: Bad magic number in super-block while trying to open /dev/mapper/encrypted
The superblock could not be read or does not describe a valid ext2/ext3/ext4
filesystem. If the device is valid and it really contains an ext2/ext3/ext4
filesystem (and not swap or ufs or something else), then the superblock
is corrupt, and you might try running e2fsck with an alternate superblock:
e2fsck -b 8193 <device>
or
e2fsck -b 32768 <device>Any suggestions or thoughts would be appreciated!
Harvey021
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have you run caam-keygen import: # ./caam-keygen import /data/caam/randomkey.bb importKey
before running: # cat /data/caam/importKey | keyctl padd logon logkey2: @s
Because this key has to be re-injected every time it is powered up
Best regards
Harvey
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, I'm able to import the key and add to keyctl from blob after rebooting every time. I can also create the encrypted device mapper device using the same block device before the power cycle but when mounting, it will report 'corrupted filesystem'. Do I need to boot in Secure Mode? I don't believe I am doing that.
Harvey021
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @nsleung
I've just followed up the guide to experiment it again. there is no such issue arise.
There would be probably required tools missed liek "coreutils keyutils lvm2 e2fsprogs-mke2fs util-linux"" which states in
section 8. Add required tools to build by editing conf/local.conf file and appending.
Best regards
Harvey
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the suggestion, I do have those additional utilities built in
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @nsleung ,
were you ever able to solve the problem? I see the exact same issue when using CAAM+dmcrypt on a iMX8MP running Yocto kirkstone & kernel 5.15.x
