Greetings,
I am working on implementing an encrypted root filesystem on my SoC with the i.MX8MP. So far, I have created a ramdisk image and have CAAM functionality integrated with initramfs.
Now, I want to use the CAAM engine to handle encryption and decryption tasks. However, I am uncertain about how to ensure that CAAM generates the same key pair at each boot. I have already burned my SRK fuses and enabled secure boot, so I assumed CAAM could generate a unique key pair specific to my i.MX8MP. However, I lack understanding of how to implement this.
I have reviewed the relevant documentation, but I need further guidance on a deterministic key generation approach using CAAM.
Any tips or references would be greatly appreciated.
