iMX8 CAAM - How to create a dm-crypt block device in /dev/mapper without wiping it?

I can create a dm-crypt filesystem with:

root@smarcimx8mq4g:~# cat /data/caam/randomkey | keyctl padd logon logkey: @s
731358804

root@smarcimx8mq4g:~# dmsetup -v create encrypted --table "0 $(blockdev --getsz /dev/mmcblk1p3) crypt capi:tk(cbc(aes))-plain :36:logon:logkey: 0 /dev/mmcblk1p3 0 1 sector_size:512"

(I'm using the imx8's CAAM's implementation of `tk(cbc(aes))`.)

This is fine for the initial creation of the encrypted volume.  I then run "mkfs.ext4 /dev/mapper/encrypted" and "mount /dev/mapper/encrypted /mnt".

On subsequent reboots, this wipes the data in /dev/mmcblk1p3. I can mount /dev/mapper/encrypted, but only once I've run mkfs.ext4 on it again.  Otherwise I get superblock errors:

root@smarcimx8mq4g:/data/caam# cat randomkey | keyctl padd logon logkey: @s
165039862

root@smarcimx8mq4g:/data/caam# dmsetup -v create encrypted --table "0 $(blockdev --getsz /dev/mmcblk1p3) crypt capi:tk(cbc(aes))-plain :36:logon:logkey: 0 /dev/mmcblk1p3 0 1 sector_size:512"
Name:              encrypted
State:             ACTIVE
Read Ahead:        256
Tables present:    LIVE
Open count:        0
Event number:      0
Major, minor:      252, 0
Number of targets: 1

root@smarcimx8mq4g:/data/caam# mkfs.ext4 /dev/mapper/encrypted 
mke2fs 1.46.2 (28-Feb-2021)
Creating filesystem with 6741631 4k blocks and 1687552 inodes
Filesystem UUID: 943f96ad-a875-425c-8d0e-808b929bdd1b
Superblock backups stored on blocks: 
	32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 
	4096000

Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done   

root@smarcimx8mq4g:/data/caam# mount /dev/mapper/encrypted /mnt

root@smarcimx8mq4g:/data/caam# date > /mnt/date.txt

root@smarcimx8mq4g:/data/caam# reboot

The system is going down for reboot NOW!

root@smarcimx8mq4g:/data/caam# cat randomkey | keyctl padd logon logkey: @s
165039862

root@smarcimx8mq4g:/data/caam# dmsetup -v create encrypted --table "0 $(blockdev --getsz /dev/mmcblk1p3) crypt capi:tk(cbc(aes))-plain :36:logon:logkey: 0 /dev/mmcblk1p3 0 1 sector_size:512"
Name:              encrypted
State:             ACTIVE
Read Ahead:        256
Tables present:    LIVE
Open count:        0
Event number:      0
Major, minor:      252, 0
Number of targets: 1

root@smarcimx8mq4g:/data/caam# mount /dev/mapper/encrypted /mnt
mount: /mnt: wrong fs type, bad option, bad superblock on /dev/mapper/encrypted, missing codepage or helper program, or other error.

I've also tried:

root@smarcimx8mq4g:~# dmsetup -v load encrypted --table "0 $(blockdev --getsz /dev/mmcblk1p3) crypt capi:tk(cbc(aes))-plain :36:logon:logkey: 0 /dev/mmcblk1p3 0 1 sector_size:512"
device-mapper: reload ioctl on encrypted failed: No such device or address
Command failed.

(I expect that nothing other than "create" will create the /dev/mapper/encrypted node.)

How do I use dm-crypt to get access to the encrypted data, using the same key, after a reboot (which loses /dev/mapper/encrypted)?