AnsweredAssumed Answered

Encryption of kernel,rootfs, etc with OTPMK

Question asked by Ketkee Deshpande on Jan 14, 2020
Latest reply on Jan 16, 2020 by bpe

Hi,

I am implementing secure boot from SD card on LS1043ARDB. For which I have blown all necessary flags i.e OTPMK and SRKH. I want to implement chain of trust with confidentiality for which I enabled encap and decap bootscripts. After creating and flashing secure image in SD card I booted the LS1043ARDB board. After that when I connected SD card to laptop I found the contents of SD card (like rootfs, etc) are accessible whearas it is expected that those contents should be unaccessible. So it means the SD card contents are not properly encrypted. What do I need to do to make sure that the kernel, rootfs, etc in SD card are encrypted properly? How will I validate that?

Outcomes