Tool/software:
I'm trying to setup automatic partition encryption/decryption using OPTEE trusted keys, but I have been unsuccessful at enabling this feature.
The following command I am trying fails:
root@v1:~$ keyctl add trusted kmk "new 32" @s add_key: No such device
I'm building from Yocto Scarthgap and have verified the version of ti-fs-firmware-am62x-hs-enc.bin used is 10.01.00.10 (according to git log the commit pulled is 1eaf07dc).
All testing is done on an SK-AM62B-P1 devboard that has been configured as HS-SE.
The keyutil package has been added to my Yocto recipe to enable using keyctl.
The TRUSTED_KEYS, TPM-based trusted keys, and TEE-based trusted keys have been configured in menuconfig.
I've verified the menuconfig has propagated into the kernel by dumping the running /proc/config.gz and I verified I see:
CONFIG_TRUSTED_KEYS=y CONFIG_TRUSTED_KEYS_TPM=y CONFIG_TRUSTED_KEYS_TEE=y
I also tried building these as modules and installing them using "modprobe trustedkeys" but the keyctl command still failed.
Any ideas on what to further investigate are greatly appreciated!
Thanks,
