ATA defines the ATA Security feature set, more commonly known as the ability to set a “hard drive password.” Most modern SSDs use this password to derive an encryption key.
NVMe is a relatively new interface to attach SSDs directly to the PCIe bus instead of using SATA. This of course means that most ATA features are not directly supported, but some drives do support the ATA Security feature set through a compatibility layer.
This repository contains Linux tools to deal with such drives.
You will want to use this kernel patch.
mkinitcpio hook to ask for drive passwords during boot.
Userspace tool to configure and use passwords on such drives.
nvme-ata-security is written in Rust. You can install it using your system's package manager (package name: cargo, probably) or directly, see https://www.rust-lang.org/tools/install. With Rust installed:
cd user
cargo build
To run:
cargo run
or
target/debug/nvme-ata-security