We are making a custom telematics product using the IMX8M. We would like to know if its possible to encrypt selective partitions like the rootfs etc.Also we want to make sure encryption is done using the SoC's hardware blocks like CAAM. If there is any detailed documentation regarding how this can be achieved, please point us to the same.
Thanks for sharing this document which I have gone through. The document explains encrypting partition using 'dmsetup'. We are looking at encrypting the root file system partition and few other partitions like user data partition etc. How does the kernel be able to mount the encrypted rootfs and other partitions ?
App note AN12714 (i.MX Encrypted Storage Using CAAM Secure Keys), Rev. 1 — 11/2020,
describes how to use the DM-crypt.
Basically DM-crypt may be used to encrypt partitions, but we do not have examples