HAB is a nice solution to protect u-boot and the kernel but we are also looking for a possibility to protect the rootfs. Without protecting the root filesystem it is still possible to make unauthorized changes or reverse engineer the working of our product.
Signing the root filesystem is not an option for us, we need a writable root filesystem. And it should be protected against the possibility to unauthorized read the content. Hopefully is encrypting the root filesystem a possibility.
Can you please provide us access to read the document "Root filesystem encryption using DM-Crypt" ?Any other documentation about protecting the root filesystem is also welcome!
App note AN12714 (i.MX Encrypted Storage Using Secure Keys)
is published now instead of the Community blogs.