RE : Authenticating yocto rootfile system

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

RE : Authenticating yocto rootfile system

Jump to solution
941 Views
khaleel
Contributor I

Hello

Currently i'm working on secure boot. I need to authenticate the rootfilesystem (yocto). 

Please provide me, if any documentations/procedures available.

Thanks & Regards

khaleel

Labels (1)
0 Kudos
1 Solution
929 Views
igorpadykov
NXP Employee
NXP Employee

Hi khaleel

 

one can look at tutorial on

https://www.timesys.com/security/secure-boot-encrypted-data-storage/

Secure appnotes on below link, like AN12714 i.MX Encrypted Storage Using CAAM Secure Keys

https://www.nxp.com/products/processors-and-microcontrollers/arm-processors/i-mx-applications-proces...

 

Best regards
igor

View solution in original post

0 Kudos
4 Replies
930 Views
igorpadykov
NXP Employee
NXP Employee

Hi khaleel

 

one can look at tutorial on

https://www.timesys.com/security/secure-boot-encrypted-data-storage/

Secure appnotes on below link, like AN12714 i.MX Encrypted Storage Using CAAM Secure Keys

https://www.nxp.com/products/processors-and-microcontrollers/arm-processors/i-mx-applications-proces...

 

Best regards
igor

0 Kudos
915 Views
khaleel
Contributor I

Hi igor,

Thank you very much for the documentation.

As of now i'm only trying to Authenticate rootfile sytem using dm-verity and i don't want to Encrypt it.

Mostly dm-verity is used in Android devices, As it is kernel’s device mapper module i believe it should support for linux device  too. 

I didn't find a document implementing dm-verity to verify linux rootfile system. If you have a procedure please share with me. 

Regards

Khaleel

0 Kudos
337 Views
imx8-mdt
Contributor I

@khaleel 

 

have you implemented the dm-verity on linux ,rather than Android?

I face the same task as you.

Is there any documents to refer to?

0 Kudos
902 Views
igorpadykov
NXP Employee
NXP Employee

Hi Khaleel

 

unfortunately I am not aware of other documents, except provided on above link.

 

Best regards
igor

0 Kudos