帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Request for Documentation on Encrypting SquashFS RootFS with Yocto for i.MX93

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 
已解决
跳至解决方案

Request for Documentation on Encrypting SquashFS RootFS with Yocto for i.MX93

跳至解决方案
‎08-19-2025 09:20 AM
471 次查看
udayMouli
Contributor I

I am trying to encrypt my squashfs rootfs for imx93 during build time. I am using yocto
i tried fetching below document but i am unable to
https://community.nxp.com/docs/DOC-342300
can you please help me to point to proper documentation related to encrypting squashfs of rootfs

标签 (1)
标签
0 项奖励
回复
1 解答

跳至解决方案
‎08-21-2025 12:41 PM
388 次查看
AldoG
NXP TechSupport
NXP TechSupport

Hello,

We do not have documentation available for this, but you may use as a reference one of our partners implementation for this kind of use case:
https://github.com/toradex/meta-toradex-security/blob/kirkstone-6.x.y/docs/README-encryption.md

You may create the layer the same way they are using it, so it is indeed possible
https://github.com/toradex/meta-toradex-security/tree/kirkstone-6.x.y

Best regards/Saludos,
Aldo.

在原帖中查看解决方案

0 项奖励
回复
4 回复数

跳至解决方案
‎08-19-2025 07:43 PM
422 次查看
udayMouli
Contributor I

I have reviewed section 10.5.5 and would like to implement a similar encryption approach. Our requirement is to encrypt the production-ready SquashFS image during build time in Yocto. However, using /dev/mapper is not feasible since it requires root privileges.
Is there any method or documentation available for integrating dm-crypt-based encryption directly into a Yocto recipe?

0 项奖励
回复

跳至解决方案
‎08-21-2025 12:41 PM
389 次查看
AldoG
NXP TechSupport
NXP TechSupport

Hello,

We do not have documentation available for this, but you may use as a reference one of our partners implementation for this kind of use case:
https://github.com/toradex/meta-toradex-security/blob/kirkstone-6.x.y/docs/README-encryption.md

You may create the layer the same way they are using it, so it is indeed possible
https://github.com/toradex/meta-toradex-security/tree/kirkstone-6.x.y

Best regards/Saludos,
Aldo.

0 项奖励
回复

跳至解决方案
‎08-19-2025 01:28 PM
445 次查看
AldoG
NXP TechSupport
NXP TechSupport

Hi,

I forgot to mention that you may also check our Linux documentation, i.MX Linux User's Guide Chapter 10 Security & 10.5.5 DM-Crypt usage on i.MX Platforms without CAAM hardware IP

Since i.MX93 does not have have CAAM hardware IP enabled.

Best regards/Saludos,
Aldo.

0 项奖励
回复