ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Request for Documentation on Encrypting SquashFS RootFS with Yocto for i.MX93

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 
解決済み
ソリューションへジャンプ

Request for Documentation on Encrypting SquashFS RootFS with Yocto for i.MX93

ソリューションへジャンプ
‎08-19-2025 09:20 AM
473件の閲覧回数
udayMouli
Contributor I

I am trying to encrypt my squashfs rootfs for imx93 during build time. I am using yocto
i tried fetching below document but i am unable to
https://community.nxp.com/docs/DOC-342300
can you please help me to point to proper documentation related to encrypting squashfs of rootfs

ラベル(1)
ラベル
0 件の賞賛
返信
1 解決策

ソリューションへジャンプ
‎08-21-2025 12:41 PM
390件の閲覧回数
AldoG
NXP TechSupport
NXP TechSupport

Hello,

We do not have documentation available for this, but you may use as a reference one of our partners implementation for this kind of use case:
https://github.com/toradex/meta-toradex-security/blob/kirkstone-6.x.y/docs/README-encryption.md

You may create the layer the same way they are using it, so it is indeed possible
https://github.com/toradex/meta-toradex-security/tree/kirkstone-6.x.y

Best regards/Saludos,
Aldo.

元の投稿で解決策を見る

0 件の賞賛
返信
4 返答(返信)

ソリューションへジャンプ
‎08-19-2025 07:43 PM
424件の閲覧回数
udayMouli
Contributor I

I have reviewed section 10.5.5 and would like to implement a similar encryption approach. Our requirement is to encrypt the production-ready SquashFS image during build time in Yocto. However, using /dev/mapper is not feasible since it requires root privileges.
Is there any method or documentation available for integrating dm-crypt-based encryption directly into a Yocto recipe?

0 件の賞賛
返信

ソリューションへジャンプ
‎08-21-2025 12:41 PM
391件の閲覧回数
AldoG
NXP TechSupport
NXP TechSupport

Hello,

We do not have documentation available for this, but you may use as a reference one of our partners implementation for this kind of use case:
https://github.com/toradex/meta-toradex-security/blob/kirkstone-6.x.y/docs/README-encryption.md

You may create the layer the same way they are using it, so it is indeed possible
https://github.com/toradex/meta-toradex-security/tree/kirkstone-6.x.y

Best regards/Saludos,
Aldo.

0 件の賞賛
返信

ソリューションへジャンプ
‎08-19-2025 01:28 PM
447件の閲覧回数
AldoG
NXP TechSupport
NXP TechSupport

Hi,

I forgot to mention that you may also check our Linux documentation, i.MX Linux User's Guide Chapter 10 Security & 10.5.5 DM-Crypt usage on i.MX Platforms without CAAM hardware IP

Since i.MX93 does not have have CAAM hardware IP enabled.

Best regards/Saludos,
Aldo.

0 件の賞賛
返信