- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
已解决
08-19-2025
09:20 AM
708 次查看
I am trying to encrypt my squashfs rootfs for imx93 during build time. I am using yocto
i tried fetching below document but i am unable to
https://community.nxp.com/docs/DOC-342300
can you please help me to point to proper documentation related to encrypting squashfs of rootfs
已解决! 转到解答。
1 解答
08-21-2025
12:41 PM
625 次查看
Hello,
We do not have documentation available for this, but you may use as a reference one of our partners implementation for this kind of use case:
https://github.com/toradex/meta-toradex-security/blob/kirkstone-6.x.y/docs/README-encryption.md
You may create the layer the same way they are using it, so it is indeed possible
https://github.com/toradex/meta-toradex-security/tree/kirkstone-6.x.y
Best regards/Saludos,
Aldo.
4 回复数
08-19-2025
01:22 PM
683 次查看
Hello,
For this you may refer to the Linux Kernel documentation:
https://github.com/nxp-imx/linux-imx/tree/lf-6.12.y/Documentation/security/keys
https://github.com/nxp-imx/linux-imx/blob/lf-6.12.y/Documentation/security/keys/trusted-encrypted.rs...
https://github.com/nxp-imx/linux-imx/blob/lf-6.12.y/Documentation/security/keys/ecryptfs.rst
Best regards/Saludos,
Aldo.
08-19-2025
07:43 PM
659 次查看
I have reviewed section 10.5.5 and would like to implement a similar encryption approach. Our requirement is to encrypt the production-ready SquashFS image during build time in Yocto. However, using /dev/mapper is not feasible since it requires root privileges.
Is there any method or documentation available for integrating dm-crypt-based encryption directly into a Yocto recipe?
08-21-2025
12:41 PM
626 次查看
Hello,
We do not have documentation available for this, but you may use as a reference one of our partners implementation for this kind of use case:
https://github.com/toradex/meta-toradex-security/blob/kirkstone-6.x.y/docs/README-encryption.md
You may create the layer the same way they are using it, so it is indeed possible
https://github.com/toradex/meta-toradex-security/tree/kirkstone-6.x.y
Best regards/Saludos,
Aldo.
08-19-2025
01:28 PM
682 次查看
Hi,
I forgot to mention that you may also check our Linux documentation, i.MX Linux User's Guide Chapter 10 Security & 10.5.5 DM-Crypt usage on i.MX Platforms without CAAM hardware IP
Since i.MX93 does not have have CAAM hardware IP enabled.
Best regards/Saludos,
Aldo.
