TrustFence support in Digi Embedded Yocto is encapsulated in the TrustFence class.
This class must be inherited into your project’s conf/local.conf
configuration file to use TrustFence support:
INHERIT += "trustfence"
The TrustFence class configures a set of default configuration options, including:
-
Secure boot with both signed and encrypted images
-
U-Boot environment encryption
-
Encrypted root file system
Trustfence features are only fully supported on closed devices. See Secure boot overview. |