Hi, i would like to add a partition to image.json and set the mkfs_options for formatting.
Actually im working with fs-verity and need a partition formatted with “-O verity” - but general info on adding to image.json/Easyinstaller could be usefull.
Regards Paul
Hi, I’m the Toradex AI Assistant.
I might make mistakes. Our support team will step in if needed. If I answered your question, please tick the “Solution” checkbox. For follow-up questions to me, please use @ToradexAI in your post.
Did you like my answer? 
Hello Paul,
You can add a new partition and set custom formatting options (such as -O verity for fs-verity support) in your image.json for Toradex Easy Installer by configuring the blockdevs section. Below is an example of how you can achieve this:
"blockdevs": [
{
"name": "emmc",
"partitions": [
{
"partition_size_nominal": 128, // Size in MB
"want_maximised": false, // Set to true if you want this partition to take all remaining space
"content": {
"filesystem_type": "ext4", // Choose ext3/ext4/fat
"mkfs_options": "-O verity", // mkfs options for fs-verity
"label": "VERITY_PART"
}
}
]
}
]
Key Properties:
You can find further details on these properties in the Toradex Easy Installer documentation:
Let me know if you have further questions!
Best regards,
Toradex AI Assistant.
Adding to image.json “manually” is not the problem - can it be done from YOCTO (without replacing the complete image_type_tezi.bbclass)
Alternatively, can the tdx-tezi-data-partition get the “-O verity” format flag ?
Additional variables from the
image_type_teziclass in themeta-toradex-bsp-commonlayer can be used to customize the creation of the data partition.
How could the equivalent of TEZI_ROOT_FSOPTS be set for tdx-tezi-data-partition?
OK - tried a few things
TEZI_DATA_FSOPTS = “-O verity”
TDX_TEZI_DATA_PARTITION_FSOPTS = “-O verity”
dont know which one did it, but its in image.json under the /data partition
Monday ill check it on the target 
Hi @BDSKPEF !
Great to see that you managed to solve it!
Also, thanks a lot for sharing the found solution with the community. Very helpful!
Have a nice day!
Best regards,
There is the TEZI DATA partition as you discovered.
I assume you inherited from the tezi_data class?
Anything more advanced than that and your easiest bet would be to apply git patches to the bsp layer.
I had a patch to do pretty much that as I create a total of 7 partitions and also swap to using GPT table too on one of my projects.
If useful I could post the patch I use as an example.
Yes i was allready using the tdx-tezi-data-partition class, just needed the verity format. It could be useful to split overlay, verity and data into more partitions, so your solution as example would be much appreciated.
Regards
Paul
Unfortunately the task of adding parameters to mkfs_options worked, but easyinstaller fails with “invalid option verity”.
(filesystem_type is set to ext4)
On the last successfull install unmounting the partition and running mkfs.ext4 -O verity worked.
Could you please share more details of your setup?
Best regards
Hi @pfarre,
@izzycoding here (on my work account).
Here are the kirkstone patches I currently apply to the BSP layer…
Note: these are a work in progress and at some point I will tidy them up and re-create these on scarthgap and submit as potential new features to the BSP layer (sadly no new features will be added to kirkstone).
Addition of dual rootfs (basically copies whatever the existing rootfs is into a second partition:
0001-Adding-dual-rootfs-support.patch (1.8 KB)
Adding data partition creation (extracts the data directory from rootfs to put in a separate partition)
0002-Adding-data-partition-image-creation.patch (5.0 KB)
Adds ability to have dual bootfs deployment (e.g. iMX8MP has 2 bootloader locations that can be used; however, this is not supported on all iMX modules)
0003-Adding-dual-bootloader-and-bootfs-support.patch (4.0 KB)
Adding the ability to use GPT table instead of MBR (this enables ability to create more partitions than MBR can support OOB)
0004-Adding-GPT-partition-table-configuration.patch (3.6 KB)
General fixes for the previous patches to make it work (mostly datafs fixes)
0005-Corrections-for-datafs-image-type.patch (6.7 KB)
Hopefully these will help in some way.
Regarding the verity partition images, I would take a look at the meta-toradex-security layer and see how they define the variables when enabling the secure-boot and kernel hardening (which can also protect the rootfs as a verity image).
This is what I am using on top of these BSP patches and it seems to work very well in our case.
Regards,
Izzy
Hi Henrique,
Getting YOCTO to generate image.json with the mkfs_options worked ok with the TEZI_DATA_FSOPTS.
When running EasyInstaller and in the part where it creates the data partition i get the shown error. (It is quite likely that its the old version that i am using - ill upgrade and retry on monday)
Best Regards
HI @izzy_building ,
thanks for sharing - will open posibilities for the partition layout.
We are using dm-verity for the rootfs. The format option is to use fs-verity at runtime to check individual files.
Best Regards
Paul
Hi @BDSKPEF,
I think the tdx security layer does the rootfs verity stuff already.
Using that as a guide may help for what is needed in the options you’re looking for.
At a file level though I am not too sure.
My project has not got to per-file stuff yet (but it’s on the near horizon).
I am hoping when we can move to scarthgap I will be able to submit feature patches to simplify the whole partition creation process.
I have plans to make it easy to add as many as you need (we have 3 builds that vary between 5 and 12 partitions).
I am also working on making the encryption of partitions a bit easier as we need 3 different ones encrypted (kind of per user thing).
Regards,
Izzy
