I have just been given the task to “clean-up” my custom layers now and have added some patches that may be useful for you to one of my other questions on here is-there-an-easy-way-to-create-a-dual-rootfs-tezi-image.
The first patch adds the dual rootfs partitions and the second one applies the data partition extraction.
I apply these to the relevant layers using git am -3 --ignore-whitespace --ignore-space-change --signoff < {patch-file-path} after I have done a repo sync.
With these in place, I can then just put anything I need as normal into the rootfs under the required data mountpoint (see: TDX_TEZI_DATA_PARTITION_MOUNTPOINT). Make sure you also set TDX_ENC_STORAGE_MOUNTPOINT to the same path if encrypting it.
I am currently running tests on my builds to make sure it works as expected. Hopefully something like this will be added to the Toradex BSP and Security layers soon.
Regards,