# File-based encryption (Linux Embedded) Source: [https://docs.qualcomm.com/doc/80-88500-2/topic/file_based_encryption_linux_enabled.html](https://docs.qualcomm.com/doc/80-88500-2/topic/file_based_encryption_linux_enabled.html) File-based encryption (FBE) encrypts files with different keys. The ext4, F2FS, and UBIFS file systems support the file encryption using a common API called `fscryptctl`. With `fscryptctl`, encryption is applied at the directory level. `fscryptctl` is also the name of a user space tool. Linux Embedded on the Qualcomm Robotics RB5 device has `fscryptctl` installed in Rootfs and supports FBE using an inline encryption method. Different directories use different encryption keys. In an encrypted directory, file contents, filenames, and symlinks are encrypted. All subdirectories are encrypted too. Nonfilename metadata, such as timestamps, size and number of files, and extended attributes are not encrypted. To support the inline encryption framework, use the following configurations: - `CONFIG_BLK_INLINE_ENCRYPTION=y` - `CONFIG_SCSI_UFS_CRYPTO=y` - `CONFIG_SCSI_UFS_CRYPTO_QTI=y` - `CONFIG_DM_DEFAULT_KEY=y` - `CONFIG_MMC_CQHCI_CRYPTO=y` - `CONFIG_MMC_CQHCI_CRYPTO_QTI=y` - `CONFIG_QTI_CRYPTO_COMMON=y` - `CONFIG_QTI_CRYPTO_TZ=y` - `CONFIG_FS_ENCRYPTION_INLINE_CRYPT=y` - **[Install boot key](https://docs.qualcomm.com/doc/80-88500-2/topic/boot_key_installation.html)** - **[Install user key](https://docs.qualcomm.com/doc/80-88500-2/topic/install_user_key.html)** - **[State of device](https://docs.qualcomm.com/doc/80-88500-2/topic/state_of_device_linux_embedded.html)** - **[Insert standard key](https://docs.qualcomm.com/doc/80-88500-2/topic/standard_key_linux_embedded.html)** - **[Insert wrapped key](https://docs.qualcomm.com/doc/80-88500-2/topic/insert_wrapped_key_linux_embedded.html)** **Parent Topic:** [Build system](https://docs.qualcomm.com/doc/80-88500-2/topic/4_Qualcomm_Robotics_RB5_build_system.html) Last Published: Aug 18, 2023 [Previous Topic Encrypt empty directory](https://docs.qualcomm.com/bundle/publicresource/80-88500-2/topics/59_Encrypt_empty_directory_.md) [Next Topic Install boot key](https://docs.qualcomm.com/bundle/publicresource/80-88500-2/topics/boot_key_installation.md)