a trend with laptops that needs to die is this whole "lets just put the NVMe directly on the motherboard" thing. apple started it, but now other vendors have followed. i shouldn't have to do impromptu board repair to save my data.
13
21
155
Conversation
Replying to
Just FYI, but at least with Apple’s implementation, the onboard SSD is cryptographically linked with the security coprocessor. Even if you could remove the SSD, there is nothing useful that can be done (unless you count erasing the drive as useful)
1
9
Apple's SSD controller is *in* the SoC. What you can pull off of the board is basically raw flash memory with a custom interface, so not exactly easy to do data recovery on, even ignoring the crypto.
1
12
yes, on apple (especially M1) the flash memory is entirely useless if you take it off the board.
i don’t know to what extent that is true on my dell, but either way, that still sucks that it’s all on one board there too
1
2
At least there are security reasons for the crypto stuff, and security and performance reasons to put the controller in the SoC... Other vendors just solder down generic NVMe for no damn reason.
3
5
UFS/NVMe controller in the SoC is how most mobile devices work.
Snapdragon has similar inline encryption/decryption support, but it's optional to use in the wrapped key mode where the OS can't access the keys. Even when it's not in wrapped key mode, keys are usually hw bound.
3
2
I'm pretty sure putting the NVMe controller in the SoC is not that common, considering we're having to add platform device NVMe to Linux because the M1 is the first supported SoC where it's not a PCIe device.
1
3
Nearly everyone other than Apple uses UFS rather than NVMe but they do have the storage controller as part of the SoC. I didn't mean that NVMe was common elsewhere but rather that it's normal to have it built-in to the SoC with inline encryption/decryption support for it.
You can see ext4 and f2fs have inline cryptography hardware support. The current generation implementation of filesystem-based encryption and the hardware support for it isn't available in the mainline kernel yet though. It tends to lag a couple years behind what's shipping.
1
Sure, for phones. We were talking about laptops here, though ;)
1
Show replies