Just FYI, but at least with Apple’s implementation, the onboard SSD is cryptographically linked with the security coprocessor. Even if you could remove the SSD, there is nothing useful that can be done (unless you count erasing the drive as useful)
Conversation
Apple's SSD controller is *in* the SoC. What you can pull off of the board is basically raw flash memory with a custom interface, so not exactly easy to do data recovery on, even ignoring the crypto.
1
12
yes, on apple (especially M1) the flash memory is entirely useless if you take it off the board.
i don’t know to what extent that is true on my dell, but either way, that still sucks that it’s all on one board there too
1
2
At least there are security reasons for the crypto stuff, and security and performance reasons to put the controller in the SoC... Other vendors just solder down generic NVMe for no damn reason.
3
5
UFS/NVMe controller in the SoC is how most mobile devices work.
Snapdragon has similar inline encryption/decryption support, but it's optional to use in the wrapped key mode where the OS can't access the keys. Even when it's not in wrapped key mode, keys are usually hw bound.
3
2
I'm pretty sure putting the NVMe controller in the SoC is not that common, considering we're having to add platform device NVMe to Linux because the M1 is the first supported SoC where it's not a PCIe device.
1
3
Nearly everyone other than Apple uses UFS rather than NVMe but they do have the storage controller as part of the SoC. I didn't mean that NVMe was common elsewhere but rather that it's normal to have it built-in to the SoC with inline encryption/decryption support for it.
1
2
You can see ext4 and f2fs have inline cryptography hardware support. The current generation implementation of filesystem-based encryption and the hardware support for it isn't available in the mainline kernel yet though. It tends to lag a couple years behind what's shipping.
1
Sure, for phones. We were talking about laptops here, though ;)
1
I think ARM Chromebooks are usually using UFS SSD via an SoC storage controller now. I'd expect Windows ARM laptops are taking the same approach.
NVMe is still better for a very high-end SSD so Qualcomm, etc. will probably integrate it the same way they do UFS for desktops.
1
They have more incentive than Apple to put it all in the SoC since it locks in sales.
For example, no laptop using qualcomm.com/products/snapd is going to use Broadcom Wi-Fi because Snapdragon includes Atheros Wi-Fi/Bluetooth implemented as extra sandboxed processes on the baseband.
