platforms: Add persist partition for QTEE secure storage on Talos#104
platforms: Add persist partition for QTEE secure storage on Talos#104jiaxli-QC wants to merge 1 commit intoqualcomm-linux:mainfrom
Conversation
jiaxli-QC
requested review from
lumag,
ndechesne,
sbanerjee-quic and
vkraleti
as code owners
lumag
left a comment
lumag
left a comment
There was a problem hiding this comment.
Is LUN5 a part of the default provisioning or do users need to reprovision the UFS?
|
I believe this will require users to reprovision the UFS. |
LUN5 should be a partition defined and managed by Qualcomm. We aim to support persistent partitioning on Qualcomm's platform for storing encrypted security files. |
You didn't answer the question, did you? |
|
@lumag and @ricardosalveti are correct. This didn't come up earlier in our discussion but a reprovisioning would definitely be required with a new LUN 5. Should we go ahead and work with storage folks to ask for this provisioning file here? I can see that the obvious impact will be that any customers which have started using Talos and refuse to reprovision will not be able to get any of our security features enabled. I'm wondering if defining the persist partition within LUN4 itself makes sense considering this scenario. |
|
@harshaldev27 if we have enough space in existing LUN, from my opinion, it would be preferable to use it instead of forcing the reprovisioning (otherwise we'd need to document it here, in the meta-qcom, etc.). |
|
Hi @ricardosalveti, @lumag. I had a chat with storage folks and also checked the provisioning files for UFS for Talos. It appears that LUN5 is already available in the provisioning files with a size of 128 MB. So I think we should be good with this PR where @jiaxli-QC is defining partition in LUN5. I am waiting for him to validate this on target, he is having trouble getting his hands on a UFS device, so let's see. |
jiaxli-QC
force-pushed
the
Enable_Persist_Partition
branch
from
041918a to
a59e40e
Compare
|
@shoudil can you help review these changes as well? |
Hi @lumag , @harshaldev27 , I have updated the persist partition change for qcs615 platfrom, and successfully validated it on the device.. 
|
jiaxli-QC
force-pushed
the
Enable_Persist_Partition
branch
from
a59e40e to
b0fdd38
Compare
jiaxli-QC
changed the title
|
I can see that the provision_default.xml available publicly here has the LUN5 defined for size 128 MB: Thanks @shoudil for helping to confirm this. |
lumag
left a comment
lumag
left a comment
There was a problem hiding this comment.
PLease write commit message describing the reasons for the change rather than a bulleted summary of the patch contents. Mention that reprovisioning is not required.
Add a 30 MB persist partition on protected RW LUN5 for both the IQ-615-EVK and QCS615-RIDE boards to provide a dedicated file storage area for QTEE. Qualcomm's QTEE leverages a GPFS (Generic Persistent File System) interface library to enable encrypted file storage and secure data retrieval. The persist partition and QTEE operate independently, so no specific QTEE version dependency is introduced. LUN5 is already provisioned on Talos boards; no reprovisioning is required. For partition layout reference, see: https://artifacts.codelinaro.org/ui/native/codelinaro-le/Qualcomm_Linux/QCS615/ Changes: - IQ-615-EVK: add 30 MB (30720 KB) persist partition on LUN5 - QCS615-RIDE: add 30 MB (30720 KB) persist partition on LUN5 Signed-off-by: Jiaxing Li <jiaxli@qti.qualcomm.com>
jiaxli-QC
force-pushed
the
Enable_Persist_Partition
branch
from
b0fdd38 to
f923a87
Compare
jiaxli-QC
changed the title
Updated. Many thanks for your support. |
lumag
left a comment
lumag
left a comment
There was a problem hiding this comment.
Changes:
Drop the section. Also please report it to your AI tool, if you are using anything, to stop inserting such summarys.
| #This is LUN 5 - Protected Read-write LUN | ||
| #QCOM development requirement: Ensure all partitions in LUN5 is a multiple of 128k. | ||
| --partition --lun=5 --name=persist --size=30720KB --type-guid=6C95E238-E343-4BA8-B489-8681ED22AD0B | ||
| --partition --lun=5 --name=last_parti --size=0KB --type-guid=00000000-0000-0000-0000-000000000000 |
There was a problem hiding this comment.
Please split this into 2 different commits.
4 participants
Add a 30 MB persist partition on protected RW LUN5 for both the IQ-615-EVK and QCS615-RIDE boards to provide a dedicated file storage area for QTEE.
Qualcomm's QTEE leverages a GPFS (Generic Persistent File System) interface library to enable encrypted file storage and secure data retrieval. The persist partition and QTEE operate independently, so no specific QTEE version dependency is introduced.
LUN5 is already provisioned on Talos boards; no reprovisioning is required. For partition layout reference, see: https://artifacts.codelinaro.org/ui/native/codelinaro-le/Qualcomm_Linux/QCS615/
Changes:
The persist partition was discussed in Issue87 , and approved add persist partition as LUN5 for UFS device.