I bought an internal SSD which is PCIe. It shows up as a block device. I haven’t done anything with it yet.
I want to create 2 standard partitions (not LVM) and have some spare memory unallocated which I can use to resize the other 2 partitions in the future. I created another topic about it: Standard partioning secondary block devices with LUKS encryption
But that topic is more about how to create the partitions and encryption. I realized that since the internal SSD is a PCI device, I’m not sure how to properly do the appropriate rd.qubes.hide_pci=Bus:Device.Function
So I should hide_pci of the BDF of the ssd device, then attach it to a disposable and create partitions with parted.
After that I de-attach and powercycle by restarting the computer. Or do I maybe need to do any new hide_pci after creating the partitions? …Before restarting computer (power cycling)?
Or do I need to add the partitions to hide_pci after restarting the computer?
Or maybe I don’t need to do any more hide_pci at all, just the first time before creating the partitions?
Or maybe not even the first time?
I thought I had a good understanding of PCI device security but now that it’s about an internal SSD I’m uncertain again.
I also guess I can only attach 1 partition at a time since SSD are PCIe. So I can’t have partition1 in qube1 and partition2 in qube2 at the same time, I would have to powercycle (restart computer) every time I switch between those two qubes or more specifically each time I want to use one of those partitions in one of those qubes.