Add support for NVDIMM secure erase verify

Add nvdimm operations to interface Add wrapper for factory default function Add secure erase verify start function Add secure erase verify status function Change-Id: I84774e679593e7df1907c1a442c831b2f4df88d9 CQ:SW475562 Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/84301 Reviewed-by: Matt Derksen <mderkse1@us.ibm.com> Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com> Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com> Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com> Reviewed-by: Roland Veloz <rveloz@us.ibm.com> Reviewed-by: Daniel M Crowell <dcrowell@us.ibm.com>
open-power · Jan 17, 2020 · a96914f · a96914f
1 parent 2a80604
commit a96914f
Show file tree

Hide file tree

Showing 8 changed files with 556 additions and 108 deletions.
diff --git a/src/include/runtime/interface.h b/src/include/runtime/interface.h
@@ -5,7 +5,7 @@
 /*                                                                        */
 /* OpenPOWER HostBoot Project                                             */
 /*                                                                        */
-/* Contributors Listed Below - COPYRIGHT 2013,2019                        */
+/* Contributors Listed Below - COPYRIGHT 2013,2020                        */
 /* [+] International Business Machines Corp.                              */
 /*                                                                        */
 /*                                                                        */
@@ -599,7 +599,15 @@ typedef struct hostInterfaces
         // Manufacturing(MNFG) energy source(ES) health check request
         HBRT_FW_MNFG_ES_HEALTH_CHECK      = 0x0020,
         // Manufacturing(MNFG) non-volatile memory(NVM) health check request
-        HBRT_FW_MNFG_NVM_HEALTH_CHECK     = 0x0040
+        HBRT_FW_MNFG_NVM_HEALTH_CHECK     = 0x0040,
+
+        /// The following operations pertain to the decommission of an NVDIMM
+        // Factory Default returns the NVDIMM to the factory default state
+        HBRT_FW_NVDIMM_FACTORY_DEFAULT    = 0x0080,
+        // Secure Erase Verify all NAND flash blocks have been erased
+        HBRT_FW_NVDIMM_SECURE_EV_START    = 0x0100,
+        // Secure Erase Verify Status checks if SEV operation has completed
+        HBRT_FW_NVDIMM_SECURE_EV_STATUS   = 0x0200,
     };
 
     // NVDIMM (PHYP -> HBRT) message to request NVDIMM operation(s)

diff --git a/src/include/usr/isteps/nvdimm/nvdimm.H b/src/include/usr/isteps/nvdimm/nvdimm.H
@@ -5,7 +5,7 @@
 /*                                                                        */
 /* OpenPOWER HostBoot Project                                             */
 /*                                                                        */
-/* Contributors Listed Below - COPYRIGHT 2018,2019                        */
+/* Contributors Listed Below - COPYRIGHT 2018,2020                        */
 /* [+] International Business Machines Corp.                              */
 /*                                                                        */
 /*                                                                        */
@@ -131,6 +131,33 @@ bool nvdimm_encrypt_enable(TARGETING::TargetHandleList &i_nvdimmList);
  */
 bool nvdimm_crypto_erase(TARGETING::TargetHandleList &i_nvdimmList);
 
+/**
+ * @brief Entry function to NVDIMM factory default
+ *
+ * @param[in] i_nvdimmList - list of nvdimm targets
+ *
+ * @return true if no errors logged, else false
+ */
+bool nvdimmFactoryDefault(TARGETING::TargetHandleList &i_nvdimmList);
+
+/**
+ * @brief Entry function to NVDIMM secure erase verify
+ *
+ * @param[in] i_nvdimmList - list of nvdimm targets
+ *
+ * @return true if no errors logged, else false
+ */
+bool nvdimmSecureEraseVerifyStart(TARGETING::TargetHandleList &i_nvdimmList);
+
+/**
+ * @brief Entry function to NVDIMM secure erase verify status
+ *
+ * @param[in] i_nvdimmList - list of nvdimm targets
+ *
+ * @return true if no errors logged, else false
+ */
+bool nvdimmSecureEraseVerifyStatus(TARGETING::TargetHandleList &i_nvdimmList);
+
 /**
  * @brief Helper function to get list of nvdimm target pointers
  *
@@ -293,6 +320,8 @@ void nvdimmSendNvStatus();
  *                PROTECTED status until power is cycled again
  *        ENCRYPTION_ENABLED - contents of nvdimm are encrypted
  *        ENCRYPTION_DISABLED - contents of nvdimm are not encrypted
+ *        ERASE_VERIFY_STARTED - set secure_erase_verify_complete to 0
+ *        ERASE_VERIFY_COMPLETE = set secure_erase_verify_complete to 1
  */
 enum nvdimm_protection_t
 {
@@ -305,6 +334,8 @@ enum nvdimm_protection_t
     NVDIMM_ENCRYPTION_ERROR   = 6,
     ENCRYPTION_ENABLED        = 7,
     ENCRYPTION_DISABLED       = 8,
+    ERASE_VERIFY_STARTED      = 9,
+    ERASE_VERIFY_COMPLETED    = 10,
     SEND_NV_STATUS            = 11,
     /* deprecated, still used by PRD */
     UNPROTECTED_BECAUSE_ERROR = 4,
@@ -465,6 +496,7 @@ void nvdimmAddPage4Regs(TARGETING::Target *i_nvdimm, errlHndl_t& io_err);
  */
 void nvdimm_init(TARGETING::Target *i_nvdimm);
 
+
 }
 
 #endif  // NVDIMM_EXT_H__

diff --git a/src/include/usr/isteps/nvdimm/nvdimmreasoncodes.H b/src/include/usr/isteps/nvdimm/nvdimmreasoncodes.H
@@ -5,7 +5,7 @@
 /*                                                                        */
 /* OpenPOWER HostBoot Project                                             */
 /*                                                                        */
-/* Contributors Listed Below - COPYRIGHT 2019                             */
+/* Contributors Listed Below - COPYRIGHT 2019,2020                        */
 /* [+] International Business Machines Corp.                              */
 /*                                                                        */
 /*                                                                        */
@@ -110,6 +110,7 @@ enum nvdimmModuleId
     NVDIMM_ARM_PRE_CHECK                    = 0x3C,
     NVDIMM_ARM                              = 0x3D,
     CLEAR_FW_OPS_STATUS                     = 0x3E,
+    NVDIMM_SECURE_ERASE_VERIFY_STATUS       = 0x3F,
 };
 
 /**
@@ -207,6 +208,8 @@ enum nvdimmReasonCode
     NVDIMM_ARM_RETRY                           = NVDIMM_COMP_ID | 0x54,
     NVDIMM_CLEAR_FW_OPS_STATUS_TIMEOUT         = NVDIMM_COMP_ID | 0x55,   // Failed to clear FW_OPS_STATUS
     NVDIMM_NOT_RUNNING_LATEST_LEVEL            = NVDIMM_COMP_ID | 0x56,   // Either running from slot 0 or level was not updated
+    NVDIMM_ERASE_VERIFY_STATUS_NONZERO         = NVDIMM_COMP_ID | 0x57,
+    NVDIMM_ERASE_VERIFY_RESULT_NONZERO         = NVDIMM_COMP_ID | 0x58,
 };
 
 enum UserDetailsTypes

diff --git a/src/usr/isteps/nvdimm/ReadMe.md b/src/usr/isteps/nvdimm/ReadMe.md
@@ -222,3 +222,57 @@ in the JEDEC document JESD245B
    12. Disable firmware update mode
    13. Switch from slot0 to slot1 which contains the new image code
    14. Validate running new code level
+
+# NVDIMM Secure Erase Verify Flow
+DS8K lpar -> HBRT NVDIMM operation = factory_default + secure_erase_verify_start
+  HBRT executes factory_default and steps 1) and 2)
+DS8K lpar -> HBRT NVDIMM operation = secure_erase_verify_complete
+  HBRT executes step 3)
+  If secure erase verify has not completed, return status with verify_complete bit = 0
+     DS8K lpar is responsible for monitoring elapsed time (2/4 hours) and restart process (step 6)
+  If secure erase verify has completed
+     HBRT executes steps 4) and 5), generating error logs for any non-zero register values
+     Return status with verify_complete bit = 1
+
+## Procedure Flow for NVDIMM Secure Erase Verify
+  *Note: Secure Erase Verify should only be run after a Factory Default operation.
+      Secure Erase Verify is intended to verify whether all NAND blocks have been erased.
+  *Note: Full breakout of all Page 5 Secure Erase Verify registers can be found in
+      SMART document "JEDEC NVDIMM Vendor Page 2 Extensions".
+  1) Set Page 5 Register 0x1B to value "0x00"
+       // this clears the status register
+  2) Set Page 5 Register 0x1A to value "0xC0"
+       // this kicks off the erase verify operation
+  3) Wait for Page 5 Register 0x1A Bit 7 to be reset to value "0"
+       // i.e., the overall register value should be "0x40";
+          this means that erase verify has completed
+       a. If Page 5 Register 0x1A Bit 7 has not reset to value "0"
+          after 2 hours (16GB NVDIMM) or after 4 hours (32GB NVDIMM),
+          report a timeout error and skip to step (6)
+  4) Read Page 5 Register 0x1B; value should be "0x00"
+       // this is the erase verify status register
+       a. If Page 5 Register 0x1B value is not "0x00",
+          report any/all errors as outlined in the table at the end of this document,
+          then skip to step (6)
+  5) Read Page 5 Registers 0x1D (MSB) and 0x1C (LSB);
+       combined the two registers should have a value of "0x0000"
+       // this is the number of chunks failing Secure Erase Verify
+       a. If the combined value of the two registers is not "0x0000",
+          report a threshold exceeded error along with the combined value of the two registers,
+          then skip to step (6)
+  6) If any errors have been reported in steps (3), (4), or (5),
+       retry the secure erase verify operation starting again from step (1)
+       a. If the secure erase verify operation fails even after retrying,
+          report that secure erase verify operation has failed
+  7) If no errors have been reported, report that secure erase verify operation
+       has been completed successfully
+  *Addendum: Breakout of Page 5 Register 0x1B Erase Verify Status bit values referenced in step (4) above.
+   All these bits should return as "0". Any bits returning as "1" should be reported with the error name below.
+    Bits 7:6 - Reserved
+    Bit 5 - BAD BLOCK
+    Bit 4 - OTHER
+    Bit 3 - ENCRYPTION LOCKED
+    Bit 2 - INVALID PARAMETER
+    Bit 1 - INTERRUPTED
+    Bit 0 - NAND ERROR
+