Support for NVME secure erase
Bug #1835954 reported by
Gabriel Ramirez
This bug affects 4 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MAAS |
Fix Released
|
High
|
Guilherme G. Piccoli | ||
2.6 |
Fix Committed
|
High
|
Lee Trager | ||
2.7 |
Fix Released
|
High
|
Lee Trager | ||
2.8 |
Fix Released
|
High
|
Lee Trager |
Bug Description
Doing a secure erase on NVME drives results in falling back to zeroing out the drive as secure_erase() function uses hdparm which doesn't support NVME devices
Related branches
~ltrager/maas:lp1835954_2.6
- MAAS Lander: Needs Fixing
- Lee Trager (community): Approve
-
Diff: 1831 lines (+1179/-286)4 files modifiedsrc/maasserver/compose_preseed.py (+3/-0)
src/metadataserver/user_data/templates/snippets/maas_wipe.py (+292/-60)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe.py (+652/-226)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe_defs.py (+232/-0)
~ltrager/maas:lp1835954_2.7
- MAAS Lander: Approve
- Lee Trager (community): Approve
-
Diff: 1741 lines (+1118/-242)4 files modifiedsrc/maasserver/compose_preseed.py (+3/-0)
src/metadataserver/user_data/templates/snippets/maas_wipe.py (+289/-63)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe.py (+594/-179)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe_defs.py (+232/-0)
~ltrager/maas:lp1835954_2.8
- MAAS Lander: Approve
- Lee Trager (community): Approve
-
Diff: 1741 lines (+1118/-242)4 files modifiedsrc/maasserver/compose_preseed.py (+3/-0)
src/metadataserver/user_data/templates/snippets/maas_wipe.py (+289/-63)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe.py (+594/-179)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe_defs.py (+232/-0)
~gpiccoli/maas:nvme_secure_erase
- Lee Trager (community): Approve
- MAAS Lander: Approve
- Adam Collard: Pending requested
-
Diff: 1741 lines (+1118/-242)4 files modifiedsrc/maasserver/compose_preseed.py (+3/-0)
src/metadataserver/user_data/templates/snippets/maas_wipe.py (+289/-63)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe.py (+594/-179)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe_defs.py (+232/-0)
~gpiccoli/maas:nvme_secure_erase
- MAAS Lander: Approve
- Adam Collard: Pending requested
- Lee Trager: Pending requested
-
Diff: 1741 lines (+1118/-242)4 files modifiedsrc/maasserver/compose_preseed.py (+3/-0)
src/metadataserver/user_data/templates/snippets/maas_wipe.py (+289/-63)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe.py (+594/-179)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe_defs.py (+232/-0)
~gpiccoli/maas:nvme_secure_erase
- MAAS Lander: Needs Fixing
- Lee Trager: Pending requested
- Adam Collard: Pending requested
-
Diff: 1765 lines (+1120/-242)6 files modifiedsrc/maasserver/compose_preseed.py (+3/-0)
src/maasserver/tests/test_compose_preseed.py (+1/-0)
src/maasserver/tests/test_preseed.py (+1/-0)
src/metadataserver/user_data/templates/snippets/maas_wipe.py (+289/-63)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe.py (+594/-179)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe_defs.py (+232/-0)
~gpiccoli/maas:nvme_secure_erase
- MAAS Lander: Needs Fixing
- Adam Collard: Pending requested
- Lee Trager: Pending requested
-
Diff: 1765 lines (+1120/-242)6 files modifiedsrc/maasserver/compose_preseed.py (+3/-0)
src/maasserver/tests/test_compose_preseed.py (+1/-0)
src/maasserver/tests/test_preseed.py (+1/-0)
src/metadataserver/user_data/templates/snippets/maas_wipe.py (+289/-63)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe.py (+594/-179)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe_defs.py (+232/-0)
~gpiccoli/maas:nvme_secure_erase
- MAAS Lander: Needs Fixing
- Adam Collard: Pending requested
- Lee Trager: Pending requested
-
Diff: 1741 lines (+1118/-242)4 files modifiedsrc/maasserver/compose_preseed.py (+3/-0)
src/metadataserver/user_data/templates/snippets/maas_wipe.py (+289/-63)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe.py (+594/-179)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe_defs.py (+232/-0)
~gpiccoli/maas:nvme_secure_erase
- Lee Trager (community): Needs Fixing
- MAAS Lander: Needs Fixing
- Adam Collard: Pending requested
-
Diff: 1741 lines (+1118/-242)4 files modifiedsrc/maasserver/compose_preseed.py (+3/-0)
src/metadataserver/user_data/templates/snippets/maas_wipe.py (+289/-63)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe.py (+594/-179)
src/metadataserver/user_data/templates/snippets/tests/test_maas_wipe_defs.py (+232/-0)
Changed in maas: | |
milestone: | none → 2.7.0alpha1 |
Changed in maas: | |
status: | New → Triaged |
tags: | added: sts |
Changed in maas: | |
importance: | Undecided → High |
Changed in maas: | |
milestone: | 2.7.0b1 → 2.7.0b2 |
Changed in maas: | |
milestone: | 2.7.0b2 → none |
Changed in maas: | |
assignee: | nobody → Guilherme G. Piccoli (gpiccoli) |
status: | Triaged → In Progress |
Changed in maas: | |
milestone: | none → next |
status: | In Progress → Fix Committed |
Changed in maas: | |
milestone: | next → 2.9.0b1 |
Changed in maas: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
## This is in relation to customer case 00234532 ##
case is for "release" api call / release device with secure erase which does not fit our requirements.
We wave issue with fallback from secure erase to zero fill.
Our expectation is that secure erase is mandatory and if it cannot be done, device should be marked as broken
or release call should fail.
Additional reason is that zero filling an ssd / nvme drive may not even wipe the data in reality-
(controller may cache the writes and just mark blocks as free to avoid wear and tear).
In addition - I suspect that current wipe script fails to properly verify if secure erase was performed vm/drop_ cache helped)
- Written data is not random
- Write Buffers are not flushed
- Data read after hdparm ioctl secure erase call may be from cache which is not invalidated (bug?) ( echo 3 > /proc/sys/
- comparing to all zeros can fail check for drives that were initially empty.
- Flushing caches before and after hdparm commands helped with sporadic failing of secure wipe.
Feature request - wishlist: testing scripts way is great, want same thing for release api call)
- ability to replace or augment default drive wipe scripts with custom release scripts
(commissioning/
Biased opinion:
- hdparm did not work for any drive named /dev/nvme* so that should be ignored by current hdparm wiping script
(I am aware that there are m2 drives which internally use sata interface, not sure if they support ioctl hdparm uses, haven't tested)
- for /dev/nvme*, separate script is needed, using nvme-cli tool to perform secure erase.
NVMe snippet:
NVME_LBAF_512b = 0 # LBAF: format 0 - 512 byte sectors (legacy compatibility?)
NVME_LBAF_4k = 1 # LBAF: format 1 - 4k sectors
NVME_FORMAT_FORGET = 0
NVME_FORMAT_USER = 1
NVME_FORMAT_CRYPTO = 2
def wipe(device, ses,lbaf) : check_output( 'nvme format %s --ses=%d --lbaf=%d' % (device, ses, lbaf), shell=True)
output = subprocess.
# this would wipe just one block device - nvme namespace with Crypto method (replace encryption key) dev/nvme0n1" ,NVME_FORMAT_ CRYPTO, NVME_LBAF_512b); dev/nvme0n1" ,NVME_FORMAT_ CRYPTO, NVME_LBAF_512b);
wipe("/
# and this would wipe the user data on drive
wipe("/
NOTE: some older Intel NVMe drives have physical limit in firmware for total of 100 user data and/or secure wipe cycles. Only SES=0 is supported unlimited number of times (but less secure) /www.intel. com/content/ dam/www/ public/ us/en/documents /technology- briefs/ ssd-technical- advisory. pdf
https:/