1278ba86cSAlexander Motin /*-
24d846d26SWarner Losh * SPDX-License-Identifier: BSD-2-Clause
3278ba86cSAlexander Motin *
4278ba86cSAlexander Motin * Copyright (C) 2019 Alexander Motin <mav@FreeBSD.org>
5278ba86cSAlexander Motin *
6278ba86cSAlexander Motin * Redistribution and use in source and binary forms, with or without
7278ba86cSAlexander Motin * modification, are permitted provided that the following conditions
8278ba86cSAlexander Motin * are met:
9278ba86cSAlexander Motin * 1. Redistributions of source code must retain the above copyright
10278ba86cSAlexander Motin * notice, this list of conditions and the following disclaimer.
11278ba86cSAlexander Motin * 2. Redistributions in binary form must reproduce the above copyright
12278ba86cSAlexander Motin * notice, this list of conditions and the following disclaimer in the
13278ba86cSAlexander Motin * documentation and/or other materials provided with the distribution.
14278ba86cSAlexander Motin *
15278ba86cSAlexander Motin * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16278ba86cSAlexander Motin * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17278ba86cSAlexander Motin * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18278ba86cSAlexander Motin * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19278ba86cSAlexander Motin * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20278ba86cSAlexander Motin * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21278ba86cSAlexander Motin * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22278ba86cSAlexander Motin * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23278ba86cSAlexander Motin * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24278ba86cSAlexander Motin * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25278ba86cSAlexander Motin * SUCH DAMAGE.
26278ba86cSAlexander Motin */
27278ba86cSAlexander Motin
28278ba86cSAlexander Motin #include <sys/param.h>
29278ba86cSAlexander Motin #include <sys/ioccom.h>
30278ba86cSAlexander Motin
31278ba86cSAlexander Motin #include <ctype.h>
32278ba86cSAlexander Motin #include <err.h>
33278ba86cSAlexander Motin #include <fcntl.h>
34278ba86cSAlexander Motin #include <stdbool.h>
35278ba86cSAlexander Motin #include <stddef.h>
36278ba86cSAlexander Motin #include <stdio.h>
37278ba86cSAlexander Motin #include <stdlib.h>
38278ba86cSAlexander Motin #include <string.h>
395dc463f9SAlexander Motin #include <sysexits.h>
40278ba86cSAlexander Motin #include <unistd.h>
41278ba86cSAlexander Motin
42278ba86cSAlexander Motin #include "nvmecontrol.h"
43278ba86cSAlexander Motin
44278ba86cSAlexander Motin /* Tables for command line parsing */
45278ba86cSAlexander Motin
46278ba86cSAlexander Motin static cmd_fn_t sanitize;
47278ba86cSAlexander Motin
48278ba86cSAlexander Motin static struct options {
49278ba86cSAlexander Motin bool ause;
50278ba86cSAlexander Motin bool ndas;
51278ba86cSAlexander Motin bool oipbp;
52278ba86cSAlexander Motin bool reportonly;
53278ba86cSAlexander Motin uint8_t owpass;
54278ba86cSAlexander Motin uint32_t ovrpat;
55278ba86cSAlexander Motin const char *sanact;
56278ba86cSAlexander Motin const char *dev;
57278ba86cSAlexander Motin } opt = {
58278ba86cSAlexander Motin .ause = false,
59278ba86cSAlexander Motin .ndas = false,
60278ba86cSAlexander Motin .oipbp = false,
61278ba86cSAlexander Motin .reportonly = false,
62278ba86cSAlexander Motin .owpass = 1,
63278ba86cSAlexander Motin .ovrpat = 0,
64278ba86cSAlexander Motin .sanact = NULL,
65278ba86cSAlexander Motin .dev = NULL,
66278ba86cSAlexander Motin };
67278ba86cSAlexander Motin
68278ba86cSAlexander Motin static const struct opts sanitize_opts[] = {
69278ba86cSAlexander Motin #define OPT(l, s, t, opt, addr, desc) { l, s, t, &opt.addr, desc }
70278ba86cSAlexander Motin OPT("ause", 'U', arg_none, opt, ause,
71278ba86cSAlexander Motin "Allow Unrestricted Sanitize Exit"),
7270d20ed3SAlexander Motin OPT("ndas", 'd', arg_none, opt, ndas,
73278ba86cSAlexander Motin "No Deallocate After Sanitize"),
74278ba86cSAlexander Motin OPT("oipbp", 'I', arg_none, opt, oipbp,
75278ba86cSAlexander Motin "Overwrite Invert Pattern Between Passes"),
76278ba86cSAlexander Motin OPT("reportonly", 'r', arg_none, opt, reportonly,
77278ba86cSAlexander Motin "Report previous sanitize status"),
78278ba86cSAlexander Motin OPT("owpass", 'c', arg_uint8, opt, owpass,
79278ba86cSAlexander Motin "Overwrite Pass Count"),
80278ba86cSAlexander Motin OPT("ovrpat", 'p', arg_uint32, opt, ovrpat,
81278ba86cSAlexander Motin "Overwrite Pattern"),
82278ba86cSAlexander Motin OPT("sanact", 'a', arg_string, opt, sanact,
83278ba86cSAlexander Motin "Sanitize Action (block, overwrite, crypto)"),
84278ba86cSAlexander Motin { NULL, 0, arg_none, NULL, NULL }
85278ba86cSAlexander Motin };
86278ba86cSAlexander Motin #undef OPT
87278ba86cSAlexander Motin
88278ba86cSAlexander Motin static const struct args sanitize_args[] = {
89278ba86cSAlexander Motin { arg_string, &opt.dev, "controller-id" },
90278ba86cSAlexander Motin { arg_none, NULL, NULL },
91278ba86cSAlexander Motin };
92278ba86cSAlexander Motin
93278ba86cSAlexander Motin static struct cmd sanitize_cmd = {
94278ba86cSAlexander Motin .name = "sanitize",
95278ba86cSAlexander Motin .fn = sanitize,
96278ba86cSAlexander Motin .descr = "Sanitize NVM subsystem",
97278ba86cSAlexander Motin .ctx_size = sizeof(opt),
98278ba86cSAlexander Motin .opts = sanitize_opts,
99278ba86cSAlexander Motin .args = sanitize_args,
100278ba86cSAlexander Motin };
101278ba86cSAlexander Motin
102278ba86cSAlexander Motin CMD_COMMAND(sanitize_cmd);
103278ba86cSAlexander Motin
104278ba86cSAlexander Motin /* End of tables for command line parsing */
105278ba86cSAlexander Motin
106278ba86cSAlexander Motin static void
sanitize(const struct cmd * f,int argc,char * argv[])107278ba86cSAlexander Motin sanitize(const struct cmd *f, int argc, char *argv[])
108278ba86cSAlexander Motin {
109278ba86cSAlexander Motin struct nvme_controller_data cd;
110278ba86cSAlexander Motin struct nvme_pt_command pt;
111278ba86cSAlexander Motin struct nvme_sanitize_status_page ss;
112278ba86cSAlexander Motin char *path;
113278ba86cSAlexander Motin uint32_t nsid;
114278ba86cSAlexander Motin int sanact = 0, fd, delay = 1;
115278ba86cSAlexander Motin
116278ba86cSAlexander Motin if (arg_parse(argc, argv, f))
117278ba86cSAlexander Motin return;
118278ba86cSAlexander Motin
119278ba86cSAlexander Motin if (opt.sanact == NULL) {
120278ba86cSAlexander Motin if (!opt.reportonly) {
121278ba86cSAlexander Motin fprintf(stderr, "Sanitize Action is not specified\n");
122278ba86cSAlexander Motin arg_help(argc, argv, f);
123278ba86cSAlexander Motin }
124278ba86cSAlexander Motin } else {
125278ba86cSAlexander Motin if (strcmp(opt.sanact, "exitfailure") == 0)
126278ba86cSAlexander Motin sanact = 1;
127278ba86cSAlexander Motin else if (strcmp(opt.sanact, "block") == 0)
128278ba86cSAlexander Motin sanact = 2;
129278ba86cSAlexander Motin else if (strcmp(opt.sanact, "overwrite") == 0)
130278ba86cSAlexander Motin sanact = 3;
131278ba86cSAlexander Motin else if (strcmp(opt.sanact, "crypto") == 0)
132278ba86cSAlexander Motin sanact = 4;
133278ba86cSAlexander Motin else {
134278ba86cSAlexander Motin fprintf(stderr, "Incorrect Sanitize Action value\n");
135278ba86cSAlexander Motin arg_help(argc, argv, f);
136278ba86cSAlexander Motin }
137278ba86cSAlexander Motin }
138278ba86cSAlexander Motin if (opt.owpass == 0 || opt.owpass > 16) {
139278ba86cSAlexander Motin fprintf(stderr, "Incorrect Overwrite Pass Count value\n");
140278ba86cSAlexander Motin arg_help(argc, argv, f);
141278ba86cSAlexander Motin }
142278ba86cSAlexander Motin
143278ba86cSAlexander Motin open_dev(opt.dev, &fd, 1, 1);
144278ba86cSAlexander Motin get_nsid(fd, &path, &nsid);
145278ba86cSAlexander Motin if (nsid != 0) {
146278ba86cSAlexander Motin close(fd);
147278ba86cSAlexander Motin open_dev(path, &fd, 1, 1);
148278ba86cSAlexander Motin }
149278ba86cSAlexander Motin free(path);
150278ba86cSAlexander Motin
151278ba86cSAlexander Motin if (opt.reportonly)
152278ba86cSAlexander Motin goto wait;
153278ba86cSAlexander Motin
154278ba86cSAlexander Motin /* Check that controller can execute this command. */
1555dc463f9SAlexander Motin if (read_controller_data(fd, &cd))
1565dc463f9SAlexander Motin errx(EX_IOERR, "Identify request failed");
157fba73a40SJohn Baldwin if (NVMEV(NVME_CTRLR_DATA_SANICAP_BES, cd.sanicap) == 0 && sanact == 2)
1585dc463f9SAlexander Motin errx(EX_UNAVAILABLE, "controller does not support Block Erase");
159fba73a40SJohn Baldwin if (NVMEV(NVME_CTRLR_DATA_SANICAP_OWS, cd.sanicap) == 0 && sanact == 3)
1605dc463f9SAlexander Motin errx(EX_UNAVAILABLE, "controller does not support Overwrite");
161fba73a40SJohn Baldwin if (NVMEV(NVME_CTRLR_DATA_SANICAP_CES, cd.sanicap) == 0 && sanact == 4)
1625dc463f9SAlexander Motin errx(EX_UNAVAILABLE, "controller does not support Crypto Erase");
163278ba86cSAlexander Motin
164278ba86cSAlexander Motin /*
165278ba86cSAlexander Motin * If controller supports only one namespace, we may sanitize it.
166278ba86cSAlexander Motin * If there can be more, make user explicit in his commands.
167278ba86cSAlexander Motin */
168278ba86cSAlexander Motin if (nsid != 0 && cd.nn > 1)
1695dc463f9SAlexander Motin errx(EX_UNAVAILABLE, "can't sanitize one of namespaces, specify controller");
170278ba86cSAlexander Motin
171278ba86cSAlexander Motin memset(&pt, 0, sizeof(pt));
172278ba86cSAlexander Motin pt.cmd.opc = NVME_OPC_SANITIZE;
173278ba86cSAlexander Motin pt.cmd.cdw10 = htole32((opt.ndas << 9) | (opt.oipbp << 8) |
174278ba86cSAlexander Motin ((opt.owpass & 0xf) << 4) | (opt.ause << 3) | sanact);
175278ba86cSAlexander Motin pt.cmd.cdw11 = htole32(opt.ovrpat);
176278ba86cSAlexander Motin
177278ba86cSAlexander Motin if (ioctl(fd, NVME_PASSTHROUGH_CMD, &pt) < 0)
1785dc463f9SAlexander Motin err(EX_IOERR, "sanitize request failed");
179278ba86cSAlexander Motin
180278ba86cSAlexander Motin if (nvme_completion_is_error(&pt.cpl))
1815dc463f9SAlexander Motin errx(EX_IOERR, "sanitize request returned error");
182278ba86cSAlexander Motin
183278ba86cSAlexander Motin wait:
184278ba86cSAlexander Motin read_logpage(fd, NVME_LOG_SANITIZE_STATUS,
18598ab7d0aSWarner Losh NVME_GLOBAL_NAMESPACE_TAG, 0, 0, 0,
18698ab7d0aSWarner Losh 0, 0, 0, 0, &ss, sizeof(ss));
187fba73a40SJohn Baldwin switch (NVMEV(NVME_SS_PAGE_SSTAT_STATUS, ss.sstat)) {
188278ba86cSAlexander Motin case NVME_SS_PAGE_SSTAT_STATUS_NEVER:
189278ba86cSAlexander Motin printf("Never sanitized");
190278ba86cSAlexander Motin break;
191278ba86cSAlexander Motin case NVME_SS_PAGE_SSTAT_STATUS_COMPLETED:
192278ba86cSAlexander Motin printf("Sanitize completed");
193278ba86cSAlexander Motin break;
194278ba86cSAlexander Motin case NVME_SS_PAGE_SSTAT_STATUS_INPROG:
195278ba86cSAlexander Motin printf("Sanitize in progress: %u%% (%u/65535)\r",
196278ba86cSAlexander Motin (ss.sprog * 100 + 32768) / 65536, ss.sprog);
197278ba86cSAlexander Motin fflush(stdout);
198278ba86cSAlexander Motin if (delay < 16)
199278ba86cSAlexander Motin delay++;
200278ba86cSAlexander Motin sleep(delay);
201278ba86cSAlexander Motin goto wait;
202278ba86cSAlexander Motin case NVME_SS_PAGE_SSTAT_STATUS_FAILED:
203278ba86cSAlexander Motin printf("Sanitize failed");
204278ba86cSAlexander Motin break;
205278ba86cSAlexander Motin case NVME_SS_PAGE_SSTAT_STATUS_COMPLETEDWD:
206278ba86cSAlexander Motin printf("Sanitize completed with deallocation");
207278ba86cSAlexander Motin break;
208278ba86cSAlexander Motin default:
209278ba86cSAlexander Motin printf("Sanitize status unknown");
210278ba86cSAlexander Motin break;
211278ba86cSAlexander Motin }
212278ba86cSAlexander Motin if (delay > 1)
213278ba86cSAlexander Motin printf(" ");
214278ba86cSAlexander Motin printf("\n");
215278ba86cSAlexander Motin
216278ba86cSAlexander Motin close(fd);
217278ba86cSAlexander Motin exit(0);
218278ba86cSAlexander Motin }
219