1. 基本概念
Sanitize Device属于ATA指令中的一个功能特性。通过FEATURE字段值来识别当前指令属于Sanitize Device特性中具体哪个子命令
Table 81 — Sanitize Device FEATURE field values
Feature Value | Command |
0000h | SANITIZE STATUS EXT (see 7.36.7) |
0001h..0010h | Reserved |
0011h | CRYPTO SCRAMBLE EXT (see 7.36.3) |
0012h | BLOCK ERASE EXT (see 7.36.2) |
0013h | Reserved |
0014h | OVERWRITE EXT (see 7.36.4) |
0015h..001Fh | Reserved |
0020h | SANITIZE FREEZE LOCK EXT (see 7.36.6) |
0021h..003Fh | Reserved |
0040h | SANITIZE ANTIFREEZE LOCK EXT (see 7.36.5) |
0041h..FFFFh | Reserved |
2. 指令介绍
2.1 BLOCK ERASE EXT – B4h/0012h, Non-Data
该指令实现Block erase的擦除操作。该指令会擦除用户空间,不管该地址空间有没有被使用。擦除完成后地址空间数据无法恢复。
该指令只有在以下条件均满足情况下可执行:
(1)支持Sanitize Device feature set
(2)支持BLOCK ERASE EXT command
(3)LBA字段值必须为426B_4572h
(4)Device状态必须为SD0: Sanitize Idle state,SD3: Sanitize Operation Failed state或者SD4: Sanitize Operation Succeeded state
2.2 CRYPTO SCRAMBLE EXT – B4h/0011h, Non-Data
该指令用来实现夹密加扰的擦除功能。该指令只有在用户空间全部受加密影响时才会支持。
该指令只有在以下条件均满足情况下可执行:
(1)支持Sanitize Device feature set
(2)支持CRYPTO SCRAMBLE EXT command
(3)LBA字段值必须为4372_7970h
(4)Device状态必须为SD0: Sanitize Idle state,SD3: Sanitize Operation Failed state或者SD4: Sanitize Operation Succeeded state
2.3 OVERWRITE EXT – B4h/0014h, Non-Data
该指令通过覆盖写的方式来实现擦除功能。host可以在LBA字段中指定的4字节固定数用来复写用户空间。同时可以通过COUNT字段中指定覆写次数,以及是否需要在多次覆写过程中反转四字节(不太理解,原文如下)
The OVERWRITE EXT command starts an overwrite sanitize operation (i.e., a sanitize operation (see 4.17.4) to
overwrite the internal media with a constant value) that fills physical sectors within the Sanitize operation scope
(see 4.17.2) with a four byte pattern specified by the OVERWRITE PATTERN field (see 7.36.4.3.4) of the command.
The host also specifies a count for multiple overwrites (see 7.36.4.3.3) and whether to invert the four byte pattern
between consecutive overwrite passes (see 7.36.4.3.2).
After a successful overwrite sanitize operation, affected data blocks shall be readable without error.
该指令只有在以下条件均满足情况下可执行:
(1)支持Sanitize Device feature set
(2)支持OVERWRITE EXT command
(3)LBA[47:32]字段的值必须为4F57h
(4)Device状态必须为SD0: Sanitize Idle state,SD3: Sanitize Operation Failed state或者SD4: Sanitize Operation Succeeded state
2.4 SANITIZE ANTIFREEZE LOCK EXT – B4h/0040h, Non-Data
SANITIZE FREEZE LOCK EXT – B4h/0020h, Non-Data
(1)SANITIZE ANTIFREEZE LOCK EXT指令发送后,后续所有的SANITIZE FREEZE LOCK EXT commands都直接返回abort,除非device把Sanitize Antifreeze value清除为0。
如果device在收到SANITIZE ANTIFREEZE LOCK EXT command并返回指令正常执行完成,device会清除Sanitize Antifreeze value值为0。
(2)The SANITIZE FREEZE LOCK EXT command导致除了SANITIZE STATUS EXT command以外的其他指令都返回abort,直到系统重新上电复位
2.5 SANITIZE STATUS EXT – B4h/0000h, Non-Data
该指令返回当前或者之前已经完成的擦除操作的信息:
(1)正在执行擦除操作的进度
(2)上一次的Sanitize Device指定是否成功
(3)是否收到一条不支持的Sanitize Device指令
3. 全盘擦除实现
启动一次Sanitize操作,主机将发出以下Sanitize指令之一:
a) CRYPTO SCRAMBLE EXT command
b) BLOCK ERASE EXT command
c) OVERWRITE EXT command
【注意】
(1)Sanitize操作在指令返回响应后仍然在执行Sanitize的操作(异步执行)
(2)任何中断都不会打断Sanitize操作
(3)通过SANITIZE STATUS EXT command可以获取最近一次Sanitize操作的执行状态,正在执行或完成
4. Sanitize状态机