feat: Finish data_sanitization_capabilities

finishing update to show the data sanitization capabilities for various erase methods supported in SeaChest_Erase
Seagate · Aug 28, 2023 · ef4ddcc · ef4ddcc
2 parents 8e08b6b + 0b63b0a
commit ef4ddcc
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 17 deletions.
diff --git a/src/openseachest_util_options.c b/src/openseachest_util_options.c
@@ -519,7 +519,7 @@ void print_Erase_Time_Help(bool shortHelp)
 void print_Sanitize_Help(bool shortHelp, const char *utilName)
 {
     printf("\t--%s [info | blockerase | cryptoerase |\n", SANITIZE_LONG_OPT_STRING);
-    printf("\t            overwrite | freezelock | antifreezelock]\n");
+    printf("\t            overwrite | freezelock | antifreezelock] \t(Purge)\n");
     if (!shortHelp)
     {
         printf("\t\tUse the info argument to show supported sanitize operations.\n");
@@ -581,7 +581,7 @@ void print_Poll_Help(bool shortHelp)
 
 void print_Writesame_Help(bool shortHelp)
 {
-    printf("\t--%s [starting LBA]\n", WRITE_SAME_LONG_OPT_STRING);
+    printf("\t--%s [starting LBA]\t (Clear)\n", WRITE_SAME_LONG_OPT_STRING);
     if (!shortHelp)
     {
         printf("\t\tEnter a starting lba to begin a write same on to erase a range\n");
@@ -619,11 +619,13 @@ void print_Writesame_Range_Help(bool shortHelp)
 
 void print_Revert_Help(bool shortHelp)
 {
-    printf("\t--%s\n", TCG_REVERT_LONG_OPT_STRING);
+    printf("\t--%s\t(Purge)\n", TCG_REVERT_LONG_OPT_STRING);
     if (!shortHelp)
     {
         printf("\t\tThis operation performs an Opal SSC spec Revert on the adminSP.\n");
         printf("\t\tThis operation is only available on Seagate TCG Opal drives.\n");
+        printf("\t\tRevert meets data sanitization purge capabilities to erase data\n");
+        printf("\t\tfor Opal, Opalite, and Ruby SSCs\n");
         printf("\t\tThe --%s flag can be provided to perform the revert with\n", TCG_PSID_LONG_OPT_STRING);
         printf("\t\tthe PSID authority in case of a lost password.\n");
         printf("\t\tThe --%s flag can be provided to perform the revert with SID.\n", TCG_SID_LONG_OPT_STRING);
@@ -641,11 +643,15 @@ void print_Revert_Help(bool shortHelp)
 
 void print_RevertSP_Help(bool shortHelp)
 {
-    printf("\t--%s\n", TCG_REVERT_SP_LONG_OPT_STRING);
+    printf("\t--%s\t(Purge)\n", TCG_REVERT_SP_LONG_OPT_STRING);
     if (!shortHelp)
     {
         printf("\t\tThis operation performs a revertSP on a Seagate SED drive\n");
         printf("\t\tin the adminSP with the PSID.\n");
+        printf("\t\tRevertSP meets data sanitization purge capabilities to erase data\n");
+        printf("\t\tfor Opal, Opalite, and Ruby SSCs\n");
+        printf("\t\tRevertSP also meets data sanitization purge capabilities to erase data\n");
+        printf("\t\ton Seagate TCG Enterprise SSC HDDs\n");
         printf("\t\tThe PSID must be provided using the --%s option.\n", TCG_PSID_LONG_OPT_STRING);
         printf("\t\tThis operation is available on all Seagate SED HDD drives and some SSDs.\n");
         printf("\t\tUpon completion, the drive will be \"like new\" with all\n");
@@ -1306,7 +1312,7 @@ void print_Butterfly_Read_Test_Help(bool shortHelp)
 
 void print_Overwrite_Help(bool shortHelp)
 {
-    printf("\t--%s [starting LBA]\n", OVERWRITE_LONG_OPT_STRING);
+    printf("\t--%s [starting LBA]\t(Clear)\n", OVERWRITE_LONG_OPT_STRING);
     if (!shortHelp)
     {
         printf("\t\tUse this option to start an overwrite erase at\n");
@@ -1318,7 +1324,7 @@ void print_Overwrite_Help(bool shortHelp)
 
 void print_Overwrite_Range_Help(bool shortHelp)
 {
-    printf("\t--%s [range in # of LBAs]\n", OVERWRITE_RANGE_LONG_OPT_STRING);
+    printf("\t--%s [range in # of LBAs]\t(Clear)\n", OVERWRITE_RANGE_LONG_OPT_STRING);
     if (!shortHelp)
     {
         printf("\t\tUse with the overwrite option (--%s) to\n", OVERWRITE_LONG_OPT_STRING);
@@ -2221,7 +2227,7 @@ void print_Perform_Quickest_Erase_Help(bool shortHelp)
 
 void print_Format_Unit_Help(bool shortHelp)
 {
-    printf("\t--%s [current | new sector size]    (SAS Only)\n", FORMAT_UNIT_LONG_OPT_STRING);
+    printf("\t--%s [current | new sector size]\t(SAS Only)\t(Clear)\n", FORMAT_UNIT_LONG_OPT_STRING);
     if (!shortHelp)
     {
         printf("\t\tThis option will start a format unit operation on a SAS drive\n");
@@ -3614,11 +3620,11 @@ void print_FWDL_Force_Win_Passthrough_Help(bool shortHelp)
 
 void print_ATA_Security_Erase_Help(bool shortHelp, const char *password)
 {
-    printf("\t--%s [normal | enhanced]\t\t(SATA only)\n", ATA_SECURITY_ERASE_OP_LONG_OPT_STRING);
+    printf("\t--%s [normal | enhanced]\t(SATA only)\t(Clear | Purge)\n", ATA_SECURITY_ERASE_OP_LONG_OPT_STRING);
     if (!shortHelp)
     {
-        printf("\t\tUse \"normal\" to start a standard ATA security erase\n");
-        printf("\t\tor \"enhanced\" to start an enhanced ATA security erase.\n\n");
+        printf("\t\tUse \"normal\" to start a standard ATA security erase (Clear)\n");
+        printf("\t\tor \"enhanced\" to start an enhanced ATA security erase (Purge).\n\n");
         printf("\t\tATA Security Erase takes a very long time to complete at\n");
         printf("\t\tapproximately three (3) hours per Tera-byte (HDD). Some Seagate\n");
         printf("\t\tSED models will perform a quick cryptographic erase in enhanced\n");
@@ -3983,7 +3989,11 @@ void print_NVM_Format_Help(bool shortHelp)
         printf("\t\tsupported by the drive.\n");
         printf("\t\tThis command will erase all data on the drive.\n");
         printf("\t\tCombine this option with--%s to poll\n", POLL_LONG_OPT_STRING);
-        printf("\t\tfor progress until the format is complete.\n\n");
+        printf("\t\tfor progress until the format is complete.\n");
+        printf("\t\tA data sanitization compliant with IEEE 2883 Clear requires the --%s\n", NVM_FORMAT_SECURE_ERASE_LONG_OPT_STRING);
+        printf("\t\toption to be provided. Without this option the controller\n");
+        printf("\t\tmay not erase all user data and substitute returning zeroes\n");
+        printf("\t\tfor performance instead.\n\n");
     }
 }
 
@@ -4005,17 +4015,18 @@ void print_NVM_Format_NSID_Help(bool shortHelp)
 
 void print_NVM_Format_Secure_Erase_Help(bool shortHelp)
 {
-    printf("\t--%s [none | user | crypto]\t(NVMe Only)\n", NVM_FORMAT_SECURE_ERASE_LONG_OPT_STRING);
+    printf("\t--%s [none | user | crypto]\t(NVMe Only)\t(None | Clear | Clear, Possible Purge)\n", NVM_FORMAT_SECURE_ERASE_LONG_OPT_STRING);
     if (!shortHelp)
     {
         printf("\t\tThis option is used to specify the type of erase to perform\n");
         printf("\t\tduring an NVM format operation. All user data will be inaccessible\n");
         printf("\t\tupon completion of an NVM format, no matter the erase requested.\n");
         printf("\t\tOptions:\n");
-        printf("\t\t  none - no secure erase requested (previous data will not be accessible)\n");
-        printf("\t\t  user - requests all user data is erased by the device.\n");
+        printf("\t\t  none - no secure erase requested (previous data will not be accessible,\n");
+        printf("\t\t         however the media may not have been erased by the controller.)\n");
+        printf("\t\t  user - requests all user data is erased by the device. (Clear)\n");
         printf("\t\t  crypto - requests a cryptographic erase of all user data. Note: this mode\n");
-        printf("\t\t    is not supported on all devices.\n\n");
+        printf("\t\t    is not supported on all devices. (Clear, Possible Purge)\n\n");
     }
 }
 

diff --git a/subprojects/opensea-operations b/subprojects/opensea-operations
diff --git a/utils/C/openSeaChest/openSeaChest_Erase.c b/utils/C/openSeaChest/openSeaChest_Erase.c
@@ -47,7 +47,7 @@
 //  Global Variables  //
 ////////////////////////
 const char *util_name = "openSeaChest_Erase";
-const char *buildVersion = "4.3.5";
+const char *buildVersion = "4.3.6";
 
 typedef enum _eSeaChestEraseExitCodes
 {
@@ -3075,6 +3075,27 @@ void utility_Usage(bool shortUsage)
     //data destructive commands - alphabetized
     printf("\nData Destructive Commands\n");
     printf("=========================\n");
+    printf("Data sanitization capabilities:\n");
+    printf("\tRecommendation - Restore the MaxLBA of the device prior to any erase in\n");
+    printf("\t                 order to allow the drive to erase all user addressable\n");
+    printf("\t                 sectors. For ATA devices this means restoring \n");
+    printf("\t                 HPA + DCO / AMAC to restore the maxLBA.\n");
+    printf("\t                 Restoring the MaxLBA also allows full verification of\n");
+    printf("\t                 all user addressable space on the device without a\n");
+    printf("\t                 limitation from a lower maxLBA.\n");
+    printf("\tClear - Logical techniques are applied to all addressable storage\n");
+    printf("\t        locations, protecting against simple, non-invasive data\n");
+    printf("\t        recovery techniques.\n");
+    printf("\tClear, Possible Purge - Cryptographic erase is a purge if the vendor\n");
+    printf("\t        implementation meets the requirements in IEEE 2883-2022.\n");
+    printf("\tPurge - Logical techniques that target user data, overprovisioning,\n");
+    printf("\t        unused space, and bad blocks rendering data recovery infeasible\n");
+    printf("\t        even with state-of-the-art laboratory techniques.\n");
+    printf("This utility does not support clear/purge verification yet. All labels are\n");
+    printf("written according to the expectation that the device firmware will meet\n");
+    printf("these capabilities as defined in the appropriate standards from T10, T13,\n");
+    printf("SATA - IO, and NVMexpress.\n");
+    printf("=========================\n");
     //multiple interfaces
     print_Overwrite_Help(shortUsage);
     print_Overwrite_Range_Help(shortUsage);