CN117555491A - Method for realizing encryption function of ZNS solid state disk - Google Patents

Method for realizing encryption function of ZNS solid state disk Download PDF

Info

Publication number
CN117555491A
CN117555491A CN202410043001.8A CN202410043001A CN117555491A CN 117555491 A CN117555491 A CN 117555491A CN 202410043001 A CN202410043001 A CN 202410043001A CN 117555491 A CN117555491 A CN 117555491A
Authority
CN
China
Prior art keywords
zone
read
write
solid state
state disk
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202410043001.8A
Other languages
Chinese (zh)
Other versions
CN117555491B (en
Inventor
张德枝
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan Lugu Technology Co ltd
Original Assignee
Wuhan Lugu Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan Lugu Technology Co ltd filed Critical Wuhan Lugu Technology Co ltd
Priority to CN202410043001.8A priority Critical patent/CN117555491B/en
Publication of CN117555491A publication Critical patent/CN117555491A/en
Application granted granted Critical
Publication of CN117555491B publication Critical patent/CN117555491B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/0614Improving the reliability of storage systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0629Configuration or reconfiguration of storage systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0638Organizing or formatting or addressing of data
    • G06F3/0644Management of space entities, e.g. partitions, extents, pools

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Human Computer Interaction (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Automation & Control Theory (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

Before an encryption and decryption algorithm is performed, dividing a Zone into a Zone cold Zone and a Zone hot Zone based on the read-write frequency of each Zone of the ZNS solid state disk, wherein the Zone hot Zone is a read-write frequency number > dynamic read-write frequency critical value, and the dynamic read-write frequency critical value is the root mean square of the total read-write frequency number of the solid state disk zones; when the ZNS solid state disk performs read-write operation, only the Zone cold area is accessed, and the Zone hot area is not subjected to data call; after all the subareas of the Zone cold area are subjected to read-write operation, scanning operation is performed on all the subareas of the ZNS solid state disk according to a command set, and the Zone cold area and the Zone hot area are redistributed; in the next round of read-write operation, only the Zone cold area is accessed in the same way, so that firmware damage caused by frequent read-write of the ZNS solid state disk is reduced.

Description

Method for realizing encryption function of ZNS solid state disk
Technical Field
The invention relates to the field of solid state disk storage, in particular to a method for realizing a ZNS solid state disk encryption function.
Background
Currently, as the price of NAND flash memory is gradually reduced, the number of Solid State Disks (SSDs) is increasing year by year. Unlike conventional hard disks, the storage unit of solid state disks is NAND flash memory. With regard to the ability of NAND flash memory to store data, data read errors are more likely to increase with the number of PEs, the number of data reads, and the passage of data storage time, thus making error handling an important part of SSD. The large amount of read data in the retry list increases the time consumed by the entire error recovery procedure (ERF) and reduces the data read efficiency of the hard disk. In the ZNS architecture, the SSD device provides a read-write interface to the HOST, which can read and write to the SSD according to rules. When permission control is required for reading and writing of some Zone, additional management is required, and no relevant regulations exist in the ZNS protocol.
Disclosure of Invention
The invention aims to solve the need of Zone read-write permission control. The corresponding Zone is encrypted through the password, so that the access authority of the Zone can be controlled, unexpected application is prevented from operating the Zone, and SSD data security is improved.
The method is characterized in that before an encryption and decryption algorithm is performed, zone partitions are divided into Zone cold areas and Zone hot areas based on the read-write frequency of Zone of each partition of the ZNS solid state disk, the Zone hot areas are read-write frequency times > dynamic read-write frequency critical values, and the dynamic read-write frequency critical values are root mean square of the total read-write times of the solid state disk partitions; the Zone cold area is an area outside the Zone hot area in the solid state disk;
when the ZNS solid state disk performs read-write operation, directly accessing the Zone cold area without performing data call on the Zone hot area; after all the subareas of the Zone cold area are subjected to read-write operation, scanning operation is performed on all the subareas of the ZNS solid state disk according to a command set, and the Zone cold area and the Zone hot area are redistributed; setting the reassigned Zone cold Zone into own ZD (ZONE Descriptor) and ZDE (ZONE DESCRIPTOR EXTEND) areas; stopping physical address allocation of ZD and ZD areas existing in the new Zone hot area; the mapping relation table of the logical area and the physical partition of the Zone hot area and the Zone cold area after each dynamic update of data is stored in a certain Zone cold area ZDE.
Further, before IO, judging whether read-write locking is performed by a control algorithm of Nand flash IO; if the IO is locked, the IO can not be normally operated until the IO is unlocked.
Further, when encryption is needed, the command parameter inquires whether the Zone partition needing encryption has an additional ZDE; if the partition does not have the ZDE expansion area, the ZDE of the partition Zone is required to be increased, and encryption information is stored; if there is an additional ZDE, the ZDE data is updated to the corresponding ZDE according to the command parameters.
Further, field values of valid, write_ctrl, read_ctrl and the like are set by using the Zone management command, and a password matched with the field is provided; when the valid is set to 0, the encryption function is not effective, and no matter what value is, the IO operation on the Zone is not affected by the encryption function, and the read-write operation can be normally performed.
Further, when the current valid is not 0, the encryption function is effective, the write-in operation of the Zone is controlled by the write_ctrl, and when the write_ctrl is not 0, the write-in operation is impossible; when 0, writing is possible; when the current valid is not 0, the encryption function is effective, the read_ctrl controls the read operation of the Zone, and when the read_ctrl is not 0, the Zone cannot be read; when 0, the data can be read.
Further, decryption is needed when the encrypted Zone is subjected to IO, and whether the user has permission or whether the passwords are matched is determined according to the Zone management command; if the current user is a root (administrator) or an owner, the user has authority, and can perform decryption operation without providing a password; if the user password is correct and the matching is passed, the decryption operation can be completed by setting the write_ctrl and the read_ctrl to 0; if the user has no authority and the user passwords are not matched, an error prompt is returned, decryption is unsuccessful, and encrypted data cannot be read; after IO is completed, the original non-zero value is restored.
Further, when the IO is recovered after finishing, the write_ctrl and the read_ctrl of the ZDE of the current Zone are recorded, a Zone management command is used for determining whether the passwords are matched, if the passwords are matched, the write_ctrl and the read_ctrl are set to 0, so that decryption operation is finished, and a user can perform read-write operation; and determining whether the passwords are matched or not by using the Zone management command, wherein the passwords are not matched, the decryption operation cannot be completed, the user returns an error and refuses to perform the read-write operation, and the write_ctrl is set to be a non-zero value in a recovery mode.
The invention has the beneficial effects that: dynamically setting a ZNS solid state disk Zone cold area and a Zone hot area; the mapping relation table of the logical areas and the physical partitions of the Zone hot area and the Zone cold area after each dynamic update of the data is updated in the Zone cold area ZDE again, so that only the Zone cold area is accessed when the ZNS solid state disk is subjected to real-time read-write operation, and firmware damage caused by high-frequency read-write operation on the Zone hot area is avoided; when the cold area is accessed, an encryption and decryption data structure and a flow are set to realize the access control of the ZNS solid state disk, so that the safety of the ZNS solid state disk is improved; meanwhile, a decryption control flow is provided, and the additional influence on the read-write performance of the solid state disk is reduced.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the related art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is apparent that the drawings in the following description are only embodiments of the present application, and other drawings may be obtained according to the provided drawings without inventive effort to those skilled in the art.
The structures, proportions, sizes, etc. shown in the drawings are shown only in connection with the present disclosure, and should not be construed as limiting the scope of the invention, since any modification, variation in proportions, or adjustment of the size, which would otherwise be used by those skilled in the art, would not have the essential significance of the present disclosure, would not affect the efficacy or otherwise be achieved, and would still fall within the scope of the present disclosure.
Fig. 1 is a schematic flow chart of an algorithm for encrypting a Zone according to an embodiment of the present application.
Fig. 2 is a schematic flow control diagram of an IO operation when the encryption function in the embodiment of the present application is turned on.
Fig. 3 is a schematic flow chart of a process of decrypting by the Zone according to an embodiment of the present application.
Fig. 4 is a schematic diagram of a recovery flow after the end of IO when the decryption function in the embodiment of the present application is turned on.
Detailed Description
Embodiments of the present application will now be described more fully hereinafter with reference to the accompanying drawings, in which it is shown, and in which it is evident that the embodiments described are exemplary only some, and not all embodiments of the application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
The invention is a function related to the Zone read-write authority management in the ZNS solid state disk, and is different from the limit of a Zone state machine on read-write before the Zone read-write operation. The invention has the password control before the Zone read-write operation, and can encrypt and decrypt. Using ZDE (ZONE DESCRIPTOR EXTEND), the data structure used is kept in the ZDE. The invention realizes the Zone encryption and decryption algorithm in the solid state disk.
Before encryption and decryption algorithms are carried out, dividing the Zone into a Zone cold area and a Zone hot area based on read-write frequency of each Zone of the ZNS solid state disk. The Zone hot Zone is a dynamic set of physical address areas with the frequency of reading and writing being greater than the frequency of dynamic reading and writing critical value, and the frequency of dynamic reading and writing critical value is the root mean square of the total reading and writing frequency of the solid state disk partition. The Zone cold area is an area outside the Zone hot area in the solid state disk.
When the ZNS solid state disk is subjected to read-write operation, the Zone cold area is directly accessed, and the Zone hot area is not subjected to data call. Each Zone cold area is provided with a ZD (ZONE Descriptor) area, and ZDE (ZONE DESCRIPTOR EXTEND) areas are additionally arranged in each Zone cold area, namely, the physical address area corresponding to the Zone expansion area is a fixed area, which is beneficial to the storage and the calling of the Zone data in the Zone expansion area. The logical area mapping table is stored in the ZDE area, and the encrypted and decrypted U-KEY data is stored in the ZDE area. Therefore, the damage caused by excessive read-write operation of the Zones of the ZNS solid state disk part can be avoided by performing high-frequency read-write operation on the Zones hot Zone.
It is worth to say that after all the subareas of the Zone cold area are subjected to read-write operation, scanning operation is performed on all the subareas of the ZNS solid state disk according to the command set, and the Zone cold area and the Zone hot area are redistributed; setting the reassigned Zone cold Zone into own ZD (ZONE Descriptor) and ZDE (ZONE DESCRIPTOR EXTEND) areas; and stops physical address allocation for the ZD and ZDE zones present in the new Zone hot Zone. The mapping relation table of the logical area and the physical partition of the Zone hot area and the Zone cold area after each dynamic update of data is stored in a certain Zone cold area ZDE.
When the read-write operation is carried out on the cold area, the application of the invention provides an access control method of the ZNS solid state disk, which comprises a related data structure and a corresponding control algorithm.
1. Data structure design, comprising the fields: tag, size, valid, password, write_ctrl, read_ctrl, rsvd; the specific meanings are shown in Table 1:
TABLE 1 data structure field design and paraphrasing
tag The data structure identification field is set to 0xA8A8.
size The ZDE size is in units of 64 Bytes according to the ZNS function protocol, so this field is also 64.
user_id The owner user ID of this Zone is recorded.
valid When the value is not 0, the encryption function is effective, and the write_ctrl and the read_ctrl are effective; when 0, the encryption function is not Takes effect.
password With encrypting functionA password, when a field in a data structure needs to be modified, a password matching the field needs to be provided, wherein valid, write_ctrl, read_ctrl is the modifiable field.
write_ctrl A value other than 0 indicates that the current Zone is not writable, and vice versa when 0. It can be understood as write_lock, when the write lock is in effect And when the writing is not performed. The locking and unlocking operations require host to provide matching password.
read_ctrl A value other than 0 indicates that the current Zone is unreadable, and vice versa for 0. It can be understood as read lock when the read lock is in effect And is not readable. The locking and unlocking operations require host to provide matching password.
rsvd The field is reserved to ensure that the entire structure size meets 64 Bytes.
2. Data storage in ZDE
Each Zone cold Zone has its own ZD (ZONE Descriptor) and at the same time it can be specified whether there is an additional ZDE. And adding the ZDE to the Zone needing encryption, and storing encryption information.
3. Access control flow
In the SSD solid state disk, a control algorithm is needed to be added when Nand flash IO is carried out, and whether read-write locking is carried out or not needs to be judged before IO is carried out. If the IO is locked, the IO can not be normally operated until the IO is unlocked.
4. Encryption
Each Zone has its own ZD (ZONE Descriptor), and when encryption is required, the command parameters ask whether the partition to be encrypted has an additional ZDE. If the partition does not have the ZDE expansion area, the ZDE needs to be added to the partition Zone, and encryption information is stored.
Fig. 1 is a schematic flow chart of an algorithm for encrypting a Zone according to an embodiment of the present application, and when an encryption function ZDE starts to be set, a partition Zone management command is queried, and whether the partition has an additional ZDE extension area or not is determined. When the ZDE exists in the Zone partition which is required to be encrypted, updating the ZDE data to an expansion area of the corresponding ZDE according to the command parameters; when the Zone partition which needs to be encrypted does not have the ZDE, the Zone partition is newly added with the ZDE, and the ZDE data is set according to the command parameters.
FIG. 2 is a flow control diagram of IO operation when the encryption function is on; the Zone management command is used to set field values of valid, write_ctrl, read_ctrl, etc., and provide a matching password to the field. When the valid is set to 0, the encryption function is not effective, and no matter what value is, the IO operation on the Zone is not affected by the encryption function, and the read-write operation can be normally performed. When the current valid is not 0, the encryption function is effective, the write-in operation of the Zone is controlled by the write-ctrl, and when the write-ctrl is not 0, the write-in operation is impossible. When 0, writing is possible. When the current valid is not 0, the encryption function is enabled, the read_ctrl controls the read operation of the Zone, and when the read_ctrl is not 0, the Zone cannot be read. When 0, the data can be read.
5. Decryption
Fig. 3 is a schematic diagram of a process flow of decrypting a Zone according to an embodiment of the present application; when the encrypted Zone is subjected to IO, decryption is needed, and whether the user has authority or whether the passwords are matched is determined according to the Zone management command. If the current user is a root (administrator) or an owner, the user has authority, and can perform decryption operation without providing a password; if the user password is correct and the matching is passed, the decryption operation can be completed by setting the write_ctrl and the read_ctrl to 0. If the user has no authority and the user passwords are not matched, an error prompt is returned, decryption is unsuccessful, and the encrypted data cannot be read. After IO is completed, the original non-zero value is restored.
If continuous IO for a longer time is needed, the valid value can be set to be 0, and after the task is completed, the valid value is restored to the original non-zero value. This avoids repeated decryption and encryption actions.
The flow chart of the encrypted Zone needing to be decrypted first and then restored after IO is finished is shown in fig. 4:
recording the write_ctrl and read_ctrl values of the ZDE of the current Zone, determining whether the passwords are matched or not by using a Zone management command, and if the passwords are matched, setting the write_ctrl and the read_ctrl to 0 to finish decryption operation, wherein a user can perform read-write operation; and determining whether the passwords are matched or not by using the Zone management command, wherein the passwords are not matched, the decryption operation cannot be completed, the user returns an error and refuses to perform the read-write operation, and the write_ctrl is set to be a non-zero value in a recovery mode.
6. Power-on loading
And synchronously loading corresponding ZDE when each Zone of the SSD loads ZD.
7. Power-down preservation
And when the point is down, ZD and ZDE are stored in flash.
In the present specification, each embodiment is described in a progressive manner, or a parallel manner, or a combination of progressive and parallel manners, and each embodiment is mainly described as a difference from other embodiments, and identical and similar parts between the embodiments are all enough to refer to each other. For the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant points refer to the description of the method section.
It should be noted that, in the description of the present application, it should be understood that the directions or positional relationships indicated by the terms "upper", "lower", "top", "bottom", "inner", "outer", etc. are based on the directions or positional relationships shown in the drawings, are merely for convenience of describing the present application and simplifying the description, and do not indicate or imply that the apparatus or element to be referred to must have a specific direction, be configured and operated in the specific direction, and thus should not be construed as limiting the present application. When an element is referred to as being "connected" to another element, it can be directly connected to the other element or intervening elements may also be present.
It is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that an article or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such article or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in an article or apparatus that comprises such element.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (7)

1. The encryption and decryption method for the ZNS solid state disk is characterized in that before an encryption and decryption algorithm is carried out, zone is divided into Zone cold areas and Zone hot areas based on the read-write frequency of each Zone of the ZNS solid state disk, the Zone hot areas are read-write frequency times > dynamic read-write frequency critical values, and the dynamic read-write frequency critical values are root mean square of the total read-write times of the solid state disk zones; the Zone cold area is an area outside the Zone hot area in the solid state disk;
when the ZNS solid state disk performs read-write operation, directly accessing the Zone cold area without performing data call on the Zone hot area; after all the subareas of the Zone cold area are subjected to read-write operation, scanning operation is performed on all the subareas of the ZNS solid state disk according to a command set, and the Zone cold area and the Zone hot area are redistributed; setting the reassigned Zone cold Zone into own ZD and ZD ZONEs, wherein the ZD is ZONE Descriptor, and the ZD is ZONE DESCRIPTOR EXTEND; stopping physical address allocation of ZD and ZD areas existing in the new Zone hot area; the mapping relation table of the logical area and the physical partition of the Zone hot area and the Zone cold area after each dynamic update of data is stored in a certain Zone cold area ZDE.
2. The encryption and decryption method of the ZNS solid state disk according to claim 1, wherein a control algorithm of Nand flash IO judges whether read-write locking is performed or not before IO is performed; if the IO is locked, the IO can not be normally operated until the IO is unlocked.
3. The encryption and decryption method of a ZNS solid state disk according to claim 2, wherein when encryption is required, the command parameter inquires whether there is an additional ZDE in the Zone partition to be encrypted; if the partition does not have the ZDE expansion area, the ZDE of the partition Zone is required to be increased, and encryption information is stored; if there is an additional ZDE, the ZDE data is updated to the corresponding ZDE according to the command parameters.
4. The encryption and decryption method of a ZNS solid state disk according to claim 3, wherein a Zone management command is used to set field values of valid, write_ctrl and read_ctrl, and a password matched with the field is provided; when the valid is set to 0, the encryption function is not effective, and no matter what value is, the IO operation on the Zone is not affected by the encryption function, and the read-write operation can be normally performed.
5. The encryption and decryption method of a ZNS solid state disk according to claim 4, wherein when the current valid is not 0, the encryption function is effective, and when the write_ctrl is not 0, the write operation of the Zone is controlled by the write_ctrl, the write operation cannot be performed; when 0, writing is possible; when the current valid is not 0, the encryption function is effective, the read_ctrl controls the read operation of the Zone, and when the read_ctrl is not 0, the Zone cannot be read; when 0, the data can be read.
6. The encryption and decryption method of the ZNS solid state disk according to claim 1, wherein the encrypted Zones are required to be decrypted firstly when being subjected to IO, and whether the user has permission or whether passwords are matched is determined according to a Zone management command; if the current user is root or owner, the user has authority, and decryption operation can be performed without providing a password; if the user password is correct and the matching is passed, the decryption operation can be completed by setting the write_ctrl and the read_ctrl to 0; if the user has no authority and the user passwords are not matched, an error prompt is returned, decryption is unsuccessful, and encrypted data cannot be read; after IO is completed, the original non-zero value is restored.
7. The encryption and decryption method of the ZNS solid state disk according to claim 1, wherein when the recovery is performed after the IO is finished, the write_ctrl and the read_ctrl of the ZDE of the current Zone are recorded, a Zone management command is used for determining whether the passwords are matched, if the passwords are matched, the decryption operation is finished by setting the write_ctrl and the read_ctrl to 0, and a user can perform the read-write operation; and determining whether the passwords are matched or not by using the Zone management command, wherein the passwords are not matched, the decryption operation cannot be completed, the user returns an error and refuses to perform the read-write operation, and the write_ctrl is set to be a non-zero value in a recovery mode.
CN202410043001.8A 2024-01-11 2024-01-11 Method for realizing encryption function of ZNS solid state disk Active CN117555491B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410043001.8A CN117555491B (en) 2024-01-11 2024-01-11 Method for realizing encryption function of ZNS solid state disk

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410043001.8A CN117555491B (en) 2024-01-11 2024-01-11 Method for realizing encryption function of ZNS solid state disk

Publications (2)

Publication Number Publication Date
CN117555491A true CN117555491A (en) 2024-02-13
CN117555491B CN117555491B (en) 2024-03-15

Family

ID=89815181

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410043001.8A Active CN117555491B (en) 2024-01-11 2024-01-11 Method for realizing encryption function of ZNS solid state disk

Country Status (1)

Country Link
CN (1) CN117555491B (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100120104A1 (en) * 2008-11-06 2010-05-13 John Stuart Reed Biological and chemical process utilizing chemoautotrophic microorganisms for the chemosythetic fixation of carbon dioxide and/or other inorganic carbon sources into organic compounds, and the generation of additional useful products
US20120117297A1 (en) * 2010-11-08 2012-05-10 Mark Ish Storage tiering with minimal use of dram memory for header overhead
US20170199698A1 (en) * 2016-01-08 2017-07-13 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Intra-storage device data tiering
CN111488126A (en) * 2020-04-12 2020-08-04 华中科技大学 Flash memory block management method and device of self-heating solid state disk and solid state disk
US20230062285A1 (en) * 2021-08-25 2023-03-02 Western Digital Technologies, Inc. Purposeful Super Device Imbalance For ZNS SSD Efficiency
US20230061979A1 (en) * 2021-08-25 2023-03-02 Western Digital Technologies, Inc. Solution For Super Device Imbalance In ZNS SSD
CN115993932A (en) * 2022-11-23 2023-04-21 中国电信股份有限公司 Data processing method, device, storage medium and electronic equipment
CN116450036A (en) * 2023-03-23 2023-07-18 重庆邮电大学 Data separation and placement method for NAND flash memory
CN117369729A (en) * 2023-12-04 2024-01-09 武汉麓谷科技有限公司 Additional writing implementation method of ZNS SSD

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100120104A1 (en) * 2008-11-06 2010-05-13 John Stuart Reed Biological and chemical process utilizing chemoautotrophic microorganisms for the chemosythetic fixation of carbon dioxide and/or other inorganic carbon sources into organic compounds, and the generation of additional useful products
US20120117297A1 (en) * 2010-11-08 2012-05-10 Mark Ish Storage tiering with minimal use of dram memory for header overhead
US20170199698A1 (en) * 2016-01-08 2017-07-13 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Intra-storage device data tiering
CN111488126A (en) * 2020-04-12 2020-08-04 华中科技大学 Flash memory block management method and device of self-heating solid state disk and solid state disk
US20230062285A1 (en) * 2021-08-25 2023-03-02 Western Digital Technologies, Inc. Purposeful Super Device Imbalance For ZNS SSD Efficiency
US20230061979A1 (en) * 2021-08-25 2023-03-02 Western Digital Technologies, Inc. Solution For Super Device Imbalance In ZNS SSD
CN115993932A (en) * 2022-11-23 2023-04-21 中国电信股份有限公司 Data processing method, device, storage medium and electronic equipment
CN116450036A (en) * 2023-03-23 2023-07-18 重庆邮电大学 Data separation and placement method for NAND flash memory
CN117369729A (en) * 2023-12-04 2024-01-09 武汉麓谷科技有限公司 Additional writing implementation method of ZNS SSD

Also Published As

Publication number Publication date
CN117555491B (en) 2024-03-15

Similar Documents

Publication Publication Date Title
US7054990B1 (en) External storage device using non-volatile semiconductor memory
KR101608110B1 (en) Managing access to an address range in a storage device
EP2161673A1 (en) Method and system for protecting data
US8533414B2 (en) Authentication and securing of write-once, read-many (WORM) memory devices
CN111695163B (en) Storage device and control method
US20070180210A1 (en) Storage device for providing flexible protected access for security applications
US7653796B2 (en) Information recording medium and region management method for a plurality of recording regions each managed by independent file system
US20090164709A1 (en) Secure storage devices and methods of managing secure storage devices
US20030225960A1 (en) Method for partitioning memory mass storage device
US20100250887A1 (en) Password Accessible Microelectronic Memory
US8478963B2 (en) Method of dynamically switching partitions, memory card controller and memory card storage system
TW200302964A (en) Memory system
JP5184041B2 (en) File system management apparatus and file system management program
US11329815B2 (en) Key management device and processor chip for data encryption/decryption
CN111552434A (en) Securing a memory device
JP2016509731A (en) Method and memory device for protecting the contents of a memory device
EP2237155A2 (en) Information processing program, information processing device and information processing method
US8219824B2 (en) Storage apparatus, memory card accessing apparatus and method of reading/writing the same
CN117555491B (en) Method for realizing encryption function of ZNS solid state disk
CN110908597B (en) Adaptive locking range management method, data storage device and controller thereof
CN116089327A (en) Data protection method and related equipment
TW200844840A (en) Secure storage apparatus and method for controlling the same
TWI684865B (en) Method for performing adaptive locking range management, and associated data storage device and controller thereof
CN102375958B (en) The method of restricting accessing of files
JP2000250818A (en) Storage system, storage device and stored data protecting method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CB03 Change of inventor or designer information
CB03 Change of inventor or designer information

Inventor after: Zhang Dezhi

Inventor after: Liu Xingbin

Inventor before: Zhang Dezhi