Managing NVDIMMs

Managing physical or emulated NVDIMMs using ndctl has no functional difference. Physical NVDIMM features and options may be controlled through the system BIOS. The BIOS cannot see emulated NVDIMMs.

Observe the following restrictions when managing NVDIMMs

  • DO NOT change the memory slot of physical NVDIMMs when they are part of an Interleave Set. Doing so changes the order of interleaving so data access will be compromised or corrupted. If interleaving is disabled, moving NVDIMMs to different slot locations is okay, but not recommended.

  • DO NOT disable NVDIMMs when they are part of an active Region and/or Namespace as this will prevent data access and may corrupt data.

  • ALWAYS backup the data and make a copy of the configuration layout prior to any changes.

Listing active/enabled NVDIMMs

The ndct list -D , or equivalent ndct list --dimm , can be used to show active/enabled NVDIMM devices on the system, eg:

# ndctl list -D -d nmem0
[
  {
    "dev":"nmem0",
    "id":"8089-a2-1837-00000be8",
    "handle":1,
    "phys_id":38,
    "flag_failed_flush":true,
    "flag_smart_event":true,
    "security":"disabled"
  }
]

Listing disabled/inactive NVDIMMs

By default, ndctl only lists enabled/active dimms, regions, and namespaces. To include previously disabled (inactive) NVDIMMs, include the -i flag to show both enabled and disabled devices, eg:

# ndctl list -Di
[
  {
    "dev":"nmem0",
    "id":"8089-a2-1837-00000bb3",
    "handle":17,
    "phys_id":40,
    "state":"disabled",
    "flag_failed_flush":true,
    "flag_smart_event":true,
    "security":"disabled"
  },
  {
    "dev":"nmem3",
    "id":"8089-a2-1837-00000b5e",
    "handle":257,
    "phys_id":44,
    "flag_failed_flush":true,
    "flag_smart_event":true,
    "security":"disabled"
  },
...

NVDIMM vendor specific tools can be used to display more information about the NVDIMMs from the operating system layer. For example, Intel Optane Persistent Memory Modules can be managed using the ipmctl utility. Refer to the IPMCTL User Guide for more information. For other persistent memory products, refer to the vendor specific documentation.

Disabling NVDIMMs

NVDIMMs can only be disabled if they have no active Regions or Namespaces. If an active/enabled namespace and/or region exists, a message is displayed:

# ndctl disable-dimm nmem0
nmem0 is active, skipping...
disabled 0 nmem

1) List the currently active/enabled configuration

# ndctl list -NRD

2) Verify no fsdax or devdax namespaces are mounted or in-use by running applications

3) Destroy or disable any active/enabled namespace(s).

# ndctl disable-namespace <namespaceX.Y>
- or -
# ndctl destroy-namespace <namespaceX.Y>

See Destroying Namespaces or Disabling Namespaces for more information.

4) Disable the region used by the NVDIMM (nmem) that needs to be disabled

# ndctl disable-region region0
disabled 1 region

See Disabling Regions for more information.

5) Disable a single, subset, or all NVDIMM (nmem) devices

To disable a single NVDIMM, use:

# ndctl disable-dimm nmem0
disabled 1 nmem

To disable a subset or specific list or NVDIMMs, use:

# ndctl disable-dimm nmem0 nmem1 nmem5
disabled 3 nmem

To disable all NVDIMMs, use:

# ndctl disable-dimm all
disabled 12 nmem

6) Verify the NVDIMM(s) are disabled by listing inactive dimms and verifying the 'state':

# ndctl list -Di
[
  {
    "dev":"nmem0",
    "id":"8089-a2-1837-00000bb3",
    "handle":17,
    "phys_id":40,
    "state":"disabled",   <----
    "flag_failed_flush":true,
    "flag_smart_event":true,
    "security":"disabled"
  },
...

Enabling NVDIMMs

1) Verify the nmem device, or list of nmem devices, that need to be enabled using the ndctl list -Di command:

# ndctl list -Di
[
  {
    "dev":"nmem0",
    "id":"8089-a2-1837-00000bb3",
    "handle":17,
    "phys_id":40,
    "state":"disabled",
    "flag_failed_flush":true,
    "flag_smart_event":true,
    "security":"disabled"
  },

2) Enable the NVDIMM(s)

To enable a single NVDIMM (nmemX) device, use:

# ndctl enable-dimm nmem0
enabled 1 nmem

To enable a subset of disabled NVDIMMs, use:

# ndctl enable-dimm nmem0 nmem1 nmem5
enabled 3 nmem

To enable all disabled NVDIMMs, use:

# ndctl enable-dimm all
enabled 12 nmem

3) Verify the state by listing all NVDIMMs

# ndctl list -Di

A filtered list of NVDIMMs can be shown using the -d <nmemX> or -dimm <nmemX> option, eg:

# ndctl list -Di -d nmem0
- or -
# ndctl list -Di --dimm nmem0

Performing Secure Erase operations on NVDIMMs

The sanitize-dimm command performs cryptographic destruction of the contents for the given NVDIMM. It scrambles the data and any metadata or info-blocks, but it doesn’t modify namespace labels. Therefore, any namespaces on regions associated with the given NVDIMM will be retained, but they will end up in the raw mode.

Additionally, after completion of this command, the security and passphrase for the given NVDIMM will be disabled, and the passphrase and any key material will also be removed from the keyring and the ndctl keys directory at /etc/ndctl/keys.

The command supports two different methods of performing the cryptographic erase. The default is crypto-erase, but additionally, an overwrite option is available which overwrites not only the data area but also the label area, thus losing record of any namespaces the given NVDIMM participates in.

Refer to Managing NVDIMM Security for more information.

Last updated