Search

US-12619530-B2 - Memory system

US12619530B2US 12619530 B2US12619530 B2US 12619530B2US-12619530-B2

Abstract

According to one embodiment, a controller, in response to receiving, from a host, a first command requesting secure erase of secure erase target data associated with a first logical area identifier, stores a copy of first mapping information that corresponds to the first logical area identifier, among mapping information that is included in a first table. The controller executes at least a data erase operation for one or more first blocks storing the secure erase target data. In a first mode, the controller, in response to receiving, from the host, a read command that specifies the first logical area identifier, reads data from a storage location corresponding to a first physical address that is mapped to the first logical area identifier in the copy of the first mapping information.

Inventors

  • Koichi Nagai

Assignees

  • KIOXIA CORPORATION

Dates

Publication Date
20260505
Application Date
20240307
Priority Date
20230309

Claims (19)

  1. 1 . A memory system connectable to a host, comprising: a nonvolatile memory that includes a plurality of blocks, each of the plurality of blocks being a unit of a data erase operation; and a controller electrically connected to the nonvolatile memory and configured to: manage a first table storing mapping information that indicates mapping between each of one or more logical area identifiers and each of one or more physical addresses of the nonvolatile memory, the mapping information including at least first mapping information; in response to receiving, from the host, a first command that requests secure erase of secure erase target data associated with a first logical area identifier, store a copy of the first mapping information that corresponds to the first logical area identifier; specify one or more first blocks among the plurality of blocks, the one or more first blocks storing the secure erase target data associated with the first logical area identifier; execute at least the data erase operation for the one or more first blocks; and transition to a first mode after executing the data erase operation for the one or more first blocks; in the first mode, in response to receiving, from the host, a read command that specifies the first logical area identifier, read data from a storage location in the nonvolatile memory corresponding to a first physical address, the first physical address being mapped to the first logical area identifier in the copy of the first mapping information; and in response to receiving, from the host, a command that requests end of the first mode or a write command that specifies the first logical area identifier, exit the first mode.
  2. 2 . The memory system of claim 1 , wherein the controller is further configured to: in response to receiving the first command from the host, invalidate the secure erase target data associated with the first logical area identifier, among valid data stored in the one or more first blocks; execute a copy operation of copying other valid data than the secure erase target data associated with the first logical area identifier, among the valid data stored in the one or more first blocks, to one or more copy destination blocks among the plurality of blocks; and execute the data erase operation for the one or more first blocks after executing the copy operation.
  3. 3 . The memory system of claim 1 , wherein the controller is further configured to: in the first mode, in response to receiving, from the host, a read command that specifies a second logical area identifier different from the first logical area identifier, read data from a storage location in the nonvolatile memory corresponding to a second physical address, the second physical address being mapped to the second logical area identifier in the mapping information included in the first table; and transmit the read data to the host.
  4. 4 . The memory system of claim 1 , wherein the controller is further configured to: store the first logical area identifier that is specified by the first command; and in response to receiving, from the host, the command that requests the end of the first mode or the write command that specifies the first logical area identifier, discard the stored first logical area identifier.
  5. 5 . The memory system of claim 1 , wherein the controller is further configured to: in response to receiving, from the host, the command that requests the end of the first mode or the write command that specifies the first logical area identifier, discard the copy of the first mapping information.
  6. 6 . The memory system of claim 1 , wherein the one or more first blocks include a plurality of first blocks, the plurality of first blocks including at least a second block and a third block, and the controller is further configured to: in response to receiving the first command from the host, execute the data erase operation for the second block; and execute a copy operation of copying other valid data than the secure erase target data associated with the first logical area identifier, among valid data stored in the third block, from the third block to the second block where the data erase operation has been executed.
  7. 7 . The memory system of claim 1 , wherein the controller is further configured to: in response to receiving the first command from the host, invalidate the secure erase target data associated with the first logical area identifier; and execute at least the data erase operation for one or more blocks that have stored no valid data since before the invalidation of the secure erase target data associated with the first logical area identifier and that store invalid data associated with the first logical area identifier, among the plurality of blocks.
  8. 8 . The memory system of claim 1 , wherein the controller is configured to manage a plurality of namespaces that are identified by a plurality of namespace identifiers, respectively, and the first logical area identifier is a namespace identifier that identifies a secure erase target namespace.
  9. 9 . The memory system of claim 1 , wherein the first logical area identifier includes one or more logical addresses that identify one or more secure erase target sectors.
  10. 10 . The memory system of claim 1 , wherein the first logical area identifier includes one or more keys that identify one or more secure erase target values.
  11. 11 . The memory system of claim 1 , wherein the controller is configured to store the copy of the first mapping information in the nonvolatile memory.
  12. 12 . The memory system of claim 11 , wherein the controller is configured to: execute the data erase operation for a second block that is one of the one or more first blocks; and store the copy of the first mapping information in the second block where the data erase operation has been executed.
  13. 13 . The memory system of claim 1 , wherein the controller is further configured to: invalidate the secure erase target data associated with the first logical area identifier by deleting, from the mapping information included in the first table, a third physical address mapped to the first logical area identifier; and when deleting the third physical address from the mapping information, store a part of the mapping information that includes the third physical address, as the copy.
  14. 14 . The memory system of claim 1 , wherein the secure erase target data associated with the first logical area identifier includes invalid data.
  15. 15 . The memory system of claim 1 , wherein the controller is further configured to: transmit, to the host, a response that indicates failure of error correction for the data read from the storage location corresponding to the first physical address, as a response to the read command.
  16. 16 . The memory system of claim 1 , wherein the controller is configured to: read the data from the storage location corresponding to the first physical address that is in an erased state by the execution of the data erase operation for the one or more first blocks.
  17. 17 . The memory system of claim 1 , wherein the controller is further configured to: after executing the data erase operation for the one or more first blocks, write data having a specific data pattern to the storage location corresponding to the first physical address; and in response to receiving the read command from the host, read the data having the specific data pattern from the storage location corresponding to the first physical address.
  18. 18 . The memory system of claim 1 , wherein the controller is further configured to: transmit to the host, a response that indicates that the data read from the storage location corresponding to the first physical address is incorrect data, as a response to the read command.
  19. 19 . The memory system of claim 1 , wherein the controller is configured to: refer to the copy of the first mapping information; and obtain the first physical address from the copy of the first mapping information.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS This application is based upon and claims the benefit of priority from Japanese Patent Application No. 2023-036753, filed Mar. 9, 2023, the entire contents of which are incorporated herein by reference. FIELD Embodiments described herein relate generally to a technique of controlling a nonvolatile memory. BACKGROUND In recent years, memory systems that includes a nonvolatile memory have are become widely used. One of these memory systems is known as a solid state drive (SSD) that includes a NAND flash memory. As secure erase methods for erasing the data stored in an SSD securely and reliably, overwrite, block erase, and cryptographic erase are known. The secure erase methods are classified into a physical secure erase method, which makes the stored data physically and irreversibly unreadable, and a logical secure erase method, which makes the stored data logically unreadable. Each of overwrite and block erase is an example of the physical secure erase method. Cryptographic erase is an example of the logical secure erase method. In cryptographic erase, the cryptographic key used when data stored in the SSD is encrypted is erased by the physical secure erase method. As a result, the data cannot be decrypted and is logically erased. Recently, there is a demand to execute secure erase, by the physical secure erase method, of certain data stored in the memory system such as an SSD. Furthermore, there is also a demand to confirm whether or not the secure erase of specific data is correctly executed. An embodiment described herein aims to provide a memory system capable of executing secure erase of specific data by a physical secure erase method and confirming whether or not the secure erase of the specific data is correctly executed. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a block diagram illustrating an example of a configuration of an information processing system that includes a memory system according to a first embodiment. FIG. 2 illustrates an example of a configuration of a logical-to-physical address translation table (L2P table) used in the memory system according to the first embodiment. FIG. 3 illustrates an example of a plurality of namespaces managed in the memory system according to the first embodiment. FIG. 4 illustrates an overview of a write operation and a physical secure erase operation executed in the memory system according to the first embodiment. FIG. 5 is a flowchart illustrating a procedure of the physical secure erase operation executed in the memory system according to the first embodiment. FIG. 6 illustrates an example of a data structure written to each blocks in the memory system according to the first embodiment. FIG. 7A is a flowchart illustrating a part of the procedure of a process related to an Audit function executed in the memory system according to the first embodiment. FIG. 7B is a flowchart illustrating a remaining procedure of the process related to the Audit function executed in the memory system according to the first embodiment. FIG. 8 is a flowchart illustrating a procedure of a process for an I/O command received before a first specific command is received, which is executed in the memory system according to the first embodiment. FIG. 9 is a flowchart illustrating a procedure of a process for an I/O command received during executing the first specific command, which is executed in the memory system according to the first embodiment. FIG. 10A illustrates an example of contents of each active block before starting of the physical secure erase operation, in the memory system according to the first embodiment. FIG. 10B illustrates another example of contents of each free block before starting of the physical secure erase operation, in the memory system according to the first embodiment. FIG. 11 illustrates an example of contents of each active block after an unmap operation was executed, in the memory system according to the first embodiment. FIG. 12A illustrates an example of contents of each active block after a garbage collection operation was executed, in the memory system according to the first embodiment. FIG. 12B illustrates another example of contents of each free block after the garbage collection operation was executed, in the memory system according to the first embodiment. FIG. 13 is a flowchart illustrating a procedure of a physical secure erase operation executed in a memory system according to a second embodiment. FIG. 14A is a flowchart illustrating a procedure of a physical secure erase operation executed in a memory system according to a third embodiment. FIG. 14B is a flowchart illustrating a procedure of an unmap operation and a garbage collection operation executed in the memory system according to the third embodiment. FIG. 14C is a flowchart illustrating another procedure of the unmap operation and the garbage collection operation executed in the memory system according to the third embodiment. FIG. 15A i