1NVME-RPMB(1) NVMe Manual NVME-RPMB(1)
2
6 nvme-rpmb - Send RPMB commands to an NVMe device
7
9 nvme rpmb <device> [--cmd=<command> | -c <command>]
10 [--msgfile=<data-file> | -f <data-file>]
11 [--keyfile=<key-file> | -g <key-file>]
12 [--key=<key> | -k <key>]
13 [--msg=<data> | -d <data>]
14 [--address=<offset> | -o <offset>]
15 [--blocks=<512 byte sectors> | -b <sectors> ]
16 [--target=<target-id> | -t <id> ]
17
19 For the NVMe device given, send an nvme rpmb command and provide the
20 results.
21 The <device> parameter is mandatory and NVMe character device (ex:
23 /dev/nvme0) must be specified. If the given device supports RPMB
24 targets, command given with --cmd or -c option shall be sent to the
25 controller. If given NVMe device doesn’t support RPMB targets, a
26 message indicating the same shall be printed along with controller
27 register values related RPMB.
28
30 -c <command>, --cmd=<command>
31 RPMB command to be sent to the device. It can be one of the
32 following
33 info - print information regarding supported RPMB targets and
35 access and total sizes. No further arguments are required
36 program-key - program 'key' specified with -k option or key read from
38 file specified with --keyfile option to the specified
39 RPMB target given with --target or -t options. As per
40 spec, this is one time action which can't be undone.
41 read-counter - Read 'write counter' of specified RPMB target. The
43 counter value read is printed onto STDOUT
44 read-config - Read 512 bytes of device configuration block data of
46 specified RPMB target of the NVMe device. The data read
47 is written to input file specified with --msgfile or -f
48 option.
49 write-config - Write 512 byes of device configuration block data
50 from file specified by --msgfile or -f options to the
51 RPMB target specified with --target or -t options.
52 read-data - Supports authenticated data reading from specified
54 RPMB target (--target or -t option) at given offset
55 specified with --address or -o option, using key
56 specified using --keyfile or -k options. --blocks or
57 -o option should be given to read the amount of data
58 to be read in 512 byte blocks.
59 write-data - Supports authenticated data writing to specified RPMB
61 target (--target or -t option) at given offset
62 specified with --address or -o option, using key
63 specified using --keyfile or -k options. --blocks or
64 -o option should be given to indicate amount of data
65 to be written in 512 byte blocks.
66 For data transfer (read/write) commands, if the specified size is not
68 within the total size supported by a target, the request is failed
69 nvme-rpmb without sending it to device. RPMB target 0 is used as the
70 default target if --target or -t is not specified. 0x0 is used as the
71 default address if no -address or -o option is specified,
72 -t <target>, --target=<target>
74 RPMB target id. This should be one of the supported RPMB targets as
75 reported by info command. If nothing is given, default of 0 is used
76 as RPMB target.
77 -k <key>, --key=<key>, -g <key-file>, --keyfile=<key-file>
79 Authentication key to be used for read/write commands. This should
80 have been already programmed by program-key command for given
81 target. Key can be specified on command line using --key or -k
82 options. Key can also be specified using file argument specified
83 with --keyfile or -g options.
84 -f <data-file>, --msgfile=<data-file>
86 Name of the file to be used for data transfer commands (read or
87 write). For read command, if an existing file is specified, it will
88 be appended.
89 -d <data>, --msg=<data>
91 These options provide the data on the command line itself.
92 -o <offset>, --address=<offset>
94 The address (in 512 byte sector offset from 0) to be used for data
95 transfer commands (read or write) for a specified RPMB target.
96 -b, --blocks=<sectors>
98 The size in 512 byte sectors to be used for data transfer commands
99 (read or write) for a specified RPMB target.
100
102 • Print RPMB support information of an NVMe device
103 # nvme rpmb /dev/nvme0 --cmd=info
105 • Program SecretKey as authentication key for target 1
107 # nvme rpmb /dev/nvme0 --cmd=program-key -key='SecretKey' --target=1
109 • Read current write counter of RPMB target 0
111 # nvme rpmb /dev/nvme0 --cmd=read-counter --target=0
113 • Read configuration data block of target 2 into config.bin file
115 # nvme rpmb /dev/nvme0 --cmd=read-config --target=2 -f config.bin
117 • Write 200 blocks of (512 bytes) from input.bin onto target 0
119 # nvme rpmb /dev/nvme0 -c write-data -t 0 -f input.bin -b 200 -k 'SecretKey'
121 • Read 200 blocks of (512 bytes) from target 2, at offset 0x100 and
123 save the
124 • data onto output.bin
126 # nvme rpmb /dev/nvme0 -c read-data -t 2 -f out.bin -b 200 -o 0x100
128
130 Part of the nvme-user suite
131NVMe 09/29/2023 NVME-RPMB(1)