Patent Application
20220091772
This application is based upon and claims the benefit of priority from Japanese Patent Application No. 2020-157357, filed Sep. 18, 2020, the entire contents of which are incorporated herein by reference.
Embodiments described herein relate generally to a memory system.
A memory system including a non-volatile semiconductor memory erases data in units of a block (for example, 1 MB), which is the minimum unit size in which the non-volatile semiconductor memory can be erased. The block is larger than a page (which is, for example, just 4 KB in size), which is the minimum unit size in which data can be written and read.
The memory system converts logical addresses used by a host to physical addresses in the memory system, thus, in some instances, when a host directs deleting of data (by logical address), the corresponding data in the physical block is set as invalid and such invalidated data may still remain until the data in the physical block is erase. Thus, even if the host device considered this invalidated data to have been erased, the data may still remain in the physical block of the non-volatile semiconductor memory and can possibly still be read by analytic methods.
Embodiments provide a memory system with an improved security level.
In general, according to one embodiment, a memory system includes a non-volatile semiconductor memory having a plurality of blocks. A controller in the system is configured to control the writing of data to the non-volatile semiconductor memory. The controller has a host I/F control interface configured to receive write command information including file allocation information indicating a location for write data, a file information management unit configured to assign an erasure level to a file corresponding to the file allocation information and output a file identifier in which a file name, a file size, and the erasure level of the file are combined, and a flash translation layer unit configured to allocate one file per block based on the write command information and the file identifier.
Hereinafter, certain example embodiments will be described with reference to the drawings. In the description of the drawings, the same or substantially similar parts are designated by the same reference numerals. The drawings are schematic and presented for the purpose of describing certain aspects of the present disclosure. The specific embodiments exemplify devices and methods embodying certain technical concepts of the present disclosure, but the present disclosure is not limited to the specific examples. Various modifications and alterations may be made to the described embodiments.
The memory system 1 is connected to a host device 2 (host 2). The memory system 1 functions as an external storage device of the host 2. In general, any standard protocol may be employed as the communication standard for connecting the memory system 1 and the host 2.
The host 2 is a computer including a built-in file system driver. The computer may be, for example, a personal computer, a server, a portable information device, and an AV device. The host 2 sends data to and received data from the memory system 1 via the file system driver.
Aspects of a file system for managing data on the memory system 1 will be described with reference to
As shown in
A set of instructions to boot is recorded in a boot sector. The same data is recorded in FAT1 and FAT2 as a failure countermeasure. A root directory entry records directory entries that store the information about the file to be saved in the file system. As for the cluster number, the data for a starting cluster number for the data is recorded. In FAT1 and FAT2, there are two identical sets of data because the FAT system manages the allocation of files and data, and if any FAT data is damaged, the system is greatly affected, so FAT data is multiplexed (stored in two different locations) to reduce the risk of loss.
As shown in
In the example depicted in
The entry information recorded in FAT #015 is #FFFF in this example and, in this context, #FFFF means the end of the file. Therefore, it can be seen that the file 2 is a file corresponding to the clusters from #013 to #015.
When a file from the host 2 is written to the memory system 1, the file information of FAT1, FAT2, and the root directory entry of the file system is updated. Furthermore, the file system information is also stored in the NAND flash memory 20 and the file system information stored in the NAND flash memory 20 is also updated at some predetermined timing.
Next, the configuration of the memory system 1 according to the first embodiment will be described with reference to
The controller 10 communicates with the host 2 and controls the operation of the entire memory system 1. The controller 10 may be, for example, a semiconductor integrated circuit such as a System on Chip (SoC).
The NAND flash memory 20 is connected to the controller 10 and stores data under the control of the controller 10. The NAND flash memory 20 will be described as an example of a non-volatile semiconductor memory in this embodiment, but the present disclosure is not limited to use of NAND flash memory as non-volatile memory. Other types of non-volatile semiconductor memory such as three-dimensional (3D) flash memory, NOR flash memory, or magnetoresistive random access memory (MRAM) may be utilized in place or in addition to NAND flash memory 20.
The controller 10 includes a host I/F control unit 100, a file information management unit 110, a flash translation layer unit 120, and a NAND flash memory I/F control unit 130.
The host I/F control unit 100 is an interface device for communicating with the host 2. The host I/F control unit 100 receives, for example, the write command information issued by the host 2.
The write command information may include write commands and write data. The write command may include a command type indicator indicating that it is a write command, file allocation information indicating the location for write data, a write data size, and a stream ID (stream identifier).
The file allocation information is expressed in the format of a logical block address (LBA), for example. In the following description, the file allocation information is a logical address indicating the location for the write data and may also be referred to as LBA information. The file allocation information used by the host 2 to specify the location for the write data in the memory system 1 may be expressed as a logical address.
In this context, a “stream” is a set of data that is expected to be invalidated collectively whenever the host 2 invalidates data. That is, the stream ID is an identifier that can be set according to the expected lifetime of data.
The lifetime of data is the length of time from when the data is first written to the memory system 1 until the data will be rewritten. The rewriting may include issuing write command information multiple times by designating the duplicate logical address of the host 2.
The rewriting may also include a process of invalidating the previously established relationship between the logical address and the physical address. The process of invalidating the correspondence between the logical address and the physical address is executed, for example, in response to a TRIM command or a UNMAP command.
The host I/F control unit 100 outputs the write command information received from the host 2 to the file information management unit 110 and the flash translation layer unit 120.
The file information management unit 110 manages the erasure level of the file that is to be written. The file information management unit 110 extracts the file allocation information from the write command information including the LBA received from the host I/F control unit 100. An erasure level can be assigned based on this file allocation information (e.g., by address range or the like). In addition, a file identifier in which the file name, file size, and erasure level are combined is stored in an internal memory accessible by the file information management unit 110. The erasure level can reflect the difficulty of restoring data.
That is, the file information management unit 110 assigns an erasure level to the LBA on the memory system 1 for the LBA on the file system managed by the host 2 and reconstructs the file system.
The internal memory accessible by the file information management unit 110 may be, for example, a general-purpose memory such as SRAM or DRAM. This internal memory may be mounted in the controller 10 or outside the controller 10.
The flash translation layer unit 120 manages the LBA and the physical addresses of the NAND flash memory 20 on a one-to-one basis. Specifically, the flash translation layer unit 120 translates and manages the logical address (which is a LBA) included in the write command information received from the host 2, and the physical address (which is the location information) in the NAND flash memory 20. In the following description, the physical address of the NAND block in the NAND flash memory 20 may be referred to as a physical block address (PBA).
In addition to the mapping management function of the logical-to-physical address translation table, the flash translation layer unit 120 may include a function of executing garbage collection (“GC,” which is also referred to as “compaction”) for the NAND flash memory and flash management functions such as block management, wear leveling, and randomization as may be possessed by a flash translation layer (FTL) of the related art.
The NAND flash memory I/F control unit 130 is an interface device for communicating with the NAND flash memory 20. The NAND flash memory I/F control unit 130 receives, for example, an execution command for the PBA, data size, and erasure level issued by the flash translation layer unit 120. The NAND flash memory I/F control unit 130 outputs the received information to the NAND flash memory 20.
With reference to
In step S1, the file information management unit 110 receives the write command information from the host I/F control unit 100.
In step S2, the file information management unit 110 determines whether the LBA included in the write command information received from the host I/F control unit 100 includes file allocation information.
The presence of this file allocation information means that the location indicated by the file allocation information includes information within the range of FAT1, FAT2, or root directory entry of the file system.
If the write command information includes file allocation information, the process proceeds to step S3. If there is no file allocation information in the write command information, the process proceeds to the end.
In step S3, the file information management unit 110 acquires the information of FAT1, FAT2, or the root directory entry from the file allocation information.
In step S4, the file information management unit 110 extracts the file name and file size from the information of FAT1, FAT2, or the root directory entry (for example, from the beginning of the data to 32 bytes).
In step S5, the file information management unit 110 assigns an erasure level corresponding to the extracted file name. In this method of assigning an erasure level, for example, the file information management unit 110 assigns a specified value unless otherwise instructed by the host 2. This specified value may be given, for example, 0 indicating that the erasure level is low.
Here, a low erasure level means that, for example, it is easy to restore the corresponding data and even if the data was to be deleted on the file system, the data can be read by analyzing the NAND flash memory 20. A high erasure level means, for example, a state in which it is difficult to restore data and the file erased on the file system will also be deleted from the NAND flash memory 20.
Instep S6, the file information management unit 110 stores, in internal memory, a file identifier in which the extracted file name and file size, and the erasure level information are combined. The file information management unit 110 may update the contents of the erasure level included in the file identifier recorded in the internal memory upon instruction from the host 2.
That is, for example, the file information management unit 110 can cause the value of the erasure level to be updated from 0 to 1 indicating that the erasure level is updated to high according to an instruction from the host 2. If the same file name already exists, the file identifier in the internal memory does not need to be updated.
In step S7, if the received write command information includes a write command to the cluster number 002 or later, in which the cluster number 002 is the head of the user data area in the cluster shown in
Instep S8, the file information management unit 110 outputs the file identifier to the flash translation layer unit 120.
The operation flow of the flash translation layer unit 120 when writing data to the memory system 1 according to the first embodiment will be described with reference to
In step S11, the flash translation layer unit 120 receives, for example, write command information including an LBA from the host I/F control unit 100. If the LBA included in the write command information includes file allocation information, the file identifier is received from the file information management unit 110.
In step S12, when translating the LBA for the data write destination to a PBA, the flash translation layer unit 120 allocates data having different file identifiers to different NAND blocks. The flash translation layer unit 120 outputs information for the PBA and data size of the LBA included in the write command information to the NAND flash memory I/F control unit 130.
That is, as shown in
In the first embodiment, the memory system 1 extracts the filename from the write command information received from the host I/F control unit 100 and reconstructs the file system (e.g., FAT file system) information.
Using the file allocation information included in this reconstructed LBA, the data included the file is written into limited (minimum) number of NAND blocks (operation mode A).
That is, the memory system 1 can change the erasure level for each file by identifying the erasure level for each file.
Furthermore, since the memory system 1 can delete a file having a high erasure level at once (without performing garbage collection) by analyzing the file configuration using the erasure level, the erased data is hard to be restored and the security level of the memory system 1 can be improved.
In the memory system 1 according to the first embodiment, in the step S5 shown in
On the other hand, in the memory system 1 according to the second embodiment, the file information management unit 110 assigns an erasure level according to the elapsed time since the last update date of the file.
Specifically, for the second embodiment, in step S4 shown in
As shown in
That is, in step S4, the file information management unit 110 extracts the last update date of the file by using “DIR_WrtTime” and “DIR_WrtDate” from the data of the directory entry.
Other configurations, operation flows, and effects of the memory system are the same as those of the first embodiment shown in
In the memory system 1 according to the second embodiment, for step S5 shown in
Specifically, in step S4 shown in
As shown in
That is, in step S4 for the third embodiment, the file information management unit 110 extracts the creation date and time of the file and the date when the file was last opened by using “DIR_CrtTime”, “DIR_CrtDate”, and “DIR_LstAccDate” from the data of the directory entry.
Other configurations, operation flows, and effects of the memory system are the same as in the second embodiment shown in
In the memory system 1 (according to the first embodiment), in step S11 shown in
On the other hand, in the memory system 1A according to the fourth embodiment, a flash translation layer unit 120A (shown in
A garbage collection is a process to move valid data to a free block in another block, and then to generate a block that can be reused for writing (a write destination block) by collecting invalid data stored in the move source block.
That is, when the memory system 1A executes a UNMAP or TRIM command received by the host I/F control unit 100 or garbage collection, the flash translation layer unit 120A refers to the erasure level of the file and outputs a block erase command or a deallocate command to the NAND flash memory I/F control unit 130 according to the selected erasure level. The memory system 1A performs substantially similar to memory system 1A with respect to write command information from the host 2.
The garbage collection may be executed in the background at the same time when the UNMAP command and the TRIM command are received.
For example, the data before updating the file in block #3 on the memory system 1A shown in
In step S21, the flash translation layer unit 120A shown in
In step S22, the flash translation layer unit 120A translates the LBA specified by the UNMAP or TRIM command into PBA and outputs the information of the PBA and data size to the NAND flash memory I/F control unit 130.
In step S23, the flash translation layer unit 120A selects an erasure level based on the file identifier when invalidating the write source file by optimization.
In step S24, the flash translation layer unit 120A selects a method for erasing the NAND block containing the invalidated write source file based on the erasure level read from the file identifier.
If the erasure level read from the file identifier is high (for example, the erasure level value is 1), the process proceeds to step S25. If the erasure level read from the file identifier is low (for example, the erasure level value is 0), the process proceeds to step S26.
In step S25, the flash translation layer unit 120A outputs, for example, a command to execute NAND block erase on the NAND block containing the invalidated write source file to the NAND flash memory I/F control unit 130 according to the selected erasure level.
In step S26, the flash translation layer unit 120A outputs, for example, a command to execute a deallocate (deallocation) to the NAND flash memory I/F control unit 130 according to the selected erasure level.
As described above, a solid-state drive (SSD), which is one possible example of the memory system 1A, receives a UNMAP or TRIM command. At this time, files with a high erasure level in the invalid data generated by the UNMAP or TRIM command and/or garbage collection can be deleted immediately on the memory system 1A, and thus, the erased files become difficult to be restored and the security level of the memory system 1A can be further improved.
Other configurations, operation flows, and effects of the memory system are the same as those of the first embodiment shown in
In the memory system 1A according to the fourth embodiment, the host I/F control unit 100 shown in
On the other hand, in the memory system 1B according to the fifth embodiment, a host I/F control unit 100B shown in
The file information management unit 110B extracts deletable file candidates and outputs the deletable file information to the host I/F control unit 100B.
As the deletable file information, for example, deletable file candidates may be extracted based on the elapsed time of the file obtained in the second embodiment. In addition, files obtained by machine learning as obtained in the third embodiment may be extracted as deletable file candidates.
That is, in the memory system 1B, the file information management unit 110B extracts deletable file information and outputs deletable file information to the host I/F control unit 100B. The host I/F control unit 100B then outputs the deletable file information to the host 2. The host 2 can output a file deletion request to the host I/F control unit 100B based on the deletable file information from the file information management unit 110B.
In step S31, the host I/F control unit 100B receives a file deletion request from the host 2.
In step S32, the host I/F control unit 100B raises the erasure level of the file included in the file deletion request issued by the host 2 based on the deletable file information sent by the file information management unit 110B and outputs the erasure level.
In step S33, the host I/F control unit 100B outputs the LBA of the file in the file deletion request.
Other configurations, operation flows, and effects of the memory system are the same as those of the fourth embodiment shown in
The sixth embodiment further includes an operation mode switching threshold value setting unit 140 and a comparator 150 as compared to the memory system 1 according to the first embodiment.
A flash translation layer unit 120C according to the sixth embodiment outputs, for example, the information about the number of free remaining physical blocks of the NAND block to the comparator 150, in addition to providing the functions of the flash translation layer unit 120 according to the first embodiment.
The flash translation layer unit 120C has an added function of receiving an operation mode setting as determined by the comparator 150 and then switching the operation mode according to the operation mode setting.
The operation mode in which data is allocated in the NAND block of the NAND flash memory 20 of the memory system 1C according to the sixth embodiment is the same as that for the memory system 1 according to the first embodiment (which is referred to as operation mode A).
The operation mode switching threshold value setting unit 140 sets a predetermined threshold value for switching the operation mode according to when the remaining free NAND blocks of the NAND flash memory 20 are running low. In the following description, a predetermined threshold value for switching operation mode when the remaining free NAND blocks of the NAND flash memory 20 are running low is referred to as an operation mode switching threshold value.
The operation mode switching threshold value setting unit 140 outputs the threshold value to the comparator 150.
The comparator 150 switches the file allocation operation mode by which files are allocated in the NAND block of the NAND flash memory 20.
In step S41, the comparator 150 acquires the operation mode switching threshold value from the operation mode switching threshold value setting unit 140.
In step S42, the comparator 150 acquires the number of free remaining physical blocks for the NAND flash memory 20 from the flash translation layer unit 120C. In the following description, the number of free remaining physical blocks of the NAND flash memory 20 is referred to as the number of remaining blocks for simplicity.
If, in step S43, the number of remaining blocks is less than the operation mode switching threshold value, the process proceeds to step S44. When the number of remaining blocks is greater than the operation mode switching threshold value, the process proceeds to step S45.
In step S44, since the number of remaining blocks is less than the operation mode switching threshold value, the comparator 150 outputs an operation mode B signal (operation mode switching signal) to the flash translation layer unit 120C.
In step S45, since the number of remaining blocks is greater than the operation mode switching threshold value, the comparator 150 outputs the operation mode A signal to the flash translation layer unit 120C and file allocation operations remain as in one of the first to fifth embodiments.
Other configurations, operation flows, and effects of the memory system are the same as those of the first embodiment shown in
In the seventh embodiment, the operation mode B is an operation mode in which data of the memory system 1C shown in
Specifically, first, in step S43 shown in
In step S22 shown in
That is, as shown in
The operation mode in which the flash translation layer unit 120C allocates different files to the same NAND block in NAND flash memory 20 in this way is referred to as the operation mode B.
For this operation mode B, the case where an UNMAP command is received from the host 2 for the file D (shown in
When the erasure level is set high by the UNMAP command from the host 2 or any instruction from the host 2, it will be determined that the erasure level for file D is high in step S24 (shown in
As a result of this command to execute a NAND block erase, the file D in the NAND block #3 is invalidated, but the file C in the NAND block #3 is copied to the NAND block #N, as shown in
Other configurations, operating flows, and effects of the memory system are the same as in the sixth embodiment shown in
While certain embodiments have been described, these embodiments have been presented by way of example only, and are not intended to limit the scope of the disclosure. Indeed, the novel embodiments described herein may be embodied in a variety of other forms; furthermore, various omissions, substitutions and changes in the form of the embodiments described herein may be made without departing from the spirit of the disclosure. The accompanying claims and their equivalents are intended to cover such forms or modifications as would fall within the scope and spirit of the disclosure.
| Number | Date | Country | Kind |
|---|---|---|---|
| 2020-157357 | Sep 2020 | JP | national |
