HSM status and error codes

The Entrust nShield 5s HSM is fitted with a tri-color LED on the back panel. This LED will typically indicate the operational state of the HSM, see LED status. However, the LED can also indicate if the HSM is in an unrecoverable error state, see LED error states. Unrecoverable error state codes can also be retrieved remotely using the enquiry utility, see Error codes accessed remotely.

LED status

The Entrust nShield 5s HSM is fitted with a tri-color LED on the back panel. This LED typically indicates the status of the HSM.

The following states indicate a normal operational state:

Colour	Pattern	Meaning
N/A	Blank	No power or processors not working.
Green	Solid	Power is good. Main processor has not started booting.
Cyan	Solid	Main processor is booting.
Cyan/Blue	Slow flash	Security processor firmware upgrade in progress.
Blue	Solid	System has booted, now idle.
Blue	Flickering	System is active - normal operation.

Colour

Pattern

Meaning

N/A

Blank

No power or processors not working.

Green

Solid

Power is good. Main processor has not started booting.

Cyan

Solid

Main processor is booting.

Cyan/Blue

Slow flash

Security processor firmware upgrade in progress.

Blue

Solid

System has booted, now idle.

Blue

Flickering

System is active - normal operation.

The following states indicate an error within the HSM:

Colour	Pattern	Meaning
Blue	Morse code	Error state for when the HSM is in an unrecoverable state, see LED error states for more information.
Red	Morse code	Error state for when the HSM is in an unrecoverable state see LED error states for more information.
Red	Fast flash	Security processor bootloader failure.
Blue/Red	Flash	Security processor detected a tamper condition.
Other	Any	Contact Entrust Support.

Colour

Pattern

Meaning

Blue

Morse code

Error state for when the HSM is in an unrecoverable state, see LED error states for more information.

Red

Morse code

Error state for when the HSM is in an unrecoverable state see LED error states for more information.

Red

Fast flash

Security processor bootloader failure.

Blue/Red

Flash

Security processor detected a tamper condition.

Other

Any

Contact Entrust Support.

LED error states

If the Entrust nShield 5s HSM encounters an unrecoverable error, it enters an error state. In an error state, the HSM does not respond to commands and does not write data to the bus. The LED displays a Morse code pattern to indicate a specific error state, see Error codes shown on the LED.

In some cases you can reset an HSM in an error state by powering down the HSM and then reapplying power, or with hsmadmin reset. Not all errors can be reset in this way.

If any HSM goes into an error state, except as a result of you issuing the nopclearfail --fail command, contact Entrust Support, and give full details of your HSM set-up and the error code.

Entrust recommends that you contact Entrust Support even if you successfully recover from the error.

For troubleshooting information, see the relevant Installation Guide for your HSM.

Error codes shown on the LED

If an HSM enters an error state, the LED flashes with a Morse code pattern corresponding to an error code.

Error codes can also be retrieved remotely using the enquiry utility, see Error codes accessed remotely.

All the LED error codes have three digits:

The first digit is indicated by a number of dots.
The second digit is then indicated by a number of dashes.
The third digit is then indicated by a number of dots.

There is then a longer gap and the error code repeats.

The following guidelines are useful when reading LED code messages from the HSM:

The duration of a dash (-) is three times the duration of a dot (.).
The gap between components of a letter has the same duration as a dot.
The gap between digits has the same duration as a dash.
The duration of the gap between repeating codes is seven times the duration of a dot.

The numbers of dots/dashes and the Morse code equivalent is shown in the table below.

Colour	Digits	Dots and dashes	Morse code	Meaning
Red	1-1-1	. - .	E T E	Battery voltage out of spec
Red	1-2-1	. - - .	E M E	Crypto SerDes core voltage out of spec
Red	1-2-2	. - - . .	E M I	Main processor SerDes core voltage out of spec
Red	1-2-3	. - - . . .	E M S	Main processor core voltage out of spec
Red	1-2-4	. - - . . . .	E M H	Main processor SerDes core IO voltage out of spec
Red	1-2-5	. - - . . . . .	E M 5	Crypto SerDes IO voltage out of spec
Red	1-3-1	. - - - .	E O E	Main processor IFC IO voltage out of spec
Red	1-3-2	. - - - . .	E O I	DDR access voltage out of spec
Red	1-3-3	. - - - . . .	E O S	DDR IO voltage out of spec
Red	1-3-4	. - - - . . . .	E O H	V12 voltage out of spec
Red	1-3-5	. - - - . . . . .	E O 5	Security processor voltage out of spec
Red	1-5-1	. - - - - - .	E 0 E	Security processor temperature out of spec
Red	1-5-2	. - - - - - . .	E 0 I	Main processor temperature out of spec
Red	1-5-3	. - - - - - . . .	E 0 S	Crypto temperature out of spec
Red	1-5-4	. - - - - - . . . .	E 0 H	Security processor app blank
Red	1-5-5	. - - - - - . . . . .	E 0 5	Security processor app invalid
Red	2-1-1	. . - .	I T E	Security processor secure state corrupted
Red	2-1-2	. . - . .	I T I	No bootloader heartbeat
Red	2-1-3	. . - . . .	I T S	Board-ID PROM failed
Blue	2-1-5	. . - . . . . .	I T 5	Firmware signature auth failure
Red	2-2-2	. . - - . .	I M I	Crypto known-answer tests failed
Red	2-2-3	. . - . . .	I M S	RNG driver failed
Red	2-2-4	. . - - . . . .	I M H	FIPS DRBG failed
Red	2-2-5	. . - - . . . . .	I M 5	OpenSSL failed
Red	2-3-1	. . - - - .	I O E	OpenSSH failed
Red	2-3-2	. . - - - . .	I O I	Library signature verification failed
Red	2-3-3	. . - - - . . .	I O S	FPGA initialisation failed
Red	2-3-4	. . - - - . . . .	I O H	Init script failed

Error codes accessed remotely

If an HSM enters an error state, you can retrieve error codes using the enquiry utility. These codes appear in the hardware status field of the Module and are included in the hardserver log.

There are three error categories:

Runtime library errors.
Hardware driver errors.
Operational mode errors.

Error codes are also indicated by the LED on the back of the HSM, see LED error states.

Runtime library errors

The runtime library error codes described in the following table indicate one of the following:

There is a bug in the firmware.
There is a hardware fault.

If any of these errors occur, reset the HSM.

Code Meaning

Code	Meaning
O L C	SIGABRT: assertion failure and/or `abort()` called.
O L D	Interrupt occurred when disabled. This is more likely to indicate a hardware problem than a firmware problem.
O L E	SIGSEGV: access violation. This is more likely to indicate a hardware problem than a firmware problem.
O L J	SIGFPE: unsupported arithmetic exception (such as division by 0).
O L K	SIGOSERROR: runtime library internal error.
O L L	SIGUNKNOWN: invalid signal raised.

O L C

SIGABRT: assertion failure and/or abort() called.

O L D

Interrupt occurred when disabled. This is more likely to indicate a hardware problem than a firmware problem.

O L E

SIGSEGV: access violation. This is more likely to indicate a hardware problem than a firmware problem.

O L J

SIGFPE: unsupported arithmetic exception (such as division by 0).

O L K

SIGOSERROR: runtime library internal error.

O L L

SIGUNKNOWN: invalid signal raised.

Hardware driver errors

The hardware driver error codes described in the following table indicate one of the following:

Some form of automatic hardware detection has failed.
There is a bug in the firmware.
The wrong firmware has been loaded.

If any of these errors is indicated, contact Entrust Support.

Code	Meaning
H L	M48T37 NVRAM (or battery) failed.
H C V	CPLD wrong version for PCI policing firmware.
H C X	No crypto offload hardware detected.
H P P	PCI Interface Policing failure.
H V	Environment sensors failed. For example, the temperature sensor.
H D	Failure reading unique serial number.
H R	Random number generator failed.
H R F O	FIPS continuous RNG failed.
H R A O	Periodic RNG test failed.
H R S	RNG startup failed.
H R T	RNG selftest failed.
H R T P	Periodic (scheduled daily) RNG selftest failed.
H R M	RNG data matched.
H R Z	Impossible RNG Failure (match after PRNG).
H S S	Security processor internal semaphore error.
H O	Token interface initialization failed.
H E	EEPROM failed on initialization.
H C	Processing thread initialization failed.
H C P	Card poll thread initialization failed.
H F	Starting up crypto offload.
H C V	CPLD version number incorrect.
H J V	IPC-watcher failed.
H J U	IPC-EPD failed.
H J R	Module reset notification failed.
K R	RSA selftest failed.
H H D	Unique serial number detection failed.
H H P	PCI bus hardware detection failed.
H H R	RTC hardware detection failed or random number generator detection failed.
H S C	Error writing correct SOS message.

Code

Meaning

H L

M48T37 NVRAM (or battery) failed.

H C V

CPLD wrong version for PCI policing firmware.

H C X

No crypto offload hardware detected.

H P P

PCI Interface Policing failure.

H V

Environment sensors failed. For example, the temperature sensor.

H D

Failure reading unique serial number.

H R

Random number generator failed.

H R F O

FIPS continuous RNG failed.

H R A O

Periodic RNG test failed.

H R S

RNG startup failed.

H R T

RNG selftest failed.

H R T P

Periodic (scheduled daily) RNG selftest failed.

H R M

RNG data matched.

H R Z

Impossible RNG Failure (match after PRNG).

H S S

Security processor internal semaphore error.

H O

Token interface initialization failed.

H E

EEPROM failed on initialization.

H C

Processing thread initialization failed.

H C P

Card poll thread initialization failed.

H F

Starting up crypto offload.

H C V

CPLD version number incorrect.

H J V

IPC-watcher failed.

H J U

IPC-EPD failed.

H J R

Module reset notification failed.

K R

RSA selftest failed.

H H D

Unique serial number detection failed.

H H P

PCI bus hardware detection failed.

H H R

RTC hardware detection failed or random number generator detection failed.

H S C

Error writing correct SOS message.

Operational mode errors

The runtime library error codes described in the following table indicate one of the following:

There is a bug in the firmware.
There is a hardware fault.

Code Meaning Action

Code	Meaning	Action
T	Temperature of the HSM has exceeded the maximum allowable.	Restart your host computer, and improve HSM cooling. For the cooling requirements for your HSM, see the Installation Guide.
D	Fail command received.	Reset HSM by turning it off and then on again.
G G G	Failure when performing `ClearUnit` or `Fail` command.	Contact Entrust Support.
I J A	Audit logging: failed to send audit log message. This can occur for any type of log message. That is, a log message, signature block or certifier block.	Contact Entrust Support.
I J B	Audit logging: no module memory (therefore failed to send audit log message).	Contact Entrust Support.
I J C	Audit logging: key problem or FIPS incompatibility (therefore failed to sign audit log message).	Contact Entrust Support.
I J D	Audit logging: NVRAM problem (therefore failed to configure or send audit log message).	Contact Entrust Support.

Temperature of the HSM has exceeded the maximum allowable.

Restart your host computer, and improve HSM cooling. For the cooling requirements for your HSM, see the Installation Guide.

Fail command received.

Reset HSM by turning it off and then on again.

G G G

Failure when performing ClearUnit or Fail command.

Contact Entrust Support.

I J A

Audit logging: failed to send audit log message. This can occur for any type of log message. That is, a log message, signature block or certifier block.

Contact Entrust Support.

I J B

Audit logging: no module memory (therefore failed to send audit log message).

Contact Entrust Support.

I J C

Audit logging: key problem or FIPS incompatibility (therefore failed to sign audit log message).

Contact Entrust Support.

I J D

Audit logging: NVRAM problem (therefore failed to configure or send audit log message).

Contact Entrust Support.