Recovering the HSM After FM Failure
In the event that an FM bug causes problems on the HSM, such as halting the HSM or other functionality issues, the HSM SO can take steps to recover the HSM. If you have important FM key objects stored in the Secure Memory File System (SMFS), you may be able to regain access to them. If you encounter issues with FM functionality, try the following before you proceed with recovery operations:
1.Debug your FM code. Build and sign the FM (Building and Signing an FM), and attempt to load it onto the HSM (Loading an FM Into the HSM Firmware). Loading an updated FM with the same FM ID will erase the old version and replace it.
2.If this does not fix the problem, or you are unable to load the patched FM, delete the old FM first (Deleting an FM From the HSM Firmware).
3.If this does not work, continue to the recovery procedure below.
Prerequisites
>Try the methods above before continuing. If you are running multiple FMs, it may be simpler to delete and replace the one that is causing the issue.
To recover the HSM after FM failure
1.Log in as HSM SO.
lunash:> hsm login
2.Erase all FMs currently loaded on the HSM. This will leave the SMFS intact and preserve any key material you may have stored there.
lunash:> hsm fm recover -erase fm
You may now attempt to load a patched version of your FM that addresses the cause of the issue. If this does not resolve the problem, continue to step 3.
3.Choose one of the following options:
CAUTION! Both of these options will erase the SMFS and any cryptographic objects you have stored there. If this is important key material, erasing the SMFS is a last resort to restore HSM functions.
a.Erase the SMFS.
lunash:> hsm fm recover -erase smfs
b.Erase both the loaded FMs and the SMFS
lunash:> hsm fm recover -erase both
4.Load your patched FM and restart the SMFS (see Loading an FM Into the HSM Firmware).