Using the System Event Log
SafeNet ProtectToolkit-C maintains a system event log as a means of tracking serious hardware or operational faults, tamper events, and self-test error information.
Viewing and Interpreting the Event Log
Each time a self-test fails, an unexpected event occurs at run-time, or a tamper occurs, information about the event is recorded to the event log. There can be up to 1024 events in the event log.
Event records are written sequentially and labeled chronologically. If the date and time of a later entry is stating earlier than the entry preceding it, the real-time clock or audit information has likely been altered.
See Event Log Error Types for a complete list of possible error code values that may be recorded in the event log.
To view the event log
From a command prompt, type:
ctconf –e
Purging the Event Log
When the event log is full, the HSM will no longer store new event records. The event log will then need to be purged.
The event log cannot be purged until it is full.
To purge the event log
From a command prompt, type the following:
ctconf –p
Event Log Error Types
The following table lists the error entries that may be generated by the ProtectServer HSM firmware and written to the HSM’s event log.
Event records are written sequentially and chronologically. If the date and time of a later entry in the log is stating an earlier time than an entry preceding it, it indicates that the real time clock or audit information has been altered.
| Name | Description |
|---|---|
POST_ERR_SRAM_WRITE
|
POST Error: Cannot write to SRAM |
POST_ERR_SRAM_READ
|
POST Error: Cannot read from SRAM |
POST_ERR_SDRAM_DATA_STUCK
|
POST Error: SDRAM, bit stuck |
POST_ERR_SDRAM_DATA_SHORT
|
POST Error: SDRAM data bits short Param 1. Bit number Param 2. Value |
POST_ERR_SDRAM_ADDR_STUCK
|
POST Error: SDRAM address bit stuck |
POST_ERR_SDRAM_ADDR_SHORT
|
POST Error: SDRAM address bits short Param 1. Bit number |
POST_ERR_SDRAM_BAD_BYTESEL
|
POST Error: SDRAM bad bytes select |
POST_ERR_BAD_SECTOR0
|
POST Error: POST Sector checksum is not correct |
POST_ERR_NOMEM
|
Cannot allocate memory |
POST_ERR_OS_HASH
|
The OS hash value is incorrect |
POST_ERR_KAT
|
Known answer test failed Param 1. Algorithm Identifier Param 2. Error Code |
POST_ERR_RNG
|
RNG did not pass chi-squared test |
POST_ERR_NO_THREAD
|
Unable to start POST Thread |
POST_ERR_SMFS
|
Secure memory file system error Param 1. Error Number |
POST_ERR_RTC
|
Unable to access RTC |
POST_ERR_SER
|
Unable to access UART |
POST_ERR_FDS
|
Flash Data Storage error |
EXCEPT_UNDEF
|
An undefined instruction has been executed Param 1. Address Param 2. Instruction |
EXCEPT_SWI
|
A software interrupt generated Param 1. Address Param 2. Instruction |
EXCEPT_PREFETCH
|
A Prefetch abort generated Param 1. Address |
EXCEPT_DATA
|
A Data abort generated Param 1. Address |
EXCEPT_IRQ
|
An unhandled IRQ received Param 1. Identifier |
ERR_HOT_TAMPER
|
Hot tamper detected |
ERR_HOT_TAMPER_ESM3000
|
ESM3000 tamper generates log parameters |
ERR_CLD_TAMPER_ESM3000
|
Tamper occurred whilst mains power off |
ERR_FLS_TAMPER
|
Tamper noise detected |
ERR_HOT_TAMPER_SRC
|
Tamper detected (main power operation) |
ERR_CLD_TAMPER_SRC
|
COLD Tamper occurred |
ERR_TAMPER_CLR
|
Tamper condition cleared |
LOG_FIRST_ENTRY
|
Initial event entry |
LOG_INITIALIZING_SRAM
|
Initializing the SRAM after a tamper |
LOG_EVENT_LOG_PURGED
|
Event log has been purged |
LOG_INIT_SRAM_COMMAND
|
Soft tamper command executed |
LOG_DANGLING_DIR_FOUND
|
Flash SmFs has detected a dangling DIR entry |
ERROR_ASSERT
|
Runtime Assertion Param 1. File Param 2. Line |
ERROR_INIT_RESOURCE
|
Out of resources in initialization Param 1. File Param 2. Line |
ERROR_INIT_PLATFORM
|
Failed to detect hardware platform Param 1. File Param 2. Line |
ERROR_PCI_CONFIG_CORRUPTED
|
PCI configuration corrupted |
ERROR_PCI_REGS_CORRUPTED
|
PCI registers contain unexpected values - unclearable |
HEAP_INVALID_ADDRESS
|
Heap Invalid block address Param 1. Heap number Param 2. Address |
HEAP_MEM_FREED_TWICE
|
Heap: Memory Freed twice Param 1. Address |
DCP_TIMEOUT
|
DCP: Timeout error on device |
DCP_BAD_STAT
|
DCP: Bad device status |
DCP_BAD_DATA
|
DCP: Bad input data |
DCP_RNG_STUCK
|
DCP: Continuous RNG test |
DCP_LNAU_EXCEPTION
|
DCP: Large Number Arith Hardware exception |
DCP_FAILED_RESET
|
DCP: Failed to reset |
DCP_RESOURCES
|
DCP: Insufficient recources to start driver |
DCP_FATAL_EXCEPTION
|
DCP: an unrecoverable error has occured |
PCCISES_TIMEOUT
|
PCCISES: Timeout error on device Param 1. Error |
PCCISES_BAD_STAT
|
PCCISES: Bad device status Param 1. Status |
PCCISES_BAD_DATA
|
PCCISES: Bad input data |
PCCISES_RNG_STUCK
|
PCCISES: Continuous RNG test error Param 1. Value |
PCCISES_LNAU_EXCEPTION
|
PCCISES: Large Number Arith Hardware exception (Unit,0) |
PCCISES_FAILED_RESET
|
PCCISES: Failed to reset |
PCCISES_RESOURCES
|
PCCISES: Insufficient resources to start driver |
CPROV_OS_UPGRADED
|
OS Upgrade performed Param 1. Mod Param 2. Version |
CPROV_OS_UPGRADE_FAILED
|
OS Upgrade failed |
PROT_NO_SMPR
|
PROTECTION: HSM SMPR not found |
PROT_CIPHER_ERROR
|
PROTECTION: Cipher operation failed |
KEYGEN_ERR_PAIRWISE
|
Key generation: Pair-wise consistency failure |
FM_OP_DOWNLOAD
|
FM Download Performed Param 1. Mod Param 2. Version |
FM_OP_DISABLE
|
FM Disabled Param 1. Mod Param 2. Version |
FM_MODULE_FAIL
|
FM failed to load Param 1. Mod Param 2. Version |
PTKC_CFG_CHNG
|
SafeNet ProtectToolkit-C config change Param 1. New Val Param 2. Old Val |
FDS_FLASH_ERASE_ERROR
|
Flash erasure error in FDS |
FDS_FLASH_WRITE_ERROR
|
Flash write error in FDS |
ERR_RTC_CANT_INITIALIZE_I2C
|
Real-time clock couldn't be initialized |
ERR_RTC_CANT_CLEAN_TAMPER_1
|
Real-time clock can't clear tamper |
ERR_RTC_CANT_ARM_TAMPER_1_CIRCUITS
|
Real-time clock can't re-arm the tamper circuit |
ERR_RTC_CANT_CLEAN_TAMPER_2
|
Real-time clock can't clear tamper |
ERR_RTC_CANT_ARM_TAMPER_2_CIRCUITS
|
Real-time clock can't re-arm the tamper circuit |
ERR_RTC_CANT_CLEAN_POWER_LOSS
|
Real-time clock can't clear power loss |
ERR_RTC_RECONFIGURING_FAILED
|
Real-time clock reconfiguration failed |
ERR_RTC_EXTERNAL_TAMPER_LATCHED
|
Real-time clock external tamper |
ERR_RTC_TAMPER_2_SIGNAL
|
Real-time clock tamper signal |
ERR_RTC_TAMPER_CIRCUITS_RE_ARMED
|
Real-time clock tamper circuits re-armed |
ERR_RTC_LOST_ALL_POWER
|
Real-time clock lost power |
ERR_RTC_BATTERY_LOW
|
Real-time clock battery low |
ERR_RTC_BATTERY_WAS_LOW_WHEN_MAIN_POWER_WAS_OFF
|
Real-time clock low battery alert during main power loss |
ERR_RTC_ZEROIZED_ON_POWER_LOSS
|
Real-time clock zeroized after power loss |
ERR_RTC_UNRELIABLE_DUE_TO_LOW_BATTERY_WHEN_MAIN_POWER_WAS_OFF
|
Real-time clock time unreliable due to low battery voltage |
ERR_RTC_CONFIGURATION_CORRUPTED
|
Real-time clock configuration corrupt |
ERR_RTC_RECONFIGURING_PASSED_CLOCK_RESTARTED
|
Real-time clock reconfiguration passed and clock restarted |
ERR_HSM_HALT_ON_INT_TAMPER
|
HSM halted due to internal tamper |
ERR_HSM_HALT_ON_LO_BAT
|
HSM halted due to low battery |
ERR_HSM_HALT_ON_EXT_TAMPER
|
HSM halted due to external tamper |
ERR_HSM_HALT_ON_OVER_VOLTAGE
|
HSM halted due to high voltage |
ERR_HSM_HALT_ON_UNDER_VOLTAGE
|
HSM halted due to low voltage |
ERR_HSM_HALT_ON_OVER_TEMP
|
HSM halted due to high temperature |
ERR_HSM_HALT_ON_UNDER_TEMP
|
HSM halted due to low temperature |
