root@storageqe-108 ~]# nvme list
Node                  Generic               SN                   Model                                    Namespace  Usage                      Format           FW Rev  
--------------------- --------------------- -------------------- ---------------------------------------- ---------- -------------------------- ---------------- --------
/dev/nvme0n1          /dev/ng0n1            3EJ0A04H0NB3         Dell Ent NVMe FIPS CM6 MU 1.6TB          0x1          3.41  GB /   1.60  TB    512   B +  0 B   3.1.5   

[root@storageqe-108 ~]# nvme sed  discover /dev/nvme0n1 
Locking Features:
    Locking Supported:         Yes
    Locking Feature Enabled:   No
    Locked:                    No

[root@storageqe-108 ~]# echo -e  passwdpasswd | cryptsetup --type 'luks2'  luksFormat /dev/nvme0n1   -q  --hw-opal  /tmp/slot_key --debug
# cryptsetup 2.7.2 processing "cryptsetup --type luks2 luksFormat /dev/nvme0n1 -q --hw-opal /tmp/slot_key --debug"
# Verifying parameters for command luksFormat.
# Running command luksFormat.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating context for crypt device /dev/nvme0n1.
# Trying to open and read device /dev/nvme0n1 with direct-io.
# Direct-io is supported and works.
# Initialising device-mapper backend library.
# Blkid check (filter none).
# File descriptor passphrase entry requested.
# STDIN descriptor passphrase entry requested.
# Checking new password using default pwquality settings.
# Crypto backend (OpenSSL 3.2.2 4 Jun 2024 [default][legacy][threads][argon2]) initialized in cryptsetup library version 2.7.2.
# Detected kernel Linux 5.14.0-545.el9.x86_64 x86_64.
# PBKDF argon2id, time_ms 2000 (iterations 0), max_memory_kb 1048576, parallel_threads 4.
# Formatting device /dev/nvme0n1 as type LUKS2 with OPAL HW encryption.
OPAL support is disabled in libcryptsetup.
# Releasing crypt device /dev/nvme0n1 context.
# Releasing device-mapper backend.
Command failed with code -1 (wrong or missing parameters).
[root@storageqe-108 ~]# nvme id-ns /dev/nvme0n1 -H
NVME Identify Namespace 1:
nsze    : 0xba4d4ab0
ncap    : 0xba4d4ab0
nuse    : 0x657d58
nsfeat  : 0x14
  [5:4] : 0x1    NPWG, NPWA, NPDG, NPDA, and NOWS are Supported
  [3:3] : 0    NGUID and EUI64 fields if non-zero, Reused
  [2:2] : 0x1    Deallocated or Unwritten Logical Block error Supported
  [1:1] : 0    Namespace uses AWUN, AWUPF, and ACWU
  [0:0] : 0    Thin Provisioning Not Supportednlbaf   : 5
flbas   : 0
  [6:5] : 0    Most significant 2 bits of Current LBA Format Selected
  [4:4] : 0    Metadata Transferred in Separate Contiguous Buffer
  [3:0] : 0    Least significant 4 bits of Current LBA Format Selectedmc      : 0
  [1:1] : 0    Metadata Pointer Not Supported
  [0:0] : 0    Metadata as Part of Extended Data LBA Not Supporteddpc     : 0
  [4:4] : 0    Protection Information Transferred as Last Bytes of Metadata Not Supported
  [3:3] : 0    Protection Information Transferred as First Bytes of Metadata Not Supported
  [2:2] : 0    Protection Information Type 3 Not Supported
  [1:1] : 0    Protection Information Type 2 Not Supported
  [0:0] : 0    Protection Information Type 1 Not Supporteddps     : 0
  [3:3] : 0    Protection Information is Transferred as Last Bytes of Metadata
  [2:0] : 0    Protection Information Disablednmic    : 0x1
  [0:0] : 0x1    Namespace Multipath Capablerescap  : 0xff
  [7:7] : 0x1    Ignore Existing Key - Used as defined in revision 1.3 or later
  [6:6] : 0x1    Exclusive Access - All Registrants Supported
  [5:5] : 0x1    Write Exclusive - All Registrants Supported
  [4:4] : 0x1    Exclusive Access - Registrants Only Supported
  [3:3] : 0x1    Write Exclusive - Registrants Only Supported
  [2:2] : 0x1    Exclusive Access Supported
  [1:1] : 0x1    Write Exclusive Supported
  [0:0] : 0x1    Persist Through Power Loss Supportedfpi     : 0x80
  [7:7] : 0x1    Format Progress Indicator Supported
  [6:0] : 0    Format Progress Indicator (Remaining 0%)dlfeat  : 9
  [4:4] : 0    Guard Field of Deallocated Logical Blocks is set to 0xFFFF
  [3:3] : 0x1    Deallocate Bit in the Write Zeroes Command is Supported
  [2:0] : 0x1    Bytes Read From a Deallocated Logical Block and its Metadata are 0x00nawun   : 0
nawupf  : 0
nacwu   : 0
nabsn   : 0
nabo    : 0
nabspf  : 0
noiob   : 0
nvmcap  : 1,600,321,314,816
npwg    : 7
npwa    : 7
npdg    : 7
npda    : 7
nows    : 7
mssrl   : 0
mcl     : 0
msrc    : 0
nulbaf  : 0
anagrpid: 0
nsattr    : 0
nvmsetid: 1
endgid  : 1
nguid   : 00000000000000008ce38ee22a02ed01
eui64   : 8ce38ee22a02ed01
LBA Format  0 : Metadata Size: 0   bytes - Data Size: 512 bytes - Relative Performance: 0 Best (in use)
LBA Format  1 : Metadata Size: 8   bytes - Data Size: 512 bytes - Relative Performance: 0 Best 
LBA Format  2 : Metadata Size: 0   bytes - Data Size: 1  bytes - Relative Performance: 0 Best 
LBA Format  3 : Metadata Size: 0   bytes - Data Size: 4096 bytes - Relative Performance: 0 Best 
LBA Format  4 : Metadata Size: 8   bytes - Data Size: 4096 bytes - Relative Performance: 0 Best 
LBA Format  5 : Metadata Size: 64  bytes - Data Size: 4096 bytes - Relative Performance: 0 Best 
[root@storageqe-108 ~]# cat /boot/config-5.14.0-545.el9.x86_64 | grep -i opal
CONFIG_BLK_SED_OPAL=y


[root@storageqe-108 opal-toolset]# ./discovery  /dev/nvme0n1 3  | grep Geometry -A6
  "Geometry Feature": {
    "Version": 1,
    "ALIGN": 1,
    "LogicalBlockSize": 512,
    "AlignmentGranularity": 8,
    "LowestAlignedLBA": 0
  },
[root@storageqe-108 opal-toolset]# 

[root@storageqe-108 ~]# uname -a
Linux storageqe-108.rhts.eng.pek2.redhat.com 5.14.0-545.el9.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Dec 17 11:16:26 EST 2024 x86_64 x86_64 x86_64 GNU/Linux
[root@storageqe-108 ~]# 
[root@storageqe-108 sedutil]# sedutil-cli --isValidSED /dev/nvme0n1 
/dev/nvme0n1 SED -2- Dell Ent NVMe FIPS CM6 MU 1.6TB          3.1.5   
[root@storageqe-108 sedutil]# 
[root@storageqe-108 sedutil]# 
[root@storageqe-108 sedutil]# rpm -qa |grep cryptsetup
cryptsetup-libs-2.7.2-3.el9_5.x86_64
cryptsetup-2.7.2-3.el9_5.x86_64
[root@storageqe-108 sedutil]#