On Sat, 8 Mar 2008, Tejun Heo wrote: Hi, :Rus V. Brushkoff wrote: :> :This is weird. The drive should have stayed unlocked over :> :initialization sequence as SSP is in effect. Either the BIOS is turning :> :off SSP during POST or the drive isn't preserving security mode state :> :although SSP is in effect. Testing who's to blame can be a bit :> :cumbersome and involves removing power from the drive while the rest of :> :the system is running. Can you do that? :> :> Sure - I can simply hot-unplug/hot-plug hdd from laptop. For now I've :Okay, here's the sequence. :1. Boot w/o password set. hdparm -I will show that security feature is :not enabled. :2. Execute "hdparm --user-master u --security-set-pass PASSWORD :/dev/sda". hdparm -I will show that security is enabled but not locked. :3. Remove power from the drive and reapply. Now hdparm -I will show :that security is enabled and locked and dd'ing from the drive will fail. :4. Execute "hdparm --user-master -u --security-unlock PASSWORD :/dev/sda". hdparm -I will show security enabled but unlocked and you'll :be able to access the drive again. :5. Unload and reload ahci. This will trigger controller initialization :causing hardresets on the ports. Execute hdparm -I and see whether the :drive is still unlocked and verify that you can read from the drive. I've used debian live-cd, which has achi compiled as module (booted with acpi=off because of the 2.6.22 kernel problems with 8254 timer), uname -a : Linux debian 2.6.22-3-486 #1 Mon Nov 12 07:53:08 UTC 2007 i686 unknown files with 'hdpam -I' output is attached, numerating by the said sequence, boot.pass is the output booted with bios enabled password. Shortly diffs between stages are : --- boot.1 2008-03-08 17:39:34.000000000 +0200 +++ boot.2 2008-03-08 17:40:16.000000000 +0200 @@ -33,7 +33,7 @@ Commands/features: Enabled Supported: * SMART feature set - Security Mode feature set + * Security Mode feature set * Power Management feature set * Write cache * Look-ahead @@ -74,11 +74,12 @@ Security: Master password revision code = 65297 supported - not enabled + enabled not locked not frozen not expired: security count not supported: enhanced erase + Security level high 88min for SECURITY ERASE UNIT. Logical Unit WWN Device Identifier: 50014ee256031961 NAA : 5 --- boot.2 2008-03-08 17:40:16.000000000 +0200 +++ boot.3 2008-03-08 17:41:34.000000000 +0200 @@ -23,7 +23,7 @@ LBA, IORDY(can be disabled) Queue depth: 32 Standby timer values: spec'd by Standard, with device specific minimum - R/W multiple sector transfer: Max = 16 Current = 16 + R/W multiple sector transfer: Max = 16 Current = 0 Advanced power management level: 128 Recommended acoustic management value: 128, current value: 254 DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6 @@ -43,7 +43,7 @@ * NOP cmd * DOWNLOAD_MICROCODE * Advanced Power Management feature set - * SET_MAX security extension + SET_MAX security extension Automatic Acoustic Management feature set * 48-bit Address feature set * Device Configuration Overlay feature set @@ -75,7 +75,7 @@ Master password revision code = 65297 supported enabled - not locked + locked not frozen not expired: security count not supported: enhanced erase --- boot.3 2008-03-08 17:41:34.000000000 +0200 +++ boot.4 2008-03-08 17:42:52.000000000 +0200 @@ -26,7 +26,7 @@ R/W multiple sector transfer: Max = 16 Current = 0 Advanced power management level: 128 Recommended acoustic management value: 128, current value: 254 - DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6 + DMA: mdma0 mdma1 mdma2 udma0 udma1 *udma2 udma3 udma4 udma5 udma6 Cycle time: min=120ns recommended=120ns PIO: pio0 pio1 pio2 pio3 pio4 Cycle time: no flow control=120ns IORDY flow control=120ns @@ -75,7 +75,7 @@ Master password revision code = 65297 supported enabled - locked + not locked not frozen not expired: security count not supported: enhanced erase --- boot.4 2008-03-08 17:42:52.000000000 +0200 +++ boot.5 2008-03-08 17:44:32.000000000 +0200 @@ -26,7 +26,7 @@ R/W multiple sector transfer: Max = 16 Current = 0 Advanced power management level: 128 Recommended acoustic management value: 128, current value: 254 - DMA: mdma0 mdma1 mdma2 udma0 udma1 *udma2 udma3 udma4 udma5 udma6 + DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6 Cycle time: min=120ns recommended=120ns PIO: pio0 pio1 pio2 pio3 pio4 Cycle time: no flow control=120ns IORDY flow control=120ns : :If the drive stays unlocked over #5, it means that the BIOS is :explicitly disabling SSP during POST. If the drive locks up again, it :means its SSP implementation isn't preserving security mode state over :hardreset. Drive remains unlocked, so BIOS is the problem ;( : : Rus
/dev/sda: ATA device, with non-removable media Model Number: WDC WD2500BEVS-22UST0 Serial Number: WD-WXEX07G90288 Firmware Revision: 01.01A01 Standards: Supported: 8 7 6 5 Likely used: 8 Configuration: Logical max current cylinders 16383 16383 heads 16 16 sectors/track 63 63 -- CHS current addressable sectors: 16514064 LBA user addressable sectors: 268435455 LBA48 user addressable sectors: 488397168 device size with M = 1024*1024: 238475 MBytes device size with M = 1000*1000: 250059 MBytes (250 GB) Capabilities: LBA, IORDY(can be disabled) Queue depth: 32 Standby timer values: spec'd by Standard, with device specific minimum R/W multiple sector transfer: Max = 16 Current = 16 Advanced power management level: 128 Recommended acoustic management value: 128, current value: 254 DMA: mdma0 mdma1 mdma2 udma0 udma1 *udma2 udma3 udma4 udma5 udma6 Cycle time: min=120ns recommended=120ns PIO: pio0 pio1 pio2 pio3 pio4 Cycle time: no flow control=120ns IORDY flow control=120ns Commands/features: Enabled Supported: * SMART feature set * Security Mode feature set * Power Management feature set * Write cache * Look-ahead * Host Protected Area feature set * WRITE_BUFFER command * READ_BUFFER command * NOP cmd * DOWNLOAD_MICROCODE * Advanced Power Management feature set SET_MAX security extension Automatic Acoustic Management feature set * 48-bit Address feature set * Device Configuration Overlay feature set * Mandatory FLUSH_CACHE * FLUSH_CACHE_EXT * SMART error logging * SMART self-test * General Purpose Logging feature set * WRITE_{DMA|MULTIPLE}_FUA_EXT * 64-bit World wide name * IDLE_IMMEDIATE with UNLOAD * Segmented DOWNLOAD_MICROCODE * SATA-I signaling speed (1.5Gb/s) * Native Command Queueing (NCQ) * Host-initiated interface power management * Phy event counters DMA Setup Auto-Activate optimization Device-initiated interface power management * Software settings preservation * SMART Command Transport (SCT) feature set * SCT Long Sector Access (AC1) * SCT LBA Segment Access (AC2) * SCT Error Recovery Control (AC3) * SCT Features Control (AC4) * SCT Data Tables (AC5) unknown 206[12] (vendor specific) unknown 206[13] (vendor specific) Security: Master password revision code = 65297 supported enabled locked not frozen not expired: security count not supported: enhanced erase Security level high 88min for SECURITY ERASE UNIT. Logical Unit WWN Device Identifier: 50014ee256031961 NAA : 5 IEEE OUI : 14ee Unique ID : 256031961 Checksum: correct
/dev/sda: ATA device, with non-removable media Model Number: WDC WD2500BEVS-22UST0 Serial Number: WD-WXEX07G90288 Firmware Revision: 01.01A01 Standards: Supported: 8 7 6 5 Likely used: 8 Configuration: Logical max current cylinders 16383 16383 heads 16 16 sectors/track 63 63 -- CHS current addressable sectors: 16514064 LBA user addressable sectors: 268435455 LBA48 user addressable sectors: 488397168 device size with M = 1024*1024: 238475 MBytes device size with M = 1000*1000: 250059 MBytes (250 GB) Capabilities: LBA, IORDY(can be disabled) Queue depth: 32 Standby timer values: spec'd by Standard, with device specific minimum R/W multiple sector transfer: Max = 16 Current = 0 Advanced power management level: 128 Recommended acoustic management value: 128, current value: 254 DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6 Cycle time: min=120ns recommended=120ns PIO: pio0 pio1 pio2 pio3 pio4 Cycle time: no flow control=120ns IORDY flow control=120ns Commands/features: Enabled Supported: * SMART feature set * Security Mode feature set * Power Management feature set * Write cache * Look-ahead * Host Protected Area feature set * WRITE_BUFFER command * READ_BUFFER command * NOP cmd * DOWNLOAD_MICROCODE * Advanced Power Management feature set SET_MAX security extension Automatic Acoustic Management feature set * 48-bit Address feature set * Device Configuration Overlay feature set * Mandatory FLUSH_CACHE * FLUSH_CACHE_EXT * SMART error logging * SMART self-test * General Purpose Logging feature set * WRITE_{DMA|MULTIPLE}_FUA_EXT * 64-bit World wide name * IDLE_IMMEDIATE with UNLOAD * Segmented DOWNLOAD_MICROCODE * SATA-I signaling speed (1.5Gb/s) * Native Command Queueing (NCQ) * Host-initiated interface power management * Phy event counters DMA Setup Auto-Activate optimization Device-initiated interface power management * Software settings preservation * SMART Command Transport (SCT) feature set * SCT Long Sector Access (AC1) * SCT LBA Segment Access (AC2) * SCT Error Recovery Control (AC3) * SCT Features Control (AC4) * SCT Data Tables (AC5) unknown 206[12] (vendor specific) unknown 206[13] (vendor specific) Security: Master password revision code = 65297 supported enabled not locked not frozen not expired: security count not supported: enhanced erase Security level high 88min for SECURITY ERASE UNIT. Logical Unit WWN Device Identifier: 50014ee256031961 NAA : 5 IEEE OUI : 14ee Unique ID : 256031961 Checksum: correct
/dev/sda: ATA device, with non-removable media Model Number: WDC WD2500BEVS-22UST0 Serial Number: WD-WXEX07G90288 Firmware Revision: 01.01A01 Standards: Supported: 8 7 6 5 Likely used: 8 Configuration: Logical max current cylinders 16383 16383 heads 16 16 sectors/track 63 63 -- CHS current addressable sectors: 16514064 LBA user addressable sectors: 268435455 LBA48 user addressable sectors: 488397168 device size with M = 1024*1024: 238475 MBytes device size with M = 1000*1000: 250059 MBytes (250 GB) Capabilities: LBA, IORDY(can be disabled) Queue depth: 32 Standby timer values: spec'd by Standard, with device specific minimum R/W multiple sector transfer: Max = 16 Current = 0 Advanced power management level: 128 Recommended acoustic management value: 128, current value: 254 DMA: mdma0 mdma1 mdma2 udma0 udma1 *udma2 udma3 udma4 udma5 udma6 Cycle time: min=120ns recommended=120ns PIO: pio0 pio1 pio2 pio3 pio4 Cycle time: no flow control=120ns IORDY flow control=120ns Commands/features: Enabled Supported: * SMART feature set * Security Mode feature set * Power Management feature set * Write cache * Look-ahead * Host Protected Area feature set * WRITE_BUFFER command * READ_BUFFER command * NOP cmd * DOWNLOAD_MICROCODE * Advanced Power Management feature set SET_MAX security extension Automatic Acoustic Management feature set * 48-bit Address feature set * Device Configuration Overlay feature set * Mandatory FLUSH_CACHE * FLUSH_CACHE_EXT * SMART error logging * SMART self-test * General Purpose Logging feature set * WRITE_{DMA|MULTIPLE}_FUA_EXT * 64-bit World wide name * IDLE_IMMEDIATE with UNLOAD * Segmented DOWNLOAD_MICROCODE * SATA-I signaling speed (1.5Gb/s) * Native Command Queueing (NCQ) * Host-initiated interface power management * Phy event counters DMA Setup Auto-Activate optimization Device-initiated interface power management * Software settings preservation * SMART Command Transport (SCT) feature set * SCT Long Sector Access (AC1) * SCT LBA Segment Access (AC2) * SCT Error Recovery Control (AC3) * SCT Features Control (AC4) * SCT Data Tables (AC5) unknown 206[12] (vendor specific) unknown 206[13] (vendor specific) Security: Master password revision code = 65297 supported enabled not locked not frozen not expired: security count not supported: enhanced erase Security level high 88min for SECURITY ERASE UNIT. Logical Unit WWN Device Identifier: 50014ee256031961 NAA : 5 IEEE OUI : 14ee Unique ID : 256031961 Checksum: correct
/dev/sda: ATA device, with non-removable media Model Number: WDC WD2500BEVS-22UST0 Serial Number: WD-WXEX07G90288 Firmware Revision: 01.01A01 Standards: Supported: 8 7 6 5 Likely used: 8 Configuration: Logical max current cylinders 16383 16383 heads 16 16 sectors/track 63 63 -- CHS current addressable sectors: 16514064 LBA user addressable sectors: 268435455 LBA48 user addressable sectors: 488397168 device size with M = 1024*1024: 238475 MBytes device size with M = 1000*1000: 250059 MBytes (250 GB) Capabilities: LBA, IORDY(can be disabled) Queue depth: 32 Standby timer values: spec'd by Standard, with device specific minimum R/W multiple sector transfer: Max = 16 Current = 0 Advanced power management level: 128 Recommended acoustic management value: 128, current value: 254 DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6 Cycle time: min=120ns recommended=120ns PIO: pio0 pio1 pio2 pio3 pio4 Cycle time: no flow control=120ns IORDY flow control=120ns Commands/features: Enabled Supported: * SMART feature set * Security Mode feature set * Power Management feature set * Write cache * Look-ahead * Host Protected Area feature set * WRITE_BUFFER command * READ_BUFFER command * NOP cmd * DOWNLOAD_MICROCODE * Advanced Power Management feature set SET_MAX security extension Automatic Acoustic Management feature set * 48-bit Address feature set * Device Configuration Overlay feature set * Mandatory FLUSH_CACHE * FLUSH_CACHE_EXT * SMART error logging * SMART self-test * General Purpose Logging feature set * WRITE_{DMA|MULTIPLE}_FUA_EXT * 64-bit World wide name * IDLE_IMMEDIATE with UNLOAD * Segmented DOWNLOAD_MICROCODE * SATA-I signaling speed (1.5Gb/s) * Native Command Queueing (NCQ) * Host-initiated interface power management * Phy event counters DMA Setup Auto-Activate optimization Device-initiated interface power management * Software settings preservation * SMART Command Transport (SCT) feature set * SCT Long Sector Access (AC1) * SCT LBA Segment Access (AC2) * SCT Error Recovery Control (AC3) * SCT Features Control (AC4) * SCT Data Tables (AC5) unknown 206[12] (vendor specific) unknown 206[13] (vendor specific) Security: Master password revision code = 65297 supported enabled locked not frozen not expired: security count not supported: enhanced erase Security level high 88min for SECURITY ERASE UNIT. Logical Unit WWN Device Identifier: 50014ee256031961 NAA : 5 IEEE OUI : 14ee Unique ID : 256031961 Checksum: correct
/dev/sda: ATA device, with non-removable media Model Number: WDC WD2500BEVS-22UST0 Serial Number: WD-WXEX07G90288 Firmware Revision: 01.01A01 Standards: Supported: 8 7 6 5 Likely used: 8 Configuration: Logical max current cylinders 16383 16383 heads 16 16 sectors/track 63 63 -- CHS current addressable sectors: 16514064 LBA user addressable sectors: 268435455 LBA48 user addressable sectors: 488397168 device size with M = 1024*1024: 238475 MBytes device size with M = 1000*1000: 250059 MBytes (250 GB) Capabilities: LBA, IORDY(can be disabled) Queue depth: 32 Standby timer values: spec'd by Standard, with device specific minimum R/W multiple sector transfer: Max = 16 Current = 16 Advanced power management level: 128 Recommended acoustic management value: 128, current value: 254 DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6 Cycle time: min=120ns recommended=120ns PIO: pio0 pio1 pio2 pio3 pio4 Cycle time: no flow control=120ns IORDY flow control=120ns Commands/features: Enabled Supported: * SMART feature set * Security Mode feature set * Power Management feature set * Write cache * Look-ahead * Host Protected Area feature set * WRITE_BUFFER command * READ_BUFFER command * NOP cmd * DOWNLOAD_MICROCODE * Advanced Power Management feature set * SET_MAX security extension Automatic Acoustic Management feature set * 48-bit Address feature set * Device Configuration Overlay feature set * Mandatory FLUSH_CACHE * FLUSH_CACHE_EXT * SMART error logging * SMART self-test * General Purpose Logging feature set * WRITE_{DMA|MULTIPLE}_FUA_EXT * 64-bit World wide name * IDLE_IMMEDIATE with UNLOAD * Segmented DOWNLOAD_MICROCODE * SATA-I signaling speed (1.5Gb/s) * Native Command Queueing (NCQ) * Host-initiated interface power management * Phy event counters DMA Setup Auto-Activate optimization Device-initiated interface power management * Software settings preservation * SMART Command Transport (SCT) feature set * SCT Long Sector Access (AC1) * SCT LBA Segment Access (AC2) * SCT Error Recovery Control (AC3) * SCT Features Control (AC4) * SCT Data Tables (AC5) unknown 206[12] (vendor specific) unknown 206[13] (vendor specific) Security: Master password revision code = 65297 supported enabled not locked not frozen not expired: security count not supported: enhanced erase Security level high 88min for SECURITY ERASE UNIT. Logical Unit WWN Device Identifier: 50014ee256031961 NAA : 5 IEEE OUI : 14ee Unique ID : 256031961 Checksum: correct
/dev/sda: ATA device, with non-removable media Model Number: WDC WD2500BEVS-22UST0 Serial Number: WD-WXEX07G90288 Firmware Revision: 01.01A01 Standards: Supported: 8 7 6 5 Likely used: 8 Configuration: Logical max current cylinders 16383 16383 heads 16 16 sectors/track 63 63 -- CHS current addressable sectors: 16514064 LBA user addressable sectors: 268435455 LBA48 user addressable sectors: 488397168 device size with M = 1024*1024: 238475 MBytes device size with M = 1000*1000: 250059 MBytes (250 GB) Capabilities: LBA, IORDY(can be disabled) Queue depth: 32 Standby timer values: spec'd by Standard, with device specific minimum R/W multiple sector transfer: Max = 16 Current = 16 Advanced power management level: 128 Recommended acoustic management value: 128, current value: 254 DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6 Cycle time: min=120ns recommended=120ns PIO: pio0 pio1 pio2 pio3 pio4 Cycle time: no flow control=120ns IORDY flow control=120ns Commands/features: Enabled Supported: * SMART feature set Security Mode feature set * Power Management feature set * Write cache * Look-ahead * Host Protected Area feature set * WRITE_BUFFER command * READ_BUFFER command * NOP cmd * DOWNLOAD_MICROCODE * Advanced Power Management feature set * SET_MAX security extension Automatic Acoustic Management feature set * 48-bit Address feature set * Device Configuration Overlay feature set * Mandatory FLUSH_CACHE * FLUSH_CACHE_EXT * SMART error logging * SMART self-test * General Purpose Logging feature set * WRITE_{DMA|MULTIPLE}_FUA_EXT * 64-bit World wide name * IDLE_IMMEDIATE with UNLOAD * Segmented DOWNLOAD_MICROCODE * SATA-I signaling speed (1.5Gb/s) * Native Command Queueing (NCQ) * Host-initiated interface power management * Phy event counters DMA Setup Auto-Activate optimization Device-initiated interface power management * Software settings preservation * SMART Command Transport (SCT) feature set * SCT Long Sector Access (AC1) * SCT LBA Segment Access (AC2) * SCT Error Recovery Control (AC3) * SCT Features Control (AC4) * SCT Data Tables (AC5) unknown 206[12] (vendor specific) unknown 206[13] (vendor specific) Security: Master password revision code = 65297 supported not enabled not locked not frozen not expired: security count not supported: enhanced erase 88min for SECURITY ERASE UNIT. Logical Unit WWN Device Identifier: 50014ee256031961 NAA : 5 IEEE OUI : 14ee Unique ID : 256031961 Checksum: correct