On Sat, 8 Mar 2008, Tejun Heo wrote:
Hi,
:Rus V. Brushkoff wrote:
:> :This is weird. The drive should have stayed unlocked over
:> :initialization sequence as SSP is in effect. Either the BIOS is turning
:> :off SSP during POST or the drive isn't preserving security mode state
:> :although SSP is in effect. Testing who's to blame can be a bit
:> :cumbersome and involves removing power from the drive while the rest of
:> :the system is running. Can you do that?
:>
:> Sure - I can simply hot-unplug/hot-plug hdd from laptop. For now I've
:Okay, here's the sequence.
:1. Boot w/o password set. hdparm -I will show that security feature is
:not enabled.
:2. Execute "hdparm --user-master u --security-set-pass PASSWORD
:/dev/sda". hdparm -I will show that security is enabled but not locked.
:3. Remove power from the drive and reapply. Now hdparm -I will show
:that security is enabled and locked and dd'ing from the drive will fail.
:4. Execute "hdparm --user-master -u --security-unlock PASSWORD
:/dev/sda". hdparm -I will show security enabled but unlocked and you'll
:be able to access the drive again.
:5. Unload and reload ahci. This will trigger controller initialization
:causing hardresets on the ports. Execute hdparm -I and see whether the
:drive is still unlocked and verify that you can read from the drive.
I've used debian live-cd, which has achi compiled as module (booted with
acpi=off because of the 2.6.22 kernel problems with 8254 timer), uname -a :
Linux debian 2.6.22-3-486 #1 Mon Nov 12 07:53:08 UTC 2007 i686 unknown
files with 'hdpam -I' output is attached, numerating by the said sequence,
boot.pass is the output booted with bios enabled password. Shortly diffs
between stages are :
--- boot.1 2008-03-08 17:39:34.000000000 +0200
+++ boot.2 2008-03-08 17:40:16.000000000 +0200
@@ -33,7 +33,7 @@
Commands/features:
Enabled Supported:
* SMART feature set
- Security Mode feature set
+ * Security Mode feature set
* Power Management feature set
* Write cache
* Look-ahead
@@ -74,11 +74,12 @@
Security:
Master password revision code = 65297
supported
- not enabled
+ enabled
not locked
not frozen
not expired: security count
not supported: enhanced erase
+ Security level high
88min for SECURITY ERASE UNIT.
Logical Unit WWN Device Identifier: 50014ee256031961
NAA : 5
--- boot.2 2008-03-08 17:40:16.000000000 +0200
+++ boot.3 2008-03-08 17:41:34.000000000 +0200
@@ -23,7 +23,7 @@
LBA, IORDY(can be disabled)
Queue depth: 32
Standby timer values: spec'd by Standard, with device specific minimum
- R/W multiple sector transfer: Max = 16 Current = 16
+ R/W multiple sector transfer: Max = 16 Current = 0
Advanced power management level: 128
Recommended acoustic management value: 128, current value: 254
DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6
@@ -43,7 +43,7 @@
* NOP cmd
* DOWNLOAD_MICROCODE
* Advanced Power Management feature set
- * SET_MAX security extension
+ SET_MAX security extension
Automatic Acoustic Management feature set
* 48-bit Address feature set
* Device Configuration Overlay feature set
@@ -75,7 +75,7 @@
Master password revision code = 65297
supported
enabled
- not locked
+ locked
not frozen
not expired: security count
not supported: enhanced erase
--- boot.3 2008-03-08 17:41:34.000000000 +0200
+++ boot.4 2008-03-08 17:42:52.000000000 +0200
@@ -26,7 +26,7 @@
R/W multiple sector transfer: Max = 16 Current = 0
Advanced power management level: 128
Recommended acoustic management value: 128, current value: 254
- DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6
+ DMA: mdma0 mdma1 mdma2 udma0 udma1 *udma2 udma3 udma4 udma5 udma6
Cycle time: min=120ns recommended=120ns
PIO: pio0 pio1 pio2 pio3 pio4
Cycle time: no flow control=120ns IORDY flow control=120ns
@@ -75,7 +75,7 @@
Master password revision code = 65297
supported
enabled
- locked
+ not locked
not frozen
not expired: security count
not supported: enhanced erase
--- boot.4 2008-03-08 17:42:52.000000000 +0200
+++ boot.5 2008-03-08 17:44:32.000000000 +0200
@@ -26,7 +26,7 @@
R/W multiple sector transfer: Max = 16 Current = 0
Advanced power management level: 128
Recommended acoustic management value: 128, current value: 254
- DMA: mdma0 mdma1 mdma2 udma0 udma1 *udma2 udma3 udma4 udma5 udma6
+ DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6
Cycle time: min=120ns recommended=120ns
PIO: pio0 pio1 pio2 pio3 pio4
Cycle time: no flow control=120ns IORDY flow control=120ns
:
:If the drive stays unlocked over #5, it means that the BIOS is
:explicitly disabling SSP during POST. If the drive locks up again, it
:means its SSP implementation isn't preserving security mode state over
:hardreset.
Drive remains unlocked, so BIOS is the problem ;(
:
:
Rus
/dev/sda:
ATA device, with non-removable media
Model Number: WDC WD2500BEVS-22UST0
Serial Number: WD-WXEX07G90288
Firmware Revision: 01.01A01
Standards:
Supported: 8 7 6 5
Likely used: 8
Configuration:
Logical max current
cylinders 16383 16383
heads 16 16
sectors/track 63 63
--
CHS current addressable sectors: 16514064
LBA user addressable sectors: 268435455
LBA48 user addressable sectors: 488397168
device size with M = 1024*1024: 238475 MBytes
device size with M = 1000*1000: 250059 MBytes (250 GB)
Capabilities:
LBA, IORDY(can be disabled)
Queue depth: 32
Standby timer values: spec'd by Standard, with device specific minimum
R/W multiple sector transfer: Max = 16 Current = 16
Advanced power management level: 128
Recommended acoustic management value: 128, current value: 254
DMA: mdma0 mdma1 mdma2 udma0 udma1 *udma2 udma3 udma4 udma5 udma6
Cycle time: min=120ns recommended=120ns
PIO: pio0 pio1 pio2 pio3 pio4
Cycle time: no flow control=120ns IORDY flow control=120ns
Commands/features:
Enabled Supported:
* SMART feature set
* Security Mode feature set
* Power Management feature set
* Write cache
* Look-ahead
* Host Protected Area feature set
* WRITE_BUFFER command
* READ_BUFFER command
* NOP cmd
* DOWNLOAD_MICROCODE
* Advanced Power Management feature set
SET_MAX security extension
Automatic Acoustic Management feature set
* 48-bit Address feature set
* Device Configuration Overlay feature set
* Mandatory FLUSH_CACHE
* FLUSH_CACHE_EXT
* SMART error logging
* SMART self-test
* General Purpose Logging feature set
* WRITE_{DMA|MULTIPLE}_FUA_EXT
* 64-bit World wide name
* IDLE_IMMEDIATE with UNLOAD
* Segmented DOWNLOAD_MICROCODE
* SATA-I signaling speed (1.5Gb/s)
* Native Command Queueing (NCQ)
* Host-initiated interface power management
* Phy event counters
DMA Setup Auto-Activate optimization
Device-initiated interface power management
* Software settings preservation
* SMART Command Transport (SCT) feature set
* SCT Long Sector Access (AC1)
* SCT LBA Segment Access (AC2)
* SCT Error Recovery Control (AC3)
* SCT Features Control (AC4)
* SCT Data Tables (AC5)
unknown 206[12] (vendor specific)
unknown 206[13] (vendor specific)
Security:
Master password revision code = 65297
supported
enabled
locked
not frozen
not expired: security count
not supported: enhanced erase
Security level high
88min for SECURITY ERASE UNIT.
Logical Unit WWN Device Identifier: 50014ee256031961
NAA : 5
IEEE OUI : 14ee
Unique ID : 256031961
Checksum: correct
/dev/sda:
ATA device, with non-removable media
Model Number: WDC WD2500BEVS-22UST0
Serial Number: WD-WXEX07G90288
Firmware Revision: 01.01A01
Standards:
Supported: 8 7 6 5
Likely used: 8
Configuration:
Logical max current
cylinders 16383 16383
heads 16 16
sectors/track 63 63
--
CHS current addressable sectors: 16514064
LBA user addressable sectors: 268435455
LBA48 user addressable sectors: 488397168
device size with M = 1024*1024: 238475 MBytes
device size with M = 1000*1000: 250059 MBytes (250 GB)
Capabilities:
LBA, IORDY(can be disabled)
Queue depth: 32
Standby timer values: spec'd by Standard, with device specific minimum
R/W multiple sector transfer: Max = 16 Current = 0
Advanced power management level: 128
Recommended acoustic management value: 128, current value: 254
DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6
Cycle time: min=120ns recommended=120ns
PIO: pio0 pio1 pio2 pio3 pio4
Cycle time: no flow control=120ns IORDY flow control=120ns
Commands/features:
Enabled Supported:
* SMART feature set
* Security Mode feature set
* Power Management feature set
* Write cache
* Look-ahead
* Host Protected Area feature set
* WRITE_BUFFER command
* READ_BUFFER command
* NOP cmd
* DOWNLOAD_MICROCODE
* Advanced Power Management feature set
SET_MAX security extension
Automatic Acoustic Management feature set
* 48-bit Address feature set
* Device Configuration Overlay feature set
* Mandatory FLUSH_CACHE
* FLUSH_CACHE_EXT
* SMART error logging
* SMART self-test
* General Purpose Logging feature set
* WRITE_{DMA|MULTIPLE}_FUA_EXT
* 64-bit World wide name
* IDLE_IMMEDIATE with UNLOAD
* Segmented DOWNLOAD_MICROCODE
* SATA-I signaling speed (1.5Gb/s)
* Native Command Queueing (NCQ)
* Host-initiated interface power management
* Phy event counters
DMA Setup Auto-Activate optimization
Device-initiated interface power management
* Software settings preservation
* SMART Command Transport (SCT) feature set
* SCT Long Sector Access (AC1)
* SCT LBA Segment Access (AC2)
* SCT Error Recovery Control (AC3)
* SCT Features Control (AC4)
* SCT Data Tables (AC5)
unknown 206[12] (vendor specific)
unknown 206[13] (vendor specific)
Security:
Master password revision code = 65297
supported
enabled
not locked
not frozen
not expired: security count
not supported: enhanced erase
Security level high
88min for SECURITY ERASE UNIT.
Logical Unit WWN Device Identifier: 50014ee256031961
NAA : 5
IEEE OUI : 14ee
Unique ID : 256031961
Checksum: correct
/dev/sda:
ATA device, with non-removable media
Model Number: WDC WD2500BEVS-22UST0
Serial Number: WD-WXEX07G90288
Firmware Revision: 01.01A01
Standards:
Supported: 8 7 6 5
Likely used: 8
Configuration:
Logical max current
cylinders 16383 16383
heads 16 16
sectors/track 63 63
--
CHS current addressable sectors: 16514064
LBA user addressable sectors: 268435455
LBA48 user addressable sectors: 488397168
device size with M = 1024*1024: 238475 MBytes
device size with M = 1000*1000: 250059 MBytes (250 GB)
Capabilities:
LBA, IORDY(can be disabled)
Queue depth: 32
Standby timer values: spec'd by Standard, with device specific minimum
R/W multiple sector transfer: Max = 16 Current = 0
Advanced power management level: 128
Recommended acoustic management value: 128, current value: 254
DMA: mdma0 mdma1 mdma2 udma0 udma1 *udma2 udma3 udma4 udma5 udma6
Cycle time: min=120ns recommended=120ns
PIO: pio0 pio1 pio2 pio3 pio4
Cycle time: no flow control=120ns IORDY flow control=120ns
Commands/features:
Enabled Supported:
* SMART feature set
* Security Mode feature set
* Power Management feature set
* Write cache
* Look-ahead
* Host Protected Area feature set
* WRITE_BUFFER command
* READ_BUFFER command
* NOP cmd
* DOWNLOAD_MICROCODE
* Advanced Power Management feature set
SET_MAX security extension
Automatic Acoustic Management feature set
* 48-bit Address feature set
* Device Configuration Overlay feature set
* Mandatory FLUSH_CACHE
* FLUSH_CACHE_EXT
* SMART error logging
* SMART self-test
* General Purpose Logging feature set
* WRITE_{DMA|MULTIPLE}_FUA_EXT
* 64-bit World wide name
* IDLE_IMMEDIATE with UNLOAD
* Segmented DOWNLOAD_MICROCODE
* SATA-I signaling speed (1.5Gb/s)
* Native Command Queueing (NCQ)
* Host-initiated interface power management
* Phy event counters
DMA Setup Auto-Activate optimization
Device-initiated interface power management
* Software settings preservation
* SMART Command Transport (SCT) feature set
* SCT Long Sector Access (AC1)
* SCT LBA Segment Access (AC2)
* SCT Error Recovery Control (AC3)
* SCT Features Control (AC4)
* SCT Data Tables (AC5)
unknown 206[12] (vendor specific)
unknown 206[13] (vendor specific)
Security:
Master password revision code = 65297
supported
enabled
not locked
not frozen
not expired: security count
not supported: enhanced erase
Security level high
88min for SECURITY ERASE UNIT.
Logical Unit WWN Device Identifier: 50014ee256031961
NAA : 5
IEEE OUI : 14ee
Unique ID : 256031961
Checksum: correct
/dev/sda:
ATA device, with non-removable media
Model Number: WDC WD2500BEVS-22UST0
Serial Number: WD-WXEX07G90288
Firmware Revision: 01.01A01
Standards:
Supported: 8 7 6 5
Likely used: 8
Configuration:
Logical max current
cylinders 16383 16383
heads 16 16
sectors/track 63 63
--
CHS current addressable sectors: 16514064
LBA user addressable sectors: 268435455
LBA48 user addressable sectors: 488397168
device size with M = 1024*1024: 238475 MBytes
device size with M = 1000*1000: 250059 MBytes (250 GB)
Capabilities:
LBA, IORDY(can be disabled)
Queue depth: 32
Standby timer values: spec'd by Standard, with device specific minimum
R/W multiple sector transfer: Max = 16 Current = 0
Advanced power management level: 128
Recommended acoustic management value: 128, current value: 254
DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6
Cycle time: min=120ns recommended=120ns
PIO: pio0 pio1 pio2 pio3 pio4
Cycle time: no flow control=120ns IORDY flow control=120ns
Commands/features:
Enabled Supported:
* SMART feature set
* Security Mode feature set
* Power Management feature set
* Write cache
* Look-ahead
* Host Protected Area feature set
* WRITE_BUFFER command
* READ_BUFFER command
* NOP cmd
* DOWNLOAD_MICROCODE
* Advanced Power Management feature set
SET_MAX security extension
Automatic Acoustic Management feature set
* 48-bit Address feature set
* Device Configuration Overlay feature set
* Mandatory FLUSH_CACHE
* FLUSH_CACHE_EXT
* SMART error logging
* SMART self-test
* General Purpose Logging feature set
* WRITE_{DMA|MULTIPLE}_FUA_EXT
* 64-bit World wide name
* IDLE_IMMEDIATE with UNLOAD
* Segmented DOWNLOAD_MICROCODE
* SATA-I signaling speed (1.5Gb/s)
* Native Command Queueing (NCQ)
* Host-initiated interface power management
* Phy event counters
DMA Setup Auto-Activate optimization
Device-initiated interface power management
* Software settings preservation
* SMART Command Transport (SCT) feature set
* SCT Long Sector Access (AC1)
* SCT LBA Segment Access (AC2)
* SCT Error Recovery Control (AC3)
* SCT Features Control (AC4)
* SCT Data Tables (AC5)
unknown 206[12] (vendor specific)
unknown 206[13] (vendor specific)
Security:
Master password revision code = 65297
supported
enabled
locked
not frozen
not expired: security count
not supported: enhanced erase
Security level high
88min for SECURITY ERASE UNIT.
Logical Unit WWN Device Identifier: 50014ee256031961
NAA : 5
IEEE OUI : 14ee
Unique ID : 256031961
Checksum: correct
/dev/sda:
ATA device, with non-removable media
Model Number: WDC WD2500BEVS-22UST0
Serial Number: WD-WXEX07G90288
Firmware Revision: 01.01A01
Standards:
Supported: 8 7 6 5
Likely used: 8
Configuration:
Logical max current
cylinders 16383 16383
heads 16 16
sectors/track 63 63
--
CHS current addressable sectors: 16514064
LBA user addressable sectors: 268435455
LBA48 user addressable sectors: 488397168
device size with M = 1024*1024: 238475 MBytes
device size with M = 1000*1000: 250059 MBytes (250 GB)
Capabilities:
LBA, IORDY(can be disabled)
Queue depth: 32
Standby timer values: spec'd by Standard, with device specific minimum
R/W multiple sector transfer: Max = 16 Current = 16
Advanced power management level: 128
Recommended acoustic management value: 128, current value: 254
DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6
Cycle time: min=120ns recommended=120ns
PIO: pio0 pio1 pio2 pio3 pio4
Cycle time: no flow control=120ns IORDY flow control=120ns
Commands/features:
Enabled Supported:
* SMART feature set
* Security Mode feature set
* Power Management feature set
* Write cache
* Look-ahead
* Host Protected Area feature set
* WRITE_BUFFER command
* READ_BUFFER command
* NOP cmd
* DOWNLOAD_MICROCODE
* Advanced Power Management feature set
* SET_MAX security extension
Automatic Acoustic Management feature set
* 48-bit Address feature set
* Device Configuration Overlay feature set
* Mandatory FLUSH_CACHE
* FLUSH_CACHE_EXT
* SMART error logging
* SMART self-test
* General Purpose Logging feature set
* WRITE_{DMA|MULTIPLE}_FUA_EXT
* 64-bit World wide name
* IDLE_IMMEDIATE with UNLOAD
* Segmented DOWNLOAD_MICROCODE
* SATA-I signaling speed (1.5Gb/s)
* Native Command Queueing (NCQ)
* Host-initiated interface power management
* Phy event counters
DMA Setup Auto-Activate optimization
Device-initiated interface power management
* Software settings preservation
* SMART Command Transport (SCT) feature set
* SCT Long Sector Access (AC1)
* SCT LBA Segment Access (AC2)
* SCT Error Recovery Control (AC3)
* SCT Features Control (AC4)
* SCT Data Tables (AC5)
unknown 206[12] (vendor specific)
unknown 206[13] (vendor specific)
Security:
Master password revision code = 65297
supported
enabled
not locked
not frozen
not expired: security count
not supported: enhanced erase
Security level high
88min for SECURITY ERASE UNIT.
Logical Unit WWN Device Identifier: 50014ee256031961
NAA : 5
IEEE OUI : 14ee
Unique ID : 256031961
Checksum: correct
/dev/sda:
ATA device, with non-removable media
Model Number: WDC WD2500BEVS-22UST0
Serial Number: WD-WXEX07G90288
Firmware Revision: 01.01A01
Standards:
Supported: 8 7 6 5
Likely used: 8
Configuration:
Logical max current
cylinders 16383 16383
heads 16 16
sectors/track 63 63
--
CHS current addressable sectors: 16514064
LBA user addressable sectors: 268435455
LBA48 user addressable sectors: 488397168
device size with M = 1024*1024: 238475 MBytes
device size with M = 1000*1000: 250059 MBytes (250 GB)
Capabilities:
LBA, IORDY(can be disabled)
Queue depth: 32
Standby timer values: spec'd by Standard, with device specific minimum
R/W multiple sector transfer: Max = 16 Current = 16
Advanced power management level: 128
Recommended acoustic management value: 128, current value: 254
DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6
Cycle time: min=120ns recommended=120ns
PIO: pio0 pio1 pio2 pio3 pio4
Cycle time: no flow control=120ns IORDY flow control=120ns
Commands/features:
Enabled Supported:
* SMART feature set
Security Mode feature set
* Power Management feature set
* Write cache
* Look-ahead
* Host Protected Area feature set
* WRITE_BUFFER command
* READ_BUFFER command
* NOP cmd
* DOWNLOAD_MICROCODE
* Advanced Power Management feature set
* SET_MAX security extension
Automatic Acoustic Management feature set
* 48-bit Address feature set
* Device Configuration Overlay feature set
* Mandatory FLUSH_CACHE
* FLUSH_CACHE_EXT
* SMART error logging
* SMART self-test
* General Purpose Logging feature set
* WRITE_{DMA|MULTIPLE}_FUA_EXT
* 64-bit World wide name
* IDLE_IMMEDIATE with UNLOAD
* Segmented DOWNLOAD_MICROCODE
* SATA-I signaling speed (1.5Gb/s)
* Native Command Queueing (NCQ)
* Host-initiated interface power management
* Phy event counters
DMA Setup Auto-Activate optimization
Device-initiated interface power management
* Software settings preservation
* SMART Command Transport (SCT) feature set
* SCT Long Sector Access (AC1)
* SCT LBA Segment Access (AC2)
* SCT Error Recovery Control (AC3)
* SCT Features Control (AC4)
* SCT Data Tables (AC5)
unknown 206[12] (vendor specific)
unknown 206[13] (vendor specific)
Security:
Master password revision code = 65297
supported
not enabled
not locked
not frozen
not expired: security count
not supported: enhanced erase
88min for SECURITY ERASE UNIT.
Logical Unit WWN Device Identifier: 50014ee256031961
NAA : 5
IEEE OUI : 14ee
Unique ID : 256031961
Checksum: correct
