IDE disk and HPA

IDE disk and HPA

[Oliver Tennert]

Hello,

I have a question concerning the handling of HPA (Host-protected areas) in 
current Linux kernels.

Have a look at drivers/ide/ide-disk.c:


static inline void idedisk_check_hpa(ide_drive_t *drive)
{
        unsigned long long capacity, set_max;
        int lba48 = idedisk_supports_lba48(drive->id);

        capacity = drive->capacity64;
        if (lba48)
                set_max = idedisk_read_native_max_address_ext(drive);
        else
                set_max = idedisk_read_native_max_address(drive);

        if (set_max <= capacity)
                return;

        printk(KERN_INFO "%s: Host Protected Area detected.\n"
                         "\tcurrent capacity is %llu sectors (%llu MB)\n"
                         "\tnative  capacity is %llu sectors (%llu MB)\n",
                         drive->name,
                         capacity, sectors_to_MB(capacity),
                         set_max, sectors_to_MB(set_max));

        if (lba48)
                set_max = idedisk_set_max_address_ext(drive, set_max);
        else
                set_max = idedisk_set_max_address(drive, set_max);
        if (set_max) {
                drive->capacity64 = set_max;
                printk(KERN_INFO "%s: Host Protected Area disabled.\n",
                                 drive->name);
        }
}

Do I interpret it right that the following is done in the above function:

1.) The current capacity of the disk is detected.
2.) The "native max. address size" of the disk is detected and stored in 
set_max.
3.) If capacity < set_max then it is rightly stated that an HPA is detected.
4.) If an HPA is detected, then that HPA is disabled, i.e. the maximum address 
size is set to the "native max. address size". Afterwards, the HPA is no 
more!

My question is now: why is an HPA disabled i.e. disprotected when detected? 
Why not let the HPA alone, because a certain set of disk sectors shall not be 
accessible by the OS?

Best regards

Oliver
-- 

Acid -- better living through chemistry.
--
__
________________________________________creating IT solutions

Dr. Oliver Tennert
Senior Solutions Engineer
CAx Professional Services
                                        science + computing ag
phone   +49(0)7071 9457-598             Hagellocher Weg 71-75	
fax     +49(0)7071 9457-411             D-72070 Tuebingen, Germany
O.Tennert@science-computing.de          www.science-computing.de

Re: IDE disk and HPA

[Alan Cox]

> Do I interpret it right that the following is done in the above function:

Aside from the version in most kernels being buggy yes

> My question is now: why is an HPA disabled i.e. disprotected when detected? 
> Why not let the HPA alone, because a certain set of disk sectors shall not be 
> accessible by the OS?

Because the HPA is most commonly used to hide all but a fraction of a
disk to work with older BIOSes.

Re: IDE disk and HPA

[Oliver Tennert]

On Friday, 22. July 2005 16:47, Alan Cox wrote:
> > Do I interpret it right that the following is done in the above function:
>
> Aside from the version in most kernels being buggy yes
>
> > My question is now: why is an HPA disabled i.e. disprotected when
> > detected? Why not let the HPA alone, because a certain set of disk
> > sectors shall not be accessible by the OS?
>
> Because the HPA is most commonly used to hide all but a fraction of a
> disk to work with older BIOSes.

But as to my knowledge, the HPA was had been introduced to allow HW vendors to 
store things like diagnostic programs in a part of the disk protected from 
partitioning and filesystems. The point is, IF there is an HPA, there MIGHT 
be a partitioning scheme and some filesystems on the disk which rely on the 
size of disk being the native size MINUS the HPA.

Also there might be some contents in the HPA which is vulnerable to deletion 
if exposed to the OS in such a transparent way.

So unconditionally disabling the HPA seems not an unconditionally good idea to 
me.

Why is the HPA not just left alone?

Best regards

Oliver

-- 
"She said, `I know you ... you cannot sing'.  I said, `That's nothing,
you should hear me play piano.'"
		-- Morrisey
--
__
________________________________________creating IT solutions

Dr. Oliver Tennert
Senior Solutions Engineer
CAx Professional Services
                                        science + computing ag
phone   +49(0)7071 9457-598             Hagellocher Weg 71-75	
fax     +49(0)7071 9457-411             D-72070 Tuebingen, Germany
O.Tennert@science-computing.de          www.science-computing.de

Re: IDE disk and HPA

[Alan Cox]

On Iau, 2005-08-04 at 09:14 +0200, Oliver Tennert wrote:
> partitioning and filesystems. The point is, IF there is an HPA, there MIGHT 
> be a partitioning scheme and some filesystems on the disk which rely on the 
> size of disk being the native size MINUS the HPA.

Thats fine, Linux is quite happy with such a partitioning table.

> Also there might be some contents in the HPA which is vulnerable to deletion 
> if exposed to the OS in such a transparent way.

By opening the raw disk file yes, but that is not a big concern

> Why is the HPA not just left alone?

As I said before - because in most cases the HPA is used just to fool an
old bios into booting a large disk. 

Re: IDE disk and HPA

[Etienne Lorrain]

> > > My question is now: why is an HPA disabled i.e. disprotected when
> > > detected? Why not let the HPA alone, because a certain set of disk
> > > sectors shall not be accessible by the OS?
> >
> > Because the HPA is most commonly used to hide all but a fraction of a
> > disk to work with older BIOSes.
>
> But as to my knowledge, the HPA was had been introduced to allow HW
> vendors to store things like diagnostic programs in a part of the
> disk protected from partitioning and filesystems.
> The point is, IF there is an HPA, there MIGHT be a partitioning
> scheme and some filesystems on the disk which rely on the size of
> disk being the native size MINUS the HPA.

  If those HW vendors want to store software in the HPA of the IDE
 hard disk, and they employ people able to read the IDE specifications,
 they know that this HPA can be protected by password and so Linux
 just display a failure when trying to restore the capacity of the
 Hard Disk - because it lacks the unlocking password.

  Note that this HPA is a good place to store a bootloader too, in fact
 I like to think of it as the big floppy drive of the PC which no more
 have any floppy drive: create a FAT filesystem of 64 Mbytes there and
 copy all the floppy you used to have there. Your bootloader, if it
 is good enough, will be able to run software from this area.

  I also have to add that it is finally time to read the ATA 4
 specification (published in august 1998) or any newer version, for
 instance at:
 http://www.t13.org/project/d1153r18-ATA-ATAPI-4.pdf
 around page 30 / page 46 about "6.10 Security Mode feature set".
 Pay attentiong to the last sentense of "6.10.4 Frozen mode".
  If you are using the right bootloader someone has already taken care
 of that detail for you - you are not disk2brick virus sensitive, and
 you do not care much of the blankdisk virus neither - whatever the
 OSes you are using.

  Etienne.

--
 http://gujin.org

Re: IDE disk and HPA

[Gustavo Guillermo Pérez]

El Jueves, 4 de Agosto de 2005 07:11, Etienne Lorrain escribió:
> > > > My question is now: why is an HPA disabled i.e. disprotected when
> > > > detected? Why not let the HPA alone, because a certain set of disk
> > > > sectors shall not be accessible by the OS?
> > >
> > > Because the HPA is most commonly used to hide all but a fraction of a
> > > disk to work with older BIOSes.
> >
> > But as to my knowledge, the HPA was had been introduced to allow HW
> > vendors to store things like diagnostic programs in a part of the
> > disk protected from partitioning and filesystems.
> > The point is, IF there is an HPA, there MIGHT be a partitioning
> > scheme and some filesystems on the disk which rely on the size of
> > disk being the native size MINUS the HPA.
>
>   If those HW vendors want to store software in the HPA of the IDE
>  hard disk, and they employ people able to read the IDE specifications,
>  they know that this HPA can be protected by password and so Linux
>  just display a failure when trying to restore the capacity of the
>  Hard Disk - because it lacks the unlocking password.
If I want to upgrade my IDE Hard drive by my self, how can I restore that kind 
of data on other diferent PC? HPA should not exist, there are a lot of other 
ways to store restore or diagnostics apps, Hibernation and Quick Restores 
should be handled in other way, I have once an omnibook (earth unplugged) and 
I can only reinstall Linux, because the host protected area does not allow me 
to install The Original OS, in other PC with the porper hardware and back it 
to the laptop.
This HPA should be optional, but never by default, I once need to have them 
disabled (where is the specifications from the manufacturer to reproduce them 
in a new hard disk media).
:|
-- 
Gustavo Guillermo Pérez
Compunauta uLinux
www.compunauta.com

Re: IDE disk and HPA

[Etienne Lorrain]

> If I want to upgrade my IDE Hard drive by my self, how can I
> restore that kind of data on other diferent PC?

  So the content of the HPA should be limited to program which are
 special: a boot loader is position dependant and you do not want
 to copy it blindly to another hard disk with maybe another size
 or other characteristics - because it will not work - you just
 want to re-install it on the other HD on the other PC.
  If this HPA contains more than a bootloader, it has to be
 organised like a real filesystem (or even a real device image
 with a partition table) to be accessed by emergency tools like
 mtools (you can specify a big offset to the device to access
 a FAT partition at the end of the device). This FAT filesystem
 can be considered logically like a big floppy.
 Maybe one day this system can use the SAORAB IDE feature - read
 the spec to understand that sentence.
  If you are really recovering a disaster and want to get the HPA
 content but are locked by the bootloader blocking this access, I'll
 give you the trick (that is a secret - do not repeat it!): plug in
 your IDE disk after boot using an USB/IDE adapter.

> HPA should not exist, there are a lot of other ways to store
> restore or diagnostics apps, Hibernation and Quick Restores
> should be handled in other way, I have once an omnibook (earth
> unplugged) and I can only reinstall Linux, because the host
> protected area does not allow me to install The Original OS,
> in other PC with the porper hardware and back it to the laptop.

  HPA and all the other "extended" IDE command exists on all hard
 drives used these day: anything more than 8 Gb has the complete
 set (but maybe SAORAB).

> This HPA should be optional, but never by default, I once need
> to have them disabled (where is the specifications from the
> manufacturer to reproduce them in a new hard disk media).

  My bootloader can be installed in any standard partition and
 if the disk does not contains a B.E.E.R. sector (see
http://www.t13.org/project/d1367r3.pdf
 ) you will not get the HPA set or frozzen.
 Security freeze is still done in all cases.

  Etienne.

RE: IDE disk and HPA

[Aleksey Gorelov]

>-----Original Message-----
>From: linux-kernel-owner@vger.kernel.org 
>[mailto:linux-kernel-owner@vger.kernel.org] On Behalf Of 
>Etienne Lorrain
>Sent: Thursday, August 04, 2005 5:11 AM
>To: linux-kernel@vger.kernel.org
>Subject: Re: IDE disk and HPA
>
>> > > My question is now: why is an HPA disabled i.e. disprotected when
>> > > detected? Why not let the HPA alone, because a certain 
>set of disk
>> > > sectors shall not be accessible by the OS?
>> >
>> > Because the HPA is most commonly used to hide all but a 
>fraction of a
>> > disk to work with older BIOSes.
>>
>> But as to my knowledge, the HPA was had been introduced to allow HW
>> vendors to store things like diagnostic programs in a part of the
>> disk protected from partitioning and filesystems.
>> The point is, IF there is an HPA, there MIGHT be a partitioning
>> scheme and some filesystems on the disk which rely on the size of
>> disk being the native size MINUS the HPA.
>
>  If those HW vendors want to store software in the HPA of the IDE
> hard disk, and they employ people able to read the IDE specifications,
> they know that this HPA can be protected by password and so Linux
> just display a failure when trying to restore the capacity of the
> Hard Disk - because it lacks the unlocking password.

 Yep, you are right. When used by BIOS/firmware, it is usually 
protected by password. And interesting enough, as in this particular 
case, they employ people to not only read them, but to write them as
well ;)
  However, if not protected by the password, it is probably Ok 
to make it visible (as things currently are).

>
>  Note that this HPA is a good place to store a bootloader too, in fact
> I like to think of it as the big floppy drive of the PC which no more
> have any floppy drive: create a FAT filesystem of 64 Mbytes there and
> copy all the floppy you used to have there. Your bootloader, if it
> is good enough, will be able to run software from this area.

If your bootloader if the first thing to run in the system, you can 
use & protect portion of your hardrive for yourself - just make sure you

lock with set max with password when passing control to 'normal'
OS/loader.

Aleks.

RE: IDE disk and HPA

[Etienne Lorrain]

>>  Note that this HPA is a good place to store a bootloader too, in fact
>> I like to think of it as the big floppy drive of the PC which no more
>> have any floppy drive: create a FAT filesystem of 64 Mbytes there and
>> copy all the floppy you used to have there. Your bootloader, if it
>> is good enough, will be able to run software from this area.
>
> If your bootloader if the first thing to run in the system, you can
> use & protect portion of your hardrive for yourself - just make sure you
> lock with set max with password when passing control to 'normal'
> OS/loader.
>
> Aleks.

  When my bootloader is installed in an HPA protected partition
 containning a filesystem (instead of a real primary or extended
 partition), it is by default not only protecting the HPA by
 password but also freeze it.
 To run a trusted application which needs an unprotected IDE disk,
 you need to have the application in the KGZ kernel form
 (elf -> objdump -> gzip with the right IDE comment), see:
http://marc.theaimsgroup.com/?l=linux-kernel&m=112134577732513
 And also uncheck the "ignore kernel IDE options" box in setup.

  The problem is that you cannot really modify the disk size by
 the IDE configuration command because BIOS react badly to disks
 which change their number of LBA after boot, so the bootloader
 cannot be really transparent. Moreover, if the bootloader is
 completely hidden, people try to install multiple times the
 bootloader when they just want to upgrade it - and it does not
 work as intended.
  The bootloader can still be configured to set the disk size
 to the one declared in the MBR if needed and if the IDE disk
 is currently able to modify its own number of LBA. Same for HPA,
 if it finds the HPA frozzen - maybe because it has chainloaded
 itself - it will not try to modify the HPA.
  Note that the frozzen state I am speaking of here have nothing
 to do with the "IDE security freeze" command needed before running
 any OS to protect against disk2brick/blankdisk viruses.

  Etienne.