From: Tejun Heo <htejun@gmail.com>
To: Elias Oltmanns <eo@nebensachen.de>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>,
Jeff Garzik <jeff@garzik.org>,
Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>,
James Bottomley <James.Bottomley@hansenpartnership.com>,
Pavel Machek <pavel@ucw.cz>,
linux-ide@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 3/5] libata: Implement disk shock protection support
Date: Fri, 01 Aug 2008 16:19:26 +0900 [thread overview]
Message-ID: <4892B8FE.1070400@gmail.com> (raw)
In-Reply-To: <20080726062142.29070.10413.stgit@denkblock.local>
Elias Oltmanns wrote:
> On user request (through sysfs), the IDLE IMMEDIATE command with UNLOAD
> FEATURE as specified in ATA-7 is issued to the device and processing of
> the request queue is stopped thereafter until the speified timeout
> expires or user space asks to resume normal operation. This is supposed
> to prevent the heads of a hard drive from accidentally crashing onto the
> platter when a heavy shock is anticipated (like a falling laptop
> expected to hit the floor). This patch simply stops processing the
> request queue. In particular, it does not yet, for instance, defer an
> SRST issued in order to recover from an error on the other device on the
> interface.
For libata, the easiest way to achieve the above would be adding a
per-dev EH action, say, ATA_EH_UNLOAD and schedule EH w/ the action OR'd
to eh_info->action. The EH_UNLOAD handler can then issue the command
wait for the specified number of seconds and continue. This will be
pretty simple to implement as command exclusion and stuff are all
automatically handled by EH framework.
However, SATA or not, there simply isn't a way to abort commands in ATA.
Issuing random command while other commands are in progress simply is
state machine violation and there will be many interesting results
including complete system lockup (ATA controller dying while holding the
PCI bus). The only reliable way to abort in-flight commands are by
issuing hardreset. However, ATA reset protocol is not designed for
quick recovery. The machine is gonna hit the ground hard way before the
reset protocol is complete.
The only way to solve this nicely is either to build the accelerometer
into the drive and let the drive itself protect itself or implement a
sideband signal to tell it to duck for cover. For SATA, this sideband
signal can be another OOB sequence. If it's ever implemented this way,
it will be in SControl, I guess.
Well, short of that, all we can do is to wait for the currently
in-flight commands to drain and hope that it happens before the machine
hits the ground. Also, that the harddrive is not going through one of
the longish EH recovery sequences when it starts to fall. :-(
--
tejun
next prev parent reply other threads:[~2008-08-01 7:19 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-07-26 6:20 [RFC] Disk shock protection in GNU/Linux Elias Oltmanns
2008-07-26 6:23 ` [PATCH 1/5] Make sure that ata_force_tbl is freed in case of an error Elias Oltmanns
2008-07-26 6:24 ` [PATCH 2/5] Introduce ata_id_has_unload() Elias Oltmanns
2008-07-26 16:01 ` Alan Cox
2008-07-26 6:25 ` [PATCH 3/5] libata: Implement disk shock protection support Elias Oltmanns
2008-08-01 7:19 ` Tejun Heo [this message]
2008-08-01 22:34 ` Alan Cox
2008-08-03 3:19 ` Tejun Heo
2008-08-03 13:05 ` Alan Cox
2008-08-03 13:58 ` Tejun Heo
2008-08-04 13:43 ` Elias Oltmanns
2008-08-04 13:26 ` Elias Oltmanns
2008-08-04 14:12 ` Tejun Heo
2008-08-04 16:54 ` Elias Oltmanns
2008-08-04 23:26 ` Tejun Heo
2008-08-04 14:28 ` Gabor Gombas
2008-08-04 14:13 ` Alan Cox
2008-08-04 14:35 ` Tejun Heo
2008-07-26 6:27 ` [PATCH 4/5] ide: " Elias Oltmanns
2008-08-04 6:39 ` Pavel Machek
2008-08-04 14:15 ` Elias Oltmanns
2008-07-26 6:29 ` [PATCH 5/5] Add documentation for hard disk shock protection interface Elias Oltmanns
2008-07-26 9:18 ` Sergei Shtylyov
[not found] <fa.nx0yFPJm+aNXPHgykUrOzZXvvIs@ifi.uio.no>
[not found] ` <fa.NfEr7Ik6e8oextyWICW/jR5emeE@ifi.uio.no>
[not found] ` <fa.zGvATZImeUo0tHJe4hzlk5+mTiM@ifi.uio.no>
[not found] ` <fa.SRVleMItV5QEF7/tgCjSHz0ScJA@ifi.uio.no>
[not found] ` <fa.YKbhgq8XUxH/Qg1ArE+73YsDlpE@ifi.uio.no>
2008-08-05 4:05 ` [PATCH 3/5] libata: Implement disk shock protection support Robert Hancock
2008-08-05 13:14 ` Theodore Tso
2008-08-05 14:29 ` Henrique de Moraes Holschuh
2008-08-05 15:14 ` Eric Piel
2008-08-05 19:59 ` Pavel Machek
2008-08-05 22:57 ` Elias Oltmanns
[not found] ` <48986E3A.5020707@tremplin-utc.net>
2008-08-05 20:00 ` Pavel Machek
2008-08-05 4:16 ` Robert Hancock
2008-08-05 7:49 ` Tejun Heo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4892B8FE.1070400@gmail.com \
--to=htejun@gmail.com \
--cc=James.Bottomley@hansenpartnership.com \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=bzolnier@gmail.com \
--cc=eo@nebensachen.de \
--cc=jeff@garzik.org \
--cc=linux-ide@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pavel@ucw.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).