* How to perform SECURITY ERASE on a SEC4 (security enabled/locked) PATA drive ?
@ 2011-04-27 20:15 Maciej Grela
2011-04-29 13:47 ` Mark Lord
0 siblings, 1 reply; 7+ messages in thread
From: Maciej Grela @ 2011-04-27 20:15 UTC (permalink / raw)
To: linux-ide
Hi ata gurus,
I have a 2.5'' PATA drive with security enabled and unknown password.
I'd like to erase that disk and use it. I've been trying to apply the
instructions at the libata wiki:
https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase but they cover
only the scenario in which the drive doesn't have security enabled
before we start the procedure. In my case this approach doesn't work
because I cannot set the password (step 3a):
8< ------------------------------------------------------------------------------
root@hikari:~# hdparm --verbose --user-master u --security-set-pass
abcd /dev/sdb
security_password="abcd"
/dev/sdb:
Issuing SECURITY_SET_PASS command, password="abcd", user=user, mode=high
oflags.lob_all=0x82, flags={ feat command }
oflags.hob_all=0x82, flags={ feat }
using LBA48 taskfile
outgoing cdb: 85 0b 26 00 00 00 00 00 00 00 00 00 00 40 f1 00
data: 00 00 61 62 63 64 00 00 00 00 00 00 00 00 00 00
SG_IO: ATA_16 status=0x2, host_status=0x0, driver_status=0x8
SG_IO: sb[]: 72 0b 00 00 00 00 00 0e 09 0c 01 04 00 00 00 00 00 00 00
00 e0 51 00 00 00 00 00 00 00 00 00 00
SG_IO: desc[]: 09 0c 01 04 00 00 00 00 00 00 00 00
ATA_16 stat=51 err=04 nsect=00 lbal=00 lbam=00 lbah=00 dev=e0
I/O error, ata_op=0xf1 ata_status=0x51 ata_error=0x04
SECURITY_SET_PASS: Input/output error
root@hikari:~#
8< ------------------------------------------------------------------------------
The complete hdparm output for the drive is show below:
8< ------------------------------------------------------------------------------
root@hikari:~# hadparm -I /dev/sdb
/dev/sdb:
ATA device, with non-removable media
Model Number: Hitachi HTE541680J9AT00
Serial Number: SB024CGGJM5BGD
Firmware Revision: SB2OA75H
Standards:
Used: ATA/ATAPI-7 T13 1532D revision 1
Supported: 7 6 5 4
Configuration:
Logical max current
cylinders 16383 16383
heads 16 16
sectors/track 63 63
--
CHS current addressable sectors: 16514064
LBA user addressable sectors: 156301488
LBA48 user addressable sectors: 156301488
Logical/Physical Sector size: 512 bytes
device size with M = 1024*1024: 76319 MBytes
device size with M = 1000*1000: 80026 MBytes (80 GB)
cache/buffer size = 7512 KBytes (type=DualPortCache)
Capabilities:
LBA, IORDY(can be disabled)
Standby timer values: spec'd by Vendor, no device specific minimum
R/W multiple sector transfer: Max = 16 Current = 16
Advanced power management level: 254
Recommended acoustic management value: 128, current value: 254
DMA: mdma0 mdma1 mdma2 udma0 udma1 *udma2 udma3 udma4 udma5
Cycle time: min=120ns recommended=120ns
PIO: pio0 pio1 pio2 pio3 pio4
Cycle time: no flow control=240ns IORDY flow control=120ns
Commands/features:
Enabled Supported:
* SMART feature set
* Security Mode feature set
* Power Management feature set
* Write cache
* Look-ahead
* Host Protected Area feature set
* WRITE_BUFFER command
* READ_BUFFER command
* NOP cmd
* DOWNLOAD_MICROCODE
* Advanced Power Management feature set
Power-Up In Standby feature set
* SET_FEATURES required to spinup after power up
Address Offset Reserved Area Boot
SET_MAX security extension
* Automatic Acoustic Management feature set
* 48-bit Address feature set
* Device Configuration Overlay feature set
* Mandatory FLUSH_CACHE
* FLUSH_CACHE_EXT
* SMART error logging
* SMART self-test
* General Purpose Logging feature set
* WRITE_{DMA|MULTIPLE}_FUA_EXT
* 64-bit World wide name
Security:
Master password revision code = 65534
supported
enabled
locked
not frozen
not expired: security count
not supported: enhanced erase
Security level high
42min for SECURITY ERASE UNIT.
Logical Unit WWN Device Identifier: 5000cca550e4e637
NAA : 5
IEEE OUI : 000cca
Unique ID : 550e4e637
HW reset results:
CBLID- above Vih
Device num = 0 determined by the jumper
Checksum: correct
root@hikari:~#
8< ------------------------------------------------------------------------------
The disk seems to be in SEC4 state (Security enabled / Locked)
according to the ATA spec. My interpretation of the state graph at
this point is, that issuing the SECURITY ERASE PREPARE and SECURITY
ERASE UNIT should erase the drive and switch it to SEC1 (Security
disabled/not Frozen). However, I cannot do this using hdparm in the
following way:
8< ------------------------------------------------------------------------------
root@hikari:~# hdparm --verbose --user-master u --security-erase NULL /dev/sdb
security_password=""
/dev/sdb:
Issuing SECURITY_ERASE command, password="", user=user
outgoing cdb: 85 06 20 00 00 00 00 00 00 00 00 00 00 40 f3 00
SG_IO: ATA_16 status=0x2, host_status=0x0, driver_status=0x8
SG_IO: sb[]: 72 00 00 00 00 00 00 0e 09 0c 00 00 00 00 00 00 00 00 00
00 e0 50 00 00 00 00 00 00 00 00 00 00
SG_IO: desc[]: 09 0c 00 00 00 00 00 00 00 00 00 00
ATA_16 stat=50 err=00 nsect=00 lbal=00 lbam=00 lbah=00 dev=e0
oflags.lob_all=0x82, flags={ feat command }
oflags.hob_all=0x82, flags={ feat }
using LBA48 taskfile
outgoing cdb: 85 0b 26 00 00 00 00 00 00 00 00 00 00 40 f4 00
data: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
SG_IO: ATA_16 status=0x2, host_status=0x0, driver_status=0x8
SG_IO: sb[]: 72 0b 00 00 00 00 00 0e 09 0c 01 04 00 00 00 00 00 00 00
00 e0 51 00 00 00 00 00 00 00 00 00 00
SG_IO: desc[]: 09 0c 01 04 00 00 00 00 00 00 00 00
ATA_16 stat=51 err=04 nsect=00 lbal=00 lbam=00 lbah=00 dev=e0
I/O error, ata_op=0xf4 ata_status=0x51 ata_error=0x04
SECURITY_ERASE: Input/output error
root@hikari:~#
8< ------------------------------------------------------------------------------
The thing is, I don't know the password. Can you send the SECURITY
ERASE commands without knowing the password ? What am I missing ? Is
the operation I'm trying to perform even possible ?
Best regards,
Maciej Grela
PS. Please keep me on CC as I'm not subscribed to this list.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: How to perform SECURITY ERASE on a SEC4 (security enabled/locked) PATA drive ?
2011-04-27 20:15 How to perform SECURITY ERASE on a SEC4 (security enabled/locked) PATA drive ? Maciej Grela
@ 2011-04-29 13:47 ` Mark Lord
2011-04-29 20:57 ` Maciej Grela
0 siblings, 1 reply; 7+ messages in thread
From: Mark Lord @ 2011-04-29 13:47 UTC (permalink / raw)
To: Maciej Grela; +Cc: linux-ide
On 11-04-27 04:15 PM, Maciej Grela wrote:
> Hi ata gurus,
>
> I have a 2.5'' PATA drive with security enabled and unknown password.
> I'd like to erase that disk and use it. I've been trying to apply the
> instructions at the libata wiki:
> https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase but they cover
> only the scenario in which the drive doesn't have security enabled
> before we start the procedure. In my case this approach doesn't work
> because I cannot set the password (step 3a):
First, update your hdparm to hdparm-9.37 from sourceforge.
Distros seem to continue to ship old versions for some weird reason,
and there have been lots of improvements since the 2008 copy they use.
Then, try this:
hdparm --security-set-pass NULL /dev/sdx
hdparm --security-erase NULL /dev/sdx
Cheers
-ml
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: How to perform SECURITY ERASE on a SEC4 (security enabled/locked) PATA drive ?
2011-04-29 13:47 ` Mark Lord
@ 2011-04-29 20:57 ` Maciej Grela
2011-04-30 2:26 ` Mark Lord
0 siblings, 1 reply; 7+ messages in thread
From: Maciej Grela @ 2011-04-29 20:57 UTC (permalink / raw)
To: linux-ide
2011/4/29 Mark Lord <kernel@teksavvy.com>:
> On 11-04-27 04:15 PM, Maciej Grela wrote:
>> Hi ata gurus,
>>
>> I have a 2.5'' PATA drive with security enabled and unknown password.
>> I'd like to erase that disk and use it. I've been trying to apply the
>> instructions at the libata wiki:
>> https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase but they cover
>> only the scenario in which the drive doesn't have security enabled
>> before we start the procedure. In my case this approach doesn't work
>> because I cannot set the password (step 3a):
>
> First, update your hdparm to hdparm-9.37 from sourceforge.
> Distros seem to continue to ship old versions for some weird reason,
> and there have been lots of improvements since the 2008 copy they use.
>
> Then, try this:
>
>
> hdparm --security-set-pass NULL /dev/sdx
> hdparm --security-erase NULL /dev/sdx
>
Hi,
I downloaded the newest hdparm but the result is the same - the first
command fails with "Input/output error", verbose shows:
8< --------------------------------------------------
enki@hikari:~/hdparm-9.37$ sudo ./hdparm --verbose --security-set-pass
NULL /dev
/sdb
security_password=""
/dev/sdb:
Issuing SECURITY_SET_PASS command, password="", user=user, mode=high
oflags.lob_all=0x82, flags={ feat command }
oflags.hob_all=0x00, flags={ }
outgoing cdb: 85 0a 06 00 00 00 00 00 00 00 00 00 00 40 f1 00
outgoing_data: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00
SG_IO: ATA_16 status=0x2, host_status=0x0, driver_status=0x8
SG_IO: sb[]: 72 0b 00 00 00 00 00 0e 09 0c 00 04 00 00 00 00 00 00 00
00 e0 51 00 00 00 00 00 00 00 00 00 00
SG_IO: desc[]: 09 0c 00 04 00 00 00 00 00 00 00 00 e0 51
ATA_16 stat=51 err=04 nsect=00 lbal=00 lbam=00 lbah=00 dev=e0
I/O error, ata_op=0xf1 ata_status=0x51 ata_error=0x04
SECURITY_SET_PASS: Input/output error
enki@hikari:~/hdparm-9.37$
8< --------------------------------------------------
The second command fails in a similar way:
8< --------------------------------------------------
Script started on Fri 29 Apr 2011 10:54:44 PM CEST
enki@hikari:~/hdparm-9.37$ sudo ./hdparm --verbose --security-erase
NULL /dev/sdb
security_password=""
/dev/sdb:
Issuing SECURITY_ERASE command, password="", user=user
outgoing cdb: 85 08 0e 00 00 00 01 00 00 00 00 00 00 40 ec 00
SG_IO: ATA_16 status=0x0, host_status=0x0, driver_status=0x0
SG_IO: sb[]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00
incoming_data: 5a 04 ff 3f 37 c8 10 00 00 00 00 00 3f 00 00 00 00 00
00 00 20 20 20 20 20 20 42 53 32 30 43 34 47 47 4d 4a 42 35 44 47 03
00 b0 3a 04 00 42 53 4f 32 37 41 48 35 69 48 61 74 68 63 20 69 54 48
35 45 31 34 38 36 4a 30 41 39 30 54 20 30 20 20 20 20 20 20 20 20 20
20 20 20 20 20 20 20 10 80 00 00 00 0f 00 40 00 02 00 02 07 00 ff 3f
10 00 3f 00 10 fc fb 00 00 01 b0 f8 50 09 00 00 07 00 03 00 78 00 78
00 f0 00 78 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 fc 00 1a 00 6b 74 e9 7f 63 41 6b 74 49 3e 63 41 3f 04 15
00 00 00 fe 40 fe ff 0b 60 fe 80 00 00 00 00 00 00 00 00 00 00 b0 f8
50 09 00 00 00 00 00 00 00 00 00 00 48 88 00 50 a5 cc e4 50 37 e6 00
00 00 00 00 00 00 00 00 00 00 00 00 00 02 40 00 40 00 00 00 00 00 00
00 00 00 00 00 00 00 00 07 00 0b 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 80 00 00 58 32 00 00 00 00 33 33 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 a5 c5
SG_IO: desc[]: 00 00
ATA_16 stat=00 err=00 nsect=00 lbal=00 lbam=00 lbah=00 dev=00
outgoing cdb: 85 06 20 00 00 00 00 00 00 00 00 00 00 40 f3 00
SG_IO: ATA_16 status=0x2, host_status=0x0, driver_status=0x8
SG_IO: sb[]: 72 00 00 00 00 00 00 0e 09 0c 00 00 00 00 00 00 00 00 00
00 e0 50 00 00 00 00 00 00 00 00 00 00
SG_IO: desc[]: 09 0c 00 00 00 00 00 00 00 00 00 00 e0 50
ATA_16 stat=50 err=00 nsect=00 lbal=00 lbam=00 lbah=00 dev=e0
oflags.lob_all=0x82, flags={ feat command }
oflags.hob_all=0x00, flags={ }
outgoing cdb: 85 0a 06 00 00 00 00 00 00 00 00 00 00 40 f4 00
outgoing_data: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00
SG_IO: ATA_16 status=0x2, host_status=0x0, driver_status=0x8
SG_IO: sb[]: 72 0b 00 00 00 00 00 0e 09 0c 00 04 00 00 00 00 00 00 00
00 e0 51 00 00 00 00 00 00 00 00 00 00
SG_IO: desc[]: 09 0c 00 04 00 00 00 00 00 00 00 00 e0 51
ATA_16 stat=51 err=04 nsect=00 lbal=00 lbam=00 lbah=00 dev=e0
I/O error, ata_op=0xf4 ata_status=0x51 ata_error=0x04
SECURITY_ERASE: Input/output error
enki@hikari:~/hdparm-9.37$
8< --------------------------------------------------
Br,
Maciej Grela
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: How to perform SECURITY ERASE on a SEC4 (security enabled/locked) PATA drive ?
2011-04-29 20:57 ` Maciej Grela
@ 2011-04-30 2:26 ` Mark Lord
2011-04-30 8:10 ` Maciej Grela
0 siblings, 1 reply; 7+ messages in thread
From: Mark Lord @ 2011-04-30 2:26 UTC (permalink / raw)
To: Maciej Grela; +Cc: linux-ide
On 11-04-29 04:57 PM, Maciej Grela wrote:
> 2011/4/29 Mark Lord <kernel@teksavvy.com>:
..
>> Then, try this:
>>
>> hdparm --security-set-pass NULL /dev/sdx
>> hdparm --security-erase NULL /dev/sdx
..
> I downloaded the newest hdparm but the result is the same - the first
> command fails with "Input/output error", verbose shows:
>
> 8< --------------------------------------------------
> enki@hikari:~/hdparm-9.37$ sudo ./hdparm --verbose --security-set-pass
> NULL /dev
> /sdb
>
> security_password=""
>
>
> /dev/sdb:
> Issuing SECURITY_SET_PASS command, password="", user=user, mode=high
..
> SG_IO: ATA_16 status=0x2, host_status=0x0, driver_status=0x8
>
> SG_IO: sb[]: 72 0b 00 00 00 00 00 0e 09 0c 00 04 00 00 00 00 00 00 00
> 00 e0 51 00 00 00 00 00 00 00 00 00 00
>
> SG_IO: desc[]: 09 0c 00 04 00 00 00 00 00 00 00 00 e0 51
>
> ATA_16 stat=51 err=04 nsect=00 lbal=00 lbam=00 lbah=00 dev=e0
>
> I/O error, ata_op=0xf4 ata_status=0x51 ata_error=0x04
>
> SECURITY_ERASE: Input/output error
Okay. Now please do exactly this (and I mean EXACTLY):
1. shut down and completely power off the system.
2. boot up again, and immediately do "hdparm --Istdout /dev/sdb
and post the results here.
I want to see what the default security state of the drive is,
and that sequence above will tell all.
Thanks. Oh, and perhaps COPY ME on subsequent emails,
or I might miss your followups. IOW, use "reply to all".
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: How to perform SECURITY ERASE on a SEC4 (security enabled/locked) PATA drive ?
2011-04-30 2:26 ` Mark Lord
@ 2011-04-30 8:10 ` Maciej Grela
2011-05-03 14:55 ` Mark Lord
0 siblings, 1 reply; 7+ messages in thread
From: Maciej Grela @ 2011-04-30 8:10 UTC (permalink / raw)
To: Mark Lord; +Cc: linux-ide
2011/4/30 Mark Lord <kernel@teksavvy.com>:
>
> Okay. Now please do exactly this (and I mean EXACTLY):
>
> 1. shut down and completely power off the system.
> 2. boot up again, and immediately do "hdparm --Istdout /dev/sdb
> and post the results here.
>
> I want to see what the default security state of the drive is,
> and that sequence above will tell all.
>
Hi,
Here is the data:
/dev/sdb:
045a 3fff c837 0010 0000 0000 003f 0000
0000 0000 2020 2020 2020 5342 3032 3443
4747 4a4d 3542 4744 0003 3ab0 0004 5342
324f 4137 3548 4869 7461 6368 6920 4854
4535 3431 3638 304a 3941 5430 3020 2020
2020 2020 2020 2020 2020 2020 2020 8010
0000 0f00 4000 0200 0200 0007 3fff 0010
003f fc10 00fb 0100 f8b0 0950 0000 0007
0003 0078 0078 00f0 0078 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
00fc 001a 746b 7fe9 4163 746b 3e49 4163
043f 0015 0000 40fe fffe 600b 80fe 0000
0000 0000 0000 0000 f8b0 0950 0000 0000
0000 0000 0000 8848 5000 cca5 50e4 e637
0000 0000 0000 0000 0000 0000 0000 4002
4000 0000 0000 0000 0000 0000 0000 0000
0007 000b 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 8000 0000
3258 0000 0000 3333 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 8000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 c5a5
Hope this clarifies the issue.
Br,
Maciej Grela
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: How to perform SECURITY ERASE on a SEC4 (security enabled/locked) PATA drive ?
2011-04-30 8:10 ` Maciej Grela
@ 2011-05-03 14:55 ` Mark Lord
2011-05-04 19:43 ` Maciej Grela
0 siblings, 1 reply; 7+ messages in thread
From: Mark Lord @ 2011-05-03 14:55 UTC (permalink / raw)
To: Maciej Grela; +Cc: linux-ide
On 11-04-30 04:10 AM, Maciej Grela wrote:
> 2011/4/30 Mark Lord <kernel@teksavvy.com>:
>>
>> Okay. Now please do exactly this (and I mean EXACTLY):
>>
>> 1. shut down and completely power off the system.
>> 2. boot up again, and immediately do "hdparm --Istdout /dev/sdb
>> and post the results here.
>>
>> I want to see what the default security state of the drive is,
>> and that sequence above will tell all.
>>
>
> Hi,
>
> Here is the data:
..
> Security:
> Master password revision code = 65534
> supported
> enabled
> locked
> not frozen
> not expired: security count
> not supported: enhanced erase
> Security level high
> 42min for SECURITY ERASE UNIT.
..
Okay, your drive already has a password set on it.
So to do a --security-erase, you will likely need to
know and supply that exact password on the command line:
hdparm --security-erase XXXXXXXX /dev/sdb
If you don't know the password, then you can try this:
hdparm --security-set-pass NULL --user-master m /dev/sdb
hdparm --security-erase NULL --user-master m /dev/sdb
If that also fails, then you'll have to read through the ATA
security feature documentation (from the t13 standards),
and try and understand how the quirky state machine model
for it is supposed to work. And then puzzle it out from there.
Not all drives do it in exactly the same way,
and not all of them strictly follow the standard.
So it may take some playing around to figure it out.
I don't do this often enough here to remember which brands
prefer what sequences etc.
Cheers
-ml
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: How to perform SECURITY ERASE on a SEC4 (security enabled/locked) PATA drive ?
2011-05-03 14:55 ` Mark Lord
@ 2011-05-04 19:43 ` Maciej Grela
0 siblings, 0 replies; 7+ messages in thread
From: Maciej Grela @ 2011-05-04 19:43 UTC (permalink / raw)
To: Mark Lord; +Cc: linux-ide
2011/5/3 Mark Lord <kernel@teksavvy.com>:
> On 11-04-30 04:10 AM, Maciej Grela wrote:
>> 2011/4/30 Mark Lord <kernel@teksavvy.com>:
>>>
>>> Okay. Now please do exactly this (and I mean EXACTLY):
>>>
>>> 1. shut down and completely power off the system.
>>> 2. boot up again, and immediately do "hdparm --Istdout /dev/sdb
>>> and post the results here.
>>>
>>> I want to see what the default security state of the drive is,
>>> and that sequence above will tell all.
>>>
>>
>> Hi,
>>
>> Here is the data:
> ..
>
>> Security:
>> Master password revision code = 65534
>> supported
>> enabled
>> locked
>> not frozen
>> not expired: security count
>> not supported: enhanced erase
>> Security level high
>> 42min for SECURITY ERASE UNIT.
> ..
>
> Okay, your drive already has a password set on it.
> So to do a --security-erase, you will likely need to
> know and supply that exact password on the command line:
>
> hdparm --security-erase XXXXXXXX /dev/sdb
>
> If you don't know the password, then you can try this:
>
> hdparm --security-set-pass NULL --user-master m /dev/sdb
> hdparm --security-erase NULL --user-master m /dev/sdb
>
> If that also fails, then you'll have to read through the ATA
> security feature documentation (from the t13 standards),
> and try and understand how the quirky state machine model
> for it is supposed to work. And then puzzle it out from there.
>
Hi,
Thanks for all the info, I already did try that approach after
studying the t13 document. I tried to invoke all the state transitions
from SEC4 mentioned there without any progress. So I'll take a break
from trying to solve this problem as it's not very urgent.
Best regards,
Maciej Grela
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2011-05-04 19:43 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-04-27 20:15 How to perform SECURITY ERASE on a SEC4 (security enabled/locked) PATA drive ? Maciej Grela
2011-04-29 13:47 ` Mark Lord
2011-04-29 20:57 ` Maciej Grela
2011-04-30 2:26 ` Mark Lord
2011-04-30 8:10 ` Maciej Grela
2011-05-03 14:55 ` Mark Lord
2011-05-04 19:43 ` Maciej Grela
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).