Questions about erasing an ssd to restore performance under FreeBSD

Steven Hartland killing at multiplay.co.uk
Sat Aug 6 00:54:17 UTC 2011 

----- Original Message ----- 
From: "Jeremy Chadwick" <freebsd at jdc.parodius.com>
> I've cleaned up the patch (removed the half-written usage stuff) and
> made it available.
> 
> http://jdc.parodius.com/freebsd/camcontrol_ata_security/
> 
> If this is committed to base the #define ATA_SECURITY_* entries should
> be moved into include/sys/ata.h.
> 
> Steve, if you want to put up your patch somewhere I can review it, but
> an official review from someone more familiar with CAM (e.g. mav@) would
> be best.
> 
> I'm also not sure how you implemented all the features,
> UI-wise (command-line-argument-wise).  This is what I came up with, from
> my internal docs, with comparative syntax in Linux hdparm:
> 
> NOTE: Should try to avoid using -C, -E, -n, -t, -u, or -v
> 
> camcontrol security -U -p PWD   == unlock         (--security-unlock PWD)
> camcontrol security -S -p PWD   == set password   (--security-set-pass PWD)
> camcontrol security -D -p PWD   == disable        (--security-disable PWD)
> camcontrol security -X -p PWD   == erase          (--security-erase PWD)
> camcontrol security -Z -p PWD   == enhanced erase (--security-erase-enhanced PWD)
> camcontrol security -i TYPE ... == {user,master}  (--user-master USER)

Yer I couldn't stand using meaningless short options so added long arg support.

The current version of my patch can be found here:-
http://blog.multiplay.co.uk/dropzone/freebsd/ata_security_cam.patch

If you can find some time to review it Jeremy that would great. I think
its all pretty straight forward, the only confusing part of the diff is
that I split ataidentify into 3 pieces, ataidentify and the helpers
ata_do_idenfity and ata_cam_send to avoid swathes of code duplication.

Some more details and usage examples and caveats can be found here:-
http://blog.multiplay.co.uk/2011/08/freebsd-security-support-for-ata-devices-via-camcontrol/

I've updated the code as well as the man pages so everything should be good.

I've not tested all of the various combinations totally yet, but have tested
all the big ones inc secure erase, set pass, set level, set user & disable.

It should be noted that this requires disks attached to an ATA controller e.g.
ahci as ATA commands don't appear to pass through other controllers e.g. mpt
even with ATA disks underneath.

I'd be interested to here from anyone who has an info on getting this to work
as well.

Much credit to Daniel Roethlisberger for his work  which was the basis of this
code. This can be found here:-
http://www.roe.ch/ATA_Security
http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/127918

    Regards
    Steve

================================================
This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. 

In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337
or return the E.mail to postmaster at multiplay.co.uk.

More information about the freebsd-fs mailing list