Evaluation of direct integration of Seagate openSeaChest #641
Comments
|
Hello! A quick bit more about myself. I have been working at Seagate since 2012. I've been developing customer tools for OEMs and Datacenters as well as end users since that time. One of the first things I was tasked to take over and maintain was SeaTools for Windows. I'm still involved in a lot of discussions around erasing/sanitizing data and am participating in discussions with the Circular Drive Initiative about how they can leverage openSeaChest to do data erasure and health evaluations as well as using other opensource tools.
I do not have a way to get a list of model numbers for what drives support what features. The way we write SeaTools and openSeaChest today is to query the drives for what features they support. This is what I have been recommended to do by the representatives for the T10 (SAS), T13 (ATA), and nvmexpress committees. The reason for this is so that it works with any drive without needing a massive model number table to keep up to date. To help with this we have I do have some knowledge about what Seagate firmware includes these days and some past history that may be helpful. I'm also familiar with other tools like hdparm, sg3utils, smartmontools, and camcontrol since we do have customers that want to utilize those as well and we try to include the same or similar capabilities to these when we can within openSeaChest. I will do my best to help answer your questions and also will consider any feedback or requested changes that may help with this! |
|
@vonericsen Pleased to meet you, I think openSeaChest will be a useful addition to ShredOS. OpenSeaChest doesn't appear to be supplied in buildroot as standard so I'll need to configure the ShredOS build process to download and compile it from https://github.com/Seagate/openSeaChest so that the latest version of OpenSeaChest is built into ShredOS. In regards to utilising OpenSeaChest into nwipe, I'll need to get familiar with OpenSeaChest first and see if I can utilise the utilities or code into nwipe for ATA secure erase specifically. I've got plenty of Seagate drives to test on from the last twenty five years! |
|
Some background for @PartialVolume @martijnvanbrummelen Written by me:
Written by Tyler
I am most worried about reliability on older drives, I understand that newer drives return relatively reliable responses on feature polling, it's more S(ATA) drives I am worried about. Back then I tried to write also to T10 & T13 and it was complicated to get any reply. |
We have our code broken into a few parts/sections that may be helpful for you to understand as you look into it:
The top
How old are you concerned about going back to? |
|
@vonericsen Thanks for taking the time to explain the overall architecture, that's very useful and points me in the right direction. Much appreciated. |
|
No problem! Please feel free to ask questions, suggest improvements, report bugs, request improved documentation etc. We are happy to work on making things better where we can! |
|
Hey, tons of question from my side :) License seagate vs other T10 / T13 / NVME Drives* You wrote:
How much does how you sanitize / wipe your own drives currently differ from let's say purging or clearing a 3rd party drive with hdparm or sg3utils? I am less concerned about spinning disks as they always had a very high entry level barrier regarding the technology required to manufacture them. With SSDs we struggle a lot: while WD, SanDisk or Samsung seem to be very responsive, what drives me crazy frequently are lots of notebooks arriving with internal IT having "upgraded" to Chinese after sales disks with inconsistent firmware behaviour (like identical "unique" identifiers across multiple drives) and big blue after their storage exit stopped providing any documentation what so ever. My attempts to get hand on any of the manufacturer Linux tools was not fruitful either (I have to admit that Samsung took big steps there from having nothing to having a decent Linux cli, even if not open source). Do you have some tips here (especially regarding non major brand stuff). |
openSeaChest is distributed under the Mozilla Public License Version 2.0 MPL 2.0 is also GPL compatible which seems like this would not be an issue for nwipe looking at its license that is checked in. One note is I have a branch in opensea-common that will be pulling in some BSD 3-clause code that I modified to add some functionality. The modifications will fall under MPL 2.0 as the rest of our code does. If you were to use closed source SeaChest from seagate.com that has a different license, which is Seagate's end user license agreement....I believe it is the multi-user variant of the license, but I would need to verify that.
I use openSeaChest on basically everything personally. haha
I have not run into these myself, but I have seen similar things happen with the way USB adapters report (they almost never report the drive's unique identifiers as I would expect them to, so you have to use SAT passthrough to get that information). All of the T10, T13, and SATA-IO standards can easily be purchased and be used by anyone. I know there are also lots of draft versions around the web too, so anyone can easily find them and use them to implement a new device. openSeaChest has one place to filter capabilities but it's largely focused around USB adapters and one PCIe adapter that was blocking a command. We have another place to do some vendor lookups for the brands Seagate has acquired in the past (for example Samsung HDDs and Maxtor and Quatum since Maxtor bought them, etc) but that doesn't filter out capabilities for commands right now since we haven't had reports about misbehaving devices around these things. If you have any more specific examples for these drives and sanitizing data, I am happy to help look into it or try making adjustments in openSeaChest. If the issue is trusting that these devices did an erasure then the next best thing is to run a verification that it is erased. Let me know if this helps or I missed something. If you have the ability to test some of these drives and find an issue, let me know and I can help look into it a bit more. The |
|
This is excellent content, I think it might contribute to the project in many ways! unfortunately, regarding the license. MPL 2.0 is not compatible with GPLv2-only because the MPL requires modified MPL-licensed files to remain under the MPL, while GPLv2-only requires all combined work to be under the GPLv2. These requirements conflict, making direct integration impossible. However, they can coexist in the same project if the code remains in separate files, as the licenses would apply independently. For integration, dual-licensing or moving to GPLv2-or-later/GPLv3 would resolve the conflict, as MPL 2.0 is compatible with GPLv3. |
|
<------ Over at ShredOS, Commit PartialVolume/shredos.x86_64@e05541a Added Seagate's openSeaChest tools, it actually took less space and time than I was expecting, about 5MB in size so only needed to increase the image size to 310MB leaving about 25MB free in the partition for PDF certificates/logs etc. I've not tried playing with any of the tools yet so if anybody wants to try it out, it's now committed to the master. I only need to fix a network issue for Dell USB ethernet adapters and then I'll publish a official release with .iso's and .img's. I'm aiming for a release by the end of the week but we'll see how it goes! |
What's the problem here? |
If you want I can send you some. |
Before doing that, can you give me some examples of brands or something I can search and look into buying/finding within Seagate? |
Hey @vonericsen, as discussed it's my pleasure to introduce to you nwipe, historically forked from DBAN. nwipe is one of the widest, if not the widest, used open source application to wipe drives including a digitally signed PDF proof, sharing the open source spirit of OpenSeaChest in many ways (but I think @martijnvanbrummelen and @PartialVolume are better suited to explain their projects). ShredOS (maintained by PartialVolume) bakes nwipe into an easy to use bootable ISO providing probably the most effective way to use and apply nwipe.
@martijnvanbrummelen @PartialVolume ,
I would like to grab the chance to introduce you to @vonericsen , he's the maintainer of OpenSeaChest, as you probably know the official command line application for managing, among other features, the sanitisation features of Seagate drives. @vonericsen helped me a lot while writing the documentation related to #597 , I think in all of this process I haven't found anybody more straightforward than him. He's contributing in official Seagate capacity since 2017 to SeaChest, practically the only manufacturer made open source tool predating the NVME-Standard.
As discussed several issues exist for the reliable wipe of SSDs using pre-nvme standards and the reliability / compliance of the drives with standard sas / sata commands to wipe them. @vonericsen was kind enough not only to help me to get the public seagate documentation updated, but also to extensively answer many questions.
I was hoping we could use the chance to tackle at least for one manufacturer the most important points, given that @vonericsen agreed to spare some time:
In a perfect world nwipe / shredOS could benefit from manufacturer tool backed assured sanitisation.
The text was updated successfully, but these errors were encountered: