Bug#390616: linux-image-2.6.18: Enable ATA-Security for Sid kernels

To: maximilian attems <maks@sternwelten.at>
Cc: 390616@bugs.debian.org
Subject: Bug#390616: linux-image-2.6.18: Enable ATA-Security for Sid kernels
From: thomas schorpp <t.schorpp@gmx.de>
Date: Thu, 05 Oct 2006 18:47:14 +0200
Message-id: <[🔎] 45253712.4040605@gmx.de>
Reply-to: t.schorpp@gmx.de, 390616@bugs.debian.org
In-reply-to: <[🔎] 20061005135929.GC29970@nancy>
References: <[🔎] 20061002074824.8EE0687F37@tom1.schorpp.dyndns.dk> <[🔎] 20061005135929.GC29970@nancy>

maximilian attems wrote:

severity 390616 wishlist
tags 390616 wontfix
stop


no reason


On Mon, 02 Oct 2006, schorpp wrote:

tom1:/home/schorpp# hdlock

/dev/hdc:
Issuing SECURITY_SET_PASS command, password="xxxxxx", user=master,
mode=max
Problem issuing security command: Invalid argument
Error: 22
You need to configure your kernel with CONFIG_IDE_TASK_IOCTL.

(hdparm >= 6.3)

Pls enable CONFIG_IDE_TASK_IOCTL, it is stable since 2.6.16,thx.



i hardly believe that claim without massive testing,


see my early postings on the ide-dev list archive.

i will compile a vanilla kernel and prove it working fine instantly.

i have been locking and unlocking ata-(5)/6/7 hdd's with release vanilla kernelsat least since february 2006 successfully and without kernel error messages.

You are out of sync.

unlocking locked drives with hdparm locked from that known and widely usedproprietary ata-security bios extension/patch works, too, and vice versa:

http://www.fitzenreiter.de/ata/ata.htm

what maybe is not working is unlocking from older ibm thinkpad bios locked

2,5" ide hd's and vice versa due to buggy MSB/LSB swapping of the password stringin IBM bios.this is confirmed with latest T23 bios.since most newer motherboard bioses are freezing ata-securityof drives attached to mainboard controllers pre boottheres no danger to lock accidently for most users, too,but this takes freedom.

aboves config option gave us lots of ide troubles before sarge
release.


yes, but thats been a long time and we dont talk about sarge 2.6.8 kernels
here.

also the IDE maintainer has not been active in the later
2.6 series,

why should he? this option was interesting to a few security people only,but it could be interesting to p2p file-sharerers which are threatend bypolice practice of erasing all discs they find without any court ruling.loop-aes wont protect here, but this feature can, because to police equipmentthe drives will appear as defective in locked state and will be returned ;)

so i don't believe your claim. (-ac did some work post
2.6.18) we consider enabling this postetch.

this is not about believe, it works and I want my freedom to protectmy data using all available systems.

y
tom



big NACK


think again,
tom

Reply to:

Follow-Ups:
- Bug#390616: linux-image-2.6.18: Enable ATA-Security for Sid kernels
  - From: maximilian attems <maks@sternwelten.at>

References:
- Bug#390616: linux-image-2.6.18: Enable ATA-Security for Sid kernels
  - From: schorpp <t.schorpp@gmx.de>
- Bug#390616: linux-image-2.6.18: Enable ATA-Security for Sid kernels
  - From: maximilian attems <maks@sternwelten.at>

Prev by Date: KDUMP based kernel crash dump
Next by Date: Processed: your mail
Previous by thread: Processed: Re: Bug#390616: linux-image-2.6.18: Enable ATA-Security for Sid kernels
Next by thread: Bug#390616: linux-image-2.6.18: Enable ATA-Security for Sid kernels
Index(es):
- Date
- Thread