Releases: Seagate/openSeaChest
Testing CI with ownership changes to tar package
This is a test release of the ownership for the issue reported in #158
When extracting a tar file as root it preserves original file ownership settings, which was the CI "user" which does not exist.
Now, when extracting as root it will set ownership to root:root
v24.08.1
This is a bug fix update to v24.08
Bugs fixed:
- CSMI handles were not being properly accepted in Windows builds and outputting an error when used.
- Fixed #155 for the installation of openSeaChest through deb or rpm packages. Installation directory is now
/usr/local/bin
- Fixed detecting SAS/SCSI disks as SCSI_DRIVE type in library code in Linux builds. This resulted in many options not working correctly for SAS drives. Workaround was to use
--forceSCSI
option, but that is no longer necessary. - Fixed reading and setting EPC settings on SAS drives.
- Fixed some CSMI compatibility with ARCSAS driver. This does not give full capabilities to see all the drives but helps mitigate other issues.
- Enabled ATA sense data use when enabled by the drive as another way to determine command pass/fail/etc status
- Pulled in update to handle status value
00h
in code that reads physical element status. This will output "not reported" rather than "In limit" and better matches the T10 and T13 standards. (Pull request Seagate/opensea-operations#19) - Added checking SAS power mode with test unit ready if one was not determined with request sense for better compatibility with some drives
- Secure path code for files has been disabled in Windows for this release due to an incompatibility with some Windows security permissions. Seagate is reviewing these to figure out a proper solution to make in a future build. Secure path code is still active for non-Windows builds.
v24.08
This release has been a long time coming, but it is finally here!
A major focus of this release has been on security of the source code in this project, and it has been a very large task to assess and update many different parts of it to improve overall security of openSeaChest.
The most important pieces of the security updates that were worked on came from a third-party audit and warnings from various SAST tools and LOTS of testing through DAST tools like valgrind and dr memory to make sure everything worked as intended.
Security Improvements
- Removed all use of atoi/atol/atoll and sscanf as identified as unnecessary risk by third-party
- atoX functions were replaced with strtol/stroul/etc with all recommendations from ISO C secure coding standards around checking errno with these functions as well as catching out of range errors when converting to smaller types (uint8, uint16, etc)
- New functions that better catch errors parsing command line inputs to guard against buffer overflows and other undefined behavior
- Fixed TOCTOU (Time of check, time of use) issues when reading some Linux system files (getting version info and other low-level device information)
- Fixed a few memory leaks that were identified
- Many new functions were added to the library opensea-common to guard against undefined and system unique behavior in the std-c library to ensure consistency across platforms.
- All meson project files updated with recommended warning/linker flags recommended by OpenSSF and OWASP for GCC, Clang, and MSVC compilation to better detect issues and compile a more secure executable.
- All warnings from these new flags have been resolved on all platforms we have been able to test (Windows, Linux, FreeBSD)
- A secure-file access API has been written for all platforms based on recommendations from Cert-C coding standard to ensure files cannot be tampered with before accessing them.
- When reading system environment variables, Cert-C's recommendation to check for tampering has been implemented.
There are many other security improvements we will look into for the future, and this is just a high-level overview of all the work that was done.
While not directly related to security, we have tagged all files with appropriate SPDX comments to note the license(s) that apply to help with SBOM creation. We do not have a generated SBOM yet as we are still exploring the different tools to see which works best.
Seagate has also implemented SLSA level 3 on openSeaChest to allow users to check both the source_with_submodules packages and the binary executables to ensure they came from the source: This github project. Visit SLSA.org for more information about this project!
SLSA verification outputs are available and can be run through the SLSA verifier project on Github!
Functionality changes in openSeaChest
New Utilities
- openSeaChest_Raw can be used to issue raw CDBs to SCSI/SAS/SAT devices. It also supports issuing raw TFR's to ATA devices.
- openSeaChest_Defect is used to view standardized defect lists on SAS and SATA drives. It also has functionality to create flagged errors and psuedo-uncorrectable errors for testing purposes.
Both of these utilities were part of Seagate's internal toolset and have been moved to openSeaChest!
New Functions
- Support for new ability to change a drive's Model Number while changing the maxLBA to a new value.
Example: A 30TB drive can be set to 26TB and update the model number it reports to show as 26TB instead of the original 30TB.
This is only supported on some of the latest drives with ACS-6 support. - Ability to configure and view the ATA Write-Read-Verify feature (WRV)
- Improved configuring and viewing ATA Power Up In Standby feature (PUIS).
- PUIS feature control is moving to openSeaChest_PowerControl going forward. Existing support in openSeaChest_Configure remains in place for this release.
- Refactored Sanitize command support
- Sanitize support for Zone-No-Reset or No-Deallocate functions for ZBD/NVMe devices that support these features.
- Sanitize support for Allow Unrestricted Sanitize Exit (AUSE) is also supported as an optional flag in sanitize going forward. By default, sanitize still runs in restricted mode.
- Sanitize Overwrite support for specifying how many overwrite passes to perform, between 1-16 for SATA and NVMe and 1-32 for SAS. Default of a single pass remains.
- Detection of Write After Crypto Erase Required and Write After Block Erase Required now output in sanitize info for SAS drives as well as PI detection to warn that an overwrite will be necessary before reading back from these devices.
- Added old ATA SMART-offline routine support
- Added Seagate Unique Device statistics to
--deviceStatistics
output. Many of these related to Sanitize erasures and when they were last completed. This is for both SAS and SATA devices that support these statistics. - Added showing SATA Phy Event counters page
- Added SFF-8055 style SMART trip warning message about backing up data when a SMART trip is detected.
- Added CCISS RAID support in Linux. This support is for HBA's running the following drivers: CCISS, HPSA, SmartPQI
- Some default SAT CDB creation rules were added for known SAT translators based on Vendor/Product ID/Revision reported on SAT VPD 89h page. This improves support on Broadcom, Avago, LSI, Microchip, Adaptec, PMC, and HPE controllers we have been able to test and reduces the number of retries used in the code to work around issues with SAT passthrough CDBs.
Bug Fixes
- Fixed a rare bug in --smartCheck when a nominal or worst ever value is zero and a threshold value is specified. This was generating a false-positive trip on some USB devices. This is not a common issue.
- Fixed ATA Security Erase time estimate calculation
- Fixed a bug reading supported SCSI PI types
- Fixed a bug reading SCSI relative humidity levels
- Fixed a bug generating a binary log file name in openSeaChest_Logs
- Refactored drive info and device discovery to better handle legacy devices and modern devices. This primarily affects ATA style device reporting. This also improves USB device performance.
- Fixed a bug reading ATA long logical sector sizes. No known real-world impacts, but an incorrect macro was used so it could have truncated this field.
- Fixed a bug reading NVMe format for NVMe 2.0 devices with more than 16 formats supported
- Fixed issuing Sanitize Crypto and Sanitize Block erase in Windows 10 and Windows 11 to NVMe devices
- Fixed verbose CSMI scan in Windows due to improperly initialized structure
- Special case to work around Microsoft Virtual Disks in Windows during scan and avoid commands that are known to not be supported.
- Fixed a bug where some ATA PIO-In commands were marked as failures when they actually passed due to incorrect status interpretation.
- Fixed a bug setting the TPSIU field for some SAT CDBs
- Fixed a bug where specifying a large transfer size for firmware updates could cause a failure on SATA drives due to a low-level SAT translation work-around.
- Improved the ATA checksum function to better handle overflows as intended by the ATA specifications.
- Fixed sanitizing ATA Security Passwords in memory before releasing the memory (both stack and heap uses).
- Improved performance concatenating strings. This is most noticable in the ATA SMART attributes output where this is used a lot.
v24.05-beta.hardening.2
Testing changes to get SLSA available for the source with submodules package and make sure it is publishing correctly.
v24.05-beta.hardening.1
This is a beta build to test that the changes implemented in the feature/hardening branch are working properly.
This branch has implemented compiling/linking flags recommended by the Open SSF and by OWasp for all builds.
In addition to adding these extra flags, we've gone through and fixed any warnings we saw while testing to make sure they are handled properly, and future builds will also stay free of warnings.
We've also implemented SLSA provenance and are testing that with this beta build. Provenance can be verified using the SLSA verifier on Github.
Any feedback on this build is welcome so we can continue to fine tune the settings/options and build outputs.
v24.03-beta.ciss.1
This is a beta release with support for issuing commands to drives behind RAID controllers using the CCISS passthrough.
This beta should support HBAs using the CISS driver, HPSA driver, and SmartPQI drivers in Linux.
At this time, this support is only enabled this code for the Linux builds.
These changes are setup so that they can be supported under FreeBSD and Illumos as well, but some additional information is needed before we turn it on. Feel free to reach out in the discussion if you have this configuration and can share some information with us.
A discussion has been added for this release to provide feedback on how this is working for those with these RAID controllers.
Internal testing has been done on HPE and Microchip controllers using HPSA and SmartPQI drivers and they seem to be working as expected, but any additional testing and feedback would be great.
v23.12
This release adds some new functionality and fixes numerous bugs.
Library level fixes that affect all utilities:
- Fixed reading SAS Date of Manufacture for device information
- Added functionality to read and display NVMe power state info
- Added functionality to read and display partition table info
- Fixed a bug in Windows where NVMe get features would fail
- Fixed a bug pulling the NVMe telemetry log
- Improved performance in read/write/verify tests when a defect is found
- More SMART attribute definitions for Seagate HDDs & SSDs and Maxtor HDDs
- Fixed bug interpretting Seagate airflow temperature attribute
- Fixed reading SAS EPC recovery time. Units were wrong.
- Improved detection of NVMe deallocate (trim/unmap) with various Windows NVMe drivers
- Added ATA DCO feature support functionality
- Added separate SMART warning (as opposed to failure) for attributes below threshold, but not marked as prefail/warranty
- Support for additional ZBD zone descriptors from ZAC-2 and ZBC-2
- Added zero verify function to verify all LBAs are set to zero
- Fixed a bug in ATA security erase when SAT security protocol was used. Likely only affected a few NVMe devices supporting this method
- Workaround for PMC8070 with firmware update
- Added detection of ATA HPA security feature
- Added information about which erase meets IEEE 2883 Purge vs Clear criteria
- Fixed a bug in DST & Clean when a drive does not report regular progress updates as expected
- Added showing log output filename on screen when pulling drive logs
- More warnings for set sector size/fast format
- Changed set sector size/fast format timeout to 1 hour since infinite timeout was not handled properly by some linux drivers and would hang rather than return any status when the drive was reset
- Changed SAS Fast Format default mode in set sector size to use background + polling to reduce likelyhood of interruption with a reset
- Improved temperature detection on old ATA HDDs
- More verbose breakdown of ATA status bits when running in verbose mode
- Minor changes to handle realtek 9210 adapter better
- Fixed NVMe deallocate bug in Windows since this command needs to be translated back to SCSI Unmap and there was a bug in that translation
- Fixed possible segmentation fault when attempting to read /etc/mtab in linux
- Fixed incorrect offsets being used when building SCSI Start-stop unit and write-and-verify-16 CDBs
- Workaround for strange hardware interaction between some SAS drives and some HBAs where they were not returning an aborted command when issued a SAT ATA passthrough CDB
- Fixed NSID not being set in some NVMe NVM command set commands causing them to abort
- Fixed a bug in FreeBSD's ATA passthrough causing commands to always report zeroes in results rather than the actual drive results.
- Fixed a bug when byteswapping ATA strings. If they were too long this would not work properly.
- No longer reading /etc/passwd file to determine the current user's name for utility banners. Now it will either show "root"/"admin" or "current user"
- improved parsing of linux /etc/os-release file for system information
The following utilities have these specific updates:
openSeaChest_Configure:
- Added options for configuring/restoring ATA DCO feature
- Added new options for SCT Error Recovery Control to support new ACS-4 features
openSeaChest_Erase:
- Help now indicates which erases meet IEEE 2883 clear vs purge
- --showEraseSupport now indicates which IEEE 2883 clear vs purge in the output
- Added --eraseRestoreMaxPrep to handle all interactions between HPA/DCO/AMAC when restoring Maxlba ahead of an erase
- Added --zeroVerify option to verify all LBAs are written to zero (for overwrite verification only)
- Fixed a hang that could occur when starting an erase, such as sanitize, then trying to ask the OS to rescan the device for filesystems. The filesystem rescan will now only happen if an erase has been completed.
openSeaChest_Format
- Added more warnings about --setSectorSize and SAS --fastFormat options
- default timeout on set sector size now set to 1 hour.
openSeaChest_Info
- added --partitionInfo to dump MBR/GPT partition table information
openSeaChest_NVMe
- improved support for get/set features to match latest specs
- Added more complete information dump for host memory buffer feature to see what was allocated by the host and how it matches drive identify information
openSeaChest_PowerControl
- Added --showNVMPowerStates option to see NVMe power state information
- Fixed SAS EPC recovery time display
v23.03.1
rel: Finish v23.03.1 -Fixed hybrid SMART attribute counter output -Added missing Seagate attribute name for attribute 198 -Fix for overwriting some drives in Windows. Previously a permissions issue was reported writing to LBA 0 when erasing a full drive. -Added note about output of DST log entries (mostly for SATA since it reads based on pointer to latest result instead of first in buffer which can be confusing for those looking at a raw log view) -Updated ATA verbose output with more information for some commands such as read log ext and write log ext -Updated help output to show handle examples as /dev/sg<#> or PD<#> to prevent confusion of the ? which is a wildcard. Note: This wildcard is not supported in openSeaChest. Use -d all for a method of running on all devices instead -Changed how legacy ATA standby timer is set. It will read the current state of the drive to decide between using the standby command or the idle command. Previously it only used standby which was causing drives to spin down immediately.
v23.03
March 2023 Release contains some important fixes and improvements over our last version.
- Fixed 5 bugs that could cause the scan or
-d all
to crash and show either a segmentation fault or crash and do nothing - Added examples of most, if not all, options available in each tool to the
-h
output for the tool - Improved ATA smart check algorithm to work better on old drives and interfaces that may not provide the result registers
- There is now a zip/tar file with the source including the submodules available
- Added a more thorough and larger warning about running
--setSectorSize
- Made the Seagate vendor unique command "quick format" run automatically if set sector size fails in a way that is detectable (and is the most common we have had reported...reset while formatting)
- Made NVM format with user data or crypto erase part of
--quickestErase
as well as standalone options in openSeaChest_Erase. - Improved the low-level Windows code to allow NVM format with data erase possible using Microsoft unique translation of the SCSI sanitize CDB for Windows 10, 1909 and up. This may work in earlier versions, but the Microsoft documentation does not go back that far.
- Firmware update now has a better "automatic" mode to provide a better user experience. When possible, deferred download + activate is run, otherwise segmented download is run.
- Firmware update properly detects Windows exit code for when a device requires a power cycle to finish NVMe firmware update and informs the user in the output.
- RPM and Deb packages thanks to pull request #94
- Portable packages are available for Linux on many different CPUs thanks to using the MUSL libc cross-compilers and statically linking MUSL libc
- Added new
--lowLevelInfo
option to assist with debugging tricky problems that occasionally are reported and need to report information about internal structures to understand the code path when remotely debugging issues - Improvements in CSMI scanning to better work with other drivers that support CSMI in Windows.
- AIX source code support (Binaries are not available at this time, but source code should be able to build using GCC and gmake in AIX)
- Added detection for when SCSI security protocol commands are blocked by an HBA or driver (known issue with Broadcom MegaRAID controllers)
- Added reading date of manufacture to
-i
for products that support electronically reporting this information (SAS and Seagate drives with FARM) - Improved colored text output with ANSI escape sequences under Linux. Needed for new set sector size warning.
- FreeBSD CI can now upload release artifacts. These have been included for this release for amd64 architecture.
- openSeaChest_Logs now has a
pipe
output option for FARM available that can be used to pipe the output to openSeaChest_LogParser
v23.02-alpha.8
ci: fixing upload path for tag id lookup in Cirrus Fixing the upload path to be $id rather than tag/$id Signed-off-by: Tyler Erickson <[email protected]>