BSD DevCenter
oreilly.comSafari Books Online.Conferences.

advertisement


OpenBSD 3.8: Hackers of the Lost RAID
Pages: 1, 2, 3, 4, 5, 6

You provide a couple of drivers to monitor hard disks status via SCSI Enclosure Services command set. A lot of people use SATA instead, because of its good performance and lower price. Does SATA offer similar features too?



Marco Peereboom: Well, SES and SAF-TE do not really monitor disk status. The only disk-related thing they monitor is "insertion" and "removal." SES and SAF-TE are used to provide the missing link in SCSI hot plug. Upon insertion or removal of a disk they will set or clear a bit, respectively, to indicate what the current slot status is. A RAID or SCSI controller will retrieve the slot status page and discover that something has been inserted or removed. Whenever something is inserted, it runs the so-called spin-up code to make the drive accessible. If something is removed, the RAID firmware will look to see if the removed disk was part of some RAID set and act accordingly.

All that said, SES and SAF-TE are more useful than just that. The other major component is monitoring environmentals. They measure and report temperatures, fan speeds, power supply status, etc. This data is conveniently available in sysctl(8) and can therefore be monitored with sensorsd(8).

In the near future, SAS and SATA2 drives will be used in mixed configurations since SAS can handle SATA2 devices transparently. The net is that at some point one can have a SAS transport from the RAID card to an external enclosure while the disks in that enclosure are SATA2. In this scenario, if there is a SES device on that enclosure, it will be available. So technically it isn't a SATA2 device; however, it is available and provides the same functionality. One word of caution though: SATA2 is cheap for a reason, so keep that in mind when making a purchase decision.

David Gwynne: I am aware that there is such a thing as a SATA SAF-TE device, but I don't have one and I haven't looked into them. I would be extremely surprised if they worked, since our enclosure drivers attach to scsibus and all our SATA drivers are supported by the pciide driver (which don't attach a scsibus). Unless the firmware in SATA variants of ami controllers emulate a SCSI bus over SATA for the enclosure, then our drivers cannot attach.

Does RAIDframe work with bioctl? Or maybe do you plan to replace RAIDframe?

David Gwynne: The software RAID framework is configured and managed by raidctl, which is completely separate from bioctl and its support for hardware RAID controllers. That said, it is possible that the hooks that bioctl uses could be implemented in RAIDframe to allow bioctl to monitor it as well. I don't see the benefit in doing so, though.

There is also a general consensus that RAIDframe is Not Good(tm) and needs to be either rewritten or hacked to bits into something simpler and smaller. I'd predict that it is more likely that ccd(4) will be extended to support RAID 5 as well as RAID 0 and 1 before RAIDframe has any work done on it. If that happens, then RAIDframe could just go away and no one would miss it.

This is all just talk at the moment, and as such totally unreliable as an indicator of future work. This isn't a priority for anyone I've spoken to, so don't be surprised if it doesn't happen in the short term or at all.

"wd(4) disks have the security feature frozen before being attached to prevent malicious users setting a password that would prevent the contents of the drive from being accessed." Does this mean that we cannot set a password anymore with atactl?

Jonathan Gray: Modern ATA disks have what is known as the security feature set. This allows passwords to be set on drives which prevent the contents from being accessed without the right password.

The problem with this was brought to our attention by the c't magazine article entitled "How ATA security functions jeopardize your data," which outlines how this can be abused.

In practice, the security feature set turns out to be a bad idea because it is nearly always on by default. If someone has the equivalent of root access for just a moment, they can set a password that will prevent the data on the drives from being usable. You have to either erase the drive or be prepared to pay a large amount of money to a data recovery company that has broken the system to get a usable drive again.

There is a workaround the standard allows us, which is turning off the ability to set passwords until the next boot cycle. Ideally BIOS implementations would deal with this and disable the security feature set by default, but most currently do not. So we take matters into our own hands and disable the security feature set on all ATA drives in the kernel before the rest of the system can use them.

So yes, no more password setting with atactl, but this turns out to be no great loss.

The man page of the new aps driver for the built-in accelerometer found in some IBM ThinkPad laptops states, "As IBM provides no documentation, it is not known what all the available sensors are used for." I thought IBM was an open source-friendly vendor, especially since they adopted Linux. How did you develop the driver?

Jonathan Gray: IBM only seems to be involved in open source to the extent that it suits them. This for the most part seems to mean on the server side of things. IBM employee Mark Smith and his friend Anurag Sharma reverse-engineered the Windows driver to figure out how parts of it are supposed to work; the driver is based on information in the document Mark has on his site. It kind of highlights how bad things are when an IBM employee has to reverse-engineer an IBM product to figure out how it works.

What is possibly more worrying are the standards bodies who either don't let people access standards at all (i.e., SD, need to be a member corporation and have signed an NDA) or hold them ransom (i.e., T13/ATA, PCMCIA/PC Card).

Is the ThinkPad Active Protection System effective? Did you make any test?

Jonathan Gray: The driver that will ship with 3.8 is largely a fancy toy. At one point I had it acting as an additional mouse, moving the cursor when you tilt the laptop; while this was a nice way of testing things, it is impractical to use, so the code was not committed. Other people have written userspace programs that do things like show the laptop orientation or lock the laptop if it is moved, and the sensorsd(8) daemon can react to changed sensor values with whatever command the user likes.

I have code that can be used by any driver to park the heads of all ATA disks attached to the system, and relevant changes in aps(4) to use this. This is the real reason for the sensor being present in the hardware: to park disk heads in the event of a fall. These changes will likely make their way into our next release.

I'm not in any great hurry to try drop-testing my recently purchased ThinkPad from any great height, as they aren't the cheapest things to replace ...

Pages: 1, 2, 3, 4, 5, 6

Next Pagearrow





Sponsored by: