ATA在Linux中受信任的命令

同事,

我正在实现对ATA受信命令的支持

0x5C, TRUSTED RECEIVE, 0x5D, TRUSTED RECEIVE DMA, 0x5E, TRUSTED SEND 0x5F, TRUSTED SEND DMA, 

对于Linux(两台主机,Fedora 12和14)来支持自encryption驱动器。 我从这个页面http://www.jukie.net/bart/blog/ata-via-scsi获取了一个代码作为基本代码。 对于可信的接收(在这一层,它与IDENTIFY,0xEC相同):

 sg_io.interface_id = 'S'; sg_io.cmdp = cdb; sg_io.cmd_len = sizeof(cdb); sg_io.dxferp = data_in_buffer; sg_io.dxfer_len = data_in_length; // multiple of 512 sg_io.dxfer_direction = SG_DXFER_FROM_DEV; sg_io.sbp = sense; sg_io.mx_sb_len = sizeof(sense); sg_io.timeout = 5000; // 5 seconds cdb[0] = 0x85; // pass-through ATA16 command (no translation) cdb[1] = (4 << 1); // data-in cdb[2] = 0x2e; // data-in cdb[4] = feature_id; // ATA feature ID cdb[6] = 1; // number of sectors cdb[7] = lba_low >> 8; cdb[8] = lba_low; cdb[9] = lba_mid >> 8; cdb[10] = lba_mid; cdb[11] = lba_high >> 8; cdb[12] = lba_high; cdb[14] = 0x5C; // TRUSTED RECEIVE rc = ioctl (fd, SG_IO, &sg_io); 

它适用于Identify和所有其他命令,但不适用于受信任的命令。 当我连接协议分析仪时,我发现这些命令没有发送到SATA总线。 该适配器能够发送它们,因为它们在Windows下(不是我的代码,但我认为使用ATA_PASS_THROUGH)即将到来。 是的,我正在运行这个代码作为根。

请帮忙解决这个谜团:)

Solutions Collecting From Web of "ATA在Linux中受信任的命令"

请参阅/usr/src/linux/drivers/ata/libata-scsi.c :

 /* * Filter TPM commands by default. These provide an * essentially uncontrolled encrypted "back door" between * applications and the disk. Set libata.allow_tpm=1 if you * have a real reason for wanting to use them. This ensures * that installed software cannot easily mess stuff up without * user intent. DVR type users will probably ship with this enabled * for movie content management. * * Note that for ATA8 we can issue a DCS change and DCS freeze lock * for this and should do in future but that it is not sufficient as * DCS is an optional feature set. Thus we also do the software filter * so that we comply with the TC consortium stated goal that the user * can turn off TC features of their system. */ if (tf->command >= 0x5C && tf->command <= 0x5F && !libata_allow_tpm) goto invalid_fld;