ATA security commands, bug in atacontrol

[Søren Schmidt]

ALeine wrote:
> Recent c't magazine article "At Your Disservice - How ATA security functions
> jeopardize your data", which you can find at the URL below, warns about the
> dangers of ATA security commands. Specifically, a malicious attacker with
> sufficient access could render a disk useless to the legitimate owner of
> the disk by setting the 32 byte user and master passwords using the ATA
> security command 0xf1.
> 
> http://www.heise.de/ct/english/05/08/172/
> 
> To prevent such attacks in case of compromise one can issue the ATA security
> freeze lock command 0xf5, which disables further ATA security commands until
> the next cold boot. Software for issuing the ATA security freeze lock command
> has been made available at the URL below.
> 
> http://www.heise.de/ct/ftp/projekte/atasecurity/
> 
> There is a patched version of the Linux hdparm utility there, but the c't
> guys seem to have neglected the BSD world, they have not even mentioned the
> fact that OpenBSD's atactl(8) already supports this command as well as all
> the other ATA security commands, as can be seen at the URL below.
> 
> http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/atactl/
> 
> Currently FreeBSD's atacontrol(8) has no support for ATA security commands,
> so I would like to know if adding the ATA security features is a priority
> on the TODO list. I would like to see these features implemented and I would
> also be willing to port the code from OpenBSD if there are some more
> experienced kernel developers who would be willing to review my code and
> commit it? Let me know.

Right, I did see that article but I've not settled on how if at all to 
deal with it. The by far most secure method would be to have ATA issue 
the freeze command ASAP in the probe/attach code, thats about one line 
of code :)
At any rate atacontrol is not the place to put it if we want this to up 
security...

-- 

-Søren