Manualshelf

User Manual

ManualsBrandsSeagate Technology ManualsSeagate Technology Hard Drives & StorageSeagate 2TB EXOS 7E2000 ENT CAP 2.5 HDD - ST2000NX0273
11121314151617181920
Enterprise Self-Encrypting Drive User’s Guide, Rev. B 12
1
Read Buffer (1C): Return Error History (No user data involved)
2
Write Buffer (4h - 7h, 0Eh, and F0): Variations on Download Microcode (no user data involved)
3
Mark the LBA as containing a pseudo unrecovered error (no user data involved)
When the drive is unlocked, the commands shown in table 1 are once again in play, but what’s the deal with the four
commands that continue to react with a check condition even when the drive is unlocked? These commands are Read
Buffer, Read Long, Write Buffer and Write Long.
Read/Write Buffer
As we saw in Figure 5, all of the data in the buffer (cache) is encrypted and since access to the cipher text is not
allowed in encrypting devices, these commands have been removed from the SED’s repertoire.
Read/Write Long
These commands allow the cipher text on the media to be manipulated and viewed and therefore, like the Read/
Write Buffer commands, they have been removed from the SED’s executable command set.
Note. The Federal Government does not permit storage devices to be operated as coding machines where a
clear text input provides a viewable cipher text output. Such devices would fall under the category of
“munitions.”
2.1 Authentication keys (passwords)
We mentioned above that the security block in the drive manages more than one password. Well, now it’s time to
take a closer look at these passwords and what they do.
There are two security partitions (SPs) defined in the drive:
•Admin SP
Locking SP
We visited these briefly in Section 1.3 when we talked about drive locking. The Admin SP controls access to the
logical ports on the drive and the Locking SP controls access to the user data on the media.
Table 1: Data access command restrictions
Command User Data Accessed? (Y/N) Drive is unlocked Drive is locked
PRE-FETCH Y Executable Check condition
READ BUFFER (Mode 1Ch)
1
Y Executable Check condition
READ BUFFER N Check condition Check condition
READ LONG Y Check condition Check condition
READ Y Executable Check condition
REASSIGN BLOCKS Y Executable Check condition
VERIFY (BYTCHK=1) Y Executable Check condition
WRITE AND VERIFY Y Executable Check condition
WRITE BUFFER
2
(except modes 4h - 7h, 0Eh, 0Fh)
Y Check condition Check condition
WRITE LONG (WR_UNCOR = 0) Y Check condition Check condition
WRITE LONG (WR_UNCOR = 1)
3
Y Executable Check condition
WRITE SAME Y Executable Check condition
WRITE Y Executable Check condition