Unable to wipe physical devices (always fails) - SSD and HDD #10
Comments
|
Could you try the ISO uploaded last night, 0.3.1.1? The previous one was a bad build. |
|
First two runs are failing with invalid sense data. I got this from the F2 console: ==> /tmp/diskslaw_main.log ==> /tmp/diskslaw_se_enhanced_err_sda.log ==>/tmp/diskslaw_se_enhanced_sda.log /dev/sda: ==> /tmp/diskslaw_se_err_sda.log ==> /tmp/diskslaw_se_sda.log /dev/sda: I'm going to try this on legacy boot as well just in case UEFI network boot is causing issues (using GRUB2 to go into iPXE then chainloading the kernel, initrd and squashfs), I'll also try the commands manually in a live boot environment against the same hardware to see what is going on. It is not a BIOS thing as far as I can tell since it does the same thing no matter if set to RAID or AHCI. I still need to try off a USB in legacy boot mode and the commands manually but am updating this comment whenever I find new information. |
|
What model machine and model of storage is in the machine? It appears to either not support ATA secure erase or doesn't unlock/unfreeze with the suspend. |
|
I'll go get some more model numbers and update this comment this afternoon and do some manual commands to find out. For what it is worth, Parted Magic works fine with their secure ATA erase cycle, but this is all manually done in a GUI and not automated. Dell Precision 3520. 500GB Seagate Thin HDD, should be Dell PN# 7P79P, Seagate PN#ST500LM021. I'll collect exact model numbers later today. The Seagate documentation(https://www.seagate.com/www-content/product-content/momentus-fam/momentus-thin/en-us/docs/100737930h.pdf 5.2.4 ATA Enhanced Security) mentions the secure erase, so it seems the drive should support it between the documentation and my experience with Parted Magic. I have also tried this on a Dell Precision 3510 with the same HDD, 500GB Seagate Thin model. I feel like it has to be some sort of bug if the secure ATA erase command is working in PartedMagic. I'm happy to try things to fix this with you. So as I suspected, the manual commands work just fine on a Debian 9 Live CD burned to a USB stick and booted. I did an apt-get update and apt-get install hdparm, hopped into sudo su, and issued everything here https://grok.lsu.edu/Article.aspx?articleid=16716 It is presently wiping the disk and the HDD indicator light is solid (This unit has the 500GB spinning seagate thin HDD) Step 1: Identify the drives Step 2: Check if frozen and sleep the machine to clear the frozen status Step 3: Confirm frozen status is cleared Step 4: set password Step 5: check if enhanced secure erase is supported Step 6: begin wiping |
|
Hello, So I tried the pm-suspend command just to check and it seems to be clearing the frozen state fine manually under Debian. Is this perhaps an issue with Ubuntu? Looks like you are using bionic and I'm using debian 9, that's so far the only thing I can think of right now. I'm going to see if I can build it off of Debian 9 and if that makes any difference. I presume all I need is a linux environment (such as my debian 9 live CD) to clone the github repo and begin running build.sh? |
|
New info: I modified your build so I could use a proper shell when it boots up for root (so I removed the autorun diskslaw.sh part in etc/passwd, basically) I see the drive is able to unfreeze just fine with your script, but then it still instantly fails and throws sense data errors. Looks like it is mismatching: OK so i might have some successful information now: If this shows progress and actually wipes the device, then it looks like it is this subroutine that is broken (get_drive_has_master_password). I'll keep an eye on it and try a few other machines. Confirmed, HDD lights are going solid now while waiting for the first % to show (0% showing but HDD light is 100% active) Maybe check for Security Level high instead of the enable check? That only shows up in my hdparm when a password is set. |
|
Hi Humm3r1, I'm going to work on this more over this weekend. The mismatch error is caused by it trying enhanced then falling back to normal secure erase, this isnt unexpected in my testing as some drives don't support enhanced secure erase. It's just letting you know the config file specifies enhanced but it didn't succeed with enhanced. If you try one of the older builds (not 0.3.x) you may have better luck for now, I'm with you in thinking my function isn't handling this properly. |
|
Hey Maltob, Thanks for your reply! I can for sure tell you these drives support enhanced erase. I’ve done it manually many times and checked the manufacturer spec sheets. Hdparm can also see that it supports enhanced erase. For what it is worth, your /tmp/DiskSlaw.csv file even says enhanced secure erase was completed. My guess is the password function since basically forcing it to set a password makes it work whereas before it fails instantly. I haven’t tried to set it manually myself yet and then see if diskslaw can handle it. I suspect if that works then it has to be this routine to set the passwords. For what it’s worth I can confirm those drives from last week erased properly as there is no Data on them now. I’ll keep an eye on here in case you update this with any information. Thanks for all the help and hard work! |
|
I wasn't able to replicate it on my test machine, but it shouldn't hurt anything to remove the password check function and just always set the password like you've tested. I'll try to get an updated ISO made with that setup this week. |
|
Thats interesting, lol. Anything in particular you'd want me to check on my machine? I can retry with the SATA mode set to AHCI instead of RAID just in case (it didn't make a difference when I tested at first but just to be sure I'll retry). The only other thing I can think of is just the function checking for not\tenabled might be to blame if the output is somehow different (maybe an extra whitespace etc?). It's so weird yours works fine. What hardware do you have to test on? I can try to replicate with a mix of Dell and Lenovo hardware we have on site and see if I can track anything down. Thanks very much for your time and help with this! I really appreciate it. |
|
Hi @humm3r1, You were correct, there was a bug in both the frozen and the password check, my testing didn't find them because both were evaluating the way I had expected. I've uploaded a new ISO with the fixed checks and an input for the disk password below: Could you try out this revision and see if it fixes the issue you were experiencing? Thanks! |
|
Hey Maltob, Thanks for all your hard work tracking down the bug! It seems to be working now on the first machine i tried. I'll try a bunch of models to confirm it is working! 👍 Only thing that isn't now from my side is the progress bar is always 0%. I'm not sure how to check for progress but I'll experiment and if I figure it out, i'll let you know! |
Describe the bug
DiskSlaw is not wiping physical machines. Detects "Frozen SSD" even in machines with mechanical drives. It looks like it tries to wipe the drives, but goes to 100% almost instantly, and shows (F) on the status line indicating it failed.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
I expect it to begin wiping the drives with the erase commands, instead of instantly failing.
Additional context
I am more than happy to help work on this with you and test against my machines. My workplace is looking for a tool that can detect and wipe SSD's/HDD's properly (so that we only shred on mechanical drives and not overwrite the entire SSD and kill it). I took a quick peek and so far I am unsure why it is acting up. I will try against the same hardware with manual commands from your script to see what happens.
The text was updated successfully, but these errors were encountered: