"Linux IDE Guy" Wants Option to Disable CPRM

Andre Hedrick, maintainer of the Linux ATA subsystem and a member of the standards committee for ATA drives, has asked the committee to add an on/off switch to a controversial proposed feature called CPRM if CPRM becomes part of the ATA standard. (ATA drives are also known as IDE.) Under Hedrick's propsed change, the operating system, presumably under the control of the user, would be able to disa

Linux already disables the Processor Serial Number on Intel CPUs to prevent applications from reading it, and Hedrick's proposal would make a similar containment policy possible for CPRM.

In an interview with Linux Journal, Hedrick explained that CPRM, intended as a copy restriction feature, would create problems with important functionality such as making backups. And Alan Cox says CPRM will make it impossible to use disk defragmenting tools.

The following is Hedrick's mail to the T13 committee. Contact information for T13 committee officers and minutes of previous T13 meetings are available on the T13 home page.

Mr. Chairman,

I am request a Proposal Number to present the content below at the February meeting. Of course I am aware that I will need to get a 2/3 support in a roll-call vote of approval to allow adoption in to ATA-6; however, this is only necessary if "e00148rX" is adopted in the same fashion and rules during the February meeting.

Upon receiving the number I will submit the document to be reviewed by all.

The purpose of this offensive crossover feature set is to prevent a valid JAVA type CPRM tool from attempting to perfrom a CPRM action without the HOST first giving notice for enduser certification of the process.

Upon applying this method, T13 may prevent issues that may be deemed actionable by forcing the customer to choose to allow CPRM actions to be performed on their HOST. They must issue the passcode to unlock the feature block to allow CPRM HOST action to be performed.

Apply this constraint against the "e00148rX" and make it a feature that can be disabled and locked out if desired, then you will see better acceptance. This will provide the MPAA people with a method of stopping CPRM content from going to a device that does not allow CPRM features to be enabled. Everybody wins.

Finally, if CPRM proposal is removed from possible adoption, I will withdraw this proposal due to lack of symbiotic requirements. Additionally if this can be ammended to "e00148rX", then a new document will not be needed.

quoted material from another T13 member deleted - Ed.

I went full tilt to successfully stop/postpone this from being adopted at the last meeting in Irvine. If you look at the orginal unsanitized version of this proposal the e00148r0 (note totally rejected in October) verses the stripped down almost technical version of e00148r2, you get the real picture.

Now if you guys want to get me off the topic, you make e00148r3/4 for the meeting in February at Dell contain this addition.

New Command Pair:
Set Features CPRM Lock. 0x4C and 0xAC
        (Yes I cleverly picked the pair to reflect their true nature)
----------------------------------------------------
These commands SHALL be included in all devices that support/enable the
CPRM "e00148rX", which is now defined as OPTIONAL.  Regardless if the CPRM
key locks are supported, CPRM Enable:Disable SHALL be supported.
----------------------------------------------------
The Enable Feature command SHALL be set only by embedded HOST that do not
have an External HOST to overide the feature.  The Enable Feature command
SHALL set a concatenated 32-bit passcode to hold the enable lock.
INPUTS:                         Enable CPRM Mode Lock
        Feature                         0x4C
        Sector Count                    .c3
        Sector Number                   .c2
        Cylinder Low                    .c1
        Cylinder High                   .c0
        Device Head             obs|na|obs|DEV|na|na|na|na
        Command                         0xEF
Sector Count -
Sector Number -
Cylinder Low -
Cylinder High -
        The .c3 .c2 .c1 .c0 SHALL compose a valid lock which will
        comprise and be limited to a 32-bit word size.  The Enable
        concatenated passcode SHALL have two RESERVED Values
        0xFFFFFFFF and 0x00000000.
Device/Head -
        DEV is to indicate device selection.
NORMAL OUTPUTS:
        Error                           na
        Sector Count                    .d3
        Sector Number                   .d2
        Cylinder Low                    .d1
        Cylinder High                   .d0
        Device Head             obs|na|obs|DEV|na|na|na|na
        Status                  BSY|DRDY|DF|na|DRQ|na|na|ERR
Sector Count -
Sector Number -
Cylinder Low -
Cylinder High -
        The .d3 .d2 .d1 .d0 SHALL return the accepted passcode in the same
        format that was issued.
Device/Head -
        DEV is to indicate device selection.
Status register -
        BSY: shall be clear to zero indicating command completion
        DRDY: shall be clear to zero
        DF: (Device Fault) shall be clear to zero
        DRQ: shall be clear to zero
        ERR: shall be clear to zero
        
ERROR OUTPUTS:
        Error                   na|UNC|na|IDNF|na|na|ABRT|na
        Sector Count                    reserved
        Sector Number                   reserved
        Cylinder Low                    reserved
        Cylinder High                   reserved
        Device Head             obs|na|obs|DEV|na|na|na|na
        Status                  BSY|DRDY|DF|na|DRQ|na|na|ERR
Error -
        UNC: shall be set to one if the passcode is not accepted.
        IDNF: shall be set to one if the passcode was never set.
        ABRT: shall be set to one if this command is not supported, if
        the passcode is not accepted, or if the passcode was never set.
Sector Count -
Sector Number -
Cylinder Low -
Cylinder High -
        Reserved:
Device/Head -
        DEV: is to indicate device selection.
Status register -
        BSY: shall be clear to zero indicating command completion
        DRDY: shall be clear to one.
        ERR: shall be clear to one if an Error register bit is set to one.
----------------------------------------------------
The Disable Feature command MAY be set only by any HOST. The Disable
Feature command SHALL set a concatenated 32-bit passcode to hold the STATE
of the lock and SHALL NOT be cleared to enable except by the External HOST.
INPUTS:                         Disable CPRM Mode Lock
        Feature                         0xAC
        Sector Count                    .c3
        Sector Number                   .c2
        Cylinder Low                    .c1
        Cylinder High                   .c0
        Device Head             obs|na|obs|DEV|na|na|na|na
        Command                         0xEF
Sector Count -
Sector Number -
Cylinder Low -
Cylinder High -
        The .c3 .c2 .c1 .c0 SHALL compose a valid lock which will
        comprise and be limited to a 32-bit word size.  The Disable
        concatenated passcode SHALL have two RESERVED Values
        0xFFFFFFFF and 0x00000000.
Device/Head -
        DEV: is to indicate device selection
NORMAL OUTPUTS:
        Error                           na
        Sector Count                    .d3
        Sector Number                   .d2
        Cylinder Low                    .d1
        Cylinder High                   .d0
        Device Head             obs|na|obs|DEV|na|na|na|na
        Status                  BSY|DRDY|DF|na|DRQ|na|na|ERR
Sector Count -
Sector Number -
Cylinder Low -
Cylinder High -
        The .d3 .d2 .d1 .d0 SHALL return the accepted passcode in the same
        format that was issued.
Device/Head -
        DEV: is to indicate device selection.
Status register -
        BSY: shall be clear to zero indicating command completion
        DRDY: shall be clear to zero
        DF: (Device Fault) shall be clear to zero
        DRQ: shall be clear to zero
        ERR: shall be clear to zero
ERROR OUTPUTS:
        Error                   na|UNC|na|IDNF|na|na|ABRT|na
        Sector Count                    reserved
        Sector Number                   reserved
        Cylinder Low                    reserved
        Cylinder High                   reserved
        Device Head             obs|na|obs|DEV|na|na|na|na
        Status                  BSY|DRDY|DF|na|DRQ|na|na|ERR
Error -
        UNC: shall be set to one if the passcode is not accepted.
        IDNF: shall be set to one if the passcode was never set.
        ABRT: shall be set to one if this command is not supported, if
        the passcode is not accepted, or if the passcode was never set.
Sector Count -
Sector Number -
Cylinder Low -
Cylinder High -
        Reserved:
Device/Head -
        DEV: is to indicate device selection.
Status register -
        BSY: shall be clear to zero indicating command completion
        DRDY: shall be clear to one.
        ERR: shall be clear to one if an Error register bit is set to one.
----------------------------------------------------
Standard Non-Data will be issued and the same error handling SHALL be
observed; however the follow execption SHALL report with the content in
the sub-set-features registers.
----------------------------------------------------
Additionally the Feature Support and Feature Enable Bits of the CPRM
"e00148rX" proposal reflect in a manner that standard in the reported mode
of IDENTIFY DEVICE.
Once the Set Features CPRM Lock command is set, the bits in Words 83 and
86 SHALL be effected in the following manner, as it relates to the newly
to be created "Copy Protection Feature Set Supported/Enabled".
Word 83 "Set Features CPRM Lock Support" shall be set to one,
if Word 83 for "Copy Protection Feature Set Supported" is set to one.
Word 86 "SetFeatures CPRM Lock Enable" shall be set to one, if the HOST
has issued a "Set Features CPRM Lock Disable Command" succesfully.  The
result of which set the "Set Features CPRM Lock Disable Enable" to one
will also set and lock the "Copy Protection Feature Set Enabled" to zero.
Therefore "Copy Protection Feature Set Supported" shall issue an ABORT to
any HOST request to activate the "Copy Protection Feature Set" until the
"Set Features CPRM Lock Disable" is cleared by the HOST.
-------------------------------------------------

Regards,

Andre HedrickCTO Timpanogas Research GroupEVP Linux Development, TRGLinux ATA Development

______________________

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix