Do you still have it sitting around?They made it pretty clear it could not be changed to 512 so I'll hang on to it. It will keep my papers from blowing away on a windy day.
@kdub - can you clarify what block size the IBM branded ST4000NM0043 you referred to, were? What IBM part number were they?I feel your pain; I'm currently messing with 6 IBM branded seagate ST4000NM0043. Hoping it's possible to put them back to OEM.
Hello, Steve. What exact model number is written on the label? It's important if you are looking for a firmware. You have megaraid card, meaning you can fetch some more info about the drive in storcli - command syntax is about this: storcli /cx/ex/sx show all, where x is specific to your setup. Post the output here and we'll try to figure out what can be done next.Hi, did you guys ever figure out how to do this? I am afraid I'm a little naive and purchased 10 sas drives that I am assuming has a non standard sector size. They have an IBM label attached but I think they are hitachi 600gb drives and show up as IBM-SSG in the megaraid firmware. I have tried the methods in lsi module in ubuntu but the drives do not even show up in lsscsi, my next step was going to be searching for the firmware. Any help is appreciated and thanks in advance -Steve
Good, drive is unsecured and unlocked. The only problem is that your RAID controller doesn't support 528 bps drives and you need an HBA to reformat this drive. Cheapest HBA I can imagine is something like LSI9211 or 9212 with IT firmware.FDE Capable: Capable
FDE Enable: Disable
Secured: Unsecured
Locked: Unlocked
Needs EKM Attention: No
Foreign State: None
Device Speed: 6.0Gb/s
Link Speed: 6.0Gb/s
Media Type: Hard Disk Device
Drive: Not Supported
Your drive has IBM version of firmware and the most fresh IBM firmware for this drive I could find is JNEA8The drive model is HUC109060CSS601, but has an IBM Storage label
setblocksize V0.2
Checking parameters ...
Done.
New blocksize: 512 Bytes
Format timeout: 800 minutes
Open device file ...
Done.
Prepare command ...
Done.
Send INQUIRY command ...
Write error
STD - Standard (also known as Secure Download & Diagnostic (SD&D))
SED - Self Encrypting Drive
FIPS - Federal Information Processing Standard
==========================================================================================
SeaChest_Firmware - Seagate drive utilities - NVMe Enabled
Copyright (c) 2014-2019 Seagate Technology LLC and/or its Affiliates, All Rights Reserved
SeaChest_Firmware Version: 2.7.0-1_19_23 X86_64
Build Date: Jun 10 2019
Today: Fri Jan 22 22:01:14 2021
==========================================================================================
/dev/sg19 - IBM-SSGMSVW800 - ZAZ15ZSP0000822150Z3 - SCSI
.
Firmware Download failed
Hi there, it looks to me that your drive is simply in locked state. Someone who sold it to you wiped clean the content of the VD but didn't remove secured VD from the array of security capable (and active) PDs. Behavior of a drive in the locked state is well documented for instance in HGST manuals, so it will not react on your attempts to format unit, read or write to unit even if the drive has the supported sector size. Most likely drive will ignore write buffer (firmware download) command - depends on DL port lock state. Some HBAs will not detect such a drive at all, RAID controllers that doesn't support security feature will mark a locked drive as 'unconfigured bad' and you will not be able to do anything about it unless you change the controller itself. Setlocksize and sedutil will not help you in this case.I re-tried basically everything that has been tried on this thread so far, plus a couple of extra things. Before getting anyone's hopes up, I was not able to change the sector size either
Thanks for the heads up! I have contacted the seller to see if he is able to assist me.Hi there, it looks to me that your drive is simply in locked state. Someone who sold it to you wiped clean the content of the VD but didn't remove secured VD from the array of security capable (and active) PDs. Behavior of a drive in the locked state is well documented for instance in HGST manuals, so it will not react on your attempts to format unit, read or write to unit even if the drive has the supported sector size. Most likely drive will ignore write buffer (firmware download) command - depends on DL port lock state. Some HBAs will not detect such a drive at all, RAID controllers that doesn't support security feature will mark a locked drive as 'unconfigured bad' and you will not be able to do anything about it unless you change the controller itself. Setlocksize and sedutil will not help you in this case.
Yep, SAS2008 detects locked drives, but I didn't succeed in finding any software tool even to see that drive is locked. Maybe SeaChest_Security withMy HBA (LSI SAS2008) does appear to detect the drive.
Here is the output:Yep, SAS2008 detects locked drives, but I didn't succeed in finding any software tool even to see that drive is locked. Maybe SeaChest_Security with
--showLockedRegions key will do the trick, I don't have any locked drive at hand. What you need straight off is to 'secure erase' the drive. Unfortunately each and every soft tool devoted to do this task with SED drives failed for me with HBA. The 'security capable' RAID controller did the trick though.
==========================================================================================
SeaChest_Security - Seagate drive utilities - NVMe Enabled
Copyright (c) 2014-2019 Seagate Technology LLC and/or its Affiliates, All Rights Reserved
SeaChest_Security Version: 2.0.1-1_19_23 X86_64
Build Date: Jun 10 2019
Today: Sat Jan 23 14:16:46 2021
==========================================================================================
/dev/sg19 - IBM-SSGMSVW800 - [SERIAL - I ASSUMED I SHOULD REMOVE IT] - SCSI
TCG Drive Locking Regions:
==========================
Name Common Name Range Start Range Length Read Status Write Status LockOnReset
Global_Range Locking N/A N/A Disabled Disabled PowerCycle
Band1 Locking N/A N/A Disabled Disabled PowerCycle
Band2 Locking N/A N/A Disabled Disabled PowerCycle
Band3 Locking N/A N/A Disabled Disabled PowerCycle
Band4 Locking N/A N/A Disabled Disabled PowerCycle
Band5 Locking N/A N/A Disabled Disabled PowerCycle
Band6 Locking N/A N/A Disabled Disabled PowerCycle
Band7 Locking N/A N/A Disabled Disabled PowerCycle
Band8 Locking N/A N/A Disabled Disabled PowerCycle
Band9 Locking N/A N/A Disabled Disabled PowerCycle
Band10 Locking N/A N/A Disabled Disabled PowerCycle
Band11 Locking N/A N/A Disabled Disabled PowerCycle
Band12 Locking N/A N/A Disabled Disabled PowerCycle
Band13 Locking N/A N/A Disabled Disabled PowerCycle
Band14 Locking N/A N/A Disabled Disabled PowerCycle
Band15 Locking N/A N/A Disabled Disabled PowerCycle
NOTE1: The Global Range encompases all LBAs not already assigned to a range or band.
NOTE2: All supported ranges or bands are shown.
Not all bands will be used.
Consult your security software to configure the different ranges or bands.
TCG Drive Locking Regions:
==========================
Name Common Name Range Start Range Length Read Status Write Status LockOnReset
Global_Range Locking N/A N/A Disabled Disabled N/A
Band1 Locking 0 3750748848 Disabled Disabled N/A
Band2 Locking N/A N/A Disabled Disabled PowerCycle
Band3 Locking N/A N/A Disabled Disabled PowerCycle
NOTE1: The Global Range encompases all LBAs not already assigned to a range or band.
NOTE2: All supported ranges or bands are shown.
Not all bands will be used.
Consult your security software to configure the different ranges or bands.
Maybe this attempt failed because Seachest refuses to work with non-Seagate drives. I have a little bit better idea, you can test it and if the FW Download Port is not locked out it could work. Grab an attached original S650DC firmware for this specific drive model and try to burn it using sg_write_buffer command. Take into account that only Modes 4, 5, and 7 are supported for this ssd which corresponds to -m dmc, -m dmc_save and -m dmc_offs_save arguments. I would choose second one to begin with)Next, @kdub original post suggested that this drive may be the same as a Seagate 1200.2. Seeing that @Brick attempted to flash a Micron firmware before, I thought it give it a go with the Seagate firmware.
The Dell PERC controller prices aren't too bad, so I will consider picking one up if the firmware you provided is not workable.Here is how unlocked drive looks like:
Code:TCG Drive Locking Regions: ========================== Name Common Name Range Start Range Length Read Status Write Status LockOnReset Global_Range Locking N/A N/A Disabled Disabled N/A Band1 Locking 0 3750748848 Disabled Disabled N/A Band2 Locking N/A N/A Disabled Disabled PowerCycle Band3 Locking N/A N/A Disabled Disabled PowerCycle NOTE1: The Global Range encompases all LBAs not already assigned to a range or band. NOTE2: All supported ranges or bands are shown. Not all bands will be used. Consult your security software to configure the different ranges or bands.
And as long as we know that "An LBA Range is considered to be unlocked by default if its ReadLockEnabled is FALSE and LockOnReset is empty" what you need first is to get rid of TCG security lock. There may be a software solution: Seachest is compatible with Seagates only, Micron Storage Executive Software claims it can do a psid revert for S650DC. If for whatever reason it fails (Micron considers an ssd loaded with IBM firmware as non-Micron ssd for example), you can use any RAID controller that works with SED drives. List of compatible LSI controllers can be found here, and if corresponding software option is present, TCG can be locked/unlocked in MegaRAID Storage Manager (MSM). Potentially even cheaper option is Dell PERC controllers off ebay with security feature present in H7x0 or H8x0 series - they initially can do secure erase and unlock such a drive.
Here are my findings:Maybe this attempt failed because Seachest refuses to work with non-Seagate drives. I have a little bit better idea, you can test it and if the FW Download Port is not locked out it could work. Grab an attached original S650DC firmware for this specific drive model and try to burn it using sg_write_buffer command. Take into account that only Modes 4, 5, and 7 are supported for this ssd which corresponds to -m dmc, -m dmc_save and -m dmc_offs_save arguments. I would choose second one to begin with)
Write buffer: pass-through os error: Invalid argument
Write buffer failed: Invalid argument
sg_write_buffer failed: Invalid argument
Write buffer: pass-through os error: Invalid argument
Write buffer failed: Invalid argument
sg_write_buffer failed: Invalid argument
Write buffer: pass-through os error: Invalid argument
Write buffer failed: Data protect
sg_write_buffer failed: Data protect
sg_write_buffer -b 4k -I S650DC-FIPS_MB19.bin -m 5 /dev/sdt
does remove the Write buffer: pass-through os error: Invalid argument
, but the other two messages remain the same.that's odd, maybe options have to come in different order: -m first, and -I after it.sg_write_buffer failed: Invalid argument
firmware download port seems to be locked by encryption unfortunately:sg_write_buffer failed: Data protect
H700 is the cheapest and widely available optionThe Dell PERC controller prices aren't too bad, so I will consider picking one up if the firmware you provided is not workable.
I swapped the input file and mode params around, but it made no difference to the output.that's odd, maybe options have to come in different order: -m first, and -I after it.
What are your confidence levels like with using this controller? What would be involved exactly?H700 is the cheapest and widely available option
As I've written above all you need to do is to get rid of the security config from previous array this drive was pulled from. All FIPS 140-2 compliant drives behave similarly because their behavior is strictly defined by the definitions of this standard. You can read what your specific drive will or will not do once security auto-lock is triggered following the removal from the secured array. Should we had a software tool that erases security config we wouldn't be looking for any additional controller. Similar to you I spent some time looking for a free tool able to perform single operation - secure erase of my TCG Enterprise SED locked HGST drive attached to an HBA, but every tool claimed to be able of doing so failed in a different way. Eventually I gave up and bought H700 for $12 as it is the first security capable controller from Dell, but being very old means it is also dirt cheap and wide-spread.What are your confidence levels like with using this controller? What would be involved exactly?