e07104r1
Update To The e05179r8: ATA Security Feature Set Clarifications
(For ACS2)
To:T13 Technical Committee
From:Joseph Chen
Samsung
75 W. Plumeria Drive
San Jose, CA95134
Phone: 408-544-5766
Email:
Date: Feb 15, 2007
(Summarized by Jim and Joseph on 02/20/2007)
This document is to replace the Table 1 of the proposed e05179r8: ATA Security feature Set Clarification. The table is intended to list all Security Command interactions related to the password setting. The table listed three groups: Security Disable, Security Enable and Master Password Capability set to High, and Security Enable and Master Password Capability set to Maximum.
Each of these three groups is divided into the Security states; they are SEC1, SEC2, SEC4, SEC5, and SEC6. In each of the state, the conditions of the password before the command issued are listed:
- Master Password Defined:
- YES indicates a Master Password has been defined in the device. The definition of Master Password could be through vendor preset value or by a previously issued SECURITY SET PASSWORD command to set the Master Password.
- NO indicates no Master Password has been defined in the drive.
- User Password Defined:
- YES indicates a User Password has been set by a previously issued SECURITY SET PASSWORD command to set the User Password.
- NO indicates there is no User Password exists.
There are four Security commands listed: SECURITY SET PASSWORD, SECURITY DISABLE PASSWORD, SECURITY UNLOCK, and properly prefaced SECURITY ERASE UNIT. The interactions of each command are list in the table. The password supplied with the command is shown on the table to provide the condition of the password. They can be correct, incorrect, or any. A password is correct means the password matches the internal stored password. A password incorrect indicates the password does not match. And the password any means the password supplied can either match or not match the internal password.
(On the following table marked yellow, Joseph’s recommendation is on the top of the cell, and Jim’s recommendation is on the lower of the cell.)
Table 1 - Interaction of Master Password Capability and Security Commands
Security / CommandsSecurity Enabled / Master Password Capability / SecurityState / Master Passwords Defined / User Passwords Defined / Password Supplied in the Security Commands / SECURITY SET PASSWORD / SECURITY DISABLE PASSWORD / SECURITY UNLOCK / Properly Prefaced SECURITY ERASE UNIT
No / NA / SEC1 / N / N / master
(any) / E / A / A / A (Note 1)
No / NA / SEC1 / N / N / user
(any) / E / A / A / A (Note 1)
No / NA / SEC1 / Y / N / master
(correct) / E / N[J1]
E / N[J2]
E / E
No / NA / SEC1 / Y / N / Master
(incorrect) / E / A / A /
A
No / NA / SEC1 / Y / N / user(any) / E / A / A / A
No / NA / SEC2 / any / any / master
(any) / A / A / A / A
No / NA / SEC2 / any / any / user
(any) / A / A / A / A
Yes / High / SEC4 / N / Y / master
(any) / A / A / A / A
Yes / High / SEC4 / Y / Y / master
(correct) / A / A / E / E
Yes / High / SEC4 / Y / Y / master
(incorrect) / A / A / A / A
Yes / High / SEC4 / Y / Y / user
(correct) / A / A[J3]
VS / E / E
Yes / High / SEC4 / Y / Y / user
(incorrect) / A / A / A / A
Yes / High / SEC5 / N / Y / master
(any) / E / A / N[J4]
VS
/ AYes / High / SEC5 / Y / Y / master
(correct) / E / E / N / E
Yes / High / SEC5 / Y / Y / master
(incorrect) / E / A / N[J5]
VS
/ AYes / High / SEC5 / Y / Y / user
(correct) / E / E / N[J6]
VS
/ EYes / High / SEC5 / Y / Y / user
(incorrect) / E / A / N[J7]
VS
/ AYes / High / SEC6 / N / Y / master
(any) / A / A / A / A
Yes / High / SEC6 / Y / Y / user
(any) / A / A / A / A
Yes / Maximum / SEC4 / N / Y / master
(any) / A / A / A / A
Yes / Maximum / SEC4 / Y / Y / master
(correct) / A / A / A / E[J8]
Abort because Mstr cannot be used with Maximum
Yes / Maximum / SEC4 / Y / Y / master
(incorrect) / A / A / A / A
Yes / Maximum / SEC4 / Y / Y / user
(correct) / A / A[J9]
VS
/ E / EYes / Maximum / SEC4 / Y / Y / user
(incorrect) / A / A / A / A
Yes / Maximum / SEC5 / N / Y / master
(any) / E / A / N[J10]
VS
/ AYes / Maximum / SEC5 / Y / Y / master
(correct) / E / A / N[J11]
VS
/ E[J12]Abort because Mstr cannot be used with Maximum
Yes / Maximum / SEC5 / Y / Y / master
(incorrect) / E / A / N[J13]
Abort because Mstr cannot be used with Maximum
/ AYes / Maximum / SEC5 / Y / Y / user
(correct) / E / E / N[J14]
VS
/ EYes / Maximum / SEC5 / Y / Y / user
(incorrect) / E / A / A / A
Yes / Maximum / SEC6 / N / Y / master
(any) / A / A / A / A
Yes / Maximum / SEC6 / Y / Y / user
(any) / A / A / A / A
Key:
N / NOP – Do nothing, but return normal completion.
A / Return command aborted
E / Execute the command (if all other validations pass); otherwise return command aborted.
VS / Vendor specific
NA / Not applicable
(Note 1) / See e05162r0 for the SECURITY ERASE UNIT password requirement
**Notes:
Note 10: In the description of SECURITY DISABLE PASSWORD of ATA-7 (and in ATA8-ACS), it says the command should be Abort in Locked mode. It is what the lock means: can no set or disable password.
Note 11: Since it is already in Unlock mode, no matter whether the password is correct or wrong, the state would not change. In the ATA-7 spec., it says there is no effect on unlock counter when it is in Unlock mode. If it is aborted, will it affect unlock counter?
Note 12: This should be Execute because the state diagram allows the Properly Prefaced SECURITY ERASE command on SEC4. This state transition can be accomplished by using User or Master Password. Both User Password and Master Password can be used.
[J1]There is no change on the command
[J2]There is no change on the command
[J3]Should be Abort. See Note10
[J4]Should be Nop. See Note 11.
[J5]Should be Nop. See Note 11.
[J6]Should be Nop. See Note 11.
[J7]Should be Nop. See Note 11.
[J8]Should be Execute. See Note 12
[J9]Should be Abort. See Note 10.
[J10]Should be Nop. State does not change, Unlock Counter does not change.
[J11]Should be Nop. State does not change, Unlock Counter does not change.
[J12]Should be Execute. See Note 12
[J13]Should be Nop. State does not change, Unlock Counter does not change.
[J14]Should be Nop. State does not change, Unlock Counter does not change.