[T10] Determining an SED Drive

Curtis Stevens curtis.stevens at wdc.com
Thu Apr 7 10:25:54 PDT 2016

Actually, TCG is one way to do SED, there are others that do not use TCG.  Depending on a command to fail is really not a reliable we to determine that some underlying functionality is available.

This was handled on the T13 side by adding a SED bit.  The only use case is for customers that get custom configurations and know what they are getting in advance.  Due to the nature of the problem, there is no reliable/universal detection method.  Whatever you define can be spoofed.  Including Model # and Manufacturer.

Curtis E. Stevens
Director, Standards & Features Technology
3355 Michelson Dr. #100
Office: 1-1041
Irvine, Ca. 92612

Phone: 949-672-7933
Cell: 949-307-5050
E-Mail: Curtis.Stevens at WDC.com<mailto:Curtis.Stevens at WDC.com>

Remember, you may only be blamed for something if you are actually doing something.

From: t10-bounces at t10.org [mailto:t10-bounces at t10.org] On Behalf Of Gerry Houlder
Sent: Thursday, April 7, 2016 9:17 AM
To: Otte, Olga <olga.otte at hpe.com>
Cc: T10, Reflector <T10 at t10.org>
Subject: Re: [T10] Determining an SED Drive

If you get drive not ready, then the drive is not spun up yet.
If you get invalid command, then the drive is not SED.
There may be exceptions where an SED uses vendor specific protocols (not SECURITY PROTOCOL IN and SECURITY PROTOCOL OUT commands) that you can't determine from this method.

On Thu, Apr 7, 2016 at 10:31 AM, Otte, Olga <olga.otte at hpe.com<mailto:olga.otte at hpe.com>> wrote:
Do we expect “drive not ready” or “Invalid command” check condition if drive is not spin up yet? I think I am getting timing issue and not sure what is expected behavior.

Olga Otte HPE

From: t10-bounces at t10.org<mailto:t10-bounces at t10.org> [mailto:t10-bounces at t10.org<mailto:t10-bounces at t10.org>] On Behalf Of Saha, Soumit
Sent: Thursday, April 07, 2016 7:35 AM
To: Amir Dagan1
Cc: T10, Reflector
Subject: Re: [T10] Determining an SED Drive

You have to send SPC trusted receive (IF-RECV) SCSI primary command with discovery payload and handle illegal requests if the drive is not an SED.

There are no vital data pages for SED specific attributes.
On 7 Apr 2016 12:39, Amir Dagan1 <AMIRDA at il.ibm.com<mailto:AMIRDA at il.ibm.com>> wrote:

Is there a "SCSI" way (non vendor specific) to tell whether a device is an SED one (Self Encrypting Drive)?
I do not mean by P/N etc., but a designated field in a logpage, inquiry, etc.

Amir Dagan

T10 mailing list
T10 at t10.org<mailto:T10 at t10.org>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.t10.org/pipermail/t10/attachments/20160407/b45da607/attachment.html>

More information about the T10 mailing list