Hey there,
I recently got multiple ST10000NM0156 (Exos X10, 10TB) drives. I routinely 'secure erase' any used drives I get before I put them into use again, so I put all the drives in my Synology to simply invoke a Secure Erase (the NAS uses hdparm to set the user password to "synology" and issues a --security-erase). All but one of the drives accepted and successfully completed the Secure Erase - one of them immediately failed to accept the Secure Erase.
The drive is now in a state where security is enabled and it refuses to disable security in any way known to me.
To be safe, I used hdparm to set both user and master passwords to "pass", and both work fine to unlock the drive with hdparm --security-unlock.
hdparm immediately fails to: --security-disable, --security-erase, all with "Input/output error". I also tried to issue a --sanitize-overwrite command to no avail.
After all the various things I tried, I can still use the drive completely normally after unlocking it, works absolutely fine, SMART parameters are also fine. After a power cycle, the drive is locked again of course. There must be a way to completely disable security again so it becomes usable without unlocking it first?
I have no idea what went wrong here and feel like I am missing a simple point which prevents this drive from accepting any command that would disable security again.
I can set user and master passwords to anything I like, and they then work fine to unlock the drive - but not to disable security or invoke another Secure Erase which would also disable security once finished.
Output of hdparm -I:
Code:
ATA device, with non-removable media
Model Number: ST10000NM0156-2AA111
Serial Number: ZA28xxxx
Firmware Revision: SS03
Transport: Serial, ATA8-AST, SATA 1.0a, SATA II Extensions, SATA Rev 2.5, SATA Rev 2.6, SATA Rev 3.0
Standards:
Used: unknown (minor revision code 0x006d)
Supported: 10 9 8 7 6 5
Likely used: 10
Configuration:
Logical max current
cylinders 16383 16383
heads 16 16
sectors/track 63 63
--
CHS current addressable sectors: 16514064
LBA user addressable sectors: 268435455
LBA48 user addressable sectors: 19532873728
Logical Sector size: 512 bytes
Physical Sector size: 4096 bytes
Logical Sector-0 offset: 0 bytes
device size with M = 1024*1024: 9537536 MBytes
device size with M = 1000*1000: 10000831 MBytes (10000 GB)
cache/buffer size = unknown
Form Factor: 3.5 inch
Nominal Media Rotation Rate: 7200
Capabilities:
LBA, IORDY(can be disabled)
Queue depth: 32
Standby timer values: spec'd by Standard, no device specific minimum
R/W multiple sector transfer: Max = 16 Current = 16
Recommended acoustic management value: 254, current value: 0
DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 *udma5 udma6
Cycle time: min=120ns recommended=120ns
PIO: pio0 pio1 pio2 pio3 pio4
Cycle time: no flow control=120ns IORDY flow control=120ns
Commands/features:
Enabled Supported:
* SMART feature set
* Security Mode feature set
* Power Management feature set
* Write cache
* Look-ahead
* WRITE_BUFFER command
* READ_BUFFER command
* DOWNLOAD_MICROCODE
Power-Up In Standby feature set
* SET_FEATURES required to spinup after power up
SET_MAX security extension
* 48-bit Address feature set
* Mandatory FLUSH_CACHE
* FLUSH_CACHE_EXT
* SMART error logging
* SMART self-test
* Media Card Pass-Through
* General Purpose Logging feature set
* WRITE_{DMA|MULTIPLE}_FUA_EXT
* 64-bit World wide name
* IDLE_IMMEDIATE with UNLOAD
Write-Read-Verify feature set
* WRITE_UNCORRECTABLE_EXT command
* {READ,WRITE}_DMA_EXT_GPL commands
* Segmented DOWNLOAD_MICROCODE
unknown 119[6]
unknown 119[7]
unknown 119[8]
* Gen1 signaling speed (1.5Gb/s)
* Gen2 signaling speed (3.0Gb/s)
* Gen3 signaling speed (6.0Gb/s)
* Native Command Queueing (NCQ)
* Phy event counters
* Idle-Unload when NCQ is active
* READ_LOG_DMA_EXT equivalent to READ_LOG_EXT
* DMA Setup Auto-Activate optimization
Device-initiated interface power management
* Software settings preservation
unknown 78[7]
unknown 78[11]
* SMART Command Transport (SCT) feature set
* SCT Write Same (AC2)
* SCT Error Recovery Control (AC3)
* SCT Features Control (AC4)
* SCT Data Tables (AC5)
unknown 206[7]
unknown 206[12] (vendor specific)
unknown 206[13] (vendor specific)
unknown 206[14] (vendor specific)
* SANITIZE_ANTIFREEZE_LOCK_EXT command
* SANITIZE feature set
* OVERWRITE_EXT command
* reserved 69[3]
Security:
Master password revision code = 5
supported
enabled
not locked
not frozen
not expired: security count
supported: enhanced erase
Security level high
872min for SECURITY ERASE UNIT. 872min for ENHANCED SECURITY ERASE UNIT.
Logical Unit WWN Device Identifier: 5000c500b2b6f807
NAA : 5
IEEE OUI : 000c50
Unique ID : 0b2b6f807
Checksum: correct
Output of hdparm --sanitize-status /dev/sdb:
Code:
Issuing SANITIZE_STATUS command
SANITIZE failed: Input/output error
SANITIZE device error reason: Last Sanitize Command completed unsuccessfully
Drive in SD3 Sanitize Operation Failed state
The drive does have a PSID printed on the label, but when I put the disk in a Windows machine, the Seagate toolkit seems to not recognize the drive, neither in a locked state, nor in the unlocked state, so Seagate's "revert to factory" instructions did not work for me so far.
Is there anything else I can try? Any other commands or tools I can try? Is it possible to disable security via the serial terminal/console? I really like to put this drive back to use, but with Security enabled it is difficult to reuse it in a NAS...
I didn't treat the drive any different than lots of other drives, and the other Exos X10 took the secure erase fine...
Thanks a lot for your kind help!
FAQ
Search
Login
Register
HDDGURU FILES
