Skip to content

Enabling Access To Additional Commands In Linux

Jump to bottom
Tyler Erickson edited this page Sep 4, 2024 · 1 revision

Enabling Access to Additional Commands in Linux

Some commands may not be allowed in Linux without allowing access.

This page describes how to enable access to these other commands if you need them.

There are multiple ways to enable access, some are temporary and some are more permanent. Choose whichever method best suites how long you need the access to last.

Enabling Access to TCG in libATA

By default, libATA blocks the ATA trusted Send/Receive commands and the SCSI Security Protocol In/Out commands.

Devices managed by libATA will be running an ATA driver such as the built-in AHCI driver. Customers using controllers such as Broadcom controllers on the mpt3sas driver are not affected by this block.

Temporary

Modify the libata parameters file located at /sys/module/libata/parameters

Example (as root):

# echo 1 > /sys/module/libata/parameters/allow_tpm

Note: You may need to change the permissions to allow writing to this file before the echo.

Example: # chmod 644 /sys/module/libata/parameters/allow_tpm

If this change is required it is recommended that permissions are changed back to read only: chmod 444

Permanent

Add libata.allow_tpm=1 to your kernel boot options. How this is done will vary depending on your Linux distribution and your bootloader.

GRUB, GRUB2, rEFInd, Syslinux, etc all use different methods to store your options and update the boot parameters. Please consult the documentation for your bootloader on your OS for more information on how to add this boot option.

Enabling ATA Passthrough Support for Seagate USB disks

When Seagate started selling USB 3.0, UAS drives some had a firmware limitation in the USB adapter that was discovered by the Linux community and the simplest solution for the kernel developers was to block the SAT ATA-passthrough commands from going to all Seagate USB devices. By doing this, it stopped the USB chip from entering a state where it would stop responding to read or write commands for the user (such as during an rsync often used for backups).

Some other devices were also affected by this, but mostly Seagate USB devices are affected.

While the team behind openSeaChest has been investigating a solution to provide to the Linux kernel, we have not identified one yet, so a workaround is needed when attempting to perform extra diagnostics on these disks in Linux.

The smartmontools project has very extensive documentation on the issue and workarounds you may also reference here. We have summarized the instructions on this page, however it should be the same as what you would find from smartmontools.

There are a couple options for changing how the device attaches and the USB protocol used. The documentation below shows setting the u flag to disable UAS mode and run the drive in BOT mode instead.

The other option is to specify no flags at all to specify running without the command block and keep UAS mode active for better performance. Seagate has fixed the original bug in UAS mode, but there is not enough information available to the openSeaChest team at this time to know exactly when it was resolved. If specifying no flags it is recommended you do some testing under the temporary mode first to ensure all behavior works as expected before making a more permanent change.

To find the VID and PID values to use for your product, check the output of either the -i option or the --llInfo option in the Adapter information. The values are reported as ????h to represent a hexadecimal value in openSeaChest, however these workarounds will need it in the format 0x???? as seen below.

You can also use the command lsusb -vt to find your USB VID and PID and check if it is running in UAS mode before applying this workaround.

Temporary

Echo and Reboot

First unmount/unplug the USB device and run the following command as root:

# cat /sys/module/usb_storage/parameters/quirks

# echo "0x0bc2:u" > /sys/module/usb_storage/parameters/quirks

# cat /sys/module/usb_storage/parameters/quirks 0x0bc2:u

Reboot the System with the drive attached to enable this change. This will last for this one reboot cycle and then it will disable itself again.

NOTE: Only a VID (0BC2) is specified in this example as this seemed to work for any Seagate USB PID value when it was tested internally, however most documentation shows providing both the VID and PID as vid:pid:flags so you may want to specify both values in your case. Other methods of allowing these passthrough commands were only found to work when both VID and PID were specified.

Modprobe

As root/sudo:

# modprobe -r uas

# modprode usb-storage

# modprobe usb-storage options quirks=VID:PID:u

Permanent

Similar to the TCG method above, adding the kernel boot option to your kernel boot loader will store this change to occur every time the system boots.

Add the following line with you VID/PID value (0x????:0x????;flags):

Disabling UAS: usb-storage.quirks=vid:pid:u

Allowing ATA passthrough and UAS mode: usb-storage.quirks=vid:pid:

Clone this wiki locally