Recently we’ve been using a lot of SSD’s and one of the problems with SSD’s is they degrade in performance over time. So much so that in some cases that they can barely keep up with basic tasks.
In our experience we’ve seen Sandforce based drives drop from write rate of 180MB/s to just over 10MB/s making them all but unusable.
Given this issue and the current lack of TRIM support under ZFS, our filing system of choice, we’ve need to use secure erase on our SSD’s to return them to their purchased performance.
Unfortunately this meant booting the machine into Linux and using the hdparm command along with the instructions mentioned in the ATA Secure Erase wiki article. This obviously not ideal so I’ve spent the past two days adding this ability to FreeBSD’s camcontrol utility for ata devices.
Our current patch for camcontrol, which adds security functions including the secure erase option, can be downloaded here: FreeBSD 8.2 ATA security methods patch for camcontrol
Once you have patched and compiled camcontrol there will a new “security” option. This allows you display and configure security on ATA drives when they are connected to an ATA controller such as ahci. which present the disk as adaX devices.
To secure erase a disk, the disk first needs to have security enabled, which means setting a ‘user’ password. Using the updated camcontrol this can be done in one single command line.
First find the device name of your SSD with:-
***WARNING*** running the command below will ERASE ALL data on the device ada0 so ensure you have copied off or your data backed up prior to running it.
camcontrol security ada0 --security-user user \ --security-set-password Erase \ --security-erase Erase
This will first set the user security password to “Erase”, which enables drive security, followed by prompting your to confirm you want to erase the selected disk.
If you are 100% sure this is what you want you can also specify the –security-confirm command line option to avoid this confirmation prompt.
It should be noted that there is currently problems with long timeouts, which are used when performing a secure erase, within a large number of FreeBSD 8.2 drivers. For SSD’s which don’t actually require a long time to secure erase, but often report needing so, you can use the
--security-erase-timeout option to override this value on kernels which don’t have working long timeouts, described in my last post.
I hope to get this patch committed to the FreeBSD source at some point, but until then I hope this is of help to other FreeBSD users using SSD’s.
Leave a Reply
You must be logged in to post a comment.