Multiplay Labs

tech hits and tips from Multiplay

Archive for August, 2011

gdb logging useful for large backtraces

without comments

If your trying to output a large backtrace like those generated via kernel panics the following can be quite useful:-
set logging redirect on

(gdb) set height 0
(gdb) set logging file backtrace.txt
(gdb) set logging redirect on
(gdb) set logging on
Redirecting output to backtrace.txt.
(gdb) thread apply all bt

Written by Dilbert

August 11th, 2011 at 11:06 am

Posted in FreeBSD,Hackery

Tagged with ,

FreeBSD security support for ATA devices via camcontrol

without comments

Recently we’ve been using a lot of SSD’s and one of the problems with SSD’s is they degrade in performance over time. So much so that in some cases that they can barely keep up with basic tasks.

In our experience we’ve seen Sandforce based drives drop from write rate of 180MB/s to just over 10MB/s making them all but unusable.

Given this issue and the current lack of TRIM support under ZFS, our filing system of choice, we’ve need to use secure erase on our SSD’s to return them to their purchased performance.

Unfortunately this meant booting the machine into Linux and using the hdparm command along with the instructions mentioned in the ATA Secure Erase wiki article. This obviously not ideal so I’ve spent the past two days adding this ability to FreeBSD’s camcontrol utility for ata devices.

Our current patch for camcontrol, which adds security functions including the secure erase option, can be downloaded here: FreeBSD 8.2 ATA security methods patch for camcontrol

Once you have patched and compiled camcontrol there will a new “security” option. This allows you display and configure security on ATA drives when they are connected to an ATA controller such as ahci. which present the disk as adaX devices.

To secure erase a disk, the disk first needs to have security enabled, which means setting a ‘user’ password. Using the updated camcontrol this can be done in one single command line.

First find the device name of your SSD with:-

camcontrol devlist

***WARNING*** running the command below will ERASE ALL data on the device ada0 so ensure you have copied off or your data backed up prior to running it.

camcontrol security ada0 --security-user user \
  --security-set-password Erase \
  --security-erase Erase

This will first set the user security password to “Erase”, which enables drive security, followed by prompting your to confirm you want to erase the selected disk.

If you are 100% sure this is what you want you can also specify the –security-confirm command line option to avoid this confirmation prompt.

It should be noted that there is currently problems with long timeouts, which are used when performing a secure erase, within a large number of FreeBSD 8.2 drivers. For SSD’s which don’t actually require a long time to secure erase, but often report needing so, you can use the --security-erase-timeout option to override this value on kernels which don’t have working long timeouts, described in my last post.

I hope to get this patch committed to the FreeBSD source at some point, but until then I hope this is of help to other FreeBSD users using SSD’s.

Much credit to Daniel Roethlisberger for his work on adding security support to atacontrol, detailed in PR bin/127918 which was the basis of this code.

Written by Dilbert

August 6th, 2011 at 12:20 am

Posted in FreeBSD,Hackery

timeout overflow in CAM / Drivers under FreeBSD 8.2

without comments

In the process of updating camcontrol to support security features, including the ability to secure erase an SSD to restore performance, I came across and issue where by timeouts passed in via cam layer overflow above 2147 seconds, resulting in instant timeouts.

This is caused by a integer overflow at the driver level when converting the msec timeout value to ticks before passing in to timeout, callout_reset and friends. After discussion on the freebsd-hackers list a fix created by Eygene Ryabinkin and updated by myself to support all drivers has been created.

Download the cam ccb timeout issue patch updated by Eygene Ryabinkin + mps driver support (Updated 22/10/2011)

For more information see the FreeBSD Hackers mailing list archive thread: cam / ata timeout limited to 2147 due to overflow bug?

Written by Dilbert

August 5th, 2011 at 9:57 am

Posted in FreeBSD