v25.05.1

rel: Finish v25.05.1

Fixes a debug print from secure file API in opensea-common by removing this print.

v25.05

This release fixes numerous issues and introduces some new features.

First, what it fixes:
Fixes #181, #173, #172, #168, #167, #166, #165, #163, #158, #156, #155, #151, #148, #127, #118, #68, #66, #43
Some of these are long overdue to be marked closed, but are officially part of this release.

One of the major improvements in these fixes is for fast format/set sector size. When these operations are performed the handle is now opened with exclusive access to block out other software and background services.
This should greatly reduce the number of times this operation is interrupted. All warnings related to changing sector sizes remain in place since there are some things, such as extra hardware in some servers, that may not be helped with this change, but for many people this will make a big difference from the testing we've done in our labs.

• O_EXCL flag used for operations that should not be interrupted while they are running (set sector size, fast format, ATA security erase, Write Same, IDD, captive DST tests).
• --showFARM added to openSeaChest_SMART to show Seagate's FARM log data. Note: You may need to run --idd short to populate some fields if they show as "invalid"
• refactored some parts of device discovery which reduced duplicate commands and retries
• Fixed a bug causing excess Inquiry-CmdDT requests when checking for supported SCSI commands on drives that do not support this old feature
• Fixed a memory allocation failure in openSeaChest_Raw
• Added OpenBSD and NetBSD support in source as well as CI to test these platforms (SAS/SATA only)
• CI added for omniOS and solaris 11.4 to test that code is always building without error for these platforms
• Added option to set SAS/SATA/NVMe host timestamp to openSeaChest_Configure --setTimestamp
• Added option to reinitialize SATA phy event counters log: --resetATAPhyEvents
• Added option to reinitialize SATA device statistics log (supported statistics only): --resetDevStats all. Statistics that support reset will show ^ in the --deviceStatistics output. This is a newer SATA feature that may not be supported on existing drives.
  Initial support for CDL (command duration limits) statistics
• More verbose error messages around secure file to output what the issue is when trying to open a file (for reading or writing)
• Added support for pulling NVMe telemetry log area 4
• SMART attributes update for Seagate HDD revision Bh
• fixed executable permissions prior to packaging for linux
• Fixed options that previously did not need units (time, transferlengths, sector counts) to work without units and allow units to be specified. Affected openSeaChest_PowerControl's options to change idle/standby timers and error limit in openSeaChest_Generic and openSeaChest_SMART
• Fixed bug with NVMe trim in Windows
• More hardening was implemented in this build. Most new changes behave similar to C11 annex K's bounds checking. If these detect an out of bounds issue, they will display an error about the function that detected it and the location in openSeaChest source where the error occurred. If you see one of these, please report it so we can resolve it.
• Fixed support for big endian systems. Many parts of the code relied on little endian behavior. Most notable fixes will be seen on NVMe devices, but some SATA support will also improve.
• Fixed compatibility issue with write uncorrectable on some old drives. Workaround was added to use older read-long/write-long method when supported
• Fixed detecting current/supported NVMe formats for NVMe standard 2.0 devices
• Fixed a bug parsing the date and time timestamp statistic on SATA devices. Often when reporting it would show "Invalid" because time was not set, but this can also show power on time in milliseconds so that is now supported.
• Fixed a bug reading SCT error recovery timer as the endianness was wrong.
• Fixed a bug affecting the -i information some USB devices will report. The issue was stopping before completing reading of all supported VPD pages
• Fixed error looking up SD to SG handles in Linux
• added Aggressive scan (-S) support for Linux added by writing "- - -" to SCSI host scan files in sysfs
• New exit codes for device not found and device busy
• Fixed a bug accessing files in / that caused a crash
• Fixed exit code with -d all or --modelMatch but all devices are skipped. This previously exited with SUCCESS (0), but now checks to determine if it was a permissions error or something else to set a more appropriate exit code

v25.05-beta.farm.2

This is another beta with some more fixes since the first FARM beta.

Additional fixes:

• Refactored code to modify SCSI/SAS blocksize and maxLBA. This allows for a common method to make these changes and detect errors. This assists with detecting SAS drives that do not support changing their maxLBA and it assists in detecting when switching to an unsupported block size does not generate an error but sets some other maximum size. (see #156)
• Refactored SCSI read capacity commands. This reduces duplicate code and reduces the number of commands that need to be issued between device discovery and updating device info after format or maxLBA changes
• Fixed issuing SCSI Inquiry with CMD DT bit on drives that definitely will not support this obsolete capability. This now only runs for the small window when this was in the standard before being replaced with the Report Supported Operation Codes command.
• Fixed a countdown timer not displaying the count-down time remaining in openSeaChest_Format ahead of running --setSectorSize
• Fixed a memory allocation error in openSeaChest_Raw when the transfer size was not specified in bytes and was assuming logical blocks which was empty
• Fixed FARM current motor power output. This was incorrectly reporting this as a value in Watts but is actually a scalar value for the servo.
• Fixed SAS FARM output for time-based parameters. The timestamp was not read correctly and was not outputting the time coverage for time-based measurements.
• Fixed FARM output for the physical element status. This field gives both health and timestamp for last time the health changed. Previous beta output this as a single value.
• Fixed FARM output for SOBR and SWR zone configurations. Previous beta output the SOBR data for both fields
• Shortened many FARM field names to keep the output neat

New:

• Added OpenBSD and NetBSD support in source as well as CI to test these platforms (SAS/SATA only)

v25.05-beta.farm.1

This is a beta release for some security updates and the addition of showing Seagate's FARM log.

Additionally, this beta is meant to test that the CI is working properly in all cases prior to the release.

If not already seen, a wiki has been created for openSeaChest: Wiki Home
It is a work in progress and new pages are added when we can. Please give feedback and request additional topics to be covered in the wiki and we will work on them.

New features:

• CI added for omniOS and solaris 11.4 to test that code is always building. We may eventually package the build and post it, but it will not be part of this beta at this time.
• --showFARM added to openSeaChest_SMART. Wiki page to describe all statistics is still in progress and will be posted when completed.
• EPC changes can now be made volatile (i.e. not saved by the drive) by passing the --volatile flag when making changes
• Added option to set SAS/SATA/NVMe host timestamp to openSeaChest_Configure --setTimestamp
• Added option to reinitialize SATA phy event counters log: --resetATAPhyEvents
• Added option to reinitialize SATA device statistics log (supported statistics only): --resetDevStats all. Statistics that support reset will show ^ in the --deviceStatistics output. This is a newer SATA feature that may not be supported on existing drives.
• Initial support for CDL (command duration limits) statistics
• More verbose error messages around secure file to output what the issue is when trying to open a file (for reading or writing)
• Added support for pulling NVMe telemetry log area 4
• SMART attributes update for Seagate HDD revision Bh

Bug fixes:

• fixed executable permissions prior to packaging for linux
• multiple fixes for illumos/solaris source code so that compilation can complete without warnings or errors
• Fixed options that previously did not need units (time, transferlengths, sector counts) to work without units and allow units to be specified. Affected openSeaChest_PowerControl's options to change idle/standby timers and error limit in openSeaChest_Generic and openSeaChest_SMART
• Fixed bug with NVMe trim in Windows
• More hardening was implemented in this build. Most new changes behave similar to C11 annex K's bounds checking. If these detect an out of bounds issue, they will display an error about the function that detected it and the location in openSeaChest source where the error occurred. If you see one of these, please report it so we can resolve it.
• Fixed support for big endian systems. Many parts of the code relied on little endian behavior. Most notable fixes will be seen on NVMe devices, but some SATA support will also improve.
• Fixed compatibility issue with write uncorrectable on some old drives. Workaround was added to use older read-long/write-long method when supported
• Fixed detecting current/supported NVMe formats for NVMe standard 2.0 devices
• Fixed a bug parsing the date and time timestamp statistic on SATA devices. Often when reporting it would show "Invalid" because time was not set, but this can also show power on time in milliseconds so that is now supported.
• Fixed a bug reading SCT error recovery timer as the endianness was wrong.
• Fixed a bug affecting the -i information some USB devices will report. The issue was stopping before completing reading of all supported VPD pages
• Fixed error looking up SD to SG handles in Linux

Other changes:

• meson build script changes to support Solaris. This required removing -fstack-protector-strong for Solaris, however this is still used in Illumos builds. Detecting the difference between these systems requires Meson 1.2.0. If using an earlier meson version with Illumos, then this option is also disabled for Illumos.
• refactor to how device statistics are read on SATA.
• Minor changes made to existing FreeBSD code to add support for DragonflyBSD

Testing CI with ownership changes to tar package

This is a test release of the ownership for the issue reported in #158

When extracting a tar file as root it preserves original file ownership settings, which was the CI "user" which does not exist.
Now, when extracting as root it will set ownership to root:root

v24.08.1

This is a bug fix update to v24.08

Bugs fixed:

• CSMI handles were not being properly accepted in Windows builds and outputting an error when used.
• Fixed #155 for the installation of openSeaChest through deb or rpm packages. Installation directory is now /usr/local/bin
• Fixed detecting SAS/SCSI disks as SCSI_DRIVE type in library code in Linux builds. This resulted in many options not working correctly for SAS drives. Workaround was to use --forceSCSI option, but that is no longer necessary.
• Fixed reading and setting EPC settings on SAS drives.
• Fixed some CSMI compatibility with ARCSAS driver. This does not give full capabilities to see all the drives but helps mitigate other issues.
• Enabled ATA sense data use when enabled by the drive as another way to determine command pass/fail/etc status
• Pulled in update to handle status value 00h in code that reads physical element status. This will output "not reported" rather than "In limit" and better matches the T10 and T13 standards. (Pull request Seagate/opensea-operations#19)
• Added checking SAS power mode with test unit ready if one was not determined with request sense for better compatibility with some drives
• Secure path code for files has been disabled in Windows for this release due to an incompatibility with some Windows security permissions. Seagate is reviewing these to figure out a proper solution to make in a future build. Secure path code is still active for non-Windows builds.

v24.08

This release has been a long time coming, but it is finally here!

A major focus of this release has been on security of the source code in this project, and it has been a very large task to assess and update many different parts of it to improve overall security of openSeaChest.

The most important pieces of the security updates that were worked on came from a third-party audit and warnings from various SAST tools and LOTS of testing through DAST tools like valgrind and dr memory to make sure everything worked as intended.

Security Improvements

• Removed all use of atoi/atol/atoll and sscanf as identified as unnecessary risk by third-party
• atoX functions were replaced with strtol/stroul/etc with all recommendations from ISO C secure coding standards around checking errno with these functions as well as catching out of range errors when converting to smaller types (uint8, uint16, etc)
• New functions that better catch errors parsing command line inputs to guard against buffer overflows and other undefined behavior
• Fixed TOCTOU (Time of check, time of use) issues when reading some Linux system files (getting version info and other low-level device information)
• Fixed a few memory leaks that were identified
• Many new functions were added to the library opensea-common to guard against undefined and system unique behavior in the std-c library to ensure consistency across platforms.
• All meson project files updated with recommended warning/linker flags recommended by OpenSSF and OWASP for GCC, Clang, and MSVC compilation to better detect issues and compile a more secure executable.
• All warnings from these new flags have been resolved on all platforms we have been able to test (Windows, Linux, FreeBSD)
• A secure-file access API has been written for all platforms based on recommendations from Cert-C coding standard to ensure files cannot be tampered with before accessing them.
• When reading system environment variables, Cert-C's recommendation to check for tampering has been implemented.

There are many other security improvements we will look into for the future, and this is just a high-level overview of all the work that was done.

While not directly related to security, we have tagged all files with appropriate SPDX comments to note the license(s) that apply to help with SBOM creation. We do not have a generated SBOM yet as we are still exploring the different tools to see which works best.

Seagate has also implemented SLSA level 3 on openSeaChest to allow users to check both the source_with_submodules packages and the binary executables to ensure they came from the source: This github project. Visit SLSA.org for more information about this project!
SLSA verification outputs are available and can be run through the SLSA verifier project on Github!

Functionality changes in openSeaChest

New Utilities

• openSeaChest_Raw can be used to issue raw CDBs to SCSI/SAS/SAT devices. It also supports issuing raw TFR's to ATA devices.
• openSeaChest_Defect is used to view standardized defect lists on SAS and SATA drives. It also has functionality to create flagged errors and psuedo-uncorrectable errors for testing purposes.

Both of these utilities were part of Seagate's internal toolset and have been moved to openSeaChest!

New Functions

• Support for new ability to change a drive's Model Number while changing the maxLBA to a new value.
  Example: A 30TB drive can be set to 26TB and update the model number it reports to show as 26TB instead of the original 30TB.
  This is only supported on some of the latest drives with ACS-6 support.
• Ability to configure and view the ATA Write-Read-Verify feature (WRV)
• Improved configuring and viewing ATA Power Up In Standby feature (PUIS).
• PUIS feature control is moving to openSeaChest_PowerControl going forward. Existing support in openSeaChest_Configure remains in place for this release.
• Refactored Sanitize command support
• Sanitize support for Zone-No-Reset or No-Deallocate functions for ZBD/NVMe devices that support these features.
• Sanitize support for Allow Unrestricted Sanitize Exit (AUSE) is also supported as an optional flag in sanitize going forward. By default, sanitize still runs in restricted mode.
• Sanitize Overwrite support for specifying how many overwrite passes to perform, between 1-16 for SATA and NVMe and 1-32 for SAS. Default of a single pass remains.
• Detection of Write After Crypto Erase Required and Write After Block Erase Required now output in sanitize info for SAS drives as well as PI detection to warn that an overwrite will be necessary before reading back from these devices.
• Added old ATA SMART-offline routine support
• Added Seagate Unique Device statistics to --deviceStatistics output. Many of these related to Sanitize erasures and when they were last completed. This is for both SAS and SATA devices that support these statistics.
• Added showing SATA Phy Event counters page
• Added SFF-8055 style SMART trip warning message about backing up data when a SMART trip is detected.
• Added CCISS RAID support in Linux. This support is for HBA's running the following drivers: CCISS, HPSA, SmartPQI
• Some default SAT CDB creation rules were added for known SAT translators based on Vendor/Product ID/Revision reported on SAT VPD 89h page. This improves support on Broadcom, Avago, LSI, Microchip, Adaptec, PMC, and HPE controllers we have been able to test and reduces the number of retries used in the code to work around issues with SAT passthrough CDBs.

Bug Fixes

• Fixed a rare bug in --smartCheck when a nominal or worst ever value is zero and a threshold value is specified. This was generating a false-positive trip on some USB devices. This is not a common issue.
• Fixed ATA Security Erase time estimate calculation
• Fixed a bug reading supported SCSI PI types
• Fixed a bug reading SCSI relative humidity levels
• Fixed a bug generating a binary log file name in openSeaChest_Logs
• Refactored drive info and device discovery to better handle legacy devices and modern devices. This primarily affects ATA style device reporting. This also improves USB device performance.
• Fixed a bug reading ATA long logical sector sizes. No known real-world impacts, but an incorrect macro was used so it could have truncated this field.
• Fixed a bug reading NVMe format for NVMe 2.0 devices with more than 16 formats supported
• Fixed issuing Sanitize Crypto and Sanitize Block erase in Windows 10 and Windows 11 to NVMe devices
• Fixed verbose CSMI scan in Windows due to improperly initialized structure
• Special case to work around Microsoft Virtual Disks in Windows during scan and avoid commands that are known to not be supported.
• Fixed a bug where some ATA PIO-In commands were marked as failures when they actually passed due to incorrect status interpretation.
• Fixed a bug setting the TPSIU field for some SAT CDBs
• Fixed a bug where specifying a large transfer size for firmware updates could cause a failure on SATA drives due to a low-level SAT translation work-around.
• Improved the ATA checksum function to better handle overflows as intended by the ATA specifications.
• Fixed sanitizing ATA Security Passwords in memory before releasing the memory (both stack and heap uses).
• Improved performance concatenating strings. This is most noticable in the ATA SMART attributes output where this is used a lot.

v24.05-beta.hardening.2

Testing changes to get SLSA available for the source with submodules package and make sure it is publishing correctly.

v24.05-beta.hardening.1

This is a beta build to test that the changes implemented in the feature/hardening branch are working properly.

This branch has implemented compiling/linking flags recommended by the Open SSF and by OWasp for all builds.
In addition to adding these extra flags, we've gone through and fixed any warnings we saw while testing to make sure they are handled properly, and future builds will also stay free of warnings.

We've also implemented SLSA provenance and are testing that with this beta build. Provenance can be verified using the SLSA verifier on Github.

Any feedback on this build is welcome so we can continue to fine tune the settings/options and build outputs.

v24.03-beta.ciss.1

This is a beta release with support for issuing commands to drives behind RAID controllers using the CCISS passthrough.

This beta should support HBAs using the CISS driver, HPSA driver, and SmartPQI drivers in Linux.
At this time, this support is only enabled this code for the Linux builds.
These changes are setup so that they can be supported under FreeBSD and Illumos as well, but some additional information is needed before we turn it on. Feel free to reach out in the discussion if you have this configuration and can share some information with us.

A discussion has been added for this release to provide feedback on how this is working for those with these RAID controllers.

Internal testing has been done on HPE and Microchip controllers using HPSA and SmartPQI drivers and they seem to be working as expected, but any additional testing and feedback would be great.