OPAL Self-Encrypting Drive Support For Linux Steps Closer
Written by Michael Larabel in Hardware on 19 December 2016 at 03:18 PM EST. 14 Comments
HARDWARE --
An Intel developer has sent out the latest version of his patches for implementing the Self-Encrypting Drive (SED) protocol support for the Linux kernel.

The Opal storage specification sets a cross-vendor standard for self-encrypting drives and is the work of the Trusted Computing Group's storage workgroup. Scott Bauer of Intel sent out his third version of these patches for implementing Opal for self-encrypting devices. The driver has support for storing the locking range password as well as activating a device from a SED's default-inactive state.

The overall bring-up process for those curious about Opal is:

1) Taking Ownership of the drive (Setting the Admin CPIN).
2) Activating the Locking SP (In Single User Mode or Normal Mode).
3) Setting up Locking Ranges (Single User or Normal Mode).
4) Adding users to Locking Ranges (Normal Mode Only).
5) Locking or Unlocking Locking Ranges (Single User Mode or Normal Mode).
6) Reverting the TPer (Restore to factory default).
7) Setting LR/User passwords (Single User Mode or Normal Mode).
8) Enabling/disabling Shadow MBR.
9) Enabling Users in the LockingSP (Normal Mode Only).
10) Saving Password for resume from suspend.
11) Erase and Secure erasing locking ranges.
This Opal driver support for Linux is around 3.5k lines of code at present. More details via this patch series. Those curious about self-encrypting drives can learn more here. These SED OPAL patches are coming too late for the Linux 4.10 merge window but perhaps will be ready for Linux 4.11.
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Related Hardware News
Popular News