oom-is / sedutil

DTA sedutil Self encrypting drive software
3 stars 1 forks source link

Alert user if no locking ranges are enabled #6

Open oom-is opened 5 years ago

oom-is commented 5 years ago

per r0m30 (2016-01-26) in DTA #13 If during setup/install the user fails to enable any locking ranges but enables and loads a PBA, sedutil will report that the drive is unlocked even though it is in fact only being unshadowed.

oom-is commented 5 years ago

It appears that this was fixed in commit 768478e2 to LinuxPBA/UnlockSEDs.cpp - specifically around line 92 r0m30 added code that specifically notes that an Opal drive was "OPAL NOT LOCKED".

The corresponding comment from the commit is "Update PBA - better messages".

Closing this as "fixed/OBE".

oom-is commented 5 years ago

There's more needed for a thorough fix - see also ckamm e4709a5738606c1f742063a4d4c36d9f1610f643 as a starting point.

Additionally, need to figure out a way to ensure that --query shows status of LockingRange 0 (or something) and highlights it if no locking range is enabled. (Or something? maybe an alternate to --query that actually provides data for $averageUser ?) Otherwise one symptom seen is PBA "success" with "not locked" message, then reboot back into PBA...while 1 do.