Use the ATA security FREEZE LOCK command on disks before

they are presented to the rest of the system to stop
a password being set that could deny access to the disk.
ok grange@ deraadt@

1 files changed, 20 insertions, 1 deletions

diff --git a/sys/dev/ata/wd.c b/sys/dev/ata/wd.c
index 840f088b165..d29a9bb9b9c 100644
--- a/sys/dev/ata/wd.c
+++ b/sys/dev/ata/wd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: wd.c,v 1.42 2005/05/15 18:09:29 grange Exp $ */
+/*	$OpenBSD: wd.c,v 1.43 2005/08/27 14:14:48 jsg Exp $ */
 /*	$NetBSD: wd.c,v 1.193 1999/02/28 17:15:27 explorer Exp $ */
 
 /*
@@ -262,6 +262,7 @@ wdattach(struct device *parent, struct device *self, void *aux)
 {
 	struct wd_softc *wd = (void *)self;
 	struct ata_atapi_attach *aa_link= aux;
+	struct wdc_command wdc_c;
 	int i, blank;
 	char buf[41], c, *p, *q;
 	WDCDEBUG_PRINT(("wdattach\n"), DEBUG_FUNCS | DEBUG_PROBE);
@@ -359,6 +360,24 @@ wdattach(struct device *parent, struct device *self, void *aux)
 	WDCDEBUG_PRINT(("%s: atap_dmatiming_mimi=%d, atap_dmatiming_recom=%d\n",
 	    self->dv_xname, wd->sc_params.atap_dmatiming_mimi,
 	    wd->sc_params.atap_dmatiming_recom), DEBUG_PROBE);
+
+	/*
+	 * FREEZE LOCK the drive so malicous users can't lock it on us.
+	 * As there is no harm in issuing this to drives that don't
+	 * support the security feature set we just send it, and don't
+	 * bother checking if the drive sends a command abort to tell us it
+	 * doesn't support it.
+	 */
+	bzero(&wdc_c, sizeof(struct wdc_command));
+
+	wdc_c.r_command = WDCC_SEC_FREEZE_LOCK;
+	wdc_c.timeout = 1000;
+	wdc_c.flags = at_poll;
+	if (wdc_exec_command(wd->drvp, &wdc_c) != WDC_COMPLETE) {
+		printf("%s: freeze lock command didn't complete\n",
+		    wd->sc_dev.dv_xname);
+	}
+
 	/*
 	 * Initialize and attach the disk structure.
 	 */