152 lines
6.8 KiB
ReStructuredText
152 lines
6.8 KiB
ReStructuredText
==========================
|
|
Hard disk shock protection
|
|
==========================
|
|
|
|
Author: Elias Oltmanns <eo@nebensachen.de>
|
|
|
|
Last modified: 2008-10-03
|
|
|
|
|
|
.. 0. Contents
|
|
|
|
1. Intro
|
|
2. The interface
|
|
3. References
|
|
4. CREDITS
|
|
|
|
|
|
1. Intro
|
|
--------
|
|
|
|
ATA/ATAPI-7 specifies the IDLE IMMEDIATE command with unload feature.
|
|
Issuing this command should cause the drive to switch to idle mode and
|
|
unload disk heads. This feature is being used in modern laptops in
|
|
conjunction with accelerometers and appropriate software to implement
|
|
a shock protection facility. The idea is to stop all I/O operations on
|
|
the internal hard drive and park its heads on the ramp when critical
|
|
situations are anticipated. The desire to have such a feature
|
|
available on GNU/Linux systems has been the original motivation to
|
|
implement a generic disk head parking interface in the Linux kernel.
|
|
Please note, however, that other components have to be set up on your
|
|
system in order to get disk shock protection working (see
|
|
section 3. References below for pointers to more information about
|
|
that).
|
|
|
|
|
|
2. The interface
|
|
----------------
|
|
|
|
For each ATA device, the kernel exports the file
|
|
`block/*/device/unload_heads` in sysfs (here assumed to be mounted under
|
|
/sys). Access to `/sys/block/*/device/unload_heads` is denied with
|
|
-EOPNOTSUPP if the device does not support the unload feature.
|
|
Otherwise, writing an integer value to this file will take the heads
|
|
of the respective drive off the platter and block all I/O operations
|
|
for the specified number of milliseconds. When the timeout expires and
|
|
no further disk head park request has been issued in the meantime,
|
|
normal operation will be resumed. The maximal value accepted for a
|
|
timeout is 30000 milliseconds. Exceeding this limit will return
|
|
-EOVERFLOW, but heads will be parked anyway and the timeout will be
|
|
set to 30 seconds. However, you can always change a timeout to any
|
|
value between 0 and 30000 by issuing a subsequent head park request
|
|
before the timeout of the previous one has expired. In particular, the
|
|
total timeout can exceed 30 seconds and, more importantly, you can
|
|
cancel a previously set timeout and resume normal operation
|
|
immediately by specifying a timeout of 0. Values below -2 are rejected
|
|
with -EINVAL (see below for the special meaning of -1 and -2). If the
|
|
timeout specified for a recent head park request has not yet expired,
|
|
reading from `/sys/block/*/device/unload_heads` will report the number
|
|
of milliseconds remaining until normal operation will be resumed;
|
|
otherwise, reading the unload_heads attribute will return 0.
|
|
|
|
For example, do the following in order to park the heads of drive
|
|
/dev/sda and stop all I/O operations for five seconds::
|
|
|
|
# echo 5000 > /sys/block/sda/device/unload_heads
|
|
|
|
A simple::
|
|
|
|
# cat /sys/block/sda/device/unload_heads
|
|
|
|
will show you how many milliseconds are left before normal operation
|
|
will be resumed.
|
|
|
|
A word of caution: The fact that the interface operates on a basis of
|
|
milliseconds may raise expectations that cannot be satisfied in
|
|
reality. In fact, the ATA specs clearly state that the time for an
|
|
unload operation to complete is vendor specific. The hint in ATA-7
|
|
that this will typically be within 500 milliseconds apparently has
|
|
been dropped in ATA-8.
|
|
|
|
There is a technical detail of this implementation that may cause some
|
|
confusion and should be discussed here. When a head park request has
|
|
been issued to a device successfully, all I/O operations on the
|
|
controller port this device is attached to will be deferred. That is
|
|
to say, any other device that may be connected to the same port will
|
|
be affected too. The only exception is that a subsequent head unload
|
|
request to that other device will be executed immediately. Further
|
|
operations on that port will be deferred until the timeout specified
|
|
for either device on the port has expired. As far as PATA (old style
|
|
IDE) configurations are concerned, there can only be two devices
|
|
attached to any single port. In SATA world we have port multipliers
|
|
which means that a user-issued head parking request to one device may
|
|
actually result in stopping I/O to a whole bunch of devices. However,
|
|
since this feature is supposed to be used on laptops and does not seem
|
|
to be very useful in any other environment, there will be mostly one
|
|
device per port. Even if the CD/DVD writer happens to be connected to
|
|
the same port as the hard drive, it generally *should* recover just
|
|
fine from the occasional buffer under-run incurred by a head park
|
|
request to the HD. Actually, when you are using an ide driver rather
|
|
than its libata counterpart (i.e. your disk is called /dev/hda
|
|
instead of /dev/sda), then parking the heads of one drive (drive X)
|
|
will generally not affect the mode of operation of another drive
|
|
(drive Y) on the same port as described above. It is only when a port
|
|
reset is required to recover from an exception on drive Y that further
|
|
I/O operations on that drive (and the reset itself) will be delayed
|
|
until drive X is no longer in the parked state.
|
|
|
|
Finally, there are some hard drives that only comply with an earlier
|
|
version of the ATA standard than ATA-7, but do support the unload
|
|
feature nonetheless. Unfortunately, there is no safe way Linux can
|
|
detect these devices, so you won't be able to write to the
|
|
unload_heads attribute. If you know that your device really does
|
|
support the unload feature (for instance, because the vendor of your
|
|
laptop or the hard drive itself told you so), then you can tell the
|
|
kernel to enable the usage of this feature for that drive by writing
|
|
the special value -1 to the unload_heads attribute::
|
|
|
|
# echo -1 > /sys/block/sda/device/unload_heads
|
|
|
|
will enable the feature for /dev/sda, and giving -2 instead of -1 will
|
|
disable it again.
|
|
|
|
|
|
3. References
|
|
-------------
|
|
|
|
There are several laptops from different vendors featuring shock
|
|
protection capabilities. As manufacturers have refused to support open
|
|
source development of the required software components so far, Linux
|
|
support for shock protection varies considerably between different
|
|
hardware implementations. Ideally, this section should contain a list
|
|
of pointers at different projects aiming at an implementation of shock
|
|
protection on different systems. Unfortunately, I only know of a
|
|
single project which, although still considered experimental, is fit
|
|
for use. Please feel free to add projects that have been the victims
|
|
of my ignorance.
|
|
|
|
- http://www.thinkwiki.org/wiki/HDAPS
|
|
|
|
See this page for information about Linux support of the hard disk
|
|
active protection system as implemented in IBM/Lenovo Thinkpads.
|
|
|
|
|
|
4. CREDITS
|
|
----------
|
|
|
|
This implementation of disk head parking has been inspired by a patch
|
|
originally published by Jon Escombe <lists@dresco.co.uk>. My efforts
|
|
to develop an implementation of this feature that is fit to be merged
|
|
into mainline have been aided by various kernel developers, in
|
|
particular by Tejun Heo and Bartlomiej Zolnierkiewicz.
|