disk-shock-protection.rst (6927B)
1========================== 2Hard disk shock protection 3========================== 4 5Author: Elias Oltmanns <eo@nebensachen.de> 6 7Last modified: 2008-10-03 8 9 10.. 0. Contents 11 12 1. Intro 13 2. The interface 14 3. References 15 4. CREDITS 16 17 181. Intro 19-------- 20 21ATA/ATAPI-7 specifies the IDLE IMMEDIATE command with unload feature. 22Issuing this command should cause the drive to switch to idle mode and 23unload disk heads. This feature is being used in modern laptops in 24conjunction with accelerometers and appropriate software to implement 25a shock protection facility. The idea is to stop all I/O operations on 26the internal hard drive and park its heads on the ramp when critical 27situations are anticipated. The desire to have such a feature 28available on GNU/Linux systems has been the original motivation to 29implement a generic disk head parking interface in the Linux kernel. 30Please note, however, that other components have to be set up on your 31system in order to get disk shock protection working (see 32section 3. References below for pointers to more information about 33that). 34 35 362. The interface 37---------------- 38 39For each ATA device, the kernel exports the file 40`block/*/device/unload_heads` in sysfs (here assumed to be mounted under 41/sys). Access to `/sys/block/*/device/unload_heads` is denied with 42-EOPNOTSUPP if the device does not support the unload feature. 43Otherwise, writing an integer value to this file will take the heads 44of the respective drive off the platter and block all I/O operations 45for the specified number of milliseconds. When the timeout expires and 46no further disk head park request has been issued in the meantime, 47normal operation will be resumed. The maximal value accepted for a 48timeout is 30000 milliseconds. Exceeding this limit will return 49-EOVERFLOW, but heads will be parked anyway and the timeout will be 50set to 30 seconds. However, you can always change a timeout to any 51value between 0 and 30000 by issuing a subsequent head park request 52before the timeout of the previous one has expired. In particular, the 53total timeout can exceed 30 seconds and, more importantly, you can 54cancel a previously set timeout and resume normal operation 55immediately by specifying a timeout of 0. Values below -2 are rejected 56with -EINVAL (see below for the special meaning of -1 and -2). If the 57timeout specified for a recent head park request has not yet expired, 58reading from `/sys/block/*/device/unload_heads` will report the number 59of milliseconds remaining until normal operation will be resumed; 60otherwise, reading the unload_heads attribute will return 0. 61 62For example, do the following in order to park the heads of drive 63/dev/sda and stop all I/O operations for five seconds:: 64 65 # echo 5000 > /sys/block/sda/device/unload_heads 66 67A simple:: 68 69 # cat /sys/block/sda/device/unload_heads 70 71will show you how many milliseconds are left before normal operation 72will be resumed. 73 74A word of caution: The fact that the interface operates on a basis of 75milliseconds may raise expectations that cannot be satisfied in 76reality. In fact, the ATA specs clearly state that the time for an 77unload operation to complete is vendor specific. The hint in ATA-7 78that this will typically be within 500 milliseconds apparently has 79been dropped in ATA-8. 80 81There is a technical detail of this implementation that may cause some 82confusion and should be discussed here. When a head park request has 83been issued to a device successfully, all I/O operations on the 84controller port this device is attached to will be deferred. That is 85to say, any other device that may be connected to the same port will 86be affected too. The only exception is that a subsequent head unload 87request to that other device will be executed immediately. Further 88operations on that port will be deferred until the timeout specified 89for either device on the port has expired. As far as PATA (old style 90IDE) configurations are concerned, there can only be two devices 91attached to any single port. In SATA world we have port multipliers 92which means that a user-issued head parking request to one device may 93actually result in stopping I/O to a whole bunch of devices. However, 94since this feature is supposed to be used on laptops and does not seem 95to be very useful in any other environment, there will be mostly one 96device per port. Even if the CD/DVD writer happens to be connected to 97the same port as the hard drive, it generally *should* recover just 98fine from the occasional buffer under-run incurred by a head park 99request to the HD. Actually, when you are using an ide driver rather 100than its libata counterpart (i.e. your disk is called /dev/hda 101instead of /dev/sda), then parking the heads of one drive (drive X) 102will generally not affect the mode of operation of another drive 103(drive Y) on the same port as described above. It is only when a port 104reset is required to recover from an exception on drive Y that further 105I/O operations on that drive (and the reset itself) will be delayed 106until drive X is no longer in the parked state. 107 108Finally, there are some hard drives that only comply with an earlier 109version of the ATA standard than ATA-7, but do support the unload 110feature nonetheless. Unfortunately, there is no safe way Linux can 111detect these devices, so you won't be able to write to the 112unload_heads attribute. If you know that your device really does 113support the unload feature (for instance, because the vendor of your 114laptop or the hard drive itself told you so), then you can tell the 115kernel to enable the usage of this feature for that drive by writing 116the special value -1 to the unload_heads attribute:: 117 118 # echo -1 > /sys/block/sda/device/unload_heads 119 120will enable the feature for /dev/sda, and giving -2 instead of -1 will 121disable it again. 122 123 1243. References 125------------- 126 127There are several laptops from different vendors featuring shock 128protection capabilities. As manufacturers have refused to support open 129source development of the required software components so far, Linux 130support for shock protection varies considerably between different 131hardware implementations. Ideally, this section should contain a list 132of pointers at different projects aiming at an implementation of shock 133protection on different systems. Unfortunately, I only know of a 134single project which, although still considered experimental, is fit 135for use. Please feel free to add projects that have been the victims 136of my ignorance. 137 138- https://www.thinkwiki.org/wiki/HDAPS 139 140 See this page for information about Linux support of the hard disk 141 active protection system as implemented in IBM/Lenovo Thinkpads. 142 143 1444. CREDITS 145---------- 146 147This implementation of disk head parking has been inspired by a patch 148originally published by Jon Escombe <lists@dresco.co.uk>. My efforts 149to develop an implementation of this feature that is fit to be merged 150into mainline have been aided by various kernel developers, in 151particular by Tejun Heo and Bartlomiej Zolnierkiewicz.