What are the differences between Host Protected Area (HPA), Device Configuration Overlay (DCO), and service area of a HDD/SSD?

8

2

I'm confused about the differences between the Host Protected Area (HPA), Device Configuration Overlay (DCO), and the service area of a HDD or SSD. From what I gather on the wiki pages, disks can have the HPA, DCO, or even both, but it's not clear to me why have both. They seem to serve the same function. And then there's the service area, which I think is the firmware of the drive controller.

What are the differences between the HPA, DCO, and service area? How is the service area accessed and can it store user data?

user301234

Posted 2014-02-27T17:10:59.917

Reputation: 103

Answers

5

A service area is a logical area on the hard-drive (residing on the platters) set aside by hard-drive vendors for internally managing the drive. These areas are outside the hard-drive’s Logical Block Address (LBA) space and as such are non-addressable and inaccessible via the standard ATA commands. The service area contains both code and data modules, such as defect management modules, SMART data modules, self-test modules and much more.

A common overview of the disk areas is as follows:

[enter image description here][1]

In order to access the service area, Programmable IO must be used to send commands directly to the hard-drive’s IO port. These commands are unique to the hard-drive vendor and are not publicly disclosed, used rather by released vendor tools (and by some sophisticated viruses such as Stuxnet).

Disk Firmware Area (DPA)

In most cases this area is the one that is called service area.

The firmware is composed of a series of modules. Examples are: SECU (Security System Module), P-List, G-List, T-List, SMART Attributes, and U-List (Firmware Zone Translator). See also Bad sector remapping.

A portion of the disk firmware is usually resident on the drive, loaded on power up by code located on the controller board of the hard-drive and managing the disk until the disk is shutdown, or sometimes residing in flash memory located on the disk controller chip.

Host Protected Area

The Host Protected Area (HPA) is used for holding diagnostics and other utilities required by the manufacturer such as the boot sector, the exact content depending upon the manufacture. It may contain information about the user addressable sectors, start of the reserved area, and the code for the boot.

Device Configuration Overlay

A Device Configuration Overlay (DCO) is similar to the HPA, but is used by manufacturers to configure drive sizes and may exist at the same time.

Its purpose is to allow the PC manufacturers to purchase one disk and market it as different models of different sizes. It can also be used to enable and disable features on the disk.

References:

harrymc

Posted 2014-02-27T17:10:59.917

Reputation: 306 093

I hadn't forgotten about the bounty, I was intentionally giving people as much of a chance as possible to post answers. This is a very good answer, and the references especially will be interesting to look into, and since it's the only one at this late stage I've awarded you the bounty, but could you clarify the last and arguably most important question asked by the OP - the possibility of any of these areas containing user data? – Hashim – 2020-01-14T15:59:27.207

As an aside, the Wired article was actually the impetus for my looking for the answer to this question, and then putting the bounty out when I realised it had already been asked. – Hashim – 2020-01-14T16:14:25.950

@Hashim: There is no published mechanism for user data and no documentation. You would need to reverse engineer the manufacturer utilities, more suitable for hackers. – harrymc – 2020-01-14T16:31:27.393

By the way where is the image in the answer taken from? – Hashim – 2020-02-27T19:18:30.267

@Hashim: One of the references. – harrymc – 2020-02-27T20:03:46.017

Asked: 2014-02-27T17:10:59.917

Viewed: 981 times

Active: 2020-02-04T12:05:41.423