Don said:
How can I mark a disk MBR as non bootable?
There are no "absolute control" options.
It's a very sloppy situation.
You need to describe *exactly* what you want to happen,
to get me more focused on a solution.
Many of the solutions, rely on "side-effects" of how
the design works, rather than being absolute controls.
It requires care and attention from the operator.
The PC BIOS is not "automated" in any sense, not
in a really useful sense.
We can do all sorts of things to the BIOS or to disks,
that will leave the boot cursor flashing in the upper
left hand corner, but users seldom want that to happen
(stuck in BIOS).
If you're trying to auto restart a server after a
power failure, there are really no guarantees there
as to what will happen. Operator error on some previous
day (save wrong BIOS settings), could leave the server
in a non-boot situation right after a power failure.
There is no flag that says "please don't consider this
disk for booting". There are flags, that if actuated,
will prevent the disk from being used at all. But
again, that is seldom what a user is after. Users want
their data disk(s) to mount, not be entirely ignored.
If I zeroed out the 512 byte MBR sector, no OS is
really going to be very interested in the disk after
that. And your data is safely "inaccessible"
The BIOS may try to boot from a completely zeroed MBR.
I don't even know if it is clever enough to look
for the AA55 signature.
I have one computer here, where the BIOS is so dumb,
it *freezes* if it finds a disk with an all 0's MBR.
So right away, on that machine, protecting a disk that
way (zeroing out MBR sector 0) is a non-starter. The computer
is useless until that zeroed disk is disconnected. The
disk must be programmed on another machine (or hot inserted),
to fix it. It's a good thing I own more than one computer.
*******
If you want a recipe with some cleverness to it, you
can do the following.
Note that, every storage controller in the computer,
needs Extended INT 0x13 BIOS read-disk support.
Controller cards have a "BIOS chip" with a paper sticker
on top, which contains that BIOS code. For chips
on the motherboard, the main BIOS chip contains INT 0x13
support, added one code module at a time.
On computers with multiple controllers, what you can do
is prevent that BIOS chip from being loaded at boot rime.
That turns the storage controller cards into "data only"
disk controllers. When the OS is booted, the OS driver
loads the registers on the controller, and the controller
works and the data disks mount. But if the INT 0x13 support
is nullified at the BIOS level, then the BIOS can't "see"
the disks from a boot perspective. They don't
register as boot candidates.
Some servers give finer grained control of this behavior.
Generally, desktops aren't very clever at all. My
BIOS provides only one control, blunt as a sledgehammer.
On my current motherboard, doing this
Interrupt 19 capture [Disabled] 19 decimal = 0x13 Hex
BIOS could list it
either way.
would prevent the BIOS from booting from my Promise Ultra133
IDE card. But, it could also prevent my Southbridge Intel
ports from booting as well. It might leave the USB boot
options working. Might. Not sure. So that's hardly a very
clever way to work things. It is a control. It does
cause disks to be ignored, and yet, still usable if
some OS manages to boot. Lack of INT 0x13 support only
affects BIOS booting (and maybe DOS access?).
There is limited low memory space to load the INT 0x13 handlers.
If you plug four controller cards in some PCs, memory is allocated
for each loading BIOS module, until the memory is exhausted.
The controller card in the lowest slot (furthest from processor),
its INT 0x13 module doesn't load, and you can't boot from the
card down there. The solution in that case, is to re-arrange
the cards physically in the "most likely I wanna boot" order.
See how easy it is to explain all this stuff ?
And I can't really be sure I'm not missing something.
As lots of it is "seat of the pants knowledge".
Summary:
OS disk - Fixes here, can leave BIOS cursor flashing and
machine stuck. Not many effective options that
I know of. I don't consider "trashing" a disk, to
be fixing anything.
Data only disk - Disable INT 0x13 support on the controller
- Disable port in SATA port settings in BIOS
Linux ignores BIOS disabled port settings
(so Linux will see your disk later).
Not sure about Windows.
Entirely ignored disk - BIOS port controls not absolute, zeroing
MBR problematic, block level access
(overwrite) still possible from any OS.
In fact, I've mounted invisible partitions
in Linux, with nothing more than block level
access and a sector offset value (no MBR needed).
Linux did not automatically find the partition,
but I knew where it was (above the 2TB mark).
"The only way to stop a disk, is unplug it".
HTH,
Paul