ATTO ExpressSAS 12Gb GT Host Bus Adapter Linux ReadMe

  1. Supported Operating Systems
  2. Supported Adapters
  3. Installation Instructions
  4. Advanced - Manually Installing the Driver
  5. Advanced - Optional Module Parameters
  6. Advanced - Linux Secure Boot
  7. Conflicts with the mpt3sas Module

  1. Supported Operating Systems (x86_64 architecture only)

    • RHEL 8, 9
    • Rocky Linux 8, 9
    • openSUSE LEAP 15
    • SLES 15
    • Ubuntu 22.04, 24.04
  2. Supported Adapters

    • ATTO ExpressSAS H1208 GT
    • ATTO ExpressSAS H1280 GT
    • ATTO ExpressSAS H120F GT
    • ATTO ExpressSAS H12F0 GT
    • ATTO ExpressSAS H1244 GT


  3. Installation Instructions

    1. Run the installer from the root of the install package with sudo ./install.sh
    2. Follow the on-screen instructions to complete the installation

    NOTE:
    • Run ./install.sh -h for additional installer options.
    • Run an installed CLI tool with the -h option for additional help.


  4. Advanced - Manually Installing the Driver

    NOTE: The package must be extracted to a path with no spaces (required by the kernel build system).

    Make and install the modules:

    $ cd src
    $ sudo make install

    NOTE: You need the kernel header files installed to build this driver. If the header files are in a non-standard location, you may need to modify the KDIR variable. E.g.:

    $ sudo make install KDIR=/path/to/kernel

    Load the module:

    $ modprobe esas5hba

    You may receive a warning that the module will taint the kernel. This is expected.

    On SLES, you may also receive an error message about "unsupported" drivers. You can fix this problem by loading the driver with modprobe --allow-unsupported esas5hba or setting allow_unsupported_modules to 1 in /etc/modprobe.d/unsupported-modules


  5. Advanced - Linux Secure Boot

    Secure Boot is an optional feature that uses cryptographic signatures to verify that software loaded on the system has been signed by a trusted publisher. For more information about secure boot, refer to documentation from your distribution, such as https://www.redhat.com/sysadmin/secure-boot-systemtap or https://wiki.debian.org/SecureBoot.

    With Secure Boot enabled, any drivers that are compiled and loaded must be signed by a trusted publisher. If your driver fails to load with modprobe, it may mean that Secure Boot is enabled on your system. If this is the case, you may see an error message similar to "modprobe: unsigned module loading is restricted" in dmesg.

    ATTENTION: If Secure Boot is not required for your system, it is recommended to disable secure boot in your system BIOS to prevent these issues. If Secure Boot is necessary, the ATTO driver can be signed by following the steps below, (note that this process will need to be repeated for every kernel upgrade)


    Below is an example of how to sign a driver in Ubuntu. Other distributions may be different. Consult your distribution's documentation for any discrepancies.

    1. Create your signing keys by following the guide at https://ubuntu.com/blog/how-to-sign-things-for-secure-boot.
    2. Install the driver as normal using the installer. NOTE: The driver WILL fail to load because it is not signed, ignore that for now.
    3. Find the paths to the MOK.priv and MOK.der keys that were generated using the guide above.
    4. Find the install location of the esas5hba module. It will be loacted at either /lib/modules/$(uname -r)/updates/dkms/ or /lib/modules/$(uname -r)/extra/
    5. Sign the main driver with sudo kmodsign sha512 <path/to/MOK.priv> <path/to/MOK.der> <path/to/install/location/esas5hba.ko>
    6. Sign the cfg driver with sudo kmodsign sha512 <path/to/MOK.priv> <path/to/MOK.der> <path/to/install/location/esas5hba_cfg.ko>
    7. Verify that the driver was successfully signed hexdump -Cv <path/to/install/location/esas5hba.ko> | tail -n 5. This output should have ~Module signature appended~ in it, if not, the module may not be properly signed.
    8. Rebuild the system's initrd for the change to take effect. See your system's documentation on how to properly rebuild the initrd.


  6. Advanced - Optional Module Parameters

    Module parameters may be modified with the atdpm CLI tool included with the driver package.

  7. Conflicts with the mpt3sas Module

    In Linux kernel 6.1.0 and higher, there is built-in support for the Broadcom/LSI SAS3816 controller in the mpt3sas driver. By default, the ATTO install script will override the mpt3sas driver and no action needs to be taken by the user.

    If the mpt3sas driver needs to be overridden manually, the mpt3sas driver can be blacklisted. To blacklist the driver create the file /etc/modprobe.d/esas5hba-blacklist.conf and add the line blacklist mpt3sas

    You may need to rebuild the system's initrd for the change to take effect. See your system's documentation on how to properly rebuild the initrd.

    WARNING: An incorrect or invalid initrd image can render a system unbootable. Care should be taken when modifying the initrd.