What does `dd if=/dev/zero of=/dev/sda` do

dd if=/dev/zero of=/dev/sda bs=4096 count=4096 Q: why 4096 is particularly used for counter?

This will zero out the first 16 MiB of the drive. 16 MiB is probably more than enough to nuke any "start of disk" structures while being small enough that it won't take very long.

dd if=/dev/zero of=/dev/sda bs=512 count=4096 seek=$(expr blockdev --getsz /dev/sda - 4096)

Q: What does this exactly?

blockdev --getsz gets the size of the block device in "512 byte sectors". So this command looks like it was intended to zero out the last 2 MiB of the drive.

Unfortunately this command is broken syntax wise. I expect the command was originally intended to be

dd if=/dev/zero of=/dev/sda bs=512 count=4096 seek=$(expr `blockdev --getsz /dev/sda` - 4096)

and the backticks got lost somewhere along the line of people copy/pasting it between different environments.

Old partition tables, LVM metadata, raid metadata etc can cause problems when reusing a drive. Zeroing out sections at the start and end of the drive will generally avoid these problems while being much faster than zeroing out the whole drive.


This will erase the first 4096*4096=16MB and last 512*4096=2MB of your hard drive, which contain important structures useful for recovery. I assume this code was posted maliciously.

I've never encounter a situation where explicitly specifying a count other than 1 was useful. I have erased the first block if I wanted to ensure I wasn't leaving any traces of the MBR behind ...


Those commands will overwrite your sda device with zeroes -- the first one will do the first 16MB (block size of 4096 and count of 4096 blocks) and the 2nd one will overwrite the last 2MB (512 block size with 4096 blocks) with zeroes. (it's not technically erasing, and that relates to my first point below.)

(that was the part already mentioned in other answers, including it here for completeness)

Another thing that is worth mentioning is that the block size does have effects, but those are generally only seen on high-volume operations. The most efficient (fastest) way to execute the command is if the block size of the command matches the access size of the device, otherwise time is wasted.

If you're interested, you can try creating a file with a million 1-block chunks, and a file with 1 million block chunks and see the difference:

[user@host tmp]$ time dd if=/dev/zero of=/tmp/test1 bs=1 count=1000000
1000000+0 records in
1000000+0 records out
1000000 bytes (1.0 MB) copied, 2.44439 s, 409 kB/s

real    0m2.447s
user    0m0.177s
sys     0m2.269s
[user@host tmp]$ time dd if=/dev/zero of=/tmp/test2 bs=1000000 count=1
1+0 records in
1+0 records out
1000000 bytes (1.0 MB) copied, 0.00155357 s, 644 MB/s

real    0m0.003s
user    0m0.001s
sys     0m0.002s
[user@host tmp]$ ls -al test*
-rw-rw---- 1 user grp 1000000 Apr  8 15:51 test1
-rw-rw---- 1 user grp 1000000 Apr  8 15:51 test2

As you can see, blocksize has a massive impact on efficiency. That's perhaps a sidebar to the OP, but I feel that it's still relevant.

TL;DR: Don't execute arbitrary code you find on the net, or that someone you don't trust gives you. It'll ruin your day.

Tags:

Disk

Dd