IBM AIX Continuous Availability Features - IBM Redbooks
IBM AIX Continuous Availability Features - IBM Redbooks
IBM AIX Continuous Availability Features - IBM Redbooks
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
The PowerPC hardware gives software a mechanism to efficiently change storage<br />
accessibility.<br />
Storage-keys are exploited in both kernel-mode and user-mode APIs. In kernel-mode,<br />
storage-key support is known as kernel keys.<br />
The APIs that manage hardware keys in user mode refer to the functionality as user keys.<br />
User key support is primarily being provided as a reliability, availability and serviceability<br />
(RAS) feature for applications. The first major application software to implement user keys is<br />
DB2. In DB2, user keys are used for two purposes. Their primary purpose is to protect the<br />
DB2 core from errors in user-defined functions (UDFs). The second use is as a debug tool to<br />
prevent and diagnose internal memory overlay errors. But this functionality is available to any<br />
application.<br />
DB2 provides a UDF facility where customers can add extra code to the database. There are<br />
two modes that UDFs can run under, fenced and unfenced, as explained here:<br />
► In fenced mode, UDFs are isolated from the database by execution under a separate<br />
process. Shared memory is used to communicate between the database and UDF<br />
process. Fenced mode does have a significant performance penalty, because a context<br />
switch is required to execute the UDF.<br />
► An unfenced mode is also provided, where the UDF is loaded directly into the DB2<br />
address space. Unfenced mode greatly improves performance, but introduces a<br />
significant RAS exposure.<br />
Although DB2 recommends fenced mode, many customers use unfenced mode for improved<br />
performance. Use of user keys must provide significant isolation between the database and<br />
UDFs with low overhead.<br />
User keys work with application programs. They are a virtualization of the PowerPC storage<br />
key hardware. User keys can be added and removed from a user space AMR, and a single<br />
user key can be assigned to an application’s memory pages. Management and abstraction of<br />
user keys is left to application developers. The storage protection keys application<br />
programming interface (API) for user space applications is available in <strong>AIX</strong> V5.3 TL6 and is<br />
supported on all <strong>IBM</strong> System p POWER6 processor-based servers running this technology<br />
level.<br />
Kernel keys are added to <strong>AIX</strong> as an important Reliability, <strong>Availability</strong>, and Serviceability (RAS)<br />
function. They provide a Reliability function by limiting the damage that one software<br />
component can do to other parts of the system. They will prevent kernel extensions from<br />
damaging core kernel components, and provide isolation between kernel extension classes.<br />
Kernel keys will also help to provide significant <strong>Availability</strong> function by helping prevent error<br />
propagation—and this will be a key feature as <strong>AIX</strong> starts to implement kernel error recovery<br />
handlers. Serviceability is enhanced by detecting memory addressing errors closer to their<br />
origin. Kernel keys allow many random overlays to be detected when the error occurs, rather<br />
than when the corrupted memory is used.<br />
With kernel key support, the <strong>AIX</strong> kernel introduces the concept of kernel domains and private<br />
memory access. Kernel domains are component data groups that are created to segregate<br />
sections of the kernel and kernel extensions from each other. Hardware protection of kernel<br />
memory domains is provided and enforced. Also, global storage heaps are separated and<br />
protected. This keeps heap corruption errors within kernel domains. There are also private<br />
memory keys that allow memory objects to be accessed only by authorized components.<br />
Besides the Reliability, <strong>Availability</strong> and Serviceability benefits, private memory keys are a tool<br />
to enforce data encapsulation.<br />
22 <strong>IBM</strong> <strong>AIX</strong> <strong>Continuous</strong> <strong>Availability</strong> <strong>Features</strong>