IBM AIX Continuous Availability Features - IBM Redbooks

More documents

Recommendations

Info

Example 3-19 shows the SMIT menu for the current storage key setting. Example 3-19 SMIT menu to check current storage key setting 80 IBM AIX Continuous Availability Features Change/Show Kernel Storage Protection Keys State Move cursor to desired item and press Enter. Show Kernel Storage Protection Keys State Change Next Boot Kernel Storage Protection Keys State F1=Help F2=Refresh F3=Cancel F8=Image F9=Shell F10=Exit Enter=Do The current storage key setting for our test system is shown in Example 3-20. Example 3-20 Current storage key setting COMMAND STATUS Command: OK stdout: yes stderr: no Before command completion, additional instructions may appear below. Current Kernel Storage Protection Keys State is enabled. Next Boot Kernel Storage Protection Keys State is default. F1=Help F2=Refresh F3=Cancel F6=Command F8=Image F9=Shell F10=Exit /=Find n=Find Next You can change the next boot storage key setting by using the second option of the SMIT menu shown in Example 3-19. Note: Although you may be able to use the command line for checking and altering storage key settings, this is not supported for direct use. Only SMIT menus are supported. 3.7.3 Kernel mode protection keys Kernel keys provide a Reliability function by limiting the damage that a software component can do to other parts of the system. The keys will prevent kernel extensions from damaging core kernel components, and provide isolation between kernel extension classes. Kernel keys will also help provide a significant Availability function by helping to prevent error propagation.
Note: Kernel and kernel extensions are not necessarily protected from other kernel extensions. Kernel and kernel extensions are only protected (to the extent possible) from key-safe extensions. For details about protection degrees, refer to 3.7.4, “Degrees of storage key protection and porting considerations” on page 84, which describes key-safe and key-unsafe kernel extensions. Furthermore, key-unsafe extensions’ access rights are also somewhat limited. In particular, certain kernel parts appear only as read-only to the key-unsafe kernel extensions. Serviceability is enhanced by detecting memory addressing errors closer to their origin. Kernel keys allow many random overlays to be detected when the error occurs, rather than when the corrupted memory is used. With kernel key support, the AIX kernel introduces kernel domains and private memory access. Kernel domains are component data groups that are created to segregate sections of the kernel and kernel extensions from each other. Hardware protection of kernel memory domains is provided and enforced. Also, global storage heaps are separated and protected. This keeps heap corruption errors within kernel domains. There are also private memory keys that allow memory objects to be accessed only by authorized components. In addition to RAS benefits, private memory keys are a tool to enforce data encapsulation. There is a static kernel key-to-storage key mapping function set by the kernel at boot time. This mapping function is dependent on the number of storage keys that are present in the system. Note: Kernel keys are not intended to provide a security function. There is no infrastructure provided to authorize access to memory. The goal is to detect and prevent accidental memory overlays. The data protection kernel keys provide can be circumvented, but this is by design. Kernel code, with the appropriate protection gate, can still access any memory for compatibility reasons. Analogy To understand the concept of kernel storage keys, consider a simple analogy. Assume there is a large house (the kernel) with many rooms (components and device drivers) and many members (kernel processes and kernel execution path), and each member has keys only for a few other selected rooms in addition to its own room (keyset). Therefore, members having a key for a room are considered safe to be allowed inside. Every time a member wants to enter a room, the member needs to see whether its keyset contains a key for that room. If the member does not have the corresponding key, it can either create a key which will permit the member to enter the room (which means it will add the key to its keyset). Or the member can try to enter without a key. If the member tries to enter without a key, an alarm will trip (cause a DSI/Kernel crash) and everything will come to a halt because one member (a component or kernel execution path) tried to intrude into an unauthorized room. Kernel keys The kernel's data is classified into kernel keys according to intended use. A kernel key is a software key that allows the kernel to create data protection classes, regardless of the number of hardware keys available. A kernel keyset is a representation of a collection of kernel keys and the desired read or write access to them. Remember, several kernel keys Chapter 3. AIX advanced continuous availability tools and features 81
Page 1:
Front cover IBM AIX Continuous Avai
Page 4 and 5:
Note: Before using this information
Page 6 and 7:
2.3.7 Minidump . . . . . . . . . .
Page 8 and 9:
vi IBM AIX Continuous Availability
Page 10 and 11:
Trademarks The following terms are
Page 12 and 13:
Engineering degree in Computer Scie
Page 14 and 15:
Find out more about the residency p
Page 16 and 17:
1.1 Overview In May 2007, IBM intro
Page 18 and 19:
1.5 Continuous operations Continuou
Page 20 and 21:
1.6.2 Availability 1.6.3 Serviceabi
Page 22 and 23:
IBM has tried to enhance FFDC featu
Page 24 and 25:
10 IBM AIX Continuous Availability
Page 26 and 27:
2.1 System availability AIX is buil
Page 28 and 29:
On AIX 5.3, the only way to persist
Page 30 and 31:
When used on a standalone server (s
Page 32 and 33:
mirrored volume group on the client
Page 34 and 35:
2.2.1 Error checking Run-Time Error
Page 36 and 37:
The PowerPC hardware gives software
Page 38 and 39:
System dumps can also be user-initi
Page 40 and 41:
Live dumps are small dumps that do
Page 42 and 43:
Trace is a valuable tool for observ
Page 44 and 45: Component Trace uses mechanisms sim
Page 46 and 47: 2.3.14 syslog To display the boot l
Page 48 and 49: Logging can be added to many of the
Page 50 and 51: compression: on path specification:
Page 52 and 53: 2.4.4 EtherChannel network traffic
Page 54 and 55: 2.4.6 2-Port Adapter-based Ethernet
Page 56 and 57: operations) without affecting produ
Page 58 and 59: Quorum A quorum is a vote of the nu
Page 60 and 61: 2.5.8 Journaled File System-related
Page 62 and 63: Fast I/O failure is controlled by a
Page 64 and 65: display its output in a format suit
Page 66 and 67: For more detailed information about
Page 68 and 69: 54 IBM AIX Continuous Availability
Page 70 and 71: 3.1 AIX Reliability, Availability,
Page 72 and 73: This means that traditional AIX sys
Page 74 and 75: used by IBM service personnel, so t
Page 76 and 77: also be used to obtain a snapshot o
Page 78 and 79: 3.5 Live dump and component dump Li
Page 80 and 81: lfs filesystem ._0 | NO | ON/3 | OF
Page 82 and 83: .vmker | YES | ON/3 | OFF/3 .vmpool
Page 84 and 85: The output of Start a Live Dump is
Page 86 and 87: Table 3-3 Concurrent update termino
Page 88 and 89: We tested the installation of an ef
Page 90 and 91: Setting efix state to: STABLE +----
Page 92 and 93: mode, storage keys are called user
Page 96 and 97: might share a given hardware key. M
Page 98 and 99: KKEY_UPUBLIC, KKEY_FILE_DATA KKEY_U
Page 100 and 101: Note: Kernel keys and keysets, whic
Page 102 and 103: extension key-aware is determining
Page 104 and 105: added a protection gate for the int
Page 106 and 107: } printf("hardware keyset after KER
Page 108 and 109: } param=atoi(*(argv+1)); printf("Te
Page 110 and 111: Load the kernel extension so that a
Page 112 and 113: 3 : 000000000000000A r4 : F10006C00
Page 114 and 115: 3.7.7 User mode protection keys Use
Page 116 and 117: ► The APIs provided by the system
Page 118 and 119: if (!strcmp(*(argv+1),"read")){ if
Page 120 and 121: strlen() at 0xd010da00 _doprnt(??,
Page 122 and 123: int pthread_attr_setukeyset_np (pth
Page 124 and 125: Machine State Save Area iar : 00000
Page 126 and 127: As a consequence, determining the r
Page 128 and 129: A Vue script or Vue program is a pr
Page 130 and 131: ► An optional predicate The predi
Page 132 and 133: 3. Interval probe manager The inter
Page 134 and 135: { int count; count = count +1; prin
Page 136 and 137: ► Errno names ► Signal names
Page 138 and 139: * will result in error out of read(
Page 140 and 141: This places a large part of the bur
Page 142 and 143: Note: The frequency of checks made
Page 144 and 145:
Non-fragments 00000066 Promotions 0
Page 146 and 147:
immediately after the returned stor
Page 148 and 149:
This option should be used with car
Page 150 and 151:
3.9.6 KDB commands for XMDBG ► xm
Page 152 and 153:
Page 154 and 155:
Name AIX version Hardware required
Page 156 and 157:
Page 158 and 159:
Page 160 and 161:
Online resources These Web sites ar
Page 162 and 163:
sysdumpdev 27 tprof 28 trace 28 trc
Page 164:
subsequent reboot 71, 133 SUE 18 Sy
show all

IBM AIX Continuous Availability Features - IBM Redbooks

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?