Previous Topic: Hotfix hf7694Next Topic: Hotfix hf8003

Getting ReadyRelease NotesHotfixesHotfix df7588

Hotfix df7588

df7588 is a distribution hotfix for CA AppLogic® 3.5.19 and 3.5.22. df7588 resolves the following device support issues. Note that all bug fixes affect only Xen-based grids unless otherwise noted.

  1. SCR 7507 where Broadcom 10G NICs are not supported due to missing firmware files for the Broadcom bnx2x driver.
  2. SCR 7533 where some of the firmware files are missing for ~50 devices (NICs and hard disk controllers).
  3. SCR 7669 where grid creation fails on servers using Broadcom BCM5709 NICs.
  4. SCR 6779 where Broadcom Gigabit Ethernet NICs sometimes do not operate at Gigabit speed.
  5. SCR 7516 where NIC state is wrongly reported for Emulex 10G-based NICs.
  6. SCR 7528 where Intel e1000e NIC driver hardware hangs.
  7. SCR 7640 where the Linux kernel crashes on boot when using the HP DL380 G6 disk controller.
  8. SCR 6448 where Dell PERC H200 controller disks are reported as zero capacity due to a bug in the mpt2sas driver.

In addition, df7588 resolves the following grid stability issues:

  1. SCR 7611 resolves several Xen security advisories.
  2. SCR 7665 where stopping multiple appliances can overload the server and lead to cleanup failures causing grid instability.
  3. SCR 7673 where the Xen netback driver crashes while processing large network packets.
  4. SCR 7569 where app stop hangs after applications have been running for more than 10 days (ESX-based grids only).
  5. SCR 7666 where an unnecessary error message is printed when a packet is dropped by a network queue.
  6. SCR 6169 where Windows appliances fail to start after the hostname is changed.
  7. SCR 7658 where not all of the physical disks of the servers are utilized upon grid creation.
  8. SCR 7667 where upon a server reboot Xen leaves behind large files that are never deleted.

The resolution to the above SCRs affects grid servers that use any of the following hardware:

  1. Broadcom NetXtreme II 1 Gigabit Ethernet controller chipsets

    BCM5706/BCM5708/5709/5716

  2. Broadcom NetXtreme II 10 Gigabit Ethernet controller chipsets

    BCM57710/BCM57711/BCM57711E/BCM57712

  3. ServerEngines Corp. Emulex OneConnect 10Gb NIC (be3) (rev 01)
  4. Devices supported by Intel e1000e NIC driver

    Intel® 82563 Gigabit Ethernet PHY

    Intel® 82566 Gigabit Ethernet PHY

    Intel® 82567 Gigabit Ethernet Controller

    Intel® 82571EB Gigabit Ethernet Controller

    Intel® 82572EI Gigabit Ethernet Controller

    Intel® 82573E Gigabit Ethernet Controller

    Intel® 82573L Gigabit Ethernet Controller

    Intel® 82573V Gigabit Ethernet Controller

    Intel® 82574 Gigabit Ethernet Controller

    Intel® 82577 Gigabit Ethernet PHY

    Intel® 82578 Gigabit Ethernet PHY

    Intel® 82579 Gigabit Ethernet Controller

    Intel® 82583V Gigabit Ethernet Controller

    Intel® Gigabit CT Desktop Adapter

    Intel® Gigabit PT Quad Port Server ExpressModule

    Intel® PRO/1000 PF Dual Port Server Adapter

    Intel® PRO/1000 PF Quad Port Server Adapter

    Intel® PRO/1000 PF Server Adapter

    Intel® PRO/1000 PT Desktop Adapter

    Intel® PRO/1000 PT Dual Port Server Adapter

    Intel® PRO/1000 PT Quad Port Low Profile Server Adapter

    Intel® PRO/1000 PT Quad Port Server Adapter

    Intel® PRO/1000 PT Server Adapter

  5. Dell PowerEdge RAID Controller (PERC) H200 disk controller
  6. HP DL380 with Smart Array G6 P410i disk controller

This hotfix resolves the following Xen Security Advisories:

  1. XSA-6 HVM e1000, buffer overflow.
  2. XSA-7 64-bit PV guest privilege escalation vulnerability.
  3. XSA-8 Guest denial of service on syscall/sysenter exception generation.
  4. XSA-9 PV guest host Denial of Service.
  5. XSA-11 HVM guest destroy p2m teardown host DoS vulnerability.
  6. XSA-12 Hypercall set_debugreg vulnerability.
  7. XSA-13 Hypercall physdev_get_free_pirq vulnerability.
  8. XSA-14 XENMEM_populate_physmap DoS vulnerability.
  9. XSA-16 PHYSDEVOP_map_pirq index vulnerability.
  10. XSA-17 Qemu VT100 emulation vulnerability.
  11. XSA-19 Guest administrator can access qemu monitor console.

Note: df7588 includes all previous hotfixes that were released for CA AppLogic® 3.5. df7588 includes hf7611, hf6169 and hf7516. If the distro hotfix df7588 is installed there is no need of installing hotfix hf7694.

Note: In contrast to a normal hotfix that is applied to a CA AppLogic® grid after it is created, a distribution hotfix is applied to the CA AppLogic® distribution image used to create grids. Because this is a distribution hotfix, the installation procedure is different than a standard hotfix. Therefore, this hotfix does not need to be re-applied unless the CA AppLogic® 3.5.19 or 3.5.22 distribution image is re-imported into the BFC.

Note: Fixes for SCRs 7528, 7640 and 7658 have passed preliminary testing but final testing is still pending.

This hotfix is only for CA AppLogic® 3.5.19 and 3.5.22 distributions.

Installation

After using BFC to download the new hotfix df7588, login as root to the BFC server and do the following:

If you installed the BFC in the default install location (/opt/bfc), run the following command:

/opt/bfc/bin/apply-version-hotfix -v 3.5.19 -f <download directory>/3.5.19/applogic-3.5.19-df7588-part1.2.tar.bz2

If you installed the BFC in an alternate location, run the following command:

<non-standard BFC install location>/apply-version-hotfix -v 3.5.19 -f <download directory>/3.5.19/applogic-3.5.19-df7588-part1.2.tar.bz2

The same commands from above can be used to install the distro hotfix for 3.5.22 as follows:

/opt/bfc/bin/apply-version-hotfix -v 3.5.22 -f <download directory>/3.5.22/applogic-3.5.22-df7588-part1.2.tar.bz2

Note: <download directory> is the download directory that was specified during the BFC installation. It is also found in the BFC Administration GUI under the Versions tab.