Previous Topic: Hotfix hf8368Next Topic: Hotfix hf8315

Getting ReadyRelease NotesHotfixesHotfix hf9042

Hotfix hf9042

This hotfix resolves an issue in CA AppLogic® 3.5.19 and 3.7.14 where applications containing a swap volume cannot be migrated.

Applicability:

hf9042 is an optional hotfix for CA AppLogic® 3.5.19 and 3.7.14. This hotfix cannot be used with other versions of CA AppLogic®.

The hotfix modifies files on the grid controller. The hotfix takes effect immediately upon successful installation (no reboot is required).

Dependencies: For CA AppLogic® version 3.5.19, hotfix hf8368 must be installed prior to installing this hotfix; there is no such requirement when installing this hotfix on a 3.7.14 grid.

Hotfix df8975

df8975 is a distribution hotfix for CA AppLogic® 3.5.19. df8975 resolves the following issues. Note that all bug fixes affect only Xen-based grids unless otherwise noted.

  1. SCR 8975 where dom0 kernel crashes on boot due to buggy CPU tables (Dell C6200 hardware).
  2. SCR 7507 where Broadcom 10G NICs are not supported due to missing firmware files for the Broadcom bnx2x driver.
  3. SCR 7533 where some of the firmware files are missing for ~50 devices (NICs and hard disk controllers).
  4. SCR 7669 where grid creation fails on servers using Broadcom BCM5709 NICs
  5. SCR 6779 where Broadcom Gigabit Ethernet NICs sometimes do not operate at Gigabit speed.
  6. SCR 7516 where NIC state is wrongly reported for Emulex 10G-based NICs
  7. SCR 7528 where Intel e1000e NIC driver hardware hangs
  8. SCR 7640 where the Linux kernel crashes on boot when using the HP DL380 G6 disk controller
  9. SCR 6448 where Dell PERC H200 controller disks are reported as zero capacity due to a bug in the mpt2sas driver.

In addition, df8975 resolves the following grid stability issues:

  1. SCR 8096 where HVM guest freezes during heavy I/O.
  2. SCR 7791 which upgrades hpsa driver with respect to advisory: HP Smart Array Controllers – driver upgrade required to prevent a read only Linux File System or an unresponsive server when a target reset is issued by the Smart Array Controller Driver for Linux (hpsa).
  3. SCR 8114 where access to the grid controller is lost while managing a windows volume and copying a file to it from the impex volume.
  4. SCR 7673 where the Xen netback driver crashes while processing large network packets
  5. SCR 7611 resolves several Xen security advisories.
  6. SCR 7665 where stopping multiple appliances can overload the server and lead to cleanup failures causing grid instability.
  7. SCR 7569 where app stop hangs after applications has been running for more than 10 days (ESX-based grids only).
  8. SCR 7666 where an unnecessary error message is printed when a packet is dropped by a network queue.
  9. SCR 6169 where Windows appliances fail to start after the hostname is changed.
  10. SCR 7658 where not all of the physical disks of the servers are utilized upon grid creation.
  11. SCR 7667 where upon a server reboot Xen leaves behind large files that are never deleted.

The resolution to the above SCRs affects grid servers that use any of the following hardware:

  1. Broadcom NetXtreme II 1 Gigabit Ethernet controller chipsets BCM5706/BCM5708/5709/5716
  2. Broadcom NetXtreme II 10 Gigabit Ethernet controller chipsets BCM57710/BCM57711/BCM57711E/BCM57712
  3. ServerEngines Corp. Emulex OneConnect 10Gb NIC (be3) (rev 01)
  4. Devices supported by Intel e1000e NIC driver:
  1. Dell PowerEdge RAID Controller (PERC) H200 disk controller
  2. Dell PowerEdge C6200 Server
  3. HP DL380 with Smart Array G6 P410i disk controller

This hotfix resolves the following Xen Security Advisories:

XSA-6 HVM e1000, buffer overflow.

XSA-7 64-bit PV guest privilege escalation vulnerability.

XSA-8 Guest denial of service on syscall/sysenter exception generation.

XSA-9 PV guest host Denial of Service.

XSA-11 HVM guest destroy p2m teardown host DoS vulnerability.

XSA-12 Hypercall set_debugreg vulnerability.

XSA-13 Hypercall physdev_get_free_pirq vulnerability.

XSA-14 XENMEM_populate_physmap DoS vulnerability.

XSA-16 PHYSDEVOP_map_pirq index vulnerability.

XSA-17 Qemu VT100 emulation vulnerability.

XSA-19 Guest administrator can access qemu monitor console.

XSA-20 Timer overflow DoS vulnerability.

XSA-21 pirq range check DoS vulnerability.

XSA-22 Memory mapping failure DoS vulnerability.

XSA-23 Unhooking empty PAE entries DoS vulnerability.

XSA-24 Grant table hypercall infinite loop DoS vulnerability.

XSA-25 Xen domain builder Out-of-memory due to malicious kernel/ramdisk.

XSA-26 Grant table version switch list corruption vulnerability.

XSA-27 several HVM operations do not validate the range of their inputs.

XSA-28 HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak.

XSA-29 XENMEM_exchange may overwrite hypervisor memory.

XSA-30 Broken error handling in guest_physmap_mark_populate_on_demand().

XSA-31 Several memory hypercall operations allow invalid extent order values.

Note: df8975 obsoletes distro hotfix df7588. df8975 also includes hf8114, hf8017 and hf7791. If the distro hotfix df8975 is installed there is no need of installing hotfix hf7694.

Note: In contrast to a normal hotfix that is applied to a CA AppLogic® grid after it is created, a distribution hotfix is applied to the CA AppLogic® distribution image used to create grids. Because this is a distribution hotfix, the installation procedure is different than a standard hotfix. Therefore, this hotfix does not need to be re-applied unless the CA AppLogic® 3.5.19 distribution image is re-imported into the BFC.

This hotfix is only for <prodcutname> 3.5.19 distributions.

Installation

After using BFC to download the new hotfix df8975, login as root to the BFC server and do the following:

If you installed the BFC in the default install location (/opt/bfc), run the following command: 

/opt/bfc/bin/apply-version-hotfix -v 3.5.19 -f <download directory>/3.5.19/applogic-3.5.19-df8975-part1.2.tar.bz2

If you installed the BFC in an alternate location, run the following command: 

<non-standard BFC install location>/apply-version-hotfix -v 3.5.19 -f <download directory>/3.5.19/applogic-3.5.19-df8975-part1.2.tar.bz2

Note: <download directory> is the download directory that was specified during the BFC installation. It is also found in the BFC Administration GUI under the Versions tab.

CA AppLogic Distribution Updates

df8975 makes following updates to the CA AppLogic® distro (BFC imported CA AppLogic® distro directory)

  1. df8975 updates the following rpms:
    1. xen/linux-3.2.2-35.xen0.i386.rpm
    2. xen/linux-firmware-3.2.2-35.xen0.i386.rpm
    3. xen/hoop-1.1.12-3.2.2x35.xen0.i386.rpm
    4. xen/sd_filter-3.1.1-3.2.2x35.xen0.i386.rpm
    5. xen/vnp-3.0.6-3.2.2x35.xen0.i386.rpm
    6. xen/xen-4.1.2-11.el5.i386.rpm
    7. VRM rpm in the “xen”, “vmware” and “rpms_common” directories

    For CA AppLogic® 3.5.19 the new vrm is vrm-1.9.37-4.el5.i386.rpm

  2. df8975 updates server image files in images/GridOS/<version>/
  3. df8975 updates aldo to version 3.5.1.5 - rel-ald-3.5.1.5.tar.bz2

Hotfix hf7596

This hotfix resolves an issue in CA AppLogic® 3.5.19 where servers with very large data volumes can fail on reboot or upgrade due to a filesystem check running the server out of memory (SCR 7596).

hf7596 is a mandatory hotfix for CA AppLogic® 3.5.19. This hotfix cannot be used with other versions of CA AppLogic®. This hotfix modifies files on the grid servers. The hotfix takes effect immediately upon successful installation (no reboot is required).

This hotfix should be re-applied to a 3.5 grid before upgrading to a newer release, in order to ensure that the fsck problem does not happen during the upgrade process.

Hotfix hf8096

Hotfix hf8096 is a mandatory hotfix for CA AppLogic® version 3.5.19. hf8096 resolves following SCR:

hf8096 also resolves following Xen security vulnerabilities:

This hotfix resolves the following Xen Security Advisories:

XSA-6 HVM e1000, buffer overflow.

XSA-7 64-bit PV guest privilege escalation vulnerability.

XSA-8 Guest denial of service on syscall/sysenter exception generation.

XSA-9 PV guest host Denial of Service.

XSA-11 HVM guest destroy p2m teardown host DoS vulnerability.

XSA-12 Hypercall set_debugreg vulnerability.

XSA-13 Hypercall physdev_get_free_pirq vulnerability.

XSA-14 XENMEM_populate_physmap DoS vulnerability.

XSA-16 PHYSDEVOP_map_pirq index vulnerability.

XSA-17 Qemu VT100 emulation vulnerability.

XSA-19 Guest administrator can access qemu monitor console.

XSA-20 Timer overflow DoS vulnerability.

XSA-21 pirq range check DoS vulnerability.

XSA-22 Memory mapping failure DoS vulnerability.

XSA-23 Unhooking empty PAE entries DoS vulnerability.

XSA-24 Grant table hypercall infinite loop DoS vulnerability.

XSA-25 Xen domain builder Out-of-memory due to malicious kernel/ramdisk.

XSA-26 Grant table version switch list corruption vulnerability.

XSA-27 several HVM operations do not validate the range of their inputs.

XSA-28 HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak.

XSA-29 XENMEM_exchange may overwrite hypervisor memory.

XSA-30 Broken error handling in guest_physmap_mark_populate_on_demand().

XSA-31 Several memory hypercall operations allow invalid extent order values.

Note: hf8096 obsoletes hf8017, hf7759 and hf7611. hf8096 is only for Xen-based grids and does not affect ESX-based grids. This hotfix is only for CA AppLogic® 3.5.19 Xen-based grids (and may not be used with any other CA AppLogic® version). This hotfix replaces files on the servers of the grid. Therefore, a grid reboot is required after applying this hotfix. If this hotfix is installed using BFC, on a grid and afterwards a new server is added to the grid, this hotfix is automatically installed on the newly added server; however the newly added server must be rebooted for the hotfix to take effect. If hf8096 is installed during the grid creation process, the grid needs to be rebooted after the grid creation has completed in order for the hotfix to take effect.