Patch-ID# 114795-05 Keywords: driver panics vca kcl2 dr kernel memory exhaustion security Synopsis: Crypto Accelerator 4000 - 1.0: product patch Date: Feb/24/2004 Install Requirements: Reboot after installation See Special Install Instructions Solaris Release: 8 9 SunOS Release: 5.8 5.9 Unbundled Product: Sun Crypto Accelerator 4000 Unbundled Release: 1.0 Xref: Topic: Relevant Architectures: sparc BugId's fixed with this patch: 4753295 4820974 4822939 4823230 4823233 4823545 4828432 4833519 4833813 4834297 4838176 4840188 4840280 4843217 4850436 4854556 4864781 4868456 4869196 4876257 4876377 4877380 4878217 4879250 4884651 4886020 4888831 4927524 4956199 4957889 4996805 Changes incorporated in this version: 4996805 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /etc/init.d/vca /kernel/drv/kcl2 /kernel/drv/sparcv9/kcl2 /kernel/drv/sparcv9/vca /kernel/drv/vca /kernel/drv/vca.conf /opt/SUNWconn/cryptov2/firmware/sca4000fw /opt/SUNWconn/cryptov2/lib/algorithms/des.so /opt/SUNWconn/cryptov2/lib/algorithms/isa/sparcv8plus/des_isa.so /opt/SUNWconn/cryptov2/lib/libkcl.so.1 /opt/SUNWconn/cryptov2/lib/rcm/SUNW,vca /opt/SUNWconn/cryptov2/lib/sparcv9/algorithms/des.so /opt/SUNWconn/cryptov2/lib/sparcv9/algorithms/isa/sparcv9/des_isa.so /opt/SUNWconn/cryptov2/lib/sparcv9/libkcl.so.1 /opt/SUNWconn/cryptov2/sbin/vcadiag Problem Description: 4996805 Fix for BugID 4993141 needs to be backported to Venus 1.0 (from 114795-04) 4927524 kernel exhaustion after many jobs (version 2.0) 4957889 kcl_hold_key() attempts to lock mutex just destroyed (VCA) 4956199 kcl_hold_key() attempts to lock mutex just destroyed by kcl_release_cred() (from 114795-03) 4888831 System with ike/venus keystore panics when running tests over venus interface 4879250 Firmware changes for FIPS 140-2 level 3 certification 4876377 Must have test for stuck HW random number generator in FIPS mode 4884651 Fault LED not lit on self test failures for firmware crypto algorithms 4886020 Number of security officers not initialized in keystore (from 114795-02) 4753295 Caching of HW non-implementation could improve performance 4854556 kernel memory exhaustion after many jobs 4877380 Work around for system hang on boot (4860042) 4878217 Hashing large file causes a segfault 4864781 Caching of HW non-implementation for performance (vca) 4876257 libkcl send a small job to HW when the operation is multi-part 4868456 Non-Sensitive session keys should be created in KCL on use 4869196 Maintain pool of digest buffers (from 114795-01) 4833519 Dupicated IP when IPMP is used 4840188 Oversized Chinese Remainder Theorem numbers wedge Venus HW 4820974 rcm script error when unconfigure a card 4822939 stale job(s) found in ring when running ttcp with Sunvts on Venus 4834297 driver panics in vca_ksupdate when doing unconfigure/configure with IPMP 4838176 Panic occurs if objects are deleted while in use. 4823230 Firmware support for kti authentication 4823233 Driver support for kti authentication 4840280 Reboot hang 4843217 configure wait forever on venus card 4833813 Large jobs are not drained properly 4850436 DSA keypair generation puts card in FAILED state 4823545 Venus failed to resume on DR system boards 4828432 failed to unconfigure: device busy Patch Installation Instructions: -------------------------------- For Solaris 8 and 9 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/109715-01 The following example removes a patch from a standalone system: example# patchrm 109715-01 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- Reboot the system to load newly installed driver. README -- Last modified date: Tuesday, February 24, 2004