A fix is available
APAR status
Closed as program error.
Error description
************************************************************** * USERS AFFECTED: * Systems running the AIX 7200-05 Technology Level with * any of the following filesets at or between the given levels: * MIN MAX FILESET * 7.2.5.0 7.2.5.102 bos.hdcrypt * 7.2.5.0 7.2.5.200 security.acf ************************************************************** * ERROR DESCRIPTION: * For logical volumes encrypted on a system without IJ35178 * applied (referred to as 'Version 0' encrypted LVs), changing * theá in_core_enabled settingáwith theáacfo command can result * in garbage data being read from or written to the LV due to a * difference in the encryption/decryption method used with * in_core_enabled. This behavior can cause file systems to * fail to mount, or applications that use raw LVs to fail to * run.á Reverting to the original in_core_enabled setting used * when the LV was first encrypted restores access to the LV * data. * * To determine the version of an encrypted LV, run the * following command: * * hdcryptmgr showmd <lv_name>á * * ..... * ..... á áTue Oct á5 00:52:35 2021 * ..... á áDevice type : LV * ..... á áDevice name : fslv00 * ..... * =============== B: LV HEADER ==Ýminor: á 1¨== * Version á á á á á á á á á á á: 0 * MasterKey á á á á á á á á á á: Defined * MasterKey size á á á á á á á : 32 bytes * Encryption status á á á á á á: Fully encrypted * Data crypto algorithm á á á á: AES_XTS * =============== E: LV HEADER ================ * ... * * For systems with encrypted LVs, we recommend installing a * fix for IJ35178 as soon as possible to ensure newly * encrypted LVs are created by using the new encryption * method (referred to as 'Version 1'), which is compatible * with both in_core_enabled settings. * * To allow toggling between in_core_enabled settings and * maintain future compatibility, after installing the fix, we * recommend any 'Version 0' volumes be decrypted and * encrypted again, becoming 'Version 1' volumes, with the * following commands: * * 1. hdcryptmgr crypt2plain <lv_name> * 2. hdcryptmgr plain2crypt <lv_name> ************************************************************** * RECOMMENDATION: * Install APAR IJ35178. * Prior to fix availability, an interim fix is available from * either * ftp://aix.software.ibm.com/aix/ifixes/ij35178/ * https://aix.software.ibm.com/aix/ifixes/ij35178/ * The ifix can be installed using Live Update (LU). * If LU is not used, installation of the ifix requires a * reboot. **************************************************************
Local fix
Problem summary
Cannot mount encrypted LV after turn on in_core support
Problem conclusion
Cannot mount encrypted LV after turn on in_core support
Temporary fix
********* * HIPER * *********
Comments
APAR Information
APAR number
IJ35178
Reported component name
AIX V7.2
Reported component ID
5765CD200
Reported release
720
Status
CLOSED PER
PE
NoPE
HIPER
YesHIPER
Submitted date
2021-09-27
Closed date
2021-09-27
Last modified date
2022-01-05
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
IJ35392 U891313
Fix information
Fixed component name
AIX V7.2
Fixed component ID
5765CD200
Applicable component levels
R720 PSY U891313
UP21/12/06 I 1000 Ž
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSVEF8"},"Platform":[{"code":"PF053","label":"Power Systems"}],"Version":"720","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]
Document Information
Modified date:
06 January 2022