Troubleshooting
Problem
Potential Solaris kernel conflict when running Trendmicro Deep Security Agent and Guardium STAP on the same Solaris server.
Reboot happens when these conditions are met.
1. Guardium installed
2. TrendMicro installed
3. Reboot triggers when Real Time SCAN of TrendMicro Ends.
2. TrendMicro installed
3. Reboot triggers when Real Time SCAN of TrendMicro Ends.
Note: The order of installation doesn't matter.
Symptom
Potential operating system crash
Cause
The crash is caused by a NULL pointer of inode->i_pipe in pipe_release. It is a hook conflict between Guardium and Trendmicro. Both hook the same system call.
Resolving The Problem
To avoid the issue, Trendmicro provided workaround to avoid hooking from both sides.
Workaround :
1. Disable Deep Security Anti-Malware filesystem hooking
2. $ echo "/opt/ds_agent/lib/libvmpd_dsa_rtscan.so=rtscan_hook_enable=1,rtscan_hook_kern_method=2" > /var/opt/ds_agent/am/ds_am.ini
3. $ svcadm restart ds_agent
Note: Step 2, path to ds_am.ini may vary depending on the installation location of the DS agent.
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB76","label":"Data Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m0z000000Gp0IAAS","label":"STAP"}],"ARM Case Number":"","Platform":[{"code":"PF027","label":"Solaris"}],"Version":"10.0.0;10.0.1;10.1.0;10.1.2;10.1.3;10.1.4;10.5.0;10.6.0;11.0.0;11.1.0;11.2.0;11.3.0;11.4.0;11.5.0;12.0.0;12.1.0;12.2.0;8.0.1;8.2.0;9.0.0;9.1.0;9.5.0"}]
Was this topic helpful?
Document Information
Modified date:
30 October 2025
UID
ibm17249620