Encrypted Volume and File System v1.1 Release Notes HP-UX 11i v2 Update 2 and 11i v3 HP Part Number: 5992-4027 Published: May 2008 Edition: 1.
© Copyright 2008 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Table of Contents EVFS Overview.......................................................................................................................................5 New and Changed Features in This Release..........................................................................................6 Known Problems and Limitations..........................................................................................................6 Known Problems............................................................
This document provides information about the version 1.1 (A.01.01.00) release of the Encrypted Volume and File System (EVFS) product. EVFS Overview EVFS protects data by encrypting data volumes to protect data at rest – data on disks. You can also use EVFS to create encrypted backup media. EVFS prevents anyone who gains unauthorized physical access to storage media from reading or using the data.
automatically retrieve stored passphrases and use the passphrases to execute EVFS commands. CAUTION: Stored passphrases provide convenience, but they are security risks. New and Changed Features in This Release HP-UX EVFS version 1.1 is supported on HP-UX 11i v2 and 11i v3. This version of HP-UX EVFS includes the following new features: • DLKM Support This version of EVFS is DLKM aware. The kernel module of EVFS can be loaded into the running kernel without needing to rebuild or reboot.
EVFS cannot decrypt the kernel or other data before the system boots. CAUTION: Encrypting the boot disk can cause the boot disk to become unusable and prevent you from booting the system. — — Dump devices. Swap space (swap devices or file swap space). CAUTION: • Encrypting swap space can cause the system to panic. EVFS does not automatically convert existing volume data to encrypted data. To encrypt existing volume data, use the inline encryption feature in this release of EVFS.
• • The Multi Volume File System feature of Veritas, which is not supported by EVFS. EVFS is currently available in English only. Known Problems Possible Device File Collision NOTE: This problem has been fixed in HP 11i v3, and is only applicable to HP-UX 11i v2 Update 2. (SR 8606459127) Executing the newfs or mkfs command for an EVFS volume can fail on systems with components that call alloc_fake_device(), such as systems that are NFS clients.
Renaming VxVM Volumes with EVFS Enabled Makes the Volume Unusable The vxedit rename command renames a VxVM volume. The vxedit rename command has no knowledge of EVFS, so if you have a VxVM volume with EVFS enabled and then rename the volume, the mapping between the VxVM volume becomes unusable. EVFS commands fail. Symptoms The vxedit rename command will complete, but subsequent EVFS operations fail. Workaround Disable EVFS and unmap the EVFS volume before renaming the underlying VxVM volume.
PHKL_37146. HP strongly recommends that you install this patch, which fixes a defect that can cause the newfs or mkfs command for an EVFS volume to fail on systems with components that call alloc_fake_device(), such as systems that are NFS clients. See “Possible Device File Collision” (page 8) for more information. Required Software You can download software from the following Web site: http://www.hp.com/go/softwaredepot Enter EVFS into the search box at the top of the page.
