Manualshelf

Encrypted Volume and File System v1.1 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX Encrypted Volume and File System Software
12345678910
automatically retrieve stored passphrases and use the passphrases to execute EVFS
commands.
CAUTION: Stored passphrases provide convenience, but they are security risks.
New and Changed Features in This Release
HP-UX EVFS version 1.1 is supported on HP-UX 11i v2 and 11i v3. This version of HP-UX EVFS
includes the following new features:
DLKM Support
This version of EVFS is DLKM aware. The kernel module of EVFS can be loaded into the
running kernel without needing to rebuild or reboot. The kernel module can also be unloaded
on demand from the running kernel without needing to rebuild or reboot the system.
In-line Encryption
This feature allows migration of an existing volume with clear-text data into an EVFS
managed encrypted volume without doubling the amount of storage. Inline encryption is
handled offline, and the volume is not accessible during the process until the entire operation
is completed.
Kernel Tracing
The evfsadm trace command traces and captures EVFS kernel code flow information in
order to facilitate debugging and analysis on a live system. This command is intended for
use by support personnel only. HP does not support this feature on Customer Environments.
Large I/O performance
EVFS performance for large I/O requests is increased by the implementation of simultaneous
data processing.
LVM DLO Support
LVM version 2.0 with DLO is supported by this release of EVFS on 11i v3.
Serviceguard A.11.18 Support
Serviceguard A.11.18 is supported by this release of EVFS on 11i v2 Update 2 and 11i v3.
Maximum Number of Volumes Support
The maximum number of volumes which can be mapped to EVFS supported by this release
is 1023, an increase from 127.
Known Problems and Limitations
The EVFS product has the following limitations:
EVFS operates with LVM, VxVM and physical volumes only. Each EVFS volume is mapped
to an underlying LVM, VxVM or physical volume.
You enable EVFS encryption and decryption for an EVFS volume as a single unit. When
you enable EVFS encryption and decryption for a volume, EVFS encrypts and decrypts the
data blocks as the blocks are accessed, and all read operations through the EVFS volume
receive decrypted data as output, and users can access individual files in cleartext. You must
use normal HP-UX file system permissions and access control to restrict access to the data.
You cannot encrypt the following objects:
— Files or disk areas used during system boot. This includes the following objects:
the root file system (/)
the HP-UX kernel directory (/stand)
the /usr directory
6