A fix is available
APAR status
Closed as program error.
Error description
Volume encryption keys managed by the Tivoli Storage Manager server (Application Managed Encryption) can be overwritten under certain circumstances after a storage agent or library client mount failure(ANR1401W). . This problem can occur in environments with a device class enabled for Application Managed Encryption(TSM) using the DRIVEENCRYPT=ON option, in which volumes are used for LAN-free activity. . Any encrypted volume that has had it's encryption key lost or overwritten cannot be read without that key. . In addition to resolving the root cause of this problem, additional defensive code will be implemented to prevent existing keys from being overwritten before the volume returns to scratch. . Customer/L2 Diagnostics: A valid volume encryption key can be overwritten within the TSM database under the following conditions: . 1. Application managed encryption enabled for the device class using the DRIVEENCRYPT=ON option. 2. ANR1401W mount failure occurs during lan-free activity(i.e. storage agent backup) for the encrypted volume: . ANR1401W (Session: 1, Origin: STA1) Mount request denied for volume AC0006L4 - mount failed. (SESSION: 1) . After this failure, the encryption key is at risk of being overwritten with a blank (empty) key. If this occurs, any subsequent data will be written to the volume with a trivial encryption key. This may cause an ANR8507W message to be printed to the activity log, which can be another symptom of this issue: . ANR8507W Volume AC0006L4 is using an encryption key that is not unique and therefore is not secure. (SESSION: 99999, PROCESS: 99) . Externally, the most visible symptom of this issue will likely be encryption related failures reported by the drive during any read operation for the volume. For example: . ANR8302E I/O error on drive DRIVE01 (/dev/drive1) with volume AC0006L4 (OP=READ, Error Number=13, CC=0, KEY=07, ASC=EF, ASCQ=10, SENSE=F0.00.07. 00.04.00.00.58.00.00.00.00.EF.10.30.00.11.03. A1.00.00.01.42.43.30.30.32.36.4C.00.00.00.07. D8.13.00.00.00.00.00.80.08.60.00.00.00.00.00. 05.00.00.00.00.00.00.00.00.00.00.00.00.00.00. 00.00.00.00.00.00.00.00.00.00.00.00.00.00.00. 00.00.00.00.00.00.00.00.38.39.42.32.00.00.00. 00.00.00, Description=An undetermined error has occurred). Refer to Appendix C in the 'Messages' manual for recommended action. (SESSION: 99999, PROCESS: 99) . The important part of this message are the ASC/ASCQ codes. If the ASC is EF and the ASCQ is 10, it indicates an encryption related I/O error during the read operation. . Initial Impact: High. . Tivoli Storage Manager Versions Affected: 5.4, 5.5, and 6.1 Tivoli Storage Manager server's using Application Managed Encryption for supported encryption capable devices. . Additional Keywords: TSM ENCRYPTION AME ASC=EF ASCQ=10 ANR8302E ANR1401W KEY KEYS 57988 57988A ANR8507W MSGANR8507W MSGANR8302E MSGANR1401W .
Local fix
1. Disable AME encryption completely until the fixing level can be applied to prevent new volumes from being impacted. 2. Disable AME encryption for LAN-FREE drive paths. This problem does not impact LAN-based backups to tape.
Problem summary
**************************************************************** * USERS AFFECTED: All Tivoli Storage Manager servers acting as * * * * a database server to a storage agent that * * use the device class option DRIVEENCRYPT=ON. * **************************************************************** * PROBLEM DESCRIPTION: See ERROR DESCRIPTION. * **************************************************************** * RECOMMENDATION: Apply fixing level when available. This * * problem is currently projected to be fixed * * in levels 5.4.5.2, 5.4.6, 5.5.4.1, 5.5.5, * * and 6.1.3. Note that this is subject to * * change at the discretion of IBM. * **************************************************************** *
Problem conclusion
See Flash: www-01.ibm.com/support/docview.wss?uid=swg21413031 Affected platforms: AIX, HPUX, Linux, Solaris, Windows
Temporary fix
Comments
APAR Information
APAR number
IC64914
Reported component name
TSM SERVER
Reported component ID
5698ISMSV
Reported release
55A
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2009-12-01
Closed date
2009-12-17
Last modified date
2009-12-17
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
TSM SERVER
Fixed component ID
5698ISMSV
Applicable component levels
R53A PSY
UP
R53H PSY
UP
R53L PSY
UP
R53S PSY
UP
R53W PSY
UP
R54A PSY
UP
R54H PSY
UP
R54L PSY
UP
R54S PSY
UP
R54W PSY
UP
R55A PSY
UP
R55H PSY
UP
R55L PSY
UP
R55S PSY
UP
R55W PSY
UP
R61A PSY
UP
R61H PSY
UP
R61L PSY
UP
R61S PSY
UP
R61W PSY
UP
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGSG7","label":"Tivoli Storage Manager"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"55A","Edition":"","Line of Business":{"code":"LOB26","label":"Storage"}}]
Document Information
Modified date:
17 December 2009