Beginning with the SPARC T7 and SPARC M7 servers, the Silicon Secured Memory (SSM) and data analytics accelerators (DAX) features are available on SPARC based systems. SSM is sometimes called Application Data Integrity (ADI). To aid in migration of kernel zones to and from earlier systems, SSM and DAX are not enabled in a kernel zone by default, even if SSM or DAX is available on the host system.
To use these features in a kernel zone that is running Oracle Solaris 11.3, enable them by using the host-compatible property:
To enable only SSM, set host-compatible=adi.
To enable DAX, virtual address masking (VA masking), and SSM, set host-compatible=level1.
To migrate a kernel zone to an earlier SPARC based system or earlier version of Oracle Solaris software where SSM or DAX is not available, before you begin the migration you must first make the following configuration changes:
Set the host-compatible property to a compatible value, or clear the property to enable the zone to work in the target system's environment.
Set the cpu-arch property to migrate to an earlier SPARC based system. See Specifying a CPU Migration Class for SPARC Kernel Zone Warm and Live Migration for more information.
You can use the host-compatible modifier to enable other release-specific features. See solaris-kz SPARC Only: Kernel Zone Migration Class and Host Compatibility Level in Oracle Solaris Zones Configuration Resources for more information.
Example 19 Enabling SSM in a Kernel ZoneThe following example checks whether the host-compatible property is set in the kzone1 kernel zone, then sets the property to adi and boots the zone. Note that the info subcommand displays no information for a property that is not explicitly set, even when the property has a default value.
global$ zonecfg -z kzone1 zonecfg:kzone1> info host-compatible zonecfg:kzone1> set host-compatible=adi zonecfg:kzone1> exit global$ zonecfg -z kzone1 bootExample 20 Attempting to Enable SSM in a Kernel Zone on a System Without SSM
The following example shows an attempt to enable SSM in a kernel zone on a SPARC T5 system, which does not support SSM. The error is not detected until you boot the kernel zone.
global$ zonecfg -z kzone1 zonecfg:kzone1> set host-compatible=adi zonecfg:kzone1> exit global$ zonecfg -z kzone1 boot zone 'kzone1': error: modifier adi not supported by migration class SPARC-T5Example 21 Enabling DAX in a Kernel Zone
This example shows by the lack of output that the host-compatible property is not set on kernel zone kzone1, sets the property to level1 to enable DAX, VA masking, and SSM, and boots the zone.
global$ zonecfg -z kzone1 zonecfg:kzone1> info host-compatible zonecfg:kzone1> set host-compatible=level1 zonecfg:kzone1> exit global$ zonecfg -z kzone1 bootExample 22 Clearing the host-compatible Property to Enable Migration to Earlier Systems
This example clears the host-compatible property on kernel zone kzone1 then reboots the zone. Note that you must also reset the cpu-arch property, as described in Specifying a CPU Migration Class for SPARC Kernel Zone Warm and Live Migration, before you can migrate the kernel zone to a target host system that does not support features such as SSM.
global$ zonecfg -z kzone1 clear host-compatible global$ zoneadm -z kzone1 reboot