OBSOLETE Patch-ID# 138888-01

	*********************************************************************
	NOTE: This patch may contain one or more OEM-specific platform ports.
	      See the appropriate OEM_NOTES file within the patch for
	      information specific to these platforms.
	      DO NOT INSTALL this patch on an OEM system if a corresponding
	      OEM_NOTES file is not present (or is present, but instructs not
	      to install the patch), unless the OEM vendor directs otherwise.
	*********************************************************************

5086678 can't remove interface from IPMP group in some cases
5106149 fs_fab_acl sets incorrect OTHER_OBJ/CLASS_OBJ values
6261101 VAC alias handling code should be compiled out for sun4v
6309233 GLDv3 drivers incorrectly process VLAN packets in raw mode
6343194 sendfile can cause deadlock in filesystems
6388567 VAC flushing is broken on US III-IV+ for large pages
6425678 DL_PROMISC_SAP should make all VLAN traffic visible on physical GLDv3 links
6434130 i_dls_ether_header() doesn't generate VLAN header when priority is non-zero
6434606 getfacl/setfacl of files/dirs over NFSv4 with ZFS underneath fail
6436003 QoS should be supported on non-VLAN streams as well
6442753 GLDv2/GLDv3 has several VLAN packet processing issues
6447334 sfmmu_kpm_vatopfn incorrectly returns -1
6457375 unable to halt zone when interface plumbed with 0.0.0.0 (IPMP)
6462857 panic in sendvec64()
6464397 mac_header_{cook,uncook}() failure can cause a message to be freed twice
6478933 IRE_LOOPBACK interface routes should be blackholes
6502013 kernel heap corruptions have been seen during I/O stress test on domain0
6506052 deadlock between cageout thread and thread with KM_NOSLEEP
6507173 sockets should allocate minor numbers from higher order arena
6526499 interfaces in IPv6-only IPMP group can't get back to normal after link down/up cycle
6527579 port_dissociate() does not indicate whether fd was associated
6529822 Syncq gets stuck and network performance degradation occurs intermittently
6530447 fix for 6502013/6527579 causes recursive mutex_enter
6532455 zones with ip-type exclusive IP instances can't autoboot
6556029 assertion failed: zone->zone_max_swap >= swap, file: ../../common/os/rctl.c, line: 3037
6606222 parsing tunnel parameters should be more robust
6638327 IRE with RTF_BLACKHOLE set can still return ICMP_UNREACHABLE in forwarding path
6649625 MPxIO not trying on all available paths on device and path failures to storage
6656657 ASSERT failure in ip_fast_forward() caused by uninitialized return action
6662807 Solaris Host Does not process multicast echo request packet with Hop by Hop options header
6672470 looping within uiomove()/xcopyout()/copyout_move()
6676148 zone boot hung, many processes hung in kern_preprom wait
6686086 system call numbers in /etc/name_to_sysnmum should be range checked
6692373 ptree and ps -ef hang during stress test
6700064 certain T5440 CMP/Memory configs won't boot
6704820 panic in ipsec_check_ipsecin_action during tcp_close
6707987 kpm has some VAC handling issues
6711501 all segop callers should call anon_resv_zone instead of anon_resv
6722014 T5440 plcnt plc_mt_pgmax != 0 assertion failure running with "small chunk allocations"
6743565 bugix 6704820 has inverted boolean --> makes IPsec go boom!
6743891 KU rejuvenation post S10 Update Release 6
 
(from 138106-02)
 
6724924 memory leak plugging subverted ASN.1 printing functionality in ikeadm/ipseckey
 
(from 138106-01)
 
6658263 ipseckey and ikeadm don't print ASN.1 ID values
 
(from 128340-01)
 
        This patch revision accumulates generic Sustaining patch 
        126264-01 into Solaris Update S10U5 release.
 
(from 126264-01)
 
6608507 in.iked initiator sets UDP encap mode in transport mode even when there is no NAT
6620028 in.iked does not offer IPSEC_CLASSES_KEY_LENGTH attr for AES in P2 proposals with weak crypto
 
(from 137278-01)
 
        This patch revision accumulates generic Sustaining patch
        137106-01 into Solaris S10U5 Update.
 
(from 137106-01)
 
6629735 file descriptor leak causes ipsecconf to core dump with many rules
6629812 ipsecconf can core dump when it can't open its internal policy file
 
(from 138850-01)
 
        This patch revision accumulates generic Sustaining patch
        138114-01 into Solaris Update S10U6 release.
 
(from 138114-01)
 
6564477 set_up_connection() doesn't not handle return values of t_connect() properly.

--------------------------------
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' scripts provided with Solaris.
 
The following example installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/123456-78
 
The following example removes a patch from a standalone system:
 
       example# patchrm 123456-78
 
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.

-----------------------------
 
NOTE 1:  Before installing this patch, please be sure to install the
         latest patch utilities patches for your OS. This list of
         patches is defined at - http://sunsolve.sun.com
 
         Please use the pull down list which appears after the text:
         "Latest Patch Update: To ensure the correct functioning of
         the patching utilities on your system, stay up to date on
         the following patches"
 
NOTE 2:  Installation of this patch should be preformed in single user mode.
 
NOTE 3:  A reconfiguration boot, boot -r, must be completed after patch
         installation or patch removal.
 
NOTE 4:  This NOTE for patching the miniroot is lifted from README.137137-09, 
         and incorporated into this README, as advised by Channing Lovely,
         12/02/2008.
 
         When patching a miniroot, the following patches are required:
            119254-59
            138866-01
            119252-26
            124628-08
            124630-19
            138888-01 (this patch)
 
         In the example below we assume a s10u5 (5/08) miniroot is being
         patched.  This miniroot is in the /export/u5 directory and the
         patches are located in /var/tmp:
 
         1. Set the PKG_NONABI_SYMLINKS variable to true:
 
            # PKG_NONABI_SYMLINKS="true"
            # export PKG_NONABI_SYMLINKS
 
         2. Apply all required patches (listed above), using syntax similar
            to the following example for patch 119254-59:
 
            # patchadd -C /export/u5/Solaris/Tools/Boot /var/tmp/119254-59
 
         3. Modify the repository within the miniroot:
 
            # SVCCFG_REPOSITORY=/export/u5/Solaris_10/Tools/Boot/etc/svc/repository.db
            # export SVCCFG_REPOSITORY
            # svccfg -s system/manifest-import setprop start/exec = :true
            # svccfg -s system/filesystem/usr setprop start/exec = :true
            # svccfg -s system/identity:node setprop start/exec = :true
            # svccfg -s system/device/local setprop start/exec = :true
            # svccfg -s network/loopback:default setprop start/exec = :true
            #svccfg -s network/physical:default setprop start/exec = :true
            # svccfg -s milestone/multi-user setprop start/exec = :true
 
         4. Build the updated miniroot:
 
            # /export/u5/Solaris_10/Tools/Boot/boot/solaris/bin/root_archive  \
              packmedia /export/u5 /export/u5/Solaris_10/Tools/Boot
 
            At this stage /export/u5 is a patched 10/08 miniroot with 138888-01.
 
            To copy this miniroot to an install server use the following command:
 
            # /export/u5/Solaris_10/Tools/setup_install_server