Bug ID 509284: Improved reliability of a module interfacing with HSM

Last Modified: Apr 28, 2025

Affected Product(s):
BIG-IP GTM, LTM, MA-VE, TMOS, vCMP(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8

Fixed In:
12.0.0, 11.6.1

Opened: Feb 25, 2015

Severity: 2-Critical

Symptoms

Assuming that tmm has crashed and auto-restarted, traffic may stop for profiles with HSM keys.

Impact

Encrypted traffic will not be processed, even after daemons restart.

Conditions

This can occur when using HSM keys, and TMM crashes.

Workaround

Restart TMM, e.g. with 'bigstart restart tmm pkcs11d'

Fix Information

Fixed a race condition that may prevent proper initialization of an inter-process communication between TMM and pkcs11d.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips