PTF MH01725 and MH01726 Readme Hardware Management Console Readme For use with Version 8 Release 8.7.0 Updated: 22 January 2018 (C) Copyright International Business Machines Corp., 2018 All rights reserved. Contents The information in this Readme contains fix list and other package information about the Hardware Management Console. * Terminology <#terminology> * PTF MH01725 <#MH01725> * PTF MH01726 <#MH01726> * Enhancements and new function <#enhance> * Known issues <#known> * Security fixes <#security> * General fixes <#fixes> * Installation <#install> * PowerVM in Social Media <#powervm> Terminology *x86* - This term is used to reference the legacy HMC that runs on x86/Intel/AMD hardware for both the 7042 Machine Type appliances and the Virtual HMC that can run on the Intel hypervisors (KVM, VMWare, Xen). *ppc64 or ppc64le* - describes the Linux code that is compiled to run on Power-based servers or LPARS (Logical Partitions) PTF MH01725 Service Pack 1 for HMC V8 R8.7.0 - for 7042 Machine Type This package represents a service pack image that can be used to update your HMC from HMC V8 R8.7.0 to HMC V8 R8.7.0 Service Pack 1. You can also reference this package by PTF MH01725 and APAR MB04113. This image _must_ be installed on top of HMC Version 8 Release 8.7.0 Recovery installation PTF MH01704 _with_ mandatory PTF MH01706 installed. *Note:* Service packs are cumulative and as such will include all the fixes for the PTFs released up to and including the last service pack(s) for this HMC version. Please read the individual Readme files for each PTF to see the list of fixes. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# HMC_Update_V8R870_SP1_x86.iso 2478442496 9bbb37d13516432e903e0e5f4541a7846db30180 MB04113 MH01725 Splash Panel information (or lshmc -V output) version= Version: 8 Release: 8.7.0 Service Pack: 1 HMC Build level 1712090351 MH01725 - HMC 870 Service Pack 1 Release [x86_64] ","base_version=V8R8.7.0 " PTF MH01726 Service Pack 1 for HMC V8 R8.7.0 - for 7063 Machine Type This package represents a service pack image that can be used to update your HMC from HMC V8 R8.7.0 to HMC V8 R8.7.0 Service Pack 1. You can also reference this package PTF MH01726 and APAR MB04114. This image _must_ be installed on top of HMC Version 8 Release 8.7.0 Recovery installation PTF MH01705 _with_ mandatory PTF MH01707 installed. *Note:* Service packs are cumulative and as such will include all the fixes for the PTFs released up to and including the last service pack(s) for this HMC version. Please read the individual Readme files for each PTF to see the list of fixes. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# HMC_Update_V8R870_SP1_ppc.iso 2434471936 edb379263af8d9da322dce43ae15de592dc4a7e1 MB04114 MH01726 Splash Panel information (or lshmc -V output) "version= Version: 8 Release: 8.7.0 Service Pack: 1 HMC Build level 1712090351 MH01726 - HMC 870 Service Pack 1 Release [ppc64le] ","base_version=V8R8.7.0 " Enhancements and new function * Added new functionality to collect on premise Net Promoter Score (NPS) for Power Systems. * Added support for configuring IBM i virtual I/O server adapters to the GUI. * Enhanced the Geographically Dispersed Resiliency (GDR) function, where you can configure the memory, processor, vlan and vswitch resources, such that you can move the virtual machines from the source host to the target host even when the target host does not have the same quantity of memory and processor resources as the source host. * The following commands have been enhanced to support setting and displaying the physical page table (PPT) ratio for dedicated memory partitions: *chsyscfg*, *lssyscfg*, *mksyscfg* and *lshwres*. A minimum server firmware level of 860.20 is required to use this support. * Enhanced Logical Partition Virtual network management to support attach or detach of multiple Virtual Ethernet Adapters * Enhanced Logical Partition deletion operation to clean up associated server mappings * Added support for Physical Processor Pool utilization metrics available under PCM raw, processed & aggregated metrics REST APIs. *Known issues* * "lshmc –V" output will show previously installed PTF details (MH01706) when the user installs MH01706 then SP1. * Due to a rare timing issue, a live kernel update operation may fail when performed concurrently with one or more other live kernel update operations due to a failure to clone the partition being updated. Errors include: /1430-024 An error occurred when requesting resources.// // 1430-045 The live update operation failed./ * Opening multiple PCM Dashboard windows for the same managed server on the same browser or different browser may lead to a communication error on the window that was opened first. This is a known issue and the support for multiple PCM Dashboard windows is planned for future release. * If the System Templates deploy fails due to the installed VIOS going to Open Firmware state, then user can open Virtual Terminal for the VIOS and execute "boot" on the Open Firmware prompt to boot the VIOS. * If after install no GUI launches, and you only see the CLI localhost login under the heading "/Base release 7.4. Dev (hmc7_4p) on an x86_64"/, it’s an indication that the HMC code is not installed, and only the Operating System has been put on disk. Causes could be that the date in UEFI is not the current date/year or DVD media issues. Set the date using the UEFI Setup Utility to be the current date and year, then attempt reinstall. Try different media if the date/year is correct. * After a partition template is captured and used to deploy another partition on the same system, if you specify “Configure Virtual Fibre Channel storage with captured information” for Virtual Fibre Channel, template deploy can pick up the adapters from a different VIOS than intended. To circumvent this problem, avoid specifying “Configure Virtual Fibre Channel storage with captured information” and choose the Virtual FC configuration as part of the deploy wizard. * Launching ASMI menu is not supported in the Safari browser. When trying continuous LPM operations of Simplified RR capable partitions, one of the operations might fail due to lock conflicts. If such a failure occurs, try the migration recovery operation to complete the failed LPM operation. * Existing custom task and resource roles may need to be modified to work with the enhanced GUI. Existing custom resource roles may result in the user being restricted to the "Getting Started" page at login. Existing task roles may result in missing tasks or task returning "The HMC information could not be displayed." For further information see http://www.ibm.com/support/docview.wss?uid=nas8N1022128 * In NIST mode: o RMC code on partition does not support two HMC connections with mixed configuration i.e. one HMC running in NIST mode and other one in non-NIST mode. Both the HMCs must be in the same mode. * In non-NIST mode: o Following ciphers are not supported although the available cipher list shows them. TLS_RSA_FIPS_WITH_3DES_EDE_CBC_SHA Note this function is fully supported for all other Power systems assuming that the appropriate HMC, firmware and PowerVM levels installed. * To ensure that the keyboard mapping is working properly for non-English keyboards, the codeset for the locale must be set to UTF-8. You can change the codeset by using the chhmc command. Example: o Set the locale to French with UTF-8 codeset for use with French keyboard: *chhmc -c locale -s modify -l fr_FR.UTF-8* o Set the locale to English with UTF-8 codeset for use with French keyboard: *chhmc -c locale -s modify -l en_US.UTF-8* * The GUI does not support disconnected sessions like the previous Classic GUI did. In the GUI a session logoff is a logoff and a session disconnect is also a logoff. This means that the user cannot reconnect to a GUI session to resume a task(s) from where it left off. Every login via the GUI creates a new session. For more details on long running tasks, please refer to the link below: http://www.ibm.com/support/knowledgecenter/POWER8/p8eh6/p8eh6_loginmode.htm * In some rare situations, especially with a Firefox browser, the user may be redirected to a second login page after login credentials have been validated. Providing the login credentials again will fail. If this issue occurs, close and relaunch the browser. If the login page locally shows "/Console internal error/" and "/The requested resource is not available/", the framework is still initializing. Wait a minute and restart the desktop on the local console using * Enabling or disabling service processor redundancy is only permitted when both primary and secondary service processors are at standby with service processor in position A as primary. The workaround is to set up service processor failover with the following command: *chsyscfg -m -r sys -i "sp_failover_enabled=1"* * When user changing IEEE value of Virtual Ethernet, "Allowed MAC" list is being changed to "Allow All". Back to top <#ibm-content> Security fixes * Fixed openssh vulnerabilities : CVE-2016-10011, CVE-2016-10009, CVE-2016-6515, CVE-2016-6210, and CVE-2016-10012 * Fixed httpd vulnerabilities: CVE-2017-9798, CVE-2017-9788, CVE-2017-7679, CVE-2017-7668, CVE-2017-3169, and CVE-2017-3167 * Fixed NSS vulnerability: CVE-2017-7805 * Disabled Client-Initiated Renegotiation to prevent DoS attack General fixes This package provides the following fixes: * Added the "Automatically Start When Managed System is Powered On" property to the partition General Properties Advanced Settings GUI. * Fixed an issue that intermittently caused the command l*ssyscfg -r lpar -m --osrefresh* to fail with the error "/HSCL1585 There was an unknown error while querying the object manager database/." * Fixed an issue that can cause the /var/log/btmp file to keep growing, which can lead to serviceable event E212E134 and the /var filesystem becoming full. This problem only occurs on HMCs that have large numbers of commands being run via ssh. * Fixed the failure with Repair & Verify on EMX0 IO Enclosure resulting in error message: "/0x0300 Failure (hard stop or user intervention required/" * Prevent call home of SRC E212E122 for a loop device mount point. * Fixed a rare problem that caused simplified remote restart capable partitions to transition into the Partial Update remote restart state and remain in that state for a long period of time. In addition, this problem caused the refdev command to fail with the error "/HSCL1585 There was an unknown error while querying the object manager database./" when run for those partitions. * Fixed a problem where the HMC LDAP "hmcgroups" settings are lost after applying a fix for V8R8.7 Service Pack 0. Impacted PTFs include MH01706 and MH01723 (x86); MH01707 and MH01724 (ppc). During the install of an impacted PTF, this problem removes the LDAP "hmcgroups" setting (if configured). This potentially allows any LDAP user to login and not just LDAP users in the specified group. If the HMC was upgraded to V8R8.7 or had the LDAP configuration added/updated prior to applying one of the impacted PTFs, the administrator should check the setting and manually restore the setting as needed. To check the "hmcgroups" current settings use the command "*lshmcldap -r config*". To modify the current setting use the command "*chhmcldap -o s --hmcgroups *". If "hmcgroups" is currently configured then an update to "V8R8.7 SP1" will not have any impact and the "hmcgroups" information will be retained. Users upgrading to Version 8 Release 8.7 should apply Service Pack 1 immediately after the upgrade skipping the earlier PTFs. * Fixed a problem where an HMC critical console data backup file created with the bkconsdata command on HMC V8 R8.7.0 or later does not include performance monitoring data even though the -i perfmon option was specified on the bkconsdata command. In addition, restoring the backup created causes Performance and Capacity Monitoring (PCM) to be disabled. If you are using PCM, discard any backups taken using the bkconsdata command on HMC V8 R8.7.0 or later. Install Service Pack 1 prior to restoring any backup. * Fixed a timing issue that caused multiple reports of serviceable event E212E151 and slow CLI and GUI response. This problem can occur when a large number of lshwres commands to retrieve virtual I/O backing device information are run causing extremely high CPU utilization by IBM.LparCmdRM. * Fixed an issue that caused Transmit Service Information files to not be deleted after transmission, which can lead to / filesystem becoming full and serviceable event E212E136. Subsequent Transmit Service Information requests may also fail. * Added a new *chhmcldap *option, *--authsearch*, to modify post-authentication search behavior. See the chhmcldap man page for additional details. * Fixed a problem preventing the Recover Partition Data task from restoring the maximum and reserved processing unit settings for shared processor pools. * Fixed an issue causing the generation and call home of SRC E3321007 after updating the HMC. This issue also can cause data collection for other call home events to fail, preventing the events from being called home or from sending the necessary data. * Fixed an issue with the GUI Add Virtual Network task where clicking the Next button when creating a new network bridge with load balancing enabled has no effect, preventing the user from being able to finish the task. * Allow the HMC local console session to start after the certificate has expired. * Fixed a problem that caused the installation of an HMC PTF to fail after being partially installed without informing the user. This problem occurs when there is insufficient space in the HMC / filesystem to perform the install. * Fixed an intermittent problem with the HMC GUI where the Operating System Shutdown and Restart options are disabled for some IBM i partitions even though the partitions support those options. * Fixed a problem where the specified profile was ignored during VIOS netboot. * Fixed a problem where the server adapter name was missing on the Adapter View of the Partition Virtual Storage GUI. Back to top <#ibm-content> Installation Installation instructions for HMC Version 8 upgrades and corrective service can be found at these locations: Upgrading or restoring HMC Version 8 Installation methods for HMC Version 8 fixes Instructions and images for upgrading via a remote network install can be found here: HMC V8 network installation images and installation instructions PowerVM in Social Media Find recent updates and information about IBM PowerVM in the following DeveloperWorks Wiki and LinkedIn Group: • PowerVM DeveloperWorks Wiki: ibm.biz/powervmwiki • PowerVM LinkedIn Group: ibm.biz/powervmgrp The PowerVM DeveloperWorks Wiki and the PowerVM LinkedIn Group facilitate direct communication between the user and the PowerVM development team. Please post your queries and comments in the IBM PowerVM LinkedIn Group . We are creating a set of FAQs based on all the queries we receive. Back to top <#ibm-content>