Hardware Management Console Readme *Version 10 Release 2 Maintenance 1041 (V10 R2 M1041) README* Date: 1 September 2023 (C) Copyright International Business Machines Corp., 2023 All rights reserved. Contents <#ibm-content> The information in this Readme contains the fix list and other package information about the Hardware Management Console. * Terminology <#term> * PTF MF71190 HMC V10 R2M1041.0 - for vHMC for x86_64 hypervisors (5765-VHX) <#MF71190> * PTF MF71191 HMC V10 R2M1041.0 - for 7063 Hardware or vHMC for PowerVM (5765-HMB) <#MF71191> * Enhancements <#enhance> * List of fixes <#fixes> * Known issues and limitations <#known> * Best Practices <#best> * Installation <#install> Terminology *x86* - This term is used to reference the Intel hypervisors (KVM, VMWare, Xen) on which Virtual HMC can be installed. *Note:* HMC V10R2 release for x86 is not supported on bare metal (7042 hardware appliances). * ppc64 or ppc64le* - describes the Linux code that is compiled to run on Power-based servers or LPARS (Logical Partitions) PTF MF71190 HMC V10 R2 M1041.0 - for vHMC for x86_64 hypervisors (5765-VHX) This package represents a service pack image that can be used to update the HMC from the HMC V10 R2 M1030 release. You can also reference this package by APAR MB04418 and PTF MF71190. This image can be installed on top of HMC V10 R2 M1030 with or without other PTFs or Service Packs. * Service packs are cumulative and as such will include all the fixes for the PTFs released up to and including the last service pack(s) for this HMC version. Please read the individual Readme files for each PTF to see the list of fixes. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# HMC_Update_V10R2M1041_x86.iso 5036468224 4e5f63183a7ac8a57e063576e8f3303c6999f18f MB04418 MF71190 Splash Panel information (or lshmc -V output) "version= Version: 10 Release: 2 Service Pack: 1041 HMC Build level 2308160028 MF71190 - HMC V10R2 M1041 ","base_version=V10R2 " PTF MF71191 HMC V10 R2 M1041.0 - for 7063 Hardware or vHMC for PowerVM (5765-HMB) This package represents a service pack image that can be used to update the HMC from the HMC V10 R2 M1030 release. You can also reference this package by APAR MB04419 and PTF MF71191. This image can be installed on top of HMC V10 R2 M1030 with or without other PTFs or Service Packs. * Service packs are cumulative and will include all the interim fixes for the PTFs released up to and including the last service pack(s) for this HMC version. Please read the individual Readme files for each PTF to see the list of fixes. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# HMC_Update_V10R2M1041_ppc.iso 5040805888 0f8b247ffe345e4f1d770b5cb3e7c03e9cbab54b MB04419 MF71191 Splash Panel information (or lshmc -V output) "version= Version: 10 Release: 2 Service Pack: 1041 HMC Build level 2308160028 MF71191 - HMC V10R2 M1041 ","base_version=V10R2 " * * *General fixes* * Fixed an issue that caused the HMC to fail to fully power on and stop at the emergency shell when it was restarted following an HMC update that was performed after HMC critical console data was restored. * Fixed an issue that sometimes causes PCM energy metric values to be associated with the wrong metrics on Enterprise BMC based managed systems. * Fixed an issue that caused VIOS scheduled operations to be deleted when the HMC is restarted. * Added the Remove action back to the GUI Shared Storage Pool Volumes page. * Fixed an issue where Energy Metrics collection was not automatically enabled for Power9 and Power10 high end systems when updated to firmware levels which support Energy Metrics if Performance and Capacity Monitoring was already enabled for those systems. * Closed serviceable events are no longer shown in the serviceable events slide in window on the HMC GUI dashboard. * Fixed a rare timing issue that causes the Electronic Service Agent service to terminate when the HMC is booting. When this occurs, call home and most transmit service information functions will not work. * Fixed an issue that caused a delete partition operation to fail with the error "/HSCL8016 An unknown error occurred while trying to perform this command. Retry the command. If the error persists, contact your software support representative./" This can occur on a subsequent attempt to delete a partition with vNIC adapters after the first attempt fails. * Fixed an issue on the Modify Virtual Ethernet Adapter Settings GUI page for an IBMi partition that prevents a user from adding 802.1Q VLAN IDs to a trunk adapter. * Fixed a timing issue that can cause an Enterprise BMC-based system to be in the /No Connection /state and the VMI connection to show as unavailable even though the VMI is connected to the HMC. This can occur when multiple Enterprise BMC-based systems are concurrently being connected to the HMC after an HMC restart. * Fixed a Performance and Capacity Monitoring (PCM) issue that can cause the HMC to become slow over time. * Added a workaround for the issue where a keyboard configured with a non-US layout always changes to a US layout after it is disconnected and reconnected to the HMC. The workaround to reset the keyboard layout to its original non-US configuration is to log in as user hscpe with role hmcpe and execute "runsig -s 710". Restarting the HMC will also reset the keyboard layout to its original non-US configuration. * Fixed an issue causing the hmcshutdown command to not work after HMC critical console data backed up on V10R2M1031 or later is restored on V10R2M1030. * Changed call home SRC E2FF4406 to informational, there is no impact or action required from the client, this SRC is caused by a harmless issue with the HMC logging framework. * Fixed a log rotation issue for the ssl_access* and ssl_request* logs in /var/log/httpd which can cause the /var file system to fill up resulting in call home SRC E212E134. * Removed the System Level Deactivate operation from the list of operations for hot plug FRU operations and removed both the System Level Activate and System Level Deactivate operations from the Power On/Off Unit Advanced Functions. The proper path and flow for these actions are through the exchange fru procedures. * Changed the name of the button on the Firmware Import Updates Wizard Summary page from Install to Import. * Fixed another issue that prevented call home from working successfully. Symptoms include test call home displaying attempts at trying additional legacy IP addresses and fix repositories * Allow users with the hmcservicerep task role to perform R&V operations. * Fixed an issue that caused the following harmless messages to be logged in /var/log/messages on every HMC restart: /kernel: alg: drbg: Failed to reset rng// //kernel: alg: drbg: Test 0 failed for drbg_nopr_hmac_sha512// //kernel: secvar-sysfs: secvar: failed to retrieve secvar operations./ * Fixed another issue where the browser window on the local console stayed on the "Initialization is in progress" screen after restarting the HMC. * Fixed issue where serviceable events slide in window on the new GUI dashboard is showing more than open events Security Fix * Fixed Java vulnerabilities: CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968 and CVE-2023-21937. Known Issues & Limitations * Restoring a backup taken prior to 1041 then attempting to apply an earlier PTF will result in the HMC stopping at the emergency shell on reboot. After restoring a backup taken between V10R2M1030 and V10R2M1040 immediately apply 1041 or later. * When a system or partition description field contains a non-ASCII character, an eBMC-based managed system may transition into Recovery state and after recovered may transition into Recovery state on the other HMC in a dual HMC environment. Workaround is to use only ASCII characters in the system and partition description fields. * Incorrect values are shown in the Storage I/O usage column on the Usage page of the Systems and Partitions tables in the new GUI dashboard. * If log in to the HMC GUI is failing with this error for LDAP or auto-managed users: /Error: "Logon Error: Invalid credential or Timeout. Please try again after some time, if it repeats, please follow troubleshooting steps from IBM support."/ Use the following troubleshooting steps: Check whether the user is LDAP or auto-managed authentication type. If so, run the following command to change the LDAP configuration: o chhmcldap -o s --timelimit 30 --bindtimelimit 20 If log in to the GUI still fails, run the following command: o chhmcldap -o s --timelimit 30 --bindtimelimit 10 Best Practices * User sessions - The following best practices helps avoid performance degradations gradually over a period of time due to increased login sessions as well as security vulnerabilities such as unauthorized access to the active HMC sessions. o It is a best practice to logoff from HMC UI and then close the browser tab instead of directly closing the tab o Set Idle session timeout for all the users and not leave the timeout as '0' which leaves it as no timeout. * Profile recommendations - The maximum number of partition profiles suggested per partition is 10. Installation Installation instructions for HMC Version 10 upgrades and corrective service can be found at these locations: Upgrading the HMC from Version V9R2 or V10R1M1010 to V10R2M1040 Updating, upgrading, and migrating your HMC machine code Update(s) for HMC V10R2M1041