Power6 High-End Power Subsystem Firmware *Applies to: 9119-FHA* This document provides information about the installation of Licensed Machine or Licensed Internal Code, which is sometimes referred to generically as microcode or firmware. ------------------------------------------------------------------------ Contents * 1.0 Systems Affected <#1.0> * 2.0 Cautions and Planning Information <#2.0> * 3.0 Firmware Information and Description <#3.0> * 4.0 How to Determine Currently Installed Firmware Level <#4.0> * 5.0 Downloading the Firmware Package <#5.0> * 6.0 Installing the Firmware <#6.0> ------------------------------------------------------------------------ 1.0 Systems Affected <#TOC_1.0> This package provides firmware for Power 595 (9119-FHA) Servers */only/*. Do *not* use on any other systems. The firmware level in this package is: * EB350_159 ------------------------------------------------------------------------ 2.0 Important Information <#TOC_2.0> HMC-Managed Systems *This firmware level requires a minimum HMC level of: HMC V7 R3.5.0 with mandatory PTFs MH01212 and MH01217.* Go to the following URL to access the HMC code packages: * http://www-933.ibm.com/support/fixcentral/ *NOTE:* You must be logged in as hscroot in order for the firmware installation to complete correctly. ------------------------------------------------------------------------ 3.0 Firmware Information and Description <#TOC_3.0> Use the following example as a reference to determine whether your installation will be concurrent or disruptive. *Note: * The file names and service pack levels used in the following examples are for clarification only, and are not necessarily levels that have been, or will be released. Power Subsystem firmware file naming convention: 02EBXXX_YYY_ZZZ * XXX is the /release/ level * YYY is the /service pack/ level * ZZZ is the /last disruptive service pack/ level NOTE: Values of service pack and last disruptive service pack level (YYY and ZZZ) are only unique within a release level (XXX). For example, 02EB330_067_045 and 02EB340_067_053 are *different* service packs. An installation is disruptive if: * The /release/ levels (XXX) are different. Example: Currently installed release is EB330, new release is EB340 * The /service pack/ level (YYY) and the /last disruptive service pack/ level (ZZZ) are equal. Example: EB330_120_120 is disruptive, no matter what level of EB330 is currently installed on the system * The service pack level (YYY) currently installed on the system is lower than the last disruptive service pack level (ZZZ) of the service pack to be installed. Example: Currently installed service pack is EB330_120_120 and new service pack is EB330_152_130 An installation is concurrent if: * The /service pack/ level (YYY) is higher than the /service pack/ level currently installed on your system. Example: Currently installed service pack is EB330_126_120, new service pack is EB330_143_120. *Firmware Information and Update Description* */Filename/* */Size/* */Checksum/* 02EB350_159_034.rpm 15,234,509 38453 *EB350_159_034* 06/25/2014 Impact: Security Severity: HIPER * HIPER /Pervasive A security problem was fixed in the OpenSSL (Secure Socket Layer) protocol that allowed clients and servers, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between the management console and the service processor. The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-0224. * HIPER /Pervasive A security problem was fixed in OpenSSL for a buffer overflow in the Datagram Transport Layer Security (DTLS) when handling invalid DTLS packet fragments. This could be used to execute arbitrary code on the service processor. The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-0195. * HIPER /Pervasive Multiple security problems were fixed in the way that OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled to prevent denial of service. These could cause the service processor to reset or unexpectedly drop connections to the management console when processing certain SSL commands. The Common Vulnerabilities and Exposures issue numbers for these problems are CVE-2010-5298 and CVE-2014-0198. * HIPER /Pervasive A security problem was fixed in OpenSSL to prevent a denial of service when handling certain Datagram Transport Layer Security (DTLS) ServerHello requests. A specially crafted DTLS handshake packet could cause the service processor to reset. The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-0221. * HIPER /Pervasive A security problem was fixed in OpenSSL to prevent a denial of service by using an exploit of a null pointer de-reference during anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause the service processor to reset. The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-3470. * Fix to prevent system crash if an independent critical fault occurs on any cage or drawer during concurrent BPA FRU service that involves cycling power on the BPA. *EB350_144_034* 07/25/2013 Impact: Availability Severity: SPE * Fix cross-power cable's circuit breaker not being opened as part of BPC service when mailbox cable is broken * Add tests to detect and report a dead voltage level 6 on 5797/5798 I/O drawers * Fix to prevent erroneous defective planar error posted after power off of 5797/5798 I/O drawer * Fix some erroneously posted errors *EB350_141_034* 01/09/2013 Impact: Function Severity: HIPER - *H*igh *I*mpact/*PER*vasive, should be installed as soon as possible. * *HIPER/Pervasive:* Corrects a problem reported from the field that occurs during a concurrent CEC power supply repair action that may cause a CEC logic failure when the new power supply is activated resulting in an unexpected system outage. * Fix I/O drawer service causing drawer to be dropped from configuration on HMC * Fix CEC cooling related error codes not being reported to the FSP and operating system * Prevent rare CEC power supply failures during firmware updates caused by lowering voltage on heavily loaded levels * Updates for the BPA fan speed for single-BPA mode systems *EB350_131_034* 07/27/2012 Impact: Availability Severity: HIPER * Prevent CEC outage during firmware update by avoiding voltage glitches * Fix issues when writing frame or IO MTMS * Fix some erroneously posted errors *EB350_124_034* 05/02/2012 Impact: Availability Severity: SPE * Fix posting of various erroneous Tres24 I/O Drawer faults * Fix erroneous Local Over Voltage condition which was blocking concurrent CEC power supply repair *EB350_119_034* 11/08/2011 Impact: Availability Severity: HIPER * Prevent erroneous SRCs when BPA loses AC * Prevent system crash during code update * Fix erroneous SRC 1401130A (defective planar) being posted due to intermittent communication I/O drawer DCA * Fix broken BPD not being detected and erroneous miscable SRC getting posted instead * Fix error occurring while attempting to resynchronize HMC password with the BPC * Fix not being able to concurrently service BPC-BPC communication fault SRC 14022B01 without errors * Fixes to adding 5803 I/O drawer *EB350_107_034* 06/06/2011 Impact: Availability Severity: ATT * Change to code update of Tres24 I/O drawer power supplies to prevent loss of power during the update * Change to code update of Tres24 I/O drawer power supplies to eliminate false DCA errors * Change to prevent false Tres24 I/O drawer planar errors if a power supply reboots while a planar is initializing * Change to prevent false Tres24 I/O drawer planar errors during code update * Change to prevent voltage glitches during service of I/O drawer power supplies * Change to prevent reporting of false SRCs during concurrent repair of UEPO panel * Fix for problem that prevented certain BPD faults from being reported * Fix to prevent power LEDs in a Tres24 I/O drawer from turning off when lamp test is run with power on * Fix to prevent over voltage condition in CEC power supplies due to long term voltage drift from periodic current adjustments * Fix for incorrect information in 14027092 error code *EB350_085_034* 10/26/2010 Impact: Availability Severity: HIPER * Fixes to improve serviceability *EB350_071_034* 06/30/2010 Impact: Usability Severity: SPE * Change 5803 I/O drawer power supply reboot threshold (from 2 total to >12 reboots in 24hrs) for trigging defective power supply errors * Prevent erroneous 14012051/14012052 SRCs with 0315 reason code after a 5803 I/O power supply reboot * Turn off current balancing for voltage level 7 on 5803 I/O power supplys to eliminate erroneous defective power supply SRCs * Fix SRC 140131BB calling out wrong MDA *EB350_049_034* 03/15/2010 Impact: Serviceability Severity: HIPER *New Features and Functions:* * Change to 5803 I/O drawer service to disable concurrent replacement of power supplies and fans due to problem with the current drawer connectors. This code change will also detect the newer connector type and then re-enable the concurrent replacement option. * Change to 5803 I/O drawer fan speed control: speed up fans to prevent power supply reset during low-load conditions * Change to 5803 I/O drawer to report a defective power supply if the supply reboots more than once *Other Changes:* * Fix for displaying incorrect 5803 I/O drawer fan part number * Fix for displaying incorrect 5803 I/O drawer port card FRU part number * Fix for displaying incorrect 5803 I/O backplane part number * Fix for Bulk Power Regulator access errors not being re-reposted after the errors were manually cleared by the service team * Fix for 5803 I/O drawer to prevent drawer crash when a power supply reboots * Fix for failure to deactivate UEPO panel for servicing * Fix for redundancy check failing when a defective CEC power supply trips both Static Circuit Breakers * Fix for location code problems while servicing power supply and fan cables * Fix for Bulk Power Controller reset during concurrent firmware update * Fix for false 14011302 SRCs reported against 5791 I/O drawers * Fix for SRC not being reported for Integrated Battery Feature having its circuit breaker in the off position * Fix for false 14011305 SRC while powering on I/O drawers * Fix for critical error detection function being blocked after a warning error is detected * Fix for posting both defective fan and defective power supply SRCs for a defective fan condition in an I/O drawer *EB350_034_034* 11/02/2009 Impact: Function Severity: SPE *New Features and Functions:* * Improve I2C bus arbitration on I/O drawer * Enhancements to master I/O DCA recovery during DCA/BPA servicing and code updating * Prevent BPC reset if other BPC is not available *Other Changes:* * Fix memory throttling operation * Fix fault isolation for overvoltages due to voltage distribution shorts * Eliminate erroneous error reporting when the EPO switch is cycled quickly * Improve fault isolation for DCA shorted oring diode * Eliminate erroneous SRC for Low Room Temperature and BPC reset during BPC service * Fix for certain informational SRCs blocking non-informational SRCs * Fix problem with concurrent add of I/O drawer * Fix for invalid part number in DCA callout * Fix for redundancy check response toggling on DCA * Fix for I2C bus conflicts in I/O drawer * New I/O drawer command to Reset "other" I2C bus from planar to DCA * Fix for some I/O drawer voltage levels are not turning on if master DCA has not been determined * Water pump firmware workarounds for motor decoupling from pump * Fix for power off of B&C IB failing to power off 1/2 after planar failure on one planar * Fix erroneous defective BPR posting for loss of AC on one of two line cords on IH system * Fix for BPA fans going to high speed after loss of AC recovery * DCA s/n not listed in call home PMH or PEL data * Fix for secondary cage/fru incorrect for SRC 14027098/reasonCode : 004f * Change Health Check to ignore 14019999 informational SRCs * Fix for concurrent add of BPR/BPD failing * Fix for invalid MDA PN 41V2522 in error logs * Fix for 12V Stby voltge glitch between concurrent DCA code updates * Fix for DCA left partially upated during concurrent code update * Fix for SRC 14010400 posted during code update * Fix for BPC deactivate causing reset of BPC ------------------------------------------------------------------------ 4.0 How to Determine Currently Installed Power Subsystem Firmware Levels <#TOC_4.0> You can view the frame's current firmware level on the Advanced System Management Interface (ASMI) Welcome pane. It appears in the top right corner. Example: EB330_029. ------------------------------------------------------------------------ 5.0 Downloading the Firmware Package <#TOC_5.0> Follow the instructions on the web page. You must read and agree to the license agreement to obtain the firmware packages. *Note: If your HMC is not internet-connected you will need to download the new firmware level to a CD-ROM or ftp server.* ------------------------------------------------------------------------ 6.0 Installing the Firmware <#TOC_6.0> The method used to install new firmware will depend on the release level of firmware which is currently installed on your server. The release level can be determined by the prefix of the new firmware's filename. Example: EBXXX_YYY_ZZZ Where XXX = release level * If the release level will stay the same (Example: Level EB330_075_075 is currently installed and you are attempting to install level EB330_081_075) this is considered an update. * If the release level will change (Example: Level EB330_081_075 is currently installed and you are attempting to install level EB340_096_096) this is considered an upgrade. Instructions for installing firmware updates and upgrades can be found at http://publib.boulder.ibm.com/infocenter/systems/scope/hw/topic/ipha1/updateschapter.htm ------------------------------------------------------------------------