AL770
For Impact, Severity and other Firmware definitions, Please
refer to the below 'Glossary of firmware terms' url:
http://www14.software.ibm.com/webapp/set2/sas/f/power5cm/home.html#termdefs
The complete Firmware Fix History for this
Release Level can be
reviewed at the following url:
http://download.boulder.ibm.com/ibmdl/pub/software/server/firmware/AL-IOCp-Firmware-Hist.html
|
AL770_112_032 / FW770.70
07/27/16 |
Impact: Availability
Severity: SPE
New Features and Functions
- Support was added for the Stevens6+ option of the internal
tray loading DVD-ROM drive with F/C #EU13. This is an 8X/24X(max)
Slimline SATA DVD-ROM Drive. The Stevens6+ option is a FRU
hardware replacement for the Stevens3+. MTM 7226-1U3
(Oliver) FC 5757/5762/5763 attaches to IBM Power Systems and
lists Stevens6+ as optional for Stevens3+. If the Stevens6+
DVD drive is installed on the system without the required firmware
support, the boot of an AIX partition will fail when the DVD is used as
the load source. Also, an IBM i partition cannot consistently
boot from the DVD drive using D-mode IPL. A SRC C2004130 may be
logged for the load source not found error.
System firmware changes that affect all systems
- A problem was fixed for PCI adapters locking up when
powered on. The problem is rare but frequency varies with the
specific adapter models. A system power down and power up is
required to get the adapter out of the locked state.
- A problem was fixed for hypervisor task failures in adjunct
partitions with a SRC B7000602 reported in the error log. These
failures occur during adjunct partition reboots for concurrent firmware
updates but are extremely rare and require a re-IPL of the system to
recover from the task failure. The adjunct partitions may be
associated with the VIOS or I/O virtualization for the physical
adapters such as done for SR-IOV.
- A security problem was fixed in OpenSSL for a possible
service processor reset on a null pointer de-reference during RSA PPS
signature verification. The Common Vulnerabilities and Exposures issue
number is CVE-2015-3194.
- A problem was fixed for the Advanced System Management
Interface "Network Services/Network Configuration" "Reset Network
Configuration" button that was not resetting the static routes to the
default factory setting. The manufacturing default is to have no
static routes defined so the fix clears any static routes that had been
added. A circumvention to the problem is to use the ASMI "Network
Services/Network Configuration/Static Route Configuration" "Delete"
button before resetting the network configuration.
- A problem was fixed for a sequence of two or more Live
Partition Mobility migrations that caused a partition to crash with a
SRC BA330000 logged (Memory allocation error in partition
firmware). The sequence of LPM migrations that can trigger the
partition crash are as follows:
The original source partition level can be any FW760.xx, FW763.xx,
FW770.xx, FW773.xx, FW780.xx, or FW783.xx P7 level or any FW810.xx,
FW820.xx, FW830.xx, or FW840.xx P8 level. It is migrated first to
a system running one of the following levels:
1) FW730.70 or later 730 firmware or
2) FW740.60 or later 740 firmware
And then a second migration is needed to a system running one of the
following levels:
1) FW760.00 - FW760.20 or
2) FW770.00 - FW770.10
The twice-migrated system partition is now susceptible to the BA330000
partition crash during normal operations until the partition is
rebooted. If an additional LPM migration is done to any firmware
level, the thrice-migrated partition is also susceptible to the
partition crash until it is rebooted.
With the fix applied, the susceptible partitions may still log multiple
BA330000 errors but there will be no partition crash. A reboot of
the partition will stop the logging of the BA330000 SRC.
System firmware changes that affect certain systems
- On a system with a IBM i partition running 7.2 or later
with 4K sector disks, a problem was fixed for a machine
check incorrectly issued.
- For Integrated Virtualization Manager (IVM) managed systems
with more than 64 active partitions, a problem was fixed for recovery
from Live Partition Mobility (LPM) errors. Without the fix, the
IVM managed system partition can appear to still be running LPM after
LPM has aborted, preventing retries of the LPM operation. In this
case, the partition must be stopped and restarted to clear the LPM
error state. The problem is not frequent because it requires a
failed LPM on a partition with a partition ID that is greater than
64. This problem does not pertain to the IBM Power 770 (9117-MMC)
nor the IBM Power 780 (9179-MHC).
- On systems with a PowerVM Active Memory Sharing (AMS)
partition with AIX Level 7.2.0.0 or later with Firmware Assisted
Dump enabled, a problem was fixed for a Restart Dump operation failing
into KDB mode. If "q" is entered to exit from KDB mode, the
partition fails to start. The AIX partition must be powered off
and back on to recover. The problem can be circumvented by
disabling Firmware Assisted Dump (default is enabled in AIX 7.2).
- On systems with dedicated processor partitions, a
problem was fixed for the dedicated processor partition becoming
intermittently unresponsive. The problem can be circumvented by
changing the partition to use shared processors.
- For systems with an invalid P-side or T-side in the
firmware, a problem was fixed in the partition firmware Real-Time
Abstraction System (RTAS) so that system Vital Product Data (VPD) is
returned at least from the valid side instead of returning no VPD
data. This allows AIX host commands such as lsmcode, lsvpd,
and lsattr that rely on the VPD data to work to some extent even if
there is one bad code side. Without the fix, all the VPD
data is blocked from the OS until the invalid code side is recovered by
either rejecting the firmware update or attempting to update the system
firmware again.
- For non-HMC managed systems in Manufacturing Default
Configuration (MDC) mode with a single host partition, a problem was
fixed for missing dumps of type SYSDUMP. FSPDUMP. LOGDUMP, and RSCDUMP
that were not off-loaded to the host OS. This is an infrequent
error caused by a timing error that causes the dump notification signal
to the host OS to be lost. The missing/pending dumps can be
retrieved by rebooting the host OS partition. The rebooted host
OS will receive new notifications of the dumps that have to be
off-loaded. This problem does not pertain to the IBM Power 770
(9117-MMC) nor the IBM Power 780 (9179-MHC).
- On systems where memory relocation (as done by using Live
Partition Mobility (LPM) ) and a partition reboot are occurring
simultaneously, a problem for a system termination was fixed. The
potential for the problem existed between the active migration and the
partition reboot.
- On a system with a AIX partition and a Linux partition, a
problem was fixed for dynamically moving an adapter that uses DMA from
the Linux partition to the AIX partition that caused the AIX to fail by
going into KDB mode (0c20 crash). The management console showed
the following message for the partition operation: "Dynamic move
of I/O resources failed. The I/O slot dynamic partitioning
operation failed.". The error was caused by Linux using 64K
mappings for the DMA window and AIX using 4K mappings for the DMA
window, causing incorrect calculations on the AIX when it received the
adapter. Until the fix is applied, the adapters that use DMA
should only be moved from Linux to AIX when the partitions are powered
off. This problem does not pertain to the IBM PowerLinux 8246 and
8248 models as these are Linux-only partition systems.
|
AL770_110_032 / FW770.61
12/16/15 |
Impact: Availability
Severity: ATT
System firmware changes that affect all systems
- A problem was fixed for a hypervisor deadlock that results
in the system being in a "Incomplete state" as seen on the management
console. This deadlock is the result of two hypervisor tasks
using the same locking mechanism for handling requests between the
partitions and the management console. Except for the loss of the
management console control of the system, the system is operating
normally when the "Incomplete state" occurs.
- A security problem was fixed in the lighttpd server on the
service processor OpenSSL where a remote attacker, while attempting
authentication, could insert strings into the lighttpd server log
file. Under normal operations on the service processor, this does
not impact anything because the log is disabled by default. The
Common Vulnerabilities and Exposures issue number is CVE-2015-3200.
System firmware changes that affect certain systems
- On systems using PowerVM with shared processor partitions
that are configured as capped or in a shared processor pool, there was
a problem found that delayed the dispatching of the virtual processors
which caused performance to be degraded in some situations.
Partitions with dedicated processors are not affected. The
problem is rare and can be mitigated, until the service pack is
applied, by creating a new shared processor AIX or Linux partition and
booting it to the SMS prompt; there is no need to install an operating
system on this partition. Refer to help document http://www.ibm.com/support/docview.wss?uid=nas8N1020863
for additional details.
|
AL770_109_032 / FW770.60
08/05/15 |
Impact: Availability
Severity: SPE
New Features and Functions
- Support was added to the Advanced System Management
Interface (ASMI) to be able to add a IPv4 static route definition for
each ethernet interface on the service processor. Using a static
route definition, a Hardware Management Console (HMC) configured
on a private subnet that is different from the service processor subnet
is now able to connect to the service processor and manage the
CEC. A static route persists until it is deleted or until the
service processor settings are restored to manufacturing
defaults. The static route is managed with the ASMI panel
"Network Services/Network Configuration/Static Route Configuration"
IPv4 radio button. The "Add" button is used to add a static route
(only one is allowed for each ethernet interface) and the "Delete"
button is used to delete the static route.
System firmware changes that affect all systems
- A problem was fixed for the iptables process consuming all
available memory, causing an out of memory dump and reset/reload of the
service processor.
- A problem was fixed in the Advanced System Management
Interface (ASMI) to reword a confusing message for systems with no
deconfigured resources. The "System Service Aids/Deconfiguration
Records" message text for this situation was changed from
"Deconfiguration data is currently not available." to "No deconfigured
resources found in the system.
- A problem was fixed for performance dumps to speed its
processing so it is able to handle partitions with a large number of
processors configured. Previously, for large systems, the
performance dump took too long in collecting performance data to be
useful in the debugging of some performance problems.
- A problem was fixed for a faulty ambient temperature sensor
that triggered emergency power offs with SRC 11007203 or 11007203 even
though the temperature was not over the limit. If the ambient
temperatures are high now, the errors will be logged for call home
service but they will not trigger an emergency power off.
- A problem was fixed to prevent a hypervisor task failure
with a B7000602 SRC logged, if multiple resource dumps running
concurrently run out of dump buffer space. The failed hypervisor task
could prevent basic logical partition operations from working,
potentially leading to an Incomplete state on the Management Console.
- For Power7+ systems with shared processor partitions, a
problem was fixed that could result in latency or timeout issues with
I/O devices. For the Power7 systems (IBM Power 770 (9117-MMD),
IBM Power 780 (9179-MHC)), this issue impacts all partitions,
regardless if the processors are shared or not.
- A problem was fixed for a partition deletion error on the
management console with error code 0x4000E002 and message
"...insufficient memory for PHYP". The partition delete operation
has been adjusted to accommodate the temporary increase in memory usage
caused by memory fragmentation, allowing the delete operation to be
successful.
- A security problem was fixed in OpenSSL where the service
processor would, under certain conditions, accept Diffie-Hellman client
certificates without the use of a private key, allowing a user to
falsely authenticate . The Common Vulnerabilities and Exposures
issue number is CVE-2015-0205.
- A security problem was fixed in OpenSSL for it's BigNumber
Squaring implementation to prevent a failure of cryptographic
protection mechanisms. The Common Vulnerabilities and Exposures
issue number is CVE-2014-3570.
- A security problem was fixed in OpenSSL to fix multiple
flaws in the parsing of X.509 certificates. These flaws could be
used to modify an X.509 certificate to produce a certificate with a
different fingerprint without invalidating its signature, and possibly
bypass fingerprint-based blacklisting. The Common Vulnerabilities
and Exposures issue number is CVE-2014-8275.
- A security vulnerability, commonly referred to as GHOST,
was fixed in the service processor glibc functions getbyhostname() and
getbyhostname2() that allowed remote users of the functions to cause a
buffer overflow and execute arbitrary code with the permissions of the
server application. There is no way to exploit this vulnerability
on the service processor but it has been fixed to remove the
vulnerability from the firmware. The Common Vulnerabilities and
Exposures issue number is CVE-2015-0235.
- A security problem was fixed in OpenSSL where a remote
attacker could crash the service processor with a specially crafted
X.509 certificate that causes an invalid pointer or an out-of-bounds
write. The Common Vulnerabilities and Exposures issue numbers are
CVE-2015-0286 and CVE-2015-0287.
- A problem was fixed that prevented a second management
console from being added to the CEC. In some cases, network
outages caused defunct management console connection entries to remain
in the service processor connection table, making connection slots
unavailable for new management consoles A reset of the service
processor could be used to remove the defunct entries and allow the
second management console to connect.
- A problem was fixed for an IPL termination with a B150B10C
SRC and B121C770 error logs. This problem only occurred on a
multiple node IBM Power 770 (9117-MMC) or IBM Power 780
(9179-MHC). The problem was intermittent so a re-ipl of the CEC
normally resolved the problem.
- A problem was fixed for some service processor error logs
not getting reported to the OS partitions as needed. The service
processor was not checking for a successful completion code on the
error log message send, so it was not doing retries of the send to the
OS when that was needed to ensure that the OS received the message.
- A problem was fixed for an incorrect call home for SRC
B1818A0F. There was no problem to be resolved so this call home
should have been ignored.
- A security problem was fixed for an OpenSSL specially
crafted X.509 certificate that could cause the service processor to
reset in a denial-of-service (DOS) attack. The Common
Vulnerabilities and Exposures issue number is CVE-2015-1789.
System firmware changes that affect certain systems
- On systems using PowerVM and Virtual Trusted Platform
Module (VTPM) partitions, a problem was fixed for a Management
Console error that occurred while restoring a backup profile that
caused the system to go to the Management Console "Incomplete
state". The failed system had a suspended VTPM partition and a
B7000602 SRC logged.
- For a partition that has been migrated with Live Partition
Mobility (LPM) from FW730 to FW740 or later, a problem was fixed for a
Main Storage Dump (MSD) IPL failing with SRC B2006008. The MSD
IPL can happen after a system failure and is used to collect failure
data. If the partition is rebooted anytime after the migration,
the problem cannot happen. The potential for the problem existed
between the active migration and a partition reboot.
- On systems with a PCIe 3D graphics adapter (F/C #EC41 or
#EC42) in a partition, a problem was fixed for a partition hang or
BA21xxxx error conditions during partition initialization.
|
AL770_101_032 / FW770.51
04/21/15 |
Impact: Security
Severity: HIPER
System firmware changes that affect all systems
- On systems using Virtual Shared Processor Pools (VSPP), a
problem was fixed for an inaccurate pool idle count over a small
sampling period.
A problem was corrected for a defect in an earlier service pack
(AL770_098) that potentially caused an undetected corruption of
firmware when the fix was concurrently activated. If the earlier
service pack(AL770_098) was concurrently installed, a platform IPL will
mitigate potential future exposure to the problem.
|
AL770_098_032 / FW770.50
01/12/15 |
Impact: Security
Severity: HIPER
New Features and Functions
- Support was added for using the Mellanox ConnectX-3 Pro
10/40/56 GbE (Gigabit Ethernet) adapter as a network install device.
System firmware changes that affect all systems
- A problem was fixed for the Advanced System Manager
Interface (ASMI) to change the Dynamic Platform Optimizer (DPO) VET
capability setting from "False" to "True". DPO is available on
all systems to use without a license required. Even though the
VET for DPO was set to "False", it did not interfere with the running
of DPO.
- A problem was fixed for memory relocation failing during a
partition reboot with SRC B700F103 logged. The memory relocation
could be part of the processing for the Dynamic Platform Optimizer
(DPO), Active Memory Sharing (AMS) between partitions, mirrored memory
defragmentation, or a concurrent FRU repair.
- A security problem was fixed for the Network Time Protocol
(NTP) client that allowed remote attackers to execute arbitrary code
via a crafted packet containing an extension field. The Common
Vulnerabilities and Exposures issue number is CVE-2009-1252.
- A security problem was fixed in the OpenSSL (Secure Socket
Layer) protocol that allowed a man-in -the middle attacker, via a
specially crafted fragmented handshake packet, to force a TLS/SSL
server to use TLS 1.0, even if both the client and server supported
newer protocol versions. The Common Vulnerabilities and Exposures issue
number for this problem is CVE-2014-3511.
- A security problem was fixed in OpenSSL for formatting
fields of security certificates without null-terminating the output
strings. This could be used to disclose portions of the program
memory on the service processor. The Common Vulnerabilities and
Exposures issue number for this problem is CVE-2014-3508.
- Multiple security problems were fixed in the way that
OpenSSL handled Datagram Transport Layer Security (DLTS) packets.
A specially crafted DTLS handshake packet could cause the service
processor to reset. The Common Vulnerabilities and Exposures
issue numbers for these problems are CVE-2014-3505, CVE-2014-3506 and
CVE-2014-3507.
- A security problem was fixed in OpenSSL to prevent a denial
of service when handling certain Datagram Transport Layer Security
(DTLS) ServerHello requests. A specially crafted DTLS handshake
packet with an included Supported EC Point Format extension could cause
the service processor to reset. The Common Vulnerabilities and
Exposures issue number for this problem is CVE-2014-3509.
- A security problem was fixed in OpenSSL to prevent a denial
of service by using an exploit of a null pointer de-reference during
anonymous Diffie Hellman (DH) key exchange. A specially crafted
handshake packet could cause the service processor to reset. The
Common Vulnerabilities and Exposures issue number for this problem is
CVE-2014-3510.
- A security problem in GNU Bash was fixed to prevent
arbitrary commands hidden in environment variables from being run
during the start of a Bash shell. Although GNU Bash is not
actively used on the service processor, it does exist in a library so
it has been fixed. This is IBM Product Security Incident Response
Team (PSIRT) issue #2211. The Common Vulnerabilities and
Exposures issue numbers for this problem are CVE-2014-6271,
CVE-2014-7169, CVE-2014-7186, and CVE-2014-7187.
- A problem was fixed for the Advanced System Manager
Interface (ASMI) that allowed possible cross-site request forgery
(CSRF) exploitation of the ASMI user session to do unwanted tasks on
the service processor.
- A problem was fixed for I/O adapters so that BA400002
errors were changed to informational for memory boundary adjustments
made to the size of DMA map-in requests. These DMA size
adjustments were marked as UE previously for a condition that is normal.
- A security problem was fixed in OpenSSL for memory leaks
that allowed remote attackers to cause a denial of service (out of
memory on the service processor). The Common Vulnerabilities and
Exposures issue numbers are CVE-2014-3513 and CVE-2014-3567.
- A security problem was fixed in OpenSSL for padding-oracle
attacks known as Padding Oracle On Downgraded Legacy Encryption
(POODLE). This attack allows a man-in-the-middle attacker to
obtain a plain text version of the encrypted session data. The Common
Vulnerabilities and Exposures issue number is CVE-2014-3566. The
service processor POODLE fix is based on a selective disablement of
SSLv3 using the Advanced System Management Interface (ASMI) "System
Configuration/Security Configuration" menu options. The Security
Configuration options of "nist_sp800_131a", "nist_compat", and "legacy"
for affects the disablement SSLv3 and determines the level of
protection from POODLE. The management console also requires a
POODLE fix for APAR MB03867(FIX FOR CVE-2014-3566 FOR HMC V7 R7.7.0 SP4
with PTF MH01482) to eliminate all vulnerability to POODLE and allow
use of option 1 "nist_sp800_131a" as shown below:
-1) nist_sp800_131a (SSlv3 disabled): This highest level of
security protection does not allow service processor clients to connect
using SSLv3, thereby eliminating any possibility of a POODLE
attack. All clients must be capable of using TLS v1.2 to make the
secured connections to the service processor to use this option.
This requires the management console be at a minimum level of HMC V7
R7.7.0 SP4 with POODLE PTF MH01482.
-2) nist_compat (default mode - SSLv3 enabled for HMC): This
medium level of security protection disables SSLv3 (TLS v1.2 must be
used instead) for the web browser sessions to ASMI and for the CIM
clients and assures them of POODLE-free connections. But the
older management consoles are allowed to use SSLv3 to connect to the
service processor. This is intended to allow non-POODLE compliant
HMC levels to be able to connect to the CEC servers until they can be
planned and upgraded to the POODLE compliant HMC levels. Running
a non-POODLE compliant HMC to a service processor in this default mode
will prevent the ASMI-proxy sessions from the HMC from connecting as
these proxy sessions require SSLv3 support in ASMI.
-3) legacy (SSLv3 enabled): This basic level of security
protection enables SSLv3 for all service processor client
connection. It relies on all clients being at POODLE fix
compliant levels to provide full POODLE protection using the TLS
Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV) to prevent
fallback to vulnerable SSLv3 connections. This legacy option is
intended for customer sites on protected internal networks that have a
large investment in older hardware that need SSLv3 to make browser and
HMC connections to the service processor. The level of POODLE
protection actually achieved in legacy mode is determined by the
percentage of clients that are at the POODLE fix compliant levels.
Note: If it is needed to downlevel the system and remove this
fix, before doing the firmware update the ASMI Security Configuration
should be set to either "nist_compat" or "legacy" to assure that all
service processor clients are enforced to the same security
level. An ASMI Security Configuration of "nist_sp800_131a"
will be undefined at the earlier firmware level, causing a
mixed-mode of security levels for the clients.
System firmware changes that affect certain systems
- HIPER/Pervasive:
On systems using PowerVM firmware, a performance problem was fixed that
may affect shared processor partitions where there is a mixture of
dedicated and shared processor partitions with virtual IO connections,
such as virtual ethernet or Virtual IO Server (VIOS) hosting, between
them. In high availability cluster environments this problem may
result in a split brain scenario.
- A problem was fixed for DASD backplane 5V or 1.2V
regulator pgood power faults (SRC 11002634 and SRC 1100262F) so that
the call out specified the location code for the part as Un-P3 instead
of Un-P2. This fix pertains only to Power 710 Express 8231-E1B,
8231-E1C, and 8231-E1D systems and Power 730 Express 8231-E2B,
8231-E2C, and 8231-E2D systems.
- On systems that have Active Memory Sharing (AMS) partitions
and deduplication enabled, a problem was fixed for not being able to
resume a hibernated AMS partition. Previously, resuming a
hibernated AMS partition could give checksum errors with SRC B7000202
logged and the partition would remain in the hibernated state.
- On systems that have Active Memory Sharing (AMS)
partitions, a problem was fixed for Dynamic Logical Partitioning
(DLPAR) for a memory remove that leaves a logical memory block (LMB) in
an unusable state until partition reboot.
- On systems with a F/C 5802 or 5877 I/O drawer installed, a
problem was fixed for a hypervisor hang at progress code C7004091
during the IPL or hangs during serviceability tasks to the I/O drawer.
- A problem was fixed that could result in unpredictable
behavior if a memory UE is encountered while relocating the contents of
a logical memory block during one of these operations:
- Using concurrent maintenance to perform a hot repair of a node.
- Reducing the size of an Active Memory Sharing (AMS) pool.
- On systems using mirrored memory, using the memory mirroring
optimization tool.
- Performing a Dynamic Platform Optimizer (DPO) operation.
- On systems using Virtual Shared Processor Pools (VSPP), a
problem was fixed for an inaccurate pool idle count over a small
sampling period.
- A problem was fixed for systems in networks using the
Juniper 1GBe and 10GBe switches (F/Cs #1108, #1145, and #1151) to
prevent network ping errors and boot from network (bootp)
failures. The Address Resolution Protocol (ARP) table information
on the Juniper aggregated switches is not being shared between the
switches and that causes problems for address resolution in certain
network configurations. Therefore, the CEC network stack code has
been enhanced to add three gratuitous ARPs (ARP replies sent without a
request received) before each ping and bootp request to ensure that all
the network switches have the latest network information for the system.
- On systems using the Virtual I/O Server (VIOS) to share
physical I/O resources among client logical partitions, a problem was
fixed for memory relocation errors during page migrations for the
virtual control blocks. These errors caused a CEC termination
with SRC B700F103. The memory relocation could be part of the
processing for the Dynamic Platform Optimizer (DPO), Active Memory
Sharing (AMS) between partitions, mirrored memory defragmentation, or a
concurrent FRU repair.
- On a system with a Linux partition, a problem was fixed for
the Linux "lsslot" command so that it is able to the find the F/C EC41
and EC42 PCIe 3D graphics adapter installed in the CEC, instead of
showing the slot as "empty". The Linux graphics adapter worked
correctly even though it showed as "empty".
|
AL770_092_032 / FW770.41
09/26/14 |
Impact: Availability
Severity: SPE
System firmware changes that affect all systems
- A problem was
fixed that was introduced by AL770_090 / FW770.40, which caused a
service processor reset/reload and a SRC B1818601
error log during an IPL when adjusting the speeds of the system
fans. This problem would normally have a successful recovery with
a good IPL of the system unless two other reset/reloads of the service
processor had occurred within the last 15 minutes.
This Service Pack (AL770_092 / FW770.41), contains all of the Hiper
fixes as provided by the previous Service Packs.
|
AL770_090_032 / FW770.40
06/26/14 |
Impact: Security
Severity: HIPER
New Features and Functions
- Support for PCIe2 3D Graphics Adapter that accelerates and
enhances the Linux system unit video.
Feature code #EC41 supports Power 720 (8202-E4D), Power 740
(8205-E6D), Power 710 (8231-E1D, 8268-E1D), Power 730
(8231-E2D), PowerLinux 7R1 (8246-L1D, 8246-L1T) and PowerLinux
7R2 (8246-L2D, 8246-L2T).
Feature code #EC42 supports Power 720 (8202-E4D) and Power 740
(8205-E6D).
System firmware changes that affect all systems
- HIPER/Pervasive:
A
security problem was fixed in the OpenSSL (Secure Socket Layer)
protocol that allowed clients and servers, via a specially crafted
handshake packet, to use weak keying material for communication.
A
man-in-the-middle attacker could use this flaw to decrypt and modify
traffic between the management console and the service processor.
The
Common Vulnerabilities and Exposures issue number for this problem is
CVE-2014-0224.
- HIPER/Pervasive:
A
security problem was fixed in OpenSSL for a buffer overflow in the
Datagram Transport Layer Security (DTLS) when handling invalid DTLS
packet fragments. This could be used to execute arbitrary code on
the
service processor. The Common Vulnerabilities and Exposures issue
number for this problem is CVE-2014-0195.
- HIPER/Pervasive:
Multiple security problems were fixed in the way that OpenSSL handled
read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was
enabled to prevent denial of service. These could cause the
service
processor to reset or unexpectedly drop connections to the management
console when processing certain SSL commands. The Common
Vulnerabilities and Exposures issue numbers for these problems are
CVE-2010-5298 and CVE-2014-0198.
- HIPER/Pervasive:
A
security problem was fixed in OpenSSL to prevent a denial of service
when handling certain Datagram Transport Layer Security (DTLS)
ServerHello requests.
A specially crafted DTLS handshake packet could cause the service
processor to reset. The Common Vulnerabilities and Exposures
issue
number for this problem is CVE-2014-0221.
- HIPER/Pervasive:
A
security problem was fixed in OpenSSL to prevent a denial of service by
using an exploit of a null pointer de-reference during anonymous
Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially
crafted
handshake packet could cause the service processor to reset. The
Common Vulnerabilities and Exposures issue number for this problem is
CVE-2014-3470.
- A problem was fixed that caused frequent SRC B1A38B24 error
logs with a call home every 15 seconds when service processor network
interfaces were incorrectly configured on the same subnet. The
frequency of the notification of the network subnet error has been
reduced to once every 24 hours.
- A problem was fixed that caused an intermittent loss of TTY
serial port access to the Advanced System Management Interface (ASMI)
after a power off of the system.
- Help text for the Advanced System Management Interface
(ASMI) "System Configuration/Hardware Deconfiguration/Clear All
Deconfiguration Errors" menu option was enhanced to clarify that when
selecting "Hardware Resources" value of "All hardware resources", the
service processor deconfiguration data is not cleared. The
"Service processor" must be explicitly selected for that to be cleared.
- Help text for the Advanced System Management Interface
(ASMI) "System Configuration/Power Management/Power Supply Idle
Control" menu option was enhanced to clarify that an idle power supply
is in a low power state and not powered off. The new help text
states "Power supply idle mode helps to reduce overall power
usage when the system load is very light by having one power supply
deliver all the power while the second is in a low power state".
- A problem was fixed that caused the slot index to be
missing for virtual slot number 0 for the dynamic reconfiguration
connector (DRC) name for virtual devices. This error was visible
from the management console when using commands such as "lshwres -r
virtualio --rsubtype slot -m machine" to show the hardware resources
for virtual devices.
- A problem was fixed that prevented a HMC-managed system
from being converted to manufacturing default configuration (MDC) mode
when the management console command "lpcfgop -m <server> -o
clear" failed to create the default partition. The management
console went to the incomplete state for this error.
- A problem was fixed that caused the Utility COD display of
historical usage data to be truncated on the management console.
- A problem was fixed that caused a "code accept" during a
concurrent firmware installation from the HMC to fail with SRC E302F85C.
- A problem was fixed for a Live Partition Mobility (LPM)
suspend and transfer of a partition that caused the time of day to skip
ahead to an incorrect value on the target system. The problem
only occurred when a suspended partition was migrated to a target CEC
that had a hypervisor time that was later than the source CEC.
- A problem was corrected that resulted in B7005300 error
logs.
- A security problem was fixed in the service processor
TCP/IP stack to discard illegal TCP/IP packets that have the SYN and
FIN flags set at the same time. An explicit packet discard was
needed to prevent further processing of the packet that could result in
an bypass of the iptables firewall rules.
- A problem was fixed that prevented guard error logs from
being reported for FRUs that were guarded during the system power
on. This could happen if the same FRU had been previously
reported as guarded on a different power on of the system. The
requirement is now met that guarded FRUs are logged on every power on
of the system.
System firmware changes that affect certain systems
- On systems with a F/C 5802 or 5877 I/O drawer installed, a
problem was fixed that occurred during Offline Converter Assembly (OCA)
replacement operations. The fix prevents a false Voltage Regulator
Module (VRM) fault and the logging of SRCs 10001511 or 10001521 from
occurring. This resulted in the OCA LED getting stuck
in an on or "fault" state and the OCA not powering on.
- On a system with partitions with redundant Virtual
Asynchronous Services Interface (VASI) streams, a problem was
fixed that caused the system to terminate with SRC B170E540. The
affected partitions include Active Memory Sharing (AMS), encapsulated
state partitions, and hibernation-capable partitions. The problem
is triggered when the management console attempts to change the active
VASI stream in a redundant configuration. This may occur due to a
stream reconfiguration caused by Live Partition Mobility (LPM);
reconfiguring from a redundant Paging Service Partition (PSP) to a
single-PSP configuration; or conversion of a partition from AMS to
dedicated memory.
- A problem was fixed for Live Partition Mobility (LPM)
migrations from Power7+ systems that use the nest accelerator (NX) for
compression and encryption usage that caused the migrated partition to
revert to software compression instead of using the NX hardware.
Some operating system negotiated functions may not operate correctly
and could impact performance.
For a partition with a 256MB Real Memory Offset (RMO) region size that
has been migrated from a Power8 system to Power7 or Power6 using
Live Partition Mobility, a problem was fixed that caused a failure on
the next boot of the partition with a BA210000 log with a CA000091
checkpoint just prior to the BA210000. The fix dynamically
adjusts the memory footprint of the partition to fit on the earlier
Power systems.
- On a system with a disk device with multiple boot
partitions, a problem was fixed that caused System Management Services
(SMS) to list only one boot partition. Even though only one boot
partition was listed in SMS, the AIX bootlist command could still be
used to boot from any boot partition.
- On systems that require in-band flash to update system
firmware, a problem was fixed so in-band update would not fail if the
Permanent (P) or the Temporary (T) side of the service processor was
marked invalid. Attempting to in-band flash from the AIX or
Linux command line failed with a BA280000 log reported.
Attempting to in-band flash from the AIX diagnostics menus also failed
because the flash menu options did not appear in this case.
- On systems that have a boot disk located on a SAN, a
problem was fixed where the SAN boot disk would not be
found on the default boot list and then the boot disk would have
to be selected from SMS menus. This problem would normally
be seen for new partitions that had tape drives configured before the
SAN boot disk.
|
AL770_076_032 / FW770.32
04/18/14 |
Impact: Security
Severity: HIPER
System firmware changes that affect all systems
- HIPER/Pervasive:
A security problem was fixed in the OpenSSL Montgomery ladder
implementation for the ECDSA (Elliptic Curve Digital Signature
Algorithm) to protect sensitive information from being obtained with a
flush and reload cache side-channel attack to recover ECDSA nonces from
the service processor. The Common Vulnerabilities and Exposures
issue number is CVE-2014-0076. The stolen ECDSA nonces could be
used to decrypt the SSL sessions and compromise the Hardware Management
Console (HMC) access password to the service processor.
Therefore, the HMC access password for the managed system should be
changed after applying this fix.
- HIPER/Pervasive:
A security problem was fixed in the OpenSSL Transport Layer
Security (TLS) and Datagram Transport Layer Security (DTLS) to not
allow Heartbeat Extension packets to trigger a buffer over-read to
steal private keys for the encrypted sessions on the service
processor. The Common Vulnerabilities and Exposures issue number
is CVE-2014-0160 and it is also known as the heartbleed
vulnerability. The stolen private keys could be used to decrypt
the SSL sessions and and compromise the Hardware Management Console
(HMC) access password to the service processor. Therefore, the
HMC access password for the managed system should be changed after
applying this fix.
- A security problem was fixed for the Lighttpd web
server that allowed arbitrary SQL commands to be run on the service
processor. The Common Vulnerabilities and Exposures issue number
is CVE-2014-2323.
- A security problem was fixed for the Lighttpd web server
where improperly-structured URLs could be used to view arbitrary files
on the service processor. The Common Vulnerabilities and
Exposures issue number is CVE-2014-2324.
|
AL770_063_032 / FW770.31
01/14/14 |
Impact: Serviceability
Severity: SPE
New Features and Functions
- Support was added for a new Smart Analytics system,
8493-SV6. The IBM 8493 Smart Analytics System model SV6 is derived from
the Power 740 model 8205-E6D.
System firmware changes that affect all systems
- A firmware code update problem was fixed that caused a
system failure with SRC B7000103 when the allowed resource usage was
exceeded for the partition universal unique identifier (UUID)
processing
during a code update.
- A firmware code update problem was fixed that caused the
Hardware Management Console (HMC) to go to "Incomplete State" for the
system with SRC E302F880 when assignment of a partition universal
unique identifier (UUID) failed for a partition that was already
running. This problem happens for disruptive code updates from
pre-770 levels to 770 or later levels.
|
AL770_062_032 / FW770.30
12/10/13 |
Impact: Availability
Severity: SPE
New Features and Functions
- Support was added to upgrade the service processor to
openssl version 1.0.1 and for compliance to National Institute of
Standards and Technologies (NIST) Special Publications 800-131a.
SP800-131a compliance required the use of stronger cryptographic keys
and more robust cryptographic algorithms.
- Support was added in Advanced System Management Interface
(ASMI) to facilitate capture and reporting of debug data for system
performance problems. The "System Service Aids/Performance
Dump" menu was added to ASMI to perform this function.
- Support was added to the Advanced System Management
Interface (ASMI) to provide a menu for "Power Supply Idle Mode".
Using the "Power Supply Idle Mode" menu, the power supplies can
be either set enabled to save power by idling power supplies when
possible or set disabled to keep all power supplies fully on and allow
a balanced load to be maintained on the power distribution units (PDUs)
of the system. Power supply idle mode enabled helps to reduce
overall power usage when the system load is very light by having one
power supply deliver all the power while the second power supply is
maintained in a low power state.
- Support was added to the Advanced System Management
Interface (ASMI) to provide a menu for "Memory Low Power State Control"
to enable or disable the custom memory buffer low power mode. If
set to disabled, it disables low power mode (a power-saving feature) to
speed memory and improve performance for some workloads. The
"Memory Low Power State Control" menu is not available on the MTM
9117-MMC system because its memory does not have a low power state
option.
- Support was added for the IBM Flash 90 (#ES09) PCIe 2.0 x8
eMLC adapter with 900GB storage and 350,00 IOPS read performance.
The system recognizes the PCI device as one needing additional cooling
and increases the fan speeds accordingly.
- Support was added in Advanced System Management Interface
(ASMI) for saving and restoring network settings using a USB flash
drive.
- Support was dropped for Secured Socket Layer (SSL) protocol
version 2 and SSL weak and medium cipher suites in the service
processor web server (Lighttpd) . Unsupported web browser
connections to the Advanced System Management Interface (ASMI) secured
port 443 (using https://) will now be rejected if those browsers do not
support SSL version 3. Supported web browsers for Power7 ASMI are
Netscape (version 9.0.0.4), Microsoft Internet Explorer (version 7.0),
Mozilla Firefox (version 2.0.0.11), and Opera (version 9.24).
- Support was added in Advanced System Management Interface
(ASMI) "System Configuration/Firmware Update Policy" menu to detect and
display the appropriate Firmware Update Policy (depending on whether
system is HMC managed) instead of requiring the user to select the
Firmware Update Policy. The menu also displays the "Minimum Code
Level Supported" value.
System firmware changes that affect all systems
- The firmware was enhanced to display on the management
console the correct number of concurrent live partition mobility (LPM)
operations that is supported.
- A problem was fixed that caused a 1000911E platform event
log (PEL) to be marked as not call home. The PEL is now a call
home to allow for correction. This PEL is logged when the
hypervisor has changed the Machine Type Model Serial Number (MTMS) of
an external enclosure to UTMP.xxx.xxxx because it cannot read the vital
product data (VPD), or the VPD has invalid characters, or if the MTMS
is a duplicate to another enclosure.
- When powering on a system partition, a problem was fixed
that caused the partition universal unique identifier (UUID) to not get
assigned, causing a B2006010 SRC in the error log.
- For the sequence of a reboot of a system partition followed
immediately by a power off of the partition, a problem was fixed where
the hypervisor virtual service processor (VSP) incorrectly retained
locks for the powered off partition, causing the CEC to go into
recovery state during the next power on attempt.
- A problem was fixed that caused the system attention LED to
be lit without a corresponding SRC and error log for the event.
This problem typically occurs when an operating system on a partition
terminates abnormally.
- A problem was fixed that caused a memory leak of 50 bytes
of service processor memory for every call home operation. This
could potentially cause an out of memory condition for the service
processor when running over an extended period of time without a reset.
- A problem was fixed that caused a L2 cache error to not
guard out the faulty processor, allowing the system to checkstop again
on an error to the same faulty processor.
- A problem was fixed that caused a HMC code update failure
for the FSP on the accept operation with SRC B1811402 or FSP is unable
to boot on the updated side.
- A problem was fixed that caused a built-in self test (BIST)
for GX slots to create corrupt error log values that core dumped the
service processor with a B18187DA. The corruption was caused by a
failure to initialize the BIST array to 0 before starting the tests.
- A problem was fixed that caused a SRC B7006A72 calling out
the adapter and the I/O Planar.
- A problem was fixed during resource dump processing that
caused a read of an invalid system memory address and a SRC
B181C141. The invalid memory reference resulted from the service
processor incorrectly referencing memory that had been relocated by the
hypervisor.
System firmware changes that affect certain systems
- On systems running AIX or Linux, a problem was fixed that
caused the operating system to halt when an InfiniBand Host Channel
Adapter (HCA) adapter fails or malfunctions.
- On systems running AIX or linux, a hang in a Live Partition
Mobility (LPM) migration for remote restart-capable partitions was
fixed by adding a time-out for the required paging space to become
available. If after five minutes the required paging space is not
available, the start migration command returns a error code of
0x40000042 (PagingSpaceNotReady) to the management console.
- On systems running Dynamic Platform Optimizer (DPO) with no
free memory, a problem was fixed that caused the Hardware
Management System (HMC) lsmemopt command to report the wrong status of
completed with no partitions affected. It should have indicated
that DPO failed due to insufficient free memory. DPO can only run
when there is free memory in the system.
- On systems with partitions using physical shared processor
pools, a problem was fix that caused partition hangs if the shared
processor pool was reduced to a single processor.
- On systems with a ethernet PCI-Express adapter under a PLX
switch, an extended error handling (EEH) problem was fixed in run-time
abstraction services (RTAS) that caused fundamental resets of the
adapter to fail during error recovery, leaving the adapter in a
non-pingable state and off the network. Besides failure to ping,
the other symptom is that an AIX OS command of "enstat -d entX" where X
is the adapter number will fail with the following message:
"enstat -0909-004, Unable to get statistics on device entX, errno=11".
- On systems with a F/C 5802 or 5877 I/O drawer installed,
the firmware was enhanced to guarantee that an SRC will be generated
when there is a power supply voltage fault. If no SRC is
generated, a loss of power redundancy may not be detected, which can
lead to a drawer crash if the other power supply goes down. This
also fixes a problem that causes an 8 GB Fiber channel adapter in
the drawer to fail if the 12V level fails in one Offline Converter
Assembly (OCA).
- On systems managed by an HMC with a F/C 5802 or 5877 I/O
drawer installed, a problem was fixed that caused the hardware topology
on the management console for the managed system to show "null" instead
of "operational" for the affected I/O drawers.
- On Power7+ systems, a problem was fixed that caused a
system checkstop during hypervisor time keeping services.
- On systems with a F/C 5802 or 5877 I/O drawer installed, a
problem was fixed that where a Offline Converter Assembly (OCA) fault
would appear to persist after a OCA micro-reset or OCA
replacement. The fault bit reported to the OS may not be cleared,
indicating a fault still exists in the I/O drawer after it has been
repaired.
|
AL770_052_032 / FW770.21
08/07/13 |
Impact: Availability
Severity: SPE
System firmware changes that affect all systems
- A problem was fixed that caused a migrated partition to
reboot during transfer to a VIOS 2.2.2.0, and later, target system. A
manual reboot would be required if transferred to a target system
running an earlier VIOS release. Migration recovery may also be
necessary.
- A problem was fixed that can cause Anchor (VPD) card
corruption and A70047xx SRCs to be logged. Note: If a
serviceable event with SRC A7004715 is present or was logged
previously, damage to the VPD card may have occurred. After the fix is
applied, replacement of the Anchor VPD card is recommended in
order to restored full redundancy.
System firmware changes that affect certain systems
- On systems running Dynamic Platform Optimizer (DPO) ,
a problem was fixed that caused an incorrect placement of dedicated
processors for partitions larger than a single chip. When this
occurs, the performance is impacted over what would have been gained
with proper placement.
|
AL770_048_032 / FW770.20
05/17/13 |
Impact: Availability
Severity: SPE
New Features and Functions
- Support for the 8268-E1D systems.
System firmware changes that affect all systems
- A problem was fixed that caused a service processor
reset/reload with SRC B181720D due to a memory leak.
- The Hypervisor was enhanced to allow the system to continue
to boot using the redundant data chip on the anchor (VPD) card, instead
of stopping the Hypervisor boot and logging SRC B7004715, when
the primary data chip on the anchor card has been corrupted.
- A problem was fixed that caused a service processor dump to
be generated with SRC B18187DA "NETC_RECV_ER" logged.
- A problem was fixed that caused the date and time to be
incorrect in AIX if a partition is remotely restarted on a different
system from the one on which it was hibernated.
- A problem was fixed that caused a performance loss after a
configuration change, such as un-licensing a processor, because the
Hypervisor is unable to dispatch a partition to a shared
processor.
- A problem was fixed that may cause inaccurate processor
utilization reporting.
System firmware changes that affect certain systems
- On systems running Active Memory Sharing (AMS) partitions,
a problem was fixed that caused the system to hang after an AMS
partition was deleted or mobilized, combined with either an AMS pool
resize or relocation of AMS pool memory.
- On systems with I/O towers attached, a problem was fixed
that caused multiple service processor reset/reloads if the tower was
continuously sending invalid System Power Control Network (SPCN) status
data.
- On 8202-E4D and 8205-E6D systems with the PCIe expansion
card feature code (F/C) 5610 or F/C 5685 installed, a problem was fixed
that caused the wrong FRU part number (74Y8565 instead of 74Y5221) to
be called out when the fan on the expansion card failed.
- On systems managed by a management console, a problem was
fixed that was caused by an attempt to modify a virtual adapter from
the management console command line when the command specifies it is an
Ethernet adapter, but the virtual ID specified is for an adapter type
other than Ethernet. The managed system has to be rebooted to
restore communications with the management console when this problem
occurs; SRC B7000602 is also logged.
- On systems running Dynamic Platform Optimization (DPO), a
problem was fixed that caused the current DPO score for a partition to
be incorrect. When this occurs, it looks like DPO would not
improve performance when in fact it would improve the
performance. Also, on systems running Dynamic Platform
Optimization (DPO), in which there are no processors in the shared
processor pool, a problem was fixed that caused the Hypervisor to
become unresponsive (the service processor starts logging time-out
errors against the Hypervisor, and the HMC can no longer talk to the
Hypervisor) during a DPO operation.
|
AL770_038_032 / FW770.10
03/21/13 |
Impact:
Availability
Severity: SPE
System firmware changes that affect certain systems
- On
systems running Active Memory Sharing (AMS) partitions, a problem was
fixed that caused the system to hang after an AMS partition was deleted
or mobilized, combined with either an AMS pool resize or relocation of
AMS pool memory.
- On systems running Active Memory Sharing (AMS) partitions,
a problem was fixed that may arise due to the incorrect handling of a
return code in an error path during the logical partition migration
(LPM) of an AMS partition.
- On systems running Active Memory Sharing (AMS) partitions,
a timing problem was fixed that may occur if the system is running
Dynamic Platform Optimization (DPO).
|
AL770_032_032 / FW770.00
02/20/13 |
Impact:
New
Severity: New
New Features and Functions
- Support for the 8202-E4D and 8205-E6D systems.
- Support for the 8231-E1D and 8231-E2D systems.
- Support for the 8246-L1D, 8246-L2D, 8246-L1T, and 8246-L2T
systems.
- Support for version 2 of the EnergyStar standard.
|