AM770
For Impact, Severity and other Firmware definitions, Please
refer to the below 'Glossary of firmware terms' url:
http://www14.software.ibm.com/webapp/set2/sas/f/power5cm/home.html#termdefs
The following Fix description table will
only contain the N (current) and N-1 (previous) levels.
The complete Firmware Fix History
(including HIPER descriptions) for this
Release Level can be
reviewed at the following url:
http://download.boulder.ibm.com/ibmdl/pub/software/server/firmware/AM-IOC-Firmware-Hist.html
|
AM770_116_032 / FW770.80
05/23/17 |
Systems
8408-E8D; 8248-L4T; 9109-RMD;
9117-MMC and
9179-MHC ONLY
Impact: Availability
Severity: SPE
New features and functions
- Support for the Advanced System Management Interface (ASMI)
was changed to allow the special characters of "I", "O", and "Q" to be
entered for the serial number of the I/O Enclosure under the Configure
I/O Enclosure option. These characters have only been found in an
IBM serial number rarely, so typing in these characters will normally
be an incorrect action. However, the special character entry is
not blocked by ASMI any more so it is able to support the exception
case. Without the enhancement, the typing of one of the special
characters causes message "Invalid serial number" to be displayed.
- Support was added for the Universally Unique
IDentifier (UUID) property for each partition. The UUID provides
each partition with an identifier that is persisted by the platform
across partition reboots, reconfigurations, OS reinstalls, partition
migration, and hibernation.
System firmware changes that affect all systems
- A problem was fixed for incorrect error messages from the
Advanced System Management Interface (ASMI) functions when the system
is powered on but in the "Incomplete State". For this
condition, ASMI was assuming the system was powered off because it
could not communicate to the PowerVM hypervisor. With the fix,
the ASMI error messages will indicate that ASMI functions have failed
because of the bad hypervisor connection instead of falsely stating
that the system is powered off.
- A problem was fixed for a Live Partition Mobility migration
that resulted in the source-managed system going to the Hardware
Management Console (HMC) Incomplete state after the migration to the
target system was completed. This problem is very rare and has
only been detected once.. The problem trigger is that the source
partition does not halt execution after the migration to the target
system. The HMC went to the Incomplete state for the
source-managed system when it failed to delete the source partition
because
the partition would not stop running. When this problem occurred,
the customer network was running very slowly and this may have
contributed to the failure. The recovery action is to re-IPL the
source system but that will need to be done without the assistance of
the HMC. For each partition that has a OS running on the source
system, shut down each partition from the OS. Then from the
Advanced System Management Interface (ASMI), power off the
managed system. Alternatively, the system power button may also
be used to do the power off. If the HMC Incomplete state persists
after the power off, the managed system should be rebuilt from the
HMC. For more information on HMC recovery steps, refer to this
IBM Knowledge Center link: https://www.ibm.com/support/knowledgecenter/en/POWER7/p7eav/aremanagedsystemstate_incomplete.htm
- A problem was fixed for a latency time of about 2 seconds
being added to a target Live Partition Mobility (LPM) migration system
when there is a latency time check failure. With the fix, in the
case of a latency time check failure, a much smaller default latency is
used instead of two seconds. This error would not be noticed if
the customer system is using a NTP time server to maintain the time.
- A problem was fixed for a shared processor pool partition
showing an incorrect zero "Available Pool Processor" (APP) value after
a concurrent firmware update. The zero APP value means that no
idle cycles are present in the shared processor pool but in this case
it stays zero even when idle cycles are available. This value can
be displayed using the AIX "lparstat" command. If this problem is
encountered, the partitions in the affected shared processor pool can
be dynamically moved to a different shared processor pool. Before
the dynamic move, the "uncapped" partitions should be changed to
"capped" to avoid a system hang. The old affected pool would continue
to have the APP error until the system is re-IPLed.
This fix pertains only to IBM Power 770 (9117-MMC) and IBM Power 780
(9179-MHC) systems.
- A rare problem was fixed for a system hang that can occur
when dynamically moving "uncapped" partitions to a different shared
processor pool. To prevent a system hang, the "uncapped"
partitions should be changed to "capped" before doing the move.
This fix pertains only to IBM Power 770 (9117-MMC) and IBM Power 780
(9179-MHC) systems.
- A problem was fixed for a Network boot/install failure
using bootp in a network with switches using the Spanning Tree Protocol
(STP). A Network boot/install using lpar_netboot on the
management console was enhanced to allow the number of retries to be
increased. If the user is not using lpar_netboot, the number of
bootp retries can be increased using the SMS menus. If the SMS
menus are not an option, the STP in the switch can be set up to allow
packets to pass through while the switch is learning the network
configuration.
- A problem was fixed for Live Partition Mobility (LPM)
migrations from FW860.10 or FW860.11 to older levels of firmware.
Subsequent DLPAR of Virtual Adapters will fail with HMC error
message HSCL294C, which contains text similar to the following:
"0931-007 You have specified an invalid drc_name." This issue affects
partitions installed with AIX 7.2 TL 1 and later. Not affected by this
issue are partitions installed with VIOS, IBM i, or earlier levels of
AIX.
- A problem was fixed for an intermittent IPL failure with
SRC B181E6C7 for a deadlock condition when testing the clocks during
the IPL. The problem state can be recovered by doing another
IPL. The problem is triggered by an error in the IPL clock test
causing a interrupt handler to switch to the redundant clock and
deadlock. With the fix, the clock fault is handled and the bad
clock is guarded, with the IPL completing on the redundant clock.
This fix pertains only to IBM Power 770 (9117-MMC) and IBM Power 780
(9179-MHC) systems.
System firmware changes that affect certain systems
- On systems with IBM
i partitions, a problem was fixed for frequent logging of informational
B7005120 errors due to communications path closed conditions during
messaging from HMCs to IBM i partitions. In the majority of cases
these errors are due to normal operating conditions and not due to
errors that require service or attention. The logging of
informational errors due to this specific communications path closed
condition that are the result of normal operating conditions has been
removed.
|
AM770_112_032 / FW770.70
07/27/16 |
Systems
8408-E8D; 8248-L4T; 9109-RMD;
9117-MMC and
9179-MHC ONLY
Impact: Performance
Severity: SPE
New features and functions
- Support was added for the Stevens6+ option of the internal
tray loading DVD-ROM drive with F/C #EU13. This is an 8X/24X(max)
Slimline SATA DVD-ROM Drive. The Stevens6+ option is a FRU
hardware replacement for the Stevens3+. MTM 7226-1U3
(Oliver) FC 5757/5762/5763 attaches to IBM Power Systems and
lists Stevens6+ as optional for Stevens3+. If the Stevens6+
DVD drive is installed on the system without the required firmware
support, the boot of an AIX partition will fail when the DVD is used as
the load source. Also, an IBM i partition cannot consistently
boot from the DVD drive using D-mode IPL. A SRC C2004130 may be
logged for the load source not found error.
System firmware changes that affect all systems
- A problem was fixed for PCI adapters locking up when
powered on. The problem is rare but frequency varies with the
specific adapter models. A system power down and power up is
required to get the adapter out of the locked state.
- A problem was fixed for hypervisor task failures in adjunct
partitions with a SRC B7000602 reported in the error log. These
failures occur during adjunct partition reboots for concurrent firmware
updates but are extremely rare and require a re-IPL of the system to
recover from the task failure. The adjunct partitions may be
associated with the VIOS or I/O virtualization for the physical
adapters such as done for SR-IOV.
- A security problem was fixed in OpenSSL for a possible
service processor reset on a null pointer de-reference during RSA PPS
signature verification. The Common Vulnerabilities and Exposures issue
number is CVE-2015-3194.
- A problem was fixed for the Advanced System Management
Interface "Network Services/Network Configuration" "Reset Network
Configuration" button that was not resetting the static routes to the
default factory setting. The manufacturing default is to have no
static routes defined so the fix clears any static routes that had been
added. A circumvention to the problem is to use the ASMI "Network
Services/Network Configuration/Static Route Configuration" "Delete"
button before resetting the network configuration.
- A problem was fixed for partial loss of Entitlement for
On/Off Memory Capacity on Demand (also called Elastic CoD). Users
with large amounts of Entitlement on the system of greater than "65535
GB * Days" could have had a truncation of the Entitlement value on a
re-IPL of the system. To recover lost Entitlement, the customer
can request another On/Off Enablement Code from IBM support to
"re-fill" their entitlement.
- A problem was fixed for a sequence of two or more Live
Partition Mobility migrations that caused a partition to crash with a
SRC BA330000 logged (Memory allocation error in partition
firmware). The sequence of LPM migrations that can trigger the
partition crash are as follows:
The original source partition level can be any FW760.xx, FW763.xx,
FW770.xx, FW773.xx, FW780.xx, or FW783.xx P7 level or any FW810.xx,
FW820.xx, FW830.xx, or FW840.xx P8 level. It is migrated first to
a system running one of the following levels:
1) FW730.70 or later 730 firmware or
2) FW740.60 or later 740 firmware
And then a second migration is needed to a system running one of the
following levels:
1) FW760.00 - FW760.20 or
2) FW770.00 - FW770.10
The twice-migrated system partition is now susceptible to the BA330000
partition crash during normal operations until the partition is
rebooted. If an additional LPM migration is done to any firmware
level, the thrice-migrated partition is also susceptible to the
partition crash until it is rebooted.
With the fix applied, the susceptible partitions may still log multiple
BA330000 errors but there will be no partition crash. A reboot of
the partition will stop the logging of the BA330000 SRC.
System firmware changes that affect certain systems
- On a system with a
IBM i partition running 7.2 or later with 4K sector disks, a
problem was fixed for a machine check incorrectly issued.
- For Integrated Virtualization Manager (IVM) managed systems
with more than 64 active partitions, a problem was fixed for recovery
from Live Partition Mobility (LPM) errors. Without the fix, the
IVM managed system partition can appear to still be running LPM after
LPM has aborted, preventing retries of the LPM operation. In this
case, the partition must be stopped and restarted to clear the LPM
error state. The problem is not frequent because it requires a
failed LPM on a partition with a partition ID that is greater than
64. This problem does not pertain to the IBM Power 770 (9117-MMC)
nor the IBM Power 780 (9179-MHC).
- On systems with a PowerVM Active Memory Sharing (AMS)
partition with AIX Level 7.2.0.0 or later with Firmware Assisted
Dump enabled, a problem was fixed for a Restart Dump operation failing
into KDB mode. If "q" is entered to exit from KDB mode, the
partition fails to start. The AIX partition must be powered off
and back on to recover. The problem can be circumvented by
disabling Firmware Assisted Dump (default is enabled in AIX 7.2).
- On systems with dedicated processor partitions, a
problem was fixed for the dedicated processor partition becoming
intermittently unresponsive. The problem can be circumvented by
changing the partition to use shared processors.
- For a system partition with more than 64 cores, a problem
was fixed for Live Partition Mobility (LPM) migration operations
failing with HSCL365C. The partition migration is stopped because
the platform detects a firmware error anytime the partition has more
than 64 cores. This problem only pertains to the Power 780
(9179-MHC).
- For systems with an invalid P-side or T-side in the
firmware, a problem was fixed in the partition firmware Real-Time
Abstraction System (RTAS) so that system Vital Product Data (VPD) is
returned at least from the valid side instead of returning no VPD
data. This allows AIX host commands such as lsmcode, lsvpd,
and lsattr that rely on the VPD data to work to some extent even if
there is one bad code side. Without the fix, all the VPD
data is blocked from the OS until the invalid code side is recovered by
either rejecting the firmware update or attempting to update the system
firmware again.
- For non-HMC managed systems in Manufacturing Default
Configuration (MDC) mode with a single host partition, a problem was
fixed for missing dumps of type SYSDUMP. FSPDUMP. LOGDUMP, and RSCDUMP
that were not off-loaded to the host OS. This is an infrequent
error caused by a timing error that causes the dump notification signal
to the host OS to be lost. The missing/pending dumps can be
retrieved by rebooting the host OS partition. The rebooted host
OS will receive new notifications of the dumps that have to be
off-loaded. This problem does not pertain to the IBM Power 770
(9117-MMC) nor the IBM Power 780 (9179-MHC).
- On systems where memory relocation (as done by using Live
Partition Mobility (LPM) ) and a partition reboot are occurring
simultaneously, a problem for a system termination was fixed. The
potential for the problem existed between the active migration and the
partition reboot.
- On a system with a AIX partition and a Linux partition, a
problem was fixed for dynamically moving an adapter that uses DMA from
the Linux partition to the AIX partition that caused the AIX to fail by
going into KDB mode (0c20 crash). The management console showed
the following message for the partition operation: "Dynamic move
of I/O resources failed. The I/O slot dynamic partitioning
operation failed.". The error was caused by Linux using 64K
mappings for the DMA window and AIX using 4K mappings for the DMA
window, causing incorrect calculations on the AIX when it received the
adapter. Until the fix is applied, the adapters that use DMA
should only be moved from Linux to AIX when the partitions are powered
off. This problem does not pertain to the IBM PowerLinux 8246 and
8248 models as these are Linux-only partition systems.
Concurrent hot add/repair
maintenance (CHARM) firmware fixes
- DEFERRED: A
problem was fixed for a I/O performance slow-down that can occur after
a concurrent repair of a GX bus I/O adapter with a Feature Code of
#1808 or #1914. A re-IPL of the system after the concurrent
repair operation corrects the I/O performance issue. This fix
requires an IPL of the system to take effect.
This problem only pertains to the IBM Power 770 (9117-MMC) and the IBM
Power 780 (9179-MHC).
|
AM770_110_032 / FW770.61
12/16/15 |
Systems
8408-E8D; 8248-L4T; 9109-RMD;
9117-MMC and
9179-MHC ONLY
Impact: Availability
Severity: ATT |
AM770_109_032 / FW770.60
08/05/15 |
Systems
8408-E8D; 8248-L4T; 9109-RMD;
9117-MMC and
9179-MHC ONLY
Impact: Availability
Severity: SPE |
AM770_101_032 / FW770.51
04/21/15 |
Impact: Security
Severity: HIPER
System firmware changes that affect all systems
- On systems using Virtual Shared Processor Pools (VSPP), a
problem was fixed for an inaccurate pool idle count over a small
sampling period.
A problem was corrected for a defect in an earlier service pack
(AM770_098) that potentially caused an undetected corruption of
firmware when the fix was concurrently activated. If the earlier
service pack(AM770_098) was concurrently installed, a platform IPL will
mitigate potential future exposure to the problem.
|
AM770_098_032 / FW770.50
01/12/15 |
Impact: Security
Severity: HIPER
System firmware changes that affect certain systems
- HIPER/Pervasive:
On systems
using PowerVM firmware, a performance problem was fixed that may affect
shared processor partitions where there is a mixture of dedicated and
shared processor partitions with virtual IO connections, such as
virtual ethernet or Virtual IO Server (VIOS) hosting, between
them. In
high availability cluster environments this problem may result in a
split brain scenario.
- DEFERRED: A
performance
problem was fixed for PCIe slot C4 which was missing a dedicated
internal data buffer, making it a bottleneck when using certain
high-performance IO adapters. The PCIe slot C4 is now assigned a
data
capability of 16 GB. This fix pertains only to the IBM Power 750
Express (8408-E8D), IBM Power 760 (9109-RMD), and IBM PowerLinux 7R4
(8248-L4T) systems. This deferred fix addresses a potential
performance problem but not an error condition. As such,
customers
may wait for the next planned service window to activate the deferred
fix via a system reboot.
|
AM770_092_032 / FW770.41
09/26/14 |
Systems
8408-E8D; 8248-L4T; 9109-RMD;
9117-MMC and
9179-MHC ONLY
Impact: Availability
Severity: SPE |
AM770_090_032 / FW770.40
06/26/14 |
Impact: Security
Severity: HIPER
System firmware changes that affect all systems
- HIPER/Pervasive:
A
security problem was fixed in the OpenSSL (Secure Socket Layer)
protocol that allowed clients and servers, via a specially crafted
handshake packet, to use weak keying material for communication.
A
man-in-the-middle attacker could use this flaw to decrypt and modify
traffic between the management console and the service processor.
The
Common Vulnerabilities and Exposures issue number for this problem is
CVE-2014-0224.
- HIPER/Pervasive:
A
security problem was fixed in OpenSSL for a buffer overflow in the
Datagram Transport Layer Security (DTLS) when handling invalid DTLS
packet fragments. This could be used to execute arbitrary code on
the
service processor. The Common Vulnerabilities and Exposures issue
number for this problem is CVE-2014-0195.
- HIPER/Pervasive:
Multiple security problems were fixed in the way that OpenSSL handled
read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was
enabled to prevent denial of service. These could cause the
service
processor to reset or unexpectedly drop connections to the management
console when processing certain SSL commands. The Common
Vulnerabilities and Exposures issue numbers for these problems are
CVE-2010-5298 and CVE-2014-0198.
- HIPER/Pervasive:
A
security problem was fixed in OpenSSL to prevent a denial of service
when handling certain Datagram Transport Layer Security (DTLS)
ServerHello requests.
A specially crafted DTLS handshake packet could cause the service
processor to reset. The Common Vulnerabilities and Exposures
issue
number for this problem is CVE-2014-0221.
- HIPER/Pervasive:
A
security problem was fixed in OpenSSL to prevent a denial of service by
using an exploit of a null pointer de-reference during anonymous
Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially
crafted
handshake packet could cause the service processor to reset. The
Common Vulnerabilities and Exposures issue number for this problem is
CVE-2014-3470.
|
AM770_076_032 / FW770.32
04/18/14 |
Systems
8408-E8D; 8248-L4T; 9109-RMD;
9117-MMC and
9179-MHC ONLY
Impact: Security
Severity: HIPER
System firmware changes that affect all systems
- HIPER/Pervasive:
A security problem was fixed in the OpenSSL Montgomery ladder
implementation for the ECDSA (Elliptic Curve Digital Signature
Algorithm) to protect sensitive information from being obtained with a
flush and reload cache side-channel attack to recover ECDSA nonces from
the service processor. The Common Vulnerabilities and Exposures
issue number is CVE-2014-0076. The stolen ECDSA nonces could be
used to decrypt the SSL sessions and compromise the Hardware Management
Console (HMC) access password to the service processor.
Therefore, the HMC access password for the managed system should be
changed after applying this fix.
- HIPER/Pervasive:
A security problem was fixed in the OpenSSL Transport Layer
Security (TLS) and Datagram Transport Layer Security (DTLS) to not
allow Heartbeat Extension packets to trigger a buffer over-read to
steal private keys for the encrypted sessions on the service
processor. The Common Vulnerabilities and Exposures issue number
is CVE-2014-0160 and it is also known as the heartbleed
vulnerability. The stolen private keys could be used to decrypt
the SSL sessions and and compromise the Hardware Management Console
(HMC) access password to the service processor. Therefore, the
HMC access password for the managed system should be changed after
applying this fix.
|
AM770_063_032 / FW770.31
01/14/14 |
Systems
8408-E8D; 8248-L4T; 9109-RMD;
9117-MMC and
9179-MHC ONLY
Impact: Serviceability
Severity: SPE
|
AM770_062_032 / FW770.30
12/10/13 |
Impact: Availability
Severity: SPE
System firmware changes that affect certain systems
- DEFERRED: On
Power7 systems, a problem was fixed that caused a system checkstop
during hypervisor time keeping services. This deferred fix addresses a
problem that has a very low probability of occurrence. As such
customers may wait for the next planned service window to activate the
deferred fix via a system reboot.
- DEFERRED: On Power7
systems, a problem was fixed that caused a system checkstop with SRC
B113E504 for a
recoverable hardware fault. This deferred fix addresses a problem
that has a very low probability of occurrence. As such customers
may wait for the next planned service window to activate the deferred
fix via a system reboot.
|
AM770_052_032 / FW770.21
08/07/13 |
Systems
8408-E8D; 8248-L4T; 9109-RMD;
9117-MMC and
9179-MHC ONLY
Impact: Availability
Severity: SPE |
AM770_048_032 / FW770.20
05/17/13 |
Systems
8408-E8D; 8248-L4T; 9109-RMD;
9117-MMC and
9179-MHC ONLY
Impact: Availability
Severity: SPE |
AM770_038_032 / FW770.10
03/21/13 |
Systems
8408-E8D and 9109-RMD ONLY
Impact:
New
Severity: New |
|
The
complete Firmware Fix History (including HIPER descriptions) for this
Release Level can be
reviewed at the following url:
http://download.boulder.ibm.com/ibmdl/pub/software/server/firmware/AM-IOC-Firmware-Hist.html |