================================================================================ Intel(R) Server Board S2600TP Product Family and Intel(R) Compute Module HNS2600TP Product Family Firmware Update Package for Intel(R) One Boot Flash Update Utility and Windows* Preboot Execution Environment ================================================================================ Intel Enterprise Platform & Services Division - Marketing Intel Corporation 2111 N.E. 25th Avenue, Hillsboro, OR 97124 USA ================================================================================ DATE : March 31, 2016 TO : Intel(R) Server Board S2600TP Product Family and Intel(R) Compute Module HNS2600TP Product Family customers SUBJECT : Release Notes for System Firmware Update Package ================================================================================ ABOUT THIS RELEASE ================================================================================ BIOS: 01.01.0016 ME: 03.01.03.021 BMC: 01.43.9685 FRUSDR: 1.14 ================================================================================ Support Platforms and Dependency ================================================================================ Processors supported: Intel(R) Xeon processor E5-2600 v3 series Intel(R) Xeon processor E5-2600 v4 series Microcode update versions: CPUID Version Status 0x306f2 0x00000036 Production (E5-2600 v3 C0/C1) 0x406f1 0x0b000010 External (E5-2600 v4 B0) Production boards: Product Fab Version S2600TP Fab3 or above S2600TPF Fab3 or above The following update process must be followed to ensure a trouble free update. 1. Manageability Engine (ME) firmware 2. BMC firmware 3. BIOS 4. FRUSDR ================================================================================ IMPORTANT NOTE!!! ================================================================================ - This Update package must be installed using Intel(R) One-boot Flash Update (OFU) V13.1 Build 11 ================================================================================ System Firmware Update Package Usage instructions ================================================================================ This package can be updated using one of the following methods: - Windows* or Linux* operating system using Intel(R) One-boot Flash Update (OFU) V13.1 Build 11 - Windows* Preboot Execution Environment (WinPE) To update from Windows* and Linux* or operating systems using the Intel(R) One Boot Flash Update Utility (OFU) Intel(R) One boot Flash Update utility can be downloaded from http://downloadcenter.intel.com/ and it is part of the "BIOS, Firmware Update & Configuration Utilities" for Windows* and Linux*. Please refer to Intel(R) OFU user guide about the details of installation and usage of OFU. Use OFU to update system firmware by the following steps: - Install OFU on Windows* or Linux* system - Download the latest firmware update package from http://downloadcenter.intel.com/ - Unzip package to a folder - Run the following command in Windows* command line/Linux* terminal window: :\flashupdt -u \flashupdt.cfg To update from Windows* Preboot Execution Environment (WinPE) The System Firmware Update Package can be inserted to Windows* PE customized image for creating a bootable Windows* PE CD. User is able to update system firmware from customized WinPE CD by the following steps: - Boot server with customized WinPE CD - Run script "WinPE21_x64_Update.bat" or "WinPE20_x86_Update.bat" (name may be varied depends on your own customization) Note: 1. The Intel(R) OFU utility is case sensitive. Therefore, when you transfer the Firmware Update Package using USB flash drive from a Microsoft Windows* system to a Linux environment, you must first extract under the Linux* environment. Otherwise, you will need to mount the USB flash drive manually with 'vfat' option under Linux to avoid conversion from upper case to lower case and vice versa. 2. To make Intel(R) OFU utility run properly under x86 or x64 OS, you have to read OFU release notes on known issues for OFU installation. 3. In this SFUP package, Intel only provide batch file "WinPE_x86_Update.bat" for WinPE2.0 32 bit solution "WinPE_x64_Update.bat" for WinPE2.1/3.0 64 bit solution as an example. Please refer to white paper "White Paper-Intel Server Utilities Procedure for WinPE.pdf" for details on building your own customized WinPE CD. 4. Windows PE 2.0 - built from Windows Vista SP1 32bit or EM64T 5. Windows PE 2.1 - built from Windows Vista SP1 or Windows Server 2008, EM64T 6. Windows PE 3.1 - built from Windows Server 2008R2, EM64T 7. Microsoft IPMI driver is loaded by default from WinPE CD, if you want to use Intel IPMI driver instead of MS IPMI driver for firmware update, you can un-install Microsoft IPMI driver by: Devicesetup.exe ¨Cv remove *IPI0001 Note: IPI0001 is the device ID for Microsoft IPMI driver. 8. If to update backup BIOS region or NVRAM, you need to customize the OFU update scripts (eg.flashupdt.cfg) and add "UpdateBackupBios" or "UpdateNvram" parameter. ================================================================================ IMPORTANT NOTICE ================================================================================ 1. BIOS R01.01.0009 will enable UEFI Secure Boot and include below limitations: - Please read "BIOS UEFI SECURE BOOT IMPACT AND MITIGATION METHOD" section in this BIOS release notes - All customer settings saved in BIOS NVRAM will be lost after new BIOS upgrade - BIOS downgrade is not allowed if user has enabled BIOS secure boot. All customer setting will be lost also if downgrade to previous BIOS release - Backup BIOS region is also required to be updated to prevent recovery failure please use release package to update BIOS - There is downgrade hang risk if you don't follow above rules - Further BIOS release will not suffer from these side effects as the NVRAM region is formatted as authenticated variable storage 2. System will hang 0xbf after downgrading BIOS from D0055(E5-2600V4 code tree) to R0011/R0009(E5-2600V3 code tree) randomly - Set SUT to recovery mode to power on, then set it back to normal boot to see whether it is recovered 3. The iFlash32 utility parameter of 'UpdateNvram' is not supported under Normal Mode, however it is only supported under Recovery Mode 4. Design change from D076 for to change default setting from to <10>. Need to press to see the new default string 5. Suggest to press 'F9' to load default if using the 'IOU Non-posted prefetch control' setup options in the first time ================================================================================ BIOS UEFI SECURE BOOT IMPACT AND MITIGATION METHOD ================================================================================= 1. Customer Setting Loss Issue and Mitigation Method When user upgrades BIOS with secure boot feature, the NVRAM will be automatically formatted as authenticated variable physical storage. However, all previous customer settings storage in NVRAM will be lost even if user does not enable UEFI secure boot feature. Users can take the follow recipe to save and restore their settings based on the actual NVRAM usage if they wish to upgrade or downgrade between BIOS with or without secure boot feature. Supposing customer requires to save & restore their specific NVRAM named 'var': Steps: 1. Prepare FAT partition USB key (or HDD). 2. Boot to EFI shell. 3. Check the file system mapping (e.g. fs0:) of the USB key with 'map -r' command. 4. Use 'dmpstore var -s fs0:\var.bin' to save the variable to the physical file. 5. Perform BIOS update and reboot system. 6. Boot to EFI shell. 7. Use 'dmpstore var -l fs0:\var.bin' to restore the variable. 8. Reboot the system if the customer setting requires reboot to take effect. Notes: 1. Immediate reboot after BIOS update is mandatory. Or the restore operation will not take effect. 2. Customers can repeat step 4 and step 7 for several times if they need to save & restore multiple NVRAM variables. 3. Most of BIOS customer settings by SysCfg can also be restored in this way. Customers can follow previous step1~8 by substituting 'Setup' for 'var' in the sample. 4. For BIOS downgrade case, step7 cannot be used to restore authenticate variables (e.g. PK, KEK, DB, DBX) to non-authenticated NVRAM storage 2. Recovery Mode Failure There is known bug that it cannot POST successfully with authenticated NVRAM storage. This will cause platform recovery failure and permanent deny of service (PDOS) if the primary BIOS region gets corrupted for some reason. It is required to update backup BIOS region when upgrade BIOS capsule with secure boot feature. Notes: For downgrade case, user is not required to update backup BIOS region as new BIOS with secure boot feature can handle NVRAM with old storage format: it will format it to new authenticated variable storage automatically. However, care must be taken when downgrading BIOS in recovery mode: After flashing BIOS without secure boot feature, user should restore recovery HW jumper immediately before platform reset.If platforms reset occurs before restoring recovery HW jumper, the backup BIOS will once again format NVRAM to new storage format, which will cause newly flashed BIOS (without secure boot feature) POST failure after user restores recovery HW jumper. ================================================================================ BIOS 01.01.0016 ================================================================================ EPSD100251854: Set the physicalPresenceLock to 0 in MFG mode to support platform certificate process CCB402: BIOS and Utility to add command line support to clean ITK customization settings EPSD100030692: [E5-2600V4] System would reset during OFU(OFU_V13_Build13_AllOS) updating process with RHEL 7.1. NVDIMM SMBIOS type17 bug fix CCB 397: To support maximum ( > 250) PCI bus number in Grantly CottonWood BIOS for customer CCB 399: Enable BIOS options to use AMD graphics or Nvidia card adapters Update uCode to 0x14 to fix EPSD100249795 and EPSD100251863 one code logic error found for IOU2 Non-Posted Prefetch Disable PCIe Ecrc due to silicon sighting b282685 CCB 396 issues - ITK cannot modify some items correctly correct help string of "ARI Forwarding" EPSD100031475 [E5-2600V4 CPU]BMC DHCP HOST NAME behavior is not matching EPS1.16. EPSD100031504 [E5-2600V4 CPU][Riser]System will hang when remove SSD device under OS. EPSD100251955 DMI type 41 records is not correct for onboard and IO module NICs. Update E5-2600V4 Ucode to 00000037, E5-2600V4 Ucode to 0B000015. fix some BIOS Setup Display Issues, which mismatch with BIOS EPS. Sync the "CP_CR_1619 TPM2 bitlocker workaround for UEFI OS that synced from TPM1.2" from E5-2600V3 tree, will fix Bitlocker can¡¯t be enabled when PCR5 enabled in UEFI mode. Change Copyright to 2016. Update E5-2600V4 Ucode to 0B000017. 5003273: System would hang at post code 0xBF during DC cycle test after enabling WrCRC setup option. EPSD100031629 The TPM2.0 test item have failure on WHCK test. CCB 411: HFI UEFI Option ROM not loaded by Grantley Refresh BIOS on E5-2600V3 or E5-2600V4 EPSD100030788 [Riser] Supplemental Test#2 Issue. ================================================================================ ME 03.01.03.021 ================================================================================ - Unexpected SmaRT&CLST events may be observed after removing 1 of 2 PSUs - Sometimes Predictive Power Limiting Node Manager Policy may over throttle platform after SMBAlert assertions - Under certain conditions ME FW may not clear P-state and/or core allocation settings in time before ME reset. P-state and/or core allocation settings may be present after ME reset, making operating system stuck at low frequency. - CPU may stuck at 'Pn' ratio after ME reset - Changing scan period turns off predictive power limiting functionality - Hardware Protection policy is not updated after disabling Fast Power Limiting functionality - Set Node Manager Policy for CPU domain returns completion code 0xC0 – “Node Busy” after first transition to S5 from G3 - Sometimes unexpected IPMI completion code C0h – “Node Busy” may appeared - Persistent Storage Hardware Protection Policy for HSC and BMC is Volatile - Hardware Protection Policy return invalid Power Limit after Sx state - Not expected “Correction Time Exceeded” IPMI event may be received from Memory domain policy - Predictive Power Limiting Node Manager Policy does not meet 99.5% below power limit criteria in case of SMBAlert assertions (Fast #PROCHOT) - Wrong values of default ICC registers - Boot time policy unintentionally turned off when BMC set up as power source - Hardware Protection Policy do not persist across G3 - Power oscillations occur during Node Manager limiting for specific CPU SKUs - ME is in recovery state after sending Get Sensor Value diagnostic command with incorrect sensor number - Incorrect ICC SEPCICLKBP configuration - Predictive power policy cannot be set if source scanning period is greater than 100ms - Sometimes power spikes may be observed after SMBAllert deassertion in BMC assist mode configuration - Sometimes missing Power Reading policy is not being activated - Firmware update from version older than SPS_ARC_53.01.00.242.0 is not possible using Online Firmware Update - Setting PIA CPU 0 Mem Throttling and thermal circuit on, causes various NM commands to fail - FIT - ICC parameters editability miss-match with documentation - NMPTU Get NM Capabilities updated to invalid values after Platform Characterization Launch Request command - Total power used for outlet temperature calculation isn’t averaged - Reset Warning functionality is available in S0-Only power mode - Time after host reset policy doesn't limit power after IPMI command request PTU launch and power flow S0->S5->G3->S0 =============================================================================== KNOWN ISSUES/WORKAROUNDS/REQUIREMENTS =============================================================================== - This BMC FW update package is to be used only on PCSD server baseboards and does NOT support customer reference boards (CRB) or silicon reference platforms (SRP). Contact your Intel Representatives to determine where to download the BMC FW for these products. - The BMC FW image file in this package is to be used only with the provided FWPIAUPD update utility. Using the FW image file with a SPI flash device programmer will result in a non-functional system. - Some open source ipmi utilities may automatically retry multiple times during access BMC using bad password and supporting IPMI specification 1.5 in Linux OS. CCB310 will log more bad password login SEL. =============================================================================== BMC 01.43.9685 =============================================================================== -EPSD100250289: EWS BMC HTTP connection is halt when using JDisc application discovery task with VMware account. -EPSD100250443: Shipping SDR can't be dumped after load SDR from system to shipping -EPSD100031613: Intel Copyright Statement isn't correct on EWS -EPSD100252136: The SEL description format for the "FW Update Status" sensor is confusing -EPSD100252197: [S2600WT] 2x3.5 HSBP FRU can't be detected with BMC 01.41.9579 -EPSD100030211: Mouse and keyboard is not available in a rKVM session under Windows 2012 R2 after select "Launch Redirection" for 2~3 times -EPSD100031610: No beep code and CPU missing event be generated when remove processor1 from CPU socket -EPSD100249322: duplicate response from remote host during SSH SOL/SMASH session 01.42.9617(Internal version) -EPSD100251192: Syscfg not working for changing user privileges. -EPSD100031260: The Sensor Reading Page from EWS display status is mismatch with Specification when the DC power is off and AC power is present -N/A: Check in 2130W PSU S4 image. -N/A: Merge Intel Security Thunderbolt to trunk. -N/A: Fix a potential CPU ID mismatch to detect CPU status. ============================================================================= SYSTEM HARDWARE & SOFTWARE REQUIREMENTS/REVISIONS ============================================================================= - S2600TP baseboard PBA H26989 - 201/PBA H14263 - 201 or higher - Haswell processor C1 stepping or higher - BMC FW 01.39 or later - BIOS R0014 or later - Hot-swap backplane, and Baseboard FRU data must be available for chassis auto-detection to succeed ================================================================================ FRUSDR 1.14 ================================================================================ - Add a SDR record for IO Module M2. Make it compatible with previous version of IO Module - Change FSC profile according to Taylor Pass FSC Config Sheet Rev 1.2 - Add S2600TPR.fru file for BDW CPU and probe this FRU - Update frusdr.efi and ipmi.efi utility 13.1 build 8 - Add DISABLE_NVME_FUNCTIONS record for Auto Detect in the master.cfg file - Add FSC Record Type = 1Dh (Backplane NVMe capabilities) records - Add S2600TPFR.fru file into package - Add master_internal.cfg file - Modify master.cfg to add the item of 'S2600TPFR.fru' - Add 'OTHER' tag into SDR 'LAN NIC Temp' - Change IFSET statements in master.cfg file to make utility to identify FRU exactly - EPSD100029551: The "successfully Completed" message will occur after FRUSDR package for other platform is update ============================================================================= LEGAL INFORMATION ============================================================================= Information in this document is provided in connection with Intel products. No license, express or implied, by estoppel or otherwise, to any intellectual property rights is granted by this document. Except as provided in Intel's Terms and Conditions of Sale for such products, Intel assumes no liability whatsoever, and Intel disclaims any express or implied warranty, relating to sale and/or use of Intel products including liability or warranties relating to fitness for a particular purpose, merchantability, or infringement of any patent, copyright or other intellectual property right. Intel Corporation may have patents or pending patent applications, trademarks, copyrights, or other intellectual property rights that relate to the presented subject matter. The furnishing of documents and other materials and information does not provide any license, express or implied, by estoppel or otherwise, to any such patents, trademarks, copyrights, or other intellectual property rights. Intel products are not intended for use in medical, life saving, or life sustaining applications. Intel may make changes to specifications and product descriptions at any time, without notice. Intel is a registered trademark of Intel Corporation. *Other names and brands are the property of their respective owners. Copyright (c) 2016 Intel Corporation. A portion of this firmware is open source code, which falls under the GPL 2.0 license. [END OF RELEASE NOTES]