=============================================================================== Intel(R) Server Platform Integrated BMC Firmware Release Notes =============================================================================== INTEL(R) Server Boards and Systems Intel Corporation 2111 N.E. 25th Avenue, Hillsboro, OR 97124 USA =============================================================================== DATE: 15 December, 2016 SUBJECT: Integrated BMC(R) firmware 01.48.10351 release notes =============================================================================== LEGAL INFORMATION =============================================================================== Information in this document is provided in connection with Intel products. No license, express or implied, by estoppel or otherwise, to any intellectual property rights is granted by this document. Except as provided in Intel's Terms and Conditions of Sale for such products, Intel assumes no liability whatsoever, and Intel disclaims any express or implied warranty, relating to sale and/or use of Intel products including liability or warranties relating to fitness for a particular purpose, merchantability, or infringement of any patent, copyright or other intellectual property right. Intel Corporation may have patents or pending patent applications, trademarks, copyrights, or other intellectual property rights that relate to the presented subject matter. The furnishing of documents and other materials and information does not provide any license, express or implied, by estoppel or otherwise, to any such patents, trademarks, copyrights, or other intellectual property rights. Intel products are not intended for use in medical, life saving, or life sustaining applications. Intel may make changes to specifications and product descriptions at any time, without notice. Intel is a registered trademark of Intel Corporation. *Other names and brands are the property of their respective owners. Copyright (c) 2016 Intel Corporation. A portion of this firmware is open source code. The OSS source code that the customer is entitled to per OSS license has been posted on the Intel support website at the following link: http://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&DwnldID=21081 This open source code falls under the GPL 2.0 license, please see the license at the following link: http://www.opensource.org/licenses/gpl-2.0.php =============================================================================== ABOUT THIS RELEASE PACKAGE =============================================================================== Source file: BMC_i_0148r10351.bin Update script: fwUpdateBMC.nsh REVISION INFORMATION RETURNED BY GET DEVICE ID COMMAND: Operational mode: 01.48.10351 UBoot mode: 01.07 Device ID: 0x21 Manufacturer ID: 0x000157 Other version/revision information: PSU Model H/W revision FW Version 1100ADU00201 S3 1.01.32 1100ADU00201 S2 1.01.1E DPS 750XB A S4 5.**.100 *(See Note 2) DPS 750AB-32A S0 3.**.27 *(See Note 2) DPS 1200TB A 00 4.39.77 *(See Note 1) DPS 1200TB A 02 6.40.89 *(See Note 1) DPS 1200TB A S3 3.39.77 *(See Note 1) PSSF162202A 00 0.09.73 PSSF162202A S3 0.09.55 *(See Note 1) PSSF222201A S1 0.0.9 PSSF222201A S2 0.0.17 PSSF222201A S3 0.0.20 PSSF222201A S4 0.0.29 *NOTE 1: Supported but not POR. Will likely be removed in a future release. *NOTE 2: The middle version number is attached to a particular batch of power supplies and can be different for the same firmware revision. Therefore, it cannot be predicted ahead of time what it will be. Validation should ignore this value. HSBP FW: 01.27 Root: 01.48 WWW: 01.19 UBoot: 01.07 FWPIAUPD Utility: v14_0_Build8 MD5 checksum of BMC_i_0148r10351.bin: adf322b60be3017ef1e7d62eb838e0c8 ------------------------------------------------------------------------------- =============================================================================== IMPORTANT INSTALLATION NOTES =============================================================================== The following update process must be followed to ensure a trouble free updating of your baseboard. The order is important to minimize any issues for status checking as different components are initialized. 1. Manageability Engine (ME) firmware 2. Flash Descriptor (FD) 3. BMC firmware 4. BIOS 5. FRU/SDR package specific to the baseboard =============================================================================== INSTALLATION PROCEDURE =============================================================================== 1. Copy all files to the storage medium of your choice. This can be a hard disk, floppy disk or USB flash drive. All of the files must reside in the same directory. 2. Boot to EFI and then run the BMC.nsh script file to update the Integrated BMC. Modification of the update script or using fwpiaupd.efi with your own command line parameters is not supported and doing so is at your own risk! 3. Install latest available FRU/SDR package specific to the platform. =============================================================================== FIRMWARE RECOVERY PROCEDURE =============================================================================== The Recovery process can be initiated by setting the recovery jumper (called BMC Force Update Jumper) to the recovery position. The jumper is normally in the normal/de-asserted position. The system must be completely powered off (A/C power removed) before the jumper is moved. After power is re-applied and the firmware update is complete, the system must be powered off again and the jumper must be returned to the de-asserted position before normal operation can begin. A BMC recovery can be accomplished from a USB flash drive. 1. Copy all files to a storage USB flash drive. All of the files must reside in the same directory. 2. Remove A/C power from the system and wait 30 seconds. 3. Move the BMC Force Update Jumper to the recovery position. Details regarding the jumper ID and location can be obtained from the Board EPS for that Platform. 4. Insert the USB flash drive. 5. Reapply A/C power to the system and power on the system. 6. The BIOS POST screen will appear displaying the progress press F6 to select boot options. At the boot option menu select to boot to the EFI SHELL. 7. Switch to the directory where you stored the update files and then run the BMC.nsh script file to update the Integrated BMC. Modification of the update script with your own command line parameters is not supported and doing so is at your own risk! 8. Remove A/C power from the system and wait 30 seconds. 9. Move the BMC Force Update Jumper to the normal position. 10. Reapply A/C power to the system and power on the system. NOTE: Performing this recovery procedure resets all network and user settings to defaults. The FRUSDR will also need to be reloaded after a recovery (SDR update). =============================================================================== FIRMWARE UPGRADE/DOWNGRADE PROCEDURES =============================================================================== Upgrade of BMC FW from version BMC_i_0148r10351 to later versions will be documented in the release notes for those versions. Reverting to a lower version of firmware may have unexpected side effects, including but not limited to user settings reset to defaults, and will always result in the loss of functionality which was present in the higher version but was not implemented in the lower version. We do not guarantee that any downgrade will operate without side-effects. Always observe caution when downgrading firmware. =============================================================================== KNOWN ISSUES/WORKAROUNDS/REQUIREMENTS =============================================================================== - This BMC FW update package is to be used only on PCSD server baseboards and does NOT support customer reference boards (CRB) or silicon reference platforms (SRP). Contact your Intel Representatives to determine where to download the BMC FW for these products. - The BMC FW image file in this package is to be used only with the provided FWPIAUPD update utility. Using the FW image file with a SPI flash device programmer will result in a non-functional system. - Some open source ipmi utilities may automatically retry multiple times during access BMC using bad password and supporting IPMI specification 1.5 in Linux OS. CCB310 will log more bad password login SEL. =============================================================================== ISSUES FIXED =============================================================================== 01.48.10351 - (Release version) =============================================================================== -EPSD100256480: The fault LED of NvME SSD keep blinking on S2600TP 24HDD system after AC cycle -EPSD100256247: S2600WT system (LWT2224YXXXX221, LWT2224YXXXX129 ) will hang on post after AC cycle with BIOS R16 -EPSD100255719: APPSOL-31180: Web Server Vulnerable to Redirection Page Cross-Site Scripting Attacks -EPSD100035907: The HDD fault LED no light and no rebuild event be logged when plug out the HDD from HSBP(G97158-371) and plug back the HDD to rebuild RAID. -EPSD100256365: [S2600WT]The NVMe HDD can not be detected in EWS web sensor reading interface when install the NVME HDD in the 2nd HSBP's NVMe slot. -EPSD100256457: In Redhat grub edit mode Backspace and cursor move operations can't be consistent between local Screen and remote KVM session's Screen -EPSD100035838: Can not display Simplified Chinese content after EWS was login when language was change to simplified Chinese. -EPSD100254723: S2600KP BMC FW Health reports HSBP Temp has failed -none: Fix generic overflow attack on port 5120 and 5123 for cdserver and fdserver 01.48.10259(Internal version) -EPSD100255012: [S2600WT] - Riser2 Temp lower issue with A2UL8RISER2 -EPSD100255833: Linux Kernel vulnerability – Dirty COW attack -EPSD100254817: The HSBP's FRU can't be detected if install 4 HSBP in WCP system. (Long term solution) -EPSD100035118: HDD Fault LED didn't amber blinking at 1HZ frequence during HDD rebuilding -EPSD100033884: The HDD fault LED no light and no rebuild event be logged when plug out the HDD from HSBP(G94339-371) and plug back the HDD to rebuild RAID. -none: Upgrade openssh to 7.3 01.48.10239(Internal version) -EPSD100035162: LCD shown frusdr version is 1.3a, not 1.13a with BIOS setup. -EPSD100255280: BMC Debug Log does not dump IIO configuration in case of ERR2 -EPSD100255284: BMC Debug Log generation code reads wrong bus to get GFERRST value on socket 1 -EPSD100034909: It shows the HSBP FW update status as "00 01" by executing the "cmdtool 20 c0 38" command in power off status -none: Increase EWS stability after Nessus/Qualys scan -none: Update openssl to 1.0.2j 01.47.10181- (Release version) =============================================================================== -EPSD100254817: The HSBP's FRU can't be detected if install 4 HSBP in S2600WT system. -EPSD100034620: Ping LAN1 (BMC management) IP failure after AC off/on sometimes with RoHS BB. -EPSD100254941: HSBP3 sensors can not be accessed and shown as Unknown because of SDR auto-configuration failure -EPSD100253829: vulnerabilities found on BMC_i_0146r9961 -EPSD100254410: BMC Ethernet hang issue in some case -EPSD100254304: BMC alerts received in an email via SMTP have a different time -EPSD100253866: BMC EWS Security settings issue (Bad password threshold) -Fix issue of second CPU dump when IERR happened and first CPU dump failed, Use PCH command to trigger warm reset, Increase handshake timeout with BIOS -Fix "No SEL is added when FM_MEM_THERM_EVENT_N is grounded." -Updated the stunnel conf to support TLSv1.2 only, with secured ciphers <= 128 01.46.9995- (Release version) =============================================================================== -none: Watchdog assert happened on Nodes with bigger number while unplug PSU on S2600KP/S2600TP 01.46.9961(Internal version) -EPSD100253232: [S2600WT] FRUSDR112 and FRUSDR113 dont detect PSUs on a 3rd party chassis -EPSD100251931: Email and SNMP alerts are not sent during a drive fault on 1U HSBP. -EPSD100253499: EWS show in Chinese not align with English -EPSD100252884: Change FAN to auto-rearm, fan status cannot show correct status on EWS -none: Remove the 2130W PSU FW Ver24 for update hang issue 01.45.9842(Internal version) -EPSD100252472: Defect title: vulnerabilities found on BMC release 01.41.9579 -EPSD100252826: BMC FW Use of Voltage Fault (D1h) Violates DFT Rule #1619 -EPSD100252984: modify master.cfg to automation will results fail -EPSD100249322: duplicate response from remote host during SSH SOL/SMASH session -EPSD100252884: Change FAN to auto-rearm, fan status cannot show correct status on EWS -none: After load FCT or Default SDR in 24HDD System, HSBP update process cannot start 01.44.9785(Internal version) -EPSD100031139: The DPC function couldn't work on the PCIe switch AIC via Switch AIC (Implement OEM Misc command (NetFn:0x30, Cmd:0x67) to detect SSD switch AIC) -EPSD100248833: SMASH cannot read recent SEL events when SEL has a high volume. -EPSD100031101: IE11 displaying EWS->Configuration->KVM & Media /SOL & SMASH , Sever Diagnostics->POST Codes with help ON, text exceeds the Box size -EPSD100252439: PCIe SSD Add-in-Card present slot bitmap don't match current inserted slot number in EFI shell 01.43.9685 - (Release version) =============================================================================== -EPSD100250289: EWS BMC HTTP connection is halt when using JDisc application discovery task with VMware account. -EPSD100250443: Shipping SDR can't be dumped after load SDR from system to shipping -EPSD100031613: Intel Copyright Statement isn't correct on EWS -EPSD100252136: The SEL description format for the "FW Update Status" sensor is confusing -EPSD100252197: [S2600WT] 2x3.5 HSBP FRU can't be detected with BMC 01.41.9579 -EPSD100030211: Mouse and keyboard is not available in a rKVM session under Windows 2012 R2 after select "Launch Redirection" for 2~3 times -EPSD100031610: No beep code and CPU missing event be generated when remove processor1 from CPU socket -EPSD100249322: duplicate response from remote host during SSH SOL/SMASH session 01.42.9617(Internal version) -EPSD100251192: Syscfg not working for changing user privileges. -EPSD100031260: The Sensor Reading Page from EWS display status is mismatch with Specification when the DC power is off and AC power is present -N/A: Check in 2130W PSU S4 image. -N/A: Merge Intel Security Thunderbolt to trunk. -N/A: Fix a potential CPU ID mismatch to detect CPU status. 01.41.9579 - (Release version) =============================================================================== -EPSD100249257: (X)12GB bridgeboard sensor no longer seen after updating to BIOS 1.01.009SUP with SDR Package 1.09 on S2600KP/S2600TP. 01.41.9519(Internal version) -EPSD100030179: IE11 displaying EWS->Configuration->Server Diagnostics with Old System Debug Log text exceeds the Box size -EPSD100030713: Using EWS cannot get information when using BMC version 1.38/1.39. 01.40.9455(Internal Version) -EPSD100030395/EPSD100030381: The second HSBP related sensors show in unavaliable state when 2 HSBP are configured in chassis. -EPSD100028376: When Solve BMC error, the status LED cannot change to Solid Green from Blinking Amber automatically. -EPSD100250458: Unknown SEL event after XEON Phi Ctrl Alt Del reset (possibly other resets as well). -EPSD100029078/EPSD100029080/EPSD100030117/EPSD100250535: DIMM Thrm Mrgn 1 sensor shows up as upper non-critical. -EPSD100030156: The SUT will wait over about 20 seconds than expected time before SUT auto powering up. -EPSD100250626: S2600TP BMC System Power statistic incorrect when the platform runs in standalone mode -EPSD100250525: Fan Fault LED not functional on S2600CW board. -EPSD100250872: BMC firmware OEM command about write SSL certification file fail to upload. -EPSD100250216: EWS Alerts page wording (Select the events that will trigger alerts:) confusing to customer when IPMItool is used to modify Alert Action settings. -N/A: Matched the TSOD addresses and memory controller PECI addresses. -N/A: ME SELs don't decode correctly. -N/A: BMC change to ensure the system remains off after an over current event (OCP) until the system has been AC power cycled. -N/A: Disable onboard NIC from BIOS,system fan run at high speed. =============================================================================== 01.39.9375 - (Release version) =============================================================================== -EPSD100030390: SUT boot slowly during BIOS post when node is plug in slot 3 or slot 4 - 01.38.9347(Internal Version) -EPSD100250032: EWS Show NVMe for S7200AP -EPSD100250127: EWS with Mozilla Firefox 41.0 has Login button in wrong location -EPSD100030179: IE11 displaying EWS->Configuration->Server Diagnostics with Old System Debug Log text exceeds the Box size -EPSD100250243: BMC FW BAT test 32 Temperature Sensor fwtests\Sensors\Functions\interrelated_tests\sensor_thresholdEvents.tcl -EPSD100250226: With no SATA drives installed EWS shows 3 out of 4 installed. -EPSD100028833: HDD LEDs are off when HDD access -EPSD100028868: Thermal Trip event generate when heat the processor to make system power down. 01.37.9235(Internal Version) -EPSD100030118: No HDD presence and check HDD status in EWS, HDD2,3 status shows like "Drive Presence". -None: Update HSBP CPLD to 1.5. =============================================================================== 01.33.8932 - (Release version) =============================================================================== -N/A: Update FCT/Shipping SDR of S2600WT to 1.09. -N/A: Update FCT/Shipping SDR of S2600CW to 1.11. -N/A: Update FCT/Shipping SDR of S2600KP/TP to 1.12. 01.31.8875(Internal Version) -N/A: Update open SSL lib from 1.0.2a to 1.0.2d. -N/A: VLAN refresh has problem during met lan status drop and regain. -N/A: Added support for the new 2200W power supplies. -N/A: Thunderbolt fans did not boost when a member read 0 RPM. -EPSD100248689: [Thunderbolt] Sometimes there are some abnormal logs in SEL when run DC cycle or Hard Reset. -EPSD100248782: The Help text in the BMC web console for Modify User does not match the actual interface. -EPSD100029037/EPSD100029042/EPSD100029046: The "Bad user PWD" event log will occur when send several commands from remote client during update BMC FW. -EPSD100029025/EPSD100029043/EPSD100029044: "Bad User PWD" event will occur when log in EWS via LDAP account with correct USERID and PASSWORD. - 01.30.8756(Internal Version) -N/A: Disable CPLD Update Function by default and add a command for user. 01.29.8658(Internal Version) - EPSD100028587: BMC and SDR version become "Unknown" when used DCM tool to limit SUT power consuming - EPSD100028724: No HDD presence and check HDD status in EWS, HDD2,3 status shows like "Drive Presence". - EPSD100028950: IOM FRU update fail =============================================================================== 01.28.8586 - (Release version) =============================================================================== -EPSD100248398: Spelling error in SEL log. -EPSD100248427: After SUT power off, there is "Front panel temp sensor has failed and may not be providing a valid reading - assert" logged for BMC FW health sensor -EPSD100248399: Change Bad Password Threshold parameter string in EWS to be same with spec. -EPSD100248480: Chassis intrusion is always enabled on MTM2 exit. =============================================================================== FEATURES ADDED =============================================================================== 01.48.10351: -none: update PSoC to version 1.27 01.48.10259: -none: update PSoC to version 1.26 01.47.10181: -CCB 460: enable adoption of A1u2ULCP on S2600WT -CCB 468: address the cipher suite zero vulnerability. -none: update PSoC to version 1.25 -none: update SDR file for S2600WT thermal alert issue 01.45.9842: -none: Update OpenSSL to latest version 1.0.2h to avoid OpenSSL vulnerability -CCB391: Add IPMI command to limit Maximum PWM code base -CCB404: provides support for KNL(Xeon Phi) PCIe card with CMD 0xE8 (PCIe slot CMD) 01.44.9785: -CCB430: Cross Site Request Forgery (CSRF) prevention and Privilege Escalation Attack via EWS prevention 01.42.9617: -CCB387: Support for TLSv1.2 using a 256 bit encryption key and make TLSv1.2 256 bit ciphers the default ones. 01.40.9455: -CCB387(Part): Disable TLS ciphers using less than 128 bits of encryption. 01.38.9347: -CCB320: Remove IHC from BMC functionality -none: Update CPLD image to 1.7 -none: Disable SSL support, support secure TLS session renegotiation only 01.36.9152: -none: Update CPLD to Version 1.4 -none: Update PSU to S3 0.20 -none: Update PSoC to version 1.19 01.28.8586: -CCB310: Implement Bad Password and Bad Username SEL logging and "Session Audit" system event to support ipmitool,ipmiutil and free ipmi. =============================================================================== REFERENCE MATERIAL =============================================================================== Common (integrated) BMC Firmware EAS (integrated) BMC Firmware Common Core EPS