============================================================================= Intel(R) Server Platform Integrated BMC Firmware Release Notes ============================================================================= INTEL Enterprise Platform & Services Marketing Intel Corporation 2111 N.E. 25th Avenue, Hillsboro, OR 97124 USA ============================================================================= DATE: May 21, 2018 TO: Intel(R) Server Platform S1200BTL customers SUBJECT: Integrated BMC firmware 01.21.11202 release notes ============================================================================= LEGAL INFORMATION ============================================================================= Information in this document is provided in connection with Intel products. No license, express or implied, by estoppel or otherwise, to any intellectual property rights is granted by this document. Except as provided in Intel's Terms and Conditions of Sale for such products, Intel assumes no liability whatsoever, and Intel disclaims any express or implied warranty, relating to sale and/or use of Intel products including liability or warranties relating to fitness for a particular purpose, merchantability, or infringement of any patent, copyright or other intellectual property right. Intel Corporation may have patents or pending patent applications, trademarks, copyrights, or other intellectual property rights that relate to the presented subject matter. The furnishing of documents and other materials and information does not provide any license, express or implied, by estoppel or otherwise, to any such patents, trademarks, copyrights, or other intellectual property rights. Intel products are not intended for use in medical, life saving, or life sustaining applications. Intel may make changes to specifications and product descriptions at any time, without notice. Intel is a registered trademark of Intel Corporation. *Other names and brands are the property of their respective owners. Copyright (c) 2015 Intel Corporation. A portion of this firmware is open source code. The OSS source code that the customer is entitled to per OSS license will be made available on request and will be posted on Intel support at product launch. This open source code falls under the GPL 2.0 license, please see the license at the following link: http://www.opensource.org/licenses/gpl-2.0.php ============================================================================= ABOUT THIS RELEASE PACKAGE ============================================================================= REVISION INFORMATION RETURNED BY GET DEVICE ID COMMAND: Operational mode: 01.21 UBoot mode: 00.02 Device ID: 0x21 Manufacturer ID: 0x000157 Product ID: 0x48 Other version/revision information: HSBP FW: 00.15 Root/OS/WWW: 9.19 FWPIAUPD: 10.0 Build 6 Release Notes: 01.21 rev 1.0 Subversion source control build number: 11202 Checksum information: Entire BMC_01.21.11202.bin image including UBoot, params, operating system, root, WWW and CIM data Region: 0x0000000 - 0x1000000 MD5 : 453d91a6bfa402eb291c3fb67b5826d7 ============================================================================= IMPORTANT INSTALLATION NOTES ============================================================================= - The following update process must be followed to ensure a trouble free updating of your baseboard. 1. BIOS R0013.1 or later 2. BMC firmware to 00.08 or later 3. Hot-swap backplane PSOC firmware 00.05 or later 4. Latest FRU/SDR package specific to the baseboard. - From BMC_0006, BMC will have both FCT.sdr and Shipping.sdr installed in FW. Default SDR is FCT.sdr. User can use below command to change SDR: 1. enter manufacturing test mode :Cmdtool 20 18 05 57 01 00 2. restore SDR : Cmdtool 20 c0 03 00 (shipping.sdr) Cmdtool 20 c0 03 01 (FCT.sdr) - From BMC_00.07.842, BMC image name changed from BMC_000x to BMC_00.0x.xxx to sync with Romely. For example, BMC_00.07.842 indicates BMC revision is 00.07 and svn code revision is r842. - There are two transition releases for BTP and they are BMC_0004 & BMC_0006. Where BMC_0004 transitions from unsecured image updates to updates using the secured image (i.e., signed image), and BMC_0006 is the transition of encryption keys. Updating from BMC_0003 that requires the user to update to BMC_0004 before going forward. Updating to BMC_00.07 requires that BMC_0006 to have been previously loaded. The BMC must be updated as follows. Current BMC Revision Target BMC Revision Comment BMC_0003 BMC_0004 Updating from BMC_0003 requires updating to BMC_0004 before attempting to update to the latest BMC (i.e., 5 or 6). BMC_0004 BMC_0005 Requires BMC_0004 BMC_0004 BMC_0006 Requires BMC_0004 or BMC_0005 to be currently loaded BMC_0005 BMC_0006 Requires BMC_0004 or BMC_0005 to be currently loaded BMC_0006 BMC_00.07.842 BMC_00.07.842 can only be updated from BMC_0006. BMC_0006 BMC_00.08.886 BMC_00.08.842 can be updated from BMC_0006. BMC_00.07.842 BMC_00.08.886 BMC_00.08.842 can be updated from BMC_00.07.842. BMC_00.08.886 BMC_01.00.921 BMC_01.00.921 can be updated from BMC_00.08.886 BMC_01.00.921 BMC_01.01.921 BMC_01.01.921 can be updated from BMC_01.00.921 BMC_01.00.921 BMC_01.02.964 BMC_01.02.964 can be updated from BMC_01.01.921 BMC_01.02.964 BMC_01.03.992 BMC_01.03.992 can be updated from BMC_01.02.964 BMC_01.03.992 BMC_01.04.1091 BMC_01.04.1091 can be updated from BMC_01.03.992 BMC_01.04.1091 BMC_01.05.1260 BMC_01.05.1260 can be updated from BMC_01.04.1091 BMC_01.05.1260 BMC_01.07.1512 BMC_01.07.1512 can be updated from BMC_01.05.1260 BMC_01.07.1512 BMC_11.08.1617 BMC_11.08.1617 can be updated from BMC_01.07.1512 BMC_11.08.1617 BMC_01.09.1715 BMC_01.09.1715 can be updated from BMC_11.08.1617 BMC_01.09.1715 BMC_01.10.1889 BMC_01.10.1889 can be updated from BMC_01.09.1715 BMC_01.10.1889 BMC_01.11.2263 BMC_01.11.2263 can be updated from BMC_01.10.1889 BMC_01.11.2263 BMC_01.12.2271 BMC_01.12.2271 can be updated from BMC_01.11.2263 BMC_01.12.2271 BMC_01.13.2825 BMC_01.13.2825 can be updated from BMC_01.12.2271 BMC_01.13.2825 BMC_01.14.3503 BMC_01.14.3503 can be updated from BMC_01.13.2825 BMC_01.14.3503 BMC_01.15.3987 BMC_01.15.3987 can be updated from BMC_01.14.3503 BMC_01.15.3987 BMC_01.16.4347 BMC_01.16.4347 can be updated from BMC_01.15.3987 BMC_01.16.4347 BMC_01.17.5256 BMC_01.17.5256 can be updated from BMC_01.16.4347 - From BMC_00.08.886 and later version, ME address change from 0x88 to 0x2C, need run with BIOS R13.1 or later version. - BMC_01.00.921 BMC includes HSBP R05 FW. - BMC FW version increase to v1.00 for drop1 release. - BMC_01.04.1091 BMC includes HSBP R06 FW. - BMC_01.04.1091 BMC includes FWPIAUPD 10.0 Build 6. ============================================================================= INSTALLATION PROCEDURE WHEN UPDATING TO BMC_01.21.11202 ============================================================================= 1. Copy the BMC_01.21.11202.bin, fwpiaupd.efi, ipmi.efi, updBMC.nsh files to a USB key, hard disk drive or floppy drive. All of these files must reside in the same directory. 2. Boot to EFI and then run the updBMC.nsh script file to update the BMC FW. Using fwpiaupd.efi with your own command line parameters is not supported and doing so is at your own risk! 3. Power off the system and cycle AC power 4. Install latest available FRU/SDR package. =============================================================================== ISSUES FIXED =============================================================================== 01.21.11202 Fixed - Fix SSL/TLS Compression Algorithm Information Leakage Vulnerability 01.21.10212 Fixed - Upgrade openssl from 0.9.8zg to 1.0.2j Fixed - Upgrade openssh from 6.6 to 7.3 Fixed - Fix the ssl security vulnerabilities of stunnel applications Fixed - Fix several vulnerability issues reported by Nessus scan 01.21.10051 EPSD100253835 - (X) Cipher Suite 0 vulnerability on iLo, BMC RMM4 management port 01.21.9788 Openssl: disable SSLV2 and SSLV3 01.20.9454 EPSD100244824 - The system will take around 5 minutes to start to POST and the blue BMC LED always on after power cable connected Fixed - Openssl update from 0.9.8zc to 0.9.8zg 01.19.7140 EPSD100244824 - The BMC hangs during the first a/c power on after being off for a period of time. EPSD100244953 - openssl update from 0.98.za to 0.98zc. 01.19.6433 Openssl vulnerabilities fixes. 01.18.6224 EPSD100238053 - [X] Java dropping JAR support will affect KVM operation. 01.17.5256 IPS6000015781 - S1200BTL BMC hang issue (Actually BMC does not hang, just EWS hang.) IPS6000012624 - Fail to get device ID after reset BMC EPSD100235630 - [A99] ER1304BTLSHBNR BIK- does not maintain BMC web console session during power EPSD100236045 - HDD R/W performance drop from 84MB/s to 24MB/s when the DIMM temperature nearby 40 degree EPSD100022247 - Couldn't get SUT's DeviceID through Vlan between SUT and client EPSD100236336 - [X] Web Console not defaulting to English when another non-English browser is detected 01.16.4347 EPSD100022537 - Monitor DIMM thermal trip at Standby 01.15.3987 EPSD100021646 - SUT would hang at POSTCODE: 0x63 while BMC LAN connected to a switch loop environment. EPSD100229839 - Customer reported Drive Slot events being logged on reset with BearTooth Pass EPSD100229708 - Clone of: [X] RMM4 remote console port forwarding issue Option USB Key emulation type "Hard-Disk" was not working Add OpenSSL acknowledgement to EWS Upgrade HSBP FW to 00.15 01.14.3503 EPSD100020338 - There is a typo error in BMC WebUI help document for "Alert Email" sub-menu EPSD100228780 - Can't disable an exist user in EWS EPSD100019204 - Encounter IPMI Error Code 6 or 204 when add or delete users through BMC WebUI EPSD100226998 - [X] BMC NVRAM corrupt after DHCP configuration 01.13.2825 EPSD100018493 - The string of ME version in BMC WebUI and BIOS Setting up is different EPSD100226007 - rKVM/Remote media client not tracking source port forwards EPSD100019306 - Can not ping through SUT with VLAN IP after AC Cycle EPSD100224356 - Diagnostic tests are unclear what they are suppose to do EPSD100224773 - OEM Timestamp and OEM Non Timestamped events not decoded correctly in EWC and EWC SEL dumps EPSD100223582 - EWS SEL display page does not display the specific DIMM, CPU, and PCIE information for all DIMM, CPU, and PCIE faults EPSD100019198 - The BIOS need twice to save the BMC RMM4 IP configuration EPSD100221003 - in the EWS, if the sensor is in "N/A" status, the indicative string is "OK". 01.12.2271 Upgrade HSBP FW to 00.12 01.11.2263 Upgrade HSBP FW to 00.11 Added support for Macronix MX25L12805D flash chip CCB67: Add OEM command to give BMC status on updateing satellite FW. EPSD100221569 - Mount ISO image to RMM4 may cause "error reading video data" issue on BTP 01.10.1889 EPSD100223433 - SEL keeps reporting rebuild/remap in progress,Deasserted/Asserted,and finally fills up the SEL EPSD100220461 - Bromolow HSBP PSOC FW reports drive presence not correct EPSD100223179 - The Connection to RMM4 from IASC will lost sometimes 01.09.1715 Remove UNC and UC threshold for VBAT sensor. 11.08.1617 EPSD100222263 - System Fan RPM 0 after runing sometime on Buffalo Peak Hotswap SKU 01.07.1512 EPSD100221369 - BMC user SOL payload enable/disable status can't be saved across BMC reset EPSD100220461 - Bromolow HSBP PSOC FW reported drive presence not correct EPSD100014632 - The SDR version is still 1.03 (expect to be D1.03) after exchanging the SDR via below commands. 01.05.1260 a. Fixed Pilot3 SMbus failure after 2 bytes b. The uboot partition pointer is not correct. 01.04.1091 Fixed 4 HSBP problems via including HSBP 0.6 (1). Lower system frequency from 24MHZ to 12MHZ to adapt to 3.3V power. (2). I2C address allocation wrong for PSOC2 and PSOC3 when three HSBPs are deployed in one system. (3). HSC hangs when connecting second SGPIO cable. (4). HSBP FRU update hangs sometimes when using FRUSDR utility. 01.03.992 EPSD100218772 - SNMP and SMTP alerts are not getting sent when configured for both EPSD100010812 - DIMM information show "There was a problem while getting system DIMM inform... EPSD100218915 - Various problems seen in Embedded Web Console 01.02.964 EPSD100219241 - When click the Power Statistic HELP icon in the EWS, it shows "Access Error:Site or Page Not Found, cannot open URL". EPSD100011708 - [EWS]Couldn't get correct ME FW version in System Information. EPSD100219240 - when the cursor moved on the "help" link in the EWS, it is not changed to hand shape. EPSD100012155 - DIMM thermal trip temperatue too low. EPSD100219276 - I2C communication with PMBus PS fails after running several days. EPSD100012019 - PCH thermal trip works but no SEL event. EPSD100012253 - When powering up SUT by power button, SUT usually halted at 0x02 with a AC cycle(Stay Off). 01.00.921 EPSD100011752 - Sometimes, after updating the BMC FW or Fru , there will ba a Virtual CDROM dev... EPSD100218643 - sensor 0x78 sending warnings in the sel log during S5 stress test. EPSD100011432 - "System Event" sensor (0x08) status was changed to 0x04 after clear SEL via Selviewer utility. EPSD100218951 - Fan Speed Control boosts fans to 100% when Mem Therm Margin sensors disabled in OLTT mode. PSOC temperature readings were returning as unavailable. Fixed sensor logic. EPSD100011633 - The value of fan speed (fan1 and fan2) become abnormal while the duty cycle is more than 90%.(Bufallo Peak SKU). EPSD100011704 - [UT] The sensor of NM capacity is always shown .unknown. health. 00.08.886 Sensors in Web Interface can have conflicting status fields. EPSD100011708 - [EWS]Couldn't get correct ME FW version in System Information. EPSD100011531, EPSD100011239, EPSD100011525 - [EWS Media Redirection] Using the virtual CD-ROM to install OS, the virtula CD-ROM will be gone at the "Windows is loading files" step. ME address is incorrect and is hardwired in the code in various places. EPSD100011256 - [SOL]Reset system. Screen transition fail after POST. EPSD100218419 - Intermittent Reading Unavailable from DIMM Thermal sensors. EPSD100218554 - system hang when revert the NMI button status via Get SM signal command. 00.07.842 EPSD100011252 - RKVM must support four concurrent sessions. EPSD100218419 - PECI command WrPkgConfig() isn't functional. EPSD100011041 - Generate Powergood dropout error , but no beep code and SEL log. EPSD100010774 - No AC power loss event logged for AC cycle. EPSD100218643 - sensor 0x78 sending warnings in the sel log during S5 stress test. EPSD100011545 - No asserted event is logged for Thermal Trip. EPSD100218554 - Pressing the NMI button not working when sending the IPMI command Get SM Signal. EPSD100218489 - Can not read PSOC HSBP FW's version in EWS. EPSD100010971 - Sensor readings status and health didn't match the realistic. EPSD100218643 - sensor 0x78 sending warnings in the sel log during S5 stress test. EPSD100011239 - Mount USB key, or windows 2008 ISO, no device been found in BIOS Boot Option when using DNM. 00.06 EPSD100217010 - Inconsistent front panel Status LED behavior. Fix usage of reserved sensor number 0xFF. EPSD100217594 - GetFanControlConfiguration command does not return changes from SetFanControlConfiguration command. EPSD100010963 - Power supply/PS1 Status(0x50) event always asserted and deasserted while the system power on. EPSD100011335 - After changing the BMC IP in a different subnet, it is unable to ping successfully. EPSD100218281 - Updating BMC FW with new cmdtool.efi fails. EPSD100218059 - SDR Data reverts to default after signed FW update. EPSD100218334 - protection error happens during BMC update PSOC flash. EPSD100011263 - Unable to detect an alert initiated from the target. EPSD100010830 - There is a command issue after running the SMASH lite: 1. CD and Identify commands. 2. SET.CONFIRM.STATE. EPSD100218416 - Signed firmware update is writing to sector 0 where rubix is stored rendering. Read/Write FRU datacommand would fail and return 0x81 for PS related FRU. sn#for PV_VTT_CPU_SENSOR and PV_VCC_CPU_SENSOR is mismatch. EPSD100011435 - RMM4 DNM speed LED always solid amber whether connect to 10/100 swtich or 1GB network. EPSD100218243 - Signed BMC FW update fails if you don't pass -nopc ( no platform check) flag. EPSD100218440 - Unable to read the FRU data out of the PDB or power supplies using IPMI FRU commands. EPSD100217664 - DIMM thermal Margin sensor always in reading unavailable mode. 00.05 EPSD100010716 - Mouse calibration option in RKVM is always gray disabled. EPSD100010768 - Set LPCPINCTL to 0xaaaaa to turn off LPC pullups, was causing standby current leakage. EPSD100011050 - Radio button doesn't work on embedded web server alerts config page (IE6). 00.04 #EPSD100010827 – [EWS]Some sensors reading value show "Not Available" #EPSD100010685 - The reading of CPU1 thermal margain sensor (0x74) is always 00 00.03 N/A 00.02 #EPSD100217306, Intermittent BMC communication failure through IPMB and KCS. ============================================================================= FEATURES ADDED ============================================================================= 01.21.11202 CCB2429 [BeartoothPass]Resolve Vulnerability of RC4/AES during klockwork scan DELL/EMC found vulnerability problem during doing security scan by klockwork scan,  the report show weak encryption algorithm options “AES” and “RC4” "3DES" are being used for embedded web server. EWS, RKVM, USB and CD media redirection are workable for encryption algorithm “AES” and “RC4”, "3DES", but it has risk for security. 01.21.10212 None 01.21.10051 None 01.21.9788 None 01.20.9498 None 01.19.7140 CCB 281: Add the support on EWS for disabling/enableing ssh and http/https.Also add the support for disabling/enabling KVM by issuing an oem command. 01.18.6224 CCB 221: BMC Password Encryption. 01.18.6224 CCB 221: BMC Password Encryption. 01.17.5256 CCB 144: Disable POST code LED output after system has completed POST. Downgrade RMM4 link speed from 1Gbps to 100Mbps 01.16.4347 Both add Graceful OS shutdown option on EWS and in Chassis Control command (Soft Off). 01.00.921 Support HSBP/PSoC FRU accesses. SVN build version: R921 00.08.886 CCB 642 update: The Power supply fans cannot be run at 30% pwm. The Manufacturer specifies that 45% should be the minimum. Changed the firmware to set the speed to 45%. Web Console: remove HSC & LCP versions from Sys Info page. ME address changed from 0x88 to 0x2C. SVN build version: R886 00.07.842 Implemented setting a minimum power supply fan speed to 30% PWM as per CCB 642. Updated the passphrase for builds after version 0.5. Added the ability to decrypt using two keys. Add support for PSOC-based temperature sensors. Change web server banner to say "Integrated BMC Web Console". SVN build version: R842 00.06 Added the ability to decrypt using two keys. The deprecated key will be dropped in future releases. Modified HSBP sensor monitoring code (for PSOC HSBPs) to accept non-contiguous sensor numbers. CATERR needs to be ignored immediately after power on to prevent false events. New HSBP firmware update. Fix non-GPL header in Bromolow branch. Add reporting of RMM NIC presence to the GetAdvancedSupport command for utilities. Updated the header text to use the standard Intel proprietary header. Moved the HSBP firmware files and installation into the libfwum directory. Fab2 RMM4 DNM requires MACRGMIICTL register set to 0x300 (Fab1 requires 0x313). Add setting to PHY initialization routines but default to Fab2 value. Update FCT.sdr and Default.sdr according to latest system config table. Add modified to support SMBIOS2.6 format. SVN build version: R786 00.05 Change MACRGMIICTL register value to 0x313, value that worked best with long cable. Also turn off unused 125MHz clock output in Fab2 Realtek PHY. Also add up-script-eth1 to restart web server when eth1 comes up. Implemented a VR Timeout (Watchdog) sensor to monitor PS power good and VR Power good. Enabled using the PWM output of a fan domain as the input to a fan control stepwise record. 2.1.14.5.1 - Management Subsystem Health Sensor. For Email Alerts, add text & hex dump of SEL event that generated Alert to body. Adding restore to FCT SD functionality. Duplicate seq number can happen on msgs from ME at startup. RMM4 Micrel PHY programming changes. Modified the CPU throttle precentage calculation method to support ME Si enabling only platform. Modified fan PWMs for sensor failures from offsets to absolute values. SVN build version: R702 00.04 signed FW update feature. SVN build version: R668 00.03 2.1.4.5.4 - System should implement separate sensors for each nominal voltage 2.1.11.5.1 - LAN Leash monitoring - discrete sensor implementation 6.2.2.5.2 - The system shall support the Design For Test rules (NC-SI exercise command) 6.1.1.5.12 - BMC FW Shall provide an IPMI method to determine the amount of memory throttling occurring 2.5.2.5.1 - System shall provide an IPMI sensor for memory throttling 2.1.1.5.6 - DIMM Thermal margin sensor SVN build version: R628 00.02 Add most SPRD commited features. SVN build version: R494 00.01 Basic IPMI features support. SVN build version: R434 ============================================================================ REFERENCE MATERIAL ============================================================================= Bromolow-Romley Common FW EAS [END OF RELEASE NOTES]