TITLE: HPE Superdome Flex Server Firmware Bundle (for installation from RMC)

VERSION:
Bundle Version: 3.40.122

 

VERSION 3.40.122 contains:

   COMPLEX_METADATA: 3.40.122

    FWU: 2.40.0-20210713-081030

    NPAR_METADATA: 3.40.122

    RMC: 2.70.289

    RMC_EMMC: 2.70.289

    UV400_BIOS: 7.5.50.20210930_144652

    UV400_BMC: 2.70.289

    UV400_BMC_BASEIO_P0003171_002_PLD: 12.2.32

    UV400_BMC_BASEIO_P0003171_003_PLD: 12.3.36

    UV400_BMC_BMC_P0004912_001_PLD: 10.1.8

    UV400_BMC_EMMC: 2.70.289

    UV400_BMC_FWU_TOOLS: 2.70.289

    UV400_BMC_HARP_P0003240_001_PLD: 11.1.19

    UV400_BMC_NODE_P0001924_003_PLD: 13.3.61

    UV400_BMC_PWR_BRD_1_ENV_PSOC: 36.1.1

    UV400_BMC_PWR_BRD_1_PS_PSOC: 35.1.16

    UV400_HARP_FPGA_1590_B100: 1590_b100-0a

    UV400_HARP_FPGA_1590_B101: 1590_b101-0a

    UV400_HARP_FPGA_1590_B102: 1590_b102-0a

 

DESCRIPTION:
This bundle contains the firmware file for updating the HPE Superdome Flex server firmware from the RMC. This file updates the server BIOS firmware as well as firmware on the RMC (Rack Management Controller) and on the BMCs (Board Management Controller). 

Note: To comply with Open Source requirements, the Open Source used in Superdome Flex RMC/BMC firmware is provided in the tar file foss_SDFlex_2.5.tar.gz (only included for Open Source documentation purpose).

 

UPDATE RECOMMENDATION: Critical

 [X] Critical                                              

    [X] Panic, [ ] Hang, [ ] Abort, [ ] Corruption, [ ] Memory Leak, [ ] Performance

    [X] Security

    [ ] Hardware Enablement, [ ] Software Enablement

[ ] Required

[ ] Recommended

[ ] Optional

    [ ] Hardware Enablement, [ ] Software Enablement, [ ] non-critical

[ ] Initial Customer Release

 

SUPERSEDES:                                
Version: 3.40.106 (factory only release)

 

PRODUCT MODEL(S):     
HPE Superdome Flex Server

 

OPERATING SYSTEMS: 
Supported on Superdome Flex systems with Intel Xeon® Scalable processors 62XX/82XX:
      Supported with DDR4:


Supported with PMM (HPE Persistent Memory): 

 

 (*) Note:

 - UEK6 was first released with Oracle Linux 8.2 and 7.9 and was included in the install media. The Oracle Linux 7.8 (and earlier) install media contains UEK5. The Oracle Linux 7.9 install media contains UEK6. When updating to Oracle Linux 7.9 you can choose whether to remain on UEK5 or upgrade to UEK6. For more information, see UEK Linux documentation from Oracle.

- Secure boot mode with Oracle UEK 6 is supported with Oracle Linux UEK 6 Update 3 (or later)

 

 

Note: For latest information on configurations supported with PMM (HPE Persistent Memory), see the HPE Persistent Memory Guide for HPE Superdome Flex as well as the white papers Installing and Running Microsoft Windows Server 2019 and Windows Server 2022 on HPE Superdome Flex Server” and “Running Linux on HPE Superdome Flex Server”.


Supported on Superdome Flex systems with Intel Xeon® Scalable processors 61XX/81XX
      Supported with DDR4 DIMMs only (no support of PMM): 

·       VMware 6.5 U1/U2/U3, 6.7, 6.7 U1/U2/U3, 7.0, 7.0 U1/U2/U3

 

     Note: For more details on VMware support and certifications, check the Running VMware vSphere on HPE Superdome Flex Server white paper.


LANGUAGES:
International English  

ENHANCEMENTS:    

Version 3.40.106 (factory release):

·       Added support for VMware 7.0 U3

·       Added support for Windows 2022

·       Secure boot mode with Oracle UEK 6 is supported with Oracle Linux UEK 6 Update 3 (or later)

·       Firmware includes the latest revision of the Intel Reference Code (IPU2021.1).

·       Upgraded to Python version 3.5.10

·       Hub Write Flush Optimization feature is now enabled by default. That feature provides better balance between memory writes and memory reads and ensures more consistent memory latencies on systems running under heavy workload; for details, see the Customer Notice a00110429

·       Added support to enable extended Memory tests during nPar boot

·       Added support for automatic NVDIMM firmware update. NVDIMMs are now updated to the supported firmware version upon nPar boot. The functionality is enabled by default but configurable by System administrator. Refer to the nPar attributes section in the HPE Superdome Flex Server Administration guide.

·       Added support for disabling IPMI BT (Block Transfer) interface and to allow only permitted set of IPMI commands. Please refer to the HPE Superdome Flex Server Administration Guide for more details

·       Provide ability to configure the default RMC password length to a value from 6 to 64 (now set to 8 by default)

·       A new DIMM pre-fail feature can be enabled to allow flagging early DDR4 DIMMs with potential health issues

·       Login delay is now imposed after 3 failed login attempts with delay of 10 sec, which is user configurable

·       The show health CLI command now includes the message and resolution for faults

·       Added support for BaseIO, BMC Board, and Power Board  FRU indictment

·       Added support to preserve Post package Repair(PPR) information in BMC across DIMM movement

November 2021:

·       Added support for RHEL 8.5 and Oracle Linux 8.5

      December 2021:

·       Added known issue about critical HARP0/1 VDD_VR_FAULT or THERMAL_FAULT_DETECTED event occurring due to thermal monitoring sometimes erroneously set to OFF  after firmware update to version 3.40.122

·       Added a step in the installation instructions to prevent running into the above issue

 

FIXES:  

Version 3.40.122:

·       Fixed an issue where Post Package Repair (PPR) of faulty rows in a DRAM would not be persistent across reboots with firmware version 3.40.106; for details, see Customer Advisory a00118886

Version 3.40.106 (factory only release):

·       Fixed an issue where the system would crash with DIMM de-configuration during recovery action when multiples corrected errors are encountered on a channel

·       This firmware includes an updated revocation Signature Database (DBX) used when UEFI secure boot is enabled.  The updated DBX in this firmware will revoke HPE signed images that were vulnerable to UEFI Secure Boot Evasion Vulnerability (CVE-2021-20233, CVE-2020-25632, CVE-2020-27779, CVE-2021-20225, CVE-2020-27749, CVE-2020-25647). However this firmware does not include the UEFI Microsoft DBX which will revoke UEFI signed images vulnerable to the Secure Boot Evasion Vulnerability. This is because some Linux distributions have not released updates that will boot at the time of this release. If your OS has released fixes for this vulnerability, UEFI Microsoft DBX hashes may be applied manually. They are available from uefi.org's UEFI DBX Revocation List. 

·       Firmware includes the latest revision of Microcode from Intel which provides mitigation for CVE-2020-24511

·       Firmware includes the latest revision of the Intel Reference code (IPU2021.1) which addresses CVE-2020-12358, CVE-2020-12360 and CVE-2020-24486

·       Addressed security vulnerability CVE-2018-20843 and  CVE-2019-15903 in libexpat

·       Addressed security vulnerability CVE-2021-23841 and CVE-2020-1971 in OpenSSL

·       Addresses security vulnerability CVE-2021-0144    

·       The CLI show uvdmp command no longer terminates with UNEXPECTED PROGRAM ERROR when parsing non-ASCII characters

·       The partition Real Time Clock (RTC) no longer drifts by a few minutes at each AC power cycle or when the PLD firmware version has been updated.

·       The command “create npar default" now prompts for user confirmation before proceeding to removing an existing npar

·       A BMC (Base Management Controller) reboot no longer generates a Critical Alert to Remote Support Monitoring Tools  (see Customer Advisory a00113826)

·       Addressed a rare case where a MEM_DIMM_MEMTEST_FAILURE service event would not be generated by CAE and a DIMM, although disabled for the boot, would not be scheduled for de-configuration

·       Fixed an issue where the system boot would fail with a rendezvous timeout while memory test is in progress

 

COMPATIBILITY:

·       Monitoring and management of HPE Superdome Flex servers with firmware version 3.20.186 or later is supported only starting from OneView version 5.00.

·       It is recommended to use this firmware along with HPE Superdome Flex I/O Service Pack version 2021.10 and HFS (HPE Foundation Software) version 2.4.3.2 (Linux only) as well as the latest DCD version:

o   See the Superdome Flex support matrix: HPE Superdome Flex Release Sets

·       For additional OS specific information, please see:

o   For VMware, the “Running VMware vSphere on HPE Superdome Flex Server” white paper.

o   For Windows, the “Running Microsoft Windows Server on HPE Superdome Flex Server” white paper (for Windows 2016) and “Installing and Running Microsoft Windows Server 2019 and Windows Server 2022 on HPE Superdome Flex Server” (for Windows 2019 and 2022).

o   For Linux, theRunning Linux on HPE Superdome Flex Server” white paper as well as the “HPE Superdome Flex Server OS Installation Guide” at https://www.hpe.com/support/superdome-flex-os

PREREQUISITES:  

IMPORTANT:

·       For systems running with Secure Boot enabled, all vulnerable signed UEFI OS boot loaders and applications that are expected to boot must be updated before applying or installing the default DBX key.
Note: Failure to install application updates before the new DBX installation may result in a situation where the server will not boot. If that situation occurs, Secure Boot will need to be disabled until the vulnerable applications and bootloaders are updated.

Note:

1.       Isolate the management network from the normal corporate LAN. This management network should limit and restrict access to your RMC management interfaces using firewall, Accesses control lists (ACLs), or VPN.  This will greatly reduce a large group of security risks, (for example Denial of Service attacks).

2.       Patch and maintain web servers.

3.       Run the up-to-date virus and malware scanners in your network environment

4.       Apply HPE firmware updates as recommended.

 

 

INSTALLATION INSTRUCTIONS:

Please review all instructions and the "Hewlett Packard Enterprise Support Tool License Terms" or your Hewlett Packard Enterprise support terms and conditions for precautions, scope of license, restrictions, and limitation of liability and warranties, before installing this package. It is important that you read and understand these instructions completely before you begin. This can determine your success in completing the firmware update.

Note: It is highly recommended that firmware updates be executed by Hewlett Packard Enterprise support personnel.

 

IMPORTANT: HPE strongly recommends rebooting the BMC’s after updating the firmware and prior to powering up the partition! See Step h.

 

Note: HPE provides three methods for updating the server firmware, from the RMC CLI, using SUM or using OneView. If you need help selecting a method, please see the “Firmware Update” section in the Superdome Flex Server Manageability white paper.

 

Online firmware update support:

·       Online firmware update is only supported when updating from version 3.40.106.

·       Online firmware update support matrix:

 

From:   \ 

         To:

 3.20.206

3.25.46

3.30.130

3.30.140

3.30.142

3.30.144

3.40.106

3.40.122

3.20.206

N/A

Yes

No

No

No

No

No

No

3.25.46

No

N/A

No

No

No

No

No

No

3.30.130

No

No

N/A

Yes

Yes

Yes

No

No

3.30.140

No

No

No

N/A

Yes

Yes

No

No

3.30.142

No

No

No

No

N/A

Yes

No

No

3.30.144

No

No

No

No

No

N/A

No

No

3.40.106

No

No

No

No

No

No

N/A

Yes

 

Complex versus partition firmware:

·       Operation with mixed complex/partition firmware is supported, providing that the complex firmware version is always greater than or equal to the partition firmware.

 

Important:

·       DO NOT abort the firmware update once started as this may cause the system to get in an un-usable state. In particular, DO NOT turn off system AC power during a Firmware update.

·       In case a firmware mismatch is displayed after the update, retry the update. If you continue to see failures, please contact HPE support

 

INSTALLATION

 

IMPORTANT:

-          For systems running with Secure Boot enabled, in order to address the “BootHole” (CVE-2020-10713) security vulnerability, an extra step is needed if the firmware is updated from version 3.25.46 (or earlier). See step j. at the end of the installation instructions.

 

To update server firmware from the RMC CLI:
1. Copy the firmware file sd-flex-<version>-fw.tars to your local computer.
 

2. Follow the instructions below to install the new firmware on your system.
    Note: Online firmware update to version 3.40.122 is only supported when updating from 3.40.106.

 

a.       Please verify that the system date is set. If not, set it and check if you have a NTP server up and running as it is used to set the date.

 

b.      Step b. is for offline firmware update only:
Log into the HPE Superdome Flex Server operating system as the root user, and enter the following command to stop the operating system:
          # shutdown

c.       Login to the RMC as administrator user, provide the password when prompted.

d.      Use of DNS is recommended:
- If using DNS, verify that the RMC is configured to use DNS access by running:
          RMC cli> show dns
   If not, you may use the command “add dns ipaddress=<RMC IP>” to configure DNS access (or you can’t use DNS).

- If not using DNS, you will need to specify IP address in the <path_to_firmware>

e.       Step e. is for offline firmware update only:
Enter the following command to power off the system
        - If there is only 1 partition, partition 0 is the default:
                 RMC cli> power off npar pnum=0  
         - In case of multiple partitions, enter show npar to find the partition number, then enter:
                RMC cli> power off npar pnum=x, where x is the partition number

f.        Update the firmware by running the command: 
          RMC cli> update firmware url=<path_to_firmware> [exclude_npar_fw]

                   Where <path_to_firmware> specifies the location to the firmware file that you previously
                   downloaded. You can use https, sftp or scp with an optional port. For instance:
                         RMC cli> update firmware url=scp://username@myhost.com/sd-flex-<version>-fw.tars
                         RMC cli> update firmware url=sftp://username@myhost.com/sd-flex-<version>-fw.tars
                         RMC cli> update firmware url=https://myhost.com/sd-flex-<version>-fw.tars
                         RMC cli> update firmware url=https://myhost.com:123/sd-flex-<version>-fw.tars

                    And where exclude_npar_fw is used to not update the BIOS firmware running on an nPar.

                    Note: The CLI does not accept clear text password, the password has to be manually typed in.
                    Note: To use a hostname like ‘myhost.com’, RMC must be configured for DNS for name
                             resolution, otherwise you need to specify the IP address of ‘myhost.com’ instead. See
                             the command ‘add dns’ for more information.

g.       Wait for RMC to reboot after a successful firmware update, then check the new firmware version installed by running:
         RMC cli> show firmware verbose
 Note: The nPar firmware version will not be updated until the next nPar reboot. See output under “DETERMINING CURRENT VERSION” below.

h.     Reboot the BMC’s prior to power cycling the system or partition:
- If the complex has a discrete 1U RMC, run:
    RMC CLI> reboot bmc all
  Then allow at least 3 to 5 minutes for BMC(s) to complete initialization and join the complex before attempting to power on the nPar

- If the complex has an eRMC:
       1. Reboot the expansion chassis BMC first, using the expansion chassis GEOID:
            eRMC CLI> reboot bmc target=<GEOID>
            For instance: eRMC CLI> reboot bmc target=r001u06b
        Then allow at least 3 to 5 minutes for the BMC to complete initialization and join the complex before continuing to step 2.

   

                       2. Reboot the eRMC:
                              eRMC CLI> reboot rmc
                        Then allow at least 5 minutes for the eRMC to finish rebooting process and setting up the
                        complex before powering on the nPar.

i.         For online FW update, reboot the Partition when convenient to activate the new nPar firmware:
- To reboot a partition or multiple partitions, enter:
                RMC cli>  reboot npar pnum=x, where x is the partition number or 0 for a single
                                 partition chassis numbered 0

For offline FW update, Power on the system or partition:
 - To power on a system configured with all chassis in one large nPartition numbered 0, enter:
                    RMC cli> power on npar pnum=0

j.      For systems running with secured boot enabled, follow the steps below in order to address the “BootHole” (CVE-2020-10713) security vulnerability:

a.      All vulnerable signed UEFI OS boot loaders and applications that are expected to boot must be updated before applying or installing the default DBX key.
Note: Failure to install application updates before the new DBX installation may result in a situation where the server will not boot. If that situation occurs, Secure Boot will need to be disabled until the vulnerable applications and bootloaders are updated.

b.      Once above step is completed, after firmware version 3.30.140 (or later) is installed, follow the steps below in BIOS menu to install new DBX default keys:

                  UEFI Boot Manager-> Device Manager-> Secure Boot Configuration->Install Default Keys
                  UEFI Boot Manager-> Device Manager-> Secure Boot Configuration->Attempt Secure Boot

 

 

DETERMINING CURRENT VERSION:
To check or verify the current firmware levels on the system, from the CLI, enter the RMC command:  
         RMC cli> show firmware
                Configured complex bundle version: 3.40.122

                Configured npar bundle version: 3.40.122

 

         Firmware on all devices matches the configured version.

 

   Note: If you want to see all the components’ versions, you may use “show firmware verbose”.

 

Downgrading firmware:

Note: Downgrading firmware is not recommended as it may cause a loss of functionality and expose the system to vulnerabilities fixed in later versions.

Downgrading guidelines (online downgrade supported where online upgrade is supported):

- After online downgrade completes, you will need to reboot the nPAR using the “reboot npar pnum=x” command to activate the newly installed BIOS.

- After offline downgrade completes, power on the system or nPAR using the “power on” command.

 

KNOWN ISSUES & WORKAROUNDS:  

·       After updating to firmware version 3.40.122, thermal monitoring may be set to OFF, causing the system to fail with a critical event HARP0/1 VDD_VR_FAULT or THERMAL_FAULT_DETECTED, right after the update or within a few hours. Workaround:  Reboot the BMC’s after updating the firmware and prior to power cycling the partition (see installation instructions for details)

·       Exception during boot may lead to BIOS Halt with SMRAM_DISTRIBUTION_TIMEOUT.  

Workaround: Rebooting the server will clear the error.

·       "show sensor" or "ipmi sensor" command output in uvdmp does not always report the fan speed of RMC's PSU

·       Due to faulty Intel microcode (02006a08 for Skylake, 04003003 or 05003003 for Cascade Lake), Superdome Flex servers running with these microcode versions may stop running, fail to boot or experience random de-configuration of processors and/or processor cores. The following OS versions are affected:

·       On systems running with SLES 15 SP1 or 15 SP2, an IO card may rarely go offline with the console log showing a message “Device recovery failed”. An OS reboot is required to recover.

·       Installation of Windows Server 2019 on a 16 socket partition with Hyper-Threading enabled may take hours on servers with hundreds of logical processors. Workaround: Either disable Hyper-Threading prior to installing the OS (and re-enable it after OS is installed), or modify to an 8 (or less) socket partition, install the OS, and change back to a 16 socket partition after the OS is installed.

·       On systems (8 or 16 socket) configured with PMM (HPE Persistent Memory) and running with Windows 2019, a BSOD (Blue Screen of Death) may be intermittently encountered while creating or deleting namespaces using new-pmemdisk or remove-pmemdisk powershell cmdlets. When this occurs, the following bug check happens: STOP 0x00000101 CLOCK_WATCHDOG_TIMEOUT. Workaround: Retry the operation after the system comes back up.

·       A BIOS ASSERT may be encountered when performing PXE boot from Microsoft Windows Deployment Services, if the user attempts to select ESC in the menu displayed by Windows Boot Manager. Workaround: Do not exit the menu using the ESC key.

·       After a RMC reboot, Insight Remote Support (IRS) may not collect all the inventory data. Workaround: Rediscover the missing device in IRS (in IRS console, under Devices, check all the devices from the Device Summary TAB and select Discover); for information on Insight Remote Support, see “Manage Devices” in the IRS Help.

·       A Superdome Flex server may rarely crash during boot due to a timeout occurring in the BIOS. When this happens, the system will automatically reboot and recover.

·       Firmware update with certificate checking enabled is not supported with OneView or SUM (SUM does not support providing a certificate for client verification). Workaround: disable certificate checking prior to updating firmware with SUM or OneView.

·       Superdome Flex server registration with IRS fails if the system is configured with certificate checking enabled. Workaround: Install IRS patch 7.10 to fix the issue.

·       Deconfigured PMMs in the expansion chassis may at times result in multiple persistent memory regions being inaccessible to the OS. User should call HPE Support to check on the reason for the deconfigured PMM and get it addressed.  

·       After a PMM becomes deconfigured, Windows Server 2019 may not be able to access PMM logical devices if the PMM region is setup in the default AppDirect (interleaved) mode, causing the PMM disk data to be inaccessible. Workaround: Do not use the interleaved mode. Also call HPE Support to check on the reason for the deconfigured PMM and get it addressed. 

·       Whenever an nPAR is created, removed, or modified that results in a change in monarch chassis, all existing Redfish sessions will immediately expire. Redfish client will need to re-authenticate with the Superdome Flex Redfish to establish a new Redfish session.

·       The UEFI shell accepts invalid directory names such as ‘..’ appended to a valid directory name. Workaround: Retry using a proper directory name.

·       The UEFI shell command ‘dh’ fails to display EFI_DEVICE_PATH_PROTOCOL information for some device handles. It also displays “IPv6 (Not Available)” for devices including IPv6 device path node information.

·       If the BMC stops responding, a watchdog timer resets it to recover automatically with an event BMC_RESET_BY_WATCHDOG. This event reflects that normal BMC operation has resumed and it may be ignored. 

·       The BMC may occasionally reboot to recover from a software error condition. If a BMC_KERNEL_PANIC is logged, you may ignore it as it does not affect system operation.

·       Virtual Media connection may cause slow-boot. Workaround: Disconnect Virtual Media to resolve the slow boot. In general, it is recommended to disable Virtual Media when not needed.

·       Virtual Media does not support UEFI reconnect -r command.
Workaround: After attaching Virtual Media to the partition, use POWER RESET to reset the partition and activate Virtual Media.

·       By default, the Virtual Media instance setting for CD/DVD and hard disk are set to 0. To use virtual media, CD/DVD must be set to at least 1. For more details, refer to the Superdome Flex OS installation guide (http://www.hpe.com/support/superdome-flex-os)

·       The JViewer application VMedia hard disk size must be between 4 MB and 512 MB. If any larger size is needed, create an ISO and mount it via the CD/DVD tab.

·       Mac OS browsers (Safari, etc) are not supported on KVM and JViewer. Use Windows Internet Explorer, Firefox and Chrome instead.

·       Right after nPar creation, the partition status may show as Unknown due to a delay in status update. Workaround: Run SHOW NPAR command to check the nPar status.

·       Failure due to timeout during directed pxe boot when directed PXE boot is requested and the PXE server is not enabled to respond to the DHCPINFORM message request. You must use a PXE server that supports DHCPINFORM message requests.

·       The CLI provides a convenient ‘ipmi’ wrapper script. However, serial over lan (SOL) is not supported by this convenient ‘ipmi’ command. Attempting to activate partition console via ‘ipmi command=”sol activate”’ will fail with the message: “Error: This command is only available over the lanplus interface”. User should use CLI ‘connect npar’ or ‘uvcon’ to connect to partition console.

 

For more details on accessing and managing the system, see the HPE Superdome Flex user documentation located at this link.

 

FEEDBACK
As we are continuing to improve the firmware management process we welcome your feedback on this document and on the firmware update process: TEAM-FWupdateFeedback@groups.ext.hpe.com 

 

DISCLAIMER:
The information in this document is subject to change without notice.
Hewlett Packard Enterprise makes no warranty of any kind with regard to this material, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. Hewlett Packard Enterprise shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.

This document contains proprietary information that is protected by copyright. All rights are reserved. No part of this document may be reproduced, photocopied, or translated to another language without the prior written consent of Hewlett Packard Enterprise.

(C) Copyright 2017-2021 Hewlett Packard Enterprise Development L.P.

 

SUPERSEDES HISTORY:
Version 3.30.144:

ENHANCEMENTS:    

·       Added support for RHEL 8.4

June 2021:

·       Added support for SLES 15 SP3

 

FIXES in firmware version 3.30.144:  

·       Fixed an issue where a system running a Windows Operating System would crash unexpectedly with a BSOD (Blue Screen Of Death) accompanied with events “Fatal OS run-time critical shutdown occurred” in CAE (Core Analysis Engine) and Event ID 6008/1001 (Bugcheck 101) in the Windows OS System Event Logs.

 

Version 3.30.142:
ENHANCEMENTS:    

April 2021:

·       Added support for Windows Server 2019 on systems with Intel Xeon® Scalable processors 61XX/81XX

·       Added support for VMware 7.0 U2 on systems Intel Xeon® Scalable processors 61XX/81XX and 62XX/82XX

FIXES in firmware version 3.30.142:  

·       Addressed an issue in firmware versions 3.30.130/3.30.140 where setting the Memory refresh rate to 2x was not effective at completely reducing the susceptibility to the RowHammer security vulnerability CVE-2020-10255

o   To be effective, the memory refresh rate must be set to 2x again after updating to firmware version 3.30.142; for that, run the RMC CLI command:
      modify npar pnum=PARTITION_ID memrefreshrate=x2

·       Addressed a potential security vulnerability that could be exploited to cause Denial of Service to the web interface (see Security Bulletin hpesbhf04102)

 

Version 3.30.140:
ENHANCEMENTS:    

·       Added support for VMware 7.0, 7.0 U1 and for RHEL 8.3 and Oracle Linux 7.9, 8.2, 8.3 on systems running with Intel Xeon® Scalable processors 62XX/82XX

·       Added support for VMWare 6.5 U3, 6.7 U2, 7.0 and 7.0 U1 on systems running with Intel Xeon® Scalable processors 61XX/81XX

·       To mitigate against “Rowhammer” attacks (security vulnerability CVE-2020-10255), a new user configurable ‘memrefreshrate’ option was added to the RMC “modify npar” and “create npar” commands. It allows changing the DDR4 memory refresh rate from the default 1x rate to 2x. Note: The 2x memory refresh rate might affect the performance and resiliency of the server memory.

·       A “delay after failed login” can now be configured from the RMC CLI to fight against brute force attacks. To set a delay value, use the command “set failed_login delay=<secs>”; supported delay values are 0 to 240 seconds.

·       Added support for logging of system events on a remote server using the new “set remote_log_server_address <address>” command.

·       PCIe Live Error Recovery (LER) can now be enabled or disabled for the specified HPE supported I/O cards from the RMC CLI; associated commands:

o   disable ler vendor_id=VENDOR_ID device_id=DEVICE_ID

o   enable ler vendor_id=VENDOR_ID device_id=DEVICE_ID

o   show ler [enable] [disable]

·       A new asset_tag option was added to the “modify chassis” and “modify RMC” commands to allow configuring the asset tag for chassis and RMC

·       Enabled support for power operations from KVM console

·       Added support for chassis power, thermal and fan speed reading in Redfish

·       Added SNMP alert on power state change

·       Enabled Directed lanboot without DHCP support for Windows Deployment Server (WDS)

·       System now reports an error when eRMC UPOS does not match bmc_id 0 UPOS, which is an invalid configuration that should be corrected

·       Added capability to tune a new Hub Write Flush Optimization feature EFI variable using setvar, allowing to provide better balance between memory writes and memory reads and ensure more consistent memory latencies on systems running under heavy workload; for details, see the Customer Notice a00110429

·       Added capability to disable the Flush WpqFlushHintAddress locations available to the OS using a setvar command to set a new MrcWpqFlushSupportNext variable. for more details, see Customer Advisory a00110427

·       Firmware can now identify and report the presence of memory types not supported on the platform

·       Firmware now generates a non-critical event 1261 instead of a fatal MCA event when the system is able to recover from the MCA

·       Soft PPR (Post Package Repair) is now enabled for Samsung DIMMs


February 2021:

·       Added links to the Customer Notice for tuning the Write Flush Optimization feature and to the Customer Advisory for Disabling the Flush WpqFlushHintAddress locations

·       Clarified the process for the DBX key updates in the Installation Instructions

·       Clarified that online firmware update to version 3.30.140 is not supported (except from version 3.30.130) due to a PLD version change in version 3.30.130

·       Changed bundle entitlement to "Firmware (Login Required) - System" 

 

Note: See more details on new commands in the CLI Help and in HPE Superdome Flex User Guide and Administration Guide.

 

FIXES in firmware version 3.30.140:  

·       Addressed security vulnerability OpenSSL CVE-2020-1971

 

FIXES in firmware version 3.30.130:

·       New Forbidden Signature Database (DBX) from HPE & Microsoft are included in this firmware to mitigate the GRUB2 bootloader security vulnerability CVE-2020-10713 (also known as “BootHole”). The vulnerability affects only system running with UEFI secure boot enabled. For details, see Security Bulletin hpesbhf04019 and Customer Bulletin a00109427

o   Warning: See Pre-Requisites and installation sections for required DBX update steps

·       Addressed security vulnerabilities CVE-2020-8764, CVE-2020-8738, CVE-2020-8740 by making changes that eliminate the potential local escalation of privilege (Security Bulletin HPESBHF04058)

·       Updated Intel microcode to IPU2020.2 (addresses some hang issues)

·       Addressed a rare system hang at boot when a single faulty DIMM is present in the system

·       Improved BMC (Board Management Controller) stability by significantly reducing occurrences of Out Of Memory errors

·       Prevents occurrence of PCIe soft errors on some I/O devices (GPUs, Base IO, NICs) on systems running with high workloads

·       Disabling the Flush WpqFlushHintAddress locations using “setvar MrcWpqFlushSupportNext” command prevents a “BIOS HALT detected” error during boot on systems with HPE persistent memory and under heavy workload; for more details, see Customer Advisory a00110427

·       Addressed an issue where system would sometimes fail to boot after a system initiated reset caused by internal link errors, and where BMC_RELEASE_TO_BIOS_FAIL and/or CPU_SOCKET_RESET_FAIL events on non-failing chassis could result in disabled sockets.

·       While attempting to recover from a failed reset on a systems with 2-socket clumps enabled, CPU 0 and 1 would boot successfully but CPU 2 and 3 would be indicted. With this fix, CPU 2 and 3 are now reset correctly and no longer indicted.

·       Addressed an issue where, after configuring namespace7.0 for fsdax mode, an 8 socket partition with 128GB DIMM and 256GB of persistent memory would fail to boot to OS with the error: “SW EXCEPTION: BIOS HALT detected!”

·       Fixed an issue where a DIMM failure would not cause the faulty DIMM to be de-configured or a service event to be generated. 

·       Fixed an issue where firmware would sometimes indict the wrong DIMM when generating service event 1210

·       When using “Add an attempt” to create iSCSI boot attempt entries in the Device Manager’s iSCSI configuration menu, a firmware assert is no longer seen when adding a 9th  entry.

 

 

Version 3.25.46:

ENHANCEMENTS:    

·       Added support for RHEL 7.8

·       Added iSCSI software initiator based boot support with HPE InfiniBand EDR/Ethernet 100Gb 2-port 841QSFP28 Adapter (872726-B21) on SLES 12 SP3, SP4 , SLES 15 SP1 and supported RHEL releases

·       Support Openstack HTTP boot and Openstack T release

·       Support sector mode for HPE Persistent Memory

·       Supports Windows Server 2019 with 16 socket/24 TB of HPE Persistent Memory 

·       Added IPMI watchdog functionality; the CLI command 'set ipmi_watchdog os_managed' command may be used to enable it

·       Support in-band IPMI power operations such as power cycle, power off, power soft

·       Includes some uvdmp improvements

·       June 2020 update:

o   Added support for RHEL 8.2

o   Added support for OL 7.8 and OL 8.1 with UEK6

o   Removed Windows 2019 support on 61XX/81XX (unsupported)

 

FIXES:  

·       The BIOS in firmware version 3.25.46 includes updated Intel microcode that addresses some crashes caused by DDR4 memory errors. In particular, this updated microcode addresses a Machine Check Exception timeout failure when Fast Fault Tolerant Memory Mode (ADDDC) is enabled. This issue is not unique to HPE servers.

·       The updated microcode (0x2f00 on systems with 62xx/82xx processors and 0x6901 for systems with 61xx/81xx processors) also addresses security vulnerability CVE-2020_0549

·       System now reports event 1210 in case of MCA due to some uncorrected memory errors

·       The grub2 boot loader menu now successfully launches when booting grub2 boot loader via UEFI HTTP boot and when booted via either fully qualified domain name URL or via IP address URL

·       Addressed boot issues. Monarch chassis would fail to boot with erroneous "PLD or PSOC not detected" message. Other chassis would boot but nPar would be missing the chassis resources

·       Users can now successfully mount ISO images in Jviewer when the RMC/eRMC password contains one or more of %, #, or & characters

·       Dot ​(.) ​character is ​now ​accepted ​as ​part ​of ​LDAP ​User/Group ​names ​in ​Superdome ​Flex ​Server ​RMC/eRMC ​CLI

·       FRU data for HPE PCIe cards installed in slot 16 are now properly read and "SHOW CHASSIS INFO” no longer returns fields as “Unknown”

Version 3.20.186/3.20.206:
ENHANCEMENTS:  

February 2020 update:

·       Server firmware 3.20.186 and later supports also Oracle VM 3.4.6


December 17, 2019 update:

·       Firmware version 3.20.186 and later includes mitigation for CVE-2019-14607 in the Intel Microcode.

In firmware version 3.20.206:

·       POWER_SUPPLY_INPUT_LOST (event 1106) is now generated in case of loss of AC input to the chassis power supply.

·       When inserting a power supply, POWER_SUPPLY_TYPE_PROBE_FAILED (event 1111) is now generated in case the power supply is detected but FRU data cannot be read, likely because the power supply needs reseating.

 

In Firmware version 3.20.186 (not available as web release):

·       Supports 128/256/512 GB Intel PMM (HPE Persistent Memory Module):

o   For details on supported PMM configurations, see the HPE Persistent Memory Guide for HPE Superdome Flex.

§  Supported with Intel Xeon processors 82xx/62xx only

§  Support of App direct mode on 4/8/16 socket systems  

§  For OS support, see the Operating Systems section above

o   Supports management and configuration of PMM’s

o   Supports PMM related events and logging as well as health monitoring and reporting

o   Supports creation of XFS root file system for Linux on PMM

·       Supports additional CPUs: 6226, 8253

·       Supports additional OS’es: RHEL 8.1, Oracle UEK 7.7, SLES 12 SP5 

·       Supports new I/O cards:

o   RTx 8000 GPU

o   HPE Infiniband HDR/Ethernet 200GB 1-port  & HDR100/Ethernet 100GB 1-port/2-port 940QSFP56

·       Improved manageability using Redfish and Openstack Ironic release (see HPE Superdome Flex Manageability white paper)

·       Improved security: supports certificate checking on web console and Redfish connections

o   Note: Certificate checking is not supported with SUM or OneView; you need to disable certificate checking prior to updating firmware

·       Improved BMC stability by significantly reducing occurrences of random BMC reboots

·       Improved diagnosing of damaged cables while preventing mis-diagnosis of other parts

·       Improved chassis power supply AC loss handling and reporting

·       Improved power supply redundancy reporting

·       Supports RMC power supply fault as well as thermal fault reporting

 

FIXES:
Fixes in 3.20.206:  

·       Addresses an issue where an error occurring on PMMs (HPE Persistent Memory) in the expansion chassis would rarely result in unexpected behavior, including an OS crash

·       Fixed an issue where deconfigured PMMs in any chassis would prevent Windows Server 2019 from accessing any PMM devices (physical or logical), resulting in users being unable to see any physical or logical PMM devices in device manager, or in the output of Windows PowerShell cmdlets Get-PmemPhysicalDevice or Get-PmemDisk, and PMM disk data being inaccessible.


Fixes in 3.20.186 (not available as web release):

·       Critical - Addressed an issue seen with 64GB DDR4 DIMMs in socket 0 and using 2 DIMMs per channel, where ADDDC (Adaptive Double Device Data Correction) bank sparing would result in a crash due to an uncorrected memory error.

·       The System ROM in firmware version 3.20.186 or later includes the latest revision of the Intel Reference Code that provides mitigations for security vulnerabilities. The following vulnerability has been addressed in this release: CVE-2019-0152. This issue is not unique to HPE servers.

·       The system ROM in firmware version 3.20.186 or later includes the latest revision of the Intel microcode which provides mitigation for CVE-2017-5715, CVE-2019-11135, CVE-2019-11139 and CVE-2019-14607, as well as mitigation for an Intel sighting where under complex micro-architectural conditions, executing X87 or AVX or integer divide instructions may result in unpredictable system behavior. These issues are not unique to HPE servers.

·       Addressed an issue where, after power cycling all the chassis in the complex, the system boot would fail with a BIOS ASSERT DETECTED due to an ASSERT EFI ERROR

·       Indicted or deconfigured FRUs are now acquitted upon AC power-cycling of the entire complex (all BMCs and RMC)

·       Firmware now sends service events or SNMP traps when a Rack Management Controller (RMC) hardware error occurs

·       Superdome Flex now supports IPMI over LAN via any IPv6 IP address listed within the subnet, not just the first one configured

·       Fixed an issue where uncorrected memory errors would rarely occur without deconfiguration or indictment

 

Version 3.10.164/3.10.174:

ENHANCEMENTS:

Note: System firmware 3.10.164 includes all of the enhancements defined for 3.10.174.

Enhancements in firmware 3.10.164 / 3.10.174:

FIXES:

Note: System firmware 3.10.164 includes all of the fixes defined for 3.10.174.

Fixes in version 3.10.164 / 3.10.174:

·       Fixed an issue where web console login would fail if the RMC network was not properly configured or not connected to the site network prior to RMC boot

Version 3.0.542:

ENHANCEMENTS:  

June 2019: Release notes were updated to add some fixes and known issues and add a link to the Superdome Flex Support Matrix (Release Sets).

 

FIXES:

Version 3.0.542:

 

Version 3.0.512:

ENHANCEMENTS:

·       Added support for Intel Xeon® Scalable processors 8280, 8276, 8270, 8268, 8260, 8256, 6254, 6252, 6248, 6244, 6242, 6240, 6230; requires firmware version 3.0.512 or later

·       Added support for Windows 2019 on systems with Intel Xeon® Scalable processors 62XX/82XX

·       Added support for IPv6 USGv6

·       On 4 socket systems, TEST FABRIC now displays a warning instead of an error message when the 3 Numa Link loop back cables are not installed.

·       Superdome Flex internal management network uses by default 172.16.0.0/16, 172.30.50.0/24 and 172.30.60.0/24 subnets. However, the RMC “set network internal” command now allows to change these subnets to any legal subnet.

·       APPWT limit has been increased to the 29 WT (Weighted Teraflops) threshold, effective since October 2018

 

Note:

·       Default NIC naming differs on systems with Intel Xeon® Scalable processors 62XX/82XX versus 61XX/81XX. On servers with 62XX/82XX processors, NIC naming is based on udev property “ID_NET_NAME_SLOT”. This was introduced with firmware 3.0.542. On systems with 61XX/81XX processors, NIC naming continues to be based on “ID_NET_NAME_PATH” and there is no impact after updating to 3.0.542. However, if customers wish to use the consistent device naming standard on systems with  61XX/81XX processors, then they can follow the steps in the DETAILS section of the customer notice https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00075568en_us

·       The RMC factory default password has been changed from a common password to a random password, unique on each system, provided on a label on the rear of the RMC or eRMC base chassis. For details, see advisory a00073630.

·       The web console, virtual media, and JViewer default login now use the RMC/eRMC administrator account and password. The user 'admin' can no longer login to the web console.

FIXES:

·       Provided enhancements and multiple fixes in memory and IO error handling to help prevent MCAs

·       Addressed occurrences of MCAs, BIOS HALTs due to HWERR, and ASSERTs at boot time

·       Addressed a number of false critical alerts that were seen at boot or after a power cycle

·       Addressed an eRMC hang after a MC warm reset is triggered from ipmitool

 

SUM 8.4.0 fixes:

·       SUM version 8.4.0 fixed an issue where SUM would falsely report that update had completed less than 2 minutes after deployment had started.

 

Version 2.5.314:

ENHANCEMENTS:

·       None

FIXES:

·       CRITICAL: Fixed an issue where a system under heavy workload would sometimes MCA with error messages such as "Fatal Link Timeout to PCIe Device" and "LER_ENTERED".

·       CRITICAL: Optimized memory controller for RAS features to prevent MCA’s when a system is under a heavy workload and a DIMM sparing operation is required.

·       Addressed the privilege escalation vulnerability CVE-2018-12204

 

Version 2.5.300:

ENHANCEMENTS:

FIXES:

·       Updated to latest Intel microcode

·       Firmware update no longer reports an error when updating chassis with rack number greater than 9

·       Extended range of rack numbers supported from 0 to 254

 

Version 2.5.90:

FIXES:

·       Firmware version 2.5.290 resolves certain potential unexpected system behavior when operating the Superdome Flex system or nPar(s) in HPC mode. For systems or partitions running in HPC mode, the frequency of system memory errors may increase after the update. These memory errors will be fully visible in memlog.  HPE strongly recommends that customers run in RAS mode, but if they elect to continue using HPC mode, they should update to this firmware version to eliminate the risk of unintended side effects from memory correction including possible system crashes. Refer to this advisory for more details.

 

Version 2.5.80:

ENHANCEMENTS:

FIXES:

The following issue has been addressed in firmware version 2.5.280:

·       Fixed an issue where a bugcheck or unexpected process termination would be seen after an uncorrectable memory error on systems running Microsoft Windows Server 2016.

 

The following issues have been addressed in firmware version 2.5.270 and later:

Version 2.5.256:

FIXES:

-       L1 Terminal Fault - OS, SMM (CVE-2018-3620). Please note this mitigation also requires operating system software updates.

-       L1 Terminal Fault - OS, VMM (CVE-2018-3646). Please note this mitigation also requires operating system software updates, and VMM software updates.

-       For more information, see the bulletin a00055017en  

Version 2.5.246:

ENHANCEMENTS:  

·       Added support for CPU models 8170M, 8170, 8168, 6140, 6140M, 6150, 6142M, 6142, 6138

·       Added support for 24 and 28 socket configurations (in addition to 4, 8, 12, 16, 20 and 32)

·       Added partitioning (nPAR) support with ability to convert non partitioned systems to partitionable

·       Added support for HPE Ethernet 10Gb 2-port 562T adapter, 32Gb Fibre Channel SN1600Q, SN1600E HBAs

·       Added support for Windows Server 2016 with up to 16 sockets

·       Added support for RHEL 7.5

·       Added support for VMware 6.5 U2

·       Added support for Oracle VM 3.4.4

·       Added new security and management features (secure boot, SSH upgrade, reduced port usage)

·       Added support for offline firmware update via SUM (Smart Update Manager)

·       Added support for OneView monitoring (requires OneView version 4.1 or later)

·       Added support for provisioning OS with redfish using the OpenStack Ironic  (Requires Openstack Ironic version ‘Pike’  or later)

·       Enhances security with SSH

FIXES:

·       New BIOS addresses the following known vulnerabilities, CVE-2018-3639 and CVE-2018-3640.

·       Fixed an issue where the firmware update would fail on rare occasions to update the BIOS image.

·       Some IO errors no longer cause an incorrect decoding to be logged in the Integrated Event Log with the string “[physloc_err=5]”.

·       Fixed an issue where rebooting the Board Management Controller (BMC) when the Operating System was Running would cause the BMC to stop responding.

·       Fixed an issue on 2-socket clump systems (i.e. chassis with Intel Intel Xeon® Scalable 61xx series processors installed) where the fans would jump to maximum speed and remain there if the BMC was rebooted with the system power on.

·       The ‘SHOW UVDMP’ command always displayed one screen at a time and require user to interact with the keyboard to move to the next page, even with the CLI in script mode. This is now fixed.

·       IPMI watchdog is unsupported and can no longer be enabled. This prevents an issue seen in prior versions where a multi-chassis reboot from OS would fail when IPMI watchdog was enabled.

·       Fixed a syntax issue allowing to use the CLI ADD LOCATION command with “module=rmc” on eRMC.


Version 2.4.98:

FIXES:
BIOS:

·       Updated Intel microcode to address CVE-2017-5715

·       Some I/O Fatal errors (e.g. Malformed TLP, RxOverflow, FlowCntl, DLLP, etc) detected at the End Point device no longer cause an MCA and the system now allows OS recovery instead of rebooting.

 

Version 2.3.132:

FIXES:

·       Removed the Intel microcode that was issued to address the Spectre/Meltdown security vulnerability, which Intel then asked vendors not to use (see Intel guidance here).

 

Version 2.3.122:   REMOVED due to Intel microcode issue.

FIXES:

·       Fixed an issue where the eRMC SET FACTORY command could cause the eRMC to become unusable while trying to initialize the configuration flash partition. The SET FACTORY command is now supported on eRMC.

·       Fixed an issue where CAE service event id #306 (uncorrectable memory data read error) incorrectly encoded DIMM group number, causing the wrong DIMM to be indicted.

Version 2.3.110: REMOVED due to Intel microcode issue.
FIXES:

The following issues were fixed:

·       Addresses security vulnerability CVE-2017-5715; see updates in this advisory.

·       DCD was not supported with firmware version 2.3.94.

·       The eRMC uses NTP daemon internally to keep the management times synchronized. The internal NTP daemon usage is very limited in scope, but is of older ntpd version (4.2.6p5). As a result of older ntpd version, security scanner may falsely flag vulnerabilities that are not applicable to Superdome Flex eRMC system. To mitigate security impact, follow HPE required security best practices.

·        When BIOS de-configures a DIMM, the eRMC will correctly record the data, but will incorrectly return no de-configuration the next time BIOS boots. This incorrect information causes BIOS to retrain the DIMM and attempt to use it. Marginal DIMM may sometime pass the retrain and be included in the system for OS use. Because the DIMM is marginal, it may fail at a later time and cause the OS to crash. To minimize the chance of marginal DIMM being used at next boot, run SHOW DECONFIG and SHOW INDICT after the system is booted and replace any DIMM that has been indicted and de-configured.

·       Memory on some sockets may be in SDDC mode instead of the intended ADDDC mode

 

Version: 2.3.94: Initial version.