Power7 System Firmware

Applies to:   8231-E1C, 8231-E2C, 8202-E4C, 8205-E6C, 8492-DW3, 8493-SV3, 8246-L2C, 8246-L2S, 8246-L1C and 8246-L1S.

This document provides information about the installation of Licensed Machine or Licensed Internal Code, which is sometimes referred to generically as microcode or firmware.


Contents


1.0 Systems Affected

This package provides firmware for Power 710 (8231-E1C), Power 730 (8231-E2C), Power 720 (8202-E4C), Power 740 (8205-E6C, 8492-DW3 and 8493-SV3), PowerLinux 7R2 (8246-L2C, 8246-L2S) and PowerLinux 7R1 (8246-L1C, 8246-L1S) servers only.

The firmware level in this package is:

1.1 Minimum HMC Code Level

This section is intended to describe the "Minimum HMC Code Level" required by the System Firmware to complete the firmware installation process. When installing the System Firmware, the HMC level must be equal to or higher than the "Minimum HMC Code Level" before starting the system firmware update.  If the HMC managing the server targeted for the System Firmware update is running a code level lower than the "Minimum HMC Code Level" the firmware update will not proceed.

The Minimum HMC Code level for this firmware is:  HMC V7 R7.4.0 (PTF MH01273 or MH01274) with PTF MH01275 (Mandatory efix).

Although the Minimum HMC Code level for this firmware is listed above,  HMC V7 R7.9.0 Service Pack 1  (PTF MH01428) with security fix (PTF MH01473) and POODLE fix (PTF MH01484) or higher is recommended.

Important: To prevent vulnerability to POODLE security issues, the HMC should be updated to the above recommended level,  prior to installing this server firmware level.


For information concerning HMC releases and the latest PTFs,  go to the following URL to access Fix Central:

http://www-933.ibm.com/support/fixcentral/

For specific fix level information on key components of IBM Power Systems running the AIX, IBM i and Linux operating systems, we suggest using the Fix Level Recommendation Tool (FLRT):
http://www14.software.ibm.com/webapp/set2/flrt/home

NOTES:
                -You must be logged in as hscroot in order for the firmware installation to complete correctly.
                - Systems Director Management Console (SDMC) does not support this System Firmware level.

2.0 Important Information

Downgrading firmware from any given release level to an earlier release level is not recommended.

If you feel that it is necessary to downgrade the firmware on your system to an earlier release level, please contact your next level of support.

IPv6 Support and Limitations

IPv6 (Internet Protocol version 6) is supported in the System Management Services (SMS) in this level of system firmware. There are several limitations that should be considered.

When configuring a network interface card (NIC) for remote IPL, only the most recently configured protocol (IPv4 or IPv6) is retained. For example, if the network interface card was previously configured with IPv4 information and is now being configured with IPv6 information, the IPv4 configuration information is discarded.

A single network interface card may only be chosen once for the boot device list. In other words, the interface cannot be configured for the IPv6 protocol and for the IPv4 protocol at the same time.

Concurrent Firmware Updates

Concurrent system firmware update is only supported on HMC Managed Systems only.

Memory Considerations for Firmware Upgrades

Firmware Release Level upgrades and Service Pack updates may consume additional system memory.
Server firmware requires memory to support the logical partitions on the server. The amount of memory required by the server firmware varies according to several factors.
Factors influencing server firmware memory requirements include the following:
Generally, you can estimate the amount of memory required by server firmware to be approximately 8% of the system installed memory. The actual amount required will generally be less than 8%. However, there are some server models that require an absolute minimum amount of memory for server firmware, regardless of the previously mentioned considerations.

Additional information can be found at:
http://publib.boulder.ibm.com/infocenter/powersys/v3r1m5/topic/p7hat/iphatlparmemory.htm


3.0 Firmware Information and Description 

Use the following examples as a reference to determine whether your installation will be concurrent or disruptive.

For systems that are not managed by an HMC, the installation of system firmware is always disruptive.

Note: The concurrent levels of system firmware may, on occasion, contain fixes that are known as Deferred and/or Partition-Deferred. Deferred fixes can be installed concurrently, but will not be activated until the next IPL. Partition-Deferred fixes can be installed concurrently, but will not be activated until a partition reactivate is performed. Deferred and/or Partition-Deferred fixes, if any, will be identified in the "Firmware Update Descriptions" table of this document. For these types of fixes (Deferred and/or Partition-Deferred) within a service pack, only the fixes in the service pack which cannot be concurrently activated are deferred.

Note: The file names and service pack levels used in the following examples are for clarification only, and are not necessarily levels that have been, or will be released.

System firmware file naming convention:

01ALXXX_YYY_ZZZ

NOTE: Values of service pack and last disruptive service pack level (YYY and ZZZ) are only unique within a release level (XXX). For example, 01AL720_067_045 and 01AL740_067_053 are different service packs.

An installation is disruptive if:

Example: Currently installed release is AL710, new release is AL720 Example: AL720_120_120 is disruptive, no matter what level of AL720 is currently installed on the system Example: Currently installed service pack is AL720_120_120 and new service pack is AL720_152_130

An installation is concurrent if:

The release level (XXX) is the same, and
The service pack level (YYY) currently installed on the system is the same or higher than the last disruptive service pack level (ZZZ) of the service pack to be installed.

Example: Currently installed service pack is AL720_126_120,  new service pack is AL720_143_120.

Firmware Information and Update Description

 
Filename Size Checksum
01AL740_156_042.rpm 39130323 25545

Note: The Checksum can be found by running the AIX sum command against the rpm file (only the first 5 digits are listed).
ie: sum 01AL740_156_042.rpm

AL740
For Impact, Severity and other Firmware definitions, Please refer to the below 'Glossary of firmware terms' url:
http://www14.software.ibm.com/webapp/set2/sas/f/power5cm/home.html#termdefs

The complete Firmware Fix History for this Release Level can be reviewed at the following url:
http://download.boulder.ibm.com/ibmdl/pub/software/server/firmware/AL-IOC-Firmware-Hist.html
AL740_156_042 / FW740.90

01/28/15
Impact: Security         Severity:  SPE

System firmware changes that affect all systems

  • A problem was fixed that caused a "code accept" during a concurrent firmware installation from the management console to fail with SRC E302F85C.
  • A power supply fan speed problem was fixed that slowed the power supply fans down to a very low level for a minute about once every hour, with possible thermal shutdown of the power supply.
  • A  security problem was fixed for the Lighttpd web server that allowed arbitrary SQL commands to be run on the service processor.  The Common Vulnerabilities and Exposures issue number is CVE-2014-2323.
  • A security problem was fixed for the Lighttpd web server where improperly-structured URLs could be used to view arbitrary files on the service processor.  The Common Vulnerabilities and Exposures issue number is CVE-2014-2324.
  • A security problem was fixed for the Network Time Protocol (NTP) client that allowed remote attackers to execute arbitrary code via a crafted packet containing an extension field.  The Common Vulnerabilities and Exposures issue number is CVE-2009-1252.
  • A security problem was fixed for the Network Time Protocol (NTP) client for a buffer overflow that allowed remote NTP servers to execute arbitrary code via a crafted response.  The Common Vulnerabilities and Exposures issue number is CVE-2009-0159.
  • A  security problem was fixed in the service processor TCP/IP stack to discard illegal TCP/IP packets that have the SYN and FIN flags set at the same time.  An explicit packet discard was needed to prevent further processing of the packet that could result in an bypass of the iptables firewall rules.
  • A security problem was fixed in the OpenSSL (Secure Socket Layer) protocol that allowed a man-in -the middle attacker, via a specially crafted fragmented handshake packet, to force a TLS/SSL server to use TLS 1.0, even if both the client and server supported newer protocol versions. The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-3511.
  • A security problem was fixed in OpenSSL for formatting fields of security certificates without null-terminating the output strings.  This could be used to disclose portions of the program memory on the service processor.  The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-3508.
  • Multiple security problems were fixed in the way that OpenSSL handled Datagram Transport Layer Security (DLTS) packets.  A specially crafted DTLS handshake packet could cause the service processor to reset.  The Common Vulnerabilities and Exposures issue numbers for these problems are CVE-2014-3505, CVE-2014-3506 and CVE-2014-3507.
  • A security problem was fixed in OpenSSL to prevent a denial of service when handling certain Datagram Transport Layer Security (DTLS) ServerHello requests.  A specially crafted DTLS handshake packet with an included Supported EC Point Format extension could cause the service processor to reset.  The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-3509.
  • A security problem was fixed in OpenSSL to prevent a denial of service by using an exploit of a null pointer de-reference during anonymous Diffie Hellman (DH) key exchange.  A specially crafted handshake packet could cause the service processor to reset.  The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-3510.
  • A security problem in GNU Bash was fixed to prevent arbitrary commands hidden in environment variables from being run during the start of a Bash shell.  Although GNU Bash is not actively used on the service processor, it does exist in a library so it has been fixed.  This is IBM Product Security Incident Response Team (PSIRT) issue #2211.  The Common Vulnerabilities and Exposures issue numbers for this problem are CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, and CVE-2014-7187.
  • A security problem was fixed in the Advanced System Management Interface (ASMI) to block click-jacking attempts. This prevents framing of the original ASMI page with a top layer on it with dummy buttons that could trick the user into clicking on a link.
  • A security problem was fixed in OpenSSL for padding-oracle attacks known as Padding Oracle On Dowgraded Legacy Encryption (POODLE).  This attack allows a man-in-the-middle attacker to obtain a plain text version of the encrypted session data. The Common Vulnerabilities and Exposures issue number is CVE-2014-3566.  The service processor POODLE fix is based on a selective disablement of SSLv3 using the Advanced System Management Interface (ASMI) "System Configuration/Security Configuration" menu options.  The Security Configuration options of "Disabled", "Default", and "Enabled" for SSLv3 determines the level of protection from POODLE.  The management console also requires a POODLE fix for APAR MB03867(Fix for CVE-2014-3566 for HMC V7 R7.7.0 SP4 with PTF MH01489) to eliminate all vulnerability to POODLE and allow use of option 1 "Disabled" as shown below:
    -1) Disabled:  This highest level of security protection does not allow service processor clients to connect using SSLv3, thereby eliminating any possibility of a POODLE attack.  All clients must be capable of using TLS to make the secured connections to the service processor to use this option.  This requires the management console be at a minimum level of HMC V7 R7.7.0 SP4 with POODLE PTF MH01489.
    -2) Default:  This medium level of security protection disables SSLv3 for the web browser sessions to ASMI and for the CIM clients and assures them of POODLE-free connections.  But the legacy management consoles are allowed to use SSLv3 to connect to the service processor.  This is intended to allow non-POODLE compliant HMC levels to be able to connect to the CEC servers until they can be planned and upgraded to the POODLE compliant HMC levels.  Running a non-POODLE compliant HMC to a service processor in  "Default" mode will prevent the ASMI-proxy sessions from the HMC from connecting as these proxy sessions require SSLv3 support in ASMI.
    -3) Enabled:  This basic level of security protection enables SSLv3 for all service processor client connection.  It relies on all clients being at POODLE fix compliant levels to provide full POODLE protection using the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV) to prevent fallback to vulnerable SSLv3 connections.  This option is intended for customer sites on protected internal networks that have a large investment in legacy hardware that need SSLv3 to make browser and HMC connection to the service processor.  The level of POODLE protection actually achieved in "Enabled" mode is determined by the percentage of clients that are at the POODLE fix compliant levels.
  • A problem was fixed for a Live Partition Mobility (LPM) suspend and transfer of a partition that caused the time of day to skip ahead to an incorrect value on the target system.  The problem only occurred when a suspended partition was migrated to a target CEC that had a hypervisor time that was later than the source CEC.
  • A problem was fixed for I/O drawer MTMS updates where a hypervisor memory leak would cause reconfiguration operations to fail or cause resources to no longer show up for user configuration.
  • A problem was fixed that could result in latency or timeout issues with I/O devices.
  • A problem was fixed to prevent a hypervisor task failure if multiple resource dumps running concurrently run out of dump buffer space.  The failed hypervisor task could prevent basic logical partition operations from working.
  • A problem was fixed for I/O adapters so that BA400002 errors were changed to informational for memory boundary adjustments made to the size of DMA map-in requests.  These DMA size adjustments were marked as UE previously for a condition that is normal.
  • A security problem was fixed in OpenSSL for memory leaks that allowed remote attackers to cause a denial of service (out of memory on the service processor). The Common Vulnerabilities and Exposures issue numbers are CVE-2014-3513 and CVE-2014-3567.
  • A problem was fixed for the Advanced System Manager Interface (ASMI) that allowed possible cross-site request forgery (CSRF) exploitation of the ASMI user session to do unwanted tasks on the service processor.
  • A problem was fixed for the iptables process consuming all available memory, causing an out of memory dump and reset/reload of the service processor.
  • A problem was fixed for intermittent B181EF88 SRCs and netsSlp core dumps during network configurations on the service processor.  This error caused call home activity for the SRC and dumps but otherwise had no impact to the CEC functionality.
System firmware changes that affect certain systems
  • A problem was fixed for DASD backplane 5V or 1.2V regulator pgood power faults (SRC 11002634 and SRC 1100262F) so that the call out specified the location code for the part as Un-P3 instead of Un-P2.  This fix pertains only to Power 710 8231-E1C and Power 730 8231-E2C systems.
  • On systems that have Active Memory Sharing (AMS) partitions, a problem was fixed for Dynamic Logical Partitioning (DLPAR) for a memory remove that leaves a logical memory block (LMB) in an unusable state until partition reboot.
  • On systems that have Active Memory Sharing (AMS) partitions and deduplication enabled, a problem was fixed for not being able to resume a hibernated AMS partition.  Previously,  resuming a hibernated AMS partition could give checksum errors with SRC B7000202 logged and the partition would remain in the hibernated state.
  • On systems with a F/C 5802 or 5877 I/O drawer installed, a problem was fixed for a hypervisor hang at progress code C7004091 during the IPL or hangs during serviceability tasks to the I/O drawer.
  • On systems using the Virtual I/O Server (VIOS) to share physical I/O resources among client logical partitions, a problem was fixed for memory relocation errors during page migrations for the virtual control blocks.  These errors caused a CEC termination with SRC B700F103.  The memory relocation could be part of the processing for the Dynamic Platform Optimizer (DPO), Active Memory Sharing (AMS) between partitions, mirrored memory defragmentation, or a concurrent FRU repair.
  • A problem was fixed that could result in unpredictable behavior if a memory UE is encountered while relocating the contents of a logical memory block during one of these operations:
    - Reducing the size of an Active Memory Sharing (AMS) pool.
    - On systems using mirrored memory, using the memory mirroring optimization tool.
  • A problem was fixed for systems in networks using the Juniper 1GBe and 10GBe switches (F/Cs #1108, #1145, and #1151) to prevent network ping errors and boot from network (bootp) failures.  The Address Resolution Protocol (ARP) table information on the Juniper aggregated switches is not being shared between the switches and that causes problems for address resolution in certain network configurations.  Therefore, the CEC network stack code has been enhanced to add three gratuitous ARPs (ARP replies sent without a request received) before each ping and bootp request to ensure that all the network switches have the latest network information for the system.
  • On systems in IPv6 networks, a  problem was fixed for a network boot/install failing with SRC B2004158 and IP address resolution failing using neighbor solicitation to the partition firmware client.
  • For systems with a IBM i load source disk attached to an Emulex-based fibre channel adapter such as F/C #5735, a problem was fixed that caused an IBM i load source boot to fail with SRC B2006110 logged and a message to the boot console of  "SPLIT-MEM Out of Room".  This problem occurred for load source disks that needed extra disk scans to be found, such as those attached to a port other than the first port of a fibre channel adapter (first port requires fewest disk scans).
  • On systems with a partition that has a 256MB Real Memory Offset (RMO) region size that has been migrated from a Power8 system to Power7 or Power6 using Live Partition Mobility (LPM), a problem was fixed that caused a failure on the next boot of the partition with a BA210000 log with a CA000091 checkpoint just prior to the BA210000.  The fix dynamically adjusts the memory footprint of the partition to fit on the earlier Power systems.
AL740_152_042 / FW740.81

06/24/14
Impact: Security         Severity:  HIPER

System firmware changes that affect all systems

  • HIPER/Pervasive:  A security problem was fixed in the OpenSSL (Secure Socket Layer) protocol that allowed clients and servers, via a specially crafted handshake packet, to use weak keying material for communication.  A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between the management console and the service processor.  The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-0224.
  • HIPER/Pervasive:  A security problem was fixed in OpenSSL for a buffer overflow in the Datagram Transport Layer Security (DTLS) when handling invalid DTLS packet fragments.  This could be used to execute arbitrary code on the service processor.  The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-0195.
  • HIPER/Pervasive:  Multiple security problems were fixed in the way that OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled to prevent denial of service.  These could cause the service processor to reset or unexpectedly drop connections to the management console when processing certain SSL commands.  The Common Vulnerabilities and Exposures issue numbers for these problems are CVE-2010-5298 and CVE-2014-0198.
  • HIPER/Pervasive:  A security problem was fixed in OpenSSL to prevent a denial of service when handling certain Datagram Transport Layer Security (DTLS) ServerHello requests. A specially crafted DTLS handshake packet could cause the service processor to reset.  The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-0221.
  • HIPER/Pervasive:  A security problem was fixed in OpenSSL to prevent a denial of service by using an exploit of a null pointer de-reference during anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange.  A specially crafted handshake packet could cause the service processor to reset.  The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-3470.
  • Multiple security problems were fixed in  OpenSSL to improve signature verification,  ensure private key protection, and to block plain-text recovery.  The Common Vulnerabilities and Exposures issue numbers for these problems are CVE-2013-0169, CVE-2013-0166 and CVE-2011-4354.
AL740_126_042 / FW740.80

04/03/14
Impact: Availability    Severity: SPE

New features and functions

  • Support was added in Advanced System Management Interface (ASMI) to facilitate capture and reporting of debug data for system performance problems.  The  "System Service Aids/Performance Dump" menu was added to ASMI to perform this function.

System firmware changes that affect all systems

  • A problem was fixed that caused an intermittent loss of TTY serial port access to the Advanced System Management Interface (ASMI) after a power off of the system.
  • Help text for the Advanced System Management Interface (ASMI) "System Configuration/Hardware Deconfiguration/Clear All Deconfiguration Errors" menu option was enhanced to clarify that when selecting "Hardware Resources" value of "All hardware resources", the service processor deconfiguration data is not cleared.   The "Service processor" must be explicitly selected for that to be cleared.
  • A problem was fixed that prevented guard error logs from being reported for FRUs that were guarded during the system power on.  This could happen if the same FRU had been previously reported as guarded on a different power on of the system.  The requirement is now met that guarded FRUs are logged on every power on of the system.
  • A problem was fixed that caused the slot index to be missing for virtual slot number 0 for the dynamic reconfiguration connector (DRC) name for virtual devices.  This error was visible from the management console when using commands such as "lshwres -r virtualio --rsubtype slot -m machine" to show the hardware resources for virtual devices.
  • A problem was fixed that caused unneeded resets of ethernet adapters during logical partition (LPAR) power off or reboots.  The extra resets of the ethernet adapters could cause the network switch to disable the ethernet links if the threshold for maximum number of ethernet adapter resets per minute is exceeded.
System firmware changes that affect certain systems
  • On systems with a F/C 5802 or 5877 I/O drawer installed, a problem was fixed that occurred during Offline Converter Assembly (OCA) replacement operations. The fix prevents a false  Voltage Regulator Module (VRM) fault and the logging of SRCs 10001511 or 10001521 from occurring.    This resulted in the OCA LED getting stuck in an on or "fault" state and the OCA not powering on.
  • On a system with partitions with redundant Virtual Asynchronous Services Interface (VASI) streams,  a problem was fixed that caused the system to terminate with SRC B170E540.  The affected partitions include Active Memory Sharing (AMS), encapsulated state partitions, and hibernation-capable partitions.  The problem is triggered when the management console attempts to change the active VASI stream in a redundant configuration.  This may occur due to a stream reconfiguration caused by Live Partition Mobility (LPM); reconfiguring from a redundant Paging Service Partition (PSP) to a single-PSP configuration; or conversion of a partition from AMS to dedicated memory.
  • On a system with a disk device with multiple boot partitions, a problem was fixed that caused System Management Services (SMS) to list only one boot partition.  Even though only one boot partition was listed in SMS, the AIX bootlist command could still be used to boot from any boot partition.
AL740_121_042 / FW740.70

11/14/13
Impact: Availability    Severity: SPE

New features and functions

  • Support was added in Advanced System Management Interface (ASMI) for saving and restoring network settings using a USB flash drive.
  • Support was dropped for Secured Socket Layer (SSL) Version 2 and SSL weak and medium cipher suites in the service processor web server (Ligthttpd).  Unsupported web browser connections to the Advanced System Management Interface (ASMI) secured port 443 (using https://) will now be rejected if those browsers do not support SSL version 3.  Supported web browsers for Power7 ASMI are Netscape (version 9.0.0.4), Microsoft Internet Explorer (version 7.0), Mozilla Firefox (version 2.0.0.11), and Opera (version 9.24).

System firmware changes that affect all systems

  • A problem was fixed that caused a service processor dump to be generated with SRC B18187DA "NETC_RECV_ER" logged.
  • A problem was fixed that caused a L2 cache error to not guard out the faulty processor, allowing the system to checkstop again on an error to the same faulty processor.
  • A problem was fixed that caused a HMC code update failure for the FSP on the accept operation with SRC B1811402 or FSP is unable to boot on the updated side.
  • A problem was fixed that caused a 1000911E platform event log (PEL) to be marked as not call home.  The PEL is now a call home to allow for correction.  This PEL is logged when the hypervisor has changed the Machine Type Model Serial Number (MTMS) of an external enclosure to UTMP.xxx.xxxx because it cannot read the vital product data (VPD), or the VPD has invalid characters, or if the MTMS is a duplicate to another enclosure.
  • A problem was fixed that caused a built-in self test (BIST) for GX slots to create corrupt error log values that core dumped the service processor with a B18187DA.  The corruption was caused by a failure to initialize the BIST array to 0 before starting the tests.
  • A problem was fixed that caused the system attention LED to be lit without a corresponding SRC and error log for the event.  This problem typically occurs when an operating system on a partition terminates abnormally.
  • DEFERRED: A problem was fixed that caused a system checkstop during hypervisor time keeping services.  This deferred fix addresses a problem that has a very low probability of occurrence.  As such customers may wait for the next planned service window to activate the deferred fix via a system reboot.
  • DEFERRED: A problem was fixed that caused a system checkstop with SRC B113E504 for a recoverable hardware fault.  This deferred fix addresses a problem that has a very low probability of occurrence.  As such customers may wait for the next planned service window to activate the deferred fix via a system reboot.
System firmware changes that affect certain systems
  • On systems in manufacturing default configuration (MDC), a problem was fixed that caused the system to change from MDC to Hardware Management Console (HMC)-managed mode even though the HMC was unable to authenticate to the service processor.   A system must be successfully discovered by a HMC as a prerequisite to becoming HMC-managed.
  • On systems with a F/C 5802 or 5877 I/O drawer installed, the firmware was enhanced to guarantee that an SRC will be generated when there is a power supply voltage fault.  If no SRC is generated, a loss of power redundancy may not be detected, which can lead to a drawer crash if the other power supply goes down.  This also fixes a problem that causes an 8 GB Fiber channel adapter in the drawer to fail if the 12V level fails in one Offline Converter Assembly (OCA).
  • On systems managed by an HMC with a F/C 5802 or 5877 I/O drawer installed, a problem was fixed that caused the hardware topology on the management console for the managed system to show "null" instead of "operational" for the affected I/O drawers.
  • On systems with a ethernet PCI-Express adapter under a PLX switch, an extended error handling (EEH) problem was fixed in run-time abstraction services (RTAS)  that caused fundamental resets of the adapter to fail during error recovery, leaving the adapter in a non-pingable state and off the network.  Besides failure to ping, the other symptom is that an AIX OS command of "enstat -d entX" where X is the adapter number will fail with the following message:  "enstat -0909-004, Unable to get statistics on device entX, errno=11".
  • A problem was fixed in the run-time abstraction services (RTAS) extended error handling (EEH) for fundamental reset that caused partitions to crash during adapter updates.  The fundamental reset of adapters now returns a valid return code.  The adapter drivers using fundamental reset affected by this fix are the following:
    o QLogic PCIe Fibre Channel adapters (combo card)
    o IBM PCIe Obsidian
    o Emulex BE3-based ethernet adapters
    o Broadcom-based PCIe2 4-port 1Gb ethernet
    o Broadcom-based FlexSystem EN2024 4-port 1Gb ethernet for compute nodes
  • On systems with a F/C 5802 or 5877 I/O drawer installed, a problem was fixed that where a Offline Converter Assembly (OCA) fault would appear to persist after a OCA micro-reset or OCA replacement.  The fault bit reported to the OS may not be cleared, indicating a fault still exists in the I/O drawer after it has been repaired.
  • On systems involved in a series of consecutive Live Partition Mobility (LPM) operations, a memory leak problem was fixed in the run time abstraction service (RTAS) that caused a partition run time AIX crash with SRC 0c20.  Other possible symptoms include error logs with SRC BA330002 (RTAS memory allocation failure).
AL740_112_042 / FW740.61

07/26/13
Impact: Availability    Severity: SPE

System firmware changes that affect all systems

  • A problem was fixed that caused a migrated partition to reboot during transfer to a VIOS 2.2.2.0, and later, target system. A manual reboot would be required if transferred to a target system running an earlier VIOS release. Migration recovery may also be necessary.
  • A problem was fixed that can cause  Anchor (VPD) card corruption and  A70047xx SRCs to be logged.  Note: If a serviceable event  with SRC A7004715 is present or was logged previously, damage to the VPD card may have occurred. After the fix is applied, replacement of the Anchor VPD  card is recommended in order to restored full redundancy.
AL740_110_042 / FW740.60

04/30/13
Impact: Serviceability    Severity:  ATT

New features and functions

  • Support for booting an IBM i partition from a USB flash drive.

System firmware changes that affect all systems

  • A problem was fixed that prevented the system attention indicator from being turned off when a service processor reset occurred.
  • A problem was fixed that caused SRC B1813221, which indicates a failure of the battery on the service processor, to be erroneously logged after a service processor reset or power cycle.
  • A problem was fixed that caused the Advanced System Management Interface (ASMI) to produce a service processor dump when changing the admin user password.
  • A problem was fixed that caused various SRCs to be erroneously logged at boot time including B181E6C7 and B1818A14.
  • A problem was fixed that caused a card (and its children) that was removed after the system was booted to continue to be listed in the guard menus in the Advanced System Management Interface (ASMI).
  • A problem was fixed that caused the service processor to crash when it boots from the new level during a concurrent firmware installation.
  • A problem was fixed that caused the management console to display incorrect data for a virtual Ethernet adapter's transactions statistics.
  • A problem was fixed that caused a hibernation resume operation to hang if the connection to the paging space is lost near the end of the resume processing.  This is more likely on a partition that supports remote restart.
  • A problem was fixed that caused the system to terminate with a bad address checkstop during mirroring defragmentation.
  • A problem was fixed that caused the hibernation validation of a remote restart partition operation to fail with an "NvRam size error".  This also affects the capability to migrate the partition.
  • The Power Hypervisor was enhanced to insure better synchronization of vSCSI and NPIV I/O interrupts to partitions.
  • On systems managed by a management console, a problem was fixed that was caused by an attempt to modify a virtual adapter from the management console command line when the command specifies it is an Ethernet adapter, but the virtual ID specified is for an adapter type other than Ethernet.  The managed system has to be rebooted to restore communications with the management console when this problem occurs; SRC B7000602 is also logged.
  • A problem was fixed that caused an error log generated by the partition firmware to show conflicting firmware levels.  This problem occurs after a firmware update or a Live Partition Mobility (LPM) operation on the system.
System firmware changes that affect certain systems
  • On systems with I/O towers attached, a problem was fixed that caused SRC 10009135, followed by SRC 10009139, to be logged, indicating that SPCN loop mode was being broken, then reestablished.
  • On systems with I/O towers attached, a problem was fixed that caused multiple service processor reset/reloads if the tower was continuously sending invalid System Power Control Network (SPCN) status data.
  • On 8202-E4C and 8205-E6C systems with the PCIe expansion card feature code (F/C) 5610 or F/C 5685 installed, a problem was fixed that caused the wrong FRU part number (74Y8565 instead of 74Y5221) to be called out when the fan on the expansion card failed.
  • On partitions with the virtual Trusted Platform Module (vTPM) enabled, a problem was fixed that caused a memory leak, and failure, when vTPM was disabled, a vTPM-enabled partition was migrated, or a vTPM-enabled partition was deleted.
  • On systems running multiple IBM i partitions that are configured to communicate with each other via virtual Opticonnect, and Active Memory Sharing (AMS), AMS operations may time-out.  When this problem occurs, a platform reboot may be required to recover.
  • On systems running Active Memory Sharing (AMS) partitions, a problem was fixed that may arise due to the incorrect handling of a return code in an error path during the Live Partition Mobility (LPM) of an AMS partition.
  • On systems using IPv6 addresses, the firmware was enhanced to reduce the time it take to install an operating system using the Network Installation Manager (NIM).
  • On systems with F/C EU07, the RDX SATA internal docking station for removable disk cartridge, a problem was fixed that caused SRCs BA210000 and BA210003 to be logged, and the System Management Services (SMS) menu firmware to drop into the ok> prompt, when the default boot list was built.
  • A problem was fixed that caused SRC BA330000 to be logged after the successful migration of a partition running Ax740_xxx firmware to a system running Ax760, or a later release, or firmware.  This problem can also cause SRCs BA330002, BA330003, and BA330004 to be erroneously logged over time when a partition is migrated from a system running Ax760, or a later release, to a system running Ax740_xxx firmware.
  • On system running an IBM i partition, the partition boot may succeed after a long delay, or may fail, if a mode D boot attempt is made, there is more than one USB device attached, and the IBM i operating system (OS) image is on the second USB device.
  • On system running an IBM i partition, a problem was fixed that caused a number of informational SRC BA09000F to be logged when a mode D partition boot is done.  This SRC is logged if a device that supports removable media is installed and the media is not present.
  • On systems running Active Memory Sharing (AMS) partitions, a timing problem was fixed that may occur if the system is undergoing AMS pool size changes.

AL740_100_042

12/05/12
Impact: Serviceability    Severity: ATT

System firmware changes that affect all systems

  • A problem was fixed that can cause fans in the server to run at maximum speed and generate a serviceable event during system boot (B130B8AF, a predictive error with hardware callout) as a result of an incorrect calibration of a particular thermal sensor.
AL740_098_042

11/28/12
Impact: Availability    Severity: SPE

System firmware changes that affect all systems

  • HIPER/Non-Pervasive: DEFERRED:  A problem was fixed that caused a system crash with SRC B170E540.
  • HIPER/Non-Pervasive:  A related problem was also fixed that could cause a live lock on the power bus resulting in a system crash.
  • To address poor placement of partitions following a reboot of a server with unlicensed cores, the firmware was enhanced to run the affinity manager when the initialize configuration operation is done from the HMC.  A problem was also fixed that caused the hypervisor to be left in an inconsistent state after a partition create operation failed.
AL740_095_042

09/19/12
Impact: Availability    Severity: SPE

New features and functions

  • Support for booting the IBM i operating system from a USB tape drive.

System firmware changes that affect all systems

  • The firmware was enhanced to correctly diagnose the failing FRU when SRC B1xxE504 with error signature "MCFIR[14] - Hang timer detector" was logged.
  • A problem was fixed that caused the system to crash after a recoverable error was logged on an I/O hub.
  • A problem was fixed that caused a "code accept" during a concurrent firmware installation from the HMC to fail with SRC E302F85C.
  • The firmware was enhanced to continue booting when SRC B181C803 with description "WIRE_PROC_CST_HW_FAIL" is logged during boot.
  • A problem was fixed that caused the suspension of a partition to fail if a large amount of data has to be stored to resume the partition.
  • A problem was fixed that caused a system crash with unrecoverable SRC B7000103 and "ErFlightRecorder" in the failing stack.
  • A problem was fixed that caused an external interrupt to get stuck for some period of time before being presented to the operating system in certain scenarios in which there is a high rate of interrupts.
  • On 8231-E1C and 8231-E2C systems, the firmware was enhanced to improve the service actions for SRC 11002691.
  • A problem was fixed that caused DIMMs to be deconfigured, and SRC B123E504 to be erroneously logged, when additional DIMMs of larger capacity than the DIMMs already in the system were added.
System firmware changes that affect certain systems
  • On systems that are managed by a Hardware Management Console (HMC), and on which Internet Explorer (IE) is used to access the Advanced System Management Interface (ASMI) on the HMC, a problem was fixed that caused IE to hang for about 10 minutes after saving changes to network parameters on the ASMI.
  • A problem was fixed that caused a network installation of IBM i to fail when the client was on the same subnet as the server.
  • On systems with a 5796 or 5797 I/O drawer attached, a problem was fixed that could cause a system hang.
  • On systems with I/O drawers feature code (F/C) 5802 or 5877 attached, and running the Active Energy Manager, a problem was fixed that caused SRC B7000602 to be erroneously logged.
AL740_088_042

05/25/12
Impact: Availability    Severity: SPE

New features and functions

  • Support for IBM i Live Partition Mobility (LPM)
  • Support for the EXP30 Ultra SSD I/O Drawer, feature code (F/C) 5888.
  • Support for the 8246-L2C and 8246-L2S systems.
  • Support for the 8246-L1C systems.
  • Support for the 8246-L1S systems.

System firmware changes that affect all systems

  • A problem was fixed that prevented the user from changing the boot mode or keylock setting after a remote restart-capable partition is created, even after the partition's paging device is on-line.
  • A problem was fixed that caused a partition with dedicated processors to hang with SRC BA33xxxx when rebooted, after it was migrated using a Live Partition Mobility (LPM) operation from a system running Ax730 to a system running Ax740, or vice-versa.
  • A problem was fixed that caused the service processor's eth0 or eth1 IP addresses to change to "IPv6 NA"  when viewed on the control (operator) panel when a laptop was connected to the service processor.
  • A problem was fixed that caused booting from a virtual fibre channel tape device to fail with SRC B2008105.
  • The firmware was enhanced to increase the threshold of soft NVRAM errors on the service processor to 32 before SRC B15xF109 is logged.  (Replacement of the service processor is recommended if more than one B15xF109 is logged per week.)
  • A problem was fixed that caused informational SRC A70047FF, which may indicate that the Anchor (VPD) card should be replaced, to be erroneously logged again after the Anchor card was replaced.
  • On system managed by an HMC, a problem was fixed that caused the lsstat command on the HMC to display an erroneously high number of packets transmitted and received on a vlan interface.
  • A problem was fixed that caused a partition that owned a powered-off slot to hang when being shutdown after a DLPAR operation was performed on it.
System firmware changes that affect certain systems
  • The firmware resolves undetected N-mode stability problems and improves error reporting on the feature code (F/C) 5802 and 5877 I/O drawer power subsystem.
  • On systems on which the service processor is using IPv6 Ethernet addresses, a problem was fixed that caused a service processor dump to be taken with SRC B181EF88.
  • On systems running the virtual Trusted Platform Module (vTPM), a problem was fixed that caused the system to crash when the vTPM adjunct was reset.
  • On 8231-E1C, 8231-E2C, 8202-E4C and 8205-E6C systems running IBM i partitions, a problem was fixed that prevented slots on the same PCI bus from being assigned to different partitions.  This can result in SRC B600690B being logged when a partition is booted.
  • The Advanced System Management Interface (ASMI) menus were enhanced to more clearly indicate which processor cores were deconfigured by the Field Core Override option (F/C 2319).
  • A problem was fixed that caused various operations to hang, such as running lsvpd from a partition, or a concurrent firmware installation.
AL740_077_042

03/06/12
Impact: Availability    Severity: HIPER - High Impact/PERvasive, Should be installed as soon as possible.

System firmware changes that affect all systems

  • The firmware was enhanced to log SRC B7006A72 as informational instead of predictive.  This will prevent unnecessary service actions on PCIe adapters and the associated I/O planars.

System firmware changes that affect certain systems

On systems running system firmware level AL740_075 and managed by a Hardware Management Console (HMC), a problem was fixed that prevented HMC authentication to a managed system in  the "Pending Authentication" state, and prevented the Advanced System Management Interface (ASMI) admin user's password from being changed.

4.0 How to Determine Currently Installed Firmware Level

For HMC managed systems:  From the HMC, select Updates in the navigation (left-hand) pane, then view the current levels of the desired server(s).

For standalone system running IBM i without an HMC: From a command line, issue DSPFMWSTS.

For standalone system running IBM AIX without an HMC: From a command line, issue lsmcode.

Alternately, use the Advanced System Management Interface (ASMI) Welcome pane. The current server firmware  appears in the top right corner. Example: AL710_yyy.


5.0 Downloading the Firmware Package

Follow the instructions on Fix Central. You must read and agree to the license agreement to obtain the firmware packages.

Note: If your HMC is not internet-connected you will need to download the new firmware level to a CD-ROM or ftp server.


6.0 Installing the Firmware

The method used to install new firmware will depend on the release level of firmware which is currently installed on your server. The release level can be determined by the prefix of the new firmware's filename.

Example: ALXXX_YYY_ZZZ

Where XXX = release level

HMC Managed Systems:

Instructions for installing firmware updates and upgrades on systems managed by an HMC can be found at:
http://publib.boulder.ibm.com/infocenter/powersys/v3r1m5/index.jsp?topic=/p7ha1/updupdates.htm

Systems not Managed by an HMC:

p Systems:
Instructions for installing firmware on systems that are not managed by an HMC can be found at:
http://publib.boulder.ibm.com/infocenter/powersys/v3r1m5/index.jsp?topic=/p7ha5/fix_serv_firm_kick.htm

IBM i Systems:
See "IBM Server Firmware and HMC Code Wizard":
http://www-912.ibm.com/s_dir/slkbase.NSF/DocNumber/408316083

NOTE: For all systems running with the IBM i Operating System, the following IBM i PTFs must be applied to all IBM i partitions prior to installing AL740_156:
NOTE: For all systems running with the IBM i Operating System and without an HMC attached, the following IBM i PTFs must be applied to all IBM i partitions in addition to the PTFs listed above, prior to installing AL740_156
These PTFs can be ordered through Fix Central.

7.0 Firmware History

The complete Firmware Fix History for this Release Level can be reviewed at the following url:
http://download.boulder.ibm.com/ibmdl/pub/software/server/firmware/AL-IOC-Firmware-Hist.html