Power7 System Firmware

Applies to: 9119-FHB

This document provides information about the installation of Licensed Machine or Licensed Internal Code, which is sometimes referred to generically as microcode or firmware.

1.0 Systems Affected
1.1 Minimum HMC Code Level
2.0 Important Information
3.0 Firmware Information and Description
4.0 How to Determine Currently Installed Firmware Level
5.0 Downloading the Firmware Package
6.0 Installing the Firmware
7.0 Firmware History

1.0 Systems Affected

This package provides firmware for Power 795 (9119-FHB) Servers only.

The firmware level in this package is:

AH780_097 / FW780.83

1.1 Minimum HMC Code Level

This section is intended to describe the "Minimum HMC Code Level" required by the System Firmware to complete the firmware installation process. When installing the System Firmware, the HMC level must be equal to or higher than the "Minimum HMC Code Level" before starting the system firmware update. If the HMC managing the server targeted for the System Firmware update is running a code level lower than the "Minimum HMC Code Level" the firmware update will not proceed.

The Minimum HMC Code level for this firmware is: HMC V7 R7.9.0 (PTF MH01405) with mandatory efix (PTF MH01406).

Although the Minimum HMC Code level for this firmware is listed above, HMC V7 R7.9.0 Service Pack 3 (PTF MH01546) with ifix (PTF MH01699) or higher is recommended.

Important: To avoid vulnerability to security or known HMC issues, the HMC should be updated to the above recommended level, prior to installing this server firmware level.

Notes:

- V7 R790 SP3 : HMC V7.R790 is the last HMC release to support HMC Models CR4, CR3, C07, C06, C05

- Upgrading the HMC to V7R7.9.0 is required prior to installing this firmware. This is due to the firmware containing support for Single Root I/O Virtualization (SR-IOV) adapters. An SR-IOV adapter can be configured in shared mode and be shared by multiple logic partitions at the same time. HMC supports the configuration of the logical ports assigned to partitions and supports the configuration, backup, and restore of the adapter and physical port properties.

For information concerning HMC releases and the latest PTFs, go to the following URL to access Fix Central.
http://www-933.ibm.com/support/fixcentral/

For specific fix level information on key components of IBM Power Systems running the AIX, IBM i and Linux operating systems, we suggest using the Fix Level Recommendation Tool (FLRT):
http://www14.software.ibm.com/webapp/set2/flrt/home

NOTE: You must be logged in as hscroot in order for the firmware installation to complete correctly.

2.0 Important Information

Special Instructions for Upgrading to Server Firmware AH780:

POWER7 9119-FHB servers with a maximum partition value less than 1000 partitions need to disconnect any redundant (Dual) HMC temporarily before performing a server firmware upgrade from 01AH730 (or earlier) to 01AH780. The HMC can be reconnected after the upgrade is complete.

Note: If the dual HMC is not disconnected prior to the upgrade, the upgrade will fail shortly after the "retrieving updates" stage with the following error:

HSCF0999 - Disconnect or power-off the sibling management console(s) from the following list and retry the update. After the update is complete, reconnect or power-on the sibling.
The requested update level can not be applied on the following server from this management console (<HMC performing the upgrade>) while the server is managed by multiple management consoles. management console(s).
<server MTMS>: Sibling console(s)

If the direct access to the HMC is available, the recommended method is to power off the dual (peer) HMC.

- On the dual HMC, select HMC Management, then the Shut Down and Restart task.
- On the Shutdown or Restart panel select Shutdown HMC and click OK.
- If the HMC is in a remote or "lights out" data center then the HMC can be disconnected from the server and frame.

See the following document for detailed information: http://www-01.ibm.com/support/docview.wss?uid=nas8N1010700

ECA Info:
Before upgrading your system from AH720 to AH730/AH760/AH780 firmware release, contact your authorized provider and ask about ECA 256 and ECA 303, as hardware may have to be upgraded.

SPPL NOTE:
In some previous firmware releases, the system firmware was not properly enforcing the system partition processor limit (SPPL) attribute for shared processor partitions. This service pack fixes that enforcement to ensure that shared processor partitions comply with the limit for virtual processors when the SPPL setting is 24 or 32.

You will be affected by this change if you have the following configuration:
- 795 class server (model 9119-FHB)
- The server has 3 or fewer books, or the server has 4 or more books and the SPPL attribute is set to 24 or 32.
- The server has 24 processor cores per book and you have configured more than 24 virtual processors for a shared processor partition.
- The server has 32 processor cores per book and you have configured more than 32 virtual processors for a shared processor partition.

After this service pack is installed, the behavior of the shared processor partitions that exceed the SPPL attribute will change as follows:

- Partition activation:
- Partitions will continue to boot and reboot successfully unless the minimum number of virtual processors is greater than the SPPL.
- Partitions that are activated will limit the number of active virtual processors to no more than the SPPL limit.

- Partition configuration:
- Errors that are logged when the SPPL is exceeded can result in HMC errors HSCLA4D6 and HSC0A4D6.
- Attempts to change the number of virtual processors or entitled processing units via a profile or dynamic LPAR change will be subject to the SPPL setting of 24 or 32.
For example, if the SPPL is set to 32 and your shared processor partition is configured with 40 virtual processors, you must reduce the number of virtual processors to 32 or fewer for the change to be successful.
- If you create a new shared processor partition, the number of virtual processors must not exceed the SPPL value.

- Partition mobility:
- A partition must comply with the SPPL of the target server.

- Partition hibernation (suspend/resume):
- If you have suspended partitions that have exceeded the SPPL limit and install this service pack, you will not be able to successfully resume those suspended
partitions. You should ensure all suspended partitions comply with (have virtual processors fewer than or equal to) the new SPPL limit before installing this service pack.

Downgrading firmware from any given release level to an earlier release level is not recommended.
If you feel that it is necessary to downgrade the firmware on your system to an earlier release level, please contact your next level of support.

IPv6 Support and Limitations

IPv6 (Internet Protocol version 6) is supported in the System Management Services (SMS) in this level of system firmware. There are several limitations that should be considered.

When configuring a network interface card (NIC) for remote IPL, only the most recently configured protocol (IPv4 or IPv6) is retained. For example, if the network interface card was previously configured with IPv4 information and is now being configured with IPv6 information, the IPv4 configuration information is discarded.

A single network interface card may only be chosen once for the boot device list. In other words, the interface cannot be configured for the IPv6 protocol and for the IPv4 protocol at the same time.

Memory Considerations for Firmware Upgrades

Firmware Release Level upgrades and Service Pack updates may consume additional system memory.
Server firmware requires memory to support the logical partitions on the server. The amount of memory required by the server firmware varies according to several factors.
Factors influencing server firmware memory requirements include the following:

Number of logical partitions
Partition environments of the logical partitions
Number of physical and virtual I/O devices used by the logical partitions
Maximum memory values given to the logical partitions

Generally, you can estimate the amount of memory required by server firmware to be approximately 8% of the system installed memory. The actual amount required will generally be less than 8%. However, there are some server models that require an absolute minimum amount of memory for server firmware, regardless of the previously mentioned considerations.

Additional information can be found at:
http://www.ibm.com/support/knowledgecenter/9119-FHB/p7hat/iphatlparmemory.htm

3.0 Firmware Information and Description

Use the following examples as a reference to determine whether your installation will be concurrent or disruptive.

Note: The concurrent levels of system firmware may, on occasion, contain fixes that are known as Deferred and/or Partition-Deferred. Deferred fixes can be installed concurrently, but will not be activated until the next IPL. Partition-Deferred fixes can be installed concurrently, but will not be activated until a partition reactivate is performed. Deferred and/or Partition-Deferred fixes, if any, will be identified in the "Firmware Update Descriptions" table of this document. For these types of fixes (Deferred and/or Partition-Deferred) within a service pack, only the fixes in the service pack which cannot be concurrently activated are deferred.

Note: The file names and service pack levels used in the following examples are for clarification only, and are not necessarily levels that have been, or will be released.

System firmware file naming convention:

01AHXXX_YYY_ZZZ

XXX is the release level
YYY is the service pack level
ZZZ is the last disruptive service pack level

NOTE: Values of service pack and last disruptive service pack level (YYY and ZZZ) are only unique within a release level (XXX). For example, 01AH330_067_045 and 01AH340_067_053 are different service packs.

An installation is disruptive if:

The release levels (XXX) are different.

Example: Currently installed release is AH330, new release is AH340

The service pack level (YYY) and the last disruptive service pack level (ZZZ) are the same.

Example: AH330_120_120 is disruptive, no matter what level of AH330 is currently
installed on the system

The service pack level (YYY) currently installed on the system is lower than the last disruptive service pack level (ZZZ) of the service pack to be installed.

Example: Currently installed service pack is AH330_120_120 and new service pack is AH330_152_130.

An installation is concurrent if:

The release level (XXX) is the same, and
The service pack level (YYY) currently installed on the system is the same or higher than the last disruptive service pack level (ZZZ) of the service pack to be installed.

Example: Currently installed service pack is AH330_126_120, new service pack is AH330_143_120.


*Filename*	*Size*	*Checksum*	md5sum
01AH780_097_040.rpm	55283550	22959	f69ceb4b5f5b7c5aafa05fadc5a24c27

Note: The Checksum can be found by running the AIX sum command against the rpm file (only the first 5 digits are listed).
ie: sum 01AH780_097_040.rpm
AH780 For Impact, Severity and other Firmware definitions, Please refer to the below 'Glossary of firmware terms' url: http://www14.software.ibm.com/webapp/set2/sas/f/power5cm/home.html#termdefs The following Fix description table will only contain the N (current) and N-1 (previous) levels. The complete Firmware Fix History for this Release Level can be reviewed at the following url: http://download.boulder.ibm.com/ibmdl/pub/software/server/firmware/AH-Firmware-Hist.html
AH780_097_040 / FW780.83 03/05/18	Impact: Availability Severity: SPE System firmware changes that affect certain systems On systems running IBM i partitions at IBM i V6R1 or V7R1 at less than TR5, a problem was fixed for IBM i partitions failing to boot with SRC B600690B. If the IBMi partition is running, a DLPAR add of I/O may fail. This problem was introduced with FW780.80 and is present in FW780.82 and always happens at these levels. The problem can be resolved by moving up to OS IBM i 7.1 TR5 or later level, if the update to the fixed firmware level is not wanted. For more information, see the following IBM Tech Note: https://www.ibm.com/support/docview.wss?uid=nas8N1022482
AH780_096_040 / FW780.82 01/31/18	Impact: Security Severity: SPE Response for Recent Security Vulnerabilities In response to recently reported security vulnerabilities, this firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2017-5715 for IBM Power 795 (9119-FHB). In addition, Operating System updates are available to mitigate the CVE-2017-5753 and CVE-2017-5754 security issues.
AH780_091_040 / FW780.80 12/13/17	Impact: Availability Severity: SPE System firmware changes that affect all systems A problem was fixed for an intermittent core dump of netsCommonMsgServer on the service processor with a serviceable callout for SRC B181EF88. This problem can be triggered by brief network outages that cause the HMC to disconnect and reconnect to the service processor, causing race conditions in the HMC session shutdowns. A problem was fixed for an invalid date from the service processor causing the customer date and time to go to the Epoch value (01/01/1970) without a warning or chance for a correction. With the fix, the first IPL attempted on an invalid date will be rejected with a message alerting the user to set the time correctly in the service processor. If the warning is ignored and the date/time is not corrected, the next IPL attempt will complete to the OS with the time reverted to the Epoch time and date. This problem is very rare but it has been known to occur on service processor replacements when the repair step to set the date and time on the new service processor was inadvertently skipped by the service representative. A problem was fixed for incorrect low affinity scores for a partition reported from the HMC "lsmemopt" command when a partition has filled an entire drawer. A low score indicates the placement is poor but in this case the placement is actually good. More information on affinity scores for partitions and the Dynamic Platform Optimizer can be found at the IBM Knowledge Center: https://www.ibm.com/support/knowledgecenter/en/9119-MME/p8hat/p8hat_dpoovw.htm. A problem was fixed for spurious loggings of SRCs A7004715 and A7001730 for system VPD errors that did not reflect actual problems in the system Vital Product Data (VPD) card. With the fix, the VPD card SRCs are now reported only after a certain error threshold is achieved to ensure that replacement of the VPD card will help resolve the VPD problems. A problem was fixed for the Advanced System Management Interface (ASMI) that prevented a HMC using the enhanced GUI from connecting to the power frame Bulk Power Controller (BPC) service processor's ASMI. An Internal Server Error message would result for the ASMI login panel. This error was introduced in ASMI in FW780.20 and only happens for a HMC running in enhanced GUI mode that is at V8R8.5.0 SP3 or later levels. The circumvention is to use the failing HMC in classic GUI mode, if possible, or for HMC level V8R8.7.0 (which only has the enhanced GUI mode) to have HMC PTF MH01706 installed. System firmware changes that affect certain systems On systems with mirrored memory running IBM i partitions, a problem was fixed for memory fails in the partition that also caused the system to crash. The system failure will occur any time that IBM i partition memory towards the beginning of the partition's assigned memory fails. With the fix, the memory failure is isolated to the impacted partition, leaving the rest of the system unaffected. A problem was fixed for a Power Enterprise Pool (PEP) system losing its assigned processor and memory resources after an IPL of the system. This is an intermittent problem caused by a small timing window that makes it possible for the server to not get the IPL-time assignment of resources from the HMC. If this problem occurs, it can be corrected by the HMC to recover the pool without needing another IPL of the system.
AH780_089_040 / FW780.70 07/26/17	Impact: Availability Severity: ATT
AH780_084_040 / FW780.60 01/16/17	Impact: Availability Severity: SPE
AH780_080_040 / FW780.50 06/29/16	Only Deferred fix descriptions are displayed for this service pack. The complete Firmware Fix History for this Release Level can be reviewed at the following url: http://download.boulder.ibm.com/ibmdl/pub/software/server/firmware/AH-Firmware-Hist.html Impact: Availability Severity: SPE Concurrent hot add/repair maintenance (CHARM) firmware fixes DEFERRED: A problem was fixed for a I/O performance slow-down that can occur after a concurrent repair of a GX bus I/O adapter with a Feature Code of #1808, #1816, #1914, #EN22, #EN23, or #EN25. A re-IPL of the system after the concurrent repair operation corrects the I/O performance issue. This fix requires an IPL of the system to take effect.
AH780_075_040 / FW780.40 12/16/15	Impact: Availability Severity: SPE
AH780_071_040 / FW780.30 04/22/15	Impact: Security Severity: SPE
AH780_068_040 / FW780.21 01/07/15	Only HIPER fix descriptions are displayed for this service pack. The complete Firmware Fix History for this Release Level can be reviewed at the following url: http://download.boulder.ibm.com/ibmdl/pub/software/server/firmware/AH-Firmware-Hist.html Impact: Security Severity: HIPER System firmware changes that affect certain systems HIPER/Pervasive: On systems using PowerVM firmware, a performance problem was fixed that may affect shared processor partitions where there is a mixture of dedicated and shared processor partitions with virtual IO connections, such as virtual ethernet or Virtual IO Server (VIOS) hosting, between them. In high availability cluster environments this problem may result in a split brain scenario.
AH780_066_040 / FW780.20 10/16/14	Only HIPER fix descriptions are displayed for this service pack. The complete Firmware Fix History for this Release Level can be reviewed at the following url: http://download.boulder.ibm.com/ibmdl/pub/software/server/firmware/AH-Firmware-Hist.html Impact: Data Severity: HIPER System firmware changes that affect certain systems HIPER/Pervasive: A problem was fixed in PowerVM where the effect of the problem is non-deterministic but may include an undetected corruption of data, although IBM test has not been able to make this condition occur. This problem is only possible if VIOS (Virtual I/O Server) version 2.2.3.x or later is installed and the following statement is true: A Shared Ethernet Adapter (SEA) with fail over enabled is configured on the VIOS.
AH780_059_040 / FW780.11 06/23/14	Only HIPER fix descriptions are displayed for this service pack. The complete Firmware Fix History for this Release Level can be reviewed at the following url: http://download.boulder.ibm.com/ibmdl/pub/software/server/firmware/AH-Firmware-Hist.html Impact: Security Severity: HIPER System firmware changes that affect all systems HIPER/Pervasive: A security problem was fixed in the OpenSSL (Secure Socket Layer) protocol that allowed clients and servers, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between the management console and the service processor. The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-0224. HIPER/Pervasive: A security problem was fixed in OpenSSL for a buffer overflow in the Datagram Transport Layer Security (DTLS) when handling invalid DTLS packet fragments. This could be used to execute arbitrary code on the service processor. The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-0195. HIPER/Pervasive: Multiple security problems were fixed in the way that OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled to prevent denial of service. These could cause the service processor to reset or unexpectedly drop connections to the management console when processing certain SSL commands. The Common Vulnerabilities and Exposures issue numbers for these problems are CVE-2010-5298 and CVE-2014-0198. HIPER/Pervasive: A security problem was fixed in OpenSSL to prevent a denial of service when handling certain Datagram Transport Layer Security (DTLS) ServerHello requests. A specially crafted DTLS handshake packet could cause the service processor to reset. The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-0221. HIPER/Pervasive: A security problem was fixed in OpenSSL to prevent a denial of service by using an exploit of a null pointer de-reference during anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause the service processor to reset. The Common Vulnerabilities and Exposures issue number for this problem is CVE-2014-3470.
AH780_056_040 / FW780.10 04/25/14	Impact: Serviceability Severity: SPE
AH780_054_040 / FW780.02 04/18/14	Only HIPER fix descriptions are displayed for this service pack. The complete Firmware Fix History for this Release Level can be reviewed at the following url: http://download.boulder.ibm.com/ibmdl/pub/software/server/firmware/AH-Firmware-Hist.html Impact: Security Severity: HIPER System firmware changes that affect all systems HIPER/Pervasive: A security problem was fixed in the OpenSSL Montgomery ladder implementation for the ECDSA (Elliptic Curve Digital Signature Algorithm) to protect sensitive information from being obtained with a flush and reload cache side-channel attack to recover ECDSA nonces from the service processor. The Common Vulnerabilities and Exposures issue number is CVE-2014-0076. The stolen ECDSA nonces could be used to decrypt the SSL sessions and compromise the Hardware Management Console (HMC) access password to the service processor. Therefore, the HMC access password for the managed system should be changed after applying this fix. HIPER/Pervasive: A security problem was fixed in the OpenSSL Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) to not allow Heartbeat Extension packets to trigger a buffer over-read to steal private keys for the encrypted sessions on the service processor. The Common Vulnerabilities and Exposures issue number is CVE-2014-0160 and it is also known as the heartbleed vulnerability. The stolen private keys could be used to decrypt the SSL sessions and and compromise the Hardware Management Console (HMC) access password to the service processor. Therefore, the HMC access password for the managed system should be changed after applying this fix.
AH780_050_040 / FW780.01 03/10/14	Only HIPER fix descriptions are displayed for this service pack. The complete Firmware Fix History for this Release Level can be reviewed at the following url: http://download.boulder.ibm.com/ibmdl/pub/software/server/firmware/AH-Firmware-Hist.html Impact: Data Severity: HIPER System firmware changes that affect all systems HIPER/Non-Pervasive: A problem was fixed for a potential silent data corruption issue that may occur when a Live Partition Mobility (LPM) operation is performed from a system (source system) running a firmware level earlier than AH780_040 or AM780_040 to a system (target system) running AH780_040 or AM780_040.
AH780_040_040 / FW780.00 12/06/13	Impact: New Severity: New

4.0 How to Determine Currently Installed Firmware Level

You can view the server's current firmware level on the Advanced System Management Interface (ASMI) Welcome pane. It appears in the top right corner. Example: AH780_123.

5.0 Downloading the Firmware Package

Follow the instructions on Fix Central. You must read and agree to the license agreement to obtain the firmware packages.

Note: If your HMC or SDMC is not internet-connected you will need to download the new firmware level to a CD-ROM or ftp server.

6.0 Installing the Firmware

The method used to install new firmware will depend on the release level of firmware which is currently installed on your server. The release level can be determined by the prefix of the new firmware's filename.

Example: AHXXX_YYY_ZZZ

Where XXX = release level

If the release level will stay the same (Example: Level AH330_075_075 is currently installed and you are attempting to install level AH330_081_075) this is considered an update.
If the release level will change (Example: Level AH330_081_075 is currently installed and you are attempting to install level AH340_096_096) this is considered an upgrade.

Instructions for installing firmware updates and upgrades can be found at http://www.ibm.com/support/knowledgecenter/9119-FHB/p7ha1/updupdates.htm

IBM i Systems:
See "IBM Server Firmware and HMC Code Wizard":
http://www-912.ibm.com/s_dir/slkbase.NSF/DocNumber/408316083

NOTE: For all systems running with the IBM i Operating System, the following IBM i PTFs must be applied to all IBM i partitions prior to installing AH780_097:

V7R1M0 - MF51869
V6R1M1 - MF51864

These PTFs can be ordered through Fix Central.

When ordering firmware for IBM i Operating System managed systems from Fix Central, choose "Select product", under Product Group specify "System i", under Product specify "IBM i", then Continue and specify the desired firmware PTF accordingly.

7.0 Firmware History

The complete Firmware Fix History (including HIPER descriptions) for this Release Level can be reviewed at the following url:
http://download.boulder.ibm.com/ibmdl/pub/software/server/firmware/AH-Firmware-Hist.html