=============================================================================== Intel(R) Server Platform Integrated BMC Firmware Release Notes =============================================================================== INTEL(R) Server Boards and Systems Intel Corporation 2111 N.E. 25th Avenue, Hillsboro, OR 97124 USA =============================================================================== DATE: 13th May, 2020 TO: Intel(R) Server Board S1400xx, S1600xx, S2400xx, S2600xx, W2600xx, & S4600xx customers SUBJECT: Integrated BMC(R) firmware 01.60.12335 release notes =============================================================================== LEGAL INFORMATION =============================================================================== Information in this document is provided in connection with Intel products. No license, express or implied, by estoppel or otherwise, to any intellectual property rights is granted by this document. Except as provided in Intel's Terms and Conditions of Sale for such products, Intel assumes no liability whatsoever, and Intel disclaims any express or implied warranty, relating to sale and/or use of Intel products including liability or warranties relating to fitness for a particular purpose, merchantability, or infringement of any patent, copyright or other intellectual property right. Intel Corporation may have patents or pending patent applications, trademarks, copyrights, or other intellectual property rights that relate to the presented subject matter. The furnishing of documents and other materials and information does not provide any license, express or implied, by estoppel or otherwise, to any such patents, trademarks, copyrights, or other intellectual property rights. Intel products are not intended for use in medical, life saving, or life sustaining applications. Intel may make changes to specifications and product descriptions at any time, without notice. Intel is a registered trademark of Intel Corporation. *Other names and brands are the property of their respective owners. Copyright (c) 2020 Intel Corporation. A portion of this firmware is open source code. The OSS source code that the customer is entitled to per OSS license has been posted on the Intel support website at the following link: http://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&DwnldID=21081 This open source code falls under the GPL 2.0 license, please see the license at the following link: http://www.opensource.org/licenses/gpl-2.0.php =============================================================================== ABOUT THIS RELEASE PACKAGE =============================================================================== Source file: BMC_i_0160r12335.bin Update script: fwUpdateBMC.nsh REVISION INFORMATION RETURNED BY GET DEVICE ID COMMAND: Operational mode: 01.60.12335 UBoot mode: 01.07 Device ID: 0x21 Manufacturer ID: 0x000157 Other version/revision information: PSU Model H/W revision FW Version 1100ADU00201 S3 1.01.51 (HEX: 1.01.33) 1100ADU00201 02F 1.*.51 DPS 750XB A S4 5.**.100(HEX: 5.**.64) *(See Note 2) DPS 750AB-32A S0 3.**.27 (HEX: 3.**.1B) *(See Note 2) DPS 1200TB A 02 6.40.89 (HEX: 6.28.59) *(See Note 1) PSSF162202A 00A 0.09.75 PSSF162202A 01A 0.09.75 PSSF162202A 02A 0.09.75 PSSF162202A 03A 0.09.75 PSSF162202A 04A 0.09.75 PSSF162202A 05A 0.09.78 PSSF162202A 06A 0.09.78 PSSF162202A 07A 0.09.78 PSSF162202A 08A 0.09.78 PSSF162202A 09A 0.09.78 PSSF162202A 10A 0.09.78 PSSF162202A 11A 0.09.78 PSSF222201A S4 0.0.33 PSSF132202A 00A 0.5.23 PSSF132202A 01A 0.5.23 *NOTE 1: Supported but not POR. Will likely be removed in a future release. *NOTE 2: The middle version number is attached to a particular batch of power supplies and can be different for the same firmware revision. Therefore, it cannot be predicted ahead of time what it will be. Validation should ignore this value. *NOTE 3: PSSF132202A is 1300W PSU support only on Systems S2600WT and please verify together FRUSDR 1.18 or later version. HSBP FW: 01.41 Root: 01.50 WWW: 01.19 UBoot: 01.07 FWPIAUPD Utility: v14_1_Build17 MD5 checksum of BMC_i_0160r12335.bin: 7ae6baaa171091f88bbfa268a0da0af0 KVM Jars file signed certificate valid time : 3/20/2019-3/19/2021 ------------------------------------------------------------------------------- =============================================================================== IMPORTANT INSTALLATION NOTES =============================================================================== The following update process must be followed to ensure a trouble free updating of your baseboard. The order is important to minimize any issues for status checking as different components are initialized. 1. Manageability Engine (ME) firmware 2. Flash Descriptor (FD) 3. BMC firmware 4. BIOS 5. FRU/SDR package specific to the baseboard =============================================================================== INSTALLATION PROCEDURE =============================================================================== - NOTE: if upgrading from BMC FW 0.19 or older, you first need to upgrade to 0.20 by using a device image file (.ima file) in a device programmer. Refer to the 0.20 firmware package for details and flash image files specific to each platform. After updating to 0.20, continue with the following steps. 1. Copy all files to the storage medium of your choice. This can be a hard disk, floppy disk or USB flash drive. All of the files must reside in the same directory. 2. Boot to EFI and then run the fwUpdateBMC.nsh script file to update the Integrated BMC. Modification of the update script or using fwpiaupd.efi with your own command line parameters is not supported and doing so is at your own risk! 3. Install latest available FRU/SDR package specific to the platform. =============================================================================== FIRMWARE RECOVERY PROCEDURE =============================================================================== The Recovery process can be initiated by setting the recovery jumper (called BMC Force Update Jumper) to the recovery position. The jumper is normally in the normal/de-asserted position. The system must be completely powered off (A/C power removed) before the jumper is moved. After power is re-applied and the firmware update is complete, the system must be powered off again and the jumper must be returned to the de-asserted position before normal operation can begin. A BMC recovery can be accomplished from a USB flash drive. 1. Copy all files to a storage USB flash drive. All of the files must reside in the same directory. 2. Remove A/C power from the system and wait 30 seconds. 3. Move the BMC Force Update Jumper to the recovery position. Details regarding the jumper ID and location can be obtained from the Board EPS for that Platform. 4. Insert the USB flash drive. 5. Reapply A/C power to the system and power on the system. 6. The BIOS POST screen will appear displaying the progress press F6 to select boot options. At the boot option menu select to boot to the EFI SHELL. 7. Switch to the directory where you stored the update files and then run the fwUpdateBMC.nsh script file to update the Integrated BMC. Modification of the update script with your own command line parameters is not supported and doing so is at your own risk! 8. Remove A/C power from the system and wait 30 seconds. 9. Move the BMC Force Update Jumper to the normal position. 10. Reapply A/C power to the system and power on the system. NOTE: Performing this recovery procedure resets all network and user settings to defaults. The FRUSDR will also need to be reloaded after a recovery (SDR update). =============================================================================== FIRMWARE UPGRADE/DOWNGRADE PROCEDURES =============================================================================== Upgrade of BMC FW from version BMC_i_0160r12335 to later versions will be documented in the release notes for those versions. Reverting to a lower version of firmware may have unexpected side effects, including but not limited to user settings reset to defaults, and will always result in the loss of functionality which was present in the higher version but was not implemented in the lower version. We do not guarantee that any downgrade will operate without side-effects. Always observe caution when downgrading firmware. =============================================================================== KNOWN ISSUES/WORKAROUNDS/REQUIREMENTS =============================================================================== - This BMC FW update package is to be used only on Intel server baseboards and does NOT support customer reference boards (CRB) or silicon reference platforms (SRP). Contact your Intel Representatives to determine where to download the BMC FW for these products. - The BMC FW image file in this package is to be used only with the provided FWPIAUPD update utility. Using the FW image file with a SPI flash device programmer will result in a non-functional system. - Some open source ipmi utilities may automatically retry multiple times during access BMC using bad password and supporting IPMI specification 1.5 in Linux OS. CCB310 will log more bad password login SEL. - Start from BMC v1.60, KCS Policy feature added. When KCS control mode is put in restricted and deny all mode, BMC EWS CPU and DIMM page displays blank or last DC on configuration information. When KCS policy control mode is configured as "Restricted" and "Deny All", BMC and FRUSDR cannot be upgraded/downgraded as expected behavior. More information can be referred to document BMC KCS Policy Control Modes_v0.7. - Start from BMC v1.60, by default, only Cipher Suite 17 support for IPMI Over Lan feature added. Please use ipmitool 1.8.18 or later to access BMC IPMI Over Lan message interface with -C 17 option. - Start from BMC v1.60, KVM unsecure port disabled feature added. User only can configure secure port of KVM in the web console. - Start from BMC v1.60, by default, RMCP disabled and RMCP+ Cipher Suite 3 disable feature added , also add options in web console. User can configure these options though web. =============================================================================== ISSUES FIXED =============================================================================== 1.60.12335: -2103632883: [BMC]After offline update BMC to 1.58, SSH can't connect successfully by default port 22. -2103632890: [BMC]The EWS login Window can't be opened sometimes if offline update the BMC to 1.58. -2103632313: [BMC]The SSH connection will be closed automatically after issuing some commands. -2103632763: [BMC]The SEL for capture KCS policy control mode is incorrect. -2103632905: [BMC] KCS policy sensor will show "Unknown" health status after BMC reset for BMC 1.59. -2103632906: [BMC] There is no help information about new features "RMCP mode" and "RMCP+ Cipher Suite3" in the EWS. -2103632894: [BMC]Changed any secure port of KVM/CDROM/USB/Floppy, the KVM will hang up after mount any remote media. 1.59.12319: -2103632411: The KVM session will hang up when set the "USB key Emulation Type" to "Hard Disk" type and mount the redirected devices. -2103632398: It shows, "Description:Unname - Asserted" in the SELText.txt (SELLOG.zip) for all KCS control mode. -2103632317: [BMC]The SUT can't get the stateful IPv6 IP address from DHCPv6 server. -2103632763: [BMC]The SEL for capture KCS policy control mode is incorrect. -Replace 05A~08A 1600W PSU fw from 75 to 78 and add 09A~11A 1600W PSU FW version 78 -Upgrade openssl from 1.1.1e to 1.1.1g -KCS PSIRT enhancement that is for core-bios-done possible security attack -add Cipher Suite3 setting in EWS -add RMCP mode setting in EWS -fix RED team reported problems including Web File upload problem and Authentication Bypass for each ASP endpoint. 1.58.12280: -BDBA fix : libs and application upgrade (/usr/bin/unzip and /sbin/lsof removed,libldap to 2.4.49,openssl from 1.1.1d to 1.1.1e,libtasn1 to v4.16, libkrb5.so-keberos upgrade to 1.18.0) -2103632312 web page copyright date wrong problem. -2103632313 [BMC]The SSH connection will be closed automatically after issuing some commands. -1506367106 fail to dump system debug log with syscfg. -2209994497 [BMC][H1 761356] buffer overflow in usbe.ko leads to remote code execution. -DCG RED team reported vulnerabilities fix ID#19 and improvement on ID#4,8,9 fixes. 1.57.12143: -BDBA fix  - kernel  and  busybox  upgrade a. Kernel upgrade from 3.2.59 to 3.2.102 b. Busybox upgrade from 1.20.2 to 1.31.1 -BDBA Fix  - libs and application upgrade (libbz2, libgcrypto, libgpg-error, libsasl2, openssl, zlib, openssh, stunnel, dhclient, glibc) -KCS PSIRT problem (refer to Xeon® E5-2600v3,v4 Family BMC EPS 1.20) -Only support Cipher suite 17 for IPMI over lan(ipmitool -I lanplus .... -C 17) - SSH weak cipher remove -USBanywhere security problem , need to disable unsecure port about KVM -CCB 2880  Add IPMI commands and Web interface for user to select SSL Cipher -expl_fdserver problem, need to fix bypass auth issue -DCG RED team reported  about 20 vulnerabilities. a. KVM HID packets attack b. 10 Buffer overflow  issues in different features. c. 6 Cross Site Scripting vulnerabilities  through /goform URL  for web service feature. d. two issues that caused by JSLibrary bypass  for web service feature. -klockwork problem fix  including  about 2000  Critical and Error issues  in different  features. 01.56.11315: -1507116141: Java Certificate Expires on latest BMC for Romley and Grantley -2103624504: [Grantley][BMC]EWS always login failed after force update BMC 1.55.11282 revert security fix -2205553943: BMC leaks users' hash even when the cipher suite is disabled in the mask Defects which are side effect of above security fix. 2103624546, 2103624504, 2103624561, 2103624562, 2103624564, 2103624532, 2103624549, 2103624559 01.55.11282: -Sync wildcatpass factory sdr version to 1.18 -1506705519: BMC IPMI over lan can't work after bind host NIC1/2 and ipmitool mc reset cold -2103624199: [BMC]Intel Copyright Statement isn't correct on EWS about button -2103623914: ADP Refresh:Can't use command disable Remote Media service port -2103623921: ADP Refresh: The events' description mismatch with the actual VRD Hot sensor when heat VRD hot signals same security issues with purley: -2205553943: BMC leaks users' hash even when the cipher suite is disabled in the mask -2205553948: Low-privileged user can retrieve hash containing password of other users, including administrators -2205553951: Unathenticated user can get system GUID of the BMC 01.54.11260: -1506238969: BMC firmware health sensor report fan unavailable from Kontron SKU -GetMTMLevelandTimeouts Command return unexpected response -Update 750W DPS-750AB32A PSU FW version from 27 to 33 01.53.11210: -2006855538: [TLP] Defective 1600W PSU is not properly communicating the failure status to BMC - Fully Redundancy has been lost but system is reporting the redundancy as OK. 01.52.11190: -2103621817: [Grantley][BMC]The SUT will not reboot after CATERR generate. 01.51.11154: -None 01.51.11142: -1504722183: CPU Throttles all cores to ~50 MHz on S2600BP and S7200AP nodes in chassis with 2130W PSU -1504722691: 2130W PSU predictive failure on S2600BP from across customers and across sites 01.51.11021 - (Release Version) =============================================================================== -220624059: Undefined login fields on EWS Login Page with Internet Explorer 11 -1504590296: SDR recent-erase timestamp is cleared after loading BMC defaults -1504598003: HDD fault LED issue on S2600KP KDK(12X3.5 HSBP) -2006652163: PSU2 reports 'a predictive failure for the power supply' after idle. -2103618868: [BMC][rKVM] Some settings shows of rKVM "keyboard" and "Mouse" are difference when rKVM video changed between Window mode and Full Screen mode. -2103618792: [BMC][Media Redirection] It pop-up error message "Floppy redirection failed to start" when trying to mount a floppy image from rKVM. -None: add password authentication in SSH connection on SMASH function -None: update 1600w PSU fw to v75 supporting HW version from 00A to 08A 01.51.10899(Internal version) -1504544029: When using the Chinese browser and http protocol to log in BMC, BMC EWS display in English. -2103617535: The "Alt+Ctrl+Del" on rKVM "keyboard" pull-down menu doesn't work on special condition. -2103615710: ITAS tool get Health L.E.D status BLINK error during 700 cycles AC/DC power cycling test. Expected L.E.D status is ON. -220272809: S7200AP Media Redirection - Floppy/USB - "Floppy Redirection Failed to Start" -none: REACT libgcrypt issue -none: Add 1100W PSU Fw to support HW rev 02F -none: update 2300W PSU FW from 30 to 31 =============================================================================== 01.50.10802 - (Release Version) =============================================================================== -1504486292: Fake PS1 Power In event in SEL caused by miscommunication between BMC and PSU -1209210658: 1100W PSU Predictive failure message has been detected -none: PSU downgrade issue happened in factory =============================================================================== 01.50.10693 - (Release version) =============================================================================== -1504475575: S2600WT Rear HSBP LED can't be turn on when install RAID card(RMS3CC080). -1504480185: VMCLI64 fails to mount image at EFI 01.50.10670(Internal version) -2103614923: [BMC][EWS] Windows Server 2016 Login window can't be unlocked ocasionally when press Macros key "Alt+Ctrl+Del" on rKVM. -2103614934: [BMC][EWS] Start menu will popup on SUT ocassionally when check "hold on" of Right/Left Windows key in rKVM. -2103615573: [BMC][EWS] EWS is contain "intel" charactor in Help txt display. -2103615658: [BMC][EWS] The "Save" button will be inactive after cancel the modification of Mouse Mode Setting in EWS. -2103615661: [BMC][EWS] The modification of "Security Settings" and "SDR Configuration" can't be saved in EWS. -2103615662: [BMC][EWS] The "SDR Configuration" page in EWS can't show any information about SUT. -2103615807: [BMC][SMASH-CLP]Smash scripts---smoke test fail with BMC 1.49.10574. -2103615821: [BMC][EWS]Some EWS help texts (which should not be viewed by user account) will be displayed with user privilege. -2103615826: [BMC][EWS]The "Node Manager" help texts in EWS (which should not be viewed by operator account) will be displayed with operator privilege. -2103615830: [BMC][PSU]The sensor "Pwr Unit Redund" will be Warning or Critical status after DC cycle for PSU PSSF22201A (Rev: 01A / FW: 0.0.30). -2006627744: Security Settings information empty at BMC Configuration =============================================================================== 01.49.10574 - (Release version) =============================================================================== -1504410796: Java certificate expired -2006616799: ipmitool command doesn't stop fan of Xeon Phi Co-processor -2006616806: there is not communication between ipmitool command and SMC -2103615195: [BMC][EWS] An error pop-up when selecting EWS option "SDR Configuration" or "Security Settings" with a user privilege account -2103615199: [BMC][PHI]With BMC 1.49.10442, the FRU info of Xeon PHI card can't be detected by FRUSDR utility or EWS. -2006619034: EMCTHOL - Inconsistent FW Version format on BMC Release Notes - HEX or DEC -2103615408: [BMC][SMASH] The SMASH-CLP window closed automatically after running "stop /system1" command. -none: Fix six EWS vulnerabilities reported by scanner: X-Frame-Options Header Not Set; Web Browser XSS Protection Not Enabled; X-Content-Type-Options Header Missing; SSL/TLS use of weak RC4 cipher; SSL medium strength and 64bit block ciphers supported; Protection against Clickjacking vulnerability. 01.49.10442(Internal version) -1405569243: SSB Temperature Sensor (0x22) Unable to be read after updating with OFU Utility -none: Fix two EWS vulnerabilities reported by scanner: Web Server Vulnerable to Redirection Page Cross-Site Scripting Attacks; Incomplete or No Cache-control and Pragma HTTP Header Set. =============================================================================== 01.48.10351 - (Release version) =============================================================================== -EPSD100256480: The fault LED of NvME SSD keep blinking on S2600TP 24HDD system after AC cycle -EPSD100256247: S2600WT system (LWT2224YXXXX221, LWT2224YXXXX129 ) will hang on post after AC cycle with BIOS R16 -EPSD100255719: APPSOL-31180: Web Server Vulnerable to Redirection Page Cross-Site Scripting Attacks -EPSD100035907: The HDD fault LED no light and no rebuild event be logged when plug out the HDD from HSBP(G97158-371) and plug back the HDD to rebuild RAID. -EPSD100256365: [S2600WT]The NVMe HDD can not be detected in EWS web sensor reading interface when install the NVME HDD in the 2nd HSBP's NVMe slot. -EPSD100256457: In Redhat grub edit mode Backspace and cursor move operations can't be consistent between local Screen and remote KVM session's Screen -EPSD100035838: Can not display Simplified Chinese content after EWS was login when language was change to simplified Chinese. -EPSD100254723: S2600KP BMC FW Health reports HSBP Temp has failed -none: Fix generic overflow attack on port 5120 and 5123 for cdserver and fdserver 01.48.10259(Internal version) -EPSD100255012: [S2600WT] - Riser2 Temp lower issue with A2UL8RISER2 -EPSD100255833: Linux Kernel vulnerability – Dirty COW attack -EPSD100254817: The HSBP's FRU can't be detected if install 4 HSBP in S2600WT system. (Long term solution) -EPSD100035118: HDD Fault LED didn't amber blinking at 1HZ frequence during HDD rebuilding -EPSD100033884: The HDD fault LED no light and no rebuild event be logged when plug out the HDD from HSBP(G94339-371) and plug back the HDD to rebuild RAID. -none: Upgrade openssh to 7.3 01.48.10239(Internal version) -EPSD100035162: LCD shown frusdr version is 1.3a, not 1.13a with BIOS setup. -EPSD100255280: BMC Debug Log does not dump IIO configuration in case of ERR2 -EPSD100255284: BMC Debug Log generation code reads wrong bus to get GFERRST value on socket 1 -EPSD100034909: It shows the HSBP FW update status as "00 01" by executing the "cmdtool 20 c0 38" command in power off status -none: Increase EWS stability after Nessus/Qualys scan -none: Update openssl to 1.0.2j =============================================================================== 01.47.10181- (Release version) =============================================================================== -EPSD100254817: The HSBP's FRU can't be detected if install 4 HSBP in S2600WT system. -EPSD100034620: Ping LAN1 (BMC management) IP failure after AC off/on sometimes with RoHS BB. -EPSD100254941: HSBP3 sensors can not be accessed and shown as Unknown because of SDR auto-configuration failure -EPSD100253829: vulnerabilities found on BMC_i_0146r9961 -EPSD100254410: BMC Ethernet hang issue in some case -EPSD100254304: BMC alerts received in an email via SMTP have a different time -EPSD100253866: BMC EWS Security settings issue (Bad password threshold) -Fix issue of second CPU dump when IERR happened and first CPU dump failed, Use PCH command to trigger warm reset, Increase handshake timeout with BIOS -Fix "No SEL is added when FM_MEM_THERM_EVENT_N is grounded." -Updated the stunnel conf to support TLSv1.2 only, with secured ciphers <= 128 =============================================================================== 01.46.9995- (Release version) =============================================================================== -none: Watchdog assert happened on Nodes with bigger number while unplug PSU on S2600KP/S2600TP 01.46.9961(Internal version) -EPSD100253232: [S2600WT] FRUSDR112 and FRUSDR113 dont detect PSUs on a 3rd party chassis -EPSD100251931: Email and SNMP alerts are not sent during a drive fault on 1U HSBP. -EPSD100253499: EWS show in Chinese not align with English -EPSD100252884: Change FAN to auto-rearm, fan status cannot show correct status on EWS -none: Remove the 2130W PSU FW Ver24 for update hang issue 01.45.9842(Internal version) -EPSD100252472: Defect title: vulnerabilities found on BMC release 01.41.9579 -EPSD100252826: BMC FW Use of Voltage Fault (D1h) Violates DFT Rule #1619 -EPSD100252984: modify master.cfg to automation will results fail -EPSD100249322: duplicate response from remote host during SSH SOL/SMASH session -EPSD100252884: Change FAN to auto-rearm, fan status cannot show correct status on EWS -none: After load FCT or Default SDR in 24HDD System, HSBP update process cannot start 01.44.9785(Internal version) -EPSD100031139: The DPC function couldn't work on the PCIe switch AIC via Switch AIC (Implement OEM Misc command (NetFn:0x30, Cmd:0x67) to detect SSD switch AIC) -EPSD100248833: SMASH cannot read recent SEL events when SEL has a high volume. -EPSD100031101: IE11 displaying EWS->Configuration->KVM & Media /SOL & SMASH , Sever Diagnostics->POST Codes with help ON, text exceeds the Box size -EPSD100252439: PCIe SSD Add-in-Card present slot bitmap don't match current inserted slot number in EFI shell =============================================================================== 01.43.9685 - (Release version) =============================================================================== -EPSD100250289: EWS BMC HTTP connection is halt when using JDisc application discovery task with VMware account. -EPSD100250443: Shipping SDR can't be dumped after load SDR from system to shipping -EPSD100031613: Intel Copyright Statement isn't correct on EWS -EPSD100252136: The SEL description format for the "FW Update Status" sensor is confusing -EPSD100252197: [S2600WT] 2x3.5 HSBP FRU can't be detected with BMC 01.41.9579 -EPSD100030211: Mouse and keyboard is not available in a rKVM session under Windows 2012 R2 after select "Launch Redirection" for 2~3 times -EPSD100031610: No beep code and CPU missing event be generated when remove processor1 from CPU socket -EPSD100249322: duplicate response from remote host during SSH SOL/SMASH session 01.42.9617(Internal version) -EPSD100251192: Syscfg not working for changing user privileges. -EPSD100031260: The Sensor Reading Page from EWS display status is mismatch with Specification when the DC power is off and AC power is present -N/A: Check in 2130W PSU S4 image. -N/A: Merge Intel Security Thunderbolt to trunk. -N/A: Fix a potential CPU ID mismatch to detect CPU status. =============================================================================== 01.41.9579 - (Release version) =============================================================================== -EPSD100249257: (X)12GB bridgeboard sensor no longer seen after updating to BIOS 1.01.009SUP with SDR Package 1.09 on S2600KP/S2600TP. 01.41.9519(Internal version) -EPSD100030179: IE11 displaying EWS->Configuration->Server Diagnostics with Old System Debug Log text exceeds the Box size -EPSD100030713: Using EWS cannot get information when using BMC version 1.38/1.39. 01.40.9455(Internal Version) -EPSD100030395/EPSD100030381: The second HSBP related sensors show in unavaliable state when 2 HSBP are configured in chassis. -EPSD100028376: When Solve BMC error, the status LED cannot change to Solid Green from Blinking Amber automatically. -EPSD100250458: Unknown SEL event after XEON Phi Ctrl Alt Del reset (possibly other resets as well). -EPSD100029078/EPSD100029080/EPSD100030117/EPSD100250535: DIMM Thrm Mrgn 1 sensor shows up as upper non-critical. -EPSD100030156: The SUT will wait over about 20 seconds than expected time before SUT auto powering up. -EPSD100250626: S2600TP BMC System Power statistic incorrect when the platform runs in standalone mode -EPSD100250525: Fan Fault LED not functional on S2600CW board. -EPSD100250872: BMC firmware OEM command about write SSL certification file fail to upload. -EPSD100250216: EWS Alerts page wording (Select the events that will trigger alerts:) confusing to customer when IPMItool is used to modify Alert Action settings. -N/A: Matched the TSOD addresses and memory controller PECI addresses. -N/A: ME SELs don't decode correctly. -N/A: BMC change to ensure the system remains off after an over current event (OCP) until the system has been AC power cycled. -N/A: Disable onboard NIC from BIOS,system fan run at high speed. =============================================================================== 01.39.9375 - (Release version) =============================================================================== -EPSD100030390: SUT boot slowly during BIOS post when node is plug in slot 3 or slot 4 - 01.38.9347(Internal Version) -EPSD100250032: EWS Show NVMe for S7200AP -EPSD100250127: EWS with Mozilla Firefox 41.0 has Login button in wrong location -EPSD100030179: IE11 displaying EWS->Configuration->Server Diagnostics with Old System Debug Log text exceeds the Box size -EPSD100250243: BMC FW BAT test 32 Temperature Sensor fwtests\Sensors\Functions\interrelated_tests\sensor_thresholdEvents.tcl -EPSD100250226: With no SATA drives installed EWS shows 3 out of 4 installed. -EPSD100028833: HDD LEDs are off when HDD access -EPSD100028868: Thermal Trip event generate when heat the processor to make system power down. 01.37.9235(Internal Version) -EPSD100030118: No HDD presence and check HDD status in EWS, HDD2,3 status shows like "Drive Presence". -None: Update HSBP CPLD to 1.5. =============================================================================== 01.33.8932 - (Release version) =============================================================================== -N/A: Update FCT/Shipping SDR of S2600WT to 1.09. -N/A: Update FCT/Shipping SDR of S2600CW to 1.11. -N/A: Update FCT/Shipping SDR of S2600KP/TP to 1.12. 01.31.8875(Internal Version) -N/A: Update open SSL lib from 1.0.2a to 1.0.2d. -N/A: VLAN refresh has problem during met lan status drop and regain. -N/A: Added support for the new 2200W power supplies. -N/A: Thunderbolt fans did not boost when a member read 0 RPM. -EPSD100248689: [Thunderbolt] Sometimes there are some abnormal logs in SEL when run DC cycle or Hard Reset. -EPSD100248782: The Help text in the BMC web console for Modify User does not match the actual interface. -EPSD100029037/EPSD100029042/EPSD100029046: The "Bad user PWD" event log will occur when send several commands from remote client during update BMC FW. -EPSD100029025/EPSD100029043/EPSD100029044: "Bad User PWD" event will occur when log in EWS via LDAP account with correct USERID and PASSWORD. - 01.30.8756(Internal Version) -N/A: Disable CPLD Update Function by default and add a command for user. 01.29.8658(Internal Version) - EPSD100028587: BMC and SDR version become "Unknown" when used DCM tool to limit SUT power consuming - EPSD100028724: No HDD presence and check HDD status in EWS, HDD2,3 status shows like "Drive Presence". - EPSD100028950: IOM FRU update fail =============================================================================== 01.28.8586 - (Release version) =============================================================================== -EPSD100248398: Spelling error in SEL log. -EPSD100248427: After SUT power off, there is "Front panel temp sensor has failed and may not be providing a valid reading - assert" logged for BMC FW health sensor -EPSD100248399: Change Bad Password Threshold parameter string in EWS to be same with spec. -EPSD100248480: Chassis intrusion is always enabled on MTM2 exit. =============================================================================== FEATURES ADDED =============================================================================== 01.54.11260: CCB#2162: 1300W PSU support on S2600WT, only need validation on S2600WT.(please verify together with S2600WT FRUSDR 1.18 or later version) 01.53.11210: -Sync CWP DP SKUs Factory and Shipping SDR version to 1.14 -Sync FCT/Shipping SDR version of KNP_DP to 1.16 and sync TLP_DP SDR version to 1.17 -Based on 1.52 BMC CCB2300, Slot IPMB command 51h ,Slot I2C command 52h and PCI Config Write command 45h should be included in the blacklisted commands, The three other filter cmds: netfn/command 2eh/45h, 3eh/51h, 3eh/52h to the ME -Based on 1.52 BMC CCB2166, Add two OEM commands SetMTMTimeout( 0x30/0x67 sub cmd 0x05) and GetMTMLevelandTimeouts(0x30/0x67 sub cmd 0x06) for user test. -Improve the logMTMLevelEvent data format and event data2 value 0x03 indicate MTM Operator Mode. 01.52.11190: -CCB2256: [Grantley]Add OEM command to provide global reset capability for Syscfg(Graceful shutdown, then automatically power on after powering off). -Similar security fix with purley CCB2166: A new speical mode will be created for "Master write/read i2c command". BMC will be required to be in this mode for the command. -Similar security fix with purley CCB2300: Add command filtering for bridged commands from host os to ME. -Merge CCB2239 Code into main trunk and include in this release. 01.51.11154: -CCB2239: Point release to Add OEM command to disable status LEDs without entering MTM mod -CCB1973: Enable ADR save to NVDIMM functionality on Thremtrip,ERR2,CATERR with our TaylorPass platform 01.51.11142: -none 01.51.11021: -none: update PSoc to v1.41 -none: rollback CCB1936's implementation 01.51.10899: -CCB1936: Disable/Enable IPMI network ports by IPMI command and EWS 01.50.10802: -none: upgrade PSU FW 1100w to v51 using 1100ADU00201_S3_1_1_51.bin 01.50.10693: -CCB135: Fix Riser3 to work with Intel NIC cards that uses SMBus -CCB1903: Change in reading temperature for Riser 3 -none: update PSoC to version 1.40 01.50.10670: -CCB 1794: BMC FW provides support for Monte Vista PCIe board. Host BMC can monitor the PCIe card for chassis thermal control. 01.49.10574: -none: upgrade openssl to version 1.0.2k -none: upgrade openssh to version 7.4p1 01.49.10442: -CCB 1711: Need a command to check power button status 01.48.10351: -none: update PSoC to version 1.27 01.48.10259: -none: update PSoC to version 1.26 01.47.10181: -CCB 460: enable adoption of A1u2ULCP on S2600WT -CCB 468: address the cipher suite zero vulnerability. -none: update PSoC to version 1.25 -none: update SDR file for S2600WT thermal alert issue 01.45.9842: -none: Update OpenSSL to latest version 1.0.2h to avoid OpenSSL vulnerability -CCB391: Add IPMI command to limit Maximum PWM code base -CCB404: provides support for KNL(Xeon Phi) PCIe card with CMD 0xE8 (PCIe slot CMD) 01.44.9785: -CCB430: Cross Site Request Forgery (CSRF) prevention and Privilege Escalation Attack via EWS prevention 01.42.9617: -CCB387: Support for TLSv1.2 using a 256 bit encryption key and make TLSv1.2 256 bit ciphers the default ones. 01.40.9455: -CCB387(Part): Disable TLS ciphers using less than 128 bits of encryption. 01.38.9347: -CCB320: Remove IHC from BMC functionality -none: Update CPLD image to 1.7 -none: Disable SSL support, support secure TLS session renegotiation only 01.36.9152: -none: Update CPLD to Version 1.4 -none: Update PSU to S3 0.20 -none: Update PSoC to version 1.19 01.28.8586: -CCB310: Implement Bad Password and Bad Username SEL logging and "Session Audit" system event to support ipmitool,ipmiutil and free ipmi. =============================================================================== REFERENCE MATERIAL =============================================================================== Common (integrated) BMC Firmware EAS (integrated) BMC Firmware Common Core EPS