Printable version

Drivers & software

* RECOMMENDED * ROM Flash Firmware Package - HPE ProLiant DL360 Gen10 (U32) Servers

By downloading, you agree to the terms and conditions of the Hewlett Packard Enterprise Software License Agreement.
Note:  Some software requires a valid warranty, current Hewlett Packard Enterprise support contract, or a license fee.

Type: BIOS (Login Required) - System ROM
Version: 1.50_12-29-2018(30 Jan 2019)
Operating System(s):
OS Independent | View all
File name: U32_1.50_12_29_2018.fwpkg (9.3 MB)
This firmware package provides updated system firmware that can be installed online through the use of tools such as Smart Update Manager (SUM) and the RESTful Interface Tool (iLOrest) on supported Operating Systems. Additionally, when used in conjunction with SUM or iLOrest, this firmware package allows the user to update firmware on remote servers from a central location. This remote deployment capability eliminates the need for the user to be physically present at the server in order to perform a firmware update.

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

This revision of the System ROM contains enhancements to the HPE memory support to improve memory resiliency. Please consult the following Customer Advisory for additional details: https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00064444en_us

Firmware Dependencies:

None

Enhancements/New Features:

Improved the memory resiliency of the server with enhanced support for HPE Fast Fault Tolerant Memory (ADDDC) capabilities. This System ROM will now configure the Advanced Memory Protection mode of the server to HPE Fast Fault Tolerant (ADDDC) memory mode for all Workload Profiles except Low Latency and Custom if the feature is supported by the server's DIMM configuration. Note that if the Advanced Memory Protection mode had previously been configured for Mirroring or Online Spare, the setting will NOT be automatically changed to HPE Fast Fault Tolerant Memory (ADDDC) mode. Also, if the DIMM configuration does not support HPE Fast Fault Tolerant Memory (ADDDC) mode, then the Advanced Memory Protection Mode will remain Advanced ECC Mode. Note that if the current BIOS configuration settings are queried via Redfish or the RESTful API, the setting for the Advanced Memory Protection Mode will indicate this change.

Known Issues:

None

To ensure the integrity of your download, HPE recommends verifying your results with this SHA-256 Checksum value:

03b9fac3271914f149fbba0de3fbf8dcae36d435eb13ba62305f20130c9a6761 U32_1.50_12_29_2018.fwpkg

Reboot Requirement:
Reboot is required after installation for updates to take effect and hardware stability to be maintained.


Installation:

To flash this firmware package, use the following iLOrest command.  See http://www.hpe.com/servers/resttool to download the latest version of the iLOrest tool.

localhost OS example:
ilorest flashfwpkg <file_name.fwpkg> 

remote example:
ilorest flashfwpkg <file_name.fwpkg> --url <iLO5_IP_Address> -u <iLO5_username> -p <iLO5_password>


This firmware package can also be installed with the latest version of Smart Update Manager (SUM).

Supplemental updates for supported ProLiant servers and options can be done by using SUM, which is found on the Service Pack for ProLiant (SPP) ISO.

  • Place the Service Pack for ProLiant on a USB key using the USB Key Creator Utility.
  • Place the desired firmware packages and components to be updated in the directory "\packages" on the USB key.

Update the firmware and software in the usual manner.

Reboot your system for the update to take effect immediately.

 


End User License Agreements:
The MIT License Agreement
OpenSSL License Agreement, Version 0.9.8
PNG Graphics File Format Software End User License Agreement
UEFI EDK2 License
zlib End User License Agreement
HPE Software License Agreement v1
Hewlett-Packard End User License Agreement


Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important:

Important Notes:

This revision of the System ROM contains enhancements to the HPE memory support to improve memory resiliency. Please consult the following Customer Advisory for additional details: https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00064444en_us

Deliverable Name:

HPE ProLiant DL360 Gen10 System ROM - U32

Release Version:

1.50_12-29-2018

Last Recommended or Critical Revision:

1.50_12-29-2018

Previous Revision:

1.46_10-02-2018

Firmware Dependencies:

None

Enhancements/New Features:

Improved the memory resiliency of the server with enhanced support for HPE Fast Fault Tolerant Memory (ADDDC) capabilities. This System ROM will now configure the Advanced Memory Protection mode of the server to HPE Fast Fault Tolerant (ADDDC) memory mode for all Workload Profiles except Low Latency and Custom if the feature is supported by the server's DIMM configuration. Note that if the Advanced Memory Protection mode had previously been configured for Mirroring or Online Spare, the setting will NOT be automatically changed to HPE Fast Fault Tolerant Memory (ADDDC) mode. Also, if the DIMM configuration does not support HPE Fast Fault Tolerant Memory (ADDDC) mode, then the Advanced Memory Protection Mode will remain Advanced ECC Mode. Note that if the current BIOS configuration settings are queried via Redfish or the RESTful API, the setting for the Advanced Memory Protection Mode will indicate this change.

Problems Fixed:

None

Known Issues:

None

Important Notes:

This revision of the System ROM contains enhancements to the HPE memory support to improve memory resiliency. Please consult the following Customer Advisory for additional details: https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00064444en_us

Deliverable Name:

HPE ProLiant DL360 Gen10 System ROM - U32

Release Version:

1.50_12-29-2018

Last Recommended or Critical Revision:

1.50_12-29-2018

Previous Revision:

1.46_10-02-2018

Firmware Dependencies:

None

Enhancements/New Features:

Improved the memory resiliency of the server with enhanced support for HPE Fast Fault Tolerant Memory (ADDDC) capabilities. This System ROM will now configure the Advanced Memory Protection mode of the server to HPE Fast Fault Tolerant (ADDDC) memory mode for all Workload Profiles except Low Latency and Custom if the feature is supported by the server's DIMM configuration. Note that if the Advanced Memory Protection mode had previously been configured for Mirroring or Online Spare, the setting will NOT be automatically changed to HPE Fast Fault Tolerant Memory (ADDDC) mode. Also, if the DIMM configuration does not support HPE Fast Fault Tolerant Memory (ADDDC) mode, then the Advanced Memory Protection Mode will remain Advanced ECC Mode. Note that if the current BIOS configuration settings are queried via Redfish or the RESTful API, the setting for the Advanced Memory Protection Mode will indicate this change.

Problems Fixed:

None

Known Issues:

None
Version:2.34_04-08-2020 (22 Apr 2020)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the serial port would not function properly when the iLO CLI serial interface was also enabled on the platform. This could lead to the serial BAUD rate not being configured properly and the serial output from the host would be corrupted or no output would be seen.

Addressed an issue where UEFI Serial Debug output could inadvertently be seen over BIOS Serial Console. This issue would be seen periodically on server reboots. This issue was introduced with System ROM v2.30 and did not impact servers using previous versions of the System ROM.

Addressed an extremely rare issue where the system could become unresponsive in POST when configured in Legacy Boot Mode when a USB Mouse is attached. This issue does not impact systems configured in UEFI Boot Mode.

Addressed an issue where boot devices could disappear from the Boot Options menu in the BIOS/Platform Configuration (RBSU) when pressing the F10 or F12 key to save boot order changes.

Known Issues:

None
Enhancements

Updated to the latest thermal support for the platform.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.32_03-09-2020(B) (29 Apr 2020)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This version of the System ROM contains the latest support for the HPE Smart Array s100i UEFI Driver. This system ROM is critical for customers who have enabled the HPE Smart Array s100i support. Please see advisory:  https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-a00097734en_us

Ver. 2.32_03-09-2020(B)  contains updates to the firmware packaging and is functionally equivalent to ver. 2.32_03-09-2020.  It is not necessary to upgrade with Revision B if a previous component revision was used to upgrade the firmware to version 2.32_03-09-2020.

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the HPE Smart Array s100i Software RAID may experience potential data inconsistency during initial configuration or operation of a RAID volume configured in RAID 0/1/5/10 Fault Tolerant Modes. This issue does not impact systems configured in other RAID configurations such as single RAID 0 or 1. This issue does not impact systems that have not enabled Smart Array s100i support.

Known Issues:

None


Version:2.32_03-09-2020 (13 Mar 2020)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This version of the System ROM contains the latest support for the HPE Smart Array s100i UEFI Driver. This system ROM is critical for customers who have enabled the HPE Smart Array s100i support. Please see advisory:  https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-a00097734en_us

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the HPE Smart Array s100i Software RAID may experience potential data inconsistency during initial configuration or operation of a RAID volume configured in RAID 0/1/5/10 Fault Tolerant Modes. This issue does not impact systems configured in other RAID configurations such as single RAID 0 or 1. This issue does not impact systems that have not enabled Smart Array s100i support.

Known Issues:

None


Version:2.30_02-11-2020 (14 Feb 2020)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of Intel microcode which addresses a Machine Check Exception failure when Fast Fault Tolerant Memory Mode (ADDDC) is enabled. In most cases, this issue results in the log of an Integrated Management Log (IML) Bank 7 or Bank 8 Machine Check Exception with a status of 0xB2000000:00200400 but can also result in a system reset with an Unexpected Shutdown logged. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigations for security vulnerabilities documented as CVE-2020-0548 and CVE-2020-0549, also known as CacheOut. These security vulnerabilities are documented in Intel Security Advisory INTEL-SA-00329. These issues are not unique to HPE servers.

Addressed an issue where the server may become unresponsive during POST with a Red Screen Exception (RSOD) when the server was reset (restarted) at the same time that an iLO firmware reset was initiated. Note that updating iLO firmware results in the reset of iLO firmware.

Addressed an issue where the System Utilities System Information data could not be successfully exported to an FTP (network) location. Previously the System Utilities would report the file was saved successfully but no actual information was saved on the network share.

Known Issues:

None

Enhancements

Added a new BIOS/Platform Configuration (RBSU) option to the Intel Persistent DC Performance Settings called Balanced Performance Mode. This option may improve performance of systems configured with Intel DC Persistent Memory with certain workloads.

Updated to the latest thermal support for the platform.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.22_11-13-2019 (18 Nov 2019)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

This version of the System ROM replaces the previously published v2.20 System ROM.  The v2.20 System ROM introduced an issue where a small subset LRDIMMs could experience an uncorrectable memory error. This issue had been previously fixed in the v2.14 ROM of the System ROM. Please consult the following advisory for additional details. https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00092445en_us

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest support for Intel Trusted eXecution Technology (TXT) which provides mitigation for CVE-2019-151. This mitigation is only needed for systems that have TXT enabled. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel Reference Code support that provides mitigations for the multiple security vulnerabilities. The following vulnerabilities have been addressed in this System ROM release: CVE-2019-11137, CVE-2019-152, and CVE-2019-11136. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an CVE-2017-5715, CVE-2019-11135 and CVE-2019-11139. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex micro-architectural conditions, executing X87 or AVX or integer divide instructions may results in unpredictable system behavior. This issue is not unique to HPE servers.

Addressed an issue where the system may become unresponsive during POST when both iLO and the server are reset simultaneously.

Addressed an issue where the server may experience a Red Screen (RSOD) during boot when a Matrox GPU is present and the server is booting in Legacy Boot Mode. This problem could occur with other optional PCIe graphics adapters. This issue is not intermittent and will occur on every boot with impacted optional PCIe graphics adapters with previous System ROM revisions. This issue is not seen with servers configured in UEFI Boot Mode or when using the embedded graphics controller.

Addressed an issue where the system may incorrectly report that a DIMM has been mapped out after a memory training failure in the Integrated Management Log (IML) when the DIMM is still present in the system memory map. The IML will now correctly indicate the memory training failure, but will not indicate that the DIMM has been mapped out. This change only impacts the IML logging of the error and does not impact the operation of the system.

Known Issues:

None

Enhancements

Updated to the latest thermal support for the platform.

Updated the language translations (non-English modes) for System Utilities.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.20_10-31-2019 (13 Nov 2019)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

REMOVED – Version 2.20 of HPE Gen10 system ROM is NO LONGER AVAILABLE for download. Please use the replacement version 2.22 or later. Version 2.20 has been removed from the web for the issue where a small subset LRDIMMs could experience an uncorrectable memory error. This issue had been previously fixed in version 2.14 of System ROM. Please consult the following advisory for additional details. https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00092445en_us

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest support for Intel Trusted eXecution Technology (TXT) which provides mitigation for CVE-2019-151. This mitigation is only needed for systems that have TXT enabled. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel Reference Code support that provides mitigations for the multiple security vulnerabilities. The following vulnerabilities have been addressed in this System ROM release: CVE-2019-11137, CVE-2019-152, and CVE-2019-11136. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an CVE-2017-5715, CVE-2019-11135 and CVE-2019-11139. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex micro-architectural conditions, executing X87 or AVX or integer divide instructions may results in unpredictable system behavior. This issue is not unique to HPE servers.

Addressed an issue where the system may become unresponsive during POST when both iLO and the server are reset simultaneously.

Addressed an issue where the server may experience a Red Screen (RSOD) during boot when a Matrox GPU is present and the server is booting in Legacy Boot Mode. This problem could occur with other optional PCIe graphics adapters. This issue is not intermittent and will occur on every boot with impacted optional PCIe graphics adapters with previous System ROM revisions. This issue is not seen with servers configured in UEFI Boot Mode or when using the embedded graphics controller.

Addressed an issue where the system may incorrectly report that a DIMM has been mapped out after a memory training failure in the Integrated Management Log (IML) when the DIMM is still present in the system memory map. The IML will now correctly indicate the memory training failure, but will not indicate that the DIMM has been mapped out. This change only impacts the IML logging of the error and does not impact the operation of the system.

Known Issues:

None

Enhancements

REMOVED – Version 2.20 of HPE Gen10 system ROM is NO LONGER AVAILABLE for download. Please use the replacement version 2.22 or later. Version 2.20 has been removed from the web for the issue where a small subset LRDIMMs could experience an uncorrectable memory error. This issue had been previously fixed in version 2.14 of System ROM. Please consult the following advisory for additional details. https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00092445en_us

Updated to the latest thermal support for the platform.

Updated the language translations (non-English modes) for System Utilities.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.16_09-12-2019 (26 Sep 2019)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

This version of the System ROM includes the latest revision of the Intel microcode which addresses an issue where the system may experience an unexpected machine check exception. This issue would be logged to the Integrated Management Log (IML) as a Bank 0x03 or Bank 0x04 with status 0xBE000000'00800400 or 0xFE000000'00800400 Machine Check Exception. This issue is not unique to HPE servers.

This version of the System ROM includes the latest version of the Intel microcode which addresses an issue where under complex microarchitectural conditions involving branch instructions that span multiple 64 byte boundaries, unpredictable system behavior may occur. This issue is not unique to HPE servers.

Known Issues:

None

Version:2.14_09-05-2019 (17 Sep 2019)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where certain 2933Mhz LRDIMMs (HPE part number P03054-091, P03055-091 and P11057-0A1) may experience an uncorrectable memory error when operating with a Second Generation Intel Xeon Scalable Processor. This issue can be seen when processor c-states are enabled on the platform. This issue does not impact 2666Mhz LRDIMMs or any speed RDIMM. HPE recommends that customers experiencing an uncorrectable memory error in one of these configurations update to this version of the System ROM before replacing any memory. This issue is not unique to HPE servers.

Known Issues:

None

Version:2.12_07-03-2019 (12 Sep 2019)
Enhancements

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Enhancements/New Features:

Added support for Network Choice (NC) SKUs of the HPE ProLiant DL360 Gen10 Server. These server SKUs do not include the embedded NIC. This revision of the System ROM supports all SKUs of the HPE ProLiant DL360 Gen10 Server, but does not include any new functionality or issue fixes for non-NC SKUs.

Known Issues:

None

Version:2.10_05-21-2019 (1 Jul 2019)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the Server Backup and Restore functionality may not work properly if initiated through the HPE RESTful API returning a message "An internal error occurred during RIS operation".

Addressed an issue where configuring memory to run at 2x refresh rate would still actually operate memory at 1x refresh rate. This issue was introduced with the v2.00 System ROM and did not impact earlier versions of the System ROM. This issue is not unique to HPE servers.

Addressed an issue where the NVMe PCIe Resource Padding option in BIOS/Platform Configuration (RBSU) would not properly allocated sufficient resources to support a NVMe hot add event. In certain configurations, an insufficient amount of resources would have been reserved and a reboot would have been required to detect the presence of the newly added drive.

Addressed an issue where the system would not boot to a USB drive when a non-bootable (non-formatted) drive was also present in the system. This issue only impacts systems configured in Legacy Boot Mode.

Known Issues:

None
Enhancements

Added support for HPE Persistent Memory featuring Intel Optane DC Persistent Memory.

Added a new BIOS/Platform Configuration (RBSU) option called Intel Priority Based Frequency to support enabling Intel Speed Select - Base Frequency support on select 2nd Generation Xeon Scalable Family Processors that are optimized for NFV workloads. This option, which is disabled by default, is located in the Processor Options menu and visible only when NFV optimized SKUs are installed (denoted by the N in the SKU model). On supported Operating Systems, Intel Speed Select - Based Frequency functionality allows high priority cores to operate at a higher frequency than the nominal base frequency while lower priority cores will run at a slower frequency.

Added a new BIOS/Platform Configuration (RBSU) I/O Direct Cache (IODC) menu to the Power and Performance Menu. This option allows for tuning the policy for which I/O transactions interact with the processor cache. The caching policy may have a slight impact on cross socket latency. Workloads where this option would need to be modified from its default value for optimum performance are extremely rare.

Added support for HPE Fast Fault Tolerant Memory (ADDDC) to operate when a single memory rank is only available on a given memory channel. Previous versions of the System ROM required two or more memory ranks to be available on each memory channel. After updating to this version of the System ROM the server will automatically configure the system for HPE Fast Fault Tolerant Memory Mode if the memory configuration supports this option.

Updated the UEFI OpenSSL support to version 1.0.2r to address security vulnerability CVE-2019-1559.


Version:2.04_04-18-2019 (2 May 2019)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and/or hypervisor updates, provides mitigation for a new group of side channel vulnerabilities known as Microarchitectural Data Sampling (MDS).  This includes support for mitigating the following vulnerabilities:  CVE-2018-12126 – Microarchitectural Store Buffer Data Sampling, CVE-2018-12130 – Microarchitectural Fill Buffer Data Sampling, CVE-2018-12127 – Microarchitectural Load Port Data Sampling, and CVE-2019-11091 – Microarchitectural Data Sampling Uncacheable Memory.  These issues are not unique to HPE servers.  Note that MDS is addressed in hardware for systems utilizing the Intel Second Generation Intel Xeon Scalable Processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and/or hypervisor updates, provides mitigation for a new group of side channel vulnerabilities known as Microarchitectural Data Sampling (MDS).  This includes support for mitigating the following vulnerabilities:  CVE-2018-12126 – Microarchitectural Store Buffer Data Sampling, CVE-2018-12130 – Microarchitectural Fill Buffer Data Sampling, CVE-2018-12127 – Microarchitectural Load Port Data Sampling, and CVE-2019-11091 – Microarchitectural Data Sampling Uncacheable Memory.  These issues are not unique to HPE servers.  Note that MDS is addressed in hardware for systems utilizing the Intel Second Generation Intel Xeon Scalable Processors.

This revision of the System ROM includes the latest revision of the Intel Reference code support that provides mitigations for a variety of security vulnerabilities.  The following vulnerabilities have been addressed in this System ROM release: CVE-2019-0119 and  CVE-and CVE-2019-0126.  These security vulnerabilities are not unique to HPE servers.

Addressed an issue where the system may experience a higher rate of boot time Memory training issues with Intel Xeon Scalable Performance Bronze, Silver and Gold 5x00 processors. This issue was first introduced with System ROM version 2.00. HPE recommends that any customer experiencing a memory issue immediately update to this version of the system ROM before replacing any components. This issue is not unique to HPE servers.

Known Issues:

None


Version:2.02_03-19-2019 (28 Mar 2019)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex microarchitectural conditions, software using Intel TSX (Transactional Synchronizations Extensions) may result in unpredictable system behavior. Intel has only seen this under synthetic testing conditions and is not aware of any commercially available software exhibiting this behavior. This issue is not unique to HPE servers.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex microarchitectural conditions, software using Intel TSX (Transactional Synchronizations Extensions) may result in unpredictable system behavior. Intel has only seen this under synthetic testing conditions and is not aware of any commercially available software exhibiting this behavior. This issue is not unique to HPE servers.

This system ROM contains the latest Intel microcode that addresses an issue where the system may experience an Uncorrected Machine Check Exception in Bank 0 with Status containing 000F0150. This update may not address all Bank 0 machine check events with a Status containing 000F0150 but should be used before any other further service actions for issues resulting in this Integrated Management Log (IML) entry. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the UEFI EDK2 support that provides mitigations for a variety of security vulnerabilities.  The following vulnerabilities have been addressed in this System ROM release: CVE-2018-3613 CVE-2017-5731, CVE-2017-5732, CVE-2017-5733, CVE-2017-5734, CVE-2017-5735, CVE-2018-3630, CVE-2018-12178, CVE-2018-12179, CVE-2018-12180, CVE-2018-12181, CVE-2018-12182, CVE-2018-12183, CVE-2018-12201, CVE-2018-12202, CVE-2018-12203, CVE-2018-12204 and CVE-2018-12205. For additional information please refer to the security bulletin at https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03912en_us.  These security vulnerabilities are not unique to HPE servers.

Addressed an issue in which the system may not properly boot to the HPE 8GB Dual microSD Flash USB Drive when an SD card is installed on the internal SD slot when the system is configured for Legacy Boot Mode. This issue does not impact systems in UEFI Boot Mode.

Addressed an issue where certain 3rd party USB drive keys may not function properly after a system reset when the system is configured in UEFI Boot Mode.

Addressed an issue where the HPE CN1000E-T adapter may not boot properly in Legacy Boot Mode.  This issue does not impact systems configured in UEFI Boot Mode.

Addressed an issue where firmware updates staged through the HPE RESTful API may fail to properly execute on a subsequent boot and be marked with an exception in the iLO firmware installation queue.

Addressed an issue where iLO virtual media may not boot properly after setting the Boot on Next Reset option in the iLO Remote Console and Media - Virtual Media settings.

Addressed an issue where the AHS Download application from the System Utilities Embedded Applications or UEFI Shell may fail to work properly with iLO firmware 1.30 or later.

Addressed an issue where the UEFI Shell sysconfig command may fail to set an option or become unresponsive.

Addressed an issue where an optional SATA DVD drive may not unlock and allow media to be ejected after an operating system reboot.

Addressed an issue where the system may become unresponsive during boot and experience a Red Screen (RSOD) when booting in Legacy Boot mode with a SATA M.2 drive installed. This issue does not impact systems in UEFI Boot Mode.

Addressed an issue where a USB KVM, such as the HP AF611A KVM,  may not function properly after a system reboot.

Known Issues:

This revision of the System ROM may result in a VMware PSOD (crash) when a system is configured with Intel Trusted eXecution Technology (TXT) enabled and the Trusted Platform Module (TPM) in TPM 1.2 Mode. This issue is only seen in certain memory configurations. Please consult the following HPE Customer Advisory for more details on this issue. https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00065453en_us

 

Enhancements

Added support for Intel Xeon Scalable Performance 3200, 4200, 5200, 6200 and 8200 series processors.

Added support for HPE One button secure erase. This option can be launched from the HPE Intelligent Provisioning application or through the HPE RESTful API to securely restore the system back to a default configuration.  This option also requires iLO firmware 1.40 or later, and Intelligent Provisioning 3.30 or later.

Added Secure Configuration Lock feature.  This feature can be enabled to detect system hardware, security configuration, or firmware revision changes to protect against malicious or unintended modifications to the server.  This protection can be enabled for systems in transit from the factory to the customer site, in transit from one customer site to another, or can be left enabled on a deployed server.  A new BIOS/Platform Configuration (RBSU) Server Configuration Lock menu in the Server Security Options is available to enable and configure this functionality.

Added a new BIOS/Platform Configuration (RBSU) Backup and Restore Settings menu to System Default Options. This option can be used to backup (save off) the current BIOS configurations settings to a USB storage device for migration to another server.

Added a new BIOS/Platform Configuration (RBSU) Opportunistic Self Refresh menu to Memory Options. This option can be enabled to reduce idle system power usage, but the system may incur additional memory latency.

Added a new BIOS/Platform Configuration (RBSU) Memory Controller Interleaving menu to Memory Options.  This option can be used to disable memory controller interleaving which may provide more balanced memory performance when a system is configured in an unbalanced memory configuration.

Added a new BIOS/Platform Configuration (RBSU) for dual bifurcation (quadfurcation) of PCIe Adapters to the Advanced PCIe Configuration Options. This option will allow a x16 PCIe device to be bifurcated into four x4 devices.  This option would only be used for PCIe Adapters that support this level of bifurcation.

Updated the system thermal logic to support the latest GPU adapters.

Updated the language translations (non-English modes) for System Utilities.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:1.50_12-29-2018 (30 Jan 2019)
Enhancements

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

This revision of the System ROM contains enhancements to the HPE memory support to improve memory resiliency. Please consult the following Customer Advisory for additional details: https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00064444en_us

Firmware Dependencies:

None

Enhancements/New Features:

Improved the memory resiliency of the server with enhanced support for HPE Fast Fault Tolerant Memory (ADDDC) capabilities. This System ROM will now configure the Advanced Memory Protection mode of the server to HPE Fast Fault Tolerant (ADDDC) memory mode for all Workload Profiles except Low Latency and Custom if the feature is supported by the server's DIMM configuration. Note that if the Advanced Memory Protection mode had previously been configured for Mirroring or Online Spare, the setting will NOT be automatically changed to HPE Fast Fault Tolerant Memory (ADDDC) mode. Also, if the DIMM configuration does not support HPE Fast Fault Tolerant Memory (ADDDC) mode, then the Advanced Memory Protection Mode will remain Advanced ECC Mode. Note that if the current BIOS configuration settings are queried via Redfish or the RESTful API, the setting for the Advanced Memory Protection Mode will indicate this change.

Known Issues:

None

Version:1.46_10-02-2018 (27 Nov 2018)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where early server video output, on a locally attached monitor, may not show correctly when the monitor is attached to the server through a KVM. This issue does not impact systems that are not using a KVM or video output through the iLO Remote Console application.

Addressed an issue where firmware flashing through the RESTful API could periodically fail and the task being marked with an exception in the iLO firmware page. This issue could impact flashing firmware such as the HPE Innovation Engine, Intel SPS Firmware or the optional HPE Trusted Platform Module (TPM).

Addressed an issue where a PCIe card would not properly train to its maximum speed when the PCIe Bifurcation option was enabled. This issue does not impact PCIe cards that do not require bifurcation.

Addressed an extremely rare issue where a system configured with an optional SATA DVD drive and an HPE SmartArray controller may become unresponsive during boot, usually with a Red Screen (RSOD), when in legacy boot mode. This issue does not impact systems in UEFI Boot Mode.

Addressed an issue where an optional PCIe card's legacy option ROM may not properly display its legacy setup menu prompt during boot when in legacy boot mode. This issue does not impact systems in UEFI Boot Mode.

Known Issues:

None
Enhancements

Added support for flashing the firmware of the optional HPE Trusted Platform Module (TPM). This is the minimum revision of the System ROM that should be used if updating the firmware on the optional HPE TPM module.

Added a new PCIe Peer-to-Peer Serialization option to the Advanced Performance Options menu in the BIOS/Platform Configuration (RBSU). This option can be used to improve peer-to-peer performance between two PCIe devices installed on the same processor. This option may improve performance in certain GP-GPU configurations.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:1.42_06-20-2018 (27 Sep 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This firmware version includes additional fixes (since version 1.40) for an issue where systems may experience a 389-Unexpected Shutdown and Restart, logged in the iLO Integrated Management Log (IML). This issue is not unique to HPE servers.

Addressed an issue where systems may log an erroneous Bank 4 Machine Check to the iLO Integrated Management Log (IML) on a system reset event. In most cases, this error can safely be ignored. This issue is not unique to HPE servers.

Addressed an issue where systems configured with NVDIMM-N Memory may experience a loss of persistent data during a system crash event that would cause a fatal processor error condition (IERR). This issue is not unique to HPE servers.

Known Issues:

None


Type: BIOS (Login Required) - System ROM
Version: 1.50_12-29-2018(30 Jan 2019)
Operating System(s):
OS Independent
VMware vSphere 6.0
VMware vSphere 6.5
VMware vSphere 6.7

Description

This firmware package provides updated system firmware that can be installed online through the use of tools such as Smart Update Manager (SUM) and the RESTful Interface Tool (iLOrest) on supported Operating Systems. Additionally, when used in conjunction with SUM or iLOrest, this firmware package allows the user to update firmware on remote servers from a central location. This remote deployment capability eliminates the need for the user to be physically present at the server in order to perform a firmware update.

Enhancements

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

This revision of the System ROM contains enhancements to the HPE memory support to improve memory resiliency. Please consult the following Customer Advisory for additional details: https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00064444en_us

Firmware Dependencies:

None

Enhancements/New Features:

Improved the memory resiliency of the server with enhanced support for HPE Fast Fault Tolerant Memory (ADDDC) capabilities. This System ROM will now configure the Advanced Memory Protection mode of the server to HPE Fast Fault Tolerant (ADDDC) memory mode for all Workload Profiles except Low Latency and Custom if the feature is supported by the server's DIMM configuration. Note that if the Advanced Memory Protection mode had previously been configured for Mirroring or Online Spare, the setting will NOT be automatically changed to HPE Fast Fault Tolerant Memory (ADDDC) mode. Also, if the DIMM configuration does not support HPE Fast Fault Tolerant Memory (ADDDC) mode, then the Advanced Memory Protection Mode will remain Advanced ECC Mode. Note that if the current BIOS configuration settings are queried via Redfish or the RESTful API, the setting for the Advanced Memory Protection Mode will indicate this change.

Known Issues:

None

Installation Instructions

To ensure the integrity of your download, HPE recommends verifying your results with this SHA-256 Checksum value:

03b9fac3271914f149fbba0de3fbf8dcae36d435eb13ba62305f20130c9a6761 U32_1.50_12_29_2018.fwpkg

Reboot Requirement:
Reboot is required after installation for updates to take effect and hardware stability to be maintained.


Installation:

To flash this firmware package, use the following iLOrest command.  See http://www.hpe.com/servers/resttool to download the latest version of the iLOrest tool.

localhost OS example:
ilorest flashfwpkg <file_name.fwpkg> 

remote example:
ilorest flashfwpkg <file_name.fwpkg> --url <iLO5_IP_Address> -u <iLO5_username> -p <iLO5_password>


This firmware package can also be installed with the latest version of Smart Update Manager (SUM).

Supplemental updates for supported ProLiant servers and options can be done by using SUM, which is found on the Service Pack for ProLiant (SPP) ISO.

  • Place the Service Pack for ProLiant on a USB key using the USB Key Creator Utility.
  • Place the desired firmware packages and components to be updated in the directory "\packages" on the USB key.

Update the firmware and software in the usual manner.

Reboot your system for the update to take effect immediately.

 


Release Notes

End User License Agreements:
The MIT License Agreement
OpenSSL License Agreement, Version 0.9.8
PNG Graphics File Format Software End User License Agreement
UEFI EDK2 License
zlib End User License Agreement
HPE Software License Agreement v1
Hewlett-Packard End User License Agreement


Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important:

Important Notes:

This revision of the System ROM contains enhancements to the HPE memory support to improve memory resiliency. Please consult the following Customer Advisory for additional details: https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00064444en_us

Deliverable Name:

HPE ProLiant DL360 Gen10 System ROM - U32

Release Version:

1.50_12-29-2018

Last Recommended or Critical Revision:

1.50_12-29-2018

Previous Revision:

1.46_10-02-2018

Firmware Dependencies:

None

Enhancements/New Features:

Improved the memory resiliency of the server with enhanced support for HPE Fast Fault Tolerant Memory (ADDDC) capabilities. This System ROM will now configure the Advanced Memory Protection mode of the server to HPE Fast Fault Tolerant (ADDDC) memory mode for all Workload Profiles except Low Latency and Custom if the feature is supported by the server's DIMM configuration. Note that if the Advanced Memory Protection mode had previously been configured for Mirroring or Online Spare, the setting will NOT be automatically changed to HPE Fast Fault Tolerant Memory (ADDDC) mode. Also, if the DIMM configuration does not support HPE Fast Fault Tolerant Memory (ADDDC) mode, then the Advanced Memory Protection Mode will remain Advanced ECC Mode. Note that if the current BIOS configuration settings are queried via Redfish or the RESTful API, the setting for the Advanced Memory Protection Mode will indicate this change.

Problems Fixed:

None

Known Issues:

None

Important

Important Notes:

This revision of the System ROM contains enhancements to the HPE memory support to improve memory resiliency. Please consult the following Customer Advisory for additional details: https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00064444en_us

Deliverable Name:

HPE ProLiant DL360 Gen10 System ROM - U32

Release Version:

1.50_12-29-2018

Last Recommended or Critical Revision:

1.50_12-29-2018

Previous Revision:

1.46_10-02-2018

Firmware Dependencies:

None

Enhancements/New Features:

Improved the memory resiliency of the server with enhanced support for HPE Fast Fault Tolerant Memory (ADDDC) capabilities. This System ROM will now configure the Advanced Memory Protection mode of the server to HPE Fast Fault Tolerant (ADDDC) memory mode for all Workload Profiles except Low Latency and Custom if the feature is supported by the server's DIMM configuration. Note that if the Advanced Memory Protection mode had previously been configured for Mirroring or Online Spare, the setting will NOT be automatically changed to HPE Fast Fault Tolerant Memory (ADDDC) mode. Also, if the DIMM configuration does not support HPE Fast Fault Tolerant Memory (ADDDC) mode, then the Advanced Memory Protection Mode will remain Advanced ECC Mode. Note that if the current BIOS configuration settings are queried via Redfish or the RESTful API, the setting for the Advanced Memory Protection Mode will indicate this change.

Problems Fixed:

None

Known Issues:

None

Revision History

Version:2.34_04-08-2020 (22 Apr 2020)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the serial port would not function properly when the iLO CLI serial interface was also enabled on the platform. This could lead to the serial BAUD rate not being configured properly and the serial output from the host would be corrupted or no output would be seen.

Addressed an issue where UEFI Serial Debug output could inadvertently be seen over BIOS Serial Console. This issue would be seen periodically on server reboots. This issue was introduced with System ROM v2.30 and did not impact servers using previous versions of the System ROM.

Addressed an extremely rare issue where the system could become unresponsive in POST when configured in Legacy Boot Mode when a USB Mouse is attached. This issue does not impact systems configured in UEFI Boot Mode.

Addressed an issue where boot devices could disappear from the Boot Options menu in the BIOS/Platform Configuration (RBSU) when pressing the F10 or F12 key to save boot order changes.

Known Issues:

None
Enhancements

Updated to the latest thermal support for the platform.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.32_03-09-2020(B) (29 Apr 2020)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This version of the System ROM contains the latest support for the HPE Smart Array s100i UEFI Driver. This system ROM is critical for customers who have enabled the HPE Smart Array s100i support. Please see advisory:  https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-a00097734en_us

Ver. 2.32_03-09-2020(B)  contains updates to the firmware packaging and is functionally equivalent to ver. 2.32_03-09-2020.  It is not necessary to upgrade with Revision B if a previous component revision was used to upgrade the firmware to version 2.32_03-09-2020.

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the HPE Smart Array s100i Software RAID may experience potential data inconsistency during initial configuration or operation of a RAID volume configured in RAID 0/1/5/10 Fault Tolerant Modes. This issue does not impact systems configured in other RAID configurations such as single RAID 0 or 1. This issue does not impact systems that have not enabled Smart Array s100i support.

Known Issues:

None


Version:2.32_03-09-2020 (13 Mar 2020)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This version of the System ROM contains the latest support for the HPE Smart Array s100i UEFI Driver. This system ROM is critical for customers who have enabled the HPE Smart Array s100i support. Please see advisory:  https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-a00097734en_us

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the HPE Smart Array s100i Software RAID may experience potential data inconsistency during initial configuration or operation of a RAID volume configured in RAID 0/1/5/10 Fault Tolerant Modes. This issue does not impact systems configured in other RAID configurations such as single RAID 0 or 1. This issue does not impact systems that have not enabled Smart Array s100i support.

Known Issues:

None


Version:2.30_02-11-2020 (14 Feb 2020)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of Intel microcode which addresses a Machine Check Exception failure when Fast Fault Tolerant Memory Mode (ADDDC) is enabled. In most cases, this issue results in the log of an Integrated Management Log (IML) Bank 7 or Bank 8 Machine Check Exception with a status of 0xB2000000:00200400 but can also result in a system reset with an Unexpected Shutdown logged. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigations for security vulnerabilities documented as CVE-2020-0548 and CVE-2020-0549, also known as CacheOut. These security vulnerabilities are documented in Intel Security Advisory INTEL-SA-00329. These issues are not unique to HPE servers.

Addressed an issue where the server may become unresponsive during POST with a Red Screen Exception (RSOD) when the server was reset (restarted) at the same time that an iLO firmware reset was initiated. Note that updating iLO firmware results in the reset of iLO firmware.

Addressed an issue where the System Utilities System Information data could not be successfully exported to an FTP (network) location. Previously the System Utilities would report the file was saved successfully but no actual information was saved on the network share.

Known Issues:

None

Enhancements

Added a new BIOS/Platform Configuration (RBSU) option to the Intel Persistent DC Performance Settings called Balanced Performance Mode. This option may improve performance of systems configured with Intel DC Persistent Memory with certain workloads.

Updated to the latest thermal support for the platform.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.22_11-13-2019 (18 Nov 2019)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

This version of the System ROM replaces the previously published v2.20 System ROM.  The v2.20 System ROM introduced an issue where a small subset LRDIMMs could experience an uncorrectable memory error. This issue had been previously fixed in the v2.14 ROM of the System ROM. Please consult the following advisory for additional details. https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00092445en_us

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest support for Intel Trusted eXecution Technology (TXT) which provides mitigation for CVE-2019-151. This mitigation is only needed for systems that have TXT enabled. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel Reference Code support that provides mitigations for the multiple security vulnerabilities. The following vulnerabilities have been addressed in this System ROM release: CVE-2019-11137, CVE-2019-152, and CVE-2019-11136. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an CVE-2017-5715, CVE-2019-11135 and CVE-2019-11139. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex micro-architectural conditions, executing X87 or AVX or integer divide instructions may results in unpredictable system behavior. This issue is not unique to HPE servers.

Addressed an issue where the system may become unresponsive during POST when both iLO and the server are reset simultaneously.

Addressed an issue where the server may experience a Red Screen (RSOD) during boot when a Matrox GPU is present and the server is booting in Legacy Boot Mode. This problem could occur with other optional PCIe graphics adapters. This issue is not intermittent and will occur on every boot with impacted optional PCIe graphics adapters with previous System ROM revisions. This issue is not seen with servers configured in UEFI Boot Mode or when using the embedded graphics controller.

Addressed an issue where the system may incorrectly report that a DIMM has been mapped out after a memory training failure in the Integrated Management Log (IML) when the DIMM is still present in the system memory map. The IML will now correctly indicate the memory training failure, but will not indicate that the DIMM has been mapped out. This change only impacts the IML logging of the error and does not impact the operation of the system.

Known Issues:

None

Enhancements

Updated to the latest thermal support for the platform.

Updated the language translations (non-English modes) for System Utilities.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.20_10-31-2019 (13 Nov 2019)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

REMOVED – Version 2.20 of HPE Gen10 system ROM is NO LONGER AVAILABLE for download. Please use the replacement version 2.22 or later. Version 2.20 has been removed from the web for the issue where a small subset LRDIMMs could experience an uncorrectable memory error. This issue had been previously fixed in version 2.14 of System ROM. Please consult the following advisory for additional details. https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00092445en_us

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest support for Intel Trusted eXecution Technology (TXT) which provides mitigation for CVE-2019-151. This mitigation is only needed for systems that have TXT enabled. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel Reference Code support that provides mitigations for the multiple security vulnerabilities. The following vulnerabilities have been addressed in this System ROM release: CVE-2019-11137, CVE-2019-152, and CVE-2019-11136. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an CVE-2017-5715, CVE-2019-11135 and CVE-2019-11139. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex micro-architectural conditions, executing X87 or AVX or integer divide instructions may results in unpredictable system behavior. This issue is not unique to HPE servers.

Addressed an issue where the system may become unresponsive during POST when both iLO and the server are reset simultaneously.

Addressed an issue where the server may experience a Red Screen (RSOD) during boot when a Matrox GPU is present and the server is booting in Legacy Boot Mode. This problem could occur with other optional PCIe graphics adapters. This issue is not intermittent and will occur on every boot with impacted optional PCIe graphics adapters with previous System ROM revisions. This issue is not seen with servers configured in UEFI Boot Mode or when using the embedded graphics controller.

Addressed an issue where the system may incorrectly report that a DIMM has been mapped out after a memory training failure in the Integrated Management Log (IML) when the DIMM is still present in the system memory map. The IML will now correctly indicate the memory training failure, but will not indicate that the DIMM has been mapped out. This change only impacts the IML logging of the error and does not impact the operation of the system.

Known Issues:

None

Enhancements

REMOVED – Version 2.20 of HPE Gen10 system ROM is NO LONGER AVAILABLE for download. Please use the replacement version 2.22 or later. Version 2.20 has been removed from the web for the issue where a small subset LRDIMMs could experience an uncorrectable memory error. This issue had been previously fixed in version 2.14 of System ROM. Please consult the following advisory for additional details. https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00092445en_us

Updated to the latest thermal support for the platform.

Updated the language translations (non-English modes) for System Utilities.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.16_09-12-2019 (26 Sep 2019)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

This version of the System ROM includes the latest revision of the Intel microcode which addresses an issue where the system may experience an unexpected machine check exception. This issue would be logged to the Integrated Management Log (IML) as a Bank 0x03 or Bank 0x04 with status 0xBE000000'00800400 or 0xFE000000'00800400 Machine Check Exception. This issue is not unique to HPE servers.

This version of the System ROM includes the latest version of the Intel microcode which addresses an issue where under complex microarchitectural conditions involving branch instructions that span multiple 64 byte boundaries, unpredictable system behavior may occur. This issue is not unique to HPE servers.

Known Issues:

None

Version:2.14_09-05-2019 (17 Sep 2019)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where certain 2933Mhz LRDIMMs (HPE part number P03054-091, P03055-091 and P11057-0A1) may experience an uncorrectable memory error when operating with a Second Generation Intel Xeon Scalable Processor. This issue can be seen when processor c-states are enabled on the platform. This issue does not impact 2666Mhz LRDIMMs or any speed RDIMM. HPE recommends that customers experiencing an uncorrectable memory error in one of these configurations update to this version of the System ROM before replacing any memory. This issue is not unique to HPE servers.

Known Issues:

None

Version:2.12_07-03-2019 (12 Sep 2019)
Enhancements

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Enhancements/New Features:

Added support for Network Choice (NC) SKUs of the HPE ProLiant DL360 Gen10 Server. These server SKUs do not include the embedded NIC. This revision of the System ROM supports all SKUs of the HPE ProLiant DL360 Gen10 Server, but does not include any new functionality or issue fixes for non-NC SKUs.

Known Issues:

None

Version:2.10_05-21-2019 (1 Jul 2019)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the Server Backup and Restore functionality may not work properly if initiated through the HPE RESTful API returning a message "An internal error occurred during RIS operation".

Addressed an issue where configuring memory to run at 2x refresh rate would still actually operate memory at 1x refresh rate. This issue was introduced with the v2.00 System ROM and did not impact earlier versions of the System ROM. This issue is not unique to HPE servers.

Addressed an issue where the NVMe PCIe Resource Padding option in BIOS/Platform Configuration (RBSU) would not properly allocated sufficient resources to support a NVMe hot add event. In certain configurations, an insufficient amount of resources would have been reserved and a reboot would have been required to detect the presence of the newly added drive.

Addressed an issue where the system would not boot to a USB drive when a non-bootable (non-formatted) drive was also present in the system. This issue only impacts systems configured in Legacy Boot Mode.

Known Issues:

None
Enhancements

Added support for HPE Persistent Memory featuring Intel Optane DC Persistent Memory.

Added a new BIOS/Platform Configuration (RBSU) option called Intel Priority Based Frequency to support enabling Intel Speed Select - Base Frequency support on select 2nd Generation Xeon Scalable Family Processors that are optimized for NFV workloads. This option, which is disabled by default, is located in the Processor Options menu and visible only when NFV optimized SKUs are installed (denoted by the N in the SKU model). On supported Operating Systems, Intel Speed Select - Based Frequency functionality allows high priority cores to operate at a higher frequency than the nominal base frequency while lower priority cores will run at a slower frequency.

Added a new BIOS/Platform Configuration (RBSU) I/O Direct Cache (IODC) menu to the Power and Performance Menu. This option allows for tuning the policy for which I/O transactions interact with the processor cache. The caching policy may have a slight impact on cross socket latency. Workloads where this option would need to be modified from its default value for optimum performance are extremely rare.

Added support for HPE Fast Fault Tolerant Memory (ADDDC) to operate when a single memory rank is only available on a given memory channel. Previous versions of the System ROM required two or more memory ranks to be available on each memory channel. After updating to this version of the System ROM the server will automatically configure the system for HPE Fast Fault Tolerant Memory Mode if the memory configuration supports this option.

Updated the UEFI OpenSSL support to version 1.0.2r to address security vulnerability CVE-2019-1559.


Version:2.04_04-18-2019 (2 May 2019)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and/or hypervisor updates, provides mitigation for a new group of side channel vulnerabilities known as Microarchitectural Data Sampling (MDS).  This includes support for mitigating the following vulnerabilities:  CVE-2018-12126 – Microarchitectural Store Buffer Data Sampling, CVE-2018-12130 – Microarchitectural Fill Buffer Data Sampling, CVE-2018-12127 – Microarchitectural Load Port Data Sampling, and CVE-2019-11091 – Microarchitectural Data Sampling Uncacheable Memory.  These issues are not unique to HPE servers.  Note that MDS is addressed in hardware for systems utilizing the Intel Second Generation Intel Xeon Scalable Processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and/or hypervisor updates, provides mitigation for a new group of side channel vulnerabilities known as Microarchitectural Data Sampling (MDS).  This includes support for mitigating the following vulnerabilities:  CVE-2018-12126 – Microarchitectural Store Buffer Data Sampling, CVE-2018-12130 – Microarchitectural Fill Buffer Data Sampling, CVE-2018-12127 – Microarchitectural Load Port Data Sampling, and CVE-2019-11091 – Microarchitectural Data Sampling Uncacheable Memory.  These issues are not unique to HPE servers.  Note that MDS is addressed in hardware for systems utilizing the Intel Second Generation Intel Xeon Scalable Processors.

This revision of the System ROM includes the latest revision of the Intel Reference code support that provides mitigations for a variety of security vulnerabilities.  The following vulnerabilities have been addressed in this System ROM release: CVE-2019-0119 and  CVE-and CVE-2019-0126.  These security vulnerabilities are not unique to HPE servers.

Addressed an issue where the system may experience a higher rate of boot time Memory training issues with Intel Xeon Scalable Performance Bronze, Silver and Gold 5x00 processors. This issue was first introduced with System ROM version 2.00. HPE recommends that any customer experiencing a memory issue immediately update to this version of the system ROM before replacing any components. This issue is not unique to HPE servers.

Known Issues:

None


Version:2.02_03-19-2019 (28 Mar 2019)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex microarchitectural conditions, software using Intel TSX (Transactional Synchronizations Extensions) may result in unpredictable system behavior. Intel has only seen this under synthetic testing conditions and is not aware of any commercially available software exhibiting this behavior. This issue is not unique to HPE servers.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex microarchitectural conditions, software using Intel TSX (Transactional Synchronizations Extensions) may result in unpredictable system behavior. Intel has only seen this under synthetic testing conditions and is not aware of any commercially available software exhibiting this behavior. This issue is not unique to HPE servers.

This system ROM contains the latest Intel microcode that addresses an issue where the system may experience an Uncorrected Machine Check Exception in Bank 0 with Status containing 000F0150. This update may not address all Bank 0 machine check events with a Status containing 000F0150 but should be used before any other further service actions for issues resulting in this Integrated Management Log (IML) entry. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the UEFI EDK2 support that provides mitigations for a variety of security vulnerabilities.  The following vulnerabilities have been addressed in this System ROM release: CVE-2018-3613 CVE-2017-5731, CVE-2017-5732, CVE-2017-5733, CVE-2017-5734, CVE-2017-5735, CVE-2018-3630, CVE-2018-12178, CVE-2018-12179, CVE-2018-12180, CVE-2018-12181, CVE-2018-12182, CVE-2018-12183, CVE-2018-12201, CVE-2018-12202, CVE-2018-12203, CVE-2018-12204 and CVE-2018-12205. For additional information please refer to the security bulletin at https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03912en_us.  These security vulnerabilities are not unique to HPE servers.

Addressed an issue in which the system may not properly boot to the HPE 8GB Dual microSD Flash USB Drive when an SD card is installed on the internal SD slot when the system is configured for Legacy Boot Mode. This issue does not impact systems in UEFI Boot Mode.

Addressed an issue where certain 3rd party USB drive keys may not function properly after a system reset when the system is configured in UEFI Boot Mode.

Addressed an issue where the HPE CN1000E-T adapter may not boot properly in Legacy Boot Mode.  This issue does not impact systems configured in UEFI Boot Mode.

Addressed an issue where firmware updates staged through the HPE RESTful API may fail to properly execute on a subsequent boot and be marked with an exception in the iLO firmware installation queue.

Addressed an issue where iLO virtual media may not boot properly after setting the Boot on Next Reset option in the iLO Remote Console and Media - Virtual Media settings.

Addressed an issue where the AHS Download application from the System Utilities Embedded Applications or UEFI Shell may fail to work properly with iLO firmware 1.30 or later.

Addressed an issue where the UEFI Shell sysconfig command may fail to set an option or become unresponsive.

Addressed an issue where an optional SATA DVD drive may not unlock and allow media to be ejected after an operating system reboot.

Addressed an issue where the system may become unresponsive during boot and experience a Red Screen (RSOD) when booting in Legacy Boot mode with a SATA M.2 drive installed. This issue does not impact systems in UEFI Boot Mode.

Addressed an issue where a USB KVM, such as the HP AF611A KVM,  may not function properly after a system reboot.

Known Issues:

This revision of the System ROM may result in a VMware PSOD (crash) when a system is configured with Intel Trusted eXecution Technology (TXT) enabled and the Trusted Platform Module (TPM) in TPM 1.2 Mode. This issue is only seen in certain memory configurations. Please consult the following HPE Customer Advisory for more details on this issue. https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00065453en_us

 

Enhancements

Added support for Intel Xeon Scalable Performance 3200, 4200, 5200, 6200 and 8200 series processors.

Added support for HPE One button secure erase. This option can be launched from the HPE Intelligent Provisioning application or through the HPE RESTful API to securely restore the system back to a default configuration.  This option also requires iLO firmware 1.40 or later, and Intelligent Provisioning 3.30 or later.

Added Secure Configuration Lock feature.  This feature can be enabled to detect system hardware, security configuration, or firmware revision changes to protect against malicious or unintended modifications to the server.  This protection can be enabled for systems in transit from the factory to the customer site, in transit from one customer site to another, or can be left enabled on a deployed server.  A new BIOS/Platform Configuration (RBSU) Server Configuration Lock menu in the Server Security Options is available to enable and configure this functionality.

Added a new BIOS/Platform Configuration (RBSU) Backup and Restore Settings menu to System Default Options. This option can be used to backup (save off) the current BIOS configurations settings to a USB storage device for migration to another server.

Added a new BIOS/Platform Configuration (RBSU) Opportunistic Self Refresh menu to Memory Options. This option can be enabled to reduce idle system power usage, but the system may incur additional memory latency.

Added a new BIOS/Platform Configuration (RBSU) Memory Controller Interleaving menu to Memory Options.  This option can be used to disable memory controller interleaving which may provide more balanced memory performance when a system is configured in an unbalanced memory configuration.

Added a new BIOS/Platform Configuration (RBSU) for dual bifurcation (quadfurcation) of PCIe Adapters to the Advanced PCIe Configuration Options. This option will allow a x16 PCIe device to be bifurcated into four x4 devices.  This option would only be used for PCIe Adapters that support this level of bifurcation.

Updated the system thermal logic to support the latest GPU adapters.

Updated the language translations (non-English modes) for System Utilities.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:1.50_12-29-2018 (30 Jan 2019)
Enhancements

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

This revision of the System ROM contains enhancements to the HPE memory support to improve memory resiliency. Please consult the following Customer Advisory for additional details: https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00064444en_us

Firmware Dependencies:

None

Enhancements/New Features:

Improved the memory resiliency of the server with enhanced support for HPE Fast Fault Tolerant Memory (ADDDC) capabilities. This System ROM will now configure the Advanced Memory Protection mode of the server to HPE Fast Fault Tolerant (ADDDC) memory mode for all Workload Profiles except Low Latency and Custom if the feature is supported by the server's DIMM configuration. Note that if the Advanced Memory Protection mode had previously been configured for Mirroring or Online Spare, the setting will NOT be automatically changed to HPE Fast Fault Tolerant Memory (ADDDC) mode. Also, if the DIMM configuration does not support HPE Fast Fault Tolerant Memory (ADDDC) mode, then the Advanced Memory Protection Mode will remain Advanced ECC Mode. Note that if the current BIOS configuration settings are queried via Redfish or the RESTful API, the setting for the Advanced Memory Protection Mode will indicate this change.

Known Issues:

None

Version:1.46_10-02-2018 (27 Nov 2018)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where early server video output, on a locally attached monitor, may not show correctly when the monitor is attached to the server through a KVM. This issue does not impact systems that are not using a KVM or video output through the iLO Remote Console application.

Addressed an issue where firmware flashing through the RESTful API could periodically fail and the task being marked with an exception in the iLO firmware page. This issue could impact flashing firmware such as the HPE Innovation Engine, Intel SPS Firmware or the optional HPE Trusted Platform Module (TPM).

Addressed an issue where a PCIe card would not properly train to its maximum speed when the PCIe Bifurcation option was enabled. This issue does not impact PCIe cards that do not require bifurcation.

Addressed an extremely rare issue where a system configured with an optional SATA DVD drive and an HPE SmartArray controller may become unresponsive during boot, usually with a Red Screen (RSOD), when in legacy boot mode. This issue does not impact systems in UEFI Boot Mode.

Addressed an issue where an optional PCIe card's legacy option ROM may not properly display its legacy setup menu prompt during boot when in legacy boot mode. This issue does not impact systems in UEFI Boot Mode.

Known Issues:

None
Enhancements

Added support for flashing the firmware of the optional HPE Trusted Platform Module (TPM). This is the minimum revision of the System ROM that should be used if updating the firmware on the optional HPE TPM module.

Added a new PCIe Peer-to-Peer Serialization option to the Advanced Performance Options menu in the BIOS/Platform Configuration (RBSU). This option can be used to improve peer-to-peer performance between two PCIe devices installed on the same processor. This option may improve performance in certain GP-GPU configurations.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:1.42_06-20-2018 (27 Sep 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This firmware version includes additional fixes (since version 1.40) for an issue where systems may experience a 389-Unexpected Shutdown and Restart, logged in the iLO Integrated Management Log (IML). This issue is not unique to HPE servers.

Addressed an issue where systems may log an erroneous Bank 4 Machine Check to the iLO Integrated Management Log (IML) on a system reset event. In most cases, this error can safely be ignored. This issue is not unique to HPE servers.

Addressed an issue where systems configured with NVDIMM-N Memory may experience a loss of persistent data during a system crash event that would cause a fatal processor error condition (IERR). This issue is not unique to HPE servers.

Known Issues:

None


Legal Disclaimer: Products sold prior to the November 1, 2015 separation of Hewlett-Packard Company into Hewlett Packard Enterprise Company and HP Inc. may have older product names and model numbers that differ from current models.