Printable version

Drivers & software

** CRITICAL ** Online ROM Flash Component for VMware ESXi- HP ProLiant DL580 Gen8 (P79) Servers

By downloading, you agree to the terms and conditions of the Hewlett Packard Enterprise Software License Agreement.
Note:  Some software requires a valid warranty, current Hewlett Packard Enterprise support contract, or a license fee.

Type: BIOS (Entitlement Required) - System ROM
Version: 2.20_05-21-2018(8 Jun 2018)
Operating System(s): VMware vSphere 5.1
VMware vSphere 5.5
VMware vSphere 6.0
VMware vSphere 6.5
File name: CP036498.zip (5.2 MB)
This component provides updated system firmware that can be installed directly on supported Operating Systems. Additionally, when used in conjunction with HP Smart Update Manager (HPSUM) and Insight Control for VMware vCenter, this Component allows the user to update firmware on remote servers from a central location. This remote deployment capability eliminates the need for the user to be physically present at the server in order to perform a firmware update.

None

Prerequisites:

This component requires that the following HPE  drivers be loaded before the component can run.

1.            The "HPE ProLiant iLO 3/4 Channel Interface Driver” (CHIF) must be installed and running.

The minimum iLO version for ESXi 5.1, 5.5, 6.0, and ESXi 6.5 is 1.4.

2.            The “Compaq ROM Utility Driver” (CRU) must be installed and running

The minimum CRU version for 5.1 is 5.0.3.9.
The minimum CRU version for 5.5 is 5.5.4.1.
The minimum CRU version for 6.0 is 6.0.8.
The minimum CRU version for 6.5 is 6.5.8.


To ensure the integrity of your download, HPE recommends verifying your results with this SHA-256 Checksum value:

ef5ca2a7101843ddfe6b732f7a48a0374a6328f3a3c0c636b325844792e610d3 CP036498.zip

Reboot Requirement:
Reboot is required after installation for updates to take effect and hardware stability to be maintained.


Installation:

IMPORTANT: This component requires that the CRU driver be loaded before the component can run.
The minimum CRU version for 5.1 is 5.0.3.9.
The minimum CRU version for 5.5 is 5.5.4.1.
The minimum CRU version for 6.0 is 6.0.8.
The minimum CRU version for 6.5 is 6.5.8.


Offline:

  • SPP Offline mode boots a special Linux OS environment, thus the Linux Smart Components are used, not the VMware Smart Components


Remote Online, if the component is supported by HP SUM but is not yet part of an SPP:
 

  • Download the Post-Production SPP from www.hpe.com/servers/SPP/download
  • Add the component to the SPP
  • Mount the SPP on a remote server running Windows or Linux that has a network connection to the ESXi host to be updated
  • Run HP SUM
  • Add the ESXi host to be updated as a remote target/node
  • Enter IP or DNS address of the ESXi host to be updated
  • Enter the ESXi host credentials (root or administrator username and password)
  • For HP SUM 6.0 and newer, select both the Additional Package with the added component and the SPP Baseline on the node Inventory page.
  • Follow HP Smart Update Manager Steps to complete the firmware update
  • Refer to the SPP documentation for detailed instructions at:  www.hpe.com/servers/spp

To use HP Insight Control for vCenter:

  • Log in to the vSphere Client
  • Select a server or cluster in the inventory tree
  • Click the HP Insight Management tab
  • Follow Insight Control for vCenter steps to update firmware using a Smart Component

To update firmware from VMware ESXi operating system on target server:

  • Enable Tech Support Mode on the ESXi host
  • Login as root. (You must be root in order to apply the update)
  • Place the Smart Component ( CPxxxxxx.zip) in a temporary directory
  • From the same directory, unzip the Smart Component:
    unzip CPxxxxxx.zip
  • To perform the standalone installation, execute the command:
    CPxxxxxx.vmexe
  • Follow the directions given by the Smart Component
  • Logout
  • Disable Tech Support Mode on the ESXi host
  • Reboot your system for the firmware update to take effect

End User License Agreements:
OpenSSL License Agreement, Version 0.9.8
UEFI EDK2 License
HPE Software License Agreement v1
Hewlett-Packard End User License Agreement


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important:

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Deliverable Name:

HP ProLiant DL580 Gen8 System ROM - P79

Release Date:

2.20_05-21-2018

Last Recommended or Critical Revision:

2.20_05-21-2018

Previous Revision:

2.00_02-22-2018

Firmware Dependencies:

None

Enhancements/New Features:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Deliverable Name:

HP ProLiant DL580 Gen8 System ROM - P79

Release Date:

2.20_05-21-2018

Last Recommended or Critical Revision:

2.20_05-21-2018

Previous Revision:

2.00_02-22-2018

Firmware Dependencies:

None

Enhancements/New Features:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None

Version:2.20_05-21-2018 (8 Jun 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None

Enhancements

None


Version:2.00_02-22-2018(B) (16 Mar 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for Variant 2 of the Side Channel Analysis vulnerability, also known as Spectre. The revision of the microcode included in this System ROM does NOT have issues with more frequent reboots and unpredictable system behavior which impacted the previous Intel microcode which was part of the Spectre Variant 2 mitigation. Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.

Ver. 2.00_02-22-2018 (B) contains support for VMware vSphere 6.5.  It is functionally equivalent to ver. 2.00_02-22-2018.  It is not necessary to upgrade with version 2.00_02-22-2018 (B) if a previous component revision was used to upgrade the firmware to ver. 2.00_02-22-2018.

Firmware Dependencies:

None

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Known Issues:

None


Version:2.00_02-22-2018 (2 Mar 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for Variant 2 of the Side Channel Analysis vulnerability, also known as Spectre. The revision of the microcode included in this System ROM does NOT have issues with more frequent reboots and unpredictable system behavior which impacted the previous Intel microcode which was part of the Spectre Variant 2 mitigation. Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.

Firmware Dependencies:

None

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Known Issues:

None

Enhancements

None


Version:1.94_02-19-2016 (24 Oct 2016)
Enhancements

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Enhancements/New Features:

Added a new System Utilities BIOS/Platform Configuration (RBSU) PCIe I/O Allocation menu that allows the user to select how PCIe resources are allocated between PCIe slots. This option should be used when multiple PCIe expansion cards, such as Graphics Adapters, are installed in the system and the default resource allocations are not sufficient.

Added a new System Utilities BIOS/Platform Configuration (RBSU) IPv6 DHCP Unique Identifier menu that allows the user to select how the UEFI BIOS will use the DHCP Unique Identifier (DUID) for IPv6 PXE Boot. By default, the system will use the server's Unique Universal Identifier (UUID). The user can now optionally select to use the DUID-LLT as the unique identifier for PXE Boot. This setting applies when the server is configured to UEFI Boot Mode.
 

Known Issues:

None

Version:1.96_08-18-2016 (21 Oct 2016)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where a system experiencing a high rate of correctable memory errors may reset unexpectedly and log a fatal error in the Integrated Management Log (IML).

Known Issues:

None
Enhancements

Improved the thermal cooling solution of the server when the Thermal Configuration setting is configured to its default state of Optimal Cooling, which addresses an issue with temperature fluctuations on the embedded HPE Smart Array P830i controller that may result in component failure and unpredictable system behavior.


Version:1.92_10-27-2015 (1 Apr 2016)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None 

Firmware Dependencies:

None

Problems Fixed:          

Addressed an issue where processor temperatures may not be reported properly when the server was configured with 3 processors. This issue does not affect systems configured with a different amount of processors installed.

Addressed an issue where a message would not be logged to the Integrated Management Log (IML) when a DIMM failed to train and was not available to the Operating System.

Known Issues:

None

Enhancements

Added an option for “Configure for 2 minimum required, 4 required for redundancy” to the Power Supply Requirements Override setting in the ROM-Based Setup Utility (RBSU).  This option can be selected to force the system to use “2+2” power supply redundancy.  This option should only be selected if the HP Power Advisor indicates the system’s configuration allows the server to operate properly with two power supplies installed.  This option was incorrectly not included in RBSU in previous revisions of the System ROM.  It could be configured using CONREP and was honored by the System ROM.  If this option was previously configured with CONREP, updating to this revision of the System ROM will NOT impact the power supply requirements.

Added a Date and Time BIOS/Platform Configuration (RBSU) option to configure the Time Format.  This option controls how the system date and time is stored in the Real Time Clock and presented to the operating system. By default, the time is formatted for Coordinated Universal Time (UTC). The users may optionally change the time format to Local Time which removes the use of the time zone. This option may be used to work around interaction issues between the system and Microsoft Windows operating systems running in legacy boot mode that can result in the time to be incorrect.


Version:1.90_07-20-2015 (10 Aug 2015)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue in which an Interphase audio streaming PCI-express expansion card may not achieve optimal performance resulting in dropped packets when streaming data.  A similar issue could be seen with other PCI-express expansion cards implemented with a PCI device behind a PLX PCIe-to-PCI bridge.  This type of PCI-express card implementation is more common with older PCI-express expansion cards.

Addressed an issue where the server may become unresponsive during boot when configured with a very large number of disks such as fibre adapters.

Known Issues:

None
Enhancements

Added a new System Utilities BIOS/Platform Configuration (RBSU) Fibre Channel/FCoE Scan Policy menu that allows the user to select how the UEFI BIOS will scan for valid Fibre Channel (or boot from SAN) boot targets. By default, the system will now only scan for Fibre Channel boot targets that are configured in each adapter. In the past, the system would scan for all Fibre Channel or FCoE available targets, potentially resulting in long boot times and large number of entries in the UEFI Boot Order list. The boot targets for adapters can be configured using the adapter specific menu in the System Utilities, System Configuration menu, or using management software such as HP Virtual Connect or HP OneView. This setting is applicable only in UEFI Boot Mode. A firmware update of the fibre channel controller might also be required to take full advantage of this feature.

Enhanced the thermal solution to provide better acoustics from the system fans.


Version:1.80_05-06-2015 (15 Jun 2015)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where optional PCIe graphics controllers could not be used in pass-through mode to a virtual machine under a hypervisor based operating system.

Addressed an issue where an optional PCIe graphics controller may not be detected if it is installed on any PCIe slot except slot 9. If installed in slot 9, this issue will not occur.
                          

Known Issues:

None

Version:1.60_11-26-2014 (30 Mar 2015)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the HP FlexibleLOM port numbers would not be reported accurately under certain operating systems such as Red Hat Linux.

Addressed an issue where the server might become unresponsive during POST when a failed LRDIMM was installed in the system. Instead, the system will now properly map out the failed DIMM and log the event to the Integrated Management Log (IML).

Addressed an issue where HP StoreFabric CN1100R Dual Port Converged Network Adapter (P/N: QW990A) would not properly report status in the System Utilities Device Health Status page.

Addressed an issue where the HP Scripting Toolkit may fail to run properly and prompt for an Administrator Password even when no password is currently configured on the server.

Addressed an extremely rare issue where the server would fail to boot Intelligent Provisioning when pressing F10 during system boot.

Known Issues:

None
Enhancements

Enhanced the cooling solution for the server when the Thermal Configuration is set for Increased Cooling.

Added support for Memory Mirroring. This option can now be enabled through the System Utilities BIOS/Platform Configuration (RBSU) Advanced Memory Protection option. Please consult documentation for supported configurations.


Version:1.40_08-01-2014 (B) (19 Sep 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the system would not boot into certain versions of Linux operating systems when the Processor x2APIC Support option is configured as enabled. This option is set to disabled by default.

Addressed an issue where the server’s boot order could not be configured using the “sysconfig” command in the Embedded UEFI Shell.

Addressed an issue where pressing the F12 key during system boot to initiate a Network Boot attempt may cause all other “hot keys” (function key prompts) to disappear from the screen. This issue was only seen when the Boot Mode is configured for Legacy BIOS Mode. This issue only exists with revision 1.03 (06/27/2014) of the System ROM.

Known Issues:

None
Enhancements

Enhanced memory performance slightly for servers using 32 GB or 64 GB LRDIMMs.


Version:1.03_06-27-2014 (1 Aug 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the server may identify failed or degraded DIMMs incorrectly when a memory error occurs when the Advanced Memory Protection (AMP) mode is configured for Lockstep Mode with DDDC Support.

Addressed a rare and intermittent issue where the server may fail to boot from an iLO Virtual Media device.

Addressed an issue where optional Graphics Cards (GPUs) may be reported as Unknown Devices in the System Configuration Utility.

Addressed an issue where the server may not log memory failure events to the Integrated Memory Log when non-HP SmartMemory DIMMs are present in the system.

Addressed an issue where the Power Settings page in the iLO 4 GUI will display "Power Capabilities are UNKNOWN" and the user will not be able to configure a Dynamic Power Cap for limiting the server's maximum power usage.

Addressed an issue where the server would prompt twice for the Power-On Password when the server has a Power-On Password configured.

Known Issues:

None
Enhancements

Added support for 64GB LRDIMMs. Previous revisions of the System ROM should NOT be used with any DIMM configurations containing 64 GB LRDIMMs.

Added support for SDDC+1 and DDDC+1. SDDC+1 provides protection against single bit failures even after a DRAM device has failed within a DIMM rank. DDDC+1 provides protection against single bit failures even after two DRAM devices within a DIMM rank have failed. This functionality works automatically.

Added support for nVidia GPUs. This revision of the System ROM has support to allow monitoring the temperature of the option card for improved thermals.

Increased the DIMM speed for several 3 DIMM Per Channel (DPC) configurations when the Advanced Memory Protection mode is configured for Advanced ECC Support when using RDIMMs.

Increased the DIMM speed for numerous configurations when the Advanced Memory Protection mode is configured for Lockstep Mode with DDDC Support when using RDIMMs.


Version:1.02_04-01-2014 (2 May 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed a processor issue which can result in a Blue Screen of Death (BSOD) in a Windows virtual machine or Linux Kernel Panic in a Linux virtual machine when running on VMware ESX 5.x or Microsoft Hyper-V on Intel Xeon E7-4800 series v2 processors. This issue is not unique to HP ProLiant servers and could impact any system utilizing affected processors operating with the conditions listed. This revision of the System ROM contains an updated version of Intel's microcode that addresses this issue.

Known Issues:

None

Version:1.01_03-19-2014 (B) (2 May 2014)
Fixes

Upgrade Requirement:
Recommended - HP recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the server might not be able to achieve optimal performance under certain conditions. One symptom of this issue is the processors not entering Turbo Mode frequencies as often as expected.

Addressed an issue where the system might become unresponsive during system boot (POST) after an unrecoverable error event that results in a system reset. This issue applies to certain models of Intel E7-8800/4800 v2 series processor that have core counts of 8 or less. Note that this issue does not result in the unrecoverable error event and system reset, but results in the system becoming unresponsive during system boot.

Addressed an issue where the BIOS Serial Console redirection support might stop functioning when the server enters the Embedded UEFI Shell.

Addressed various issues with the configuration of Trusted Platform Module (TPM) options in the BIOS/Platform Configuration (RBSU).

Addressed an issue where servers configured for Legacy Boot Mode might not be able to boot certain operating system installations that install a Master Boot Record, which is not marked as Active. When this issue occurs, the server might experience a Non-System Disk Error or not boot the intended media. This issue does not impact systems configured in UEFI Boot Mode.

Known Issues:

None
Enhancements

Added support for Online Spare Advanced Memory Protection Mode. This feature can be enabled from the BIOS/Platform Configuration (RBSU) Advanced Memory Protection menu under System Options. See the HP ProLiant DL580 Gen8 User Guide for the proper memory installation requirements to support this mode.

Added support for Double Device Data Correction (DDDC) Memory Protection Mode. This feature provides additional protection against uncorrectable memory errors while still allowing all installed memory to be available to the operating system. This mode of operation requires specific DIMM population requirements and reduces memory bandwidth performance. This feature can be enabled from the BIOS/Platform Configuration (RBSU) Advanced Memory Protection menu under System Options. See the HP ProLiant DL580 Gen8 User Guide for the proper memory installation requirements to support this mode.

Added a BIOS/Platform Configuration (RBSU) option to allow configuring the time zone. Note that not all operating systems use this setting for the time zone. See the OS documentation to determine whether the installed operating system uses the time zone configured by the BIOS.

Added updated language translations (for non-English modes) in the BIOS/Platform Configuration (RBSU).

Added support for systems configured in Legacy Boot Mode to auto detect new mass storage bootable devices, such as storage controllers, and add them to the Standard Boot Order (IPL) list without requiring a reboot. This allows devices in the BIOS/Platform Configuration (RBSU) to be configured without having to boot once prior to entering RBSU. This functionality was already supported in UEFI Boot Mode.


Version:1.00_01-24-2014 (B) (25 Feb 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

CP022665.SCEXE  ver. 1.00_01-24-2014 (B), which replaces the previous CP022605.SCEXE  ver. 1.00_01-24-2014 (A), addresses an issue with flash support for VMWare vSphere 5.1.  The firmware payload contained in CP022605.scexe ver. 1.00_01-24-2014 (A) is functionally equivalent to CP022665.scexe ver. 1.00_01-24-2014 (B) and therefore it is not necessary to upgrade with Revision B if Revision A was previously used to upgrade the system ROM.

When attempting to flash this firmware update on an HP ProLiant DL580 Gen8 server running VMware ESXi 5.5 on the command line, the smart component will display the error:
"Unknown parameter passed [f]" for the command line options -f, -r, -e and -g.
When attempting to flash this firmware update on an HP ProLiant DL580 Gen8 running VMware ESXi 5.5 through HP SUM, SUM fails with the error:
"The job did not complete normally and an error has occurred. Job has completed."
"Flasher returned error code: 6"
The firmware update continues and completes successfully and the error message can be ignored.  For additional details, please consult Advisory c04127124 at  http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04127124


Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where VMware ESXi 5.5 may have not been able to determine the date and time. This may result in the date and time being reported as 1/1/2001:00:00:00 and a license expiration issue when adding the server to vCenter.

Known Issues:

None

Version:1.00_01-14-2014 (18 Feb 2014)
Enhancements

Upgrade Requirement:
Recommended - HP recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Enhancements:

This is the initial version of the firmware.

Known Issues:

None

Version:1.00_01-24-2014 (18 Feb 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where VMware ESXi 5.5 may have not be able to determine the date and time. This may result in the date and time being reported as 1/1/2001:00:00:00 and a license expiration issue when adding the server to vCenter.

Known Issues:

None

Type: BIOS (Entitlement Required) - System ROM
Version: 2.20_05-21-2018(8 Jun 2018)
Operating System(s):
VMware vSphere 5.1
VMware vSphere 5.5
VMware vSphere 6.0
VMware vSphere 6.5

Description

This component provides updated system firmware that can be installed directly on supported Operating Systems. Additionally, when used in conjunction with HP Smart Update Manager (HPSUM) and Insight Control for VMware vCenter, this Component allows the user to update firmware on remote servers from a central location. This remote deployment capability eliminates the need for the user to be physically present at the server in order to perform a firmware update.

Enhancements

None

Installation Instructions

Prerequisites:

This component requires that the following HPE  drivers be loaded before the component can run.

1.            The "HPE ProLiant iLO 3/4 Channel Interface Driver” (CHIF) must be installed and running.

The minimum iLO version for ESXi 5.1, 5.5, 6.0, and ESXi 6.5 is 1.4.

2.            The “Compaq ROM Utility Driver” (CRU) must be installed and running

The minimum CRU version for 5.1 is 5.0.3.9.
The minimum CRU version for 5.5 is 5.5.4.1.
The minimum CRU version for 6.0 is 6.0.8.
The minimum CRU version for 6.5 is 6.5.8.


To ensure the integrity of your download, HPE recommends verifying your results with this SHA-256 Checksum value:

ef5ca2a7101843ddfe6b732f7a48a0374a6328f3a3c0c636b325844792e610d3 CP036498.zip

Reboot Requirement:
Reboot is required after installation for updates to take effect and hardware stability to be maintained.


Installation:

IMPORTANT: This component requires that the CRU driver be loaded before the component can run.
The minimum CRU version for 5.1 is 5.0.3.9.
The minimum CRU version for 5.5 is 5.5.4.1.
The minimum CRU version for 6.0 is 6.0.8.
The minimum CRU version for 6.5 is 6.5.8.


Offline:

  • SPP Offline mode boots a special Linux OS environment, thus the Linux Smart Components are used, not the VMware Smart Components


Remote Online, if the component is supported by HP SUM but is not yet part of an SPP:
 

  • Download the Post-Production SPP from www.hpe.com/servers/SPP/download
  • Add the component to the SPP
  • Mount the SPP on a remote server running Windows or Linux that has a network connection to the ESXi host to be updated
  • Run HP SUM
  • Add the ESXi host to be updated as a remote target/node
  • Enter IP or DNS address of the ESXi host to be updated
  • Enter the ESXi host credentials (root or administrator username and password)
  • For HP SUM 6.0 and newer, select both the Additional Package with the added component and the SPP Baseline on the node Inventory page.
  • Follow HP Smart Update Manager Steps to complete the firmware update
  • Refer to the SPP documentation for detailed instructions at:  www.hpe.com/servers/spp

To use HP Insight Control for vCenter:

  • Log in to the vSphere Client
  • Select a server or cluster in the inventory tree
  • Click the HP Insight Management tab
  • Follow Insight Control for vCenter steps to update firmware using a Smart Component

To update firmware from VMware ESXi operating system on target server:

  • Enable Tech Support Mode on the ESXi host
  • Login as root. (You must be root in order to apply the update)
  • Place the Smart Component ( CPxxxxxx.zip) in a temporary directory
  • From the same directory, unzip the Smart Component:
    unzip CPxxxxxx.zip
  • To perform the standalone installation, execute the command:
    CPxxxxxx.vmexe
  • Follow the directions given by the Smart Component
  • Logout
  • Disable Tech Support Mode on the ESXi host
  • Reboot your system for the firmware update to take effect

Release Notes

End User License Agreements:
OpenSSL License Agreement, Version 0.9.8
UEFI EDK2 License
HPE Software License Agreement v1
Hewlett-Packard End User License Agreement


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important:

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Deliverable Name:

HP ProLiant DL580 Gen8 System ROM - P79

Release Date:

2.20_05-21-2018

Last Recommended or Critical Revision:

2.20_05-21-2018

Previous Revision:

2.00_02-22-2018

Firmware Dependencies:

None

Enhancements/New Features:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None


Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None

Important

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Deliverable Name:

HP ProLiant DL580 Gen8 System ROM - P79

Release Date:

2.20_05-21-2018

Last Recommended or Critical Revision:

2.20_05-21-2018

Previous Revision:

2.00_02-22-2018

Firmware Dependencies:

None

Enhancements/New Features:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None

Revision History

Version:2.20_05-21-2018 (8 Jun 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None

Enhancements

None


Version:2.00_02-22-2018(B) (16 Mar 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for Variant 2 of the Side Channel Analysis vulnerability, also known as Spectre. The revision of the microcode included in this System ROM does NOT have issues with more frequent reboots and unpredictable system behavior which impacted the previous Intel microcode which was part of the Spectre Variant 2 mitigation. Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.

Ver. 2.00_02-22-2018 (B) contains support for VMware vSphere 6.5.  It is functionally equivalent to ver. 2.00_02-22-2018.  It is not necessary to upgrade with version 2.00_02-22-2018 (B) if a previous component revision was used to upgrade the firmware to ver. 2.00_02-22-2018.

Firmware Dependencies:

None

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Known Issues:

None


Version:2.00_02-22-2018 (2 Mar 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for Variant 2 of the Side Channel Analysis vulnerability, also known as Spectre. The revision of the microcode included in this System ROM does NOT have issues with more frequent reboots and unpredictable system behavior which impacted the previous Intel microcode which was part of the Spectre Variant 2 mitigation. Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.

Firmware Dependencies:

None

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Known Issues:

None

Enhancements

None


Version:1.94_02-19-2016 (24 Oct 2016)
Enhancements

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Enhancements/New Features:

Added a new System Utilities BIOS/Platform Configuration (RBSU) PCIe I/O Allocation menu that allows the user to select how PCIe resources are allocated between PCIe slots. This option should be used when multiple PCIe expansion cards, such as Graphics Adapters, are installed in the system and the default resource allocations are not sufficient.

Added a new System Utilities BIOS/Platform Configuration (RBSU) IPv6 DHCP Unique Identifier menu that allows the user to select how the UEFI BIOS will use the DHCP Unique Identifier (DUID) for IPv6 PXE Boot. By default, the system will use the server's Unique Universal Identifier (UUID). The user can now optionally select to use the DUID-LLT as the unique identifier for PXE Boot. This setting applies when the server is configured to UEFI Boot Mode.
 

Known Issues:

None

Version:1.96_08-18-2016 (21 Oct 2016)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where a system experiencing a high rate of correctable memory errors may reset unexpectedly and log a fatal error in the Integrated Management Log (IML).

Known Issues:

None
Enhancements

Improved the thermal cooling solution of the server when the Thermal Configuration setting is configured to its default state of Optimal Cooling, which addresses an issue with temperature fluctuations on the embedded HPE Smart Array P830i controller that may result in component failure and unpredictable system behavior.


Version:1.92_10-27-2015 (1 Apr 2016)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None 

Firmware Dependencies:

None

Problems Fixed:          

Addressed an issue where processor temperatures may not be reported properly when the server was configured with 3 processors. This issue does not affect systems configured with a different amount of processors installed.

Addressed an issue where a message would not be logged to the Integrated Management Log (IML) when a DIMM failed to train and was not available to the Operating System.

Known Issues:

None

Enhancements

Added an option for “Configure for 2 minimum required, 4 required for redundancy” to the Power Supply Requirements Override setting in the ROM-Based Setup Utility (RBSU).  This option can be selected to force the system to use “2+2” power supply redundancy.  This option should only be selected if the HP Power Advisor indicates the system’s configuration allows the server to operate properly with two power supplies installed.  This option was incorrectly not included in RBSU in previous revisions of the System ROM.  It could be configured using CONREP and was honored by the System ROM.  If this option was previously configured with CONREP, updating to this revision of the System ROM will NOT impact the power supply requirements.

Added a Date and Time BIOS/Platform Configuration (RBSU) option to configure the Time Format.  This option controls how the system date and time is stored in the Real Time Clock and presented to the operating system. By default, the time is formatted for Coordinated Universal Time (UTC). The users may optionally change the time format to Local Time which removes the use of the time zone. This option may be used to work around interaction issues between the system and Microsoft Windows operating systems running in legacy boot mode that can result in the time to be incorrect.


Version:1.90_07-20-2015 (10 Aug 2015)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue in which an Interphase audio streaming PCI-express expansion card may not achieve optimal performance resulting in dropped packets when streaming data.  A similar issue could be seen with other PCI-express expansion cards implemented with a PCI device behind a PLX PCIe-to-PCI bridge.  This type of PCI-express card implementation is more common with older PCI-express expansion cards.

Addressed an issue where the server may become unresponsive during boot when configured with a very large number of disks such as fibre adapters.

Known Issues:

None
Enhancements

Added a new System Utilities BIOS/Platform Configuration (RBSU) Fibre Channel/FCoE Scan Policy menu that allows the user to select how the UEFI BIOS will scan for valid Fibre Channel (or boot from SAN) boot targets. By default, the system will now only scan for Fibre Channel boot targets that are configured in each adapter. In the past, the system would scan for all Fibre Channel or FCoE available targets, potentially resulting in long boot times and large number of entries in the UEFI Boot Order list. The boot targets for adapters can be configured using the adapter specific menu in the System Utilities, System Configuration menu, or using management software such as HP Virtual Connect or HP OneView. This setting is applicable only in UEFI Boot Mode. A firmware update of the fibre channel controller might also be required to take full advantage of this feature.

Enhanced the thermal solution to provide better acoustics from the system fans.


Version:1.80_05-06-2015 (15 Jun 2015)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where optional PCIe graphics controllers could not be used in pass-through mode to a virtual machine under a hypervisor based operating system.

Addressed an issue where an optional PCIe graphics controller may not be detected if it is installed on any PCIe slot except slot 9. If installed in slot 9, this issue will not occur.
                          

Known Issues:

None

Version:1.60_11-26-2014 (30 Mar 2015)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the HP FlexibleLOM port numbers would not be reported accurately under certain operating systems such as Red Hat Linux.

Addressed an issue where the server might become unresponsive during POST when a failed LRDIMM was installed in the system. Instead, the system will now properly map out the failed DIMM and log the event to the Integrated Management Log (IML).

Addressed an issue where HP StoreFabric CN1100R Dual Port Converged Network Adapter (P/N: QW990A) would not properly report status in the System Utilities Device Health Status page.

Addressed an issue where the HP Scripting Toolkit may fail to run properly and prompt for an Administrator Password even when no password is currently configured on the server.

Addressed an extremely rare issue where the server would fail to boot Intelligent Provisioning when pressing F10 during system boot.

Known Issues:

None
Enhancements

Enhanced the cooling solution for the server when the Thermal Configuration is set for Increased Cooling.

Added support for Memory Mirroring. This option can now be enabled through the System Utilities BIOS/Platform Configuration (RBSU) Advanced Memory Protection option. Please consult documentation for supported configurations.


Version:1.40_08-01-2014 (B) (19 Sep 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the system would not boot into certain versions of Linux operating systems when the Processor x2APIC Support option is configured as enabled. This option is set to disabled by default.

Addressed an issue where the server’s boot order could not be configured using the “sysconfig” command in the Embedded UEFI Shell.

Addressed an issue where pressing the F12 key during system boot to initiate a Network Boot attempt may cause all other “hot keys” (function key prompts) to disappear from the screen. This issue was only seen when the Boot Mode is configured for Legacy BIOS Mode. This issue only exists with revision 1.03 (06/27/2014) of the System ROM.

Known Issues:

None
Enhancements

Enhanced memory performance slightly for servers using 32 GB or 64 GB LRDIMMs.


Version:1.03_06-27-2014 (1 Aug 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the server may identify failed or degraded DIMMs incorrectly when a memory error occurs when the Advanced Memory Protection (AMP) mode is configured for Lockstep Mode with DDDC Support.

Addressed a rare and intermittent issue where the server may fail to boot from an iLO Virtual Media device.

Addressed an issue where optional Graphics Cards (GPUs) may be reported as Unknown Devices in the System Configuration Utility.

Addressed an issue where the server may not log memory failure events to the Integrated Memory Log when non-HP SmartMemory DIMMs are present in the system.

Addressed an issue where the Power Settings page in the iLO 4 GUI will display "Power Capabilities are UNKNOWN" and the user will not be able to configure a Dynamic Power Cap for limiting the server's maximum power usage.

Addressed an issue where the server would prompt twice for the Power-On Password when the server has a Power-On Password configured.

Known Issues:

None
Enhancements

Added support for 64GB LRDIMMs. Previous revisions of the System ROM should NOT be used with any DIMM configurations containing 64 GB LRDIMMs.

Added support for SDDC+1 and DDDC+1. SDDC+1 provides protection against single bit failures even after a DRAM device has failed within a DIMM rank. DDDC+1 provides protection against single bit failures even after two DRAM devices within a DIMM rank have failed. This functionality works automatically.

Added support for nVidia GPUs. This revision of the System ROM has support to allow monitoring the temperature of the option card for improved thermals.

Increased the DIMM speed for several 3 DIMM Per Channel (DPC) configurations when the Advanced Memory Protection mode is configured for Advanced ECC Support when using RDIMMs.

Increased the DIMM speed for numerous configurations when the Advanced Memory Protection mode is configured for Lockstep Mode with DDDC Support when using RDIMMs.


Version:1.02_04-01-2014 (2 May 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed a processor issue which can result in a Blue Screen of Death (BSOD) in a Windows virtual machine or Linux Kernel Panic in a Linux virtual machine when running on VMware ESX 5.x or Microsoft Hyper-V on Intel Xeon E7-4800 series v2 processors. This issue is not unique to HP ProLiant servers and could impact any system utilizing affected processors operating with the conditions listed. This revision of the System ROM contains an updated version of Intel's microcode that addresses this issue.

Known Issues:

None

Version:1.01_03-19-2014 (B) (2 May 2014)
Fixes

Upgrade Requirement:
Recommended - HP recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the server might not be able to achieve optimal performance under certain conditions. One symptom of this issue is the processors not entering Turbo Mode frequencies as often as expected.

Addressed an issue where the system might become unresponsive during system boot (POST) after an unrecoverable error event that results in a system reset. This issue applies to certain models of Intel E7-8800/4800 v2 series processor that have core counts of 8 or less. Note that this issue does not result in the unrecoverable error event and system reset, but results in the system becoming unresponsive during system boot.

Addressed an issue where the BIOS Serial Console redirection support might stop functioning when the server enters the Embedded UEFI Shell.

Addressed various issues with the configuration of Trusted Platform Module (TPM) options in the BIOS/Platform Configuration (RBSU).

Addressed an issue where servers configured for Legacy Boot Mode might not be able to boot certain operating system installations that install a Master Boot Record, which is not marked as Active. When this issue occurs, the server might experience a Non-System Disk Error or not boot the intended media. This issue does not impact systems configured in UEFI Boot Mode.

Known Issues:

None
Enhancements

Added support for Online Spare Advanced Memory Protection Mode. This feature can be enabled from the BIOS/Platform Configuration (RBSU) Advanced Memory Protection menu under System Options. See the HP ProLiant DL580 Gen8 User Guide for the proper memory installation requirements to support this mode.

Added support for Double Device Data Correction (DDDC) Memory Protection Mode. This feature provides additional protection against uncorrectable memory errors while still allowing all installed memory to be available to the operating system. This mode of operation requires specific DIMM population requirements and reduces memory bandwidth performance. This feature can be enabled from the BIOS/Platform Configuration (RBSU) Advanced Memory Protection menu under System Options. See the HP ProLiant DL580 Gen8 User Guide for the proper memory installation requirements to support this mode.

Added a BIOS/Platform Configuration (RBSU) option to allow configuring the time zone. Note that not all operating systems use this setting for the time zone. See the OS documentation to determine whether the installed operating system uses the time zone configured by the BIOS.

Added updated language translations (for non-English modes) in the BIOS/Platform Configuration (RBSU).

Added support for systems configured in Legacy Boot Mode to auto detect new mass storage bootable devices, such as storage controllers, and add them to the Standard Boot Order (IPL) list without requiring a reboot. This allows devices in the BIOS/Platform Configuration (RBSU) to be configured without having to boot once prior to entering RBSU. This functionality was already supported in UEFI Boot Mode.


Version:1.00_01-24-2014 (B) (25 Feb 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

CP022665.SCEXE  ver. 1.00_01-24-2014 (B), which replaces the previous CP022605.SCEXE  ver. 1.00_01-24-2014 (A), addresses an issue with flash support for VMWare vSphere 5.1.  The firmware payload contained in CP022605.scexe ver. 1.00_01-24-2014 (A) is functionally equivalent to CP022665.scexe ver. 1.00_01-24-2014 (B) and therefore it is not necessary to upgrade with Revision B if Revision A was previously used to upgrade the system ROM.

When attempting to flash this firmware update on an HP ProLiant DL580 Gen8 server running VMware ESXi 5.5 on the command line, the smart component will display the error:
"Unknown parameter passed [f]" for the command line options -f, -r, -e and -g.
When attempting to flash this firmware update on an HP ProLiant DL580 Gen8 running VMware ESXi 5.5 through HP SUM, SUM fails with the error:
"The job did not complete normally and an error has occurred. Job has completed."
"Flasher returned error code: 6"
The firmware update continues and completes successfully and the error message can be ignored.  For additional details, please consult Advisory c04127124 at  http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04127124


Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where VMware ESXi 5.5 may have not been able to determine the date and time. This may result in the date and time being reported as 1/1/2001:00:00:00 and a license expiration issue when adding the server to vCenter.

Known Issues:

None

Version:1.00_01-14-2014 (18 Feb 2014)
Enhancements

Upgrade Requirement:
Recommended - HP recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Enhancements:

This is the initial version of the firmware.

Known Issues:

None

Version:1.00_01-24-2014 (18 Feb 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where VMware ESXi 5.5 may have not be able to determine the date and time. This may result in the date and time being reported as 1/1/2001:00:00:00 and a license expiration issue when adding the server to vCenter.

Known Issues:

None

Legal Disclaimer: Products sold prior to the November 1, 2015 separation of Hewlett-Packard Company into Hewlett Packard Enterprise Company and HP Inc. may have older product names and model numbers that differ from current models.