Release Notes
=============
Broadcom BCM5761 Management Firmware
Copyright (c) 2012 Broadcom Corporation
All rights reserved.
----------------------------------
Version 1.54.0.0 - August 09, 2012
----------------------------------
Fixes:
======
1. Problem:
The web server would parse reference method parameters as decimal
numbers rather than hexadecimal as documented.
Cause:
Incorrect parse method used.
Change:
Parse reference method parameters as hexadecimal.
2. Problem (CQ64887)
The fix in 1.52.0.8 was incomplete and would end up triggering CTS hangs
more often.
Cause:
While the FIN was set, the next SEQ number was not incremented. As a
result, when the remote end ACKed the FIN, the firmware would perceive
this as an invalid ACK.
Change:
Correctly increment the SEQ number.
--------------------------------
Version 1.52.0.8 - July 30, 2012
--------------------------------
Fixes:
======
1. Problem (CQ40084):
OMData instances remain even after OMData NVRAM storage is deleted.
This is a mis-configuration scenario.
Cause:
The CIM_OpaqueManagementDataService and
CIM_OpaqueManagementDataCapbilities classes were instantiated even if
there was no OMData storage space allocated.
Change:
Check the total OMData storage space before instantiating the
CIM_OpaqueManagementDataService and CIM_OpaqueManamentDataCapabilities
classes.
2. Problem:
Some unicode glyphs not correctly handled in modifiable properties.
Cause:
Use of non-unicode string copy function.
Change:
Use a unicode safe copy function for copying all property values.
3. Problem (CQ64887):
DASH CTS could hang while testing power control methods.
Cause:
CTS does not correctly handle HTTP session tear-down. As a result,
lost packets with the FIN flag set will cause an infinite wait. During
power state changes, a FIN packet is more likely to be lost due to link
negotiation.
Change:
Include the FIN flag in the last data packet ot ensure that if all
data is transmitted, the FIN will also be transmitted.
Enhancements:
=============
1. When there are multiple DNS host entries, randomly select an entry to
use.
2. Remove the extraneous and confusing word "Information" from the values
of all instances of CIM_SoftwareIdentity.ElementName.
-------------------------------
Version 1.52.0.7 - May 14, 2012
-------------------------------
Fixes:
======
1. Problem (CQ63296):
XML Entities parsed with the trailing semicolon left as part of the
decoded text.
Cause:
Incorrect entity length calculation.
Change:
Fix length calculation.
------------------------------
Version 1.52.0.6 - May 9, 2012
------------------------------
Fixes:
======
1. Problem:
Infinite loop while enumerating association instances with a
ResultClass specified.
Cause:
Bug in association filter enhancement for 1.52.0.5.
Change:
Eliminated infinite loop.
------------------------------
Version 1.52.0.5 - May 3, 2012
------------------------------
Fixes:
======
1. Problem (CQ63064):
Unable to modify CIM_Account.UserPassword using the Put operation with
the "new" correct string[] OctetString encoding.
Cause:
The OctetString parser did not function correctly when the source and
destination buffers were the same as in the case of a Put.
Change:
Correctly handle the case where source and destination buffers are the
same when parsing OctetString values.
Enhancements:
=============
1. Support subscriptions to an Indication Class as specified in DSP0227
v1.2.0 section 10.2.1.2 (without Polymorphism support). This provides
a generic standards-based way to subscribe to all indications without
parsing filters and filter collections. No filtering is supported.
2. Assocation filtered enumerations do not need to have their results
sorted and have duplicates removed as with Associated filtering. Only
sort and uniq the latter. This should speed up partial Pulls of
association filtered sets.
3. Added GetDateTime command as a supported PLDM command in the response
to GetPLDMCommands request.
---------------------------------
Version 1.52.0.4 - March 26, 2012
---------------------------------
Fixes:
======
1. Problem (CQ61879):
Data corruption on firmware start leading to firmware crash
(status=f0090300).
Cause:
Updated compiler uses different main call stack profile.
Change:
Update build for new stack profile.
Enhancements:
=============
1. Update compiler optimization flags.
---------------------------------
Version 1.52.0.3 - March 22, 2012
---------------------------------
Fixes:
======
1. Problem (CQs 61875 and 61879):
Data corruption on firmware start leading to firmware crash
(status=f0090300).
Cause:
Updated compiler uses different TIMER call stack profile.
Change:
Update build for new stack profile.
Enhancements:
=============
1. Fix warnings from static anaylsis.
--------------------------------
Version 1.52.0.2 - March 6, 2012
--------------------------------
Fixes:
======
1. Problem (CQ 61987):
Web GUI ForEachAssociation blocks would not match existing instances.
Cause:
Optimization of association enumeration resulted in unsupported start
conditions for filtered instance enumeration.
Change:
Support starting filtered instance enumeration with an association
class.
--------------------------------
Version 1.52.0.1 - March 2, 2012
--------------------------------
Fixes:
======
1. Problem (CQs 61875 and 61879):
Data corruption on firmware start.
Cause:
New compiler version generates code which can corrupt memory structures
under specific circumstances.
Change:
Compile using old compiler version (no code changes).
------------------------------------
Version 1.52.0.0 - February 22, 2012
------------------------------------
Fixes:
======
1. Problem (CQ 59853):
Remote power on/off cycle stress testing ends prematurely on a
particular platform.
Cause 1:
Management firmware is not responsive in Vaux due to inability to
receive management traffic. When management packet is received, no
interrupt is generated and no packet buffer is used.
Change 1:
Firmware detects above condition and generate a GRC reset to reset
MAC module.
Cause 2:
In Vmain, ASF "power off" message can't be sent to the system's
Remote Control Device due to SMBus controller stuck in StartBusy0 state.
Change 2:
Firmware will clear out StartBusy0 state before sending SMBus message.
2. The "guess system state" feature will no longer, under any condition,
report the system state as S0 if the "Vmain Present" signal is low.
Previously, if the firmware thought the host OS/device driver was
active (present and functioning), this feature would report S0 even if
Vmain was not preset.
3. Problem:
A 0-length SMBIOS structure table stored in the management configuration
would cause the firmware to crash with a NULL-pointer dereference.
Cause:
Improper handling of a 0-length SMBIOS structure table.
Change:
A faux "empty" SMBIOS structure table will be used when the table stored in
the management configuration record set is of an invalid length (e.g. 0
bytes).
4. Problem:
CIM_PowerSupply.TypeOfRangeSwitching contains 6 (Not Applicable).
Cause:
Assumption that only switch-mode power supplies can automatically switch
based on input voltage.
Change:
Do not check if the power supply (advertised in the SMBIOS structure table)
is a switching power supply before populating this property value.
Enhancements:
=============
1. Upon firmware exception, the exception handler will re-initialize the
APE shared memory segment signature, length, and fw_behavior fields to
ensure that the RxCPU will reset the APE subsystem if it has been
configured with "Restart APE when hung" enabled. This enhancement is to
work-around unforeseen conditions where the APE shared memory segment may
have become corrupted immediately prior to a firmware exception.
2. Various detected initialization failures will now cause the firmware to
store a "fw_status" value in the APE shared memory segment with "0xE" in
the uppermost nibble and then halt the APE CPU.
3. CIM_RecordLog.OperationalStatus[0] will now contain value of 2 (OK) or
6 (Error) rather than 0 (Unknown) depending on the state of the
event/audit log.
4. Various CIM/WS-Man instance get/enumeration performance improvements.
-----------------------------------
Version 1.50.0.2 - October 24, 2011
-----------------------------------
Fixes:
======
1. Problem (CQ 59260):
Incorrect value reported by the CIM_Memory.NumberOfBlocks property.
Cause:
Only the first SMBIOS Physical Memory Array (Type 16) structure
which had a Usage member set to System Memory (3) was used in
calculating the size of the total system memory to populate the
CIM_Memory.NumberOfBlocks property for the system.
Change:
Sum the size of all Memory Device (Type 17) structures which
are associated with any Physical Memory Array (Type 16) structure
that has a Usage member set to System Memory (3).
2. Problem:
Graceful power control operations not supported when using a
network driver that doesn't support driver state change APE events
(e.g. tg3 driver v3.93.0).
Example:
CIM_AssociatedPowerManagementService.AvailableRequestedPowerStates
would not contain the values: 4, 7, 12, 14, or 15 when the driver
and brcmMgmtAgent were operational.
Cause:
The firmware assumed the operating system was not present/running
because it never received a "driver loaded" state change event,
so it would not advertise support for graceful power control operations
(even though it did know the agent was running).
Change:
When the firmware receives an APE Agent Heartbeat event (i.e. from
brcmMgmtAgent) it will now assume that the operating system is loaded
(a prerequisite to running the agent) and advertise via CIM support for
graceful power control operations.
Enhancements:
=============
1. Map CPU cache associativity values from SMBIOS to CIM mathematically
rather than by enumeration. The two have been updated in sync
historically, so it can be expected they will remain so in the
future.
Impact:
New associativity values for new processor types will work without
a firmware upgrade in the future.
---------------------------------
Version 1.50.0.1 - August 8, 2011
---------------------------------
Enhancements:
=============
1. CQ 57673:
When the management firmware (re)initializes the PHY, if the
"Enable PHY Auto Powerdown" option (i.e. B57diag->secfg item 37)
is disabled in NVRAM, the PHY Auto Powerdown feature is disabled.
Impact:
Requires RxCPU bootcode v3.80 or later.
---------------------------------
Version 1.50.0.0 - August 4, 2011
---------------------------------
Fixes:
======
1. Problem (CQ 57621):
Successive attempts to set IsNext property of a CIM_ElementSettingData
instance (associated with a CIM_BootConfigSetting instance) to the
same value fails.
Cause:
The code for setting the CIM_ElementSettingData.IsNext property value
toggled the current value rather than checking the value that the
property was being set to.
Change:
Check the value being assigned to the IsNext property and if it is the
same as the current value, do nothing.
-------------------------------
Version 1.48.0.0 - May 18, 2011
-------------------------------
Fixes:
======
1. Problem (CQ 55700):
Kerberos Ticket Parsing Error
Cause:
The IF-RELEVENT member of the AF-IF-RELEVENT sequence of the
AuthorizationData sequence of the Kerberos ticket would not be parsed
correctly if more than one IF-RELEVENT sequences were present.
Change:
Correctly handle multiple IF-RELEVENT sequences in the AD-IF-RELEVENT
sequence.
Enhancements:
=============
1. When negotiate authentication is attempted but fails, provide useful
debugging information in the returned 401 HTML page.
2. When an Active Directory user does not match any AD Identity SIDs, return
a 401 error rather than authenticating a valid user with no privileges.
-----------------------------------
Version 1.46.0.0 - January 14, 2011
-----------------------------------
Fixes:
======
1. Problem (CQ 52005):
CIM_InstModification Indication delivery failure for
CIM_TextRedirectionSAP.
Cause:
When a zero-length string property was sent as part of an instance in an
indication, the content body of the chunked HTTP request was
terminated.
Change:
Add correct handling of zero-length string properties while sending a
chunked request.
2. Problem:
Resource leak: solicited node multicast groups not left when IPv6
address changed.
Cause:
Multicast group subscriptions created for solicited node multicast
resolution were left in place when there were no longer any addresses
covered by the group.
Change:
When an IPv6 address is removed, leave any solicited node multicast
groups which would no longer be responded to.
3. Problem:
Resource leak: empty event queue could grow larger than necessary under
heavy load.
Cause:
No upper bound placed on event queue length.
Change:
Place upper bound on event queue and free any extra entries rather than
reusing them.
4. Problem
Resource leak: failure during multicast address creation could leak
memory.
Cause:
Some failure cases could theoretically cause memory to not be freed.
Change:
Free all allocated memory in all error cases.
Enhancements:
=============
1. Enhancement request (CQ 51703):
Add CIM_ProcessorCapabilities instances to model processor cores and
threads.
Change:
Instantiate CIM_ProcessorCapabilities and CIM_ElementCapabilities
association.
2. Enhancement request (CQ 51879):
Added support for use of Locally Administered ("soft") MAC address.
Properties CIM_EthernetPort.PermanentAddress and
CIM_ComputerSystem.OtherIdentifyingInfo[CIM:MAC] will always reflect
the permanent MAC address (not the LAA, if one is used).
Impact:
Requires Management Agent v1.46.0+.
-----------------------------------
Version 1.44.0.0 - December 1, 2010
-----------------------------------
Fixes:
======
1. Problem (CQ 51055)
Firmware becomes unresponsive after testing CIM_PowerManagementService
methods for extended periods of time (ie: days).
Cause:
Slow memory leak when DHCP binds an address to a device while there
is pressure on the memory pool (eg: unacked TCP packets).
Change:
Fix memory leak when joining the all hosts multicast group with low
available memory and avoid dynamic allocation when parsing DHCP
messages where possible.
------------------------------------
Version 1.43.0.12 - November 9, 2010
------------------------------------
Fixes:
======
1. Problem (CQ 50571):
DASH CTS will hang when exercising CIM_PowerManagementService methods
with some configurations.
Cause:
Fix for CQ 36753 results in an extra loss of link during which the
firmware closes the connection. Since CTS never probes the connection
and has no timeouts, this results in a hang.
Change:
Modify fix for CQ 36753 to upgrade BCM5761 core clock to 62.5MHz in
order to maintain 1Gb link rather than renegotiating link at 10/100Mb.
------------------------------------
Version 1.43.0.11 - October 21, 2010
------------------------------------
Fixes:
======
1. Problem (CQ 50052):
ElementCapabilities between IndicationService and
IndicationServiceCapabilities instances are in the wrong CIM namespace.
Cause:
ElementCapabilities class was hard-coded to the default namespace.
Change:
Correctly detect the appropriate namespace of the association.
2. Problem (CQ 50227):
Using Text Console Redirection, see redirected text just the first time
when using a DHCP-assigned dynamic IP address.
Cause:
When driver loads before DHCP negotiation is complete, the IP address
from a firmware DHCP lease is temporarily released before being re-added
immediately from the OS present lease. This results in all open sockets
(in the management controller) being closed despite the fact that the
configuration is not actually changing (only the lease is changing).
Change:
Check if the new IP address matches the old address and, if it does, do
not release the old address.
3. Problem (CQ 50430):
Receiving "Invalid Response" when disconnecting a text console
redirection session using DashMgmtCon.
Cause:
When the IPv6 address changes, IPv6 is enabled, and IPv6 is preferred
over IPv4, the old EPRs for the SAP become invalid due to the SystemName
property (which is the preferred IP address).
Change:
Use a NameFormat of "Other" (rather than "IP") and Name equal to the
canonical UUID (e.g. 83ec019b-ffc9-11de-bbd8-81a101ee0024).
Note:
When allowed by the CIM schema, NameFormat will be changed to "UUID"
(in a future firmware release).
4. Problem (CQ 50353):
In SMP systems, only the first processor has an EnabledState property
value of "Enabled" and successive processors have an EnabledState
property value of "Quiesce", thus violating the DMTF CPU profile
(DSP1022) requirements and causing a potential DASH CTS test failure.
Cause:
The SMBIOS structure tables are generated by the BIOS which runs on only
a single CPU. At this time, successive processors are in an Idle state
and the tables reflect this. Because of this, the DMTF CPU profile maps
this SMBIOS data to an EnabledState of Enabled and requires this mapping.
Change:
Map the SMBIOS CPU Idle state to a CIM EnabledState value of "Enabled"
rather than "Quiesce". This change meets the requirements of the DMTF
CPU profile (DSP1022).
-------------------------------------
Version 1.43.0.6 - September 17, 2010
-------------------------------------
Fixes:
======
1. Problem (CQ 47379):
The CIM_InstCreation that takes 30 seconds to appear when subscribing
to Indications/Event with an IPv6 address.
Cause:
Unexpected FIN behavior in TCP/IP stack.
2. Problem (CQ 48993):
CIM_FilterCollection CollectionName and ElementName property values are
incorrect.
Change:
Correct descriptions of filter collections.
3. Problem (CQ 49301):
Unable to use default XML namespace for PUT request body.
Cause:
Default XML namespace strings were not saved for class URIs. The class
was not resolved until later using the saved XML NS URI, so when Default
XML namespaces defined the class, the firmware was unable to get the
class name resulting in a fault.
Change:
Store default XML namespaces which contain a CIM class URI.
4. Problem (CQ 49970):
Duplicate results in Associated Instance queries.
Cause:
Older specifications permitted this behavior so this was by design.
Change:
As per WS-Man 1.1 specification, filter out duplicate results.
Enhancements:
=============
1. Enhancement request (CQ 40008):
Telnet and SSH Text Console Redirection is unable to work in conjunction
with Active Directory authentication (i.e. single sign-on).
Change:
Added CIM_SharedCredential which contains a one-shot password which can
be used for SSH and Telnet authentication.
The console is expected to enable a SAP, read the credential, then use
the credential (at which point, the credential ceases to exist). When
the console disconnects, a new credential is created which persists
until the SAP is transitioned to the Disabled state.
2. Support for PLDM State Sensors:
PLDM Platform Event Messages received from PLDM State Sensors can now be
mapped to CIM_AlertIndications (for event log record entries and
alert indications) by importing a configuration file (e.g. ".ini" file)
which contains details about the sensor (e.g. sensor-ID), and mappings
for PLDM eventState to CIM_AlertIndication platform message registry
values (e.g. OEM state set).
Optionally, PLDM state sensors may now be modeled as CIM_Sensor
instances with similarly imported PLDM presentState/eventState to
CIM_Sensor.CurrentState and PossibleStates values from ".ini" file.
3. Support for Record Log Profile 2.0.
Change:
Implemented DSP1010 v2.0 requirements for "Standard Message" support:
* CIM_RecordLogCapabilities instances
* CIM_LogEntry properties:
- MessageArguments
- MessageID
- OwningEntity
- PerceivedSeverity
4. Enhancement request (CQ 49971):
WinRM -shallow and -basepropertiesonly do not work.
Change:
Added support for additional PolymorphismModes.
5. Added an "Advanced" manageability flag (bit 31) to allow the disabling
of TCP resets after socket closes on out-bound HTTP (client)
connections.
--------------------------------
Version 1.42.0.3 - June 11, 2010
--------------------------------
Fixes:
======
1. Problem (CQ 48178):
Changing BRCM_OOBManagementHTTPSSetting.Enabled property from false to
true via WS-Management will cause an HTTPS failure.
Cause:
Base 64 encoding a zero length buffer resulted in garbage. Since a PUT
involves a read/modify/write, the garbage value would then be written
into NVRAM and used as a CA certificate.
Change:
Do not base 64 encode zero byte buffers.
2. Problem (CQ 47260):
Under some unique conditions, WinRM will return an XML Parse Error when
enumerating CIM_MemberOfCollection.
Cause:
Firmware network stack problem recovering from lost TCP packet when
using selective ACK (SACK) and sending more than 16000 bytes.
Change:
Resolved in network stack update.
-------------------------------
Version 1.42.0.2 - May 26, 2010
-------------------------------
Fixes:
======
1. Problem (CQ 47382):
Using HTTPS to modify BRCM_OOBManagementHTTPSSetting will cause a HTTP
Security Error with WinRM.
Cause:
A get of an octetstring value over a specific size (about 18 bytes for
uint8 arrays and about 12 bytes for string arrays) would return a
corrupted value.
Change:
Fix "get" implementation for octetstring arrays.
Impact:
- BRCM_OOBManagementHTTPSSetting.ServerCertificate
- BRCM_OOBManagementHTTPSSetting.TrustedCACertificate
- BRCM_OOBManagement8021xSetting.TrustedCACertificate
2. Problem (CQ 47535):
Firmware crash when attempting to send TCP or UDP packets when local
device address is not addressable (e.g. when first enabling manageability
via BMCC).
Change:
Do not dereference NULL device pointers.
3. Problem:
Mapping of SMBIOS "System Cache Type" value of 01h (other) to
CIM_AssociatedMemory.CacheType value of 1 (other) requires populating
the OtherCacheType property as well.
Change:
Set the CIM property value to 0 (Unknown) when the cache type is
reported as "other" (01h) in the system's SMBIOS structure table.
4. UTF-16 BOM was not being parsed as part of the HTTP request body. This
prevented UTF-16BE from working when the BOM was the only indication of
byte order.
5. Problem (CQ 47274):
Ejecting USB Redirection Device in Linux will not terminate the USB
Session.
Change:
USB Redirection now informs the host that EJECT is not a valid action on
the redirected drive. If the OS still performs an eject, the redirection
will still not terminate.
6. Problem (CQ 47209):
USB Redirection device will disappear after 10 minutes in RHEL 5.5.
Change:
USB redirected mass storage device simplified to conform more closely to
the applicable standards rather than pretending to be a DVD+/-R drive.
Enhancements:
=============
1. The (optional) automatic register repair function will now enable the
UART PCIe function if it is disabled but UART redirection is enabled
to work-around NDIS driver bug where it would disable the UART function
during driver load.
2. Change USB redirection device productID from 0x5761 to 0x1681.
3. Enabled two-way authentication via HTTP-digest.
---------------------------------
Version 1.42.0.0 - April 23, 2010
---------------------------------
Fixes:
======
1. Problem (CQ 47291):
Subscribing to CIM Indications/WS-Events with an IPv6 address causes a
NULL dereference (and crash).
Cause:
IPv6 stack issue when sending on a socket that is not in the connected
state.
Change:
Detect condition do not send on undefined (or NULL) interfaces.
2. Problem (CQ 47292):
BRCM_OOBManagement8021xSetting boolean property values have inverted
logic (e.g. when enabled, the "Enabled" property is false).
3. Problem (CQ 47248):
A sleeping Windows system may wake upon receipt of a management packet
when interesting-packet WoL is enabled in the driver configuration.
Cause:
Hardware WoL pattern matching does not take management packets into
account.
Change:
Support WoL interesting packet processing in management firmware.
Requires NDIS driver v14.2.0.4 or later.
Impact:
Windows only.
Enhancements:
=============
1. Immediate graceful power control when using BrcmMgmtAgent for Windows
v1.42.1 with NDIS driver v14.2.0.4 or later.
2. Track MCTP over SMBus messages and ASF power control commands that were
retried and number of times they were retried. Place these statistics
into APE shared memory to be read and displayed by b57diag (apeinfo -m).
3. Add work-around for HTTP client compatibility with buggy "SHS" web
server (invalid range request response). e.g. for USB redirection and
firmware update support.
--------------------------------
Version 1.41.0.1 - April 8, 2010
--------------------------------
Enhancements:
=============
1. Updated TLS/SSL and SSH stack.
2. Count MCTP retries (reported in B57diag v14.08.05 'apeinfo -m' output).
---------------------------------
Version 1.41.0.0 - March 19, 2010
---------------------------------
Fixes:
======
1. Fix NULL dereference when parsing CIM_DateTime invalid period: ".S".
2. Fix very unlikely NULL dereference in badly formatted XML where the
default namespace is an embedded instance, no namespace prefix is
specified and the tag name is not found.
3. When some profiles are disabled, the privileges associated with those
profiles could be arbitrarily hidden based on an undefined variable.
4. Incorrect parsing of { and  style XML entities.
5. Could not modify BRCM_OOBManagementHTTPSSetting.ServerPrivateKey
property.
6. Failure to GET an instance of CIM_OrderedComponent.
7. XML parsing bug: / was taken as an attribute name so the parser was
expecting /="value".
Now, it simply notes the / and continues so <tag /attr="value"> is now
parsed the same as <tag attr="value"/>.
8. Event Log CIM_RecordLog.EnabledState=2 (Enabled) when log is full and
overwrite policy is 7 (Never Overwrites) - does not match DSP1010
section 7.5.1.1 requirement which states the EnabledState value must
be 6 (Enabled but Offline) in this case.
9. Audit Log CIM_RecordLog.EnabledState value will now be 2 (Enabled) and
3 (Disabled) accordingly, rather than always 5 (Not Applicable).
10. CIM_LogEntry.RecordData ... AlertingManagedElement:
As per DSP0004, use a colon to separate the namespace from the class
name.
Enhancements:
=============
1. Updated TCP/IP stack (primarily for IPv4 fixes).
2. CIM_RecordLog.LogState value will always be 4 (Not Applicable), since we
don't have an "erasing" state, this property never provides any useful or
meaningful value, but since it is mandatory, it must be implemented.
------------------------------------
Version 1.40.0.1 - February 19, 2010
------------------------------------
Fixes:
======
1. Problem (CQ 45729):
Unable to initialize USB Redirection or software (firmware) update
session when using IPv6 web server.
Cause:
Receive management traffic filter for IPv6 address was setup
incorrectly.
Change:
Fix receive management traffic filter for IPv6 addresses.
2. Problem (CQ 45760):
Firmware hangs when enable/disable IPv6 in Windows Network Properties .
Cause:
Three different re-initialization logic errors in IPv6 stack resulting
in potential memory leaks and crashes due to NULL pointer dereferences.
Change:
Fixed the IPv6 stack re-initialization logic.
3. Problem (CQ 45822):
DNS results are not filtered based on if IPv4 or IPv6 is enabled or not.
Cause:
DNS server returns both IPv4 and IPv6 addresses for hostname,
but firmware did not filter out result based on IPv4/ IPv6 interface
enabled/disabled.
Change:
Filter out disabled IPv4/IPv6 DHCP resolved addresses before applying
IPv4, IPv6 preference.
4. Problem:
Path MTU discovery does not work when OS absent.
When a TCP connection traverses a segment with an MTU less than the
transmitted segment size, a large block of IP addresses become
unreachable for over one minute.
Cause:
A typo in Path MTU discovery code resulted in the destination IP address
being used as a netmask and a value of "32" being used as the next hop
router. As a result, all traffic for hosts masked by the destination
address become unreachable.
Solution:
Correct the typo allowing Path MTU discovery to proceed correctly.
5. Problem:
Path MTU discovery does not work when OS present.
Cause:
No receive filter for ICMP "Destination Unreachable" packets was being
created.
Solution:
Create a filter for ICMP "Destination Unreachable" packets to detect
transmit failures due to path MTU size.
6. Fix bug where driver revision (if non-zero) would be mistakenly modeled
in CIM_SoftwareIdentity.BuildNumber for network driver instance.
Enhancements:
=============
1. Default network Maximum Transmission Unit (MTU) size value is now
configurable (instead of being hard-coded to 1500 bytes).
Note:
This value will be configurable in the "Advanced Settings" menu of
future versions of B57diag.exe and BMCC.exe. Default value is 1500.
-----------------------------------
Version 1.40.0.0 - February 3, 2010
-----------------------------------
Fixes:
======
1. Problem (CQ 45168):
Could not boot to USB-Redirected image on some platforms running
Windows 7.
Cause:
Old SCSI sense data was not cleared after a successful SCSI command.
Change:
Clear old SCSI sense data.
Enhancements:
=============
1. Retry USB-Redirected HTTP "read", to take care of SCSI Read10 failure.
In case the web server (Abyss) set maximum # of requests
that can be served over the same connection, allow retry of request
and parse response, to open a new connection.
2. Update advertised registered profile versions to latest errata versions:
* Physical Asset and Sensors from v1.0.1 to v1.0.2
* Opaque Management Data and Software Inventory from v1.0.0 to v1.0.1
3. If ASF SMBus power-up command fails (e.g. is NAK'd), assert PME# to wake
the system.
Caveat: Some platforms may not treat this as a remote power-on event and
may ignore ASF boot options or the normal boot device selection
process.
-------------------------------------
Version 1.39.0.0 - January 12, 2010
-------------------------------------
Fixes:
======
1. Problem (CQ 45074):
Text console redirection sessions persist even after the relevant
service access point (Telnet or SSH SAP) has been disabled. This
behavior was not consistent with requirements of the DMTF Text Console
Redirection Profile (DSP1024 1.0.1, section 7.4).
Cause:
Misinterpretation of profile requirements.
Change:
Force console redirection session termination when the relevant
SAP has been disabled by a remote management console.
2. Problem (CQ 45246):
BRCM_NetworkTransmitFilterSest.SetDropCount property value is missing
one count.
Cause:
Off-by-one error in transmit packet drop count calculation.
Change:
Add one to transmit packet drop count calculation.
3. Problem (CQ 38210):
ASF Power-reset stress will hang BIOS and management firmware on some
platforms after 12-48 hours.
Causes:
A. Firmware crash (bus error) due to accessing invalid TxMbuf or RxMbuf
due to APE tx and rx pool reinit when GRC reset occur.
B. Firmware stuck in processing SMBus slave receive ISR.
C. SMBus data line forced low by other device.
Changes:
Implemented work-arounds for the above failure cases.
4. Fix AvailableRequested[Power]States array values:
- ComputerSystem and OperatingSystem AvailableRequestedStates arrays did
not include Quiesce (9) if the system/agent was capable of
hibernation, but not standby. If either standby or hibernation are
available, Quiesce is now included in the array.
When attempting a RequestStateChange(RequestedState=9), standby
(sleep) will be attempted if supported/available, otherwise hibernate
will be attempted if supported/available.
- If the available agent commands did not include all 4 possible
commands (e.g. a previous state change request failed in the agent or
the agent 'commands' command-line argument was used), the array
elements would contain duplicate and/or invalid values.
5. Enable SSH sender deadlock protection.
6. Add 1/10th of a second delay when an SSH send operation returned OK but
transferred zero bytes (such as when waiting for a window size
adjustment).
Enhancements:
=============
1. (CQ 45242)
Model CIM_Fan.VariableSpeed property value as TRUE rather than FALSE as
most, if not all, system fans will be variable speed and we currently
have no method of knowing which fans are variable speed and which fans
are not.
2. Retry ASF_RCTL SMBus commands up to 2 times, for a total of 3 attempts.
If an ASF SMBus message to the system "remote control device" (e.g.
chipset) is NAK'ed, the message transmission will be retried for a
maximum total of 3 attempts. On systems where the remote control device
may occasionally NAK messages, this makes ASF-based remote power control
more reliable.
-------------------------------------
Version 1.24.0.10 - December 11, 2009
-------------------------------------
Fixes:
======
1. Problem (CQ 44737):
Secure RMCP vulnerability: a malformed "RAKP Message 1" packet received
with a "User Name Length" field value greater than 16 may corrupt stack
memory causing the management controller to crash or potentially allow
an attacker to execute chosen or arbitrary instructions on the
management controller's processor.
Cause:
Insufficient validation of received "RAKP Message 1" packets before
processing.
Change:
If the "User Name Length" field value is greater than the maximum length
allowed by the ASF 2.0 specification, then an "RAKP Message 2" response
packet is sent with a "Status Code" value of 0x0C (Invalid name length),
as defined in section 3.2.3.5.1 of the DMTF ASF 2.0 specification
(DSP0136).
2. Problem (CQ 44857):
Secure RMCP authentication failure when specifying an (optional) user
name.
Cause:
"RAKP Message 1" packet parsing had incorrect pointer arithmetic when
handling non-zero user name lengths, so the calculated Session Integrity
Key (SIK) was incorrect.
Change:
Fix the pointer arithmetic to allow the user name to be included in the
Session Integrity Key (SIK) calculation.
3. Problem:
"Open Session Response" and "RAKP Message 2" packets generated with a
non-zero "Status Code" value (indicating an error has occurred) have an
RMCP data length value of 28 and 52 bytes respectively, instead of 8,
as specified in sections 3.2.4.6 and 3.2.4.14 of the ASF 2.0
specification.
Cause:
The generated and transmitted "Open Session Response" and "RAKP Message
2" packets were always the full message, regardless of the included
"Status Code" value.
Change:
Only transmit the full 6-field, 28 or 52 byte payload when the
"Status Code" value is 0 (success).
4. Problem (CQ 44698):
802.1x PEAP is unable to Authenticate with Cisco ACS when multiple auth
methods are enabled.
Cause:
When multiple authentication methods are enabled on Cisco ACS, during
SSL handshake, ACS does not supply root CA cert in server cert chain.
Management firmware expected CA cert as last cert in server cert chain.
Change:
Retrieve CA certificate from configuration record set (record type 0x91)
when not supplied by the authenticator.
5. Problem (CQ 44720):
CIM_ComputerSystem.EnabledState property value is N/A (5) when the
system is sleep states (e.g. S3/S4) instead of Quiesce (9), as required
by the DMTF Base Desktop Mobile Profile (DSP1058).
Cause:
CIM_ComputerSystem implementation was based on a pre-1.0 proposed
profile specification.
Change:
Various system sleep states are now modeled with a CIM_ComputerSystem
EnabledState value of Quiesce (9).
6. Problem:
CIM_NumericSensor.CurrentReading property value would not represent
PLDM sensors with signed data types correctly.
7. Problem:
CIM_ComputerSystem.ElementNameEditSupported is true, but the
CIM_ComputerSystem.MaxElementNameLen property is not implemented.
As per DSP1052, 7.1.2.1.2, MaxElementNameLen must be implemented if
ElementNameEditSupported is true.
Change:
Added CIM_ComputerSystem.MaxElementNameLen property.
8. Problem:
IP interface not getting IP address after transition from OS-Absent,
DHCP-enabled and DHCP server is offline to OS-Present, DHCP server is
online.
Enhancements:
=============
1. Added support for initiating an ASF "remote control" SMBus message via
APE event (e.g. using the new B57diag "apectl -A" command).
2. Upon firmware exception (crash), useful APE registers are stored in
shared memory for post-mortem analysis (e.g. using B57diag "apeinfo -m"
command).
3. When "APE Config" NVRAM content verification fails, a firmware error
("CfgVerifyErr") is reported/logged, but the firmware will continue to
attempt to use the useable configuration records.
This works around a problem reported when using BrcmMgmtAgent v1.10 with
firmware v1.24 where the agent was corrupting the IPv6 config record
(due to an old BMCFG lib forward compatibility bug) and the firmware
would ignore subsequent configuration change events (would not attempt
to use the corrupted config records until an APE reset) and would log a
firmware error ("CfgRead").
Impact:
The management firmware will be more tolerant of corrupted configuration
records and attempt to continue to operate, as much as possible, with
the configuration records that are present and not corrupted.
For example, using BrcmMgmtAgent v1.1.0 with firmware v1.24.0.10 will
still work for all but the IPv6 capabilities.
4. Implemented CIM_ComputerSystem.AvailableRequestedStates and
CIM_OperatingSystem.AvailableRequestedStates which dynamically reflect
the RequestStateChange() method RequestedState parameter values that are
expected to work on the system at that given moment.
5. CIM_AssociatedPowerManagementService.AvailableRequestedPowerStates
dynamicism is more granular (e.g. sleep, hibernate, and shutdown
capabilities of the system/agent are individually checked).
6. Additional APE debug log messages may be enabled with a new "debug log"
configuration property (e.g. under new B57diag "mancfg" or BMCC "edit"
Advanced menu option: Debug Log Enable Flags).
Impact:
Only to be used as directed by Broadcom engineers.
7. Do not model revision and build number for boot code (always 0) in
CIM_SoftwareIdentity instance.
8. Added detection of SMBus "stuck" condition, where the data line is low
for at least 5ms. When this condition is detected, the firmware will
reset the SMBus by driving the SMBus clock and data line low for 25ms
and then driving both SMBus clock and data line high.
9. Additional received RMCP packet validation:
A. RMCP "Data Length" value must match received packet length,
adjusted for RMCP and RSP headers and trailers, as appropriate.
B. RMCP "Data Length" value for received RAKP Message 1 and Message 3
packets must support the minimal number of fields (and bytes)
specified in the ASF 2.0 specification.
C. RAKP Message 1 "User Name Length" must match the received packet
length, adjusted for other data, as appropriate.
RMCP packets that fail validation are silently discarded.
10. Improved tolerance of SSH Server to handle "half-closed" sockets
(i.e. where client only calls shutdown() and never calls close()).
11. Improved tolerance of HTTP Server to handle clients that wait forever
(e.g. for a close) after the HTTP response has been sent and received.
Problem:
When a session is terminated with a RST sent from the firmware while
link is down, the remote peer will not be aware that the socket has
been closed until it sends another packet to the port (e.g. a
keep-alive). If it never sends another packet, it will never be aware
that the socket has been closed.
Cause:
Session was closed with a RST as soon as the last response was sent.
When the response was sent in reply to a power control request, the
RST could be lost due to temporary loss of Ethernet link during link
state (speed) renegotiation.
Change:
Do not send RST until after the remote either closes its end, or the
HTTP session timeout expires.
-----------------------------------
Version 1.24.0.9 - November 6, 2009
-----------------------------------
Fixes:
======
1. Problem (CQ 44318):
Outbound HTTPS connections (e.g. for USB Redirection) using TLS Mutual
Authentication are unable to authenticate with the web server.
Causes:
a) If the server root certificate was not included in the server
certificate, validation against the CA would fail.
b) MS IIS performs mutual authentication by reissuing a hello, which was
unsupported.
c) DNS name mismatch due to bug.
Changes:
a) Allow looking up the CA when not included in the certificate.
b) Enable re-handshake support to permit interoperability with MS IIS.
c) Place the expected DNS hostname into the client structure.
2. Problem (CQ 44374):
802.1x EAP tasks did not restart after importing certificates.
Change:
When configuration record 91 is changed, restart EAP negotiation.
3. Problem (CQ 44441):
CIM_BIOSPassword.IsSet still true after password is cleared.
Cause:
Zero length BIOS password was considered as a valid password. According
to CIM_BIOSPassword.IsSet should be true for non-blank password and
false otherwise.
Change:
Accepted pending BIOS password that is zero length will now be
considered as not set. Added code to remove the BIOS password attribute
from the attribute value table and the BIOS meta record.
4. Problem (CQ 44372, introduced in v1.24.0.4):
Text redirection SSH session will be terminated by management firmware
after several minutes.
Cause:
An SSH re-key would cause the SSH session to terminate due to a flaw
in the re-key algorithm. The re-keying interval is determined by the SSH
client (e.g. Putty default re-key interval is one hour).
Change:
Fix problems associated with SSH re-keying algorithm.
5. Problem:
CIM_USBRedirectionSAP.RequestStateChange() failure would cause an
invalid response to be generated.
Change:
When enabling USB redirection SAP, also enable USB redirection Service,
so ConcreteJob instance can be updated properly.
6. PLDM for BIOS Control and Configuration:
Added range check for BIOS attribute pending value number handles field.
Enhancements:
=============
1. Additional error reporting/logging for advanced debugging capability
(e.g. using B57diag 'apeinfo -l' or 'bmcc status -verbose'):
- TLS/SSL/SSH/802.1X errors
- SSL initialization failure
- Uninitialized device key
2. Graceful power control request method invocations will now fail
(return 2) if the OS driver or agent is not present and capable of
handling the request.
Impact:
- CIM_ComputerSystem.RequestStateChange(Shutdown, Reboot, or Quiesce)
- CIM_OperatingSystem.RequestStateChnage(Disable, Reset, or Quiesce)
- CIM_PowerManagementService.RequestPowerStateChange(OffSoftGraceful,
MasterBusResetGraceful, PowerCycleOffSoftGraceful, SleepDeep, and
Hibernate)
Requires BrcmMgmtAgent v1.24.2 (or later) for graceful power control
methods to function.
3. Implemented CIM_AssociatedPowerManagementService
AvailableRequestedPowerStates property, part of proposed DMTF Power
State Management Profile v2.0.
This property reflects the currently available requested power states
based on the OS/driver/agent presence and capabilities.
This array contains a subset of the CIM_PowerManagementCapabilities
RequestedPowerStatesSupported array and should be used by consoles
to determine the currently available requested power states before
attempting to invoke a change request.
Impact:
Requires BrcmMgmtAgent v1.24.2 (or later) to represent graceful power
control power state change request capabilities.
4. Implemented CIM_SoftwareIdentity.OperationalStatus property for
all instances.
Possible OperationalStatus[0] values (single element array):
- System Firmware: Unknown
- Network Controller Driver: OK, Stopped, or No Contact
- Network Controller Firmware: OK or No Contact
- Management Controller Firmware: OK, Degraded, or Error
- Management API: Unknown
- Management Agent: OK, Stopped, No Contact, Lost Communication
Impact:
Requires BrcmMgmtAgent v1.24.2 (or later) to track operational status
of the management agent.
5. Set maximum outgoing TLS version to TLS1.0 instead of TLS1.2 to allow
interoperability with MS IIS 7.0.
6. Detection of incorrectly encrypted configuration record sets using a new
"watermark" configuration record.
If a configuration record set with encrypted records is exported to a
file and then imported into a different network/management controller,
the record set will fail verification and newer B57diag and BMCC
versions will disallow the importation (rather than just silently
reverting encrypted records back to their default or auto-generated
states as would previously happen). The management firmware will also
detect an invalid watermark and report/log an error.
-----------------------------------
Version 1.24.0.7 - October 23, 2009
-----------------------------------
Enhancements:
=============
1. 802.1X changes:
a. Added config change event to restart EAP task when 802.1x or client
certificate configuration records are changed in OS-absent state
(e.g. local change via B57diag mancfg).
b. Only send out EAP packet in OS-absent state.
c. Restart DHCPv4 and DHCPv6 when EAP task is restarted.
2. Added CIM_NumericSensor.HealthState mapping for OK and Critical Failure
values based on the PLDM GetSensorReading response.
3. If a PLDM sensor reading is the most positive or negative number
possible (based on the sensorDataSize value), translate into +/-
infinity as appropriate, then force values into the range INT32_MIN to
INT32_MAX due to the fact that CIM_NumericSensor.CurrentReading is of
type sint32.
4. Added extrinsic method: CIM_BIOSService.RestoreBIOSDefaults().
-----------------------------------
Version 1.24.0.6 - October 16, 2009
-----------------------------------
Fixes:
======
1. Problem (CQ 44096):
CIM_NumericSensor.OperationalStatus had a value of unknown.
Cause:
OperationalStatus was not updated correctly when the PLDM sensor
reported itself as being on the enabled state. The last non-enabled
state or zero was returned instead.
Change:
Set OperationalStatus to OK when PLDM operational status is enabled.
2. Problem:
If a configuration record had to be enlarged (e.g. to accommodate a
newly added property), and the record could be enlarged without moving
it (changing its offset in the configuration record set) due to adjacent
null/deleted records, the record length in the record header would not
be updated to the new larger size required for the new data.
Impact:
Most configurations due not normally include null records, so sightings
of this problem would not be common.
Enhancements:
=============
1. Part of CQ 43898 fix: when MAC address registers are uninitialized (0's)
(e.g. due to RxCPU boot code failure or delay), read MAC address from
NVRAM configuration.
2. Added 802.1X EAP-TLS support, thus completing the set of authentication
methods that will be supported for this feature.
3. Optimized PLDM BIOS and SMBIOS command response time.
4. New and updated classes for 802.1X configuration and certificate/key
management:
- BRCM_OOBManagement8021xSetting
- BRCM_OOBManagementHTTPSClientSetting
- BRCM_OOBManagementHTTPSSetting
Note: New and updated .MOF files are included with the release.
----------------------------------
Version 1.24.0.5 - October 9, 2009
----------------------------------
Fixes:
======
1. Problem (CQ 43968):
Unable to enumerate CIM_LogEntry or view Event/Audit logs from
DashMgmtCon.
Cause:
Enumeration optimization introduced in v1.24.0.4, applied incorrectly
to CIM_LogEntry.
Change:
Fix implementation of enumeration optimization for CIM_LogEntry
instances.
2. Problem (CQ 43970):
Using a configuration record set with no console redirection banner
(or a zero-length banner) causes SSH to fail.
Cause:
Zero-length SSH banner violates SSH-AUTH protocol.
Change:
When there is no banner (or a zero-length banner) in the configuration
record set, do not attempt to send an SSH banner.
3. Fix regression when connecting to a TLS server (for FW update, USB
redirection, or WS-Eventing) which required mutual authentication.
Introduced in v1.24.0.4.
Enhancements:
=============
1. RMCP and Secure RMCP (RSP) tasks are combined into a single task to
conserve resources (e.g. stack memory).
2. Added support for configurable 802.1X username (for use with EAP-TTLS
method).
3. Added configuration toggle flag for 802.1X EAP-MSCHAPv2 support
(defaults to enabled).
4. Added support for 802.1X authentication methods: EAP-TTLS and PEAP.
----------------------------------
Version 1.24.0.4 - October 2, 2009
----------------------------------
Fixes:
======
1. Problem (CQ 43900):
When a PLDM Numeric Sensor CurrentReading value conversion required
an inversion operation, state values were not translated accordingly.
This problem was evident in CIM_NumericSensor.CurrentState property
values as well as CIM_AlertIndication.MessageArguments[2] property
values in WS-Events and CIM_LogEntry instances.
Change:
Invert states as well as reading values in CIM representations of PLDM
numeric sensors.
2. Problem:
SMBIOS Base Board serial number not modeled via CIM.
Change:
Populate the system board CIM_Card serial number from the SMBIOS Base
Board structure.
Enhancements:
=============
1. Update security library to latest version.
This includes the following changes:
TLS Changes:
a. Validate certificate time (use of TLS most likely now requires the
current date/time to be set)
b. Validate certificate common name (use of TLS most likely requires DNS
to be functioning)
c. Disable 3DES, AES256, AES512 algorithms for speed
d. Disable RC4_MD5 TLS cipher as it is now considered insecure
SSH changes:
e. Disable 3DES
f. Add support for configurable login banner
2. Added configurable Telnet login banner (configuration record 0x03).
Example: "bmcc import=banner.txt -record=3"
B57diag: "mancfg -i=banner.txt -t=3"
3. Log an error (and set firmware error flag, bit 15) when an invalid
MAC address is detected by the firmware (low 32-bits are all 0).
-------------------------------------
Version 1.24.0.3 - September 24, 2009
-------------------------------------
Fixes:
======
1. Problem:
Large PLDM response messages were corrupted.
Cause:
Fragmented PLDM messages were using the wrong length value for the
middle fragment.
Change:
Fix the message length value for the middle fragment.
2. Problem:
Slow response to PLDM BIOS AcceptBIOSAttribute command.
Cause:
Firmware was updating attribute value table in NVRAM for every accepted
attribute.
Change:
Update the attribute value table only after all the accepted attributes
have been processed.
Enhancements:
=============
1. Initial support for 802.1X Authentication. 802.1X Supplicant currently
supports authentication methods:
* EAP-MD5
* EAP-MSCHAPv2
More authentication methods will be added in near future releases.
Note: Enable and configure with the B57diag 'mancfg' or BMCC 'edit'
"802.1X Authentication" menu.
2. Use better CommunicationStatus/EnabledState/OperationalStatus values for
CIM_Sensor and CIM_NumericSensor instances.
-------------------------------------
Version 1.24.0.1 - September 18, 2009
-------------------------------------
Fixes:
======
1. Problem (CQ 43510):
On platforms that require the "ASD Ready" SMBus message and that have
polled legacy sensors (one or more alerts defined in the ASF_ALRT
record of the system's ASF system description table), ASF SMBus power
control commands could stop functioning after a specific race condition
occurred (typically after 4 iterations).
Cause:
Contention over use of SMBus to both poll sensors and send the "ASD
Ready" message upon vmain/vaux power state transition.
Change:
Serialize the ASF SMBus accesses via semaphore to prevent collision.
2. Problem:
Fix octetstring string array parsing of CIM_Account.UserPassword
property to match DSP0230 rather than DSP0004.
Note:
Old (DSP0004) encoding still supported for backwards compatibility with
existing consoles and tools.
Enhancements:
=============
1. Redesign of Event/Audit log write-caching to use much less memory and
eliminate the hard-coded limit of 1000 entries per log.
Note: B57diag still has a hard-coded limit of 1000 entries per log.
2. Implement support for sensor reading conversion fields defined in the
Broadcom SMBIOS Extensions for Sensors specification v0.8. If the unit
conversion fields are not present, default conversion rules are applied
(and backwards compatible with previous firmware releases).
-------------------------------------
Version 1.23.0.11 - September 1, 2009
-------------------------------------
Fixes:
======
1. Problem (CQ 43424):
Introduced in v1.23.0.4 (Opaque Management Data / Active Directory
integration):
Unable to execute any WinRM commands with Negotiate authentication type
(i.e. Active Directory).
Cause:
Active Directory account enhancements changed internal account value,
and AP-REP generation code was not updated to match.
Change:
Fix check if AP-REP should be sent.
2. Problem (CQ 43356):
If an MCTP transmit retry was necessary (e.g. MCTP/SMBus was enabled on
a platform that doesn't support it), it was possible for a task context
switch to cause the task performing the MCTP request (e.g. a PLDM
numeric sensor reading) to enter a very long timeout loop possibly
causing the management firmware to stop responding to remote management
requests for a period of time (many minutes).
Cause:
A task switch could cause a timer register poll to miss the target
value and thus require a wrap around of the timer register value before
the task would continue servicing the request and allow lower priority
tasks to execute.
Change:
Disable interrupts while polling the timer register between MCTP retry
attempts.
Impact:
Problem only seen when MCTP was enabled on platform that doesn't support
MCTP, but in theory any condition that could have caused an MCTP retry
attempt could have triggered this issue.
3. Problem (CQ 43355):
Multiple concurrent PLDM sensor queries were not supported. e.g.
Attempting a B57diag 'apectl -q<n>' command while a simultaneously
enumerating CIM_NumericSensor instances remotely would cause some of the
queries to fail.
Cause:
Rather than serializing the PLDM requests, requests attempted while a
previous request was pending would immediately fail.
Change:
Serialize PLDM sensor reading requests before attempting to initialize
or reset the current PLDM request timeout timer.
----------------------------------
Version 1.23.0.9 - August 20, 2009
----------------------------------
Fixes:
======
1. Problem:
Introduced in v1.21.0.0 (fix #3), when deleting an account that is
the owner of one or more Opaque Management Data instances, an adjacent
Opaque Management Data instance would be over-written.
Cause:
Off-by-one error when updating the OMD instance meta data in NVRAM
(to clear the owner ordinal property value).
Change:
Now performing all OMD instance reads and writes by ordinal (static)
rather than by instance (dynamic) fixing this particular problem and
other potential problems that could occur when upgrading from v1.22.x.x
(or earlier) firmware whereby OMD instance configuration record storage
requirements have increased (to accommodate Active Directory support)
causing OMD instance records to potentially be re-ordered in NVRAM and
other issues similar to this one to occur (transiently).
2. Problem:
Only 4 (out of 16) NVRAM extended directory entries could be discovered
and utilized by the management firmware.
Cause:
Directory entry size calculation error.
Change:
Use correct directory entry size calculation.
Impact:
Since only 2 extended directory entries are currently supported (one
each for APE Event Log and APE Audit Log), this bug did not yet produce
any symptoms. If/when in the future we introduce and use more (than 4)
extended directory entry types, this bug would be a problem.
3. Problem:
When updating uninitialized configuration record header ordinal values
(e.g. when upgrading from firmware v1.22.x.x or earlier), if Account or
Role records are out of natural order (e.g. instance 0 was not ordinal
1), then incorrect ordinal values would be assigned to one or more
configuration header records.
Cause:
Assumption that Account and Role records would be stored in their
original/natural order and there would be no "holes" (e.g. no missing
instances in the middle of the ordinal sequence) at the time of upgrade.
Change:
Added special handling for Account and Role records to
bmcfgUpdateRecordHeaderOrdinals():
Propagate ordinal property value (now deprecated) to header ordinal.
Impact:
Since there has been an increase in the size of the Role record in the
past (pre v1.00), there is a remote possibility that a configuration
could exist with Role records out of natural order. More likely, but
still remote, is the possibility that one could have deleted/removed an
Account or Role instance from the middle of the sequence of Account or
Role configuration records
(e.g. using "bmcc delete -record=account -instance=0").
Enhancements:
=============
1. Treat the SMBIOS structure type 28 "Minimum Value" field as a signed
16-bit integer instead of unsigned 16-bit integer. This allows modeling
more realistic ranges for temperature probes via the CIM_NumericSensor
MinReadable property.
Note: This is a minor violation of the SMBIOS 2.6.1 specification and
prevents modeling a minimum value of 3272.7 degrees Celsius.
----------------------------------
Version 1.23.0.8 - August 13, 2009
----------------------------------
Fixes:
======
1. Problem (CQ 40293):
After assigning Opaque Management Data ownership from Administrator to
Active Directory account, the read/write functions will fail.
Cause:
Bug with negative permission case.
Change:
Ensure that the Active Directory account has the read/write privileges.
2. Problem (CQ 42075):
When logging on with Active Directory account associated with the
Operator role, still unable to see Opaque Management Data instances that
are under "Operator" or the Active Directory account with Operator
Roles. All subsequent remote management requests fail until the
management controller is reset.
Cause:
Infinite loop when checking permissions of Active Directory identities
when the checked permission is not present.
Change:
Eliminate the infinite loop possibility.
Impact:
Newly introduced in v1.23.0.4.
3. Problem (CQ 42983):
Unable to modify multiple BIOS properties simultaneously using BIOS
Management Profile.
Cause:
The PLDM response packets were larger than the MTU supported for MCTP
over SMBus.
Change:
Reduced the PLDM response buffer to 64 bytes.
4. Problem (CQ 43111):
Deleting and recreating an Opaque Management Data instance owner
account will have CIM_AssociatedPrivileges automatically associated with
the newly created account.
Cause:
Opaque Management Data instance read/write permissions were not being
removed for deleted accounts.
Change:
When deleting an account, clear the read/write permissions for the
associated account ordinal in all created Opaque Management Data
instances.
Enhancements:
=============
1. (CQ 42934)
Add ability to modify BRCM_NetworkTransmitFilterSet.SetDropCountEnabled
property value.
2. Optimized RMCP task stack utilization, decreasing stack usage from ~2K
to ~1K bytes during server initialization.
--------------------------------
Version 1.23.0.4 - July 31, 2009
--------------------------------
Fixes:
======
1. Problem:
Intermittent firmware crash caused by stack overflow in RMCP task upon
APE reset, indicated by B57diag 'apeinfo -t' output that includes
"fw: status=f0090300" and a "0" in the "min." column of the "RMCP" task.
Cause:
Insufficient stack size to accommodate all possible function call paths
during RMCP server initialization. Specific requirements to trigger the
crash have not been determined.
Change:
Increased stack size for RMCP task from 2048 to 2560 bytes.
2. Problem (CQ 42619):
Network quarantine service filter set, element creation does not return
correct EPR.
3. Problem (CQ 42630):
Cannot change BIOS attribute for attributes with names longer than
32 bytes using the CIM_BIOSService.SetBIOSAttribute() method.
Change:
Increased the attribute name string length supported to 64 bytes.
4. Problem (CQ 42704):
Changing the BRCM_OOBManagementADSettig.Password is not being written
correctly.
Cause:
Encoding of the contents of the OctetString string array as UTF-16 is
not advertised anywhere and the use of an OctetString provides no
advantages over the use of a string.
Change:
Change type of property to a string rather than an OctetString which
removes the ambiguity of character encoding.
Caveat:
Requires DashMgmtCon using updated BRCM_OOBManagementADSetting.mof.
5. Problem (CQ 42705):
Unable to view Opaque Management Data instances when logged on as
Operator role for Active Directory.
Cause:
Privilege check for OMD access did not account for Active Directory.
Change:
Add checking of AD roles and privileges to OMD access check.
6. Problem (CQ 42807):
DDR3 memory is reported as Unknown in CIM_PhysicalMemory.MemoryType.
Cause:
DDR3 was added to the SMBIOS specification in March of 2009 and this
change wasn't implemented in the firmware.
Change:
Added mappings defined in March 2009 release of SMBIOS specification.
7. Problem:
CIM_BIOSServiceCapabilities.MethodsSupported was represented as a Uint32
rather than a Uint32 array.
8. Problem (CQ 40293):
Unable to modify Opaque Management Data instances using Active Directory
authentication.
Enhancements:
=============
1. Added support for generating CIM_AlertIndications/WS-Events for PLDM
Platform Event Messages received for numeric sensors
(sensorEventClass == numericSensorState) using Platform Message Registry
v1.1 message PLAT0507.
2. Logged PLDM Platform Event Messages for numeric sensors are now
represented via CIM_LogEntry instances (queried using the Record Log
Profile).
3. Released binary firmware files are now $(CHIP)tm$(MAJOR).$(MINOR)[E],
where 'E' denotes "experimental" firmware. For example:
5761tm1.23E for experimental releases, and 5761tm1.23 for an official
release of v1.23.x.x.
4. Platform Registry Message -> Indication mapping update (for Registry
v1.1) for PerceivedSeverity and AlertType values.
--------------------------------
Version 1.23.0.0 - July 10, 2009
--------------------------------
Linked with TruManage SDK (v1.23.0).
This version should be used in combination with BMCC v1.23.0 and
BrcmMgmtAgent v1.23.0.
Fixes:
======
1. Problem (CQ 40452):
BMCC Log command will return successful when there is no log in NVRAM.
Cause:
No method available to pass low level success or failure result back
to host application (e.g. in this case, BMCC).
Change:
New BMCTRL Library and management firmware (v1.23.x.x) adds support
for event results that can be checked for success or failure. The
"log" and "clearlog" commands now check this result (when used with
firmware v1.23.x.x or later) and display "success" or "failure".
2. Problem (CQ 42357):
Authenticating via Active Directory would not transition the management
controller to "Provisioned Mode".
3. Problem:
Queried PLDM Numeric Sensor values not reported correctly (e.g. using
CIM_NumericSensor).
Cause:
Incorrect parsing of sensorDataSize value in GetSensorReading response
data.
Change:
Applied support for all sensorDataSize enumeration values defined in
DSP0248.
4. Problem:
Incorrect Content-Type (application/xml+soap) was used when POSTing
WS-Events.
5. Problem:
Network Quarantine Profile was being advertised as a DMTF profile at
v2.0.0 instead of a Broadcom profile at v1.0.0.
Enhancements:
=============
1. Advertise Simple Identity Management Profile v1.0.1 support (instead of
v1.0.0) in CIM_RegisteredProfile instance.
2. Allow PLDM Numeric Sensor reading via APE Event
(e.g. using B57diag "apectl -q<sensorID>" command).
3. Added support for receiving PLDM Platform Event Messages (over
MCTP/SMBus) and logging them to the NVRAM-based Event Log.
4. Added support for using the configuration field (SMBus Interface->
PLDM Sensor Aggregator SMBus Address) with PLDM Monitoring and Control
commands. Configure with BMCC "edit" or B57diag "mancfg" commands.
5. Removed and deprecated support for ASF Offline Mailboxes.
6. Improved memory copy performance in network stack.
7. Active Directory configuration CIM modeling via new classes:
* BRCM_OOBManagementADSetting
* BRCM_ADIdentity
8. Add read/write privileges for the Broadcom OOB Management Profile to the
provisioning privileges to allow full configuration of Active Directory
using the ProvisionConsole account.
9. Add firmware build flag to indicate experimental builds (builds that do
not go through the normal release and quality assurance procedures)
instead of relying on odd minor version numbers as an indicator.
For example:
v1.23.0.0E would be an experimental firmware build
and
v1.23.0.0 would be an officially released firmware build.
10. Optimize static data usage in firmware binary, reducing NVRAM storage
requirements by several kilobytes.
11. If CIM_Account.RequestStateChange() is invoked but no change to the
EnabledState was made, no Audit Log entry is created and no Life-cycle
indication/WS-Event is sent.
--------------------------------
Version 1.22.0.1 - June 12, 2009
--------------------------------
Fixes:
======
1. Problem (CQ 42008):
Importing a smaller SMBIOS structure table into a configuration record
set would result in a configuration that would trigger a warning
message when the 'bmcc verify' command was used to verify the
configuration record set.
Example:
!Warning: Record type 11 @00070: unused byte 07DF is non-zero (4A)
Cause:
A portion of the pre-existing, larger, SMBIOS structure table was left
in the configuration record (not zeroed-out).
Change:
In the BMCFG library bmcfgPutSMBIOSStructsRecord function:
Zero-out unused portion of SMBIOS structure table configuration record
when writing an SMBIOS structure table to the configuration record set.
2. Problem (CQ 41943):
Newly introduced in firmware v1.22.0.0:
On some systems, ASF/SMBus Push Alerts (e.g. fan failure, no memory)
were not logged or sent as PET/SNMP Traps by the management controller.
Cause:
The zeroing out of receive buffer in smb_readSlaveData() affected the
timing of the SMBus ARP transaction between the BIOS and MC causing the
SMBus ARP to fail. This causes the BIOS to fail to send ASF/SMBus Push
Alert message.
Change:
Moved the zeroing out of receive buffer in smb_readSlaveData() to only
clear on write call backs.
3. Problem:
If a role had the "Audit" privilege enabled for any profile other than
Record Log, a CIM_MemberOfCollection instance would be instantiated with
an invalid Member EPR value for each bit so set.
Impact:
This problem was only exposed when using an unusual/unexpected
configuration at this time.
4. Problem (CQ 41897):
Newly introduced in firmware v1.22.0.0:
All CIM_NumericSensor.CurrentReading properties contain zero values.
Cause:
PLDM for Platform Monitoring and Control implementation (specifically,
GetSensorReading command sensorDataSize enum) was updated to
match DSP0248 v1.0.0 and support for existing OEM-specific
GetSensorReading command was not retained.
Change:
Implement support for both DSP0248 standard (v1.0.0) and pre-standard
GetSensorReading sensorDataSize enum values.
5. Problem (CQ 41864):
Number of available Network Quarantine Service Transmit Filter Sets and
Elements are non-zero even when no supporting driver has been loaded
(we're advertising the capability when there in fact is no transmit
filtering capability).
Cause:
The theoretical maximum number of transmit filter sets and elements was
always being advertised, regardless of the driver version installed or
running (for initial testing and debugging purposes).
Change:
Only allow setting of NQS transmit filter sets and elements (advertise
a non-zero number of available transmit filter sets and elements) when
a NQS transmit filter capable driver has been loaded.
Enhancements:
=============
1. Added a special (currently unassociated) instance of CIM_Privilege
(InstanceID=BRCM:14.10000000f) which is the cumulative privilege for the
currently authenticated user.
This allows any console that is aware of the existence of this special
instance the ability to dynamically detect the detailed authorized
privileges of the currently authenticated user identity.
-------------------------------
Version 1.22.0.0 - June 5, 2009
-------------------------------
Fixes:
======
1. Problem (CQ 40673):
PET Messages received by the management controller via ASF/SMBus message
would be logged and/or transmitted with garbage in "Event Data" bytes.
Cause:
PET Messages received via ASF/SMBus may contain up to 5 bytes of Event
Data per the ASF specification. If fewer than 5 Event Data bytes were
included in the ASF/SMBus message, the remaining bytes would be contain
uninitialized (non-zero) values and all 5 Event Data bytes are always
logged and/or transmitted.
Change:
Zero-out SMBus receive buffer before receiving ASF/SMBus messages.
2. Removed support for CIM_OperatingSystem requested state values
"Shutdown" (4) and "Reboot" (10) since Version 1.0.0 of the OS Status
Profile does not mention them anymore as possible supported requested
states.
Enhancements:
=============
1. Transmitted PET messages now include initialed time-stamp (TimeTicks)
and Local Timestamp and UTC Offset values (when available) as
recommended by the ASF specification.
2. Problem (CQ 40564):
When switching ports (for the cable from the managed system) on some
Ethernet switches, traffic destined for the management controller would
cease to be forwarded to the managed system.
Change:
Send gratuitous ARP after Ethernet link up to force switch to relearn
MAC address in case of port change.
3. Increased maximum property string lengths in CIM_BIOS* classes from 32
to 64 characters.
4. Network Quarantine Service
This enhanced Broadcom TruManage feature is now supported via
BRCM_NetworkQuarantineService and associated classes. Receive filtering
is implemented in firmware and functional regardless of driver version
(or presence). Future Windows/NDIS driver releases will include support
for transmit filtering. When this firmware is used in conjunction with a
supporting driver, the transmit filtering capabilities will be
automatically modeled via CIM (i.e. no firmware update should be
required).
Explicit support in the TruManage DASH Management Console is also
pending. Any CIM Browser (including that in DashMgmtCon) may be used to
exercise this feature today.
-------------------------------
Version 1.21.0.0 - May 28, 2009
-------------------------------
Fixes:
======
1. Problem (CQ 41439):
DASHCLI application (part of the AMD Simfire DASH SDK) was unable to
start the Text Console Redirection service.
Cause:
The Text Console Redirection profile implementation did not follow the
DMTF profile specification in regards to the EnabledState property value
of the service and associated Service Access Points (SAPs).
Change:
Merge control of the service and SAP into the SAP instance to make it
easier for console to access all three profile defined states (active,
inactive, and available).
2. Problem:
Potential for long recovery times on unreliable TCP links where multiple
consecutive segments may be dropped (e.g. due to temporary loss of
Ethernet link).
Cause:
Recovery behavior of TCP stack based on logarithmic algorithm defined
in RFC2581.
Change:
Implemented RFC2582 ("New Reno") to allow fast recovery times on
unreliable TCP links.
3. Problem:
When a user account is deleted (remotely, using the Simple Identity
Management profile) any Opaque Management Data instances owned by that
account are then orphaned and will be automatically owned by the next
created user account, leading to potential information leak to an
unauthorized user account.
Cause:
Existing OMD instances were not checked or modified when user accounts
were deleted.
Change:
Set owner of OMD instances to an invalid identity when the owning user
account is remotely deleted. Only the Administrator may then manage
the orphaned OMD instance.
4. Problem:
MCTP/SMBus implementation fails stress test.
Issues include corrupted MCTP packets, SMBus interface Data line pulled
low, and SMBus interface Tx Underrun event.
------------------------------
Version 1.20.0.5 - May 7, 2009
------------------------------
Fixes:
======
1. Problem:
CIM_LogEntry.RecordFormat property value contained typo in
CIM_AlertIndication.OwningIdentity name ("Idenity").
2. Problem:
Some firmware progress event messages (from BIOS) were incorrectly
mapped to platform message registry ID 186 ("firmware hang")
instead of 188 ("firmware progress").
3. Problem (CQ 40723):
Secure RMCP keys would not be auto-generated to pseudo-random values
if remotely cleared (set to zero-length values).
4. Problem:
CIM method would fail if TimeoutPeriod was correctly specified
(i.e. has a child tag).
Change:
Fix detection of invalid extrinsic CIM method parameter combinations.
5. Problem:
Extrinsic CIM methods that do not accept any parameters could not be
executed via the Web/GUI interface (e.g. CIM_RecordLog.ClearLog()).
Enhancements:
=============
1. Added support for returning the SMBIOS Description field for SMBIOS type
27 (Cooling Device) in the CIM_NumericSensor.ElementName property value.
---------------------------------
Version 1.20.0.3 - April 17, 2009
---------------------------------
Fixes:
======
1. Problem (CQ 40638):
When updating property stream records, if the existing property stream
length was larger than the length required to store the properties
supported, existing property values may be truncated and some properties
not written or updated in in the record. This causes the newly updated
bmcfgVerifyBuf() routine to report an error with the effected record.
Cause:
BMCFG library did not handle the updating of larger than required
property stream records. This caused backward and forward compatibility
issues (e.g. the minimum os_info record size shrank from TruManage 1.1
to 1.2).
Change (in BMCFG library):
The data length of updated property stream records is dynamically
calculated based on the requirements of existing and added or updated
properties.
2. Problem:
When updating encrypted records or shrinking existing record data,
non-zero unused data bytes would be created.
Change (in BMCFG library):
When updating records, unused data bytes were not zeroed-out. If the
new data length was smaller than the existing data length, then the
stale (previously used) data byte values would remain.
Impact:
BMCC "verify" command will display warnings when non-zero unused data
bytes are detected in records (as of v1.20.3).
---------------------------------
Version 1.20.0.2 - April 16, 2009
---------------------------------
Fixes:
======
1. Problem (CQ 40407):
Firmware thinks driver and OS are not present when enabled via BMAPI
(e.g. using BACS or BMCC) after system resumes from S3.
Cause:
When firmware initializes, it immediately receives a "PCIe reset"
interrupt, so the firmware thinks the system has been ungracefully
reset (thus the driver and OS cannot be present).
Change:
When firmware initializes, reset the "PCIe reset" interrupt status
so that PCIe resets that occurred prior to the firmware being
loaded will not trigger the interrupt.
Impact:
This was the root cause of this defect. The change in the previous
version was just a work-around for one symptom of this problem.
2. Problem (CQ 40571):
Unable to create a new account using web (HTML) interface.
Cause:
Regression of "create" intrinsic method support using web interface.
3. Problem:
Resuming from S3 on some systems causes PLDM sensor communications to
fail.
Cause:
Power-state change interrupt only occurs when transitioning to S3 on
some systems. If this interrupt occurs, we clear a BIOS state flag that
indicates the system is capable of PLDM communications and the flag will
not be reset until the system goes through POST again.
Change:
Clear the "PLDM ready" BIOS state flag only when we transition to Vaux
and the current power state (as reported via ASF "Set System State"
SMBus message) is not S3.
4. Problem:
Updating corrupted property stream records could cause corruption of
adjacent configuration records.
Cause:
The BMCFG library did not sufficiently validate the length of
properties to be updated in property stream records before updating
their values, so updating the properties of corrupted (e.g. falsely
decrypted) property stream could cause adjacent records to be
corrupted.
Change:
The BMCFG library now validates the lengths of properties before
updating their values in configuration records thus preventing
corrupted property stream records from causing the corruption of
adjacent records (headers and data) in the configuration record set.
---------------------------------
Version 1.20.0.1 - April 10, 2009
---------------------------------
Fixes:
======
1. Problem (CQ 40318):
20 character text log entries (e.g. created using B57diag "apelog -l")
would contain garbage (usually "HEAD") in CIM_LogEntry.RecordData
property value.
Cause:
Assumption that all text entries are zero-terminated.
Change:
Only use the first 20 non-zero characters of text log entries when
forming the CIM_LogEntry.RecordData property values.
Impact:
Text log entries are currently used for debugging/testing purposes only.
The B57diag "apelog -i" command had a similar problem with displaying
text log entries that has also been fixed.
2. Problem (CQ 40407):
BSOD seen when enabling manageability via BACS (or presumably via BMCC).
Cause:
RSS enabled bit in MAC register is being turned off by firmware during
initialization causing MAC to enter an erroneous state.
Change:
Use read/modify/write when initializing MAC mode registers in OS/driver
absent case of firmware initialization.
Impact:
Numerous problems arise if the driver is already loaded when
manageability is enabled and the management firmware initialized (e.g.
using BmapiSetMgmtEnableState). The complete solution is to have BMAPI
reload the network controller driver whenever manageability is enabled
or disabled.
3. Problem (CQ 40483):
Network controller doesn't get link after system entering S3 with
manageability enabled and forced link speed at switch.
Cause:
Firmware did not advertise half duplex when supporting Lowest Speed
Advertised setting, so when link partner is set to a forced speed, no
link could be established.
Change:
Advertise both half and full duplex when link speed is set to Lowest
Speed Advertised.
4. Problem (CQ 40500):
Remote firmware update (using Software Update profile) will cause
directory checksum error in NVRAM (e.g. using B57diag 'sechksum'
command).
Cause:
Firmware bin image size was added to NVRAM directory entry, but
directory checksum was not recalculated when performing remote firmware
update.
Change:
No longer store bin image size in NVRAM directory entry (not necessary).
5. Problem:
When the NIC is reset (e.g. when the system power button pressed for 4
seconds to force an ungraceful system power-down), the current date/time
tracked in the management controller would be incorrect (possibly
jumping by as much as 13.5 years) causing different issues, including
the failure of Active Directory authentication.
Cause:
The power-on-reset timer is reset (to 0) but shared memory contents are
retained.
Change:
During firmware initialization, if the hardware tick value stored in
shared memory is greater than the current power-on-reset timer value,
don't use the value stored in shared memory to compute the current
date/time.
6. Problem:
Some management configuration records that may be optionally encrypted
(e.g. RSP, WS-Event Subscriptions), if modified via the management
firmware, would be automatically reverted to unencrypted records.
Cause:
Accidental stripping of configuration record encryption attribute flag.
Impact:
User account, private key, and OMData instance records were not
affected by this problem.
7. Problem:
BIOS Attribute Pending Value Table configuration record (type 0x18)
was no longer encrypted by the management firmware.
Cause:
Accidental stripping of configuration record encryption attribute flag.
8. Problem:
With "wake on interesting packet" enabled in the network driver and DHCP
enabled in the management firmware, an OS transition to S3/S4 could
result in the system being immediately woken back up.
Cause:
When the driver unloads, link may be lost for 4 or more seconds causing
the firmware to renegotiate the DHCP lease. The response received from
the DHCP server is detected by the network controller as an "interesting
packet", so the system is woken.
Change:
Increase from 4 to 8 seconds the amount of time that link must be lost
(in OS absent state) before the firmware's DHCP lease will be considered
invalid and thus renegotiated when link is reestablished.
Caveat:
Eventually the DHCP lease will be renegotiated by the firmware, thus
waking the system unexpectedly. It's likely that when manageability and
"wake on interesting packet" are both enabled simultaneously, the system
is going to be woken from S3/S4 unexpectedly under many scenarios (DHCP
or not). The best solution is to disable the wake on interesting packet
driver setting whenever manageability is enabled.
Enhancements:
=============
1. If Secure RMCP is enabled, but the data integrity key (Kg) or either
of the authentication keys (Ko or Ka) have not be set, the keys will now
be generated using pseudo-random values and stored in the RSP
management configuration record when the RMCP server is started or
recycled (e.g. due to configuration change event).
Impact:
This change prevents the unintended consequences of enabling Secure RMCP
without setting any of the Secure RMCP (RSP) key values: allowing remote
RMCP authentication (and potential remote control) using uninitialized
(zeroed) key values.
2. Current ASF watchdog timer value is now included in the reserved bytes
of the RMCP system state response.
Impact:
Helpful in the remote debugging of ASF watchdog timer issues.
---------------------------------
Version 1.20.0.0 - March 31, 2009
---------------------------------
Fixes:
======
1. Problem (CQ 40128):
After a time zone change (e.g. Daylight Saving Time going into effect),
Record Log entries (CIM_LogEntry instances) may show incorrect
CreationTimeStamp property value.
Cause:
Event and Audit log records were stored in NVRAM with the time of the
event stored as the current local time (rather than UTC). Since the
value of the system's time zone bias may change (e.g. when Daylight
Saving Time goes into effect), the CreationTimeStamp value would
represent the current wall-clock time at the time of the event, while
the UTC offset included in the CIM DateTime value would represent
the current time zone at the time of the query by the management
console.
Change:
When the current system time zone is known, store Event and Audit Log
record time stamps with the current time in UTC. When sending the
CIM_LogEntry.CreationTimeStamp value for such entries, use the UTC
representation (use the local time zone representation otherwise).
Caveat:
If the current system time zone is not known at the time of an event
(e.g. there has been no "one good boot" where BrcmMgmtAgent has run),
and the system's real-time clock (RTC) is programmed for local time,
then log records will be stored with the local time as the time stamp.
In the case where the time stamp of log records are stored as the local
time, the CIM_LogEntry.CreationTimeStamp may still be incorrect when
retrieved by the management console.
It is up to the management console to convert UTC CIM DateTime values
to local time representation if that is desired.
2. Problem (CQ 40161):
Unable to delete one-time boot option configuration using the Boot
Control profile.
Cause:
Firmware was not allowing the ModifyInstance() on the
CIM_ElementSettingData.IsNext with the associated CIM_BootConfigSetting
class from IsNextForSingleUse to IsNotNext.
Change:
CIM_ElementSettingData.IsNext with associated SettingData of
CIM_BootConfigSetting can now be modified from IsNextForSingleUse to
IsNotNext. This will cause the pending attribute value to be deleted.
This change only applies to the one-time boot configuration.
Impact:
Requires DashMgmtCon version 1.2.1 or later. Refer to CQ 40085.
3. Problem (CQ 40185):
Unable to enumerate any instance after 5 minutes of operation using
Active Directory authentication.
Cause:
After the Kerberos replay cache filled up, each failed authentication
attempt would leak about 256 bytes of memory. Eventually, all available
heap memory was used up, resulting in an inability to create new RC4
contexts and preventing all Active Directory authentications.
Change:
Create and use a function to clean up negotiation contexts correctly.
4. Problem (CQ 40202):
Unable to execute extrinsic methods when using Active Directory
authentication.
Cause:
Some extrinsic methods were verifying privileges assuming that the
authenticated identity was a local user account.
Change:
Pass current privileges (of the authenticated Role) to the
class-specific method invocation functions.
Caveat:
Opaque Management Data is still not supported using Active Directory
authenticated sessions.
5. Problem (CQ 40010):
Unable to authenticate using Active Directory and Internet Explorer 7.
Unable to authenticate against Windows 2008 Active Directory Server.
Cause:
Windows 2008 and Vista have an AuthorizationData section in their
Authenticator in addition to the MS-PAC. Any AD-Type other than MS-PAC
(128) would result in failed authentication.
Change:
Ignore IF-RELEVANT blocks with AD-Types other than 128 rather than fault
on them.
Caveat:
When using IE7/WinRM/DashMgmtCon on a Vista or Win2k8 system, you must
use a hostname of the target rather than the IP address. When using XP,
the IP address of the target will work.
----------------------------------
Version 1.19.0.11 - March 20, 2009
----------------------------------
Fixes:
======
1. Problem (CQ 40005):
Unable to execute WinRM commands with Active Directory authentication.
e.g. winrm id -r: http://192.168.0.1 -a:negotiate -u:user -p:pass
will display an error message saying the client is not enabled for
negotiation authentication.
Cause:
AP-REP response was generated incorrectly: the cipher field was
incorrectly identified as the kvno field in the enc-part field of the
AP-REP. Also, winrm requires a zero-length response to its zero-length
request during authentication.
Change:
Fix AP-REP generation and return zero-length responses to zero-length
requests when negotiate authentication is used.
Impact:
WinRM now works using "-a:negotiate" over HTTPS and WinRM now works
unencrypted (using "-a:negotiate -un") over HTTP. WinRM/Kerberos
encryption over HTTP remains incompatible with the management firmware.
2. Problem (CQ 40079):
CIM_LogEntry.ElementName is not unique for new entries following a
CIM_RecordLog.ClearLog method invocation or overwrite (WrapsWhenFull).
Cause:
When constructing the ElementName property value, the oldest currently
stored entry in the log was always numbered 1.
Change:
Log entry number in CIM_LogEntry.ElementName property now tracks
CIM_LogEntry.RecordID property, which is a unique identifier among
all entries in the log, current log entries and cleared log entries.
3. Problem:
TLS and Active Directory/Negotiate times (in UTC/GMT) were incorrect.
Cause:
Current time zone bias was not applied correctly.
Change:
Apply the current time zone bias correctly to calculate the current GMT.
4. Related to CQ 39405:
Check driver Vaux speed setting when transitioning to Vaux.
5. Problem (CQ 40017):
Host (e.g. NDIS) drivers with 4-part version numbers (e.g. 12.0.0.5)
were not represented fully in the associated CIM_SoftwareIdentity
instance.
Cause:
The existing communication mechanism between the driver and the
management controller only supports a 3-part (24-bit) version number
because at the time of definition, all drivers were released with
3-part version numbers.
Change:
Added host driver build number (upper 8 bits of driver_behavior field)
to communication interface to support 4-part version number for host
driver.
Impact:
Only drivers that support the updated communication interface will have
their 4-part version number correctly identified in CIM_SoftwareIdentity
instances.
6. Problem (CQ 40045):
When performing a remote firmware update using the CIM Software Update
profile, the DashMgmtCon takes a long time (e.g. 5 minutes) to timeout.
Cause:
The management controller is immediately reset after the firmware is
successfully updated. In previous versions there was an indeterminist
delay, up to one second, before the management controller was reset.
This delay allows the DashMgmtCon to see the CIM_ConcreteJob
instance change state from running to complete. With the elimination
of this delay in FW v1.19.0.10, the DashMgmtCon failed to see the
associated CIM_ConcreteJob instance change state. The DashMgmtCon
will continue polling even after the reset is completed and
CIM_ConcreteJob instance is no longer in existence. The DashMgmtCon
times out after 5 minutes or so and gives up.
Change:
Added a 1.5 second delay after the firmware is successfully updated and
before the management controller is reset. This provides a higher
probability that the console will see CIM_ConcreteJob instance change
to the completion state. This does not solve the issue,
it just reduces the symptom (DashMgmtCon may now see the CIM_ConcreteJob
status change before the reset occurs, depending on its polling
frequency, network latency, etc.).
7. Problem:
Corrupted or outdated PLDM for BIOS structures stored in NVRAM could
cause the management firmware to crash.
Cause:
Insufficient PLDM for BIOS parameter value validation.
Change:
Added additional PLDM parameter value validation to PLDM for BIOS
library.
Enhancements:
=============
1. Active Directory/Negotiate authentication:
A. Validate client-supplied times, if received.
B. Implement replay protection cache.
C. Add SPNEGO-Kerberos SecurityIdentifers to WS-Man Identify response.
D. Disallow negotiate authentication when date/time has not been set.
2. When a server CA cert has been imported into the management controller
configuration, advertise mutual HTTPS/TLS only in WS-Identify response.
When it is not present, do not advertise mutual TLS.
----------------------------------
Version 1.19.0.10 - March 13, 2009
----------------------------------
Fixes:
======
1. CIM_AlertIndication.OwningEntity property value for Indications is now
just "DMTF" (based on pending DMTF message registry changes).
2. Problem (CQ 38042):
Error when deleting all privileges from a role using DashMgmtCon.
3. Problem (CQ 39858):
CIM_LogManagesRecord association for Audit Log shows CIM_RecordLog
as "Event Log".
4. Problem (CQ 39923):
Executing winrm USB redirection commands will cause an erroneous
Audit Log entry: "Bad account #0 failed authorization..."
5. Problem:
One profile erroneously had CIM_ElementConformsToProfile associations
with all instances of CIM_RegisteredProfile as well as the central
class(es).
6. Change the CIM_PhysicalMemory.Speed property value (from 0xffffffff
to 0) when the current speed is "unknown" as per current proposal
in DMTF PPP-WG.
7. Problem (CQ 39924):
Audit log entries generated from ProvisionConsole user will show as
"Bad Account".
8. Pending Event and Audit log entries are flushed to NVRAM before a
graceful management controller reset or shutdown event.
9. NULL bytes were included in HTTP Authentication-Info header after digest
nonce times out.
Enhancements:
=============
1. Eliminate the (up to) one second delay before processing deferred APE
events (e.g. configuration change, set date/time, ping, driver state
change, add log entry).
Note:
This change also allows more than 7 host-generated log entries
(e.g. using B57diag "loop X apelog -ltext") to be sent in rapid
succession.
2. Event "Log Full" indications now follow the architecture specification:
sent for the first message that fills the log only, unless log is
configured to never-overwrite, in which case one is sent for every
non-logged event.
3. Event "Log Almost Full" indications are only sent when the log is
flushed to NVRAM (by default, at most every 5 seconds) and the log is
between 90% and 99% full. You'll no longer receive an indication for
every successive log message (unless they are sporadic in frequency).
4. Related to CQ 39405:
Use driver VAUX/WoL speed setting if available.
5. Added support for SPNEGO-based Kerberos Authentication (RFC4559) for
Microsoft Active Directory-based authentication and authorization.
--------------------------------
Version 1.19.0.9 - March 6, 2009
--------------------------------
Fixes:
======
1. Problem (CQ 39848):
Audit Log entry RecordData property contains (as an example):
"Unknown (unknown) created account user: 0 ()".
Cause:
Audit Log event data was being treated as an ASCIIZ string instead
of a binary structure (and thus truncated at the first 0x00 byte)
at the time the event was logged.
Change:
Fixed the log even type checking in the event_log library.
2. Problem (CQ 39847):
When taking an account offline, no audit log entry will be generated.
Cause:
No audit log message had been defined for this specific account
management operation.
Change:
Added an audit log message definition (and code to generate such) for
this operation.
3. Problem:
CIM_LogEntry.CreationTimeStamp property was missing/NULL instead of
unknown ("**************.******") when the current date/time was not
known at the time the event was logged. The DMTF Record Log profile
mandates that this property exist.
4. Problem:
Wrong CIM mapping XML namespace:
http://schemas.dmtf.org/wbem/wsman/1/common.xsd
instead of:
http://schemas.dmtf.org/wbem/wscim/1/common
5. Problem:
WS-Identify response not conformant with pending XSD.
Change:
Move TruManage tags to before SecurityProfiles as per wsmanidentify
XSD currently under ballot.
6. Problem:
No associations existed for unassigned CIM_Privilege instances.
Change:
Associate privileges to CIM_RoleBasedAuthourizationService.
7. Problem:
Authorization failures caused an incorrect InvalidValues fault to be
returned in a put response.
Cause:
Incorrect fault specified for Authorization failure returns from _set()
function
Change:
Authorization failures now return an AccessDenied fault.
--------------------------------
Version 1.19.0.8 - March 4, 2009
--------------------------------
Fixes:
======
1. Problem (CQ 39702):
Event log Indication is not sent when Event Log is cleared or 90% full.
Cause:
When using the B57diag 'apelog' commands to manipulate the Event Log
(e.g. add events, clear the log), the firmware did not generate CIM
Indications. This behavior was intentional but has been changed in this
release (see Change B below).
When executing the CIM_RecordLog.ClearLog() method remotely, the
appropriate "Log Cleared" indication was sent successfully (could not
reproduce this aspect of the reported problem).
When the Event Log was 90% full and a new event was logged by the
firmware a "Log Almost Full" indication was not sent because the
corresponding Platform Message Registry entry (204) was missing from the
firmware's event-to-message mapping table.
Changes:
A. Added the "Log Almost Full" message to the event-to-message mapping
table.
B. Log manipulations from the host (e.g. using B57diag 'apelog'
commands) will now generate the relevant indications (e.g. Log Almost
Full, Log Full, and Log Cleared) when appropriate.
Impact:
Event Log only (Audit Log changes never result in indications being
sent).
2. Problem (CQ 39720):
Firmware heartbeat ticks get stuck and stops incrementing when remote
booting with "Boot Progress Events" and "Event Log" enabled on an PXE
enabled NIC.
Cause:
Deadlock occurs while Event Log flush.
Change:
Don't flush the Event Log to NVRAM while an option ROM write delay is
pending.
3. Problem (CQ 39770):
Remotely adding/editing accounts or roles does not generate an Audit
Log record.
Cause:
The Audit Log implementation was not complete at the time of the last
release.
Change:
Audit Log records are now created for remote account modification, role
modification, and authorization failures.
Enhancements:
=============
1. (CQ 39405)
Added "Lowest Speed Advertised" option for VAUX Link Speed.
------------------------------------
Version 1.19.0.6 - February 13, 2009
------------------------------------
Fixes:
======
1. Fix the use of the CreateInstance intrinsic for
CIM_OpaqueManagementData. Previously, nobody could invoke it.
2. Include WS-Transfer XML namespace in SOAP faults in case of
wxf:InvalidRepresentation
3. Return InvalidValues fault when a value is invalid.
4. Error out the CIM_ConcreteJob if the URI is unparsable. Previously,
the ConcreteJob would never complete or error on an invlaid URI.
5. Add support for the InvalidNamespace fault detail required by
OpenTestMan.
6. Parse ALL xml namespace declarations before parsing the tag name.
7. Fix enumeration of CIM_Container. The Physical Asset Profile has been
broken since 06/24/08
8. Ensure there is more than one association with each non-association
instance.
9. CQ 38818
10. Set failure set on CIM_ConcreteJob when host fails to resolve.
11. When the current time is unknown, return "**************.*****" as
the CIM_DATETIME value.
12. CQ 38599
13. Sort property names by ASCII value as per XSDs.
Enhancements:
=============
1. Option to disable support for anonymous WS-Identify requests on the
/wsman URI (to avoid warning in DMTF DASH CTS).
Impact:
Enabling this option prevents some DASH management consoles from being
able to discover the MAP.
2. Added support for "receive all IP fragments" advanced option
(default: disabled).
3. Added support for new DHCPv6 configuration settings (e.g. DUID, Vendor
enterprise number and class).
4. Added Audit Log support (using DMTF Record Log CIM profile).
Uses Broadcom-defined plan-text log record data.
Requires Audit permissions (e.g. Auditor Role).
5. Added Event Log support (using DMTF Reocrd Log CIM profile).
Uses DMTF-defined Platform Message Registry log record data
(in CIM_AlertIndication format).
------------------------------------
Version 1.14.0.0 - November 21, 2008
------------------------------------
Fixes:
======
1. Problem (CQ 38323):
Disk I/O errors while booting from USB-redirected Win2kPro ISO image.
Cause:
When performing stress tests, ASF, and WS-Man requests cause management
controller to be very busy. USB redirection task was not able to update
MSD state after sending USB MSD CSW before task is swapped out, which
causes next USB request to not process correctly.
Change:
Increase USB task priority. Update MSD state before enable interrupt.
2. Problem (CQ 38376):
Unable to access USB-redirected ISO image when rebooting.
Cause:
When USB MSD read is active while rebooting, MSD IN endpoint FIFO has
left over data. The first INQUIRY command after booting will receive
garbage data.
Change:
Flush MSD IN endpoint FIFO, after system reset.
Impact:
Correct INQUIRY response allow BIOS to select USB as one of bootable
device.
3. Problem (CQ 38517):
Firmware hang when setting PET destination target to hostname and
either the DNS server only returns IPv6 address when firmware preference
is set to IPv4, or DNS server only returns IPv4 address when firmware
preference is set to IPv6.
Cause:
When none of DNS response records are preferred, firmware dereferences
an invalid pointer.
Change:
Rewrite end of DNS record detection logic.
4. Problem (CQ 38673):
Missing DHCP discovery packet if management controller is powered-on
while Ethernet link is still being negotiated.
Cause:
DHCP discovery is not sent out, if link is not yet up.
Change:
DHCP discovery retry include link down condition.
5. Problem:
A PullResponse ending the operation would include both the EndOfSequence
and an EnumerationContext
Cause:
Enumeration MaxElements was not removing the enumeration context when
the end of the enumeration was reached.
Change:
Do not include enumeration context with end of sequence for
PullResponse.
Impact:
Problem introduced in v1.11.0.0 (Enhancement #1).
6. Problem:
CIM_Fan.OperationalStatus would never show the fan as OK (even when it
was).
Cause:
SMBIOS cooling device status was incorrectly mapped to CIM.
When the cooling device status was OK, it would be represented in CIM
as 3 (Degraded).
Change:
Changed cooling device status to 2 (OK) when represented as OK in
SMBIOS.
7. Problem:
USB Redirection failures after numerous HTTP sessions.
Change:
Instead of using a random TCP port number, use the next port in the
Dynamic and/or Private Ports range.
Impact:
Only occurred when HTTP server limits number of requests per session.
8. Problem (CQ 38515):
The first 3 fields of the GUID/UUID value included in transmitted PET
packets and CIM payloads was in little endian byte order instead of
network byte order.
Impact:
Requires B57diag v11.76.07 or later to support Zero-touch Provisioning.
9. Problem:
OpenTestMan would hang during power change testing.
Cause:
Potentially, the maximum TCP retry interval would pass while link was
down during a power reset. This would cause the firmware to list the
connection as closed. Since OpenTestMan has no HTTP timeout,
OTM would continue to wait forever for the response.
Change:
Wait for link to be established before sending any data.
Impact:
TCP connections on a computer connected to the firmware
which have no timeout and don't use a keep-alive mechanism
would appear to hang.
10. Problem:
When static IPv6 address is NULL, all zero IPv6 address is attached to
network interface.
Change:
If static IPv6 address is NULL, do not attach NULL address to interface.
Enhancements:
=============
1. (CQ 38178)
Do not allow URI for USB Redirection to be set unless USBRedirectionSAP
is disabled.
2. Include additional identifying information types for CIM_ComputerSystem
from DSP1052, CIM:MAC, CIM:Tag, and CIM:Model:SerialNumber.
3. Added Unicode support for PLDM BIOS String table.
4. Added UTF-16 support for CIM_BIOSString CIM_BIOSPassword.
5. Include dummy timeout values for CIM_USBDevice and CIM_USBRedirectionSAP
property values: CommandTimeout, ResetTimeout, and SessionTimeout.
6. Model the Administrator role as a "static" role:
Set a value of 2 (Static) in CIM_Role.RoleCharacteristics property to
roles with the admin flag set. Fail ModifyRole() on admin roles.
7. Support the SuperUser privilege flag for the Role Based Authorization
and Simple Identity Management profiles.
For RBA, require the SuperUser privilege for the following:
- Invoke CIM_RoleBasedAuthorizationService.ModifyRole()
- Invoke CIM_RoleBasedAuthorizationService.AssignRoles()
For CIM_RoleBasedAuthorizationService and CIM_Role, SuperUser implies
read, write and execute privileges.
For SIM, require the SuperUser privilege for the following:
- Modify any property except password for your own CIM_Account
- Modify any property of another CIM_Account
- Create/Delete/Disable accounts
The "ProvisionConsole" pseudo user has the SuperUser privilege for RBA
and SIM profiles.
-----------------------------------
Version 1.12.0.0 - October 30, 2008
-----------------------------------
Fixes:
======
1. Problem:
A reboot loop could result from a change boot order performed on the
one-time boot configuration with un-bootable boot source specified.
Cause:
Fix for CQ 37995 introduced in v1.11.0.1.
The failed boot will reset the management controller while an
NVRAM-write is pending.
Change:
Revert Fix #2 (CQ 37995).
-----------------------------------
Version 1.11.0.1 - October 29, 2008
-----------------------------------
Fixes:
======
1. Problem:
AssociatedInstance queries were only returning the odd numbered
instances in the sequence.
Cause:
Enumeration optimization feature did not correctly set the last
traversed association instance to the last successful one.
Change:
Correct tracking of last traversed association.
Impact:
Problem introduced in v1.11.0.0 (Enhancement #1).
2. Problem (CQ 37995):
BIOS Error/hang if NVRAM write occurs during option ROM
initialization.
Cause:
When management firmware performs NVRAM write, it takes 10 milliseconds
to erase block for certain Flash part. If during this period of time
system is accessing PXE option ROM space, timeout will occur which
result in incorrect data.
Change:
Avoid NVRAM writes during system boot when PXE option ROM is enabled.
DASH firmware will check PXE enable config flag when PCIE reset occurs.
If PXE option ROM loading is supported, stop any new NVRAM write until
one minute timeout or receipt of OPTION_ROM_STARTED APE event.
3. Problem (CQ 38186):
DHCP6 enabled but DHCP6 solicit packet is never transmitted.
Change:
Retry up to 3 times with 1 second delay, to allow link local address
duplicate address detection to complete, so DHCP6 solicit packet can be
sent.
Impact:
Problem introduced in v1.11.0.0 (Problem #5).
Enhancements:
=============
1. CQ 38178
Do not allow URI for USB Redirection to be set unless USBRedirectionSAP
is disabled.
Previously, the URI could be remotely changed at any time. This could
cause issues such as when booting to a WinPE ISO image (e.g. changing
the URI while booting caused BSOD).
2. TAHI IPv6 conformance test:
Retry sending of IPv6 RS packet until max retry limit reached.
-----------------------------------
Version 1.11.0.0 - October 24, 2008
-----------------------------------
Fixes:
======
1. Problem:
Limited number of sequential SSH connections supported.
Cause:
Memory leak in security library.
Change:
Update to latest version of security library with fix.
2. Problem (CQ 38113):
Firmware stops functioning after transitioning from OS-present to
OS-absent with DHCPv6 enabled and no network link.
Cause:
Null pointer dereference in DHCPv6 lease change code caused
firmware exception (APE "firmware status" value of 0xf0090300).
Impact:
Problem would not occur if BrcmMgmtAgent was installed and running
since this would automatically disable DHCPv6 under this condition.
3. Problem:
SOAP request failure:
When a tag in the default XML namespace defines a new XML namespace
prefix, but does not redefine the default XML namespace, the XML tag
error tracking would loose sync with the XML causing all following
tags to be considered invalid until a tag stack error occurred
(usually at the end of the XML tag which triggered the issue).
4. Problem:
For CIM_BootConfigSetting.ChangeBootOrder(), the PLDM mode should be
OrderedAndLimitedFailThrough instead of OrderedFailThrough.
Impact:
Requires BIOS to support PLDM OrderedAndLimitedFailthrough mode.
5. Problem:
TAHI IPv6 Duplicate Address Detection (DAD) testing failure.
Cause:
Takes a little bit of time to link up, and DAD packet was sent too
early.
Change:
Retry sending of IPv6 DAD NS packet until successful.
Enhancements:
=============
1. Optimized WS-Management enumeration support:
Send multiple items per response when supported by the management
console.
Impact:
Significant reduction in total number of packets and time required for
complete enumeration in most cases.
2. TAHI IPv6 conformance test:
Added support for APE events to transmit PMTU and ICMP packets required
by TAHI IPv6 "host" test suite.
3. TAHI IPv6 conformance test:
Added support for "Receive ALL Packets when OS-absent" Advanced setting
for IPv6 Ready phase-2 "host" logo certification testing.
Impact:
Requires updated B57diag or BMCC to enable this option (defaults to
disabled).
-----------------------------------
Version 1.10.0.3 - October 17, 2008
-----------------------------------
Fixes:
======
1. Problem (CQ 38000):
Missing SMBIOS-dependant CIM profiles after performing reboot & reset
methods from Base Desktop & Mobile profile.
Cause:
If the SMBIOS structure table has changed, the SMBIOS meta-data is
transferred (via PLDM) after the SMBIOS structure table. If the SMBIOS
structure table record and the meta-data record are out of sync, the
SMBIOS structure table is not used. After a PLDM SMBIOS transfer, the
tables are being reparsed, but not after a meta-data update.
As a result, a changed SMBIOS structure table would not be used until
after the next configuration change despite the SMBIOS and meta table
in the configuration and NVRAM being in sync.
Change:
Parse the system tables after an SMBIOS meta-data update via PLDM.
Impact:
Problem only occurred on systems that use PLDM for SMBIOS data transfer.
2. Problem (CQ 37908):
When management controller is configured to use DHCP no DHCP server is
online, the next IP/IPv6 configuration change will not take immediate
effect.
Impact:
DHCPv4 only.
3. Problem (CQ 37892):
Cannot boot to WinPE2 image successive times via USB Redirection using
HTTP-Digest authentication.
Cause:
Digest authentication credential cache issue.
Change:
Instead of basing the decision to re-send the request on the previous
success of authentication, base it simply on the existence of
credentials.
Impact:
Authenticated USB Redirection over HTTP or HTTPS sessions only.
4. Problem (CQ 37870):
Cannot boot to WinPE2 image successive times via USB Redirection.
Cause:
When Vista PE finishes booting and Vista USB driver is initializing,
USB bus is still busy with read command. USB driver issues a reset on
USB bus (equivalent to pull USB cable). USB redirection task is stuck
at processing read data.
Change:
When a new USB MSD command is received, drain out old read data if USB
task is still processing previous read command.
----------------------------------
Version 1.10.0.2 - October 8, 2008
----------------------------------
Fixes:
======
1. Problem (CQ 37443):
Firmware crashes while copying a DVD image (4.3GB) onto the local HD
via USB Media Redirection.
Cause:
Not root-caused, but suspect concurrent access to shared HTTP client
resources caused corruption.
Change:
Remove concurrent access to HTTP client resources for USB redirection.
Impact:
USB Media Redirection feature.
2. Problem (CQ 37791):
Firmware USB redirection task hangs when accessing ISO image over
Internet.
Cause:
When using web server over internet for USB redirection, sometimes a
read request takes a long time to complete or read timeout due to not
receiving response. USB host will issue device reset or MSD reset to
abort the command. Under certain timing, USB task will be blocked
forever waiting for USB ready to send next batch of read data, however
USB state machine already aborted read command.
Changes:
When USB host issues device reset or MSD reset, wake up blocking USB
task and abort current command.
Reduce HTTP read timeout from 30 seconds to 4 seconds for faster read
failure response.
Impact:
USB Media Redirection feature.
3. Problem (CQ 37834):
Extra DCHPv4 request is observed after DHCP renewal (after driver
unload).
Cause:
Routine that handles transition from OS present to OS absent setup a
redundant timer.
Change:
Eliminate redundant timer.
Impact:
DHCPv4 lease renewals after transitioning from OS present to OS absent.
----------------------------------
Version 1.10.0.1 - October 2, 2008
----------------------------------
Fixes:
======
1. Problem (CQ 36207 revisited, again):
Change:
Default DTR timeout increased from 2500ms to 5000ms.
DTR timeout value is now configurable (in milliseconds).
Monitor DTR option is now disabled by default.
Impact:
Fix only applies to configurations with the "Monitor DTR" console
redirection option is enabled.
Power-resets can take as long as 20 seconds, so the "Monitor DTR" option
is recommended to be disabled.
2. Problem (CQ 37529 and 37558):
Attempting to boot to a USB Redirection ISO image over HTTPS is
extremely slow or results in the system hanging.
System intermittently bypasses boot to USB Redirected image (over HTTPS)
and proceeds to next bootable device.
Cause:
When a socket connection closes, read routine would block for 30 seconds.
After open and close connection for about 30 times, new connection can't
be opened due to receive filter leak.
3. Problem (CQ 37628):
Unable to manage User Accounts and Roles using "ProvisionConsole" login.
Cause:
ProvisionConsole privileges incorrectly specified to exclude execution
rights.
4. Problem (CQ 37649):
BSOD while booting to a WinPE image over USB Redirection.
Cause:
When switching from Windows progress bar to window, there is a few
seconds of no activity. Web Server will send a TCP FIN to close down its
end of connection. On next read, we are using half closed socket, so
read fails. Normally read failure is not an issue, as OS will retry, but
during WinPE booting, there is no retry, so blue screen.
5. Problem (CQ 37677):
Attempting to invoke an unimplemented method with at least one parameter
specified will crash firmware.
Cause:
NULL dereference after failed parameter initialization.
6. Problem (CQ 37663):
Some Registered Profiles do not enumerate when APE FwUpdate is not
programmed.
Cause:
Missing break statements in cim_registeredprofile_get case statements,
so registered profile instance dependency checks fell-through to include
dependency checks for *other* registered profiles. This problem was
actually introduced back in June with the OS Status profile being
dependant on the Indications profile.
7. Problem (CQ 37681):
After multiple Telnet console redirection sessions are terminated due to
dropped DTR, no more Telnet sessions possible.
Cause:
Zero-copy buffer leak when Telnet sessions are terminated due to dropped
DTR.
8. Problem (CQ 37709):
WS-Event Heartbeats are sent to management console when not enabled.
Cause:
Heartbeat timer was being reset on every indication, even if heartbeats
were disabled. Because the heartbeat timer when heartbeats are disabled
is initialized to zero, there would be a zero time delay in between
heartbeats.
Change:
Only restart the heartbeat timer if heartbeats were requested during the
subscription and the heartbeat timeout is greater than zero.
Enhancements:
=============
1. Updated Opaque Management Data implementation to match current profile
v1.0.0c draft proposal which requires compliance with the Enabled
Logical Element Profile. Thus the following properties are changed or
added to have the specified value in the CIM_OpaqueManagementDataService
and CIM_OpaqueManagementData classes:
1. EnabledState = 2(Enabled)
2. RequestedState = 5(No Change)
3. HealthState = 0(Unknown)
4. PrimaryStatus = 0(Unknown)
5. AvailableRequestedStates = NULL
2. Added ElementName property to the following CIM classes:
CIM_RemoteServiceAccessPoint and CIM_USBDevice.
-------------------------------------
Version 1.10.0.0 - September 25, 2008
-------------------------------------
Fixes:
======
1. Problem (CQ 36207 revisited):
Console redirection session terminates during system power-on or reset
if management firmware "Monitor DTR" option is enabled.
Cause:
A PCI reset causes all UART registers to be reset to 0. The firmware is
(optionally) monitoring the UART MCR register for the DTR bit and if the
bit goes low (drops) for 100ms, the firmware terminates the console
redirection (Telnet or SSH) session.
Apparently DTR may be low for much longer than 100ms during a PCI reset.
Change:
Require DTR to be low for 250 ticks (2500ms) before disconnecting.
Impact:
Fix only applies to configurations with the "Monitor DTR" console
redirection option is enabled.
2. Problem:
When there is no "APE Config" directory entry in the
network/management controller's NVRAM, the management firmware will
crash during initialization.
Cause:
An uninitialized pointer to the SMBIOS structure table.
Impact:
Crash would also likely occur if the "APE Config" directory existed,
but there was no SMBIOS structure table configuration record within.
3. Problem:
Enumeration of CIM class could return instances with NULL key property
values.
Cause:
Key values were not validated during enumeration.
Change:
Do not return instances with NULL key values because they are invalid
instances and should not be included in the enumeration results.
4. Problem:
CIM_SoftwareInstallationService class was instantiated and advertised
via CIM_RegisteredProfile even when out-of-band management firmware
updates were not supported (there was no "APE FwUpdate" NVRAM
directory entry).
Change:
Instantiate CIM_SoftwareInstallationService class only when the NVRAM
supports out-of-band management firmware update.
5. Problem:
No "content-type" header was included in HTTP error responses (e.g. 401,
404, etc.).
Change:
Include "content-type: text/html" in HTTP error responses.
Enhancements:
=============
1. Updated Opaque Management Data implementation to match current profile
v1.0.0 draft proposal.
2. USB Redirection performance improvement: Ramp up and back off HTTP
request sizes as needed to keep receive buffer full without dropping
packets.
Impact:
Reduce request retransmits when linked at 1Gbps.
3. Added support for PowerState parameter value of 15 (Power Cycle Off-Soft
Graceful) to CIM_PowerManagementService.RequestPowerStateChange method.
Impact:
Treated identically to 14 (Master Bus Reset Graceful).
-------------------------------------
Version 1.09.0.8 - September 23, 2008
-------------------------------------
Fixes:
======
1. Clear the pending value table whenever we get a new BIOS Attribute
table (via PLDM for BIOS).
2. CIM BIOS class instances only exist if the associated BIOSAttributes
are in the attribute value table (via PLDM for BIOS).
-------------------------------------
Version 1.09.0.7 - September 22, 2008
-------------------------------------
Fixes:
======
1. Problem (CQ 37463):
B57diag sechksum failure after remote firmware update.
Change:
Probable fix:
Update the NVRAM directory checksum if any bytes were received from
the server, not just if all bytes were received.
2. Fixed spelling of CIM_OperatingSystemCapabilities.HostShutdownBehavior.
3. Added the following required properties for the
CIM_SoftwareIncallationServiceCapabilities class:
- SupportedExtendedResourceTypes
- SupportedSynchronousActions
- SupportedTargetTypes
Enhancements:
=============
1. USB Media Redirection performance improvements.
2. Incoming HTTP Request processing performance improvements.
3. SIM and RBA profile request processing performance improvements.
4. Mutual TLS support:
Verify HTTPS client certificate if/when the "TLS Server CA Certificate"
configuration record contains data.
5. USB Media Redirection verifies URI connection when SAP is enabled.
6. Zero-Touch Provisioning feature must be enabled in NVRAM (e.g. via
B57diag->mancfg->Advanced menu). When this feature is disabled, no
OTP memory accesses are performed and the device is in a perpetual
"provisioned mode".
Impact:
Feature is disabled by default.
-------------------------------------
Version 1.09.0.6 - September 18, 2008
-------------------------------------
Fixes:
======
1. Problem (CQ 37414):
Firmware hang upon attempting USB Redirection over HTTP session.
2. Problem:
Not using xsi:type for EmbeddedInstance representations as required by
DSP0230 section 7.2.5.3.
3. Problem:
Missing CIM_SoftwareInstallationServiceCapabilities.ElementName
property.
4. Set a zero length string for the BIOS password in the value table after
the BIOS has accepted the pending value.
Enhancements:
=============
1. Set required MAC mode register values when initializing the MAC mode
register and performing auto-register repair (when enabled).
-------------------------------------
Version 1.09.0.5 - September 16, 2008
-------------------------------------
Fixes:
======
1. Problem (CQ 37380):
Encrypted property-stream configuration records (e.g. user accounts)
could not be modified. Symptoms include corrupted property values,
property values reverting to default values, and corrupted adjacent
records whenever such records are modified (locally or remotely).
Cause:
BMCFG library fix (in revision 79) for potential forward compatibility
problems (older applications modifying property-streams created by newer
applications) introduced problems with updating existing encrypted
property-stream records. The record corruption was a side-effect of this
bug due to improper bounds-checking in a property value update routine.
Change:
BMCFG library fix (in revision 81).
Impact:
Requires updates to management firmware, BMCC, B57Diag, and
BrcmMgmtAgent.
2. Problem:
Transitioning to "Provisioned Mode" did not work 90% of the time.
Cause:
A small delay was required as part of the OTP memory write routine or
the write could have no effect.
Change:
Insert 2us delay between successive writes to the otp_control register.
Impact:
Zero-touch provisioning transition to "Provisioned Mode" (immediately
after authenticating with a configured user account) appears to now work
100% of the time.
3. Problem (CQ 37388):
Potential firmware hang during HTTP authentication.
Appears to occur upon first authentication after a power-on-reset of the
device.
Cause:
Infinite loop while initializing OTP memory access registers.
Change:
Insert 2us delay between successive writes to the otp_control register.
Added maximum retry counter while polling otp_status register.
Enhancements:
=============
1. Outgoing HTTP connection (e.g. event delivery, USB redirection, firmware
update) improvements:
a. Added support for HTTP Digest authentication.
b. Added support for HTTPS/TLS connections.
c. If the Client CA Certificate (type 0x53) NVRAM configuration record
exists and contains data, then the data must be a certificate of a
Certificate Authority (CA) in the chain of trust of the certificate
presented by the TLS server to which the management controller has
connected. Otherwise, the outgoing TLS connection will not be
completed.
2. NVRAM configuration records for BIOS Metadata (type 0x14) and BIOS
Attribute Pending Value Table (0x18) are now automatically encrypted by
the management firmware since these records may contain the BIOS
password.
3. NVRAM configuration record for self-generated Private Key (type 0x50)
is automatically encrypted by the management firmware.
-------------------------------------
Version 1.09.0.3 - September 12, 2008
-------------------------------------
Fixes:
======
1. Problem (CQ 37253):
Remote firmware update allows invalid file to be accepted.
Cause:
No image header or trailer (CRC or RSA signature) validation was being
performed.
Change:
Validate image header and trailer.
Impact:
Only valid BCM5761 management firmware images may be remotely
programmed.
2. Problem:
CIM_RunningOS instance could be returned with a "get" request
even when the host OS was not running.
Cause:
"Get" handler for this class wasn't conditional.
Change:
Only return this instance when OS is running.
3. CIM_BootService instance should be conditional on the existing of
CIM_BootSourceSetting.
4. CIM_HostedService privilege issue.
Enhancements:
=============
1. Added "WS-Identify Only" option for HTTP connections.
Modeled with WSIdentifyOnly property of BRCM_OOBManagementHTTPSetting
class.
2. Added support for TruManage Zero-touch Provisioning:
a. WS-Identify response contains MAC address and GUID (always).
b. Realm value contains MAC address and GUID when in unprovisioned mode.
c. Ability to authenticate (over HTTP/HTTPS) as "ProvisionConsole" and
perform user account management while in unprovisioned mode.
d. Authenticating as a valid user account automatically transitions
the device to provisioned mode.
3. Numerous updates to Opaque Management Data implementation to match
current preliminary profile definition in DMTF.
-------------------------------------
Version 1.09.0.1 - September 05, 2008
-------------------------------------
Fixes:
======
1. Problem:
When using a self-generated TLS/SSH server key/certificate pair, a new
certificate/key pair is created after each management controller
reset. This generation can take several seconds, during which time
HTTP-based management traffic is not supported.
Cause:
Automatically generated TLS/SSH server keys were not stored in NVRAM
correctly. When the management firmware initializes, it detects the
invalid key and re-generates it. The re-generated key is used correctly,
but stored in NVRAM incorrectly, so it will be re-generated for each
reset.
Change:
Store the self-generated TLS/SSH server private key correctly.
Impact:
This defect was introduced in management firmware v1.01.
When using an imported key/certificate pair, the firmware does not have
this problem.
2. Problem:
Newly defined namespace prefixes for a tag which exists in multiple XML
namespaces could result in the tag being assumed to be from the
incorrect XML namespace.
Change:
Check the namespace prefix after 'xmlns' parsing has completed if
any new XML namespace prefixes have been defined in this tag.
3. Problem:
Under high load situations, the TCP stack could fail to accept incoming
TCP connections (e.g. HTTP, HTTPS, Telnet).
Change:
Increase size of network memory pool.
4. Problem:
If the ResultClassName parameter to an association query is an unknown
class name, it would treated the same as an unspecified class name.
Change:
Correctly differentiate between an unknown ResultClassName and an
unspecified one.
5. Problem:
User account passwords up to 64 characters are supported in the
configuration records, but only 32 characters were used for HTTP
authentication.
Change:
Increase the support for HTTP passwords up to 64 characters.
6. Problem (CQ 37093 and CQ 37094):
Including <MethodResult> after a failed method would cause the firmware
to crash.
Change:
Include NULL dereference checking to prevent this.
Enhancements:
=============
1. Use recommended CIM interop namespace: "interop".
2. Enable TCP server keep-alive packets (every 75 seconds) to detect broken
TCP connections (after keep-alives with no ACK) and return TCP resources
to the network memory pool, allowing new remote management sessions.
Impact:
This feature may be disabled in the BMCC Advanced Settings menu.
3. USB Media redirection (over HTTP) support using DMTF USB Redirection
profile.
Impact:
Requires BMCC v1.09+ to enable this feature.
4. Graceful shutdown, restart, sleep, and hibernate support using DMTF
profiles: Base Desktop and Mobile, Power State Management, and
OS Status.
Impact:
Requires BrcmMgmtAgent v1.09+ to utilize this feature.
5. Remote out-of-band management firmware update support using the DMTF
Software Update profile.
--------------------------------
Version 1.02.0 - August 25, 2008
--------------------------------
Fixes:
======
1. Problem (CQ 36130):
Watchdog PET erroneously transmitted after enabling or resetting
management firmware.
Cause:
The watchdog timer is being re-enabled and reset (to ASF_SDT
ASF_INFO.MinWatchdogResetValue) every time the management firmware
is initialized or re-initialized.
Change:
No longer re-start the automatic Watchdog counter any time the
management controller is reset.
Impact:
Only affects platforms where ASF_SDT->ASF_INFO.MinWatchdogResetValue
is non-zero.
2. Problem (CQ 36131):
Transmitted System Heartbeat Alerts (PETs) contain incorrect Entity ID
value (0 instead of 23 decimal).
Cause:
The "chassis" Event Sensor Type was included in the
default PET heartbeat values rather than the "chassis" Entity ID.
Change:
Fixed the Entity ID value used for PET system heartbeat messages.
3. Problem (CQ 36134):
Incorrect Event Source Type value in transmitted PETs (always 0x68,
"ASF").
Cause:
The firmware routine that transmits a PET (over UDP/IP) also set the
"Event Source Type" to 0x68, over-riding any value that was read from
the ASF system description table (ASF_ALRT record) or pushed to the
management controller over the SMBus.
Change:
The "Event Source Type" value read from the ASF_ALRT record or pushed to
the management controller over the SMBus (e.g. in a "Push Alert" or
"Start Watchdog Timer" message) is now used in the transmitted PET.
4. Problem (CQ 36138):
Disabling the "HTTP GET" feature doesn't prevent web browser access to
HTML interface.
5. Problem (CQ 36169):
Changes to the Enabled and Port properties of the
BRCM_OOBManagementHTTPSetting, BRCM_OOBManagementHTTPSSetting,
BRCM_OOBManagementRMCPSetting, and BRCM_OOBManagementSecureRMCPSetting
classes do not take affect until a reset of the management controller.
Cause:
The HTTP and RMCP services must be recycled after changing the enabled
state or the TCP or UDP port number.
Change:
Automatically recycle the affected services when these property values
are changed.
6. Problem (CQ 36170):
When using the CIM ModifyInstance() intrinsic of the
BRCM_OOBManagementHTTPSetting and BRCM_OOBManagementHTTPSSetting classes
to modify the Realm property value, the property is not read back
properly if the new Realm property value (string length) is shorter than
the previous value.
7. Problem (CQ 36207):
Console redirection session terminates during system power-on or reset
if management firmware "Monitor DTR" option is enabled.
Cause:
A PCI reset causes all UART registers to be reset to 0. The firmware is
(optionally) monitoring the UART MCR register for the DTR bit and if the
bit goes low (drops), the firmware terminates the console redirection
(Telnet or SSH) session.
Change:
Require DTR to be low for 10 ticks (100ms) before disconnecting.
8. Problem (CQ 36208):
ASF Watchdog PET erroneously transmitted after boot on some systems.
Cause:
BIOS does not send an ASF "Stop Watchdog" SMBus message, expecting that
when the OS device driver loads, this will stop any pending watchdog
timer. Legacy (pre-BCM5761) management firmware would automatically stop
the watchdog timer, but this behavior was not implemented in the BCM5761
management firmware.
Change:
When the OS device driver for the network/management controller loads,
any pending ASF watchdog timer (either started by the BIOS or
automatically via ASF_SDT->ASF_INFO.MinWatchdogResetValue) is stopped.
Impact:
For platforms where the BIOS does not stop the ASF watchdog timer, if
the OS device driver for the network/management controller is not
loaded, a watchdog expiration PET may be transmitted by the management
controller.
9. Problem (CQ 36219):
Short (<12 hour) DHCP leases expire without renewal when OS-absent.
Cause:
The DHCP lease renewal (rebind) time was hard-coded to 12 hours.
Change:
Change DHCP rebind time to 7.5 minutes when in DHCP mode and switching
from OS-present to OS-absent.
10. Problem (CQ 36221):
Changes to BRCM_OOBManagementSecureRMCPSetting values not saved to
NVRAM.
Cause:
Firmware did not update RSP configuration record in NVRAM.
Change:
Save modified RSP configuration record to NVRAM.
11. Problem (CQ 36222):
DHCPEnabled incorrectly returns True in BRCM_OOBManagementIPv4Setting
instance.
Cause:
Firmware inadvertently returned the Enabled property value instead of
the DHCPEnabled property value.
12. Problem (CQ 36227):
HTTPS fails after running overnight with batch file that toggles
Enabled property.
Problem (CQ 36264):
HTTPS stress (repeatedly performing WinRM identify) eventually
(24+ hours) fails to respond.
Cause:
Memory leaks in TLS/SSL library.
13. Problem (CQ 36230):
SSH text console redirection APE GRC reset mutex lock.
Change:
When SSH text redirection is active, console redirection task is
always running, so in SSH processing disable GRC reset mutex lock
protection, so other host entities (e.g. B57diag) may obtain GRC reset
mutex.
14. Problem (CQ 36231):
RMCP support still enabled after disabling in
BRCM_OOBManagementRMCPSetting/BRCM_OOBManagementSecureRMCPSetting
instances.
Cause:
Firmware was not setting the Enabled property of
BRCM_OOBManagmentRMCPSetting and BRCM_OOBManagmentSecureRMCPSetting
classes properly.
15. Problem (CQ 36285):
Wrong date/time from CurrentDateTime property of
BRCM_OOBManagementService instance.
Causes:
Firmware was reporting the time zone offset with the wrong polarity.
BrcmMgmtAgent did not account for the daylight savings bias when
reporting the time zone bias to the firmware.
16. Problem (CQ 36316):
3 heartbeat events are sent consecutively when going in or out of
standby (S3).
Cause:
With heartbeat interval set to 10 seconds, and the retry interval set
to 20 seconds, if the initial connect to send a heartbeat message
fails for any reason, after 20 seconds, two more heartbeat events are
generated. The management firmware then does a successful connect()
and at that point has three heartbeats scheduled for delivery.
Change:
Stop heartbeat timer while in the process of sending an event and
restart it after the event is sent successfully.
17. Problem (CQ 36328):
Loss of IPv6 connection when IPv4 is disabled because it requires a
apectl -r.
Cause:
When IPv4 is disabled, device is marked down, so IPv6 traffic can't get
through.
Device is marked up by IPv6 only during initial init while auto-config
link local address.
Change:
Mark device up when adding new IPv6 address to device (for static IPv6
config) or when start of DHCPv6 process.
18. Problem (CQ 36363):
Clearing default gateway in management configuration does not remove
default routes in management firmware (for both IPv4 and IPv6).
Change:
When IPv4/v6 configuration is changed, before removing old IP from
device, remove default routes first.
19. Problem (CQ 36370):
External TLS/SSL Certificate and Private key configuration changes do
not take effect.
Cause:
The management firmware is not automatically recycled when these
configuration records are changed.
Change:
Add check for Certificate and Private Key changes in configuration
change event handling.
20. Problem (CQ 36371):
No IPv6 management connection while in PXE image menu.
21. Problem (CQ 36384):
Web page output corruption.
Cause:
Unaligned NVRAM reads of less than four bytes total would be incorrect.
22. Problem (CQ 36386):
Long hang then crash when accessing CIM_EthernetPort.NetworkAddresses
via web interface.
Cause:
Insufficient array bounds checking on array property.
Change:
Fixed CIM_EthernetPort implementation and added checks in web server
code to prevent future crashes to the same issue in other classes.
23. Problem (CQ 36396):
Web interface does not work with index files in subdirectories.
Cause:
Trailing slashes were being removed from URIs before filename matching.
Change:
Do not strip a trailing slash from URIs before matching filenames.
24. Problem (CQ 36400):
CIM_BIOSString has no ElementName property value.
Cause:
ElementName was not in the CIM_BIOSString property order array.
Change:
Added ElementName property to CIM_BIOSString property array.
25. Problem (CQ 36412):
CIM_BIOSServiceCapabilities.SupportedPasswordEncodings has incorrect
value.
Cause:
CIM_BIOSServiceCapabilities.SupportedPasswordEncodings value returned
was a string when it should be a uint32 array.
Change:
Changed the value returned to a uint32 array.
26. Problem (CQ 36458):
TCPProtocolEndPoint property ProtocolIFType showing wrong values.
Change:
Modify code to return correct value for ProtocolIFType property.
27. Problem (CQ 36469):
CIM_SoftwareIdentity instances report incorrect network driver versions.
Cause:
Firmware misinterpreted the driver's type field as part of the revision
number.
28. Problem (CQ 36509):
No management connection after PXE driver unload when connect thru
10/100 switch
Cause:
When PXE driver unloads, MAC mode register is set to GMII, so if a
10/100 switch is used, no network traffic will get through.
MAC mode register is being updated for PHY mode only upon link state
change and when attachment of new IP interface. When PXE driver
unloaded, no link state change occurs, so MAC mode register is not
being updated.
Change:
Update MAC mode register when driver state change (unload) so correct
PHY mode is being set.
29. Problem (CQ 36547):
Incorrect PLDM communications from BIOS may cause management firmware
to crash.
Cause:
BIOS was sending a BIOS Attribute Value table that was erroneous.
The management firmware crashed while trying to parse the table.
Change:
Modified firmware to handle erroneous values in the table and not store
the table to NVRAM.
30. Problem (CQ 36550):
Continuously toggling the SSH SAP on and off, SSH and TLS will
eventually stop responding.
Cause:
Memory leak in SSH server.
31. Problem (CQ 36595):
RMCP System State Response does not match BIOS ASF Set System State
message.
Cause:
Management firmware was setting ASF system state to "unknown" for every
power state change thus clearing out BIOS reported system state.
Change:
Modified to check if power state changed to VMain then set ASF system
state to "unknown" only if the current system state is not S0 and if
power state changed to Vaux then set ASF system state to "unknown" only
if it is S0.
32. Problem (CQ 36642):
RMCP ACK is not sent for remote power-down or power-reset
Cause:
RMCP library was issuing remote control command (SMBus message) before
sending RMCP ACK. The ACK would be lost while the Ethernet link was
down due to the power state change.
Change:
Fixed by sending RMCP ACK (if requested) before sending the SMBus
message to the system remote control device (e.g. chipset).
33. Problem (CQ 36652):
On some systems, management firmware may intermittently hang during
reset.
Cause:
CQ 35446.
Change:
Increase delay before performing GRC register accesses.
34. Problem (CQ 36754):
NIC installed with USB connected, Windows Device Manager shows
"Unknown Device" warnings on S3 resume.
Cause:
NIC firmware does not drive GPIO2 low (USB detach), so GPIO2 is
floating high.
Change:
Advertise USB support to boot code, when supported (in v1.10) and
drive GPIO2 low.
Impact:
Requires BCM5761[E] "boot code" firmware v3.63 or later.
35. Problem (CQ 36753):
System powered with no memory and connected a Gb link, no management
traffic is supported.
Cause:
BCM5761 core clock is running at 6.25MHz instead of 62.5MHz.
Even though the system is in VMain the device has not completed it
power state transition into D0 until bit 1 of the PCIE config register
0x4 is set by the BIOS. Since there is no system memory the BIOS is
not running normally and is not setting this bit.
Change:
Added check in power transitioning state to advertise speed of
10/100M so we do not link at Gb.
36. Problem (CQ 36755):
After power off from SMI, heartbeat sequence gets reset to 1.
Cause:
The management controller is being reset due to an ungraceful PME
turn-off event. The PET sequence number is stored in scratchpad memory
which is re-initialized as part of the reset.
Change:
Store the current PET sequence number in the management controller
shared memory region and retain the value across APE resets.
Impact:
Other negative effects of a management controller reset due to an
"SMI power-off" will remain.
37. Problem:
Firmware did not function when imported private key was > 609 bytes.
Cause:
Only 609 bytes were allocated for the TLS/SSL/SSH private key, but an
imported key may be (slightly) bigger.
Change:
Allocate 624 bytes of memory for TLS/SSL/SSH private key storage.
38. Problem (CQ 36884):
InstanceID BRCM:1.14 is missing ElementName.
Cause:
Profiles not implemented for TruManage 1.0 are defined before the
terminator entry which causes a CIM_RegisteredProfile and
CIM_ReferenceProfile pair to be generated.
Change:
For TruManage 1.0 builds, place USB Redirection and Software Update
profiles after the array terminator.
39. Problem (CQ 36653):
Able to create OpaqueManagementData instances with MaxSize value of 0.
40. Problem (CQ 36522):
Firmware stops after subscribing to events over IPv6.
Cause:
NULL dereference in IPv6 stack when a globally scoped address is used
but no default route has been configured.
Change:
Add check for a NULL default route before dereferencing.
41. Problem (CQ 36415):
Management connection is lost when restarting system.
Cause:
When host is restarted, a PCIE reset will occur. Management firmware
will receive interrupt at the falling edge and rising edge of
transition, and reinitialize tx/rx state machine. The interrupt is
cleared at the end of ISR, this causes some machines with short PERESET
low durations to lose the interrupt for rising edge, so tx/rx state
machines are left disabled.
The fixes for CQ 35446 and 36652 inject additional delays into ISR,
which magnifies the problem.
Change:
The solution is to clear interrupt once interrupt value is read before
any other processing in interrupt service routine.
42. Problem:
We do not support the Disabled state with
CIM_Account.RequestStateChange() method.
Change:
Return an error rather than success and still take no action.
43. Problem:
Existing roles were not reset when creating a new user account.
Change:
Clear old roles when creating a new user.
44. Problem:
More than one non-namespace selector in the EPR would always cause a
Pull to fail.
Change:
Verify the number of selectors after the entire EPR selector block has
been parsed.
45. Problem:
WS-Identify response reported DASH 1.0.0 support.
Change:
Report DASH 1.1.0 support in WS-Identify response.
46. Problem:
Invalid initial values for last known state of numeric sensors.
Change:
Use valid initial values of the last known state for numeric sensors.
47. Problem:
HTTP-GET "if modified since" requests did not work as expected.
Change:
Reverse HTTP-GET "if modified since" checking logic.
Enhancements:
=============
1. DHCPv6 support.
2. Automatically restart PET heartbeat timer upon completion of DHCP
negotiation or external modification of PET configuration record.
3. Construct the Address value of sent EPRs from the value in the Host
header included with the request.
4. For CIM_PhysicalDevice instances for which we get an Asset Tag from
the SMBIOS table, populate the UserTracking property with the asset tag.
The only SMBIOS asset tag we do NOT expose is the one for the power
supply since it has no corresponding physical device.
------------------------------
Version 1.00.0 - June 28, 2008
------------------------------
Fixes:
======
1. Problem (CQ 36020 and CQ 36070):
Various b57diag operations (e.g. "nictest") would cause the management
firmware to not transmit or receive management packets. A system full
A/C power cycle was required to recover the management capability.
Cause:
b57diag uses the APE shared memory to gracefully halt the APE, but does
not deposit a valid "driver state" value. The APE firmware inspects
this area of the shared memory during initialization to determine if the
driver (and thus, the host OS) is running. If the "driver state" value
was invalid, the OS was assumed to be running in which case the firmware
does not transmit or receive DHCP or ICMP packets.
Change:
Assume the OS is absent when an invalid "driver state" is found in the
APE shared memory during initialization.
2. Problem (CQ 36074):
CIM_ComputerSystem.Dedicated value indicates Desktop (32) instead of
Laptop (33) on mobile systems.
Cause:
Erroneous mapping of SMBIOS structure information to CIM property value.
Change:
Fixed the mapping.
3. Problem (CQ 36080):
CIM_RoleBasedAuthorizationService.ModifyRole() method fails with return
value of 2 when attempting to modify role with many privileges.
Cause:
XML Namespace parsing did not reuse previously allocated strings causing
an out of memory condition.
Change:
Optimized XML namespace parsing to allow multiple duplicate namespace
declarations using significantly less memory.
4. Problem:
ICMPv6 (neighbor discovery) packets were transmitted by the firmware
even when IPv6 was disabled in the configuration.
Cause:
IPv6 was always enabled for the network device during firmware
initialization.
Change:
Only enable IPv6 in the device initialization when IPv6 is enabled in
the management firmware configuration.
Impact:
Changing the IPv6 enable/disable state now causes the firmware to
self-reset (gracefully).
5. Problem:
Malformed (invalid base64-encoded) WS-Management requests could cause
firmware crash.
Cause:
Lack of base64 decoding failure checking.
Change:
Check that the base64 decode is successful before using the result.
6. Problem:
ASF SMBus boot options requests stopped working as of v0.97.0.
Cause:
Excessive processing in the SMBus interrupt handler to support
WS-Eventing boot progress event subscriptions.
Change:
Optimized handling of SMBus boot options requests.
7. Problem:
PLDM over shared memory would stop working after APE reset.
Cause:
"BIOS POST complete" state flag value was not maintained across APE
resets.
Change:
Store this state flag in the APE shared memory.
8. Problem:
When using SMBus ARP, SMBus communications would stop working after
APE reset.
Cause:
ARP-assigned SMBus addresses were not maintained across APE resets.
Change:
Store SMBus ARP state (including assigned addresses) in APE shared
memory.
9. Problem:
Various CIM Association Instances existed with invalid endpoints.
Change:
Validate endpoints before creating association instances.
10. Problem:
Incomplete OMData write when writing beyond an NVRAM page boundary.
Cause:
Unhandled boundary condition.
Change:
Fixed.
11. Problem:
Invalid XML DateTime and Duration representation in WS-Management
responses.
Cause:
Invalid XML generation.
Change:
Add the appropriate XML child tag.
12. Problem:
Various CIM class instances would exist when unsupported by the system
or the configuration.
Cause:
Instantiating classes without first validating support.
Change:
Validate support for classes before instantiating them.
13. Problem:
When the firmware was halted by b57diag (e.g. during tests, NVRAM
programming, or with the "apectl -h" command), the GRC Reset mutex was
left locked by the firmware until reset.
Cause:
The GRC Reset mutex was locked before checking for the shared memory
halt request signature during initialization.
Change:
Lock the GRC Reset mutex after the checking of the shared memory for
the halt request signature during firmware initialization.
14. Problem:
Boot progress events WS-Eventing subscriptions did not function.
Cause:
ASF boot options SMBus responses contained incorrect IANA enterprise
number when subscriptions for boot progress events existed.
Change:
Fixed the encoding of the ASF IANA enterprise number.
15. Problem:
Watchdog 2 PET Alerts would be transmitted by the firmware even though
the watchdog timer had been stopped by the system (e.g. BIOS).
Cause:
The watchdog timer was never stopped.
Change:
Stop the watchdog timer when the ASF "Stop Watchdog" SMBus message
is received by the MC (e.g. from the BIOS).
16. Problem:
Received Telnet CR/NUL sequence in Telnet Server did not translate to
carriage return (ASCII 13).
Cause:
The NUL character was not stripped.
Change:
Translate a received CR/NUL sequence to ASCII 13 in the Telnet server.
17. Problem:
Dynamic enabling/disabling of SSH Text Console Redirection SAP would
cause the Telnet port to not accept incoming connections.
Cause:
Receive filter management.
Change:
Fixed the management of the SSH and Telnet receive filters.
18. Problem:
Modifying CIM Boolean property values did not work.
Cause:
Incorrect value parsing.
Change:
Fixed CIM Boolean value parsing.
Enhancements:
=============
1. WS-Eventing Filter Collections now allow subscriptions to all possible
combinations of event classes.
2. Consistent and unique CIM InstanceID, DeviceID, and Tag property values.
3. CIM Alert Indications: Added support for generic event type mapping.
------------------------------
Version 0.99.0 - June 20, 2008
------------------------------
Fixes:
======
1. Problem (CQ 35977):
Unable to view instance of BRCM_OOBManagementService using DashMgmtCon.
Cause:
BRCM_OOBManagementService UpTime and CurrentTime properties are CIM
DateTime properties and the firmware did not support converting DateTime
values to strings.
Change:
Implement DateTime to string conversion in firmware.
2. Problem (CQ 35933):
Execution of CIM_AccountManagementService.CreateAccount() method will
crash firmware if INPUT Account Template contains no key values.
Cause:
NULL pointer passed to create function of AccountTemplate has no
properties.
Change:
Added handing for AccountTemplate instance with no properties.
3. Problem (CQ 35965):
Unable to read Opaque Management Data instance data larger than 6 bytes.
Cause:
Not enough memory was allocated to hold the read OMD data back out.
Change:
Fix limit on size of output parameter in WS-Man/SOAP server.
4. Problem (CQ 35884):
Intermittently sends out 3 consecutive WS-Man heartbeat events.
Cause:
Similar symptoms found when the event pipe contains heartbeats from a
previous subscription. Can only be reproduced by doing a manual
unsubscribe then resubscribing after the heartbeat interval but before
the connect/retry timeout.
Change:
Timing sensitive problem with stale heartbeat indications fixed.
5. Problem (CQ 34883):
No host or management traffic when Linux tg3 driver is loaded.
Cause:
Link down and link up event happen, firmware was reading wrong link
up/down value from MII register, which causes device flag to stay down.
Change:
Read CPMU status register in firmware to determine current link up/down
status.
6. Problem:
Linear slow down in TCP session handling for every TCP socket created.
Cause:
TCP/IP stack select() implementation bug.
Change:
Use poll() implementation instead.
Enhancements:
=============
1. OpaqueManagementDataService:
Changed the CIM_OMDService class to allow non-Admin user to execute the
OMDRead, Write, etc. This will allow the testing of
CIM_OpaqueManagementDataService.SetAssocatedPrivilege() method properly.
2. BRCM_OOBManagementService:
a. Make DHCPEnabled property read only in BRCM_OOBManagementIPv4Setting
and BRCM_OOBManagementIPv6Setting classes
b. define all services that are dependent upon the
BRCM_OOBMANAGEMENTSERVICE class in the CIM_ServiceServiceDependency
association class.
c. Updated CIM_RegisteredProfile class to reflect the Broadcom OOB
Management Service Profile.
d. Changed BRCM_OOBManagementSecureRMCPSetting Key properties to
uint_8[] OctetStrings.
------------------------------
Version 0.98.0 - June 13, 2008
------------------------------
Fixes:
======
1. Problem (CQ 35765):
With account encryption enabled, modifying an account property caused
all the properties of the account to revert back to default values.
Problem (CQ 35768):
With account encryption enabled, CIM_AccountManagementService
.CreateAccount() would cause a loss of management connection.
Cause:
Account records were being inadvertently changed to un-encrypted records
whenever modified.
Change:
No longer change record attributes when saving account record changes.
2. Problem (CQ 35784):
CIM_TCPProtocolEndpoint instances to not have a unique key value.
Cause:
Name property was not unique.
Change:
Fix generation of Name property.
3. Problem (CQ 35876):
Missing CIM_AssociatedSensor class.
Cause:
Not implemented.
Change:
Added implementation of CIM_AssociatedSensor class.
4. Problem:
The emulator crashes when an associators/associatorNames without any
filtering for the following object path.
http://localhost:623/BRCM/implementation:CIM_ComputerSystem
.CreationClassName="CIM_ComputerSystem",Name="192.168.0.2"
Cause:
Infinitely growing enumeration context.
Change:
Validate enumeration context against the pull selector set.
5. Problem:
CIM_RegisteredProfile.InstanceID values should not use CIM as a prefix.
Per the MOF description of InstanceID, the prefix should be "Broadcom"
or some other copyright value.
Change:
Do not prefix InstanceIDs with CIM: unless the instance is defined in a
MOF from the DMTF
6. Problem:
CIM_RegisteredProfile.AdvertiseTypes/AdvertiseTypeDescriptions was not
meant for scoping algo. It is meant for protocol level discovery.
Change:
Set CIM_RegisteredProfile.AdvertiseTypes to 2 and no longer set a
value for AdvertiseTypeDescriptions.
7. For the ManagedElement property, added service class instance for
Opaque Management Data and OOB Management Service profiles.
8. Added HostedService association to the BRCM_OOBManagementService class.
9. Problem:
APE "GRC Reset" mutex locking errors in b57diag.
Change:
GRC Reset Mutex is released while generating self-signed SSL certificate
and private key.
Enhancements:
=============
1. Added BRCM_OOBManagementServiceCapabilities class.
2. Added reloading of PLDM BIOS and SMBIOS meta records when there are any
changes to the DASH config file.
3. Added missing properties to BRCM_OOBManagementService.
4. Added CIM_AssociatedCooling class.
-----------------------------
Version 0.97.0 - June 6, 2008
-----------------------------
Fixes:
======
1. Problem: (CQ 35270)
There is an instance of CIM_RunningOS even when the host OS (e.g.
Windows) is not running.
Cause:
Management firmware was erroneously basing the OS Enabled status
on the ASF System State being S0 rather than network controller driver
presence.
Change:
The CIM_RunningOS instance will only exist when the host OS (e.g.
Windows) driver is present and has communicated its status to the
management firmware.
2. Problem: (CQ 35334)
CIM_ComputerSystem.RequestStateChange method invocation with
RequestedState parameter set to 2 (power-up), returns 2 (failure) on
some platforms.
Cause:
ASF SMBus message sent to the remote control device after a
GPIO/LOMAlert initiated power-up was being NAK'd.
Change:
If VMain is restored within one second after the GPIO/LOMAlert assertion
event, do not send the ASF SMBus message to the remote control device
servicing the power-up function advertised in the system's ASF_RCTL
table.
3. Problem: (CQ 35444)
Text console redirection sessions using the SSH protocol would drop.
Cause:
When characters were received very quickly by the network controller's
UART, SSH would fail due to a short socket send() result.
Change:
The send() function used by SSH will now retry the send when a short
send or EWOULDBLOCK is detected.
4. Problem (CQ 35476)
Changing Text console redirection CIM_TCPProtocolEndpoint.PortNumber
property value set incorrect value.
5. Problem (CQ 35530)
Invocation of CIM_RoleBasedAuthorizationService.ShowRoles() method
returns 2 when INPUT.subject = NULL.
6. Problem (CQ 35633)
Continue to receive WS-Eventing heartbeats after deletion of listener
destination.
7. Problem (CQ 35751)
Unable to authenticate after encrypting account records.
8. Problem (CQ 35752)
Microsoft DHCP server allocating 2 IP addresses for the same system when
DHCPv4 is enabled in the Windows network stack and in the management
firmware.
Cause:
Management firmware was using an RFC4361-based "client-identifier" DHCP
option value while Windows was using an RFC2131-based value. This caused
the Microsoft DHCP server to consider the different DHCP clients as
different systems and assign them each a separate IP address lease.
Change:
Management firmware now uses the RFC2131-based "client-identifier" DHCP
option value.
Enhancements:
=============
1. Sensors CIM Profile support on platforms that support PLDM Sensors
(Monitor & Control) and Broadcom-defined SMBIOS extensions.
2. Opaque Management Data CIM Profile support.
3. PET destination address may be IPv6 address or hostname.
4. Additional support for Broadcom OOB Management Service CIM Profile.
5. Support for HTTP basic authentication during WS-Eventing Push delivery.
6. 2x CIM Enumeration performance improvement.
-----------------------------
Version 0.96.0 - May 15, 2008
-----------------------------
Fixes:
======
1. Problem: (CQ 35090)
System does not power up when
CIM_ComputerSystem.RequestStateChange(RequestedState=11) is invoked
as required by DSP1058
Cause:
ASF_RCTL entries are used for power control. The ASF spec does not
define the actions of power reset when in S4 or S5 states, and on
some platforms the system does not power up.
Change:
When the system is in S4, S5, or Legacy Off states, issue a power
up command rather than a power reset command.
Impact:
Fixed behavior of CIM_ComputerSystem.RequestStateChange() for all
platforms.
2. Problem: (CQ 35335 and 35238)
CIM_ComputerSystem.RequestStateChange(RequestedState=3) returns
incorrectly formatted message
Cause:
A flaw in the TCP stack implementation could cause the same data to
be sent multiple times if link is lost while in the send() call
Change:
Fix TCP stack to prevent duplicate sends.
Impact:
Connections can now persist across link state and routing table
changes.
3. Problem: (CQ 34884, 34950 and 35072)
APE can hang under specific circumstances.
Cause:
Contention accessing GRC registers while the GRC is being reset by
another entity (e.g. diag or driver) or external event (e.g. power-state
transition).
Change:
Mutex-protect the GRC registers/reset.
Impact:
Requires NDIS6 v10.96 or NDIS5 v10.83 and b57diag v11.06.16 or later.
4. Various BIOS Management and Boot Control CIM Profile fixes.
Enhancements:
=============
1. IPv6 supported using static IP address and stateless auto-configuration
with link local address. OS network stack IPv6 configuration propagation
(e.g. with bmcc or BrcmMgmtAgent) not yet supported.
2. Hostnames supported in WS-Event subscription "NotifyTo" address.
3. Text Console Redirection CIM Profile support.
4. SSH protocol for console redirection support.
5. Dynamic configuration changes supported (without resetting APE).
6. Offline web data support (in APE_WEB_DATA NVRAM directory entry), so
large (e.g. > 32K) web data is now supported. Requires b57diag v11.06.16
or later to import the BMCFG_RECORD_WEBDATA record from a dashfw.cfg
file into the APE_WEB_DATA NVRAM directory entry using the "mancfg -i"
command. Use the "bmcc web" command to import web file(s) into a
dashfw.cfg file. The dashfw.exe firmware emulator may be used to
test/view the web data embedded in the dashfw.cfg file.
7. The System Memory CIM_Memory.ConsumableBlocks value is now derived from
what Windows reports when "bmcc sync" or BrcmMgmtAgent is executed.
-------------------------------
Version 0.95.0 - April 16, 2008
-------------------------------
Fixes:
======
1. Problem:
Telnet Server (for Text Console Re-direction) does not function.
2. Problem: (CQ 33985)
Loss of management traffic connection after NDIS driver is disabled.
3. Problems with SMBus ARP fixed. Including Get UDID return 0s.
4. CIM_BIOSPassword will return values for properties CurrentValue
and PendingValue if it exist. Before was always returning empty array.
5. Problems with Boot Control Profile implementation fixed.
6. Only advertise BIOS Management Profile if there is a CIM_BIOSAttribute
instance.
7. Problem:
Console side recv() processing delay.
Cause:
Due to the design of the TCP stack, the TCP PUSH flag was sometimes not
set for the last packet in a response. This caused the console side to
begin a timeout waiting for a packet with the PUSH flag set.
Change:
Ensure PUSH flag is set for the last packet of the response.
Impact:
Fixes console side recv() delay
8. Problem:
Console side transmit delay.
Cause:
The firmware was using the RFC recommended 200ms ACK timeout for delayed
ACK. At the same time, the console left Nagle's Algorithm enabled on the
socket. Further, the request contained more than MSS bytes. Because of
Nagle, the console was waiting for the ACK from the previous packet
before sending the next packet. The firmware was waiting for 200ms for
data to be sent to the console (TCP Delayed ACK enabled). This caused a
needless 200ms delay before the last packet of a request was sent from
the console.
Change:
Lower Delayed ACK timeout to 2ms.
Impact
Fixes console side transmit delay.
9. Problem:
CIM_ConcreteComponent EPRs missing most of the key values
Cause:
CIM_ConcreteComponent internal MOF representation did not contain the
correct key qualifiers for the class
Change:
Set key qualifiers correctly
Impact:
CIM_ConcreteComponent EPRs now correct
10. Problem:
AssociatedInstance queries can not cross namespace boundaries. This
results in a broken object model.
Cause:
The DMTF preliminary DSP0227 specification restricts all classes URI
results to a single namespace. This has the effect of constraining
AssociatedInstances query results which MUST be targeted to the all
classes URI. As a result, it is not possible to use this method to
traverse cross namespace associations.
Change:
Assuming that this will be fixed in DSP0227, we now constrain only the
Object parameter to the specified namespace, not the results.
Impact:
AssociatedInstance queries now behave differently than previously and
do not follow the current DSP0227 requirements.
Enhancements:
=============
1. Firmware files (dash*.bin) are now digitally-signed (public key
available) and use an IEEE standard CRC-32 for the file checksum
value.
Impact:
You must use b57diag v11.06 (04/16/08) or later to program the
firmware into the device's NVRAM (i.e. with the "seprg -a" command) or
you will get an "invalid CRC" error and may not upgrade the firmware.
2. Wait for Interrupt (WFI) power-saving feature can now be disabled
persistently (e.g. using b57diag "mancfg->advanced" menu).
-------------------------------
Version 0.94.0 - March 26, 2008
-------------------------------
Fixes:
======
1. CQ 34390
ASF2.0 secure connection after 10 seconds, all management traffic stops.
2. CQ 33983
With DHCP enabled, discovery methods and heartbeat PETs do not work.
3. CQ 33908
Management traffic does not resume after "bmcc enable".
4. ASF "Set System State" SMBus message from BIOS did not work.
5. "bmcc sync" caused firmware hang.
6. Problems parsing association key values in header fixed.
7. Problems handing Unsubscribe and Renew requests fixed.
8. If an XML tag used a new XML namespace prefix and defined
a default XML namespace, the tag was parsed using the new default
namespace instead of the one specified by the prefix.
9. EnumerationContext was incorrectly returned in a PullResponse when
the EndOfSequence marker was present.
Enhancements:
=============
1. Added OS Status CIM Profile support.
2. Added CIM_OOBAlertService instance.
3. Added CIM_EthernetPort instance.
4. Support for PLDM BIOS over MCTP/SMBus based on PLDM for BIOS spec v0.5.0
(2/4/2008). Does not include support for MC/BIOS authentication.
5. Support for SMBus ARP.
6. Initial support for PLDM SMBIOS over shared memory based on PLDM for
SMBIOS Specification version 0.5.0 (2/1/2008).
7. Support for Boot Control Profile.
You can use CIM_BootConfigSetting.ChangeBootOrder() and
CIM_ElementSettingData.ModifyInstance() on the IsNext property to change
the boot order.
All changes are pending until system reset.
8. Support for BIOS Control Profile.
You can use CIM_BIOSService.SetBIOSAttribute() to change BIOS attributes.
All changes are pending until system is reset.
9. Returned EPRs now always include a namespace.
10. Default (implementation) namespace is now named instead of anonymous.
New name is "BRCM/implementation".
11. The SubscriptionManager returned in a SubscriptionResponse is now the
FilterCollectionSubscription instance which corresponds to the newly
created Subscription.
12. Association queries now cross namespace boundaries.
13. CIM_RegieredProfile.RegisteredName properties no longer contain the
word "Profile".
----------------------------------
Version 0.93.0 - February 15, 2008
----------------------------------
Fixes:
======
1. CQ 33134
ARP reply always contains MAC address 00:10:18:00:00:00.
2. CQ 33152
Force vaux link does not function properly on various platforms.
3. CQ 33184
Cannot obtain an IP from a DHCP server.
4. CQ 33186
B57Diag mancfg reports incorrect IP address when DHCP is set to enabled.
Enhancements:
=============
1. Dynamic web (HTML) user interface content with modifiable property values
and method invocation (e.g. remote power control).
2. WS-Eventing/indications subscription and delivery support.
3. Date and time tracking.
4. Additional CIM Profiles support.
----------------------------------
Version 0.92.0 - December 12, 2007
----------------------------------
Fixes:
======
1. Firmware crash when NIC was jumpered for mission mode and there was
no Ethernet link.
Cause:
Firmware was clearing CPMU policy register APE field which is reserved
in some policies.
Enhancements:
=============
1. Added default Web (HTML) user interface using static/canned pages
for demo purposes only.
This feature can be disabled by setting "b57diag mancfg" or
"bmcfg edit" WS-Management->HTTP Get to "Disabled".
2. HTTPS Basic authentication support can be disabled (for enhanced
security) by setting WS-Management->HTTP Digest Authentication Only
to "Enabled".
3. Role Based Authorization Profile (RBAP) and Simple Identity Management
Profiles (SIMP) should now be feature-complete:
You can use ModifyRole(), ShowAccess(), ShowRoles(), Create/Delete
Accounts.
4. Text Console (UART) Redirection via Telnet can be enabled using the
"Console Redirection" mancfg menu (for demo/testing purposes).
Since the CIM Text Console Redirection Profile is not currently
implemented, you must set "Telnet Auto-Listen" to Enabled for this
feature to work. A custom serial port driver is required for Windows and
Linux to use the UART.
SSH is not currently implemented.
5. Initial support for PLDM-BIOS over MCTP/SMBus.
6. Sets link speed based on configuration settings when in Vaux power mode.
7. Implemented ASF/RMCP "best guess" system state function (based on
OS/driver presence and VMain presence). CIM_ComputerSystem.EnableState
and CIM_AssociatedPowerManagementService.PowerState also expose the
current system state based on this best guess (if not set by the
BIOS with the ASF "Set System State" SMBus Message).
/* End of File */
Download Driver Pack
After your driver has been downloaded, follow these simple steps to install it.
Expand the archive file (if the download file is in zip or rar format).
If the expanded file has an .exe extension, double click it and follow the installation instructions.
Otherwise, open Device Manager by right-clicking the Start menu and selecting Device Manager.
Find the device and model you want to update in the device list.
Double-click on it to open the Properties dialog box.
From the Properties dialog box, select the Driver tab.
Click the Update Driver button, then follow the instructions.
Very important: You must reboot your system to ensure that any driver updates have taken effect.
For more help, visit our Driver Support section for step-by-step videos on how to install drivers for every file type.