You are on page 1of 18

UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers

Addendum for Intel Xeon E5 family of servers
FOBIBMu
Introducing UEFI-Compliant Firmware on IBM System x and
BladeCenter Servers
Addendum for Intel Xeon E5 family of servers
Sumeet Kochar,
Chuck Bauman,
Michael Turner,
Mehul Shah,
Randy Murphy,
Chris P Karamatas,
John R Encizo,
With System x UEFI/BIOS Development Team
IBM Systems and Technology Group
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 2
Executive overview
This paper introduces and describes key features of the Unified Extensible Firmware Interface (UEFI)
firmware in IBM® System x® and BladeCenter® servers based on the Intel Xeon E5 family. This paper
does not replace the original System x UEFI white paper
(http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5083207) but highlights the value
proposition of this third generation of System x UEFI-based servers.
Family
Number
of
sockets Platform Core name
Socket
type
Machine Type and Model
Xeon E5-2400 2 Romley-EN Sandy Bridge-EN Socket B2 x3530 M4 7158
x3630 M4 7160
IBI IBM Flex System x220*
7906, 2585
HS23E 8038, 8039
Xeon E5-2600 2 Romley-EP
/ Romley-
WS
Sandy Bridge-EP Socket R HS23*
x3550 M4
7914
x3650 M4
7915
x3500 M4
7383
IBM Flex System x240*
8737, 8738
dx360 M4
7918, 7919, 7912, 7913
Xeon E5-4600 4 Romley-EP
4S
Sandy Bridge-EP
4S
Socket R x3750 M4 8722, 8733*
* Note: Optimized boot feature is supported in initial firmware level. Other systems will get it in their first
lifecycle UEFI firmware update.
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 3
Overview of IBM UEFI firmware
The UEFI firmware in the IBM Intel Xeon E5 based
servers is based on the latest UEFI 2.3 compliant
firmware. This next-generation firmware enables more
cross-brand commonality, improved power and systems
management, reliability and predictive fault
technologies, and operating-system deployment options.
IBM was the first adopter of UEFI in the x86 high-
volume and high-end scalable server space. At the time
of writing of this paper, more than one million IBM UEFI-
based servers have been deployed. This family of
servers is the third generation of UEFI-based x86
servers from IBM.
The UEFI firmware (like BIOS) is primarily responsible for initializing the essential system hardware (such
as memory, microprocessors, and PCI buses), publishing operating-system-required data structures and
functions, initializing boot devices, and handing off control (booting) to an operating-system boot loader.
This third-generation IBM UEFI firmware has many features that go well beyond the basic requirements of
UEFI-compliant firmware and are a result of direct customer input and experience that IBM has gained
from developing scaled servers that are based on Intel EN, EP, and EX platforms over the first two
generations.
IBM has focused on the following key areas:
 Boot and deployment time improvements
 Configuration management and F1 Setup utility
 Energy efficiency
 Advanced reliability, availability, and serviceability (RAS)
 Security
 Virtualization
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 4
Boot and deployment time improvements
The firmware stack has been redesigned to optimize the performance of many system-board and device
drivers. The redesign improves boot times and enhances the customer experience through faster
deployment of richer configurations than are available in previous-generation servers. New boot mode
choices have been added to the F1 Setup utility to provide additional customization options that are
based on the capabilities of UEFI-enabled operating systems.
When the user selects Boot Manager from the main menu in the Setup utility, the following menu is
displayed.
Note that there are also new headings and options within the Boot Manager providing further clarity and
configurability and that various boot mode options can be set from the Boot Manager menu.
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 5
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 6
System Boot Modes
The default system boot mode is UEFI and Legacy, in which the system recognizes both UEFI-enabled
operating systems and legacy operating systems.
UEFI-enabled operating systems are preferable for the following reasons:
 UEFI POST and all UEFI-enabled operating systems run in 64-bit mode to improve boot times.
Legacy POST runs in 16-bit segmented mode, which uses only a subset of the system memory and
requires code overlays to fit in the smaller memory footprint.
 UEFI boot supports richer system configurations. Legacy boot has the old PC architecture limitations
on memory and option ROM space.
 The UEFI standards provide a published interface to allow for interaction between the operating
system and the UEFI preboot firmware. For example, the operating system can automatically update
the boot options through a published UEFI runtime interface. All major operating systems support
UEFI now, and some operating-system vendors have indicated that future innovations will support
only UEFI.
 UEFI supports more granular boot target selections instead of generic boot-device selections (such
as CD-ROM and Hard Disk 0). UEFI supports larger (greater than 2.2 TB) bootable partitions, using a
GUID partition table instead of a master boot record.
If you choose to use a legacy operating system, for improved boot times, set the system boot mode to
Legacy Only so that the system spends a minimum time in UEFI mode. The Legacy Only selection
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 7
provides better boot performance than what is available in previous-generation servers, in which the user
achieves similar functionality by adding ”Legacy Only” as the first entry in the boot list.
Optimized Boot
When the System Boot Mode is UEFI and Legacy or UEFI Only, POST searches all possible boot
devices for boot options. Optimized Boot improves boot time: POST remembers the boot device that was
used previously and performs an extensive handshake only with the UEFI driver of that device. When
Optimized Boot is disabled, POST searches all possible boot devices on every boot. By default,
Optimized Boot is enabled.
When Optimized Boot is enabled, you can override the boot device selection that POST remembers by
using the Setup utility (press F1 at startup) or by using the boot device list (press F12 at startup)..
You can disable Optimized Boot through the Setup utility or through the Advanced Setup Utility (ASU).
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 8
Quiet Boot
Quiet Boot suppresses the display of a summary of the server configuration before the initial splash
screen is displayed. To display the summary of the server configuration, disable Quiet Boot.
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 9
Driver Health Check
UEFI health check is a new feature in UEFI. A device driver that supports the Driver Health Protocol can
report its status during POST through UEFI health check. If a device driver returns a Not Healthy status,
the Setup utility starts automatically for resolution through configuration menus that are provided by the
device driver. The Driver Health Check examines the specified device drivers only during POST.
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 10
Improvements in the F1 Setup utility
Many customer recommendations have been implemented to impove clarity and consistency in the Setup
utility menus.
From the main menu in the Setup utility, you can now select options related to driver health and configure
storage,and network devices.
For example, the network and iSCSI configuration settings have been consolidated into a single Network
menu. Many of these changes have been implemented in all System x products.
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 11
Under System Settings, you can now view current driver health details of all corresponding devices, as
shown in the following screenshot.
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 12
Device configuration management
IBM Unified Configuration Manager (UCM) is a new feature that is being introduced with the Intel Xeon
E5 family of servers. It enables configuration of the base server and third-party optional devices with a
single tool. Future versions of the Advanced Settings Utility (ASU), IBM Systems Director, and other
systems-management tools will enable zero-touch in-band and out-of-band cloning, deployment, creation
of configuration profiles, and direct management of preboot functionality. IBM is working with vendors to
enable support for this.
Example: A customer uses ASU or IBM Systems Director to enable a zero-touch out-of-box automated
deployment of a large number of systems, including the roll out of an optional third-party adapter. The
customer configures the initial base system and any HII-compliant UCM-enabled adapter settings and
deploys them by using a single comprehensive out-of-band cloning operation.
System + (third-party) Optional Devices = A Unique Hardware Configuration Profile
IBM extensions to UEFI standards make managing unique configurations easier.
UEFI helps centralize and secure management of self-encrypting drives by enabling this feature for IBM
Tivoli® Key Lifecycle Manager, which provides a database for a centralized key repository. UEFI requests
that the systems-management software help retrieve a key and passes the information onto the RAID
device driver to unlock the drive.
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 13
Energy efficiency
UEFI system settings contain preset operating modes that are based on extensive workload and
benchmark testing to provide the best performance per watt. System x servers can also be configured for
additional power savings or power capping.
Power savings are automatically achieved by gating power to internal chip set functions that are not used
or by dynamically turning voltage regulator phases on and off according to system utilization. Additional
power savings can be acheived by using the latest chip set and operating-system power saving features
that are based on Advanced Configuration and Power Interface (ACPI) standards and by disabling
unused PCI onboard and optional devices. New features in the chip sets in the Intel Xeon E5 family of
servers include C7 CPU C-state and selective aggressiveness on Turbo Mode for better energy
efficiency.
The systems can also be configured through the IBM Active Energy Manager feature so that the system
firmware enforces a user-selected power cap to keep energy consumption by the data center within a
customer-allocated budget.
Advanced RAS
The Intel Xeon E5 family of servers brings new reliability, availability, and serviceability (RAS) features
into the System x enterprise class of servers. Advanced features that are available in some processor
stock-keeping units (SKUs) improve server resilience by preventing the system from going down until a
detected error is consumed. This is an improvement over previous processor SKUs, which allowed the
system to fail immediately on the first observed error. In conjunction with other new chip set features, this
improvement protects against propagation of errors that are detected early by marking data as poisoned.
Disruption of server operation is prevented until a transaction attempts to consume the poisoned data, at
which point the transaction is prevented and a fatal error is asserted. These features are combined with
enhanced RAS algorithms to provide improved predictive failure events versus false early warnings that
are generated by some operating systems and applications.
In the unlikely event that a catastrophic failure occurs, the system firmware attempts to disable the device
that failed, providing automatic system recovery. A data capture facility also exists for offline analysis and
future error prevention. If any field replaceable unit (FRU) must be replaced as a result of an error, the
system will automatically detect and enable the device replacement.
Security
Systems-management components typically have extensive access to the managed system and can
cause serious problems if they are not secured properly. Therefore, IBM has invested in hardware and
System x firmware features to become a trusted system component to protect against software attacks.
Both UEFI and the integrated management module (IMM) run Core Root of Trust Measurement (CRTM)
code out of reset. The CRTM code protects itself by locking itself, using hardware features that prevent
any other software entity from updating the root of trust code.
UEFI CRTM measures all other firmware that runs during POST and stores these measurements in the
form of a hash value in the trusted platform module (TPM) chip. An operating system can use these
measurements for hard disk and other encryption features, such as Windows BitLocker Drive Encryption.
The IMM CRTM prevents non-genuine IMM firmware from running in the systems-management domain.
System x firmware accepts only signed updates for all the firmware components that it updates. Firmware
for other components that are updated by the IMM, such as platform-unique Field Programmable Gate
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 14
Array Logic (FPGA) code, can be updated by the IMM only when it is running its trusted code (CRTM)
after a system reset.
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 15
Virtualization
System x firmware (UEFI and IMM) enable the latest virtualization features by supporting System x server
configurations with virtualization-capable adapters. With large memory configurations, these features help
remove or reduce bottlenecks in a virtualized environment. In addition, Single Root I/O Virtualization (SR-
IOV) technology allows for sharing PCI devices among multiple virtual machines (VMs) in a single
physical server.
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 16
SR-IOV technology combined with future Multi Root Aware (MRA) switches will support sharing PCI
device resources among multiple physical servers that use Multi Root I/O Virtualization (MR-IOV)
technology. This will reduce hardware costs by decreasing the number of switches that are required,
avoid over-provisioning, and improve hardware utilization. The reduction in hardware will also help reduce
power consumption in the data center.
-
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 17
Useful links
Understanding UEFI and Tuning for Performance
Understanding UEFI and Tuning for Performance - E5 Update
Features On Demand
http://publib.boulder.ibm.com/infocenter/toolsctr/v1r0/index.jsp?topic=%2Fasu%2Fmj1nxmst35.html
Firmware Update Best Practices - IBM BladeCenter and System x
http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5082923
IBM ToolsCenter for System x and BladeCenter
http://publib.boulder.ibm.com/infocenter/toolsctr/v1r0/index.jsp
IBM Systems Director Active Energy Manager
http://publib.boulder.ibm.com/infocenter/director/v6r2x/topic/com.ibm.director.aem.helps.doc/frb0_aem4.3
_docs_user.pdf
Security (IBM and Intel white paper)
http://download.intel.com/technology/efi/SF09_EFIS001_UEFI_PI_TCG_White_Paper.pdf
System x Virtualization Strategy
http://publib-b.boulder.ibm.com/abstracts/redp4480.html?Open
Stay informed about System x firmware updates
http://www.ibm.com/supportportal/
IBM System x technical documents
http://www-03.ibm.com/support/techdocs/atsmastr.nsf/Web/WP-
ByProduct?OpenDocument&Start=1&Count=1000&Expand=21
UEFI Compliant Firmware on IBM System x® and BladeCenter® Servers
Addendum for Intel Xeon E5 family of servers
Page 18
For More Information
IBM System x and xSeries Servers ibm.com/systems/x/
IBM Rack Configurator ibm.com/systems/x/hardware/configtools.html
IBM Configuration and Options Guide ibm.com/systems/xbc/cog/
Legal Information
© IBM Corporation 2012
IBM Systems and Technology Group
Dept. U2SA
3039 Cornwallis Road
Research Triangle Park, NC 27709
Produced in the USA
January 2012
All rights reserved
For a copy of applicable product warranties, write to: Warranty
Information, P.O. Box 12195, RTP, NC 27709, Attn: Dept.
JDJA/B203. IBM makes no representation or warranty
regarding third-party products or services including those
designated as Server Proven or Cluster Proven. Telephone
support may be subject to additional charges. For onsite labor,
IBM will attempt to diagnose and resolve the problem remotely
before sending a technician.
IBM, the IBM logo, and ibm.com are trademarks or registered
trademarks of International Business Machines Corporation in
the United States, other countries, or both. If these and other
IBM trademarked terms are marked on their first occurrence in
this information with a trademark symbol (® or ™), these
symbols indicate U.S. registered or common law trademarks
owned by IBM at the time this information was published.
Such trademarks may also be registered or common law
trademarks in other countries. A current list of IBM trademarks
is available on the Web at “Copyright and trademark
information” at http://ibm.com/legal/copytrade.shtml.
Intel, Intel Xeon, Itanium, and Pentium are trademarks or
registered trademarks of Intel Corporation or its subsidiaries in
the United States and other countries.
Linux is a registered trademark of Linus Torvalds in the United
States, other countries, or both.
Microsoft, Windows, and Windows NT are trademarks of
Microsoft Corporation in the United States, other countries, or
both.
Other company, product, or service names may be
trademarks or service marks of others.
IBM reserves the right to change specifications or other
product information without notice. References in this
publication to IBM products or services do not imply that IBM
intends to make them available in all countries in which IBM
operates. IBM PROVIDES THIS PUBLICATION “AS IS”
WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
OR IMPLIED, INCLUDING THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. Some jurisdictions do not allow disclaimer of
express or implied warranties in certain transactions;
therefore, this statement may not apply to you.
This publication may contain links to third party sites that are
not under the control of or maintained by IBM. Access to any
such third party site is at the user's own risk and IBM is not
responsible for the accuracy or reliability of any information,
data, opinions, advice or statements made on these sites. IBM
provides these links merely as a convenience and the
inclusion of such links does not imply an endorsement.
Information in this presentation concerning non-IBM products
was obtained from the suppliers of these products, published
announcement material or other publicly available sources.
IBM has not tested these products and cannot confirm the
accuracy of performance, compatibility or any other claims
related to non-IBM products. Questions on the capabilities of
non-IBM products should be addressed to the suppliers of
those products.
MB, GB and TB = 1,000,000, 1,000,000,000 and
1,000,000,000,000 bytes, respectively, when referring to
storage capacity. Accessible capacity is less; up to 3 GB is
used in service partition. Actual storage capacity will vary
based upon many factors and may be less than stated.
Performance is in Internal Throughput Rate (ITR) ratio based
on measurements and projections using standard IBM
benchmarks in a controlled environment. The actual
throughput that any user will experience will depend on
considerations such as the amount of multiprogramming in the
user’s job stream, the I/O configuration, the storage
configuration and the workload processed. Therefore, no
assurance can be given that an individual user will achieve
throughput improvements equivalent to the performance ratios
stated here.
Maximum internal hard disk and memory capacities may
require the replacement of any standard hard drives and/or
memory and the population of all hard disk bays and memory
slots with the largest currently supported drives available.
When referring to variable speed CD-ROMs, CD-Rs, CD-RWs
and DVDs, actual playback speed will vary and is often less
than the maximum possible.
XSW02525-USEN-00