ESXi-Arm Fling

 View Only
Expand all | Collapse all

PSOD on HPE gen11 with Ampere ARM CPU

  • 1.  PSOD on HPE gen11 with Ampere ARM CPU

    Posted Feb 27, 2023 12:07 PM
      |   view attached

    Hello,

    We get for some testing new HPE ProLiant RL300 Gen11 server with Ampere Altera processor 80 cores@3GHz.

    I've manage to get instal; ESXi on ARM fling. I have disabled Secure Boot and when I try thing like reset server from DCUI or change root password on HTTP management I'm get attached PSOD.

    Have anyone idea what is can causing this? There isn't any option to choose legacy BIOS instead UEFI and I have try disable any security check in server setting which I found.

    Best Regards, PetrH



  • 2.  RE: PSOD on HPE gen11 with Ampere ARM CPU

    Posted Feb 27, 2023 01:03 PM

    Hi   Did you download the Customized ISO Image for HP or you use the default image ?



  • 3.  RE: PSOD on HPE gen11 with Ampere ARM CPU

    Posted Feb 27, 2023 01:06 PM
      |   view attached

    Hi , There are also custom Images for ARM version? I haven't found any option here:(



  • 4.  RE: PSOD on HPE gen11 with Ampere ARM CPU

    Posted Feb 28, 2023 08:30 AM

    HI  i think you need to file Support Case to help you with the needed iso or fix the signature issue with the VIBs. 



  • 5.  RE: PSOD on HPE gen11 with Ampere ARM CPU
    Best Answer

    Posted Mar 03, 2023 08:03 PM

    Hi, sorry to have missed the topic, it went to my spam folder...

    As a  work around, can you try to boot with the rtcEnableEFI=FALSE boot option? (Shift+O at boot to add the option to the command line).

    Cyprien



  • 6.  RE: PSOD on HPE gen11 with Ampere ARM CPU

    Posted Mar 05, 2023 12:30 PM

    Its okay,0 I'm happy that my question find you anyway! Really thank you for help. It's looks much better now!.

    Best Regards, PetrH



  • 7.  RE: PSOD on HPE gen11 with Ampere ARM CPU

    Posted Jul 24, 2024 11:00 AM

    Hi

    Did you manage to install the ESXI with secure boot on the HPE ProLiant RL300 server?

    I'm also getting PSOD, but I'm able to install it without it




  • 8.  RE: PSOD on HPE gen11 with Ampere ARM CPU

    Broadcom Employee
    Posted Jul 25, 2024 06:32 PM

    Hi,

    Can you share a screenshot of your PSOD? Just to be sure it is related to the secure boot and not anything else.

    Also, future version may well support secure boot :)

    Cheers,
    Cyprien




  • 9.  RE: PSOD on HPE gen11 with Ampere ARM CPU

    Posted Jul 28, 2024 03:24 AM

    Sure,

    It is failing verification for almost all VMware vibs..




  • 10.  RE: PSOD on HPE gen11 with Ampere ARM CPU

    Broadcom Employee
    Posted Jul 28, 2024 08:41 AM

    Ah, right, that's pretty obvious!

    Thank you.




  • 11.  RE: PSOD on HPE gen11 with Ampere ARM CPU

    Posted Jul 28, 2024 08:45 AM

    Thank you for your reply.

    So currently there is no way to have ESXi installed on the HPE ProLiant RL300 Gen11 with secure boot enabled?

    I need it also for establishing a connection to the onboard TPM module..

    I'm currently getting:

    TPM 2.0 device detected but a connection cannot be established.
    




  • 12.  RE: PSOD on HPE gen11 with Ampere ARM CPU

    Broadcom Employee
    Posted Jul 28, 2024 01:41 PM

    You are correct, unfortunately the current fling can not be secure booted. And it is also not able to use the TPM either (I don't think those two are related, but I could be wrong).




  • 13.  RE: PSOD on HPE gen11 with Ampere ARM CPU

    Broadcom Employee
    Posted Jul 28, 2024 02:05 PM

    Some more details about the TPM2: it looks like the HPE server is using the CRB interface, which is not supported by ESXi:

    https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-10F7022C-DBE1-47A2-BD86-3840C6955057.html

    I don't know if it is possible to change it to use the TIS/FIFO interface.

    Oh, and I read in this page that Secure Boot must be enabled. So yes it is linked as well. Secure Boot will be coming, but I can't tell for the TPM2 interface.




  • 14.  RE: PSOD on HPE gen11 with Ampere ARM CPU

    Posted Nov 10, 2024 09:23 AM

    Now with the new fling ESXI 8.0U3 is there any update on this?




  • 15.  RE: PSOD on HPE gen11 with Ampere ARM CPU

    Broadcom Employee
    Posted 30 days ago

    Hi,

    ESXi Arm Fling v2 can now be secure booted ✅.

    However to use the TPM2, vSphere still requires a TPM2 TIS/FIFO interface.

    Ensure that the TPM is configured in the BIOS of the ESXi host to use the SHA-256 hashing algorithm and the TIS/FIFO (First-In, First-Out) interface and not CRB (Command Response Buffer). For information about setting these required BIOS options, refer to the vendor documentation.

    from https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-10F7022C-DBE1-47A2-BD86-3840C6955057.html

    (that said, there was one issue left in the TPM driver for ESXi Arm Fling, and it will be fixed on the next update)

    Cyprien