Abstract: Method, apparatus, and computer program product are provided for merging multiple compute nodes with trusted platform modules utilizing provisioned node certificates. In some embodiments, compute nodes are connected to be available for merger into a single multi-node system. Each compute node includes a trusted platform module (TPM) provisioned with a platform certificate and a signed attestation key (AK) certificate and is accessible to firmware on the compute node. One compute node is assigned the role of master compute node (MCN), with the other compute node(s) each assigned the role of slave compute node (SCN). A quote request is sent from the MCN to each SCN under control of firmware on the MCN. In response to receiving the quote request, a quote response is sent from each respective SCN to the MCN under control of firmware on the respective SCN, wherein the quote response includes the AK certificate of the respective SCN's TPM.

Abstract: A method and computer system for implementing authentication protocol for merging multiple server nodes with trusted platform modules (TPMs) utilizing provisioned node certificates to support concurrent node add and node remove. Each of the multiple server nodes boots an instance of enablement level firmware and extended to a trusted platform module (TPM) on each node as the server nodes are powered up. A hardware secure channel is established between the server nodes for firmware message passing as part of physical configuration of the server nodes to be merged. A shared secret is securely exchanged via the hardware secure channel between the server nodes establishing an initial authentication value shared among all server nodes. All server nodes confirm common security configuration settings and exchange TPM log and platform configuration register (PCR) data to establish common history for future attestation requirements, enabling dynamic changing the server nodes and concurrently adding and removing nodes.

Abstract: Method, apparatus, and computer program product are provided for merging multiple compute nodes with trusted platform modules (TPMs) utilizing an authentication protocol with active TPM provisioning. In some embodiments, compute nodes are connected to be available for merger into a single multi-node system. Each compute node includes a TPM accessible to firmware on the node. One compute node is assigned the role of master compute node (MCN), with the other node(s) each assigned the role of slave compute node (SCN). Active TPM provisioning in each SCN produces key information that is sent to the MCN to enable use of a challenge/response exchange with each SCN. A quote request is sent from the MCN to each SCN. In response to receiving the quote request, a quote response is sent from each respective SCN to the MCN, wherein the quote response includes slave TPM content along with TPM logs and associated signatures.

Abstract: A method, system and computer program product are provided for detecting state and sparing of optical Peripheral Component Interconnect Express (PCI-Express or PCIE) cable channels attached to an IO drawer. System firmware is provided for implementing health check functions and state detection and sparing functions. One or more optical cables are connected between a host bridge and an PCIE enclosure, each optical cable includes one or more spare optical channels. An identified failed optical channel is rerouted to the spare optical channel.

Abstract: Method, apparatus, and computer program product are provided for merging multiple compute nodes with trusted platform modules (TPMs) utilizing an authentication protocol with active TPM provisioning. In some embodiments, compute nodes are connected to be available for merger into a single multi-node system. Each compute node includes a TPM accessible to firmware on the node. One compute node is assigned the role of master compute node (MCN), with the other node(s) each assigned the role of slave compute node (SCN). Active TPM provisioning in each SCN produces key information that is sent to the MCN to enable use of a challenge/response exchange with each SCN. A quote request is sent from the MCN to each SCN. In response to receiving the quote request, a quote response is sent from each respective SCN to the MCN, wherein the quote response includes slave TPM content along with TPM logs and associated signatures.

Abstract: Method, apparatus, and computer program product are provided for merging multiple compute nodes with trusted platform modules utilizing provisioned node certificates. In some embodiments, compute nodes are connected to be available for merger into a single multi-node system. Each compute node includes a trusted platform module (TPM) provisioned with a platform certificate and a signed attestation key (AK) certificate and is accessible to firmware on the compute node. One compute node is assigned the role of master compute node (MCN), with the other compute node(s) each assigned the role of slave compute node (SCN). A quote request is sent from the MCN to each SCN under control of firmware on the MCN. In response to receiving the quote request, a quote response is sent from each respective SCN to the MCN under control of firmware on the respective SCN, wherein the quote response includes the AK certificate of the respective SCN's TPM.

Abstract: A method and computer system for implementing authentication protocol for merging multiple server nodes with trusted platform modules (TPMs) utilizing provisioned node certificates to support concurrent node add and node remove. Each of the multiple server nodes boots an instance of enablement level firmware and extended to a trusted platform module (TPM) on each node as the server nodes are powered up. A hardware secure channel is established between the server nodes for firmware message passing as part of physical configuration of the server nodes to be merged. A shared secret is securely exchanged via the hardware secure channel between the server nodes establishing an initial authentication value shared among all server nodes. All server nodes confirm common security configuration settings and exchange TPM log and platform configuration register (PCR) data to establish common history for future attestation requirements, enabling dynamic changing the server nodes and concurrently adding and removing nodes.

Abstract: A method, system and computer program product are provided for detecting state and sparing of optical Peripheral Component Interconnect Express (PCI-Express or PCIE) cable channels attached to an IO drawer. System firmware is provided for implementing health check functions and state detection and sparing functions. One or more optical cables are connected between a host bridge and an PCIE enclosure, each optical cable includes one or more spare optical channels. An identified failed optical channel is rerouted to the spare optical channel.

Abstract: A method, system and computer program product are provided for detecting state and sparing of optical Peripheral Component Interconnect Express (PCI-Express or PCIE) cable channels attached to an IO drawer. System firmware is provided for implementing health check functions and state detection and sparing functions. One or more optical cables are connected between a host bridge and an PCIE enclosure, each optical cable includes one or more spare optical channels. An identified failed optical channel is rerouted to the spare optical channel.

Abstract: A method, system and computer program product are provided for implementing health check for optical cable attached Peripheral Component Interconnect Express (PCIE) enclosures in a computer system. System firmware is provided for implementing health check functions. One or more optical cables are connected between a host bridge and a PCIE enclosure. A PCIE link to the PCIE enclosure is reset responsive to a predefined event. After a set delay, a PCIE link health check is performed verifying PCIE link width and speed.

Abstract: A method, system and computer program product are provided for implementing health check for optical cable attached Peripheral Component Interconnect Express (PCIE) enclosures in a computer system. System firmware is provided for implementing health check functions. One or more optical cables are connected between a host bridge and a PCIE enclosure. A PCIE link to the PCIE enclosure is reset responsive to a predefined event. After a set delay, a PCIE link health check is performed verifying PCIE link width and speed.

Abstract: A method, system and computer program product are provided for detecting state and sparing of optical Peripheral Component Interconnect Express (PCI-Express or PCIE) cable channels attached to an IO drawer. System firmware is provided for implementing health check functions and state detection and sparing functions. One or more optical cables are connected between a host bridge and a PCIE enclosure, each optical cable includes one or more spare optical channels. An identified failed optical channel is rerouted to the spare optical channel.

Abstract: A method, system and computer program product are provided for implementing health check for optical cable attached Peripheral Component Interconnect Express (PCIE) enclosures in a computer system. System firmware is provided for implementing health check functions. One or more optical cables are connected between a host bridge and a PCIE enclosure. A PCIE link to the PCIE enclosure is reset responsive to a predefined event. After a set delay, a PCIE link health check is performed verifying PCIE link width and speed.

Abstract: A method, system and computer program product are provided for detecting state and sparing of optical Peripheral Component Interconnect Express (PCI-Express or PCIE) cable channels attached to an IO drawer. System firmware is provided for implementing health check functions and state detection and sparing functions. One or more optical cables are connected between a host bridge and a PCIE enclosure, each optical cable includes one or more spare optical channels. An identified failed optical channel is rerouted to the spare optical channel.

Abstract: A method, system and computer program product are provided for detecting state and sparing of optical Peripheral Component Interconnect Express (PCI-Express or PCIE) cable channels attached to an IO drawer. System firmware is provided for implementing health check functions and state detection and sparing functions. One or more optical cables are connected between a host bridge and an PCIE enclosure, each optical cable includes one or more spare optical channels. An identified failed optical channel is rerouted to the spare optical channel.

Abstract: A method, system and computer program product are provided for implementing health check for optical cable attached Peripheral Component Interconnect Express (PCIE) enclosures in a computer system. System firmware is provided for implementing health check functions. One or more optical cables are connected between a host bridge and a PCIE enclosure. A PCIE link to the PCIE enclosure is reset responsive to a predefined event. After a set delay, a PCIE link health check is performed verifying PCIE link width and speed.

Abstract: Systems and methods to manage access to shared resources are provided. A particular method may include receiving a request to access a shared resource from a first client of a plurality of clients and determining whether the shared resource is being used. A first window credential associated with the first client may be retrieved. The first window credential may be one of a plurality of window credentials associated with the plurality of clients. The first window credential may be used to access the shared resource.

Abstract: A method, system and computer program product are provided for implementing memory migration of large system memory pages in a computer system. A large page to be migrated from a current location to a target location is converted into a plurality of smaller subpages for a processor or system page table. The migrated page is divided into first, second and third segments, each segment composed of the smaller subpages and each respective segment changes as each individual subpage is migrated. CPU and I/O accesses to respective subpages of the first segment are directed to corresponding subpages of the target page or new page. I/O accesses to respective subpages of the second segment use a dual write mode targeting corresponding subpages of both the current page and the target page. CPU and I/O accesses to the subpages of the third segment access the corresponding subpages of the current page.

Abstract: Systems and methods to manage access to shared resources are provided. A particular method may include receiving a request to access a shared resource from a first client of a plurality of clients and determining whether the shared resource is being used. A first window credential associated with the first client may be retrieved. The first window credential may be one of a plurality of window credentials associated with the plurality of clients. The first window credential may be used to access the shared resource.

Abstract: Processing multicast messages in a data processing system that includes compute nodes, each of which includes a communications controller, the communications controllers operatively coupled for data communications amongst the compute nodes, each compute node in the data processing system executing at least one logical partition, the data processing system including a hypervisor, where multicast messages are processed by receiving, by more than one of the communications controllers, a multicast message; responsive to receipt of the multicast message, signaling, by one of the communications controllers, an interrupt in the hypervisor without signaling an interrupt by any other communications controller; determining, by the hypervisor, that the message received by the interrupt signaling communications controller is a multicast message; and providing, by the hypervisor, the multicast message to at least one logical partition configured to receive multicast messages.