Microcode(uCode) hot-upgrade method for bare metal cloud deployment

What is claimed is: 1. A method, comprising: during runtime operation of a host operating system in a tenant environment hosted on a bare metal platform including one or more host central processing units (CPUs) on which the host operating system and applications in the tenant environment are executed, at least one of the one or more host CPUs coupled to a firmware storage device in which firmware including microcode (uCode) is stored and wherein the firmware storage device has a layout partitioned into a plurality of regions, including one or more uCode firmware volume (FV) regions, providing a uCode patch to an out-of-band controller communicatively coupled to the firmware storage device; writing, using the out-of-band controller, the uCode patch to a uCode FV region; and employing an out-of-band uCode hot-upgrade process to update firmware uCode for at least one of the one or more host CPUs by updating the uCode for that CPU with uCode from the uCode FV region. 2. The method of claim 1 , wherein the uCode hot-upgrade process is transparent to the host operating system in the tenant environment. 3. The method of claim 1 further comprising: triggering, using an interrupt, a uCode update service to execute on a host CPU; pausing execution of the host operating system; executing the uCode update service to, load a uCode image from the uCode FV region into memory on the bare metal platform; for each of at least one host CPU, load a uCode image address at which a uCode image for a host CPU is loaded in the memory and execute a uCode update command to update the uCode for that host CPU; and resuming execution of the host operating system following completion of the uCode update service. 4. The method of claim 3 , wherein the bare metal platform includes a plurality of host CPUs, wherein the uCode patch includes multiple uCode images corresponding to respective stepping versions, and wherein execution of the uCode update service causes the bare metal platform to: enumerate a uCode version, model type and stepping version for each of the plurality of host CPUs; for each host CPU that is enumerated, one at a time, compare uCode image version information with CPU uCode information for a host CPU; determine whether a uCode update for that host CPU is valid; and, when the uCode update for that host CPU is valid, switch execution to target that host CPU; and load a uCode image address at which a uCode image having the stepping version for that host CPU is loaded in the memory and execute a uCode update command to update uCode for that host CPU. 5. The method of claim 3 , wherein the interrupt comprises a System Management Interrupt (SMI) and the uCode update service comprises a uCode update SMI service, and wherein the SMI and execution of the uCode update SMI service causes the host CPU to: switch the host CPU from a current operational mode to a System Management Mode (SMM), wherein execution of the host operating system is paused while the host CPU is in SMM; execute the uCode update SMI service while the host CPU is in SMM; return the host CPU to the current operational mode; and resume execution of the host operating system. 6. The method of claim 1 , wherein the firmware storage device is a Basic Input-Output System (BIOS) Serial Peripheral Interface (SPI) flash memory device, and wherein the out-of-band controller is a baseboard management controller (BMC) coupled to the BIOS SPI flash memory device via an enhanced Serial Peripheral Interface Bus (eSPI) or Serial Peripheral Interface Bus (SPI). 7. The method of claim 6 , further comprising: discovering a layout of uCode FV regions for the BIOS SPI flash memory device; and sending uCode FV region layout information corresponding to the layout of the uCode FV regions that are discovered to the BMC. 8. The method of claim 1 , wherein the plurality of regions includes a uCode base region and one or more uCode FV extension regions, further comprising: booting a host CPU using a current uCode image having a first version in the uCode base region; writing the uCode patch as a second uCode image having a second version to a uCode FV extension region; and copying the second uCode image into the uCode base region to sync-up a current uCode image in the uCode base region. 9. A bare metal platform, comprising: one or more host central processing units (CPUs); a memory, coupled to the one or more CPUs; a firmware storage device in which firmware including microcode (uCode) are stored, communicatively coupled to at least one of the one or more CPUs, wherein the firmware storage device has a layout partitioned into a plurality of regions, including one or more uCode firmware volume (FV) regions; and an out-of-band controller, communicatively coupled to at least one host CPU and communicatively coupled to the firmware storage device, wherein the bare metal platform is configured to be implemented in a cloud service provider environment and host a tenant environment in which a host operating system and applications are executed on the one or more CPUs, and wherein the bare metal platform is configured to, implement a uCode hot-upgrade process using the out-of-band controller to update uCode for at least one of the one or more CPUs during runtime operation of the host operating system using a uCode patch; write, using the out-of-band controller, the uCode patch to a uCode FV region; and for at least one of the one or more CPUs, update the uCode for that CPU with uCode from the uCode FV region. 10. The bare metal platform of claim 9 , wherein the uCode hot-upgrade process is transparent to the host operating system in the tenant environment. 11. The bare metal platform of claim 9 , further configured to: trigger, using an interrupt, a uCode update service to execute on a host CPU; pause execution of the host operating system; execute the uCode update service to, load a uCode image from the uCode FV region into memory on the bare metal platform; for each of at least one host CPU, load a uCode image address at which a uCode image for a host CPU is loaded in the memory and execute a uCode update command to update the uCode for that host CPU; and resume execution of the host operating system following completion of the uCode update service. 12. The bare metal platform of claim 9 , wherein the firmware storage device is a Basic Input-Output (BIOS) Serial Peripheral Interface (SPI) flash memory device, and wherein the out-of-band controller is a baseboard management controller (BMC) coupled to the BIOS SPI flash memory device via an enhanced Serial Peripheral Interface Bus (eSPI) or an SPI bus. 13. The bare metal platform of claim 12 , further configured to: discover a layout of uCode FV regions for the BIOS SPI flash memory device; and send uCode FV region layout information corresponding to the layout of the uCode FV regions that are discovered to the BMC. 14. The bare metal platform of claim 9 , wherein the plurality of regions includes a uCode base region and one or more uCode FV extension regions, and wherein the bare metal platform is further configured to: boot a host CPU using a current uCode image having a first version in the uCode base region; write the uCode patch as a second uCode image having a second version to a uCode FV extension region; and copy the second uCode image into the uCode base region to sync-up a current uCode image in the uCode base region. 15. An out-of-band controller configured to be implemented on a bare metal platform on which a host operating system and applications in a tenant env