1. Manuals
  2. Brands
  3. Nvidia Manuals
  4. Tools
  5. MSTFLINT
  6. Manual

Key Loss Recovery; Mstflint: Secure Firmware Update - Nvidia MSTFLINT Manual

Burning and diagnostics tools
Hide thumbs Also See for MSTFLINT:
Table of Contents

Advertisement

2.
Burn the firmware on the device (make sure hardware access is enabled prior to
burning):
# mstflint -d
3.
Execute a driver restart in order to load the unsecure firmware: 
# service openibd restart

Key Loss Recovery

If a key is lost, there is no way to recover it using the tool. The only way to recover is to:
1.
Connect the flash-not-present jumper on the card.
2.
Reboot the machine.
3.
Re-burn firmware
4.
Remove the flash-not-present jumper.
5.
Reboot the machine
6.
Re-set the hardware access key

mstflint: Secure Firmware Update

Secure Firmware Update is supported only on ConnectX-4 onwards adapter cards and as of
mstflint v4.10.0-3. .
A "Secure firmware update" is the ability of a device to verify digital signatures of new firmware
binaries, in order to assure that only officially approved versions can be installed from the host, the
network[1] or a Board Management Controller (BMC).
The firmware of devices with "secure firmware up date" functionality (secure FW), restricts access to
specific commands and registers that can be used to modify the firmware binary image on the flash, as
well as commands that can jeopardize security in general. Most notably, the commands and registers
for random flash access are disabled.
Secure FW verifies new binaries before activating them, compared to legacy devices where this task is
done by the update tool using direct flash access commands. In addition to signature verification,
secure FW also checks that the binary is designated to the same device model, that the new firmware
is also secured, and that the new FW version is not included in a forbidden versions blacklist. The
firmware rejects binaries that do not match the verification criteria.
Secure FW utilizes the same 'fail safe' upgrade procedures, so events like power failure during update
should not leave the device in an unstable state. The table below lists the impact of secure FW update
on mstflint tools.
Tool
Flow
mstfli
Burn FW
nt
Query
41:00.0
-i fw-4099.unsecure.bin b
Secure FW
Working with controlled fw
update
Working with MCC
commands
With CS Token
Working with controlled fw
update
Working with MCC
commands
Blocked
Command
s
72
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Nvidia MSTFLINT

Related Products for Nvidia MSTFLINT

This manual is also suitable for:

Mellanox mstflint

Table of Contents