mlxprivhost enables the user to restrict the hosts from managing the device.
mlxprivhost is supported in Linux only.
mlxprivhost is not supported in ESXi 7.0.
This utility is supported in BlueField devices only.
mlxprivhost Synopsis
mlxprivhost [OPTIONS] <command> [parameters…]
- Restrict configuration takes effect immediately, but disabling/enabling RShim requires power cycle
- A restricted host will not be able to perform operations as the below that can compromise the DPU:
- Port ownership – the host cannot assign itself as port owner
- Hardware counters – the host does not have access to hardware counters
- Tracer functionality is blocked
- RShim interface is blocked
- FW flash is restricted
- For Multi-host systems, the tool is compatible with firmware versions starting from xx.31.10xx and later
where:
| -h, --help | Shows this help message and exit |
| -v, --version | Shows program's version number and exit |
| -d <dev>, --device <dev> | Device to work with. |
| --disable_rshim | When TRUE, the host does not have an RSHIM function to access the embedded CPU registers (power cycle is required to apply changes) |
| --disable_tracer | When TRUE, the host will not be allowed to own the Tracer (requires FW reset to be applied) |
| --disable_counter_rd | When TRUE, the host will not be allowed to read Physical port counters (requires FW reset to be applied) |
| --disable_port_owner | When TRUE, the host will not be allowed to be Port Owner (requires FW reset to be applied) |
| r,restrict | Set all external hosts restricted except the one that called the command |
| p,privilege | Set all external hosts privileged except the one that called the command |
| q,query | From external HOST: query the status of the host From Embedded ARM CPU: query the status of all external hosts. |
| -f, --full | Run with query command for high verbosity level - valid from embedded ARM CPU only. |
Example of mlxprivhost:
Enabling Full Host Restriction (Embedded ARM CPU Only):
mlxprivhost –d /dev/mst/mt41682_pciconf0 r --disable_rshim --disable_tracer --disable_counter_rd --disable_port_owner
Disabling Host Restriction (Embedded ARM CPU Only): :
mlxprivhost –d /dev/mst/mt41682_pciconf0 p
Query the status of the host\hosts (the full flag valid for embedded ARM CPU Only):
mlxprivhost -d /dev/mst/mt41682_pciconf0 q --full Host configurations ------------------- host index : 0 1 2 3 level : PRIVILEGED PRIVILEGED PRIVILEGED PRIVILEGED Port functions status: ----------------------- disable_rshim : FALSE FALSE FALSE FALSE disable_tracer : FALSE FALSE FALSE FALSE disable_port_owner : FALSE FALSE FALSE FALSE disable_counter_rd : FALSE FALSE FALSE FALSE
