NVIDIA Firmware Tools (MFT) Documentation v4.29.0
NVIDIA Docs Hub Homepage  NVIDIA Networking  Networking Software  Firmware Management  NVIDIA Firmware Tools (MFT) Documentation v4.29.0  Querying the Firmware Image

Querying the Firmware Image

To query the FW image on a device, use the following command line:

# flint -d <device> q

To query the FW image in a file, use the following command line:

# flint -i <image file> q

where:

device

Device on which the query is run.

image file

Image file on which the query is run.

Examples:

  • Query the FW on the device.

    # flint -d /dev/mst/mt4099_pci_cr0 query

  • Query the FW image file.

    # flint -i 25408-2_42_5000-MCX354A-FCB_A2.bin query

  • Security Attributes field in Query output:

    This field lists the security attributes of the device’s firmware, where:

    • Secure-fw: This attribute indicates that this binary/device supports secure-firmware-updates. It means that only officially signed binaries can be loaded to the device from the host, and that the current binary is signed.

    • Signed-fw: This attribute indicates that that this binary is signed and that the device can verify digital signatures of new updates. However, unlike, secure-fw, there might still be methods to upload unsigned binaries to the device from the host.

    • debug: This attribute indicate that this binary is (or this device runs) a debug-version. Debug versions are custom made for specific data-centers or labs, and can only be installed after a corresponding debug-fw token is pushed to the device. The debug-fw-token, which is digitally signed, includes a list of the target devices MAC addresses.

    • dev: This attribute indicates that the firmware is signed with development (test) key.

  • Default Update Method" field in Query Full output:{This field reflect the method which flint will use in order to update the device. The user can enforce a different method using the –no_fw_ctrl or the –ocr flags.The default methods are:

    • Legacy: flint will use the low level flash access registers.

    • fw_ctrl: flint will operate the ‘firmware component update’ state machine.

  • Secure-boot attributes

    • Secure-boot : This attribute indicates if the device supports secure-boot

    • Life-cycle : This attribute indicates the current status of secure-boot

    • Security-version:

      • For query on image: This attribute indicates the security-version of the image.

      • For query on device:

        • “EFUSE security version”: Indicates the security version of the device

        • “Image security version”: Indicates the security version of the image on the flash

        • Programming method: Indicates when the boot will program the “EFUSE security version” to be aligned with the “image security version”.
© Copyright 2024, NVIDIA. Last updated on Aug 14, 2024.
content here