NVIDIA Firmware Tools (MFT) Documentation v4.24.0
NVIDIA Firmware Tools (MFT) Documentation v4.24.0

Secure Firmware Update

Note

Secure Firmware Update is supported only on ConnectX-4 onwards adapter cards.

A “Secure firmware update” is the ability of a device to verify digital signatures of new firmware binaries, in order to assure that only officially approved versions can be installed from the host, the network[1] or a Board Management Controller (BMC).

The firmware of devices with “secure firmware up date” functionality (secure FW), restricts access to specific commands and registers that can be used to modify the firmware binary image on the flash, as well as commands that can jeopardize security in general. Most notably, the commands and registers for random flash access are disabled.

Secure FW verifies new binaries before activating them, compared to legacy devices where this task is done by the update tool using direct flash access commands. In addition to signature verification, secure FW also checks that the binary is designated to the same device model, that the new firmware is also secured, and that the new FW version is not included in a forbidden versions blacklist. The firmware rejects binaries that do not match the verification criteria.

Secure FW utilizes the same ‘fail safe’ upgrade procedures, so events like power failure during update should not leave the device in an unstable state. The table below lists the impact of secure FW update on MFT tools.

Tool

Flow

Secure FW

With CS Token

Blocked Commands

flint / mlxburn

Burn FW

Working with controlled fw update

Working with controlled fw update

Query

Working with controlled fw update

Working with controlled fw update

Set GUIDs

Working with controlled fw update

Working with controlled fw update

Verify

Working partially (BOOT image)

Working partially (BOOT image)

Set DV INFO: SET MFG, SET VSD, VPD

Not supported in Secure FW

Not supported in Secure FW

MFBA

ROM OPS: BROM, DROM

Not supported, BOOT image modification is not supported (MFBA)

Not supported, BOOT image modification is not supported (MFBA)

MFBA

"-ocr" override cache replacement (Direct flash GW access)

Not supported in Secure FW

Not supported in Secure FW

Flash GW is blocked

HW SET (Set flash parameters)

Flash GW is blocked

Flash GW is blocked

Flash GW is blocked

"--no_fw_ctrl" (Legacy Flow)

Not supported in Secure FW

Not supported in Secure FW

MFBA

mlxfwmanager / mlxup

Burn FW

Working with controlled fw update

Working with controlled fw update

mlxfwmanager

with --no_fw_ctrl

Not supported in Secure FW

Not supported in Secure FW

MFBA

mlxdump

fsdump

Blocked icmds

Working

gcif_get_ft_info, gcif_get_ft_list, gcif_get_fg, gcif_get_fg_list, gcif_get_fte, gcif_get_fte_list

phyUc

Blocked icmds

working

gcif_phy_uc_get_array_prop_px, gcif_phy_uc_set_get_data,

gcif_phy_uc_get_array_prop_EDR, gcif_phy_uc_get_array_prop_HDR

rxdump

CR-Space is locked & Blocked icmds

working

gcif_read_rx_slice_desc, gcif_read_rx_slice_packet

sxdump

CR-Space is locked & Blocked icmds

working

gcif_read_wq_buf fer

wqdump

Dump QP contexts

Blocked icmds

working

gcif_read_context

Dump WQs

Blocked icmds

working

gcif_read_host_m em, gcif_read_q_en- try, gcif_qp_get_pi_ci

ICM

Blocked icmds

working

gcif_read_icm

WRITE QP (Devmon)

working

gcif_write_context

mget_temp

hw_access

Read Only CR- Space

working

Read Only CR- Space

mcra

Read

working

working

working

Write

Read Only CR- Space

working

Read Only CR- Space

mstdump

Read

working

working

working

mlxtrace / fwtrace

MEM & FIFO

Only fwtrace is supported and only in Linux

working

Read Only CR- Space

pckt_drop

uses write to CR- Space to work

Read Only CR- Space

working

Read Only CR- Space

mlxlink

working

working

working

working

mlxreg

working

working

working

working

mlxcables

working

working

working

working

mlxconfig

working

working

working

working

mlxfwreset

working

working

working

working

i2c/mlxi2c

Not relevant when not in livefish

With Force flag (ENV VAR)

Read Only CR- Space

working

Read Only CR- Space

When Secure Firmware is enabled, the flint output slightly changes due to the differences in the underlying NIC accessing methods. Some functionalities may be restricted according to the device security level.

flint query under secure mode:

Copy
Copied!
            

# flint -d /dev/mst/mt4115_pciconf0 q Image type: FS3 FW Version: 12.19.2278 FW Release Date: 7.6.2017 Description: UID GuidsNumber Base GUID: 7cfe90030029205e 4 Base MAC: 00007cfe9029205e 4 Image VSD: Device VSD: PSID: MT_2190110032 Security Attributes: secure-fw, dev

Note

Unavailable information is reported as N/A.

© Copyright 2024, NVIDIA. Last updated on Aug 26, 2024.