NVIDIA Firmware Tools (MFT) Documentation v4.26.1 LTS
NVIDIA Docs Hub  NVIDIA Networking  Networking Software  NVIDIA Firmware Tools (MFT) Documentation v4.26.1 LTS  Disabling/Enabling Access to the Hardware

On This Page

Disabling/Enabling Access to the Hardware

The secure host feature enables ConnectX family devices to block access to its internal hardware registers. The hardware access in this mode is allowed only if a correct 64 bits key is provided.

Warning

The secure host feature requires a MLNX_OFED driver installed on the machine.

4th Generation Devices

To disable/enable access to the hardware:

  1. Set the key:

    Copy
    Copied!
                
    
            
    # mstflint -d 41:00.0 set_key 22062011
Setting the HW Key - OK
Restoring signature - OK

    Warning

    A driver restart is required to activate the new key.

  2. Access the HW while HW access is disabled:

    Copy
    Copied!
                
    
            
    # mstflint -d 41:00.00 q
E- Cannot open 41:00.0: HW access is disabled on the device.
E- Run "flint -d 41:00.0 hw_access enable" in order to enable HW access.

  3. Enable HW access:

    Copy
    Copied!
                
    
            
    # mstflint -d 41:00.0 hw_access enable
Enter Key: ********

  4. Disable HW access:

    Copy
    Copied!
                
    
            
    # mstflint -d 41:00.0 hw_access disable

    Important

    WARNING:
    1. Once a hardware access key is set, the hardware can be accessed only after the correct key is provided.
    2. If a key is lost, there is no way to recover it using the tool. The only way to recover from a lost key is to:
    • Connect the flash-not-present jumper on the card
    • Boot in "flash recovery" mode
    • Re-burn FW
    • Re-set the HW access key

5th Generation Devices

Secure Host can be enabled on 5th generation devices in one of the following manners:

  1. Set the key:

    Copy
    Copied!
                
    
            
    # mstflint -d 41:00.0 set_key 18022018
-I- Secure Host was enabled successfully on the device.

  2. Disable HW access:

    Copy
    Copied!
                
    
            
    # mstflint -d 41:00.0 hw_access disable 18022018
-I- Secure Host was enabled successfully on the device.

    If the key was not provided in the command line, an interactive shell will ask for it, and verifying it:

    Copy
    Copied!
                
    
            
    # mstflint -d 41:00.0 set_key
Enter Key : ********
Verify Key : ********
-I- Secure Host was enabled successfully on the device.

Or

  1. Disable the Secure Host (Enable HW access):

    Copy
    Copied!
                
    
            
    # mstflint -d 41:00.0 hw_access enable 18022018
-I- The Secure Host was disabled successfully on the device.
And the same as previous, providing the key can be done in interactive shell:
# mstflint -d 41:00.0 hw_access enable
Enter Key : ********
-I- The Secure Host was disabled successfully on the device.

© Copyright 2023, NVIDIA. Last updated on Mar 21, 2024.
content here