mstflint – Firmware Burning Tool
The mstflint (Flash interface) utility performs the following functions:
Burns a binary firmware image to the Flash device attached to an adapter or a switch device.
Burns an Expansion ROM image to the Flash device attached to adapters.
Queries for firmware attributes (version, GUIDs, UIDs, MACs, PSID, etc.)
Enables executing various operations on the Flash memory from the command line (for debug/production).
Disables/enables the access to the device’s hardware registers, and changes the key used for enabling. This feature is functional only if the burnt firmware supports it.
mstflint Synopsis
|
--allow_rom_change |
Allows burning/removing a ROM to/from Firmware image when product version is present. |
||||
|
--hmac_key <hmac_key> |
Path to the file containing the HMAC key (For FS4 image only). |
||||
|
--ignore_dev_data |
Do not attempt to take device data sections from device (sections will be taken from the image. FS3 image only). Commands affected: burn |
||||
|
--key_uuid <uuid_file> |
UUID matching the given private key to be used by the sign command |
||||
|
--key_uuid2 <uuid_file> |
UUID matching the given private key to be used by the sign command |
||||
|
--no_fw_ctrl |
Do not attempt to work with the firmware Ctrl update commands. |
||||
|
--private_key <key_file> |
Path to PEM formatted private key to be used by the sign command |
||||
|
--private_key2 <key_file> |
Path to PEM formatted private key to be used by the sign command |
||||
|
--use_fw |
Access to flash using FW (ConnectX-3/ConnectX-3Pro device only). Commands affected: all |
||||
|
-banks <banks> |
Set the number of attached flash devices (banks) |
||||
|
-blank_guids |
Burn the image with blank GUIDs and MACs (where applicable). These values can be set later using the "sg" command (see details below). Commands affected: burn |
||||
|
-clear_semaphore |
Force clear the flash semaphore on the device. No command is allowed when this flag is used. NOTE: May result in system instability or flash corruption if the device or another application is currently using the flash. Exercise caution. |
||||
|
-d[evice] <device> |
Device flash is connected to. Commands affected: all |
||||
|
-dual_image |
Make the burn process burn two images on flash (previously default algorithm). Current default failsafe burn process burns a single image (in alternating locations). Commands affected: burn |
||||
|
-flash_params <type,log2size,num_of_flashes> |
Use the given parameters to access the flash instead of reading them from the flash. Supported parameters:
|
||||
|
--flashed_version |
When specified, only flashed fw version is fetched Commands affected: query |
||||
|
-guid <GUID> |
GUID base value. 4 GUIDs are automatically assigned to the following values: guid -> node GUID guid+1 -> port1 guid+2 -> port2 guid+3 -> system image GUID NOTE: port2 guid will be assigned even for a single port HCA - The HCA ignores this value. Commands affected: burn, sg |
||||
|
-guids <GUIDs...> |
4 GUIDs must be specified here. The specified GUIDs are assigned to the following fields, respectively: node, port1, port2 and system image GUID. NOTE: port2 guid must be specified even for a single port HCA. The HCA ignores this value. It can be set to 0x0. Commands affected: burn, sg |
||||
|
-h[elp] |
Prints this message and exits |
||||
|
-hh |
Prints extended command help |
||||
|
-i[mage] <image> |
Binary image file. Commands affected: burn, verify |
||||
|
-log <log_file> |
Prints the burning status to the specified log file |
||||
|
--low_cpu |
When specified, cpu usage will be reduced. Run time might be increased Commands affected: query |
||||
|
-mac <MAC>1 |
MAC address base value. 2 MACs are automatically assigned to the following values: mac -> port1 mac+1 -> port2 Commands affected: burn, sg |
||||
|
-macs <MACs...>1 |
2 MACs must be specified here. The specified MACs are assigned to port1, port2, respectively. Commands affected: burn, sg NOTE: -mac/-macs flags are applicable only for NVIDIA Ethernet products. |
||||
|
-no |
Non interactive mode - assume answer "no" to all questions. Commands affected: all |
||||
|
-no_flash_verify |
Do not verify each write on the flash. |
||||
|
-nofs |
Burns image in a non failsafe manner. |
||||
|
-override_cache_replacement2 |
Allow accessing the flash even if the cache replacement mode is enabled. NOTE: This flag is often referred to as -ocr NOTE: This flag is intended for advanced users only. Running in this mode may cause the firmware to hang. |
||||
|
|
Run a quick query. When specified, mstflint will not perform full image integrity checks during the query operation. This may shorten execution time when running over slow interfaces (e.g., I2C, MTUSB-1). Commands affected: query |
||||
|
-s[ilent] |
Do not print burn progress flyer. Commands affected: burn |
||||
|
-striped_image |
Use this flag to indicate that the given image file is in a "striped image" format. Commands affected: query verify |
||||
|
-uid <UID> |
5th Generation (Group II) devices only. Derive and set the device’s base UID. GUIDs and MACs are derived from the given base UID according to NVIDIA Methodologies. Commands affected: burn, sg |
||||
|
-use_dev_rom |
Save the ROM which exists in the device (FS3 and FS4 image only). Commands affected: burn |
||||
|
-use_image_guids |
Burn (guids/uids/macs) as appears in the given image. Commands affected: burn |
||||
|
-use_image_ps |
Burn vsd as appears in the given image - do not keep existing VSD on flash. Commands affected: burn |
||||
|
-use_image_rom |
Do not save the ROM which exists in the device. Commands affected: burn |
||||
|
-v |
Version info. |
||||
|
-vsd <string> |
Write this string, of up to 208 characters, to VSD when burn. |
||||
|
-y[es] |
Non interactive mode - assume answer "yes" to all questions. Commands affected: all |
||||
|
--comid_file <template_file> |
Path to CoMID template file to be filled with M1-M4 measurements by the get_measurements. |
Note 1. The -mac and -macs options are applicable only to NVIDIA Ethernet adapter and switch devices.
Note 2. When accessing SwitchX via I2C or PCI, the -override_cache_replacement flag must be set.
Common FW Update and Query
|
b[urn] |
Burn flash |
|
q[uery] [full] |
Query misc. flash/firmware characteristics, use "full" to get more information. |
|
verify|v [showitoc] |
Verify entire flash, use "showitoc" to see ITOC headers in FS3/FS4 image only. |
|
swreset |
SW reset the target un-managed switch device. This command is supported only in the In-Band access method. |
|
sign_with_hmac |
Sign image with HMAC. |
|
get_measurements|gm |
Calculates M1-M4 measurements (For FS4 image only) |
Expansion ROM Update:
|
brom <ROM-file> |
Burn the specified ROM file on the flash. |
|
drom |
Remove the ROM section from the flash. |
|
rrom <out-file> |
Read the ROM section from the flash. |
|
qrom |
Query ROM in a given image. |
Initial Burn, Production:
Misc FW Image operations:
|
ri <out-file> |
Read the fw image on the flash. |
|
dc [out-file] |
Dump Configuration: print fw configuration file for the given image. |
|
dh [out-file] |
Dump Hash: print hash file for the given image. |
|
checksum|cs |
Perform MD5 checksum on firmware. |
|
timestamp|ts <set|query|reset> [timestamp] [FW version] |
Set/query/reset firmware timestamp. |
|
cache_image|ci |
Cache FW image (Windows only). |
|
sign |
Sign firmware image file |
|
set_public_keys [public key binary file] |
Set Public Keys (For FS3/FS4 image only). |
|
set_forbidden_versions [forbidden versions] |
Set Forbidden Versions (For FS3/FS4 image only). |
|
binary_compare|bc |
Verify the firmware image on a device which operates in livefish mode by comparing it with an existing binary firmware file. |
HW Access Key:
|
set_key [key] |
Set/Update the HW access key which is used to enable/disable access to HW. The key can be provided in the command line or interactively typed after the command is given. NOTE: The new key is activated only after the device is reset. |
|
hw_access <enable|disable> [key] |
Enable/disable the access to the HW. The key can be provided in the command line or interactively typed after the command is given. |
Low Level Flash Operations:
|
hw query |
Query HW info and flash attributes. |
|
e[rase] <addr> |
Erase sector |
|
rw <addr> |
Read one dword from flash |
|
ww <addr> < data> |
Write one dword to flash |
|
wwne <addr> |
Write one dword to flash without sector erase |
|
wb <data-file> <addr> |
Write a data block to flash |
|
wbne <addr> <size> <data ...> |
Write a data block to flash without sector erase |
|
rb <addr> <size> [out-file] |
Read a data block from flash |
The following commands are non-failsafe when performed on a 5th generation (Group II) device: sg, smg, sv and set_vpd.
Manufacture GUIDs are similar to GUIDs. However, they are located in the protected area of the flash and set during production. By default, firmware will use GUIDs unless specified otherwise during production.