mstflint – Firmware Burning Tool

The mstflint (Flash interface) utility performs the following functions:

  • Burns a binary firmware image to the Flash device attached to an adapter or a switch device.

  • Burns an Expansion ROM image to the Flash device attached to adapters.

  • Queries for firmware attributes (version, GUIDs, UIDs, MACs, PSID, etc.)

  • Enables executing various operations on the Flash memory from the command line (for debug/production).

  • Disables/enables the access to the device’s hardware registers, and changes the key used for enabling. This feature is functional only if the burnt firmware supports it.

mstflint Synopsis

--allow_rom_change

Allows burning/removing a ROM to/from Firmware image when product version is present.

--hmac_key <hmac_key>

Path to the file containing the HMAC key (For FS4 image only).

--ignore_dev_data

Do not attempt to take device data sections from device (sections will be taken from the image. FS3 image only).

Commands affected: burn

--key_uuid <uuid_file>

UUID matching the given private key to be used by the sign command

--key_uuid2 <uuid_file>

UUID matching the given private key to be used by the sign command

--no_fw_ctrl

Do not attempt to work with the firmware Ctrl update commands.

--private_key <key_file>

Path to PEM formatted private key to be used by the sign command

--private_key2 <key_file>

Path to PEM formatted private key to be used by the sign command

--use_fw

Access to flash using FW (ConnectX-3/ConnectX-3Pro device only).

Commands affected: all

-banks <banks>

Set the number of attached flash devices (banks)

-blank_guids

Burn the image with blank GUIDs and MACs (where applicable). These values can be set later using the "sg" command (see details below).

Commands affected: burn

-clear_semaphore

Force clear the flash semaphore on the device. No command is allowed when this flag is used.

NOTE: May result in system instability or flash corruption if the device or another application is currently using the flash. Exercise caution.

-d[evice] <device>

Device flash is connected to.

Commands affected: all

-dual_image

Make the burn process burn two images on flash (previously default algorithm). Current default failsafe burn process burns a single image (in alternating locations).

Commands affected: burn

-flash_params

<type,log2size,num_of_flashes>

Use the given parameters to access the flash instead of reading them from the flash.

Supported parameters:

  • Type: The type of the flash, such as: M25PXxx, M25Pxx, SST25VFxx, W25QxxBV, W25Xxx, AT25DFxxx, S25FLXXXP

  • log2size: The log2 of the flash size

  • num_of_flashes: the number of the flashes connected to the device

--flashed_version

When specified, only flashed fw version is fetched

Commands affected: query

-guid <GUID>

GUID base value. 4 GUIDs are automatically assigned to the following values:

guid -> node GUID

guid+1 -> port1

guid+2 -> port2

guid+3 -> system image GUID

NOTE: port2 guid will be assigned even for a single port HCA - The HCA ignores this value.

Commands affected: burn, sg

-guids <GUIDs...>

4 GUIDs must be specified here. The specified GUIDs are assigned to the following fields, respectively: node, port1, port2 and system image GUID.

NOTE: port2 guid must be specified even for a single port HCA. The HCA ignores this value. It can be set to 0x0.

Commands affected: burn, sg

-h[elp]

Prints this message and exits

-hh

Prints extended command help

-i[mage] <image>

Binary image file.

Commands affected: burn, verify

-log <log_file>

Prints the burning status to the specified log file

--low_cpu

When specified, cpu usage will be reduced. Run time might be increased

Commands affected: query

-mac <MAC>1

MAC address base value. 2 MACs are automatically assigned to the following values:

mac -> port1

mac+1 -> port2

Commands affected: burn, sg

-macs <MACs...>1

2 MACs must be specified here. The specified MACs are assigned to port1, port2, respectively.

Commands affected: burn, sg

NOTE: -mac/-macs flags are applicable only for NVIDIA Ethernet products.

-no

Non interactive mode - assume answer "no" to all questions.

Commands affected: all

-no_flash_verify

Do not verify each write on the flash.

-nofs

Burns image in a non failsafe manner.

-override_cache_replacement2

Allow accessing the flash even if the cache replacement mode is enabled.

NOTE: This flag is often referred to as -ocr

NOTE: This flag is intended for advanced users only. Running in this mode may cause the firmware to hang.

-qq

Run a quick query. When specified, mstflint will not perform full image integrity checks during the query operation. This may shorten execution time when running over slow interfaces (e.g., I2C, MTUSB-1). Commands affected: query

-s[ilent]

Do not print burn progress flyer. Commands affected: burn

-striped_image

Use this flag to indicate that the given image file is in a "striped image" format.

Commands affected: query verify

-uid <UID>

5th Generation (Group II) devices only. Derive and set the device’s base UID. GUIDs and MACs are derived from the given base UID according to NVIDIA Methodologies.

Commands affected: burn, sg

-use_dev_rom

Save the ROM which exists in the device (FS3 and FS4 image only).

Commands affected: burn

-use_image_guids

Burn (guids/uids/macs) as appears in the given image.

Commands affected: burn

-use_image_ps

Burn vsd as appears in the given image - do not keep existing VSD on flash.

Commands affected: burn

-use_image_rom

Do not save the ROM which exists in the device.

Commands affected: burn

-v

Version info.

-vsd <string>

Write this string, of up to 208 characters, to VSD when burn.

-y[es]

Non interactive mode - assume answer "yes" to all questions.

Commands affected: all

--comid_file <template_file>

Path to CoMID template file to be filled with M1-M4 measurements by the get_measurements.

Note 1. The -mac and -macs options are applicable only to NVIDIA Ethernet adapter and switch devices.
Note 2. When accessing SwitchX via I2C or PCI, the -override_cache_replacement flag must be set.

Common FW Update and Query

b[urn]

Burn flash

q[uery] [full]

Query misc. flash/firmware characteristics, use "full" to get more information.

verify|v [showitoc]

Verify entire flash, use "showitoc" to see ITOC headers in FS3/FS4 image only.

swreset

SW reset the target un-managed switch device. This command is supported only in the In-Band access method.

sign_with_hmac

Sign image with HMAC.

get_measurements|gm

Calculates M1-M4 measurements (For FS4 image only)

Expansion ROM Update:

brom <ROM-file>

Burn the specified ROM file on the flash.

drom

Remove the ROM section from the flash.

rrom <out-file>

Read the ROM section from the flash.

qrom

Query ROM in a given image.

Initial Burn, Production:

Misc FW Image operations:

ri <out-file>

Read the fw image on the flash.

dc [out-file]

Dump Configuration: print fw configuration file for the given image.

dh [out-file]

Dump Hash: print hash file for the given image.

checksum|cs

Perform MD5 checksum on firmware.

timestamp|ts <set|query|reset>

[timestamp] [FW version]

Set/query/reset firmware timestamp.

cache_image|ci

Cache FW image (Windows only).

sign

Sign firmware image file

set_public_keys [public key binary file]

Set Public Keys (For FS3/FS4 image only).

set_forbidden_versions [forbidden versions]

Set Forbidden Versions (For FS3/FS4 image only).

binary_compare|bc

Verify the firmware image on a device which operates in livefish mode by comparing it with an existing binary firmware file.

HW Access Key:

set_key [key]

Set/Update the HW access key which is used to enable/disable access to HW.

The key can be provided in the command line or interactively typed after the command is given.

NOTE: The new key is activated only after the device is reset.

hw_access <enable|disable> [key]

Enable/disable the access to the HW.

The key can be provided in the command line or interactively typed after the command is given.

Low Level Flash Operations:

hw query

Query HW info and flash attributes.

e[rase] <addr>

Erase sector

rw <addr>

Read one dword from flash

ww <addr> < data>

Write one dword to flash

wwne <addr>

Write one dword to flash without sector erase

wb <data-file> <addr>

Write a data block to flash

wbne <addr> <size> <data ...>

Write a data block to flash without sector erase

rb <addr> <size> [out-file]

Read a data block from flash

Warning

The following commands are non-failsafe when performed on a 5th generation (Group II) device: sg, smg, sv and set_vpd.

Warning

Manufacture GUIDs are similar to GUIDs. However, they are located in the protected area of the flash and set during production. By default, firmware will use GUIDs unless specified otherwise during production.

© Copyright 2023, NVIDIA. Last updated on Feb 5, 2024.