42
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
image file
Image file to verify.
Examples:mstflint -i fw-ConnectX4Lx.bin checksum -I- Calculating Checksum ... Checksum:
68ddae6bfe42f87f09084f3f468a35c6
mstflint -d 41:00.0
-I- Calculating Checksum ...
Checksum: 68ddae6bfe42f87f09084f3f468a35c6
mstflint: Querying the Firmware Image
To query the FW image on a device, use the following command line:
# mstflint -d <device> q
To query the FW image in a file, use the following command line:
# mstflint -i <image file> q
where:
device
Device on which the query is run.
image file
Image file on which the query is run.
Examples:
Query the FW on the device.
# mstflint -d 41:00.0 query
Query the FW image file.
# mstflint -i 25408-2_42_5000-MCX354A-FCB_A2.bin query
Security Attributes field in Query output:
This field lists the security attributes of the device’s firmware, where:
Secure-fw: This attribute indicates that this binary/device supports secure-firmware-
updates. It means that only officially signed binaries can be loaded to the device from
the host, and that the current binary is signed.
Signed-fw: This attribute indicates that that this binary is signed and that the device
can verify digital signatures of new updates. However, unlike, secure-fw, there might
still be methods to upload unsigned binaries to the device from the host.
debug: This attribute indicate that this binary is (or this device runs) a debug-version.
Debug versions are custom made for specific data-centers or labs, and can only be
installed after a corresponding debug-fw token is pushed to the device. The debug-fw-
token, which is digitally signed, includes a list of the target devices MAC addresses.
dev: This attribute indicates that the firmware is signed with development (test) key.
Default Update Method" field in Query Full output:{This field reflect the method which
mstflint will use in order to update the device. The user can enforce a different method using
the –no_fw_ctrl or the –ocr flags.The default methods are:
Legacy: mstflint will use the low level flash access registers.
fw_ctrl: mstflint will operate the ‘firmware component update’ state machine.
Secure-boot attributes
Secure-boot : This attribute indicates if the device supports secure-boot
Life-cycle : This attribute indicates the current status of secure-boot
Security-version:
For query on image: This attribute indicates the security-version of the image.
For query on device:
“EFUSE security version”: Indicates the security version of the device