The secure host feature enables ConnectX family devices to block access to its internal hardware registers. The hardware access in this mode is allowed only if a correct 64 bits key is provided.
The secure host feature requires a DOCA_OFED driver installed on the machine.
5th Generation Devices
Secure Host can be enabled on 5th generation devices in one of the following manners:
-
Set the key:
# flint -d /dev/mst/mt4115_pciconf0 set_key 18022018 -I- Secure Host was enabled successfully on the device. -
Disable HW access:
# flint -d /dev/mst/mt4115_pciconf0 hw_access disable 18022018 -I- Secure Host was enabled successfully on the device.If the key was not provided in the command line, an interactive shell will ask for it, and verifying it:
# flint -d /dev/mst/mt4115_pciconf0 set_key Enter Key : ******** Verify Key : ******** -I- Secure Host was enabled successfully on the device.
Or
-
Disable the Secure Host (Enable HW access):
# flint -d /dev/mst/mt4115_pciconf0 hw_access enable 18022018 -I- The Secure Host was disabled successfully on the device. And the same as previous, providing the key can be done in interactive shell: # flint -d /dev/mst/mt4115_pciconf0 hw_access enable Enter Key : ******** -I- The Secure Host was disabled successfully on the device.
Last updated: