Restricting the use of a firmware tool to a specific platform
First Claim
1. A computer-implemented method, comprising:
- receiving, at a computing system, a request to execute a firmware tool;
responsive to the request, reading at least a first firmware globally unique identifier (GUID) from a first Advanced Configuration and Power Interface (ACPI) table;
verifying a digital signature associated with the first firmware GUID;
responsive to verifying the digital signature, determining if the first firmware GUID is the same as a second firmware GUID from a second ACPI table;
responsive to determining that the first firmware GUID is the same as the second firmware GUID, determining if a second firmware tool GUID is the same as one or more first firmware tool GUIDs; and
enabling execution of the firmware tool responsive to determining that the second firmware tool GUID is the same as at least one of the one or more first firmware tool GUIDs, wherein the at least one of the one or more first firmware tool GUIDs is associated with the firmware tool.
2 Assignments
0 Petitions
Accused Products
Abstract
A firmware includes a firmware module for copying a digitally signed binary file that includes a firmware globally unique identifier (GUID), tool GUIDs, and feature GUIDs to an Advanced Configuration and Power Management interface (ACPI) table (the Firmware Enabled Tool Registry (FETR) table). If the FETR table is stored in memory, a firmware tool determines whether a digital signature of the signed binary file can be verified. If the digital signature can be verified, the firmware tool determines if the firmware GUID stored in the FETR table matches a firmware GUID stored in another ACPI table. If the firmware GUIDs match, the firmware tool determines whether its tool GUID matches a tool GUID stored in the FETR table. The firmware tool can continue to execute if the tool GUIDs match. Firmware tool features are enabled if feature GUIDs in the FETR table match feature GUIDs of the firmware tool.
17 Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
receiving, at a computing system, a request to execute a firmware tool; responsive to the request, reading at least a first firmware globally unique identifier (GUID) from a first Advanced Configuration and Power Interface (ACPI) table; verifying a digital signature associated with the first firmware GUID; responsive to verifying the digital signature, determining if the first firmware GUID is the same as a second firmware GUID from a second ACPI table; responsive to determining that the first firmware GUID is the same as the second firmware GUID, determining if a second firmware tool GUID is the same as one or more first firmware tool GUIDs; and enabling execution of the firmware tool responsive to determining that the second firmware tool GUID is the same as at least one of the one or more first firmware tool GUIDs, wherein the at least one of the one or more first firmware tool GUIDs is associated with the firmware tool. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable storage medium storing computer-executable instructions which, when executed by a computing system, cause the computing system to:
-
receive, at the computing system, a request to execute a firmware tool; responsive to the request, read a first firmware globally unique identifier (GUID) from a first Advanced Configuration and Power Interface (ACPI) table; verify a digital signature associated with the first firmware GUID; determine if the first firmware GUID is the same as a second firmware GUID from a second ACPI table; responsive to determining that the first firmware GUID is the same as the second firmware GUID, determine if a second firmware tool GUID is the same as one or more first firmware tool GUIDs; and enable execution of the firmware tool responsive to determining that the second firmware tool GUID is the same as at least one of the one or more first firmware tool GUIDs, wherein the at least one of the one or more first firmware tool GUIDs is associated with the firmware tool. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computing system, comprising:
-
one or more processors; and at least one memory storing computer-executable instructions which, when executed by the one or more processors, cause the computing system to; receive a request to execute a firmware tool at the computing system; responsive to the request, read a first firmware globally unique identifier (GUID) from a first Advanced Configuration and Power Interface (ACPI) table that is stored in the at least one memory of the computing system; verify a digital signature associated with the first firmware GUID; responsive to verifying the digital signature, determine if the first firmware GUID is the same as a second firmware GUID from a second ACPI table; responsive to determining that the first firmware GUID is the same as the second firmware GUID, determine if a second firmware tool GUID is the same as one or more first firmware tool GUIDs; and enable execution of the firmware tool responsive to determining that the second firmware tool GUID is the same as at least one of the one or more first firmware tool GUIDs, wherein the at least one of the one or more first firmware tool GUIDs is associated with the firmware tool. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification