System and Method for Securely Updating Firmware Devices by Using a Hypervisor
First Claim
1. A computer-implemented method comprising:
- receiving a firmware update at a computer system, wherein the computer system is executing a hypervisor and one or more guest operating systems, and wherein the firmware update corresponds to a hardware device accessible by the computer system, the hardware device including an updateable firmware;
in response to receiving the firmware update, the hypervisor operates by;
inhibiting use of the device by each of the guest operating systems;
after the inhibiting, upgrading the firmware using the received firmware update; and
after the upgrading, allowing each of the guest operating systems use of the device.
1 Assignment
0 Petitions
Accused Products
Abstract
A system, method, and program product is provided that receives and processes a firmware update at a computer system. The computer system is executing a hypervisor and one or more guest operating systems, and the firmware update corresponds to a hardware device accessible by the computer system. The hardware device is a type that is programmed using an updateable firmware. The hypervisor operating in the computer system processes the received firmware update by first inhibiting use of the device by each of the guest operating systems. After the guest operating systems have been inhibited from using the device, the firmware in the device is upgraded by the hypervisor using the received firmware update. After the firmware has been upgraded, each of the guest operating systems is allowed use of the device.
112 Citations
20 Claims
-
1. A computer-implemented method comprising:
-
receiving a firmware update at a computer system, wherein the computer system is executing a hypervisor and one or more guest operating systems, and wherein the firmware update corresponds to a hardware device accessible by the computer system, the hardware device including an updateable firmware; in response to receiving the firmware update, the hypervisor operates by; inhibiting use of the device by each of the guest operating systems; after the inhibiting, upgrading the firmware using the received firmware update; and after the upgrading, allowing each of the guest operating systems use of the device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A information handling system comprising:
-
one or more processors; a memory accessible by at least one of the processors; a nonvolatile storage area accessible by at least one of the processors; a hardware device accessible by at least one of the processors, wherein the hardware device includes an updateable firmware that controls the device'"'"'s operation; a hypervisor and one or more guest operating systems stored in the memory and the nonvolatile storage area and executed by the processors; a set of instructions executed by the hypervisor, wherein one or more of the processors executes the set of instructions in order to perform actions of; receiving a firmware update, wherein the firmware update corresponds to the hardware device; in response to receiving the firmware update; inhibiting use of the device by each of the guest operating systems; after the inhibiting, upgrading the firmware using the received firmware update; and after the upgrading, allowing each of the guest operating systems use of the device. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer program product stored in a computer readable medium, comprising functional descriptive material that, when executed by a data processing system, causes the data processing system to perform actions that include:
-
receiving a firmware update at a computer system, wherein the computer system is executing a hypervisor and one or more guest operating systems, and wherein the firmware update corresponds to a hardware device accessible by the computer system, the hardware device including an updateable firmware; in response to receiving the firmware update, the hypervisor operates by; inhibiting use of the device by each of the guest operating systems; after the inhibiting, upgrading the firmware using the received firmware update; and after the upgrading, allowing each of the guest operating systems use of the device.
-
-
15. The computer program product of claim 15 wherein the functional descriptive material causes the data processing system to perform further actions comprising:
prior to upgrading the firmware, validating the firmware update, wherein the upgrading is performed in response to a successful validation of the firmware update. - View Dependent Claims (16, 17, 18, 19, 20)
Specification