COMPUTER SYSTEM COMPRISING A SECURE BOOT MECHANISM

US 20090222653A1
Filed: 08/06/2008
Published: 09/03/2009
Est. Priority Date: 02/29/2008
Status: Active Grant

First Claim

Patent Images

1. A method for starting a computer system, the method comprising:

accessing a first set of data stored in a non-volatile memory area of a central processing unit, said first set of data including first instructions causing a core circuit of said central processing unit to initialize a random access memory of said central processing unit;

loading an image of a second set of data from a non-volatile memory into said initialized random access memory, said second set of data comprising a signature for verifying integrity of said second set of data, said second set of data further comprising second instructions causing said central processing unit to initialize a system memory of said computer system;

verifying said integrity of said second set of data by using said signature and a decryption key included in said first set of data; and

initializing said system memory using said second instructions when verification of said second set of data is successful.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure boot processing may be accomplished on the basis of a non-volatile memory that is an integral part of the CPU and which may not be modified once a pre-boot information may be programmed into the non-volatile memory. During a reset event or a power-on event, execution may be started from the internal non-volatile memory, which may also include public decryption keys for verifying a signature of a portion of a boot routine. The verification of the respective portion of the boot routine may be accomplished by using internal random access memories, thereby avoiding external access during verification of the boot routine. Hence, a high degree of tamper resistance may be obtained, for instance, with respect to BIOS modification by exchanging BIOS chips.

Citations

20 Claims

1. A method for starting a computer system, the method comprising:
- accessing a first set of data stored in a non-volatile memory area of a central processing unit, said first set of data including first instructions causing a core circuit of said central processing unit to initialize a random access memory of said central processing unit;
  
  loading an image of a second set of data from a non-volatile memory into said initialized random access memory, said second set of data comprising a signature for verifying integrity of said second set of data, said second set of data further comprising second instructions causing said central processing unit to initialize a system memory of said computer system;
  
  verifying said integrity of said second set of data by using said signature and a decryption key included in said first set of data; and
  
  initializing said system memory using said second instructions when verification of said second set of data is successful.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, further comprising loading a third set of data from said non-volatile memory into said system memory and verifying an integrity of said third set of data.
  - 3. The method of claim 2, further comprising executing third instructions included in said third set of data, said third instructions causing an operating system to be loaded into said system memory from a bootable device connected to said computer system.
  - 4. The method of claim 1, wherein initializing said random access memory comprises initializing a data cache and an instruction cache of said central processing unit and wherein said second data of data is loaded into said data cache.
  - 5. The method of claim 4, further comprising copying said second set of data into said instruction cache when integrity of said second set of data has been verified successfully so as to execute said second instructions.
  - 6. The method of claim 1, wherein loading said second set of data into said random access memory comprises performing a hash algorithm to determine a hash value of said second set of data.
  - 7. The method of claim 6, wherein verifying an integrity of said second set of data comprises comparing said hash value of said second set of data with an initial hash value obtained by applying said encryption key to said signature.
  - 8. The method of claim 1, wherein said first set of data is accessed whenever said central processing unit is reset or powered up.
  - 9. The method of claim 1, further comprising remapping addresses of said first set of data within a virtual address space of said central processing unit so as to allow external access to at least said decryption key after successful verification of said second set of data.
  - 10. The method of claim 1, further comprising providing status information on at least a verification status of said second set of data.
  - 11. The method of claim 2, wherein verifying integrity of said third set of data comprises determining a hash value for said third set of data and comparing said determined hash value with an initial hash value of said third set of data contained in said second set of data.
  - 12. The method of claim 2, further comprising copying said first set of data into said system memory.

13. A method for starting a computer system, the method comprising:
- upon at least one of a power up event and a reset event, accessing an internal non-volatile memory of a central processing unit, said non-volatile memory containing pre-boot instructions and data values for initializing an internal volatile memory of said central processing unit and verifying an integrity of at least a portion of boot instructions and boot data values stored in a non-volatile memory;
  
  loading said at least a portion of said boot instructions and boot data values from the non-volatile memory into said internal volatile memory by executing said pre-boot instructions;
  
  verifying integrity of said at least a portion of said boot instructions and boot data values by executing said pre-boot instructions; and
  
  after successfully verifying integrity of said at least a portion of said boot instructions and boot data values, executing said boot instructions.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The method of claim 13, wherein executing said boot instructions comprises initializing a system memory of said computer system and loading a second portion of boot instructions and boot data values into said system memory.
  - 15. The method of claim 14, further comprising verifying integrity of said second portion and continuing booting of said computer system on the basis of said second portion when verification of said second portion is successful.
  - 16. The method of claim 13, wherein initializing said volatile internal memory comprises initializing a data cache of said central processing unit and wherein said at least a portion is loaded into said data cache and is verified therein.
  - 17. The method of claim 16, further comprising initializing an instruction cache of said central processing unit and copying said at least a portion into said instruction cache and executing said boot instructions when said at least a portion has been verified successfully.
  - 18. The method of claim 13, further comprising performing at least one of remapping and copying said pre-boot instructions and data values so as to enable external access to at least said pre-boot data values after successful verification of said at least a portion of the boot instructions and data values.

19. A central processing unit (CPU), comprising:
- a substrate having formed thereon circuit elements defining a CPU core, a volatile random access memory, a non-volatile memory and a bus system for connecting said CPU core, said volatile random access memory and said non-volatile memory; and
  
  pre-boot information stored in said non-volatile memory, said pre-boot information including instructions executable by said CPU core and data values for initializing said volatile random access memory and verifying at least a portion of a boot routine.
- View Dependent Claims (20)
- - 20. The central processing unit of claim 19, wherein said pre-boot information includes one or more decryption keys configured to enable deciphering of a signature of said at least a portion of said boot routine.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Globalfoundries US Incorporated (GlobalFoundries, Inc.)
Original Assignee
GlobalFoundries, Inc.
Inventors
Jones, Marc Edwin, Perley, Tim Edward, Schuecke, Frank, Findeisen, Ralf, Grell, Michael

Granted Patent

US 8,656,146 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/2
CPC Class Codes

G06F 21/575 Secure boot

G06F 21/72 in cryptographic circuits

COMPUTER SYSTEM COMPRISING A SECURE BOOT MECHANISM

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

COMPUTER SYSTEM COMPRISING A SECURE BOOT MECHANISM

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links