Apparatus and method for secure boot environment

US 20090327684A1
Filed: 06/25/2008
Published: 12/31/2009
Est. Priority Date: 06/25/2008
Status: Active Grant

First Claim

Patent Images

1. A processor-based system, comprising:

at least one processor;

at least one memory coupled to the at least one processor;

a boot block stored at a first memory location;

a capsule update stored at a second memory location;

a startup authenticated code module to ensure the integrity of the boot block upon a restart of the processor-based system;

code which is executable by the processor-based system to cause the processor-based system to validate the boot block with the startup authenticated code module upon the restart of the processor-based system; and

if the boot block is successfully validated, to validate the capsule update for the processor-based system with the startup authenticated code module.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In some embodiments, a processor-based system may include at least one processor, at least one memory coupled to the at least one processor, a boot block stored at a first memory location, a capsule update stored at a second memory location, a startup authenticated code module to ensure the integrity of the boot block upon a restart of the processor-based system, code which is executable by the processor-based system to cause the processor-based system to validate the boot block with the startup authenticated code module upon the restart of the processor-based system, and, if the boot block is successfully validated, to validate the capsule update for the processor-based system with the startup authenticated code module. Other embodiments are disclosed and claimed.

56 Citations

View as Search Results

20 Claims

1. A processor-based system, comprising:
- at least one processor;
  
  at least one memory coupled to the at least one processor;
  
  a boot block stored at a first memory location;
  
  a capsule update stored at a second memory location;
  
  a startup authenticated code module to ensure the integrity of the boot block upon a restart of the processor-based system;
  
  code which is executable by the processor-based system to cause the processor-based system to validate the boot block with the startup authenticated code module upon the restart of the processor-based system; and
  
  if the boot block is successfully validated, to validate the capsule update for the processor-based system with the startup authenticated code module.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein the code to validate the capsule update for the processor-based system with the startup authenticated code module comprises code to:
    - utilize the startup authenticated code module to check a register for the capsule update; and
      
      if the capsule update is found at the register, perform an integrity check on the capsule update using the startup authenticated code module to validate the capsule update.
  - 3. The system of claim 2, the code further comprising code to:
    - if the startup authenticated code module determines that the capsule update fails the integrity check, overwrite pages of the capsule update.
  - 4. The system of claim 3, wherein the overwritten pages of the capsule update are zeroed.
  - 5. The system of claim 1, the code further comprising code to:
    - perform the capsule update using the startup authenticated code module.
  - 6. The system of claim 1, the code further comprising code to:
    - provide an entry point into the startup authenticated code module that is accessible by platform initialization firmware;
      
      receive a public key and digest from the platform initialization firmware via the entry point; and
      
      validate a signature based on the public key and digest received from the platform initialization firmware using the startup authenticated code module.

7. A processor-based system, comprising:
- at least one processor;
  
  at least one memory coupled to the at least one processor;
  
  a boot block stored at a first memory location;
  
  a startup authenticated code module to authenticate the boot block;
  
  code which is executable by the processor-based system to cause the processor-based system to;
  
  authenticate the boot block using the startup authenticated code module during restart of the processor-based system;
  
  if the boot block is successfully authenticated using the startup authenticated code module, authorize an additional firmware element outside the boot block using an authenticated code module during restart of the processor-based system; and
  
  if the additional firmware element is successfully authorized using the authenticated code module, maintain the authorization using a platform initialization image authorization during restart of the processor-based system.
- View Dependent Claims (8, 9, 10)
- - 8. The system of claim 7, wherein the code to authorize the additional firmware element outside the boot block using the authenticated code module comprises code to:
    - initialize system management memory;
      
      load platform manufacturer code for the additional firmware element into the system management memory;
      
      load platform manufacturer data for the additional firmware element into the system management memory;
      
      load a security key corresponding to the platform manufacturer code and the platform manufacturer data for the additional firmware element into the system management memory;
      
      perform an integrity test on the platform manufacturer code and the platform manufacturer data using the security key; and
      
      if the integrity test is successful, register the platform manufacturer code in a dispatch table.
  - 9. The system of claim 8, the code further comprising code to:
    - if the integrity test fails, lock the system management memory.
  - 10. The system of claim 9, wherein the additional firmware element includes one of a reliability-availability-serviceability (RAS) element, a system management mode (SMM) element, and a Quick Path Interconnect (QPI) routing element.

11. A method of authenticating a capsule update for a processor-based system, comprising:
- storing a boot block;
  
  storing a capsule update;
  
  storing a startup authenticated code module to ensure the integrity of the boot block upon a restart of the processor-based system;
  
  validating the boot block with the startup authenticated code module upon the restart of the processor-based system; and
  
  if the boot block is successfully validated, validating the capsule update for the processor-based system with the startup authenticated code module.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The method of claim 11, wherein validating the capsule update for the processor-based system with the startup authenticated code module comprises:
    - using the startup authenticated code module to check a register for the capsule update; and
      
      if the capsule update is found at the register, performing an integrity check on the capsule update using the startup authenticated code module to validate the capsule update.
  - 13. The method of claim 12, further comprising:
    - if the startup authenticated code module determines that the capsule update fails the integrity check, overwriting pages of the capsule update.
  - 14. The method of claim 13, wherein overwriting pages of the capsule update comprises zeroing pages of the capsule update.
  - 15. The method of claim 11, further comprising:
    - performing the capsule update using the startup authenticated code module.
  - 16. The method of claim 11, further comprising:
    - providing an entry point into the startup authenticated code module that is accessible by platform initialization firmware;
      
      receiving a public key and digest from the platform initialization firmware via the entry point; and
      
      validating a signature based on the public key and digest received from the platform initialization firmware using the startup authenticated code module.

17. A method for booting a processor-based system, comprising:
- storing a boot block;
  
  storing a startup authenticated code module to authenticate the boot block;
  
  authenticating the boot block using the startup authenticated code module upon a restart of the processor-based system;
  
  if the boot block is successfully authenticated using the startup authenticated code module, authorizing an additional firmware element outside the boot block using an authenticated code module during the restart of the processor-based system; and
  
  if the additional firmware element is successfully authorized using the authenticated code module, maintaining the authorization using a platform initialization image authorization during the restart of the processor-based system.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17, wherein authorizing the additional firmware element outside the boot block using the authenticated code module comprises:
    - initializing system management memory;
      
      loading platform manufacturer code for the additional firmware element into the system management memory;
      
      loading platform manufacturer data for the additional firmware element into the system management memory;
      
      loading a security key corresponding to the platform manufacturer code and the platform manufacturer data for the additional firmware element into the system management memory;
      
      performing an integrity test on the platform manufacturer code and the platform manufacturer data using the security key; and
      
      if the integrity test is successful, registering the platform manufacturer code in a dispatch table.
  - 19. The method of claim 18, further comprising:
    - if the integrity test fails, locking the system management memory.
  - 20. The method of claim 19, wherein the additional firmware element includes one of a reliability-availability-serviceability (RAS) element, a system management mode (SMM) element, and a Quick Path Interconnect (QPI) routing element.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Yao, Jiewen, Zimmer, Vincent J., Kumar, Mohan, Cui, Liang, Natu, Mahesh, Long, Qin

Granted Patent

US 7,984,286 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/2
CPC Class Codes

G06F 21/575 Secure boot

Apparatus and method for secure boot environment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

56 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Apparatus and method for secure boot environment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

56 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others