×

SYSTEM AND METHOD FOR PROCESSING REQUESTS TO ALTER SYSTEM SECURITY DATABASES AND FIRMWARE STORES IN A UNIFIED EXTENSIBLE FIRMWARE INTERFACE-COMPLIANT COMPUTING DEVICE

  • US 20120260082A1
  • Filed: 04/06/2012
  • Published: 10/11/2012
  • Est. Priority Date: 04/08/2011
  • Status: Active Grant
First Claim
Patent Images

1. A method for processing system security database requests in a Unified Extensible Firmware Interface (UEFI)-compliant computing device, comprising:

  • receiving a signed system security database modification request from an operating system module, the request seeking to perform an alteration of a system security database in the UEFI-compliant computing device, the request processed by a firmware request reception module, the request reception module being executable when a central processing unit (CPU) in the computing device is operating in a normal CPU mode;

    triggering a transition of the CPU from the normal CPU mode to a System Management Mode (SMM) using the request reception module;

    verifying a legitimacy of the processed request for performing an alteration of a system security database with a firmware verification module that is only executable when the CPU is in SMM;

    validating a signature contained in the processed request for performing an alteration of the system security database, the validating occurring using a firmware validation module that is only executable when the CPU is in SMM; and

    performing the alteration of the system security database requested using a firmware update module, the alteration occurring following a successful validation of the signature, the firmware update module only executable when the CPU is in SMM.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×