SYSTEM AND METHOD FOR PROCESSING REQUESTS TO ALTER SYSTEM SECURITY DATABASES AND FIRMWARE STORES IN A UNIFIED EXTENSIBLE FIRMWARE INTERFACE-COMPLIANT COMPUTING DEVICE
First Claim
Patent Images
1. A method for processing system security database requests in a Unified Extensible Firmware Interface (UEFI)-compliant computing device, comprising:
- receiving a signed system security database modification request from an operating system module, the request seeking to perform an alteration of a system security database in the UEFI-compliant computing device, the request processed by a firmware request reception module, the request reception module being executable when a central processing unit (CPU) in the computing device is operating in a normal CPU mode;
triggering a transition of the CPU from the normal CPU mode to a System Management Mode (SMM) using the request reception module;
verifying a legitimacy of the processed request for performing an alteration of a system security database with a firmware verification module that is only executable when the CPU is in SMM;
validating a signature contained in the processed request for performing an alteration of the system security database, the validating occurring using a firmware validation module that is only executable when the CPU is in SMM; and
performing the alteration of the system security database requested using a firmware update module, the alteration occurring following a successful validation of the signature, the firmware update module only executable when the CPU is in SMM.
1 Assignment
0 Petitions
Accused Products
Abstract
A mechanism for allowing firmware in a UEFI-compliant device to implement the UEFI specification driver signing and Authenticated Variable elements while at the same time protecting the system security database holding the library of approved keys and lists of allowed and forbidden programs from unauthorized modifications is discussed.
-
Citations
18 Claims
-
1. A method for processing system security database requests in a Unified Extensible Firmware Interface (UEFI)-compliant computing device, comprising:
-
receiving a signed system security database modification request from an operating system module, the request seeking to perform an alteration of a system security database in the UEFI-compliant computing device, the request processed by a firmware request reception module, the request reception module being executable when a central processing unit (CPU) in the computing device is operating in a normal CPU mode; triggering a transition of the CPU from the normal CPU mode to a System Management Mode (SMM) using the request reception module; verifying a legitimacy of the processed request for performing an alteration of a system security database with a firmware verification module that is only executable when the CPU is in SMM; validating a signature contained in the processed request for performing an alteration of the system security database, the validating occurring using a firmware validation module that is only executable when the CPU is in SMM; and performing the alteration of the system security database requested using a firmware update module, the alteration occurring following a successful validation of the signature, the firmware update module only executable when the CPU is in SMM. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for updating a firmware store region in a flash Read-Only Memory (ROM) in a Unified Extensible Firmware Interface (UEFI)-compliant computing device, comprising:
-
receiving at the UEFI-compliant device a downloaded update package that includes an executable update program, a replacement image of the firmware store and a signed hash of the replacement image; triggering with the update program, while a central processing unit (CPU) in the UEFI-compliant computing device is operating in a normal CPU mode, a transition of the CPU from the normal CPU mode to a System Management Mode (SMM); validating the signature and replacement image with SMM-resident firmware that is only executable when the CPU is in SMM; and updating the firmware store with the replacement image, the updating occurring using SMM-resident firmware that is only executable when the CPU is in SMM. - View Dependent Claims (7, 8)
-
-
9. A non-transitory computer-readable medium holding computer-executable instructions for processing system security database requests in a Unified Extensible Firmware Interface (UEFI)-compliant computing device, the instructions when executed causing at least one computing device to:
-
receive a signed system security database modification request from an operating system module, the request seeking to perform an alteration of a system security database in the UEFI-compliant computing device, the request processed by a firmware request reception module, code for the request reception module being accessible when a central processing unit (CPU) in the computing device is operating in a normal CPU mode; trigger a transition of the CPU from the normal CPU mode to a System Management Mode (SMM) using the request reception module; verify a legitimacy of the processed request for performing an alteration of a system security database with a firmware verification module that is only executable when the CPU is in SMM; validate a signature contained in the processed request for performing an alteration of the system security database, the validating occurring using a firmware validation module that is only executable when the CPU is in SMM; and perform the alteration of the system security database requested using a firmware update module, the alteration occurring following a successful validation of the signature, the firmware update module only executable when the CPU is in SMM. - View Dependent Claims (10, 11, 12)
-
-
13. A non-transitory computer-readable medium holding computer-executable instructions for updating a firmware store region in a flash Read-Only Memory (ROM) in a Unified Extensible Firmware Interface (UEFI)-compliant computing device, the instructions when executed causing at least one computing device to:
-
receive at the UEFI-compliant device a downloaded update package that includes an executable update program, a replacement image of the firmware store and a signed hash of the replacement image; trigger with the update program, while a central processing unit (CPU) in the UEFI-compliant computing device is operating in a normal CPU mode, a transition of the CPU from the normal CPU mode to a System Management Mode (SMM); validate the signature and replacement image with SMM-resident firmware that is only executable when the CPU is in SMM; and update the firmware store with the replacement image, the updating occurring using SMM-resident firmware that is only executable when the CPU is in SMM. - View Dependent Claims (14, 15)
-
-
16. A Unified Extensible Firmware Interface (UEFI)-compliant computing device, comprising a central processing unit configured to execute:
-
a firmware request reception module, the request reception module receiving and processing a signed system security database modification request from an operating system module, the request seeking to perform an alteration of a system security database in the UEFI-compliant computing device, the request reception module being executable when a central processing unit (CPU) in the computing device is operating in a normal CPU mode and triggering a transition of the CPU from the normal CPU mode to a System Management Mode (SMM) following the processing; a firmware verification module, the firmware verification module verifying a legitimacy of the processed request for performing an alteration of a system security database, the firmware verification module executing only when the CPU is in SMM; a firmware validation module, the firmware validation module validating a signature contained in the processed request for performing an alteration of the system security database, the firmware validation module executing only when the CPU is in SMM; and a firmware update module, the firmware update module performing the requested alteration of the system security database following a successful validation of the signature, the firmware update module executing only when the CPU is in SMM. - View Dependent Claims (17)
-
-
18. A Unified Extensible Firmware Interface (UEFI)-compliant computing device, comprising a central processing unit (CPU) configured to execute:
-
a downloaded update package including an executable update program for updating a firmware store region in a flash Read-Only Memory (ROM) in the UEFI-compliant computing device, the update package further including a replacement image of at least part of the firmware store and a signed hash of the replacement image, the update program triggering a transition of the CPU from normal CPU mode to a System Management Mode (SMM); SMM-resident firmware for validating the signature and replacement image, the SMM-resident firmware for validating the signature and replacement image only executing when the CPU is in SMM; and SMM-resident firmware for updating the firmware store with the replacement image, the SMM-resident firmware for updating the firmware store only executing when the CPU is in SMM.
-
Specification