CONTINUATION OF TRUST FOR PLATFORM BOOT FIRMWARE
First Claim
1. A device, comprising:
- a memory module including at least platform boot firmware; and
a processing module to load the platform boot firmware when the device is activated, the platform boot firmware causing the processing module to load a hash table, to calculate hashes for platform boot firmware files loaded subsequent to the hash table and to determine whether the calculated platform boot firmware file hashes are in the hash table.
1 Assignment
0 Petitions
Accused Products
Abstract
This disclosure is directed to continuation of trust for platform boot firmware. A device may comprise a processing module and a memory module including read-only memory (ROM) on which is stored platform boot firmware. On activation, the processing module may load the platform boot firmware. The platform boot firmware may cause the processing module to first load a trusted pre-verifier file to load and verify the signature of a hash table loaded from the platform boot firmware. The processing module may then load firmware program files from the platform boot firmware, calculate a hash for each file, and verify whether each program hash is in the hash table. Firmware program files with hashes in the hash table may be allowed to execute. If any firmware program file hash is not in the hash table, the processing module may perform platform specific security actions to prevent the device from being compromised.
-
Citations
21 Claims
-
1. A device, comprising:
-
a memory module including at least platform boot firmware; and a processing module to load the platform boot firmware when the device is activated, the platform boot firmware causing the processing module to load a hash table, to calculate hashes for platform boot firmware files loaded subsequent to the hash table and to determine whether the calculated platform boot firmware file hashes are in the hash table. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method, comprising:
-
loading a hash table and platform boot firmware files when a device is activated; calculating hashes for each of the platform boot firmware files; and determining whether each of the calculated platform boot firmware file hashes are in the hash table. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. At least one machine-readable storage medium having stored thereon, individually or in combination, instructions that when executed by one or more processors result in the following operations comprising:
-
loading a hash table and platform boot firmware files when a device is activated; calculating hashes for each of the platform boot firmware files; and determining whether each of the calculated platform boot firmware file hashes are in the hash table. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification