TECHNOLOGIES FOR SECURE BOOT PROVISIONING AND MANAGEMENT OF FIELD-PROGRAMMABLE GATE ARRAY IMAGES

US 20180082083A1
Filed: 09/16/2016
Published: 03/22/2018
Est. Priority Date: 09/16/2016
Status: Active Grant

First Claim

Patent Images

1. A computing device for configuring a field-programmable gate array (FPGA), the computing device comprising:

a field programmable gate array (FPGA);

a secure boot loader to start a secure boot process to establish a chain of trust, wherein the chain of trust includes a trusted execution environment of the computing device;

an FPGA updater to load, by the trusted execution environment, an FPGA hash from an FPGA manifest stored in a secure storage of the computing device in response to a start of the secure boot process; and

an FPGA hash checker to determine, by a platform trusted execution environment of the computing device, whether the FPGA hash is allowed for launch in response to a load of the FPGA hash;

wherein the FPGA updater is further to (i) configure, by the trusted execution environment, the FPGA with an FPGA image that corresponds to the FPGA hash in response to a determination that the FPGA hash is allowed for launch, and (ii) verify, by the trusted execution environment, the FPGA image of the FPGA with the FPGA hash in response to configuration of the FPGA.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Technologies for configuring a FPGA include a computing device having a processor and an FPGA. The computing device starts a secure boot process to establish a chain of trust that includes a trusted execution environment. The trusted execution environment loads an FPGA hash from an FPGA manifest stored in secure storage, and a platform trusted execution environment determines whether the FPGA hash is allowed for launch. To determine if the FPGA hash is allowed for launch, the platform trusted execution environment may evaluate one or more launch policies from the FPGA manifest. If allowed, the trusted execution environment configures the FPGA with an FPGA image corresponding to the FPGA hash and verifies the FPGA image with the FPGA hash. The platform trusted execution environment may receive the FPGA hash from a user via a trusted I/O session or from a remote management server. Other embodiments are described and claimed.

Citations

25 Claims

1. A computing device for configuring a field-programmable gate array (FPGA), the computing device comprising:
- a field programmable gate array (FPGA);
  
  a secure boot loader to start a secure boot process to establish a chain of trust, wherein the chain of trust includes a trusted execution environment of the computing device;
  
  an FPGA updater to load, by the trusted execution environment, an FPGA hash from an FPGA manifest stored in a secure storage of the computing device in response to a start of the secure boot process; and
  
  an FPGA hash checker to determine, by a platform trusted execution environment of the computing device, whether the FPGA hash is allowed for launch in response to a load of the FPGA hash;
  
  wherein the FPGA updater is further to (i) configure, by the trusted execution environment, the FPGA with an FPGA image that corresponds to the FPGA hash in response to a determination that the FPGA hash is allowed for launch, and (ii) verify, by the trusted execution environment, the FPGA image of the FPGA with the FPGA hash in response to configuration of the FPGA.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The computing device of claim 1, wherein to determine whether the FPGA hash is allowed for launch comprises to validate a certificate associated with the FPGA hash.
  - 3. The computing device of claim 2, wherein to validate the certificate comprises to perform a certificate revocation check.
  - 4. The computing device of claim 1, wherein to determine whether the FPGA hash is allowed for launch comprises to evaluate a launch policy from the FPGA manifest, wherein the launch policy is associated with the FPGA hash.
  - 5. The computing device of claim 4, wherein the FPGA hash checker is further to select, by the platform trusted execution environment, the FPGA hash from the FPGA hash manifest based on the associated launch policy, wherein the FPGA hash manifest stores a plurality of FPGA hashes.
  - 6. The computing device of claim 1, further comprising an FPGA configuration manager to:
    - store, by the trusted execution environment, the FPGA hash in the FPGA hash manifest in the secure storage of the computing device;
      
      set, by the trusted execution environment, an FPGA launch bit in response to storage of the FPGA hash in the FPGA hash manifest; and
      
      reset the computing device in response to a setting of the FPGA launch bit, wherein to start the secure boot process comprises to start the secure boot process in response to a reset of the computing device;
      
      wherein the FPGA updater is further to determine, by the trusted execution environment, whether the FPGA launch bit is set in response to the start of the secure boot process, wherein to load the FPGA hash comprises to load the FPGA hash in response to a determination that the FPGA launch bit is set.
  - 7. The computing device of claim 6, wherein:
    - the FPGA configuration manager is further to seal, by the trusted execution environment, the FPGA hash to generate an encrypted hash bound to a trusted execution environment boot code of the computing device in response to the storage of the FPGA hash in the FPGA hash manifest; and
      
      the FPGA updater is further to unseal, by the trusted execution environment boot code, the encrypted hash to recover the FPGA hash in response to the determination that the FPGA launch bit is set, wherein to load the FPGA hash further comprises to load the FPGA hash in response to an unsealing of the encrypted hash.
  - 8. The computing device of claim 6, further comprising a trusted I/O interface to:
    - open, by the platform trusted execution environment, a trusted I/O session; and
      
      receive, by the platform trusted execution environment, the FPGA hash via the trusted I/O session;
      
      wherein to store the FPGA hash comprises to store the FPGA hash in response to receipt of the FPGA hash.
  - 9. The computing device of claim 6, further comprising a remote management interface to:
    - receive, by the platform trusted execution environment, the FPGA hash from a remote management server via an out-of-band network connection;
      
      wherein to store the FPGA hash comprises to store the FPGA hash in response to receipt of the FPGA hash.
  - 10. The computing device of claim 6, wherein:
    - the FPGA configuration manager is further to provision, by the trusted execution environment, the FPGA image to the secure storage of the computing device; and
      
      to configure the FPGA of the computing device with the FPGA image comprises to load the FPGA image from the secure storage of the computing device.
  - 11. The computing device of claim 1, further comprising a converged security and manageability engine to establish the platform trusted execution environment.
  - 12. The computing device of claim 11, wherein the FPGA is further to establish the trusted execution environment.
  - 13. The computing device of claim 12, wherein the FPGA comprises a secure non-volatile memory to establish the secure storage.

14. A method for configuring a field-programmable gate array (FPGA), the method comprising:
- starting, by the computing device, a secure boot process to establish a chain of trust, wherein the chain of trust includes a trusted execution environment of the computing device;
  
  loading, by the trusted execution environment, an FPGA hash from an FPGA manifest stored in a secure storage of the computing device in response to starting the secure boot process;
  
  determining, by a platform trusted execution environment of the computing device, whether the FPGA hash is allowed for launch in response to loading the FPGA hash;
  
  configuring, by the trusted execution environment, an FPGA of the computing device with an FPGA image that corresponds to the FPGA hash in response to determining that the FPGA hash is allowed for launch; and
  
  verifying, by the trusted execution environment, the FPGA image of the FPGA using the FPGA hash in response to configuring the FPGA.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The method of claim 14, wherein determining whether the FPGA hash is allowed for launch comprises evaluating a launch policy from the FPGA manifest, wherein the launch policy is associated with the FPGA hash.
  - 16. The method of claim 15, further comprising selecting, by the platform trusted execution environment, the FPGA hash from the FPGA hash manifest based on the associated launch policy, wherein the FPGA hash manifest stores a plurality of FPGA hashes.
  - 17. The method of claim 14, further comprising:
    - storing, by the trusted execution environment, the FPGA hash in the FPGA hash manifest in the secure storage of the computing device;
      
      setting, by the trusted execution environment, an FPGA launch bit in response to storing the FPGA hash in the FPGA hash manifest;
      
      resetting the computing device in response to setting the FPGA launch bit, wherein starting the secure boot process comprises starting the secure boot process in response to resetting the computing device; and
      
      determining, by the trusted execution environment, whether the FPGA launch bit is set in response to starting the secure boot process, wherein loading the FPGA hash comprises loading the FPGA hash in response to determining that the FPGA launch bit is set.
  - 18. The method of claim 17, further comprising:
    - opening, by the platform trusted execution environment, a trusted I/O session; and
      
      receiving, by the platform trusted execution environment, the FPGA hash via the trusted I/O session;
      
      wherein storing the FPGA hash comprises storing the FPGA hash in response to receiving the FPGA hash.
  - 19. The method of claim 17, further comprising:
    - receiving, by the platform trusted execution environment, the FPGA hash from a remote management server via an out-of-band network connection;
      
      wherein storing the FPGA hash comprises storing the FPGA hash in response to receiving the FPGA hash.

20. One or more computer-readable storage media comprising a plurality of instructions that in response to being executed cause a computing device to:
- start a secure boot process to establish a chain of trust, wherein the chain of trust includes a trusted execution environment of the computing device;
  
  load, by the trusted execution environment, an FPGA hash from an FPGA manifest stored in a secure storage of the computing device in response to starting the secure boot process;
  
  determine, by a platform trusted execution environment of the computing device, whether the FPGA hash is allowed for launch in response to loading the FPGA hash;
  
  configure, by the trusted execution environment, an FPGA of the computing device with an FPGA image that corresponds to the FPGA hash in response to determining that the FPGA hash is allowed for launch; and
  
  verify, by the trusted execution environment, the FPGA image of the FPGA using the FPGA hash in response to configuring the FPGA.
- View Dependent Claims (21, 22, 23, 24, 25)
- - 21. The one or more computer-readable storage media of claim 20, wherein to determine whether the FPGA hash is allowed for launch comprises to evaluate a launch policy from the FPGA manifest, wherein the launch policy is associated with the FPGA hash.
  - 22. The one or more computer-readable storage media of claim 21, further comprising a plurality of instructions that in response to being executed cause the computing device to select, by the platform trusted execution environment, the FPGA hash from the FPGA hash manifest based on the associated launch policy, wherein the FPGA hash manifest stores a plurality of FPGA hashes.
  - 23. The one or more computer-readable storage media of claim 20, further comprising a plurality of instructions that in response to being executed cause the computing device to:
    - store, by the trusted execution environment, the FPGA hash in the FPGA hash manifest in the secure storage of the computing device;
      
      set, by the trusted execution environment, an FPGA launch bit in response to storing the FPGA hash in the FPGA hash manifest;
      
      reset the computing device in response to setting the FPGA launch bit, wherein starting the secure boot process comprises starting the secure boot process in response to resetting the computing device; and
      
      determine, by the trusted execution environment, whether the FPGA launch bit is set in response to starting the secure boot process, wherein loading the FPGA hash comprises loading the FPGA hash in response to determining that the FPGA launch bit is set.
  - 24. The one or more computer-readable storage media of claim 23, further comprising a plurality of instructions that in response to being executed cause the computing device to:
    - open, by the platform trusted execution environment, a trusted I/O session; and
      
      receive, by the platform trusted execution environment, the FPGA hash via the trusted I/O session;
      
      wherein to store the FPGA hash comprises to store the FPGA hash in response to receiving the FPGA hash.
  - 25. The one or more computer-readable storage media of claim 23, further comprising a plurality of instructions that in response to being executed cause the computing device to:
    - receive, by the platform trusted execution environment, the FPGA hash from a remote management server via an out-of-band network connection;
      
      wherein to store the FPGA hash comprises to store the FPGA hash in response to receiving the FPGA hash.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Smith, Ned M., Poornachandran, Rajesh

Granted Patent

US 10,528,765 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/575   Secure boot

G06F 21/64   Protecting data integrity, ...

G06F 9/4403   Processor initialisation

G06F 9/4416   Network booting; Remote ini...

TECHNOLOGIES FOR SECURE BOOT PROVISIONING AND MANAGEMENT OF FIELD-PROGRAMMABLE GATE ARRAY IMAGES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

TECHNOLOGIES FOR SECURE BOOT PROVISIONING AND MANAGEMENT OF FIELD-PROGRAMMABLE GATE ARRAY IMAGES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links