Safe command execution and error recovery for storage devices
First Claim
Patent Images
1. A storage device, comprising:
- a storage medium for storing data;
a controller configured for and/or capable of;
providing a command interpreter for execution of one or more commands within said storage device;
determining whether said command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands; and
allowing said command interpreter to execute said one or more commands when said controller determines that said command interpreter has maintained its integrity;
wherein said controller is further configured for and/or capable of;
attempting to reconstruct said command interpreter using an error recovery mechanism that uses error recovery code integrated with executable content of said command interpreter when said controller determines that said command interpreter has not maintained its integrity; and
attempting to obtain a valid version of said command interpreter from an external source when said attempting to reconstruct said command interpreter fails to reconstruct said command interpreter.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for execution of commands securely within a storage device are disclosed. Integrity of a command interpreter is verified before allowing it to execute commands within the storage device. The integrity of the commands can also be checked to safeguard against various threats including, for example, malicious attacks, unintentional errors and defects that can adversely affect stored content and execution. Error recovery techniques can be used to reconstruct the command interpreter and/or commands that are found to be defective. In addition, secure techniques can be used to obtain trusted versions of the command interpreter and/or commands from an authenticated external source.
-
Citations
17 Claims
-
1. A storage device, comprising:
-
a storage medium for storing data; a controller configured for and/or capable of; providing a command interpreter for execution of one or more commands within said storage device; determining whether said command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands; and allowing said command interpreter to execute said one or more commands when said controller determines that said command interpreter has maintained its integrity; wherein said controller is further configured for and/or capable of; attempting to reconstruct said command interpreter using an error recovery mechanism that uses error recovery code integrated with executable content of said command interpreter when said controller determines that said command interpreter has not maintained its integrity; and attempting to obtain a valid version of said command interpreter from an external source when said attempting to reconstruct said command interpreter fails to reconstruct said command interpreter. - View Dependent Claims (2, 3, 4)
-
-
5. A method of controlling the execution of one or more commands by a storage device that effectively provides a command interpreter for execution of said one or more commands, said method comprising:
-
determining whether a command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands; allowing said command interpreter to execute one or more commands when said determining determines that said command interpreter has maintained its integrity; wherein said method further comprises; attempting to reconstruct said command interpreter using an error recovery mechanism that uses error recovery code integrated with executable content of said command interpreter when determining determines that said command interpreter has not maintained its integrity; and attempting to reconstruct said one or more commands using an error recovery mechanism when determining determines that said one or more commands have not maintained their integrity. - View Dependent Claims (6, 7)
-
-
8. A method of controlling the execution of one or more commands by a storage device that effectively provides a command interpreter for execution of said one or more commands, said method comprising:
-
determining whether a command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands; allowing said command interpreter to execute one or more commands when said determining determines that said command interpreter has maintained its integrity; wherein said determining of whether said command interpreter has maintained its integrity comprises; obtaining at least one known integrity value for said command interpreter; determining at least one current integrity value for said command interpreter; comparing said at least one known integrity value to said at least one current integrity value; and determining based on said comparing whether said command interpreter has maintained its integrity; wherein said known integrity value is a signed known message digest of said command interpreter. - View Dependent Claims (9, 11)
-
-
10. A method of controlling the execution of one or more commands by a storage device that effectively provides a command interpreter for execution of said one or more commands, said method comprising:
-
determining whether a command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands; allowing said command interpreter to execute one or more commands when said determining determines that said command interpreter has maintained its integrity; wherein said method comprises; obtaining a current version of said command interpreter from memory of said storage device; computing the message digest of said current version of said command interpreter; comparing said message digest of said current version of said command interpreter to said signed message digest of said command interpreter; extracting executable content of said command interpreter for execution when said comparing determining that said message digest of said current version of said command interpreter is equal to said signed message digest of said command interpreter; attempting to reconstruct said executable content of said command interpreter using an error recovery technique that utilizes error recovery code incorporated with said executable content of said command interpreter; incorporating said error recovery code into a reconstructed content of said command interpreter to generate a reconstructed command interpreter when said attempting to reconstruct said executable content; computing the message digest of said reconstructed command interpreter; and comparing said message digest of said reconstructed command interpreter to said signed known message digest to determine whether said command interpreter has been correctly reconstructed.
-
-
12. A non-transitory storage medium storing executable instructions for effectively controlling execution of one or more commands by a storage device, said non-transitory storage medium comprising:
-
executable instructions for determining whether a command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands; executable instructions for allowing said command interpreter to execute one or more commands when said determining determines that said command interpreter has maintained its integrity; wherein said determining of whether said command interpreter has maintained its integrity comprises; obtaining at least one known integrity value for said command interpreter; determining at least one current integrity value for said command interpreter; comparing said at least one known integrity value to said at least one current integrity value; and determining based on said comparing whether said command interpreter has maintained its integrity; wherein said known integrity value is a signed known message digest of said command interpreter. - View Dependent Claims (13)
-
-
14. A non-transitory storage medium storing executable instructions for effectively controlling execution of one or more commands by a storage device, said non-transitory storage medium comprising:
-
executable instructions for determining, based on a comparison of current integrity values for the command interpreter to expected integrity values whether a command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands; executable instructions for allowing said command interpreter to execute one or more commands by only when said determining determines that said command interpreter has maintained its integrity; wherein said non-transitory storage medium further comprises; executable instructions for attempting to reconstruct said command interpreter using an error recovery mechanism that uses error recovery code integrated with executable content of said command interpreter when determining determines that said command interpreter has not maintained its integrity; and executable instructions for attempting to reconstruct said one or more commands using an error recovery mechanism when said determining determines that said one or more commands have not maintained their integrity. - View Dependent Claims (15)
-
-
16. A computing component for a storage device, wherein said storage device can use a command interpreter to execute one or more commands internally within said storage device, wherein said controller is configured for and/or capable of:
-
determining, based on a comparison of current integrity values for the command interpreter to expected integrity values, whether said command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands internally within said storage device; and allowing said command interpreter to execute said one or more commands within said storage device when said controller determines that said command interpreter has maintained its integrity; wherein said controller is further configured for and/or capable of; attempting to reconstruct said command interpreter using an error recovery mechanism that uses error recovery code integrated with executable content of said command interpreter when said controller determines that said command interpreter has not maintained its integrity; and attempting to obtain a valid version of said command interpreter from an external source when said attempting to reconstruct said command interpreter fails to reconstruct said command interpreter.
-
-
17. A computing component for a storage device, wherein said storage device can use a command interpreter to execute one or more commands internally within said storage device, wherein said controller is configured for and/or capable of:
-
determining whether a command interpreter has maintained its integrity before allowing said command interpreter to execute said one or more commands; allowing said command interpreter to execute one or more commands when said determining determines that said command interpreter has maintained its integrity; wherein said determining of whether said command interpreter has maintained its integrity comprises; obtaining at least one known integrity value for said command interpreter;
determining at least one current integrity value for said command interpreter;comparing said at least one known integrity value to said at least one current integrity value; and determining based on said comparing whether said command interpreter has maintained its integrity; wherein said known integrity value is a signed known message digest of said command interpreter.
-
Specification