Multiple system images for over-the-air updates
First Claim
Patent Images
1. A method comprising:
- by one or more computing systems, executing software from a first partition of system memory;
by the one or more computing systems, requesting an over-the-air (OTA) software update from an endpoint;
by the one or more computing systems, receiving a manifest for the OTA update;
by the one or more computing systems, downloading a payload pursuant to the manifest;
by the one or more computing systems, installing the payload into a second partition of system memory; and
by the one or more computing systems, rebooting, pursuant to the manifest, to the second partition of system memory.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment, a mobile device performs an over-the-air firmware update by writing the updated firmware to a inactive system image partition, and rebooting the device. The security of the OTA update is maintained through checking a plurality of security signatures in an OTA manifest, and the integrity of the data is maintained by checking a hash value of the downloaded system image.
-
Citations
18 Claims
-
1. A method comprising:
-
by one or more computing systems, executing software from a first partition of system memory; by the one or more computing systems, requesting an over-the-air (OTA) software update from an endpoint; by the one or more computing systems, receiving a manifest for the OTA update; by the one or more computing systems, downloading a payload pursuant to the manifest; by the one or more computing systems, installing the payload into a second partition of system memory; and by the one or more computing systems, rebooting, pursuant to the manifest, to the second partition of system memory.
-
-
2. The method of claim 1 wherein the request comprises the serial number of the one or more computing systems.
-
3. The method of claim 1, wherein the manifest comprises a predetermined battery state in which the one or more computing systems must be in order to download the payload.
-
4. The method of claim 1, wherein the manifest comprises a predetermined time period during which the one or more computing systems may download the payload.
-
5. The method of claim 1, wherein the manifest comprises a predetermined battery state in which the one or more computing systems must be in order to reboot to the second partition of system memory.
-
6. The method of claim 1, wherein the manifest comprises a predetermined time period during which the one or more computing systems may reboot to the second partition of system memory.
-
7. The method of claim 1, wherein the manifest comprises a manifest signature and device unique signature, and rebooting to the second partition of system memory comprises:
-
authenticating the manifest signature with a manifest signature public key; authenticating the device unique signature with a device unique public key; and failing to boot to the second partition of system memory if either authentication fails.
-
-
8. The method of claim 1 wherein the manifest comprises a first hash value for the payload, and rebooting to the second partition of system memory further comprises:
-
calculating a second hash value for the downloaded payload based on a predetermined cryptographic hash algorithm; comparing the first hash value to the second hash value; and failing to boot to the second partition of system memory if the first and second hash values are not identical.
-
-
9. The method of claim 1, wherein the manifest comprises an encrypted serial number, and rebooting to the second partition of system memory comprises:
-
decrypting the serial number with a serial number public key; comparing the decrypted serial number to a serial number of the one or more computing devices; and failing to boot to the second partition of system memory if the serial number and the decrypted serial number are not identical.
-
-
10. A method, comprising, by one or more computing systems:
-
receiving, from a client device, a request for an over-the-air (OTA) software update comprising a unique identifier for the client device and a digital signature; authenticating the digital signature with a serial number private key; in response to a positive authentication, generating an OTA manifest for the client device comprising one or more download instructions; and transmitting the manifest to the client device.
-
-
11. A non-transitory, computer-readable media comprising instructions operable, when executed by one or more computing systems, to:
-
execute software from a first partition of system memory; request an over-the-air (OTA) software update from an endpoint; receive a manifest for the OTA update; download a payload pursuant to the manifest; install the payload into a second partition of system memory; and reboot the one or more computing systems, pursuant to the manifest, to the second partition of system memory.
-
-
12. The media of claim 11 wherein the request comprises the serial number of the one or more computing systems.
-
13. The media of claim 11, wherein the manifest comprises a predetermined battery state in which the one or more computing systems must be in order to download the payload.
-
14. The media of claim 11, wherein the manifest comprises a predetermined time period during which the one or more computing systems may download the payload.
-
15. The media of claim 11, wherein the manifest comprises a predetermined battery state in which the one or more computing systems must be in order to reboot to the second partition of system memory.
-
16. The media of claim 11, wherein the manifest comprises a predetermined time period during which the one or more computing systems may reboot to the second partition of system memory.
-
17. The media of claim 11, wherein the manifest comprises a manifest signature and device unique signature, and rebooting to the second partition of system memory comprises:
-
authenticating the manifest signature with a manifest signature public key; authenticating the device unique signature with a device unique public key; and failing to boot to the second partition of system memory if either authentication faits.
-
-
18. The media of claim 11, wherein the manifest comprises a first hash value for the payload, and rebooting to the second partition of system memory further comprises:
-
calculating a second hash value for the downloaded payload based on a predetermined cryptographic hash algorithm; comparing the first hash value to the second hash value; and failing to boot to the second partition of system memory if the first and second hash values are not identical.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMeta Platforms, Inc. (f/k/a Facebook, Inc.)
-
Original AssigneeMeta Platforms, Inc. (f/k/a Facebook, Inc.)
-
InventorsDjabarov, Gueorgui, Hotz, George, Gandhi, Shaheen Ashok
-
Primary Examiner(s)Song, Hosuk
-
Application NumberUS14/097,327Publication NumberTime in Patent Office278 DaysField of Search713168-170, 713/176, 713/181, 713/189, 713/191, 726 2- 7, 726 26- 30, 380/270, 717168-178US Class Current713/168CPC Class CodesG06F 11/1417 Boot up proceduresG06F 21/575 Secure bootG06F 21/64 Protecting data integrity, ...G06F 2201/805 Real-timeG06F 8/65 Updates security arrangemen...G06F 8/654 using techniques specially ...G06F 8/656 while runningG06F 9/44 Arrangements for executing ...G06F 9/4401 Bootstrapping security arra...G06F 9/441 Multiboot arrangements, i.e...H04L 63/0428 wherein the data content is...H04L 67/34 involving the movement of s...H04L 9/0891 Revocation or update of sec...H04L 9/30 Public key, i.e. encryption...H04L 9/3236 using cryptographic hash fu...H04L 9/3247 involving digital signatures
