Loading remote binaries onto a write-protected device

US 8,930,936 B2
Filed: 11/06/2012
Issued: 01/06/2015
Est. Priority Date: 11/06/2012
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a memory; and

a processor programmed to;

receive, at an embedded computing device that executes a write-protected firmware build, a binary library overload instruction that specifies a write-protected binary library of the write-protected firmware build to be overloaded by execution of an alternative binary library instead of the write-protected binary library of the write-protected firmware build;

verify integrity of the alternative shared library using an integrity check value obtained within configuration information;

configure, within a random access memory (RAM) storage area of the memory, the alternative binary library to execute instead of the write-protected binary library as specified in the received binary library overload instruction, comprising the processor being programmed to configure the alternative binary library to execute instead of the write-protected binary library in response to successful verification of the alternative shared library; and

execute the write-protected firmware build using the alternative binary library instead of the write-protected binary library specified in the binary library overload instruction.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A binary library overload instruction is received at an embedded computing device that executes a write-protected firmware build. The binary library overload instruction specifies a write-protected binary library of the write-protected firmware build to be overloaded by execution of an alternative binary library instead of the write-protected binary library of the write-protected firmware build. The alternative binary library is configured within a random access memory (RAM) storage area to execute instead of the write-protected binary library as specified in the received binary library overload instruction. The write-protected firmware build is executed using the alternative binary library instead of the write-protected binary library specified in the binary library overload instruction.

33 Citations

View as Search Results

20 Claims

1. A system, comprising:
- a memory; and
  
  a processor programmed to;
  
  receive, at an embedded computing device that executes a write-protected firmware build, a binary library overload instruction that specifies a write-protected binary library of the write-protected firmware build to be overloaded by execution of an alternative binary library instead of the write-protected binary library of the write-protected firmware build;
  
  verify integrity of the alternative shared library using an integrity check value obtained within configuration information;
  
  configure, within a random access memory (RAM) storage area of the memory, the alternative binary library to execute instead of the write-protected binary library as specified in the received binary library overload instruction, comprising the processor being programmed to configure the alternative binary library to execute instead of the write-protected binary library in response to successful verification of the alternative shared library; and
  
  execute the write-protected firmware build using the alternative binary library instead of the write-protected binary library specified in the binary library overload instruction.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, where the embedded computing device comprises an appliance computing device, and where:
    - in being programmed to receive, at the embedded computing device that executes the write-protected firmware build, the binary library overload instruction that specifies the write-protected binary library of the write-protected firmware build to be overloaded by execution of the alternative binary library instead of the write-protected binary library of the write-protected firmware build, the processor is programmed to;
      
      receive the binary library overload instruction at the appliance computing device from a master library server manager module executed by a shared library catalog server; and
      
      the processor is further programmed to obtain the configuration information for use of the alternative binary library from a configuration database hosted by the master library server manager module.
  - 3. The system of claim 2, where:
    - the obtained configuration information comprises a name of a binary file that comprises the write-protected binary library instructed to be overloaded, a storage location within the configuration database of the alternative binary library, credentials that allow access to the alternative binary library, and the integrity check value associated with the alternative binary library; and
      
      the processor is further programmed to obtain, using the obtained configuration information, the alternative binary library from a shared library database hosted by the master library server manager module.
  - 4. The system of claim 1, where the embedded computing device comprises an appliance computing device, and where in being programmed to configure, within the RAM storage area of the memory, the alternative binary library to execute instead of the write-protected binary library as specified in the received binary library overload instruction, the processor is programmed to:
    - configure a RAM disk within the RAM storage area of the memory;
      
      obtain a shared binary library file that comprises the alternative binary library;
      
      store the shared binary library file that comprises the alternative binary library within the RAM disk; and
      
      set an environment variable that instructs the appliance computing device to use the alternative binary library instead of the write-protected binary library that forms the portion of the write-protected firmware build.
  - 5. The system of claim 4, where in being programmed to execute the write-protected firmware build using the alternative binary library instead of the write-protected binary library specified in the binary library overload instruction, the processor is programmed to:
    - use, based upon the set environment variable in response to a binary library restart, the alternative binary library stored within the RAM disk during execution of the appliance computing device instead of the write-protected binary library that forms the portion of the write-protected firmware build; and
      
      provide status information that details execution of the alternative binary library instead of the write-protected binary library.
  - 6. The system of claim 1, where the embedded computing device comprises an appliance computing device, and where the processor is further programmed to:
    - determine whether the write-protected binary library specified in the received binary library overload instruction to be overloaded is active on the appliance computing device; and
      
      terminate, in response to determining that the write-protected binary library specified in the received binary library overload instruction to be overloaded is active on the appliance computing device, at least one associated process that accesses the write-protected binary library.

7. A system, comprising:
- a memory; and
  
  a processor programmed to;
  
  receive, at an embedded computing device that comprises an appliance computing device and that executes a write-protected firmware build, a binary library overload instruction that specifies a write-protected binary library of the write-protected firmware build to be overloaded by execution of an alternative binary library instead of the write-protected binary library of the write-protected firmware build;
  
  configure, within a random access memory (RAM) storage area of the memory, the alternative binary library to execute instead of the write-protected binary library as specified in the received binary library overload instruction;
  
  receive an instruction to restart execution of the appliance computing device with the write-protected firmware build using the write-protected binary library;
  
  restart the appliance computing device in conjunction with clearing the RAM storage area; and
  
  execute and use the write-protected firmware build using the alternative binary library instead of the write-protected binary library of the write-protected firmware build specified in the binary library overload instruction during execution of the appliance computing device.
- View Dependent Claims (8, 9, 10)
- - 8. The system of claim 7, where:
    - in being programmed to receive, at the embedded computing device that comprises the appliance computing device and that that executes the write-protected firmware build, the binary library overload instruction that specifies the write-protected binary library of the write-protected firmware build to be overloaded by execution of the alternative binary library instead of the write-protected binary library of the write-protected firmware build, the processor is programmed to;
      
      receive the binary library overload instruction at the appliance computing device from a master library server manager module executed by a shared library catalog server; and
      
      the processor is further programmed to obtain configuration information for use of the alternative binary library from a configuration database hosted by the master library server manager module.
  - 9. The system of claim 7, where in being programmed to configure, within the RAM storage area of the memory, the alternative binary library to execute instead of the write-protected binary library as specified in the received binary library overload instruction, the processor is programmed to:
    - configure a RAM disk within the RAM storage area of the memory;
      
      obtain a shared binary library file that comprises the alternative binary library;
      
      store the shared binary library file that comprises the alternative binary library within the RAM disk; and
      
      set an environment variable that instructs the appliance computing device to use the alternative binary library instead of the write-protected binary library that forms the portion of the write-protected firmware build.
  - 10. The system of claim 7, where the processor is further programmed to:
    - determine whether the write-protected binary library specified in the received binary library overload instruction to be overloaded is active on the appliance computing device; and
      
      terminate, in response to determining that the write-protected binary library specified in the received binary library overload instruction to be overloaded is active on the appliance computing device, at least one associated process that accesses the write-protected binary library.

11. A computer program product, comprising:
- a computer readable storage medium having computer readable program code embodied therewith, where the computer readable program code when executed on an embedded computing device causes the embedded computing device to;
  
  receive a binary library overload instruction that specifies a write-protected binary library of a write-protected firmware build executed by the embedded computing device to be overloaded by execution of an alternative binary library instead of the write-protected binary library of the write-protected firmware build;
  
  verify integrity of the alternative shared library using an integrity check value obtained within configuration information;
  
  configure, within a random access memory (RAM) storage area, the alternative binary library to execute instead of the write-protected binary library as specified in the received binary library overload instruction, comprising the computer readable program code when executed on the embedded computing device causing the embedded computing device to configure the alternative binary library to execute instead of the write-protected binary library in response to successful verification of the alternative shared library; and
  
  execute the write-protected firmware build using the alternative binary library instead of the write-protected binary library specified in the binary library overload instruction.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The computer program product of claim 11, where:
    - in causing the embedded computing device to receive the binary library overload instruction that specifies the write-protected binary library of the write-protected firmware build executed by the embedded computing device to be overloaded by execution of the alternative binary library instead of the write-protected binary library of the write-protected firmware build, the computer readable program code when executed on the embedded computing device causes the embedded computing device to;
      
      receive the binary library overload instruction from a master library server manager module executed by a shared library catalog server; and
      
      the computer readable program code when executed on the embedded computing device further causes the embedded computing device to obtain the configuration information for use of the alternative binary library from a configuration database hosted by the master library server manager module.
  - 13. The computer program product of claim 12, where:
    - the obtained configuration information comprises a name of a binary file that comprises the write-protected binary library instructed to be overloaded, a storage location within the configuration database of the alternative binary library, credentials that allow access to the alternative binary library, and the integrity check value associated with the alternative binary library; and
      
      where the computer readable program code when executed on the embedded computing device further causes the embedded computing device to obtain, using the obtained configuration information, the alternative binary library from a shared library database hosted by the master library server manager module.
  - 14. The computer program product of claim 11, where in causing the embedded computing device to configure, within the RAM storage area, the alternative binary library to execute instead of the write-protected binary library as specified in the received binary library overload instruction, the computer readable program code when executed on the embedded computing device causes the embedded computing device to:
    - configure a RAM disk within the RAM storage area;
      
      obtain a shared binary library file that comprises the alternative binary library;
      
      store the shared binary library file that comprises the alternative binary library within the RAM disk; and
      
      set an environment variable that instructs the embedded computing device to use the alternative binary library instead of the write-protected binary library that forms the portion of the write-protected firmware build.
  - 15. The computer program product of claim 14, where in causing the embedded computing device to execute the write-protected firmware build using the alternative binary library instead of the write-protected binary library specified in the binary library overload instruction, the computer readable program code when executed on the embedded computing device causes the embedded computing device to:
    - use, based upon the set environment variable in response to a binary library restart, the alternative binary library stored within the RAM disk during execution of the embedded computing device instead of the write-protected binary library that forms the portion of the write-protected firmware build; and
      
      provide status information that details execution of the alternative binary library instead of the write-protected binary library.
  - 16. The computer program product of claim 11, where the computer readable program code when executed on the embedded computing device further causes the embedded computing device to:
    - determine whether the write-protected binary library specified in the received binary library overload instruction to be overloaded is active on the embedded computing device; and
      
      terminate, in response to determining that the write-protected binary library specified in the received binary library overload instruction to be overloaded is active on the embedded computing device, at least one associated process that accesses the write-protected binary library.

17. A computer program product, comprising:
- a computer readable storage medium having computer readable program code embodied therewith, where the computer readable program code when executed on an embedded computing device causes the embedded computing device to;
  
  receive a binary library overload instruction that specifies a write-protected binary library of a write-protected firmware build executed by the embedded computing device to be overloaded by execution of an alternative binary library instead of the write-protected binary library of the write-protected firmware build;
  
  configure, within a random access memory (RAM) storage area, the alternative binary library to execute instead of the write-protected binary library as specified in the received binary library overload instruction;
  
  receive an instruction to restart execution of the embedded computing device with the write-protected firmware build using the write-protected binary library;
  
  restart the embedded computing device in conjunction with clearing the RAM storage area; and
  
  execute and use the write-protected firmware build using the alternative binary library instead of the write-protected binary library of the write-protected firmware build specified in the binary library overload instruction during execution of the embedded computing device.
- View Dependent Claims (18, 19, 20)
- - 18. The computer program product of claim 17, where:
    - in causing the embedded computing device to receive the binary library overload instruction that specifies the write-protected binary library of the write-protected firmware build executed by the embedded computing device to be overloaded by execution of the alternative binary library instead of the write-protected binary library of the write-protected firmware build, the computer readable program code when executed on the embedded computing device causes the embedded computing device to;
      
      receive the binary library overload instruction from a master library server manager module executed by a shared library catalog server; and
      
      the computer readable program code when executed on the embedded computing device further causes the embedded computing device to obtain configuration information for use of the alternative binary library from a configuration database hosted by the master library server manager module.
  - 19. The computer program product of claim 17, where in causing the embedded computing device to configure, within the RAM storage area, the alternative binary library to execute instead of the write-protected binary library as specified in the received binary library overload instruction, the computer readable program code when executed on the embedded computing device causes the embedded computing device to:
    - configure a RAM disk within the RAM storage area;
      
      obtain a shared binary library file that comprises the alternative binary library;
      
      store the shared binary library file that comprises the alternative binary library within the RAM disk; and
      
      set an environment variable that instructs the embedded computing device to use the alternative binary library instead of the write-protected binary library that forms the portion of the write-protected firmware build.
  - 20. The computer program product of claim 17, where the computer readable program code when executed on the embedded computing device further causes the embedded computing device to:
    - determine whether the write-protected binary library specified in the received binary library overload instruction to be overloaded is active on the embedded computing device; and
      
      terminate, in response to determining that the write-protected binary library specified in the received binary library overload instruction to be overloaded is active on the embedded computing device, at least one associated process that accesses the write-protected binary library.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Exton, Scott A., Ferguson, Anthony B., Hockings, Christopher J., Holmes, Davin J.
Primary Examiner(s)
Khatri, Anil

Application Number

US13/669,930
Publication Number

US 20140130030A1
Time in Patent Office

791 Days
Field of Search

717171-176, 709/203
US Class Current

717/171
CPC Class Codes

G06F 8/65 Updates security arrangemen...

G06F 8/654 using techniques specially ...

Loading remote binaries onto a write-protected device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

33 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Loading remote binaries onto a write-protected device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links