Mar 26, 2002 - ee app 10a Ion e or Comp 6 e Seam 15 01y' from accessing ...... of the invention, the digital signature is based on the public key infrastructure.
US007127579B2
(12)
(54)
(75)
United States Patent
(10) Patent N0.:
Zimmer et a].
(45) Date of Patent:
HARDENED EXTENDED FIRMWARE
6,389,540 B1 *
US 7,127,579 B2 Oct. 24, 2006
5/2002 Schei?er et a1. ............ .. 726/21
INTERFACE FRAMEWORK
6,978,018 B1* 2002/0099952 A1 *
12/2005 Zimmer .......... .. 7/2002 Lambert et a1. ..
Inventors: Vincent . Malhk J. 'Zimmer, Bulusu’Federal Olympla’ Way, ' WA WA
2005/0114639 A1* 1(7); 5/2005 Zimmer gran ew e a . . 2005/0160281 A1*
(73) Assignee: Ente; Corporation, Santa Clara, CA
7/2005
380/30 713/200
712/244
Thibadeau ................ .. 713/189
* Cited by examiner
US
Primary ExamineriMatthew Kim (*)
Notice:
Subject to any disclaimer, the term of this
ASSiSlanl EXIIMI'HEI’AChaSB W. Peers
patent is extended or adjusted under 35 U.S.C. 154(b) by 814 days.
(74) Attorney, Agent, or FirmiBlakely, SOkOlO?‘, Taylor & Zafman LLP
(21) Appl. No.: 10/107,882 (22)
Filed:
(57)
Mar. 26, 2002
ABSTRACT
A method of system for hardening a ?rmware environment. A trusted core framework of ?rmware components are
(65)
Prior Publication Data Us 2003/0188173 A1
'
(51) (52)
Int CL G06F 12/00 U 5 Cl ' '
segregated from initially non-trustworthy extended ?rmware
Oct 2 2003
components such that the trusted core components are executed in a P rivile g ed P rocessor mode, while the extended ?rmware components are executed in a non-privileged pro cessor mode. An authentication of each extended ?rmware component is made to determine whether it is secure or
’
(200601) 711/163_ 713/2 713/156
' """" """""""
_
’
’_
f
non-secure. Through a memory code fault mechanism,
memory accesses made by the extended ?rmware compo
’
’ 714/38’
nlents are trapped, and 1a1 deitiergninlaltion (iisbmadie to wl?etl?er t e memory accesses s on e a owe ase on w et er
(58) Fleld of Cl;l:il/gfgt_l0;l 5541/13’ 713/189’ 2 193_ 7’14/25 3’6 3é_ 765/55f
the extended ?rmware component is secure or non-secure and whether the requested memory page was allocated by
380/2 ’ 72 6 f1 6 21 2’2 25 2;‘ 26 4 5’
the trusted core or a secure extended ?rmware component.
,
S
,
1. t.
?l ti
ee app 10a Ion
(56)
’,
’
’
’1 t ’
’ h’h. t’
e or Comp 6 e Seam
’ ’
This segregation scheme prevents non-trusted ?rmware
15 01y‘
from accessing privileged memory, thereby preventing
References Cited
rogue, errant, or malicious ?rmware from damaging the trusted core framework.
US. PATENT DOCUMENTS 5,421,006 A *
5/1995
32 Claims, 8 Drawing Sheets
Jablon et a1. ............... .. 714/36
NON-PRIVILEGED
TRUSTED) MEMORY
EXECUTABLE IMAGE
(DRV 1)
copy
EXECUTABLE IMAGE
(PEIM B) [FINDFD] EXECUTABLE IMAGE
(PEIM A) HEADER 1
1 ‘
:|
Pr0t0o0l|n1erface1 Functionl Pointer I}
"
=
|
: l
: HANDLE : ,
152A
FunctionZPointer '
Flag
Dev1'ce1 Speci?c Context
GUIDAJn1erface1 1---
GUIDE
“new”.
0
sumo Gum -
--
1 4
~ 1---
FuncllnnA Pointer
l‘
Fun01|0n5 Palmer 5
1
,
'
FunetionBPulnler 1
GUIDZ Interfaces 0 Gum
L154 ,
Protocol InterfaceZ '
Dewar:1 tseiem?c e / HANDLERS
1
\15s \160152 f
.
Protocol lnterfaoe4 FunclionB Pointer FunctionQ Pointer
FAU LT HANDLER
Device4 Spec/‘?e
EFI CORE FRAMEWORK
17B |
|
:
CORE FRAMEWORK
Context
METADATA
____________________ ,j______.
150Af
%
TRUSTED
[:1
UNTRUSTED
U.S. Patent
Oct. 24, 2006
Sheet 1 0f 8
FDO (BFD)
0>
![Hacking the Extensible Firmware Interface - Black Hat [PDF]](https://m.moam.info/img/260x300/hacking-the-extensible-firmware-interface-black-ha_647d9fb8098a9e0b448b4597.jpg)
