Patent
System and method for enhanced security and update of smm to prevent malware injection
Reads0
Chats0
TLDR
In this paper, an information handling system for enhanced system management mode (SMM) security may include a processor, system management random access memory (SMRAM), persistent memory, and basic input/output (BIOS) memory.Abstract:
An information handling system for enhanced system management mode (SMM) security may include a processor, system management random access memory (SMRAM), persistent memory, and basic input/output (BIOS) memory. The system may include instructions that, when loaded and executed by the processor, cause the processor to initialize the memory, initialize the BIOS memory, initialize the persistent memory, and check whether the system has previously executed a power-on self test (POST) routine. Based on a determination that the system has not previously executed a POST routine, the processor may unzip the SMM Code located in the BIOS memory store the unzipped SMM Code in the persistent memory and in the SMRAM. Based on a determination that the system has previously executed a POST routine, the processor may create a duplicate copy of the SMM Code from the persistent memory and store the duplicate copy in the SMRAM. The processor may further initialize the SMRAM, lock the SMRAM, and hide the SMM Code stored in the persistent memory.read more
Citations
More filters
Patent
System and method for automatic recovery of firmware image
TL;DR: In this paper, a system and method for automatic recovery of a firmware image is described, which can include creating a shadow firmware image in a storage device from a file in nonvolatile memory.
Patent
Device upgrade method, apparatus, and system, storage medium, and terminal
Lian Caiyun,Wu Junhong,Wang Xianlin,Lai Xiaocheng,Tao Mengchun,Liao Min,Zhou Hao,Zhou Jinsheng +7 more
TL;DR: In this article, the authors propose a method to overcome the problem in the prior art of redundant upgrade operations caused by performing unified upgrade of devices, and achieves the effect of targeted custom upgrade operations.
Patent
Runtime update of intel server platform services' node manager settings in bios EEPROM
Shi Rui,Chin Jordan +1 more
TL;DR: In this article, the authors present a system for distributing a basic input output system (BIOS), comprising a BIOS settings system configured to receive BIOS settings data, a BIOS binary system config to receive binary code, a processor configured to load BIOS firmware from a memory and a code packager coupled to the memory.
References
More filters
Patent
Protected boot flow
TL;DR: In this article, a reset vector directs the system to a boot program including a protected program, which verifies the integrity of the BIOS contents before branching to the BIOS for execution of normal bootstrap functions.
Patent
Operating system independent apparatus and method for eliminating peripheral device functions
John J. Pearce,Kendall C. Witte +1 more
TL;DR: In this paper, the authors propose an emulation methodology that utilizes increasing microprocessor performance characteristics and System Management Mode (SMM) to emulate peripheral device functions in a computer system, which can be used to replace expensive, less functional components without substitution.
Patent
Enhanced system management mode with nesting
TL;DR: In this article, an enhanced system management mode (SMM) includes nesting of SMI (system management interrupt) routines for handling SMI events, which allows a currently active SMI routine to be preempted by another (higher priority) SMI event.
Patent
Hardened extensible firmware framework
TL;DR: In this paper, a resource access policy that defines rules to allow or disallow access to designated system resources, such as memory and I/O, is defined, in order to harden an extensible firmware framework and system in which the framework is implemented.
Patent
External locking mechanism for personal computer memory locations
TL;DR: In this article, an external locking mechanism for memory locations is proposed. But the mechanism is limited to a set of memory locations, divided into a plurality of memory units, and the device includes one or more locks configured to control access to one of the plurality of units.