Patent application number | Description | Published |
20080244191 | Processor system management mode caching - In some embodiments, an apparatus comprises one or more processors supporting a system management mode, system management memory, and software controllable caching of memory, one or more memory modules, a memory controller, and a communication bus to couple the one or more memory modules to the memory controller. Other embodiments may be described. | 10-02-2008 |
20090083532 | Verifying a trusted SMI handler - A trusted system management interrupt handler may be verified by first locating a signed system management interrupt handler image in system memory. The digital signature of the signed system management interrupt handler image is verified. An existing basic input/output system management interrupt handler is erased and replaced with a new system management interrupt handler image. Then an analysis is done of the system management interrupt handler message is to determine whether to continue to launch. | 03-26-2009 |
20120072734 | PLATFORM FIRMWARE ARMORING TECHNOLOGY - A method, apparatus, method, machine-readable medium, and system are disclosed. In one embodiment the method includes is a processor. The processor includes switching a platform firmware update mechanism located in a computer platform to a platform firmware armoring technology (PFAT) mode on a boot of the computer platform. The computer platform includes a platform firmware storage location that stores a platform firmware. The method then persistently locks the platform firmware storage location in response to the platform firmware update mechanism switching to the PFAT mode. When persistently locked, writes are only allowed to the platform firmware storage location by an Authenticated Code Module in the running platform and only after a platform firmware update mechanism unlocking procedure. | 03-22-2012 |
20130219191 | PLATFORM FIRMWARE ARMORING TECHNOLOGY - A method, apparatus, machine-readable medium, and system are disclosed. In one embodiment the method includes a processor. The processor includes switching a platform firmware update mechanism located in a computer platform to a platform firmware armoring technology (PFAT) mode on a boot of the computer platform. The computer platform includes a platform firmware storage location that stores a platform firmware. The method then persistently locks the platform firmware storage location in response to the platform firmware update mechanism switching to the PFAT mode. When persistently locked, writes are only allowed to the platform firmware storage location by an Authenticated Code Module in the running platform and only after a platform firmware update mechanism unlocking procedure. | 08-22-2013 |
Patent application number | Description | Published |
20080294889 | Method and apparatus to store initialization and configuration information - Briefly, in accordance with an embodiment of the invention, an apparatus and method to store initialization and configuration information is provided. The method may include storing basic input/output system (BIOS) software in a polymer memory. The method may further include copying a first portion of the BIOS software from the polymer memory to a random access memory (RAM) buffer of a memory controller, wherein the RAM buffer has a storage capacity of at least about two kilobytes (KB). | 11-27-2008 |
20100228997 | METHOD AND APPARATUS FOR VERIFYING AUTHENTICITY OF INITIAL BOOT CODE - A programmable processor initializes its state, then computes and verifies a hash of a boot code region of memory before executing any user instructions in the memory. Systems using similar processors, and software to control such a processor's operation, are also described and claimed. | 09-09-2010 |
20140095936 | System and Method for Correct Execution of Software - In an embodiment of the invention an application provider may include “tracing elements” in a target software application. While working with the application the trace elements are detected and provide a “baseline trace” indicating proper application execution. The provider then supplies the application, which still includes the trace elements, and the baseline trace to a user. The user operates the application to produce a “real-time trace” based on the application still having trace elements that produce trace events. A comparator then compares the baseline and real-time traces. If the traces are within a pre-determined range of each other the user has a level of assurance the software is operating correctly. If the level of assurance is low, an embodiment may trigger a hardware interrupt or similar event to prevent further execution of software. Other embodiments are described herein. | 04-03-2014 |
20140123281 | DETECTION OF RETURN ORIENTED PROGRAMMING ATTACKS - In one embodiment, a processor includes at least one execution unit and Return Oriented Programming (ROP) detection logic. The ROP detection logic may determine a ROP metric based on a plurality of control transfer events. The ROP detection logic may also determine whether the ROP metric exceeds a threshold. The ROP detection logic may also, in response to a determination that the ROP metric exceeds the threshold, provide a ROP attack notification. | 05-01-2014 |
20140123286 | Detection Of Return Oriented Programming Attacks - In one embodiment, a processor includes at least one execution unit and Return Oriented Programming (ROP) detection logic. The ROP detection logic may determine a ROP metric based on a plurality of control transfer events. The ROP detection logic may also determine whether the ROP metric exceeds a threshold. The ROP detection logic may also, in response to a determination that the ROP metric exceeds the threshold, provide a ROP attack notification. | 05-01-2014 |
20140297922 | METHOD AND APPARATUS FOR MANAGING SERIAL PERIPHERAL INTERFACE (SPI) FLASH - A system for communicating with a flash device includes: a controller configured for communicating with the flash device, the controller including logic for classifying a command to the flash device as one of safe and unsafe and communicating each safe command. Methods and a computer program product and a computing system are disclosed. | 10-02-2014 |
20150081257 | AUTOMATIC PAIRING OF IO DEVICES WITH HARDWARE SECURE ELEMENTS - Methods and systems may provide for receiving at a secure element of a system, during a boot process of the system, a first pairing authentication value from a pairing agent. In addition, a pairing key may be received from the pairing agent, wherein the first pairing authentication value and the pairing key may be used to establish a trusted channel between the secure element and an input output (IO) device coupled to the system. In one example, the first pairing authentication value is accepted only if the first pairing authentication value is received prior to a predetermined stage of the boot process. | 03-19-2015 |