Browse Prior Art Database

Method to Protect Firmware

IP.com Disclosure Number: IPCOM000033807D
Publication Date: 2004-Dec-28
Document File: 3 page(s) / 23K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a method that uses the no-execute (NX) bit and Memory Attribute Registers (MAR) registers in the chipset to protect the firmware. Benefits include a solution that is always available, even with the operating system (OS) protection in place.

This text was extracted from a Microsoft Word document.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 89% of the total text.

Method to Protect Firmware

Disclosed is a method that uses the no-execute (NX) bit and Memory Attribute Registers (MAR) registers in the chipset to protect the firmware. Benefits include a solution that is always available, even with the operating system (OS) protection in place.

Background

Currently, firmware is vulnerable to other firmware/BIOS agents prior to the OS load. After the OS load, the firmware is vulnerable to errant OS agents.

General Description

The disclosed method provides a means by which to protect firmware. During the pre-OS flow, one-to-one virtual memory is used with the NX bit asserted for pages containing code (see Figure 1). During the OS runtime, the current MAR and Programmable Address Mask (PAM) are augmented in two ways: 

§         It is locked so that the OS cannot remove the protections.

§         It is expanded to protect a memory region above one MByte, namely the EFI runtime code, data, and ACPI NVS regions. This allows for the chipset to cover firmware beyond the C, D, E, and F-segments. 

Locking the MARs/PAMs adds an additional degree of protection to the legacy BIOS runtimes below one megabyte at runtime. This is becoming increasingly important for technologies like the Trusted Platform Module PC-specific boot flow that record the contents of the BIOS.
Figure 2 shows the flow of the disclosed method.

Advantages

Some implementations of the disclosed structure and method provide one or more of the following advantages:

The disclosed method protects fir...