Electrical computers and digital processing systems: support – Data processing protection using cryptography – By stored data protection
Reexamination Certificate
2001-12-19
2003-09-02
Barrón, Gilberto (Department: 2132)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
By stored data protection
C713S189000
Reexamination Certificate
active
06615355
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to the field of use of protecting flash memory from unintended or unauthorized modification. More particularly, the present invention relates to providing modification protection for code contained in flash memory, such as a Basic Input/Output System program (BIOS).
2.Description of Related Art
Currently, when a PC is first initialized or reset, it begins executing a basic Input/Output System program (BIOS) at a predefined location. The BIOS first performs a Power On Self Test (POST), in which all the system hardware units (such as the interrupt controller, the Direct Memory Access (DMA) controller, and timers/counters) are tested and programmed for normal operation. After the POST is complete, the BIOS scans another predefined memory region for BIOS extension software.
BIOS extension software may be included on hardware expansion plug-in cards. Typically, graphics adapter cards, local area network (LAN) adapter cards, and other hardware expansion plug-in cards have BIOS extension software. BIOS extension software allows the expansion hardware to map its own interrupt service programs into the BIOS function set, thereby adapting the function set to use the custom hardware.
The BIOS function set is defined in terms of software interrupts, meaning the BIOS and any BIOS expansion software must modify the interrupt vector table (BIOS software is written assuming the processor is running in real mode). Programs use the BIOS function set by generating software interrupts, which find the address of a particular BIOS function in the interrupt vector table and transfers control to the interrupt service program.
A common procedure followed by DOS programs is to modify the interrupt vector table to intercept BIOS calls (or other interrupts such as keyboard inputs), examine or process any relevant data, and then pass along control of the processor to the original target BIOS program. For example, when a key is pressed on a keyboard, a hardware interrupt is generated which causes the BIOS to get the relevant data from the keyboard interface, translate the data as necessary, and store it in a queue. Later, a program can generate a software interrupt that requests the BIOS to provide the next key input from the keyboard.
Because the BIOS is the first program to gain control of the processor after reset, it is critical to any security scheme. Therefore, the BIOS must be protected from modification during any time where the machine is in an unsecured operating mode, especially in cases where the BIOS is stored in flash memory. The BIOS is stored in flash memory to allow for field updates and reprogramming of the BIOS.
Typically, access to the BIOS is controlled by a system controller chip or chip set. The system controller incorporates all standard PC architecture functions such as interrupt controllers, DMA controllers, and memory controllers. This access control includes a reprogramming function for modifying the flash memory as well as functions for accessing the flash memory for execution of the program contained within the BIOS.
A common approach presently used to prevent unintentional modification of a flash memory is to use a register interlock scheme where two or more registers must be written with specific values in a specific sequence to enable the reprogramming of the flash memory. An example of the current flash memory protection scheme is illustrated in
FIG. 1
, where a register A
2
, a first key
4
, a first comparator
6
, a register B
8
, a second key
10
, a second comparator
14
, and an AND gate
12
. Register A
2
receives data from data path
16
when it receives a “write enable” signal on write line
18
. The value of register A
2
is compared to the value of first key
4
by comparator
6
. Comparator
6
generates a write enable signal to AND gate
12
if the value of register A
2
is equal to the value of first key
4
. Similarly, comparator
14
compares the value contained in register B
8
and second key
10
and generates a “BIOS write enable” signal on signal line
20
if the value contained in register B is equal to the value contained in second key
10
.
Normally, after reset of the system containing the register interlock of
FIG. 1
, register A
2
and register B
8
contain the value of zero. In addition, register B
8
is inaccessible to receive a value as comparator
6
outputs a logical zero to AND gate
12
as the value contained in register A
2
(i.e., zero) is not equal to the value contained in key
4
(i.e., hexadecimal number “0x00AA55FF”). To enable flash erasure and programming, register B
8
must contain a value of “0xFF55AA00”. To enable access to register B
8
, register A
2
must contain a value of “0x00AA55FF”, as shown in FIG.
1
.
Thus, to enable the reprogramming of the flash BIOS program in flash memory, register A
2
is first loaded with the value of “0x00AA55FF” through the use of data path
16
and write signal line
18
. When register A
2
has been so configured, comparator
6
will output the “write enable” signal to AND gate
12
which will allow a subsequent write signal on write signal line
18
to configure register B
8
with the value of “0xFF55AA00” through the use of data path
16
. When register B
8
has been so configured, comparator
14
will output a “BIOS write enable” signal over signal line
20
to allow the access of the flash memory (not shown) for reprogramming.
Although the scheme of writing two specific values in a specific sequence into two specific register locations reduces the probability of accidental erasure, the scheme does not prohibit intentional or mischievous erasure or reprogramming of the flash memory because the access sequence must be published in some form by the hardware developer for use by third-party BIOS program developers.
Therefore, what is needed is a protection scheme which would allow only authorized individuals to modify the flash memory. In addition, this protection scheme must allow for the protection of the flash memory without the need to provide hardware which is unique to each machine that is to be protected.
SUMMARY OF THE INVENTION
To provide for the protection of flash memory containing a program such as a Basic Input/Output System from any unauthorized reprogramming efforts, a system memory controller is included which provides a mode where the processor is restricted to accessing only the flash memory (i.e., a mode where the processor can only execute instructions from the flash memory and not from any other memory such as a main system memory or cache) This mode can be enabled or disabled by setting or clearing a control register of the system memory controller. The default mode after reset of the system would be to restrict instruction execution to the program in flash memory.
In addition, the memory controller should incorporate a set of registers that can be used to define limited regions of accessibility to memory space outside flash memory (i.e., regions in main system memory). These registers would be accessible to the processor only when the controller is operating in the restricted access mode (i.e., when the processor is executing instructions only from the flash memory). The register set will consist of one or more pairs of registers, wherein each pair would consist of a Base register and a Limit register. The Base and Limit registers would define a memory region beyond the flash memory which would be accessible to the processor when the system is operating in the restricted mode. The default value after reset would be 0 (i.e., after reset, no “extended” memory access is allowed in restricted mode).
In addition, a flash memory programming register is used to enable erasure and reprogramming of flash memory. The flash memory programming register is interlocked to enable those functions only when the memory controller is operating in the restricted mode.
To reprogram a flash memory, the following procedure would be used:
1. A flash memory upgrade program containing a new fl
Barrón Gilberto
Blakely , Sokoloff, Taylor & Zafman LLP
Intel Corporation
Zand Kambiz
LandOfFree
Method and apparatus for protecting flash memory does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for protecting flash memory, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for protecting flash memory will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3002693