• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    In a computer system having a processor 102, system memory, flash memory, and memory controller 104, a method of image and digitally signing as part of system memory 106 is described. That is, configuring the memory controller to restrict the processor to access only part of the flash memory 108 and the system memory 106; Verifying the flash memory update program using the digital signature; And updating the flash memory if the flash memory update program is authenticated.
    公开号:KR20000022308A
    申请号:KR1019980710731
    申请日:1997-06-25
    公开日:2000-04-25
    发明作者:필립 이. 매티슨
    申请人:피터 엔. 데트킨;인텔 코오퍼레이션;
    IPC主号:
    专利说明:

    Methods and devices for protecting flash memory
    Recently, when the PC is initialized or reset for the first time, the PC starts to perform a basic input / output system program (BIOS) at a predetermined position. First, the BIOS performs POST on power-up, and all system hardware units (such as interrupt controllers, direct memory access (DMA), and timers / counters) are checked and programmed for normal operation. After the POST completes, the BIOS scans another predetermined memory area for BIOS extension software.
    BIOS extension software may be included on the hardware expansion plug-in card. In particular, graphics adapter cards, LAN adapter cards, and other hardware expansion plug-in cards have BIOS extension software. The BIOS extension software allows the extension hardware to map its own interrupt service program to the BIOS feature set, adjusting the feature set to individual hardware accordingly.
    The BIOS feature set is defined as the term software interrupts, meaning that the BIOS and any BIOS extension software must modify the interrupt vector table (assuming the processor is running in real mode, the BIOS software is written). The program uses the BIOS feature set by finding the address of a particular BIOS function in the interrupt vector table and generating a software interrupt that passes control to the interrupt service program.
    A common procedure by a DOS program to intercept BIOS calls (or other interrupts, such as keyboard input) is to modify the interrupt vector table, examine or process the associated data, and then follow the control of the processor to the first target BIOS program. To pass. For example, when a key on a keyboard is pressed, a hardware interrupt occurs that causes the BIOS to obtain relevant data from the keyboard interface, translate it into the required data, and store it in a queue. The program can then generate a software interrupt that requires the BIOS to provide the next input from the keyboard.
    Since BIOS is the first program to gain control of the processor after reset, it is important for any security technology. Thus, while the machine is in an unsafe operating mode, especially if the BIOS is stored in flash memory, the BIOS must be protected from modification. The BIOS is stored in flash memory, allowing BIOS reprogramming and field updates.
    In particular, access to the BIOS is controlled by a system controller chip or chip set. The system controller integrates all standard PC architecture functions such as interrupt controller, DMA controller, and memory controller. This access control includes a reprogramming function that modifies the flash memory as well as the ability to access the flash memory for execution of programs contained within the BIOS.
    A common method currently used to prevent inadvertent modifications is to use a register interlock technique where certain values must be written to two or more registers in a specific order to allow reprogramming of the flash memory. An example of a current flash memory protection technique is shown in FIG. 1 and includes a register A2, a first key 4, a first comparator 6, a register B8, a second key 10, a second comparator ( 14), and AND gate 12. Register A2 receives data from data path 16 when it receives the signal " write enable " The value of the register A2 is compared by the comparator 6 with the value of the first key 4. Comparator 6 generates a write enable signal to AND gate 12 if the value of register A2 is equal to the value of first key 4. Similarly, comparator 14 compares the value contained in register B8 with the value of second key 10 and if the value contained in register B is equal to the value contained in second key 10. Generate a "BIOS write enable" signal on signal line 20.
    Usually, after a system reset including the register interlock of FIG. 1, registers A2 and B8 contain zero values. Also, the comparator 6 ANDs the zero logic value when the value contained in the register A2 (i.e., 0) is not equal to the value contained in the key 4 (i.e., "0x00AA55FF" in hexadecimal). In order to output to 12, register B cannot be accessed to receive the value. In order to be able to erase and program the flash, register B8 must contain a value of "0xFF55AA00". In order to be able to access register B8, as shown in FIG. 1, register A2 must contain a value of " 0x00AA55FF ".
    Therefore, in order to reprogram the flash BIOS program in the flash memory, first, the value "0x00AA55FF" is loaded into the register A2 using the data path 16 and the write signal line 18. When the register A2 is configured as above, the comparator 6 configures the register B8 with the value " 0xFF55AA00 " due to the subsequent write signal on the write signal line 18 using the data path 16. Outputs a " write enable " signal to the AND gate 12. When register B8 is configured as above, an accessible comparator 14 of a flash memory (not shown) for reprogramming will output a " BIOS write enable " signal to signal line 20.
    The technique of writing two specific values in two specific register locations in a specific order reduces the chance of accidental erasure, but the access order must be presented in some form for use by a hardware developer to be used by a third party BIOS program developer. As a result, this technique does not prevent reprogramming, intentional or harmful erase of the flash memory.
    Therefore, there is a need for a protection technology in which only authorized individuals can modify the flash memory. In addition, this protection technology must be able to protect the flash memory without the need to provide hardware for each machine to be protected.
    Summary of the Invention
    In order to protect flash memory containing programs such as the basic input / output system from unauthorized reprogramming attempts, a mode in which the processor accessed only the flash memory is restricted (ie, the processor only performs instructions from the flash memory and the main system System memory controller that provides a mode that cannot be performed from memory or other memory such as a cache. This mode can be enabled or disabled by setting or clearing the control register of the system memory controller. After system reset, the reference mode will limit the execution of instructions for the program in the flash memory.
    In addition, the memory controller must incorporate a set of registers that can be used to define an area accessible to memory space outside the flash memory (ie, the area of the main system memory). This register can access a processor only when the controller is operating in a restricted access mode (ie, when the processor is only performing instructions from flash memory). The register set will consist of one or more pairs of registers, each pair consisting of a reference register and a limit register. The reference and limit registers will limit the memory area out of flash memory accessible to the processor when the system is operating in restricted mode. The reference value after reset will be 0 (ie after reset, extended memory access is not allowed in restricted mode).
    In addition, flash memory programming registers are used to enable reprogramming and erasing of flash memory. The flash memory programming registers are interlocked to enable this function only when the memory controller is operating in the restricted mode.
    To reprogram the flash memory, the following procedure will be used.
    1. A flash memory update program containing a new flash memory image for flash memory is loaded into main system memory and executed. The flash memory update program will incorporate a digital signature signed with the salesperson's private key, which is the initial hash value of the flash memory update program encrypted with the salesperson's private key.
    2. The flash memory update program will call a special function in the current program included in the flash memory and require a new flash memory image to be installed. This call will specify the size and address of the flash memory update program located in main system memory.
    3. The current program will set the memory controller to operate in restricted mode and allow extended memory to be accessed to the portion of system memory that contains the flash memory update program.
    4. The current program will then verify the source and the contents of the flash memory update program (including the new flash memory image) in the following steps: (a) The salesperson stored in the current program to obtain the initial hash value. Decrypting the digital signature using the private key; (b) independently calculating a hash value for a flash memory update program residing in the main system memory; And (c) comparing the hash value generated independently from the original hash value obtained by decrypting the digital signature to find a match.
    5. If the hash values are matched, that is, indicating that the flash memory update program contained in the main memory resulting from the authorized generator (AND) has not been modified, the current program contained in the flash memory can be reprogrammed. And transfer control of the processor to the flash memory update program.
    6. The flash memory update program will then erase the flash memory and copy the new flash memory image to the flash memory. The new program code will contain the same special features as the current program, allowing for subsequent field updates, as well as the salesperson's copied private key. Further, in another preferred embodiment, each subsequent version of the flash memory update program may include an updated or different key. In this embodiment, different versions of the update program will have different keys, and multiple signatures will be required so that any program of the previous version can be updated without going through each version, and each of the multiple keys has been used previously. In addition, each update program can include all previous keys so that the flash memory can also be downgraded to a previous version of the program code.
    7. The flash memory update program still executed from main system memory will transfer control of the processor to the program contained in the new flash memory image, and now in flash memory, the memory controller will return to normal operation and normal initialization sequence as if a reset occurred. To start.
    The provided security technique does not require the system to be initialized in secure mode and can be implemented after the normal initialization procedure of the system. Thus, with a system reset, a program located in flash memory (such as BIOS) will gain control of the processor, set the memory controller to allow unrestricted access to the system memory, and proceed normally. When the program in the flash memory is to be updated, as indicated above, the performance of step (1) will be performed and it is not necessary for the processor or system to be placed in a special mode before the flash memory update program is performed.
    Using this protection technique, only the salesperson's owner of the private key can distribute software that modifies the current program. By preventing the use of unused memory during the flash reprogramming process, no code that has not been verified by the code gains control of the system. In addition, the extension to the current program not included in the flash memory or the licensed memory space will not be performed and thus the bad program in the extension will not be able to modify the flash memory without permission. The only way to destroy the security process is to change the behavior of the hardware or compromise the salesperson's private key. The basic completeness of the original code itself and any updates can be assured by economic and administrative measures and therefore no unique hardware support is required for each machine.
    The present invention does not rely on the BIOS to be controlled from the start of the boot process to prevent unauthorized modifications.
    This method of protecting the device's sensitivity registers is not only used for flash programming, but also for other applications where the actual modification of hardware registers can have serious consequences.
    Other objects, features and advantages of the present invention will become apparent from the accompanying drawings and the following detailed description.
    FIELD OF THE INVENTION The present invention relates to the field of use to protect a flash memory from modification by mistake or in an unauthorized state. More specifically, the present invention protects against modifications to code contained in flash memory, such as a basic input / output system (BIOS).
    Figure 1 shows a prior art register interlock preventing modification to the BIOS.
    2 shows a system constructed in accordance with a preferred embodiment of the present invention.
    3 illustrates a flow diagram that includes the preferred operation of the present invention.
    The present invention provides a method and apparatus for preventing unauthorized modification of a flash memory. For example, specific embodiments are provided for a thorough understanding of the present invention. However, it will be understood by those skilled in the art that, in the detailed description, the invention may be practiced without these details. In addition, although the invention is described through the use of flash memory, most but not all aspects of the invention generally apply to memory. In addition, in order not to obscure the present invention, well-known elements, devices, process steps, etc. are not detailed.
    Reference may also be made to encryption techniques such as harvest, shamir, and Adelman (RSA) public key cryptographic systems, and may be used for encryption and digital signatures. However, an encryption system capable of authenticating source and content messages may be used without departing from the spirit and scope of the invention. In essence, public key cryptography is used in secure systems to verify the content of source and security software and to protect the keys used in bulk encryption.
    Reference may also be made to another technique called hashing. This is similar to the checksum operation, but is mathematically more precise and reduces the possibility of the same checksum for two different blocks of data. Hashing is an element in keys, verification, and signatures. The hash value will be the only number for the information block, and if some of the information is modified in the information block, the hash value generated accordingly will be different. In practice, a hash algorithm is used, and whether a checksum or hash operation is used is not relevant to the present invention. The decision as to which secure software system operates on the secure platform is left to the performer.
    A signature for the block of information is generated by the sender that generates the hash value using the data in the information block, and then the generated hash value is encrypted with the sender's private key. Thus, the encrypted hash value is the salesperson's signature for the information block.
    To check the validity of the information block generated from the salesperson and to determine that no change has occurred in the information block, the recipient first generates a hash value for the information block, and then obtains the salesperson's Decrypt the signature using the public key. If the hash value generated by the recipient matches the decrypted hash value extracted from the signature in the information block, then the received information block is from the salesman and can be said to have not changed.
    2 illustrates a system configured in accordance with a preferred embodiment of the present invention, which includes a processor 102, a memory controller 104, a system memory 106, a flash memory 108, a memory address / window detector 110, a system Memory access enable register 112, memory window control 114, flash memory programming logic 116, flash memory programming enable register 118, first AND gate 120, OR gate 122, second AND gate 124, and NOT gate 126.
    As shown in FIG. 2, processor 102 is coupled to memory controller 104 via data signal line 202 and address signal line 204. Memory controller 104 is coupled to system memory controller 106 using memory data signal line 206 and memory address signal line 208. Memory controller 104 is also coupled to flash memory 108 using memory data signal line 206 and memory address signal line 208. Memory window control 114 is also coupled to memory data signal line 206. Memory window control 114 also provides output to range signal line 214 to memory address / window detector 110.
    Memory controller 104 and processor 102 are coupled to memory address / window detector 110 using cache enable signal line 210 and address signal line 204. The memory address / window detector 110 is also coupled to the first AND gate 120, and the output of the first AND gate 120 is controlled by the system to control writing a value to the system memory access enable register 112. Is coupled to the memory access enable register 112. The output of the system memory access enable register 112 and the access enable output from the memory address / window detector 110 are provided through an OR gate 122 and using an access enable signal line 212 using a memory controller ( 104). The output of the system memory access enable register is also provided to the NOT gate 126.
    The output of NOT gate 126 is provided to memory window controller 114 and second AND gate 124, respectively. The output of the second AND gate 124 is provided to the flash memory programming enable register 118, and the output of the flash memory programming enable register 118 is also coupled to the flash memory programming logic 116. Flash memory programming logic 116 is coupled to flash memory 108.
    The memory controller 104 translates the address into any address needed by other system components in the address space used by the processor 102. Thus, for example, whether the processor 102 performs instructions or accesses data from flash memory 108 or system memory 106, all data and instructions will pass through memory controller 104. By not translating the request for the address space used to access system memory 106, memory controller 104 prevents processor 102 from accessing system memory 106. The memory controller 104 can operate in a mode that does not cache anything. In a preferred embodiment, the memory controller 104 will enable access to the system memory 106 while receiving the access enable signal via the access enable signal line 212. In addition, the memory controller 104 has a mode in which access to the off processor cache (level 2 cache) will not be processed. This mode is controlled by the memory address / window detector 110 as described below.
    The system memory access enable register 112 is used to generate an access enable signal through the access enable signal line 212 during normal operation. By modifying the system memory access enable register 112, access to the system memory 106 is enabled or disabled, that is, all requests to the access system memory 106 are sent to the system memory access enable register 112. Controlled by the value contained. However, regardless of the value included in the system memory access enable register 112, access to the system memory 106 may be enabled by the memory address / window detector 110 as described below.
    In a preferred embodiment, system memory access enable register 112 includes a single bit and may be implemented as a flip-flop. When the system memory access enable register 112 includes a logic value "0", the memory is provided to provide a logic value "1" to the memory controller 104 via the access enable signal line 212. If the address / window detector 110 does not generate a logical value "1" in the OR gate 122, the memory 102 will not be able to access the system memory 106 by the memory controller 104. Thus, in a preferred embodiment, the access enabled signal is represented as a logic value "1".
    In a preferred embodiment, when starting with a hardware reset, the system memory access enable register 112 is disabled, i.e., the system memory access enable register 112 includes a logical value ("0"), and thus Access to system memory 106 is disabled. Thus, only the BIOS program in the flash memory 108 can be accessed to be executed. In the system initialization process, the reset vector enters the BIOS and begins performing, and the first thing to do is to write to the system memory access enable register 112 so that all access to the system memory 106 is enabled.
    The memory address / window detector 110, which can monitor the address accessed by the processor 102 using the address signal line 204, allows the memory controller 104 to provide access to the system memory 106. Only programs executing in flash memory 108 may modify the system memory access enable register 112. Thus, the memory address / window detector 110 can access the system memory access enable register 112 if it detects that the processor 102 is executing from a program included in the flash memory 108. Programs operating in memory 106 may not modify system memory access enable register 112.
    The memory address / window detector 110, in the linear address map, specifically allocates the upper 64 kilobytes of the first megabyte of the original PC architecture to the BIOS and the extended BIOS allocates another program memory in the area below 64 kilobytes allocated to the BIOS. It works based on the fact that it is included with. Thus, BIOS extensions to the BIOS interrupt controller, other programs, and data are within different memory ranges from the programs included in flash memory 108. If the machine is a compatible computer, the address range on which the BIOS will be performed on this computer is known.
    In addition, as described above, the memory address / window detector 110 generates a signal having a logical value " 1 " for the OR gate 122 to allow the system memory access enable register 112 to generate a system memory (< / RTI > It is possible to invalidate the access disable of 106). The memory address / window detector 110 will invalidate access disable of the system memory 106 to the addresses contained in the memory address / window detector 110 as described above.
    In addition, the memory address / window detector 110 generates a cache disable signal for each of the processor 102 and the memory controller 104 via the cache enable signal line 21 to generate the cache local processor 102 (level 1). Cache) or off-processor cache (level 2 cache) cannot be used.
    Thus, memory address / window detector 110 may transmit a control signal that enables caching at memory controller 104 and processor 102, and memory address / window detector 110 may have a write signal access to system memory. It is also possible to send an enable signal to pass through enable register 112. The memory address / window detector 110 may monitor the address to detect if the CPU is operating in an appropriate range.
    The memory window control 114 is controlled by a memory address / window detector 110 that transmits an access enable signal that re-enables the memory controller 104 to provide access to the system memory 106 during some operation. The processor 102 has a reasonable memory address range from which it can access the update program. In a preferred embodiment, memory window control 114 includes a reference register (not shown) and a limit register (not shown). Memory window control 114 is accessible only when system memory access enable register 112 is set to disabled.
    3 illustrates a series of operations for reprogramming flash memory 108 in accordance with the present invention.
    In block 302, a flash memory update program containing a new flash memory image (i.e., a new BIOS image) for flash memory 108 (including the current BIOS) is loaded into system memory 106 to be performed. will be. The flash memory update program will incorporate a digital signature signed with the salesperson's private key; After the source hash value is encrypted with the salesperson's private key, the digital signature will be the source hash value of the flash memory update program. Operation will then continue to block 304.
    In block 304, after the flash memory update program begins to perform, the flash memory update program will invoke a special function in the current program included in flash memory 108 and will require the installation of a new flash memory image. . This call will specify the address and size of the flash memory update program located in system memory 106. Thus, when the flash memory update program (including the new BIOS image) starts to run, transfer control to the program (current BIOS) included in the flash memory 108 and request to update the current BIOS.
    The address and size of the flash memory update program will be stored in the reference register and the limit register, respectively, included in the memory window control 114. As mentioned above, the memory window control 114 may include one or more pairs of reference registers and limit registers so that the flash memory update program is not included in one contiguous address space.
    In block 306, the memory address / window detector 110 is transmitted by transmitting a cache disable signal through the cache enable signal line 210 after the processor has started operating in accordance with the current program contained in the flash memory 108. ) First disables caching by the processor and memory controller 104. Note that during all phases of the update, the cache does not necessarily have to be disabled. The cache must be flushed (ie all data and instructions must be erased) until the flash memory update program (and the new flash memory image) is verified.
    Processor 102 receives instructions from a program (i.e., BIOS) in flash memory 108, which is a register I / O write instruction. The BIOS attempts to write to the system memory access enable register 112 so that it is not accessible to the system memory 106. When sent in a write indicator bus write cycle, the memory address / window detector 110 determines whether a previous instruction that accelerated a register I / O write instruction was sent from the BIOS (of flash memory), and the memory address / window detector Due to 110, the register I / O write instruction can be completed when a register I / O write instruction was sent from the BIOS.
    Accelerated register I / O from processor 102 when processor 106 executes a program that is contained in system memory 106 and generates a register I / O write instruction that modifies system memory access enable register 112. The bus write cycle for the register I / O write instruction will be inhibited as the memory address / window detector 110 determines that the write instruction is performed from a program contained in the system memory 106. Thus, only programs included in flash memory 108 may modify the state of system memory access enable register 112.
    Further, when the memory address / window detector 110 detects that the processor 102 performs from the actual address space in the flash memory 108, i.e., the processor 102 executes code from the current BIOS, By writing a signal to the system memory access enable register 112 with a logic value " 0 ", the memory address / window detector 110 prevents the system memory access enable register 112 from being used. Generate a signal representing a logical value "0" for 120. The system memory access enable register 112 includes a logic value "0", so if the memory address / window detector 110 does not output a signal having a logic value "1", the OR gate 122 ) Will be a logical value ("0"), i.e., access to system memory 106 causes memory address / window detector 110 to output a logical value "1" to OR gate 122. If so, it would be possible.
    As mentioned above, memory window control 114 includes a register that represents a set of accessible address spaces in system memory 106 after system memory 106 is locked. The memory address / window detector 110 will enable access as part of the system memory 106 defined by the memory window control 114, and enable system memory access by reading the registers contained in the memory window control 114. Preventing access to the entire system memory 106 generated due to the setting of the register 112 becomes invalid. When processor 102 requires fetching instructions from the set of accessible address spaces, it allows access to the accessible address spaces even if system memory access enable register 112 has locked system memory 106. The memory address / window detector 110 sends an access enable override. In particular, memory address / window detector 110 will allow memory controller 104 to provide access to system memory 106; That is, if the requested access is in an address space defined by a register in the memory window control 114, the memory address / window detector 110 passes through the access enable signal line 212 to the memory controller 104. Will output a signal with " 1 ").
    Thus, the current program in flash memory 108 will first place memory controller 104 to operate in a restricted mode that disables system memory 106, so that processor 102 may enter system memory 106. You cannot access anything that is there. The current program in flash memory 108 will then allow extended memory access to the portion of system memory that contains the flash memory update program.
    At block 308, the current program in flash memory 108 is then (a) decrypted the digital signature using the salesperson's public key stored in the current program to obtain the source hash value, and (b) the main program. Independently calculates the hash values for flash memory update programs residing in system memory, and (c) compares the generated hash values independently of the original hash values obtained by decrypting the digital signature to find a match (new flash memory We will verify the contents and source of the flash memory update program (including the image).
    If the hash value indicating that the flash memory update program included in the main memory resulting from the authorized generator AND is not modified is matched, operation will proceed to block 310. If the hash values do not match, the update will be canceled. In an alternate embodiment, the user knows that the update failed in another step (not shown).
    In block 310, the current program included in flash memory 108 by enabling the flash memory programming enable register 118 with the programming enable signal will enable reprogramming of flash memory 108, and The control point of the processor 102 will be transferred to the flash memory update program included in the system memory 106 at the entry point of the. As described above, the system memory access enable register (for a flash memory programming enable register that disables reprogramming of the flash memory 108 as long as the system memory access enable register 112 is in an enabled state). 112 has an interlock. In order to set the system memory access enable register 112 to the disabled state, which enables access to the flash memory programming enable register, the processor 102 needs to run an initially authorized program (ie, BIOS). Do. In this system, only the first program in flash memory 108 can be replaced by itself.
    In block 312, using the flash memory program logic 116, the flash memory update program erases the flash memory 108 and copies the new flash memory image to the flash memory 108. The new program code will include the same special functionality as the current program, including a copy of the salesman's public key for later field updates. Operation then continues to block 314.
    In block 314, the flash memory update program still executing from the system memory 106 transfers control of the processor 102 to the program included in the new flash memory image, and now in flash memory 108, the memory controller ( Make 104) operate normally and start normal initialization sequence as if reset occurred. The update operation then ends.
    In normal operation, a program in flash memory 108 (ie, BIOS) gains control immediately after a hardware reset. The BIOS then initializes all hardware and loads the operating system before transferring control to the operating system. By being able to start in an insecure mode, the present invention exhibits functionality according to normal circumstances, can be switched to a safe operating mode to update the BIOS, and returns to start again with initialization. Thus, protection technology does not require the system to initially enter safe mode.
    The flash memory update program starts the entire flash memory update program, but the important thing in system security is that it is only possible to switch to the safe operation mode when the processor 102 performs instructions from the flash memory 108; That is, it is possible to modify the system memory access enable register 112 only when the processor 102 performs instructions from the flash memory 108.
    In addition, because the processor 102 can perform from a particular real-range of memory occupied by an authorized flash memory program, the system cannot access registers that control which software can be updated, so that the system has a bad interrupt in the BIOS. Resist the situation on the extension.
    In a preferred embodiment, key verification is done strictly in software; That is, it will be understood that decryption of the independent generation of hash values for the signature and update program is performed using the processor 102 executing code from the flash memory 108, and decryption and comparison of the hash values is applied to the application. It will be appreciated that it may be performed using other methods, including on-demand integrated circuits.
    While the invention has been described with reference to various figures, it will be understood that the figures are examples only and do not limit the scope of the invention. Many modifications and variations may be made to the present invention by those skilled in the art without departing from the spirit and scope of the invention.
    权利要求:
    Claims (14)
    [1" claim-type="Currently amended] In a computer system having a processor, system memory, flash memory, and a memory controller,
    Loading a flash memory update program with a new flash memory image and a digital signature into a portion of the system memory;
    Configuring the memory controller to limit the processor so that the processor accesses only the portion of the flash memory and the system memory;
    Verifying the flash memory update program using the digital signature; And
    And updating the flash memory only when the flash memory update program is authenticated.
    [2" claim-type="Currently amended] The method of claim 1, wherein the loading comprises:
    Loading the flash memory update program with a set of addresses contained in the system memory having a start address and a length;
    Loading a reference register with the start address; And
    Loading a restriction register having the length.
    [3" claim-type="Currently amended] The method of claim 2, wherein the configuring step:
    Providing a memory access disable signal to the memory controller; And
    Setting a memory address window detector to generate a memory access enable signal to the memory controller.
    [4" claim-type="Currently amended] The method of claim 3, wherein the configuring step:
    Providing a cache access disable signal to the memory controller and the processor.
    [5" claim-type="Currently amended] The method of claim 1 wherein the verifying step:
    Decrypting the digital signature to obtain an initial hash value;
    Calculating an independent hash value for the flash memory update program; And
    Comparing the initial hash value with the independent hash value to determine a match.
    [6" claim-type="Currently amended] The method of claim 1, wherein said updating comprises:
    Setting a flash memory programming enable register to enable programming of the flash memory;
    Executing the flash memory update program.
    [7" claim-type="Currently amended] In a computer system having a processor, system memory, flash memory, and a memory controller,
    A first input of the processor, the memory controller, a first input of a first logic gate, and a first input of a second logic gate, the first logic gate having an output connected to the memory controller, the second logic gate being A memory address / window detector having a second input to receive a system memory access enable signal;
    The system memory, the memory controller, the flash memory, the memory address / window detector, an output of a third logic gate, and a first input of a fourth logic gate, the fourth logic gate enabling flash memory programming Memory window control having a second input to receive a signal;
    A system memory access enable register coupled to an output of the second logic gate, a second input of the first logic gate, and an input of the third logic gate;
    A flash memory programming enable register coupled to an output of the fourth logic gate; And
    And a flash memory programming circuit coupled to the flash memory programming enable register and to the flash memory.
    [8" claim-type="Currently amended] 8. The apparatus of claim 7, wherein the first logic gate is an OR gate.
    [9" claim-type="Currently amended] 8. The apparatus of claim 7, wherein the second logic gate is an AND gate.
    [10" claim-type="Currently amended] 8. The apparatus of claim 7, wherein the third logic gate is a NOT gate.
    [11" claim-type="Currently amended] 8. The apparatus of claim 7, wherein the fourth logic gate is an AND gate.
    [12" claim-type="Currently amended] 8. The apparatus of claim 7, wherein the system memory comprises a cache memory.
    [13" claim-type="Currently amended] 8. The apparatus of claim 7, wherein the memory window control comprises a set of registers.
    [14" claim-type="Currently amended] 14. The apparatus of claim 13, wherein the set of registers comprises a reference register and a limit register.
    类似技术:
    公开号 | 公开日 | 专利标题
    US9762399B2|2017-09-12|System and method for validating program execution at run-time using control flow signatures
    US10572689B2|2020-02-25|Method and apparatus for secure execution using a secure memory partition
    US10360411B2|2019-07-23|Secure processing unit systems and methods
    JP5670578B2|2015-02-18|Method and apparatus including architecture for protecting sensitive code and data
    DE112017004017T5|2019-05-02|Safe public cloud
    EP3367287B1|2020-06-03|Secure public cloud with protected guest-verified host control
    US9208356B2|2015-12-08|Semiconductor device including encryption section, semiconductor device including external interface, and content reproduction method
    US9842212B2|2017-12-12|System and method for a renewable secure boot
    JP5378460B2|2013-12-25|System and method for protected operating system boot using state verification
    KR101158184B1|2012-06-20|Protecting content on client platforms
    US8788840B2|2014-07-22|Secure processor
    US8335930B2|2012-12-18|Architecture, system, and method for operating on encrypted and/or hidden information
    US10685145B2|2020-06-16|Secure processor and a program for a secure processor
    JP4473330B2|2010-06-02|Initializing, maintaining, updating, and recovering secure operations within an integrated system using data access control functions
    JP5443599B2|2014-03-19|Method and apparatus for providing secure application execution
    US20140189371A1|2014-07-03|Method and apparatus for a trust processor
    US7480806B2|2009-01-20|Multi-token seal and unseal
    US8904552B2|2014-12-02|System and method for protecting data information stored in storage
    US5949882A|1999-09-07|Method and apparatus for allowing access to secured computer resources by utilzing a password and an external encryption algorithm
    DE102008021567B4|2018-03-22|Computer system with secure boot mechanism based on symmetric key encryption
    US8555089B2|2013-10-08|Program execution apparatus, control method, control program, and integrated circuit
    JP5175856B2|2013-04-03|Protection and method of flash memory block in secure device system
    DE69733123T2|2006-01-12|Method and device for preventing unauthorized writing access to a protected non-volatile memory
    JP3866597B2|2007-01-10|Internal memory tamper resistant processor and secret protection method
    DE69725833T2|2004-05-19|Secured two-part user authentication in a computer network
    同族专利:
    公开号 | 公开日
    GB2330228B|2001-02-28|
    US20020065978A1|2002-05-30|
    AU3644897A|1998-01-21|
    DE19781829C2|2001-02-22|
    GB2330228A|1999-04-14|
    WO1998000846A1|1998-01-08|
    DE19781829T1|1999-06-17|
    DE19781829T0|
    GB9828576D0|1999-02-17|
    US5778070A|1998-07-07|
    US6363463B1|2002-03-26|
    US6615355B2|2003-09-02|
    TW347515B|1998-12-11|
    CN1229513A|1999-09-22|
    CN1229513B|2010-06-02|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    法律状态:
    1996-06-28|Priority to US08/673,301
    1996-06-28|Priority to US8/673,301
    1996-06-28|Priority to US08/673,301
    1997-06-25|Application filed by 피터 엔. 데트킨, 인텔 코오퍼레이션
    2000-04-25|Publication of KR20000022308A
    2001-08-07|Application granted
    2001-08-07|Publication of KR100294829B1
    优先权:
    申请号 | 申请日 | 专利标题
    US08/673,301|US5778070A|1996-06-28|1996-06-28|Method and apparatus for protecting flash memory|
    US8/673,301|1996-06-28|
    US08/673,301|1996-06-28|
    [返回顶部]