`
`(12) United States Patent
`US 7,069,452 B1
`(10) Patent N0.:
`Hind et al.
`
`(45) Date of Patent: Jun. 27, 2006
`
`(54) METHODS, SYSTEMS AND COMPUTER
`PROGRAM PRODUCTS FOR SECURE
`FIRMWARE UPDATES
`
`(75)
`
`Inventors: John R. Hind, Raleigh, NC (US);
`Marcia Lambert Peters, Durham, NC
`(US)
`
`(73) Assignee:
`
`International Business Machines
`Corporation, Armonk, NY (US)
`
`( * ) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 1207 days.
`
`(21) Appl. N0.: 09/614,982
`
`(22)
`
`Filed:
`
`Jul. 12, 2000
`
`(51)
`
`Int. Cl.
`(2006.01)
`G06F 17/00
`(52) US. Cl.
`.......................... 713/200; 713/189; 713/1;
`713/2
`
`(58) Field of Classification Search ................ 703/200;
`713/172, 2007202, 1897194
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`........ 711/163
`6/1991 Bealkowski et al.
`5,022,077 A *
`3/1994 Holtey et al.
`..........
`. 713/193
`5,293,424 A *
`
`5,579,522 A * 11/1996 Christeson et al.
`.
`713/2
`5,844,986 A * 12/1998 Davis ......................... 713/187
`
`OTHER PUBLICATIONS
`
`“Introduction to Digtial Signal Processors”, Jun. 15, 1999,
`[Retrieved from the Internet Apr. 29, 2004], “http://www.
`ece.utexas.edu/~bevans/hp-dsp-seminar/01iintroduct-
`ion/”.*
`
`ANSI Standard X931. Digital Signatures Using Reversible
`Public Key Cryptography for the Financial Services Industry
`(rDSA), 1998.
`Schneier, Bruce, Applied Cryptography, Dec. 1995, pp.
`435-441 and 466-474.
`
`* cited by examiner
`
`Primary ExamineriDavid Jung
`(74) Attorney Agent, or FirmiMyers Bigel Sibley &
`Sajovec
`
`(57)
`
`ABSTRACT
`
`Methods, systems and computer program products which
`provide secure updates of firmware (i.e. data stored in a
`programmable memory device of a processing system) are
`disclosed. Updates of a programmable memory of a device
`may be controlled by providing an update window of finite
`duration during which the programmable memory may be
`updated. Access to the programmable memory may be based
`on the state of an access latch. The access latch may be set
`to allow access after a hardware reset of the device. An
`update control program may be executed to control access to
`the programmable memory and the latch reset to prevent
`access upon completion of the update control program.
`Verification of the update may be provided through encryp-
`tion techniques and rules incorporated in certificates for
`application of updates to provide for selectively updating
`devices. Also disclosed are methods of securely providing
`diifering functionality to generic devices.
`
`36 Claims, 12 Drawing Sheets
`
`Mm
`
`update
`avallabla’?
`
`yes
`402
`i
`Load update
`image In
`somehow
`memory
`404
`v
`Verify
`slgnemre In
`update Image
`wlh pubh’c key
`
`
`
`
`
`
`
`
`Slgnalure
`weaned?
`
`Intended for
`
`No—>
`
`4m!
`
`NO—>
`
`4m
`
`
`412
`Sal latch to
`disable
`updates
`
`
`
`Bose Exhibit 1019
`
`Bose V. Koss
`
`
`
`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 1 0f 12
`
`US 7,069,452 B1
`
`1_4
`
`Read Only Memory
`
` Memory Controller
`
` Programmable Memory
`E
`2
`fl Power On
`
` Access
`
`Latch Reset
`
`
`
`
` Processor
`
`Reset
`
`Figure 1
`
`
`
`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 2 0f 12
`
`US 7,069,452 B1
`
`IIO Data Ports
`
`Zfié
`
`Processor
`
`&
`
`Programmable
`Memory
`&
`
`w F
`
`Input Devices
`&
`
`Processing System
`
`igure 2
`
`
`
`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 3 0f 12
`
`US 7,069,452 B1
`
`Update
`Control
`Program
`&
`
`Public Key
`2%
`
`Read Only Memory
`m
`
`2E
`
`Processor
`&
`
`.
`Flrmware
`254
`—
`
`Configuration
`Data
`m
`
`Programmable Memory
`
`.
`Operating
`System
`2i
`
`E
`
`IIO Device
`Drivers
`E
`
`Update Image
`A39
`
`System Memory
`
`Figure 3
`
`
`
`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 4 0f 12
`
`US 7,069,452 B1
`
`300
`
`Power on reset
`asserted
`
`
`
`302
`
`Enable update
`of
`
`
`
`
`programmable
`memory
`
`Execute
`
`
`program in
`update ROM
`
`
`
`306 \
`
`
`~ o-mplet.
`
`
`YES
`
`pdate
`program
`
`
`
`304
`
`308
`
`Disable update
`ability of
`programmable
`
`memory
`
`Figure 4A
`
`
`
`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 5 0f 12
`
`US 7,069,452 B1
`
`306
`
`300
`
`302
`
`320
`
`304
`
`308
`
`322
`
`Power on reset
`asserted
`
`Enable update
`of
`
`
`programmable
`
`
`memory
`
`
`Enable access
`
`to Update
`ROM
`
`
`
`
`
`
`Execute
`
`program in
`Update ROM
`
`
`
`
`pdate
`program
`. . mplet- .
`
`
`YES
`
`Disable update
`ability of
`programmable
`memory
`
`ROM
`
`Disable access
`
`to Update
`
`Figure 4B
`
`
`
`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 6 0f 12
`
`US 7,069,452 B1
`
`Figure 5
`
`
`
`Load update
`image in
`scratchpad
`memory
`
`
`
`Verify
`signature in
`update image
`with public key
`
`Signature
`verified?
`
`
`
`NO
`
`intended for
`
`
`
`Set latch to
`disable
`updates
`
`
`
`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 7 0f 12
`
`US 7,069,452 B1
`
`450
`
`-
`F lg U re 6
`
`452
`
`NO
`
`Extract Public
`
`key from
`certificate and
`decrypt
`signature of
`next certificate
`
`YES
`
`Signature
`valid?
`
`
`Obtain
`signature and
`
`certificate
`chain from
`update image
`
`
`
`
`Decrypt
`signature with
`
`CA's public key
`
`
`
`; Ignatu -*
`present and
`
`valid?
`
`
`
`
`
`
`
`
`
`
` More
`
`
`ertificates’?
`
`
`Verify image
`signature with
`appropriate
`public key
`
`
`Exit update
`
`Perform
`and disable
`
`
`update with
`update of
`
`
`
`image
`memory
`
`
`
`470
`
`
`
`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 8 0f 12
`
`US 7,069,452 B1
`
`510
`
`.
`
`510
`
`510"
`
`Signature
`520
`-—
`
`Signature
`.
`g
`
`PUbl'c Key Of Me)“
`Level
`522
`
`Firmware Usage Rules
`524
`—
`
`PUbhc Key Of Next
`Level
`522.
`
`Firmware Usage Rules
`'
`52_4
`
`
`
`Signature
`520"
`
`PUbhc gage? Next
`522..
`
`Firmware Usage Rules
`524"
`
`Figure 7
`
`
`
`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 9 of 12
`
`US 7,069,452 B1
`
`600
`
`602
`
`604
`
`606
`
`608
`
`610
`
`612
`
`Start
`
`Develop firmware update for
`multiple systems/functions
`
`Sign firmware update image
`
`
`Provide update authority's
`
`certificate with any firmware
`
`
`update conditions in a
`certificate extension field(s)
`
`
`
`Provide brand certificate with
`any firmware update
`extensions and with the brand's
`
`public key
`
`Provide manufacturer's
`certificate with any firmware
`update extensions and with the
`manufacturer‘s public key
`
`certificate authority's public key
`
`Provide root certificate
`authority‘s certificate with the
`
`Distribute firmware update
`
`End
`
`Figure 8
`
`
`
`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 10 0f 12
`
`US 7,069,452 B1
`
`Obtain
`
`signature and
`Decrypt
`
`certificate
`signature with
`
`chain from
`CA's public key
`
`update image
`
`
`652
`
` 3 ignatur
`present and
`valid?
`
`
`
`
`Figure 9
`
`9
`
` Set flag to
`Update OK.
`YES
`update
`
`Extract Public
`
`key from
`N0
`certificate and
`decrypt
`signature of
`next certificate
`
`
`
`
`NO
`664
`
`
`YES
`'7
`Set flag to
`
`
`Update 0K.
`YES
`update
`
`666
`
`More
`
`ertificates”
`
`
`
`
`NO——————>
`
`
`
`
`
`676
`
`NO+
`
`
`
`Verify image
`
`
`
`Signature
`Signature With
`
`valid?
`appropriate
`
`public key
`
`Exit update
`
`Perform
`
`
`and disable
`
`update with
`
`
`update of
`
`image
`memory
`
`
`680
`
`
`
`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 11 0f 12
`
`US 7,069,452 B1
`
`
`
`
`Finn/are Update
`Repository
`1%
`
`
`
`Firmware Distribution
`
`£12
`
`
`
`Updateable Device
`m
`
`
`.799
`
`
`Updateable Device
`
`Figure 10
`
`
`
`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 12 0f 12
`
`US 7,069,452 B1
`
`710
`
`712
`
`714
`
`
`
` Distribute generic
`devices with functions
`
`
`
`
`
`
`defined by the firmware
`in the device and
`
`having a secure
`firmware update
`capability
`
`
`
`
`
`Distribute firmware
`
`
`
`updates to define the
`
`
`functions of the
`devices based on a
`
`
`device level
`authorization
`
`
`
`
`
`Apply device level
`firmware updates to the
`
`
`generic devices to
`provide differing levels
`
`
`of functionality for the
`devices
`
`
`
`Figure 11
`
`
`
`US 7,069,452 B1
`
`1
`METHODS, SYSTEMS AND COMPUTER
`PROGRAM PRODUCTS FOR SECURE
`FIRMWARE UPDATES
`
`RELATED APPLICATIONS
`
`The present application is related to commonly assigned
`and concurrently filed US. patent application Ser. No.
`09/614,983, entitled “METHODS, SYSTEMS AND COM-
`PUTER PROGRAM PRODUCTS FOR RULE BASED
`FIRMWARE UPDATES UTILIZING CERTIFICATE
`
`EXTENSIONS”, the disclosure of which is incorporated by
`reference as if set forth fully herein.
`
`FIELD OF THE INVENTION
`
`The present invention relates to data processing systems
`and more particularly to data processing systems having
`programmable memories.
`
`BACKGROUND OF THE INVENTION
`
`Many devices today make use of computational elements
`controlled by software instructions embedded in the device
`to give the device its functional personality. This software,
`often called firmware because of its persistent association
`with the device hardware operation, was historically placed
`in read-only memory (ROM) and was activated when the
`device was powered on. With time, it was recognized that
`firmware, like other forms of software, might be subject to
`coding mistakes and that over the lifetime of the device there
`was a need to modify the functional characteristics of the
`device, for example, to adapt it to a new target environment.
`This need to repair firmware coding errors and/or modify
`firmware functionality led to the use of field-programable
`random-access memory (RAM) as a repository for on-
`device firmware. This provided an easier means of modifi-
`cation than replacing ROM chips.
`As a result of this evolution, typically, firmware can be
`updated without physical hardware modification, using
`removable digital media or a network connection as the
`mechanism by which new firmware is communicated to the
`device. The extensive increase in network connectivity in
`recent years has resulted in an increase in the number of
`firmware-driven devices that allow personality updates.
`With the increasing number of update capable devices may
`come significant security problems. With the ubiquitous
`nature of firmware-driven devices, such security problems
`may extend to homes, businesses and other areas where such
`devices are utilized. For example, personal computers, pag-
`ers, cell phones, satellite receivers, set-top boxes, cable and
`DSL modems, routers, digital TVs, or even appliances like
`refrigerators, sewing machines, and ovens may all be sus-
`ceptible to such security problems.
`In a personal computer, firmware instructions are gener-
`ally referred to as a Basic Input-Output System (BIOS). A
`BIOS typically contains hardware diagnostics, code which
`initializes and enables/disables certain hardware features
`
`(for example boot from network, system board sound or
`display capability, memory parity, I/O bus speed, DMA,
`etc.), and instructions enabling the operating system and
`application programs to interface with the computer hard-
`ware. Parameters governing branches through the initializa-
`tion code to enable/disable or configure certain hardware
`features are often stored in battery-backed-up CMOS RAM.
`All of these instructions,
`typically, must be executed or
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`
`instantiated as an application program interface (API) suc-
`cessfully in order for the computer to boot.
`It is well known in the art that the hardware in which the
`
`firmware (e.g., PC BIOS) instructions reside may be a
`field-programmable ROM such as an EE-PROM or a Flash
`RAM. Such hardware designs are desirable in allowing the
`manufacturer to update the firmware after manufacture, for
`example, to enable new capabilities or fix problems. How-
`ever, storing the BIOS in a flash memory may also open new
`vulnerabilities
`that can be exploited by hackers. For
`example, some of the approximately 50,000 computer
`viruses known todayisuch as the Chernobyl virus (known
`as CIH and W95.CIH)7overwrite the BIOS with invalid
`instructions, completely disabling the computer and requir-
`ing physical replacement of the BIOS chip.
`However, security problems may extend beyond the mali-
`cious third parties attempting to damage devices in custom-
`ers’ hands. It is well known that many devices are built on
`generic hardware, where the sole difference between several
`models may be the sticker on the front panel, the firmware
`load in the resident flash, and the price. In such devices, a
`customer may, for example, change an inexpensive device
`into a more expensive device merely by updating the firm-
`ware. For example, a manufacturer of Compact Disk Read
`Write (CDRW) drive mechanisms recently began to receive
`service calls about its named brand $300 6><-write-speed
`drives which turned out to be $100 OEM 4><-write-speed
`drives with their named brand firmware update installed.
`Accordingly, manufacturers of devices that use easily
`updateable firmware may be faced with significant security
`problems that are complicated by situations where the
`device executes non-firmware application code, and/or the
`device owner is complicit in the hacking activity.
`
`SUMMARY OF THE INVENTION
`
`Embodiments of the present invention include methods,
`systems, computer program products and business methods
`which provide secure updates of firmware (i.e. data stored in
`a programmable memory device of a processing system).
`Such secure updates may be provided by controlling updates
`of a programmable memory of a device by providing an
`update window of finite duration during which the program-
`mable memory may be updated and allowing updates of the
`programmable memory only during the update window.
`Furthermore, the update window may be provided by allow-
`ing access to the programmable memory based on the state
`of an access latch. The access latch may be set to allow
`access to the programmable memory after a hardware reset
`of the device. An update control program, which may reside
`in Read Only Memory, may be executed to control access to
`the programmable memory and the latch reset to prevent
`access to the programmable memory upon completion of the
`update control program.
`In further embodiments of the present invention, access to
`a memory where the update control program resides may be
`allowed when the access latch allows access to the program-
`mable memory and prevented when the access latch pre-
`vents access to the programmable memory. Furthermore, it
`may be determined if an update of the programmable
`memory is available and, if so, the programmable memory
`may be updated. Such a determination of the availability of
`an update may be made by examining at least one of a local
`memory location, a local drive, a network drive and an input
`device status to determine if an update is available or by
`examining persistent status information.
`
`
`
`US 7,069,452 B1
`
`3
`The programmable memory may be updated by obtaining
`an update image containing update data to be written to the
`programmable memory, obtaining installation information
`from the update image and writing the update data to the
`programmable memory based on the installation informa-
`tion obtained from the update image. In particular embodi-
`ments of the present invention, the installation information
`may be an install program and the install program executed
`to write the update data to the programmable memory.
`In still further embodiments of the present invention, the
`programmable memory may be updated by loading an
`update image into a temporary workspace and updating the
`programmable memory from the loaded update image. Fur-
`thermore, existing data from the programmable memory
`may be stored so as to provide a backup copy of the data of
`the programmable memory. In such embodiments, it may be
`determined if the update of the programmable memory was
`successful and the contents of the programmable memory
`restored from the backup copy if the update of the program-
`mable memory was not successful.
`In yet additional embodiments of the present invention,
`the update control program may verify the authenticity of
`the update of the programmable memory. Such verification
`can be accomplished in various ways, for example by means
`of a shared secret, or by a public-key cryptosystem, or in
`other ways known to those with skill in the art. In certain
`embodiments, verification of the image may be accom-
`plished by including and checking a digital signature com-
`prising a hash of the image encrypted by the private key of
`an update authority. In addition to the signature, an X509
`certificate of the update authority may also be included with
`the distribution of the image. See CCITT Recommendation
`X509, “The Directory-Authentication Framework”, Con-
`sultation Committee,
`International Telephone and Tele-
`graph, Intemational Telecommunications Union, Geneva,
`1989. The verification of the signature may be provided by
`computing the hash over the image, decrypting the signature
`using the public key from the included certificate, and
`comparing the decrypted result with the computed hash
`value. If they are equal,
`the signature verification has
`succeeded. The control program then validates the update
`authority’s certificate by validating a signature contained
`therein, the signature having been created by the certificate
`authority signing the update authority’s certificate using the
`certificate authority’s private key. In a non-chained form,
`this validation may be provided by using a public key of the
`certificate authority that issued the update authority’s cer-
`tificate to decrypt the digital signature contained in the
`update authority’s certificate and comparing it against a
`computed hash of the update authority’s certificate. The
`certificate authority’s public key used to perform this vali-
`dation may be contained in the ROM image or in the current
`contents of the protected memory. In a more complex
`arrangement, the image would contain a chain of certificates
`that can be validated back to a certificate signed by the root
`certificate authority.
`In still further embodiments of the present invention, the
`update may include a plurality of certificates in a hierarchy
`of certificates. In such embodiments,
`the verification of
`authenticity may be accomplished by evaluating each of the
`plurality of certificates in the update image to determine if
`a valid digital signature is provided with each certificate of
`the update image. Such an evaluation may be accomplished
`by decrypting a digital signature of a certificate utilizing a
`public key associated with the certificate and comparing the
`decrypted digital signature with a predefined value to deter-
`mine if the digital signature is a valid digital signature
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`4
`
`associated with the certificate. A public key associated with
`another of the digital certificates may be obtained and thc
`decryption and comparison repeated utilizing the obtained
`public key associated with another of the digital certificates.
`This process may be repeated until a public key associated
`with a last of the digital certificates is obtained and the
`signature of the last digital certificate decrypted and com-
`pared.
`In additional embodiments of the present invention, appli-
`cation rules information may be obtained from an extension
`of at least one certificate associated with the update. The
`rules information obtained from a certificate may be evalu-
`ated and the programmable memory selectively updated
`based on the evaluation of the rules information obtained
`
`from the certificate. In particular, the rules information may
`be rules information associated with a manufacturer of the
`device, rules information associated with a brand of the
`device, rules information associated with a software version
`of the device, rules information associated with a license
`authorization of the device or rules associated with the
`individual device.
`
`In still further embodiments of the present invention, a
`system for controlling access to a programmable memory of
`a device may be provided. The system may include a latch
`and a memory controller configured to control read and
`write operations to the programmable memory and operably
`associated with the latch so as to allow write operations to
`the programmable memory when the latch is in a first state
`and to prevent write operations to the programmable
`memory when the latch is in a second state. A latch enable
`circuit may be configured to set the latch to the first state
`upon detecting a hardware reset of the device and set the
`latch to the second state upon completion of a memory
`update window.
`In particular embodiments of the present invention, the
`latch enable circuit may include a hardware reset circuit
`which generates a hardware reset of the device, a processor,
`and a read only memory operably associated with the
`processor and containing a program utilized to update the
`programmable memory, wherein the program is configured
`to set the latch to the second state. Furthermore, the pro-
`cessor may be configured to execute the program contained
`in the read only memory upon generation of the hardware
`reset of the device. In still further embodiments of the
`present invention, the program is configured to set the latch
`to the second state upon completion of execution of the
`program.
`In particular embodiments of the present invention, the
`processor comprises a digital signal processor.
`In still further embodiments of the present invention, the
`memory controller is further configured to allow read opera-
`tions of the read only memory when the latch is in the first
`state and prevent read operations of the memory when the
`latch is in the second state.
`
`In additional embodiments, a plurality of devices having
`differing functionality may be provided by providing a
`plurality of generic processing devices having hardware
`suitable to perform at least a portion of the differing func-
`tionality of the plurality of devices, wherein the generic
`processing devices also have a programmable memory and
`a read only memory. Updates to the programmable memory
`define the functionality of the generic processing devices so
`as to provide the plurality of devices having differing
`functionality. The programmable memories of the generic
`processing devices may be selectively updated utilizing an
`update program provided in the read only memories of the
`generic processing devices which verifies the authorization
`
`
`
`US 7,069,452 B1
`
`5
`of an update and selectively updates the programmable
`memory based on the verified authorization. Furthcrmorc,
`updates of the programmable memories of the generic
`processing devices other than by the update program may be
`prevented.
`In still further embodiments, access to the read only
`memory containing the update program may be prevented
`other than when an update of the programmable memory of
`the generic processing device is being performed. Further-
`more, the generic processing devices may include a digital
`signal processor. In such embodiments, the updates of the
`programmable memory may provide microcode for control-
`ling the operation of the digital signal processor.
`While the invention has been described above primarily
`with respect to method aspects of the invention, both sys-
`tems and/or computer program products are also provided.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 is a block diagram of a firmware update system
`according to embodiments of the present invention;
`FIG. 2 is a block diagram of a data processing system
`suitable for use with the present invention;
`FIG. 3 is a more detailed block diagram of data processing
`systems according to embodiments of the present invention;
`FIG. 4A is a flowchart illustrating opcrations according to
`embodiments of the present invention;
`FIG. 4B is a flowchart illustrating operations according to
`further embodiments of the present invention;
`FIG. 5 is a flowchart illustrating operations for perform-
`ing a firmware update according to embodiments of the
`present invention;
`FIG. 6 is a flowchart illustrating operations according to
`embodiments of the present
`invention utilizing crypto-
`graphic techniques to provide secure firmware updates;
`FIG. 7 is a block diagram of a certificate structure
`according to embodiments of the present invention;
`FIG. 8 is a flowchart illustrating operations for creating a
`firmware update according to embodiments of the present
`invention;
`FIG. 9 is a flowchart illustrating operations for perform-
`ing a firmware update utilizing a certificate structure such as
`described in FIG. 7;
`FIG. 10 is a block diagram of a firmware distribution
`system according to embodiments of the present invention;
`and
`
`FIG. 11 is a flowchart illustrating operations according to
`further embodiments of the present invention which may
`provide for methods of doing business according to embodi-
`ments of the present invention.
`
`DETAILED DESCRIPTION OF PREFERRED
`EMBODIMENTS
`
`The present invention now will be described more fully
`hereinafter with reference to the accompanying drawings, in
`which preferred embodiments of the invention are shown.
`This invention may, however, be embodied in many different
`forms and should not be construed as limited to the embodi-
`
`ments set forth herein; rather, these embodiments are pro-
`vided so that this disclosure will be thorough and complete,
`and will fully convey the scope of the invention to those
`skilled in the art.
`
`the
`As will be appreciated by one of skill in the art,
`present
`invention may be embodied as a method, data
`processing system, or computer program product. Accord-
`ingly, the present invention may take the form of an entirely
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`6
`hardware embodiment, an entirely software embodiment or
`an embodiment combining software and hardware aspects.
`Furthermore, the present invention may take the form of a
`computer program product on a computer-usable storage
`medium having computer-usable program code means
`embodied in the medium. Any suitable computer readable
`medium may be utilized including hard disks, CD-ROMs,
`optical storage devices, or magnetic storage devices.
`The computer-usable or computer-readable medium may
`be, for example but not limited to, an electronic, magnetic,
`optical, electromagnetic, infrared, or semiconductor system,
`apparatus, device, or propagation medium. More specific
`examples (a nonexhaustive list) of the computer-readable
`medium would include the following: an electrical connec-
`tion having one or more wires, a portable computer diskette,
`a random access memory (RAM), a read-only memory
`(ROM), an erasable programmable read-only memory
`(EPROM or Flash memory), an optical fiber, and a portable
`compact disc read-only memory (CD-ROM). Note that the
`computer-usable or computer-readable medium could even
`be paper or another suitable medium upon which the pro-
`gram is printed, as the program can be electronically cap-
`tured, via, for instance, optical scanning of the paper or other
`medium, then compiled, interpreted or otherwise processed
`in a suitable manner if necessary, and then stored in a
`computer memory.
`Computer program code for carrying out operations of the
`present
`invention may be written in an object oriented
`programming language such as Java®, Smalltalk or C++.
`However,
`the computer program code for carrying out
`operations of the present invention may also be written in
`conventional procedural programming languages, such as
`the “C” programming language or even assembly language.
`The program code may execute entirely on the user’s
`computer, partly on the user’s computer, as a stand-alone
`software package, partly on the user’s computer and partly
`on a remote computer or entirely on the remote computer. In
`the latter scenario, the remote computer may be connected
`to the user’s computer through a local area network (LAN)
`or a wide area network (WAN), or the connection may be
`made to an external computer (for example, through the
`Internet using an Internet Service Provider).
`The present invention is described below with reference
`to flowchart illustrations and/or block diagrams of methods,
`apparatus (systems) and computer program products accord-
`ing to embodiments of the invention. It will be understood
`that each block of the flowchart illustrations and/or block
`
`diagrams, and combinations of blocks in the flowchart
`illustrations and/or block diagrams, can be implemented by
`computer program instructions. These computer program
`instructions may be provided to a processor of a general
`purpose computer, special purpose computer, embedded
`processor or other programmable data processing apparatus
`to produce a machine, such that the instructions, which
`execute via the processor of the computer or other program-
`mablc data processing apparatus, crcatc means for imple-
`menting the functions specified in the flowchart and/or block
`diagram block or blocks.
`These computer program instructions may also be stored
`in a computer-readable memory that can direct a computer
`or other programmable data processing apparatus to function
`in a particular manner, such that the instructions stored in the
`computer-readable memory produce an article of manufac-
`ture including instruction means which implement the func-
`tion specified in the flowchart and/or block diagram block or
`blocks.
`
`
`
`US 7,069,452 B1
`
`7
`The computer program instructions may also be loaded
`onto a computer or other programmable data processing
`apparatus to cause a series of operational steps to be per-
`formed on the computer or other programmable apparatus to
`produce a computer implemented process such that
`the
`instructions which execute on the computer or other pro-
`grammable apparatus provide steps for implementing the
`functions specified in the flowchart and/or block diagram
`block or blocks.
`
`As is described in more detail below, embodiments of the
`present invention may provide secure firmware updates by
`providing a window in which firmware updates may be
`provided. Such a window may be provided by a latch or
`other such device which may be set to allow update access
`to the programmable memory device(s) where the firmware
`to be updated resides and which may be set to prevent update
`access to the programmable memory device(s). Further-
`more, some or all of the program which performs the
`firmware update may be stored in a Read Only Memory
`(ROM) of the processing system and the program may set
`the latch to prevent updates of the programmable memory
`device(s) upon completion of the update program. Update
`systems according to embodiments may, for example, be
`incorporated into a boot sequence of a processing device to
`provide secure firmware update capabilities. Additional
`embodiments of the present invention may utilize crypto-
`graphic techniques to further increase the security of the
`firmware update. Various embodiments of the present inven-
`tion will now be described with reference to FIGS. 1 through
`11.
`
`Referring now to FIG. 1, a finnware update system
`according to embodiments of the present invention is illus-
`trated. As is seen in FIG. 1, a processor 10, such as a general
`purpose microprocessor, a digital signal processor or a
`specific purpose processor has associated with it a latch 18
`which defines a state of access permissions to a program-
`mable memory 14 and/or a read only memory (ROM) 16.
`Such access may be controlled by a memory controller 12 or
`other such device which allows the processor 10 to access
`the programmable memory 14 and the read only memory 16.
`In particular, the programmable memory 14 may be flash
`RAM or other programmable memory which may contain
`firmware, such as a BIOS program or other such firmware,
`which may provide the basic functionality of the device
`incorporating the processor 10. The processor 10 may access
`the programmable memory 14 through the memory control-
`ler 12 to execute instructions stored in the programmable
`memory 14 or to update the contents of the programmable
`memory 14. The processor 10 may also access the ROM 16
`to execute a firmware update program stored in the ROM 16.
`In operation, the processor 10 receives a hardware reset
`signal, such as the power on reset signal illustrated in FIG.
`1, which causes the processor 10 to reset its registers and
`being execution of a program from a predefined memory
`location. Thus, the latch 18 can be set into an initial state by
`a hardware reset, which is the means to return the processor
`10 to a known non-debug state executing a specific instruc-
`tion stream (e.g. the instruction stream stored in the ROM
`16). In particular embodiments of the present invention, the
`predefined memory location corresponds to a memory loca-
`tion in the ROM 16. In addition to resetting the processor 10,
`the reset signal also sets the latch 18 to a state which
`instructs the memory controller 12 to allow access to the
`ROM 16 (i.e., read operations) and to allow updates (i.e.
`write operations) to the programmable memory 14. Thus, for
`example, when the “Q” of the latch 18 is a logical “l” the
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`8
`memory controller 12 may allow reads of the ROM 16 and
`writes to the programmable memory 14.
`As is further illustrated in FIG. 1, an output of the
`processor 10 may also be provided to reset the latch 18 so
`as to prevent updates of the programmable memory 14 and
`optionally prevent read operations to the ROM 16. Thus,
`when the firmware update program executed from the ROM
`16 is concluding it may activate the access latch reset output
`of the processor 10 to