Title:
TECHNIQUES FOR COORDINATING DEVICE BOOT SECURITY
Document Type and Number:
WIPO Patent Application WO/2017/107122
Kind Code:
A1
Abstract:
Techniques for providing and maintaining protection of firmware routines that form part of a chain of trust through successive processing environments. An apparatus may include a first processor component (550); a volatile storage (562) coupled to the first processor component; an enclave component to, in a pre-OS operating environment, generate a secure enclave within a portion of the volatile storage to restrict access to a secured firmware loaded into the secure enclave; a first firmware driver (646) to, in the pre-OS operating environment, provide a first API to enable unsecured firmware to call a support routine of the secured firmware from outside the secure enclave; and a second firmware driver (647) to, in an OS operating environment that replaces the pre-OS operating environment, provide a second API to enable an OS of the OS operating environment to call the support routine from outside the secure enclave.
Inventors:
YAO JIEWEN (CN)
ZIMMER VINCENT J (US)
LI WEI (CN)
POORNACHANDRAN RAJESH (US)
MUDUSURU GIRI P (US)
ZIMMER VINCENT J (US)
LI WEI (CN)
POORNACHANDRAN RAJESH (US)
MUDUSURU GIRI P (US)
Application Number:
PCT/CN2015/098651
Publication Date:
June 29, 2017
Filing Date:
December 24, 2015
Export Citation:
Assignee:
INTEL CORP (US)
YAO JIEWEN (CN)
ZIMMER VINCENT J (US)
LI WEI (CN)
POORNACHANDRAN RAJESH (US)
MUDUSURU GIRI P (US)
YAO JIEWEN (CN)
ZIMMER VINCENT J (US)
LI WEI (CN)
POORNACHANDRAN RAJESH (US)
MUDUSURU GIRI P (US)
International Classes:
G06F21/57
Domestic Patent References:
WO2015165000A1 | 2015-11-05 |
Foreign References:
CN102081534A | 2011-06-01 | |||
EP2141625B1 | 2015-10-07 | |||
US20040073806A1 | 2004-04-15 |
Attorney, Agent or Firm:
CHINA PATENT AGENT (H.K.) LTD. (CN)
Download PDF: