公开(公告)号：US20210081117A1

公开(公告)日：2021-03-18

申请号：US16980890

申请日：2018-06-07

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Wei Ze Liu ,  Christopher H. Stewart ,  Rosilet Retonamoni Braduke

IPC: G06F3/06 ,  G06F21/78

Abstract: In example implementations, an apparatus is provided. The apparatus includes a controller, a memory protection policy, an electrically isolated memory, and a non-volatile memory. The memory protection policy includes an allowable write function. The electrically isolated memory is to store code executable by the controller to execute a requested write function based on the set of memory protections. The non-volatile memory is in communication with the controller. The requested write function is to be executed in the non-volatile memory when the requested write function matches the allowable write function.

公开(公告)号：US20230367860A1

公开(公告)日：2023-11-16

申请号：US17745593

申请日：2022-05-16

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Christopher H. Stewart

IPC: G06F21/33 ,  G06F21/64 ,  G06F21/57

CPC classification number: G06F21/33 ,  G06F21/64 ,  G06F21/572

Abstract: Examples of electronic devices are described herein. In some examples, an electronic device includes an operating system (OS). In some examples, the electronic device includes a basic input/output system (BIOS). In some examples, the electronic device includes an OS certificate store. In some examples, the electronic device includes a processor to load a certificate from the BIOS. In some examples, the OS certificate store is bypassed during the loading of the certificate. In some examples, the processor is to execute a program in the OS to verify signed instructions based on the certificate.

公开(公告)号：US11418335B2

公开(公告)日：2022-08-16

申请号：US17052367

申请日：2019-02-01

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Rosilet Retnamoni Braduke ,  Baraneedharan Anbazhagan ,  Christopher H. Stewart

IPC: G06F21/78 ,  H04L9/08 ,  H04L9/32 ,  G06F21/70

Abstract: In some examples, a device includes a memory, a processor, and a controller separate from the processor to derive a security credential based on information comprising a key accessible by the controller. The controller communicates the derived security credential in a secure manner to a program code executable on the processor, and uses the derived security credential to protect data stored in the memory against unauthorized access.

公开(公告)号：US09904543B2

公开(公告)日：2018-02-27

申请号：US14923040

申请日：2015-10-26

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Christopher H. Stewart ,  Mason Gunyuzlu

IPC: G06F9/44

CPC classification number: G06F8/71

Abstract: A build indicator is set in a build environment to a set value for building a program code, the set value selected from a first value indicating that a feature of the program code is enabled, and a second value indicating that the feature is disabled. In response to the set value of the build indicator being the first value, a variable is set to a value indicating that the feature is enabled. The program code is built using the value of the variable.

公开(公告)号：US20220027074A1

公开(公告)日：2022-01-27

申请号：US17296526

申请日：2019-02-11

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Christopher H. Stewart ,  Valiuddin Ali

IPC: G06F3/06 ,  G06F8/61 ,  G06F8/654

Abstract: According to examples, an apparatus may include a processor that may delete portions of firmware instructions responsive to an indication that the portions should be disabled. To facilitate the foregoing, the firmware instructions may be deployed in a segmented architecture stored in respective regions of a storage device. The regions may include a metadata region, a main region, and excludable regions. The metadata region may store metadata that describes the structure of the firmware instructions and/or the various other regions. The main region may store core firmware instructions that may not be deleted. Each excludable region may store respective excludable firmware instructions. Each excludable firmware instructions may be associated with a flag that indicates whether or not the instructions should be disabled. If so, the corresponding excludable region in the storage device is identified and the contents may be removed, permanently disabling the excludable firmware instructions that were stored there.

公开(公告)号：US20210359854A1

公开(公告)日：2021-11-18

申请号：US17052367

申请日：2019-02-01

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Rosilet Retnamoni Braduke ,  Baraneedharan Anbazhagan ,  Christopher H. Stewart

IPC: H04L9/08 ,  H04L9/32

Abstract: In some examples, a device includes a memory, a processor, and a controller separate from the processor to derive a security credential based on information comprising a key accessible by the controller. The controller communicates the derived security credential in a secure manner to a program code executable on the processor, and uses the derived security credential to protect data stored in the memory against unauthorized access.

公开(公告)号：US10585665B2

公开(公告)日：2020-03-10

申请号：US15861403

申请日：2018-01-03

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Christopher H. Stewart ,  Mason Gunyuzlu

IPC: G06F8/71

Abstract: A build indicator is set in a build environment to a set value for building a program code, the set value selected from a first value indicating that a feature of the program code is enabled, and a second value indicating that the feature is disabled. In response to the set value of the build indicator being the first value, a variable is set to a value indicating that the feature is enabled. The program code is built using the value of the variable.

公开(公告)号：US12032949B2

公开(公告)日：2024-07-09

申请号：US17296526

申请日：2019-02-11

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Christopher H. Stewart ,  Valiuddin Ali

IPC: G06F8/654 ,  G06F8/61

CPC classification number: G06F8/654 ,  G06F8/62

Abstract: According to examples, an apparatus may include a processor that may delete portions of firmware instructions responsive to an indication that the portions should be disabled. To facilitate the foregoing, the firmware instructions may be deployed in a segmented architecture stored in respective regions of a storage device. The regions may include a metadata region, a main region, and excludable regions. The metadata region may store metadata that describes the structure of the firmware instructions and/or the various other regions. The main region may store core firmware instructions that may not be deleted. Each excludable region may store respective excludable firmware instructions. Each excludable firmware instructions may be associated with a flag that indicates whether or not the instructions should be disabled. If so, the corresponding excludable region in the storage device is identified and the contents may be removed, permanently disabling the excludable firmware instructions that were stored there.

公开(公告)号：US20220121748A1

公开(公告)日：2022-04-21

申请号：US17288546

申请日：2019-07-03

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Baraneedharan Anbazhagan ,  Christopher H. Stewart ,  Richard Bramley

IPC: G06F21/57 ,  G06F21/62 ,  G06F21/60

Abstract: According to examples, an apparatus may include a memory storing a firmware and a processor. The processor may receive a request to modify the firmware, in which the request may be associated with a first credential. The processor may also determine, based on the first credential, whether modification of the firmware is authorized and based on a determination that modification of the firmware is authorized, display a set of defined functionalities for the firmware that are authorized to be modified. The processor may further receive a modification to a functionality in the set of defined functionalities that are authorized to be modified and may apply the received modification to the functionality.

公开(公告)号：US20180129496A1

公开(公告)日：2018-05-10

申请号：US15861403

申请日：2018-01-03

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Christopher H. Stewart ,  Mason Gunyuzlu

IPC: G06F8/71

CPC classification number: G06F8/71

Abstract: A build indicator is set in a build environment to a set value for building a program code, the set value selected from a first value indicating that a feature of the program code is enabled, and a second value indicating that the feature is disabled. In response to the set value of the build indicator being the first value, a variable is set to a value indicating that the feature is enabled. The program code is built using the value of the variable.