公开(公告)号：US20180373900A1

公开(公告)日：2018-12-27

申请号：US15771348

申请日：2016-02-19

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Dallas M Barlow ,  Stanley Hyojun Park ,  Christopher H Stewart ,  Baraneedharan Anbazhagan ,  Scott B Marcak ,  Richard A Bramley, JR.

IPC: G06F21/78 ,  H04L9/32 ,  G06F21/57

Abstract: A computer system includes an independent compute core; and an isolated secure data storage device to store data accessible only to the independent compute core. The independent compute core is to open an Application Program Interface (API) during runtime of the computer system in response to receiving a verified message containing secure data to be written to the secure data storage device.

公开(公告)号：US11537757B2

公开(公告)日：2022-12-27

申请号：US15771348

申请日：2016-02-19

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Dallas M Barlow ,  Stanley Hyojun Park ,  Christopher H Stewart ,  Baraneedharan Anbazhagan ,  Scott B Marcak ,  Richard A Bramley, Jr.

IPC: G06F21/78 ,  H04L9/32 ,  G06F21/57

Abstract: A computer system includes an independent compute core; and an isolated secure data storage device to store data accessible only to the independent compute core. The independent compute core is to open an Application Program Interface (API) during runtime of the computer system in response to receiving a verified message containing secure data to be written to the secure data storage device.

公开(公告)号：US10296353B2

公开(公告)日：2019-05-21

申请号：US15749468

申请日：2016-01-25

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Wei Ze Liu ,  Jeffrey Kevin Jeansonne ,  Dallas M Barlow

IPC: G06F9/4401 ,  G06F21/57 ,  G06F21/52 ,  G06F21/55

Abstract: A method of protecting basic input/output system (BIOS) code. The method includes, with a relocation information tool executed by a processor, refactoring a number of data sections within a number of handlers of the BIOS code to tag a number of variables within the handlers. The tags indicate which of the variables should be protected at runtime. The method further includes generating a relocation file comprising a number of relocation addresses identifying locations of a number of dynamic variables that change at runtime. The relocation addresses point to a location within the handlers different from an original location. The method further includes, with a loader, loading at runtime the relocation file as part of a BIOS firmware image and adjusting data access to the dynamic variables in handler code to identify the location of the dynamic variables based on the relocation file.

公开(公告)号：US10268822B2

公开(公告)日：2019-04-23

申请号：US15516490

申请日：2014-12-01

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Christopher H Stewart ,  Venkatesh Yarraguntla ,  Dallas M Barlow

IPC: G06F21/57 ,  G06F9/4401 ,  G06F11/36 ,  G06F21/44

Abstract: According to one example for verifying firmware module execution privilege, a firmware is booted on a processor. At least one firmware module in the firmware marked as a test module is identified, and verification with a production public key of metadata associated with the firmware is attempted. In an example, in the event that the metadata verifies successfully with the production public key, the firmware boot is halted when the processor determines that access to a video interface is available, and a user is alerted that a test module has attempted execution in a production firmware.