-
1.发明申请Method for Protecting a Privilege Level of System Management Mode of a Computer System 有权保护计算机系统管理模式特权级别的方法公开(公告)号:US20110078408A1
公开(公告)日:2011-03-31
申请号:US12874622
申请日:2010-09-02
IPC分类号: G06F12/08 , G06F15/177
CPC分类号: G06F21/572 , G06F21/74 , G06F2221/2105
摘要: A method for protecting a privilege level of a system management mode (SMM) of a computer system is disclosed. A SMM program is loaded into a special memory (SMRAM) area within a system memory of a computer. A first program, a second program, and a vector table are loaded into a general area of the system memory. Before the booting process of the computer has been completed, a reference hash value of the first program is determined by the SMM program, and the reference hash value is stored in the SMRAM area. A hash value of the first program is the computed by the SMM program. After the computer has been operating under an operating environment of an operating system, the computed hash value is compared to the reference hash value. When the computed hash value matches the reference hash value, the first program is called by the SMM program.
摘要翻译: 公开了一种用于保护计算机系统的系统管理模式(SMM)的特权级别的方法。 SMM程序被加载到计算机的系统存储器内的特殊存储器(SMRAM)区域中。 第一程序,第二程序和向量表被加载到系统存储器的一般区域中。 在计算机的引导过程完成之前,由SMM程序确定第一程序的参考散列值,并将参考散列值存储在SMRAM区域中。 第一个程序的哈希值是由SMM程序计算的。 在计算机在操作系统的操作环境下操作之后,将所计算的散列值与参考散列值进行比较。 当计算的散列值与引用散列值匹配时,第一个程序由SMM程序调用。
-
2.发明授权Method for protecting a privilege level of system management mode of a computer system 有权保护计算机系统的系统管理模式的特权级别的方法公开(公告)号:US08694794B2
公开(公告)日:2014-04-08
申请号:US12874622
申请日:2010-09-02
IPC分类号: G06F12/08 , G06F15/177
CPC分类号: G06F21/572 , G06F21/74 , G06F2221/2105
摘要: A method for protecting a privilege level of a system management mode (SMM) of a computer system is disclosed. A SMM program is loaded into a special memory (SMRAM) area within a system memory of a computer. A first program, a second program, and a vector table are loaded into a general area of the system memory. Before the booting process of the computer has been completed, a reference hash value of the first program is determined by the SMM program, and the reference hash value is stored in the SMRAM area. A hash value of the first program is the computed by the SMM program. After the computer has been operating under an operating environment of an operating system, the computed hash value is compared to the reference hash value. When the computed hash value matches the reference hash value, the first program is called by the SMM program.
摘要翻译: 公开了一种用于保护计算机系统的系统管理模式(SMM)的特权级别的方法。 SMM程序被加载到计算机的系统存储器内的特殊存储器(SMRAM)区域中。 第一程序,第二程序和向量表被加载到系统存储器的一般区域中。 在计算机的引导过程完成之前,由SMM程序确定第一程序的参考散列值,并将参考散列值存储在SMRAM区域中。 第一个程序的哈希值是由SMM程序计算的。 在计算机在操作系统的操作环境下操作之后,将所计算的散列值与参考散列值进行比较。 当计算的散列值与引用散列值匹配时,第一个程序由SMM程序调用。
-
公开(公告)号:US07424611B2
公开(公告)日:2008-09-09
申请号:US10378394
申请日:2003-03-03
申请人: Akira Hino , Eitaroh Kasamatsu , Akiyoshi Tanaka
发明人: Akira Hino , Eitaroh Kasamatsu , Akiyoshi Tanaka
IPC分类号: H04L9/00
CPC分类号: G06F21/31 , G06F2221/2103 , G06F2221/2137
摘要: Preventing malicious code from reading an authenticator and being falsely authenticated using the read authenticator. Authenticator accepting period detection means detects an authenticator accepting period during which inoperativeness of all unauthenticated programs is guaranteed. Program executing means transmits its authenticator only during the authenticator accepting period. After authentication means is authenticated as genuine, the authentication means computes a one-way function value of the authenticator received from the program executing means and compares the one-way function value X with a stored value Y for the program executing means. If X=Y, then the authentication means authenticates the program executing means.
摘要翻译: 防止恶意代码读取认证器,并使用读取认证器进行虚假认证。 验证器接收周期检测装置检测认证器接收期间,在此期间保证所有未认证程序的不能操作。 程序执行装置仅在认证器接收期间才发送其认证器。 在认证装置被认证为真实认证之后,认证装置计算从程序执行装置接收到的认证器的单向功能值,并将单向功能值X与程序执行装置的存储值Y进行比较。 如果X = Y,则验证装置验证程序执行装置。
-
4.发明授权Expansion unit setup control method that allocates predetermined I/O resources not currently used in processing and later deallocates said I/O resources upon completion of setup 失效扩展单元设置控制方法,其分配处理中当前未使用的预定I / O资源,并且在完成设置之后释放所述I / O资源公开(公告)号:US06704808B2
公开(公告)日:2004-03-09
申请号:US09781282
申请日:2001-02-13
申请人: Eitaroh Kasamatsu , Seiichi Kawano
发明人: Eitaroh Kasamatsu , Seiichi Kawano
IPC分类号: G06F124
CPC分类号: G06F3/0607 , G06F1/1632 , G06F3/0631 , G06F3/0632 , G06F3/0676 , G06F9/4411 , G06F13/4027 , G06F21/31
摘要: An expansion unit control method for use with an expansion control unit containing at least one device, includes allocating a predetermined input/output (I/O) resource, ensured not to be used in processing, to the at least one device as an I/O resource used for sending and receiving information, performing a predetermined process for the at least one device by sending and receiving information to and from the at least one device through the predetermined I/O resource, and deallocating the predetermined I/O resource allocated to the at least one device.
摘要翻译: 一种与包含至少一个设备的扩展控制单元一起使用的扩展单元控制方法,包括:将确保不被用于处理的预定输入/输出(I / O)资源分配给所述至少一个设备作为I / O资源,用于通过经由预定的I / O资源发送和从至少一个设备接收信息,对所述至少一个设备执行预定的处理,并且将所分配的预定I / O资源 所述至少一个设备。
-
5.发明授权Method, apparatus and program for user-determined operational state of a portable computer prior to detachment 有权在拆卸之前便携式计算机的用户确定的操作状态的方法,装置和程序公开(公告)号:US07093142B2
公开(公告)日:2006-08-15
申请号:US10337674
申请日:2003-01-07
IPC分类号: G06F1/26
CPC分类号: G06F9/4418
摘要: The present invention facilitates the operational management and usability of a portable computing device by providing an apparatus, method and program product to allow a user to select the operational and power state of a device operably connected with a computer and the power state of the computer prior to removing the computer from an apparatus such as a docking station.
摘要翻译: 本发明通过提供一种装置,方法和程序产品来便于便携式计算设备的操作管理和可用性,以允许用户选择与计算机可操作地连接的设备的操作和功率状态以及计算机的电源状态 以从诸如对接站的设备移除计算机。
-
6.发明申请Allowing or disallowing firmware upgrade based on comparison of firmware-related bits 审中-公开根据固件相关位的比较,允许或禁止固件升级公开(公告)号:US20060136710A1
公开(公告)日:2006-06-22
申请号:US11020595
申请日:2004-12-22
申请人: Kenji Oka , Eitaroh Kasamatsu , Shinji Ohishi
发明人: Kenji Oka , Eitaroh Kasamatsu , Shinji Ohishi
IPC分类号: G06F1/24
CPC分类号: G06F8/65
摘要: A first series of bits corresponds to compatibility information of firmware of a computer system. Each bit corresponds to an attribute of the firmware or the system, is equal to one when the attribute denotes a potential incompatibility factor as to the attribute, and is otherwise equal to zero. A second series of bits corresponds to a firmware image with which the firmware is to be upgraded. Each bit indicates whether the firmware image is compatible with the attribute of a corresponding first series bit, is equal to one where the firmware image is compatible with the attribute, and is otherwise equal to zero. A logical AND operation is performed on the first and the second series of bits. Where the result of the logical AND operation is equal to the first series of bits, the firmware is allowed to be upgraded with the image, and otherwise is disallowed.
摘要翻译: 第一系列位对应于计算机系统的固件的兼容性信息。 每个位对应于固件或系统的属性,当该属性表示与属性有潜在的不兼容性因素时相等于1,否则等于零。 第二系列位对应于要升级固件的固件映像。 每个位指示固件图像是否与对应的第一个串行位的属性兼容,等于固件映像与属性兼容的属性,否则等于零。 对第一和第二比特序列执行逻辑“与”运算。 在逻辑与运算结果等于第一个比特位的情况下,允许使用该图像升级固件,否则不允许。
-
-
-
-
-
搜索结果
6 条记录 (耗时 0.019 秒)
