Abstract: Embodiments of techniques and systems for out-of-band verification of host OS components are described. In embodiments, a out-of-band host OS boot sequence verification system (“BSVS”) may access system memory without detection by a host OS process, or “out of band.” The BSVS may access host OS components in the system memory and may generate signatures from memory footprints of the host OS components. These signatures may then be compared to trusted signatures to verify integrity of the host OS components. In embodiments, this verification may be performed during a boot of a host OS or on demand. In embodiments, the trusted signatures may be pre-stored by the BSVS before a boot; in some embodiments, the trusted signatures may be previously-computed and then stored by the BSVS. Other embodiments may be described and claimed.

Abstract: Embodiments of techniques and systems for out-of-band verification of host OS components are described. In embodiments, a out-of-band host OS boot sequence verification system (“BSVS”) may access system memory without detection by a host OS process, or “out of band.” The BSVS may access host OS components in the system memory and may generate signatures from memory footprints of the host OS components. These signatures may then be compared to trusted signatures to verify integrity of the host OS components. In embodiments, this verification may be performed during a boot of a host OS or on demand. In embodiments, the trusted signatures may be pre-stored by the BSVS before a boot; in some embodiments, the trusted signatures may be previously-computed and then stored by the BSVS. Other embodiments may be described and claimed.

Abstract: An embodiment may include a storage processor that may be comprised, at least in part, in a host. The host may include at least one host central processing unit (CPU) to execute at least one host operating system (OS). The storage processor may execute at least one operation in isolation from interference from and control by the at least one host CPU and the at least one host OS. The at least one operation may facilitate, at least in part: (1) prevention, at least in part, of unauthorized access to storage, (2) prevention, at least in part, of execution by the at least one host CPU of at least one unauthorized instruction, (3) detection, at least in part, of the at least one unauthorized instruction, and/or (4) remediation, at least in part, of at least one condition associated, at least in part, with the at least unauthorized instruction.

Abstract: An embodiment may include a storage processor that may be comprised, at least in part, in a host. The host may include at least one host central processing unit (CPU) to execute at least one host operating system (OS). The storage processor may execute at least one operation in isolation from interference from and control by the at least one host CPU and the at least one host OS. The at least one operation may facilitate, at least in part: (1) prevention, at least in part, of unauthorized access to storage, (2) prevention, at least in part, of execution by the at least one host CPU of at least one unauthorized instruction, (3) detection, at least in part, of the at least one unauthorized instruction, and/or (4) remediation, at least in part, of at least one condition associated, at least in part, with the at least unauthorized instruction.

Abstract: Embodiments of techniques and systems for out-of-band verification of host OS components are described. In embodiments, a out-of-band host OS boot sequence verification system (“BSVS”) may access system memory without detection by a host OS process, or “out of band.” The BSVS may access host OS components in the system memory and may generate signatures from memory footprints of the host OS components. These signatures may then be compared to trusted signatures to verify integrity of the host OS components. In embodiments, this verification may be performed during a boot of a host OS or on demand. In embodiments, the trusted signatures may be pre-stored by the BSVS before a boot; in some embodiments, the trusted signatures may be previously-computed and then stored by the BSVS. Other embodiments may be described and claimed.

Abstract: A modular BIOS update mechanism provides a standardized method to update options ROMs and to provide video and processor microcode upgrades in a computer system without requiring a complete replacement of the system BIOS. The MBU mechanism provides several advantages. First, new features and BIOS bugs from earlier release may be delivered to an installed base of end-user systems even if direct OEM support cannot be identified. Also, BIOS components may be provided as a validated set of revisions. With resort to a validation matrix, BIOS updates may be managed easily. The modular BIOS update is particularly useful in systems having several independent BIOS's stored within unitary firmware.

Abstract: Embodiments include monitoring a computing system to determine whether firmware of the computing system is corrupted, hung up, or requires automatic update. The computing system may then request firmware update data over a network. Moreover, the computing system may include a controller with capability to determine whether the firmware is corrupted or hung and request and receive firmware update data over a network. In addition, the controller may have the capability operate when the firmware is corrupted or hung up, if the processor is held up, and if the operating system is halted, hung up, or soft-off. In addition, if the controller detects that the firmware is corrupted or hung up, the controller may halt the processor while updating the firmware.

Abstract: A modular BIOS update mechanism provides a standardized method to update options ROMs and to provide video and processor microcode upgrades in a computer system without requiring a complete replacement of the system BIOS. The MBU mechanism provides several advantages. First, new features and BIOS bugs from earlier release may be delivered to an installed base of end-user systems even if direct OEM support cannot be identified. Also, BIOS components may be provided as a validated set of revisions. With resort to a validation matrix, BIOS updates may be managed easily. The modular BIOS update is particularly useful in systems having several independent BIOS's stored within unitary firmware.

Abstract: Methods of allocating, writing, reading, de-allocating, re-allocating, and reclaiming space within a nonvolatile memory having a bifurcated storage architecture are described. A method of reliably re-allocating a first object includes the step of storing a location of a first object in a first data structure. A location of the first data structure is stored in a second data structure. A duplicate of the first object is formed by initiating a copy of the first object. An erase of the first object is initiated. A write of a second object to the location of the first object is then initiated. The duplicate object is invalidated. The status of copying, erasing, and writing is tracked. The copy status, erase status, write status, and a restoration status are used to determine a recovery state upon initialization of the nonvolatile memory. The duplicate object is invalidated, if the writing status indicates that the writing of the second object has been completed.

Abstract: A value for a first counter is maintained. A value for a second counter based on a content of a non-volatile memory is maintained. Updates to the value for the first counter and to the value for the second counter are controlled.

Abstract: A protected boot sequence in a computer system. A reset vector directs the system to a boot program including a protected program. This protected program verifies the integrity of the BIOS contents before branching to the BIOS for execution of normal bootstrap functions. The protected program can also lock down various blocks of bootstrap code to prevent them from being changed after a certain point in the boot sequence. The protected boot sequence can proceed in layers, with each layer providing some level of validation or security for succeeding layers.

Abstract: Methods of allocating, writing, reading, de-allocating, re-allocating, and reclaiming space within a nonvolatile memory having a bifurcated storage architecture are described. A method of reliably re-allocating a first object includes the step of storing a location of a first object in a first data structure. A location of the first data structure is stored in a second data structure. A duplicate of the first object is formed by initiating a copy of the first object. An erase of the first object is initiated. A write of a second object to the location of the first object is then initiated. The duplicate object is invalidated. The status of copying, erasing, and writing is tracked. The copy status, erase status, write status, and a restoration status are used to determine a recovery state upon initialization of the nonvolatile memory. The duplicate object is invalidated, if the writing status indicates that the writing of the second object has been completed.

Abstract: Methods of allocating, writing, reading, de-allocating, re-allocating, and reclaiming space within a nonvolatile memory having a bifurcated storage architecture are described. A method of reliably re-allocating a first object includes the step of storing a location of a first object in a first data structure. A location of the first data structure is stored in a second data structure. A duplicate of the first object is formed by initiating a copy of the first object. An erase of the first object is initiated. A write of a second object to the location of the first object is then initiated. The duplicate object is invalidated. The status of copying, erasing, and writing is tracked. The copy status, erase status, write status, and a restoration status are used to determine a recovery state upon initialization of the nonvolatile memory. The duplicate object is invalidated, if the writing status indicates that the writing of the second object has been completed.

Abstract: Methods of reliably allocating, writing, reading, de-allocating, re-allocating, and reclaiming space within a nonvolatile memory having a bifurcated storage architecture are described. Allocation, writing, reading, de-allocating, re-allocating, and reclamation are handled by a memory manager. The memory manager tracks the progress of each process during execution in order to detect whether a selected process was interrupted for purposes of recovery. The nonvolatile memory is recovered to a known state during initialization. Initialization includes the step of determining a recovery state from a recovery state lookup table. A selected recovery process is selected in accordance with the recovery state lookup table. A restart level for the selected process is determined from a corresponding restart state lookup table. The selected process is then restarted at the restart level.

Abstract: Methods of allocating, writing, reading, de-allocating, re-allocating, and reclaiming space within a nonvolatile memory having a bifurcated storage architecture are described. A method of reliably re-allocating a first object includes the step of storing a location of a first object in a first data structure. A location of the first data structure is stored in a second data structure. A duplicate of the first object is formed by initiating a copy of the first object. An erase of the first object is initiated. A write of a second object to the location of the first object is then initiated. The duplicate object is invalidated. The status of copying, erasing, and writing is tracked. The copy status, erase status, write status, and a restoration status are used to determine a recovery state upon initialization of the nonvolatile memory. The duplicate object is invalidated , if the writing status indicates that the writing of the second object has been completed.

Abstract: A system including a host coupled to a memory device and a peripheral controller device. The host is coupled to the peripheral controller device via a bus having a plurality of general purpose signal lines to carry time-multiplexed address, data, and control information. The peripheral controller device performs direct memory access (DMA) transactions with the memory device via the host and the bus.

Abstract: A method and apparatus which may be used for direct memory access (DMA) acknowledges. A method of acknowledging a request for access to a bus from a bus agent access involves receiving a request for access to the bus and generating a request acknowledge signal. The request acknowledge is generated on a multiplexed bus in response to the request for access to the bus.

Abstract: A system having a bus coupled to a host and a peripheral controller device each coupled to a bus. The bus includes a plurality of general purpose signal lines to carry time-multiplexed address, data, and control information. The peripheral controller device communicates with the host over the bus to control devices such as parallel port controllers, serial port controllers, super I/O controllers, floppy disk controllers, keyboard controllers and memory devices.

Abstract: A system including a host, a peripheral controller device, and a bus master device each coupled to a bus having a plurality of general purpose signal lines for carrying time-multiplexed address, data, and control information. The bus master device communicates with the host and the peripheral controller device via the bus.

Abstract: A memory device. The memory device includes a nonvolatile memory array including a first block of memory cells. A first volatile protection bit coupled to the first block is programmable to prevent a memory access operation directed to the first block from being performed.