Abstract: A solution is presented to securing endpoints without the need for a separate bus or communication path. The solution allows for controlling access to endpoints by utilizing a management protocol by overlapping with existing interconnect communication paths in a packet format and utilizing a PCI address BDF (Bus number, Device number, and Function number) for verification.

Abstract: In some embodiments, a processor-based system may include at least one processor, at least one memory coupled to the at least one processor, a boot block stored at a first memory location, a capsule update stored at a second memory location, a startup authenticated code module to ensure the integrity of the boot block upon a restart of the processor-based system, code which is executable by the processor-based system to cause the processor-based system to validate the boot block with the startup authenticated code module upon the restart of the processor-based system, and, if the boot block is successfully validated, to validate the capsule update for the processor-based system with the startup authenticated code module. Other embodiments are disclosed and claimed.

Abstract: In some embodiments a Trusted Platform Module (TPM) manages a first flag that identifies whether a secure environment has ever been established. A chipset manages a second flag that identifies that there might have been secrets in memory and a reset or power failure occurred. At least one processor and/or the chipset lock, maintain a lock, and/or unlock a memory in response to the second flag. Other embodiments are described and claimed.

Abstract: In some embodiments, the invention involves using a policy engine during boot, in the driver execution environment (DXE) phases to authenticate that drivers and executable images to be loaded are authenticated. Images to be authenticated include the operating system (OS) loader. The policy engine utilizes a certificate database to hold valid certificates for third party images, according to platform policy. Images that are not authenticated are not loaded at boot time. Other embodiments are described and claimed.

Abstract: In some embodiments, a processor-based system may include at least one processor, at least one memory coupled to the at least one processor, a boot block stored at a first memory location, a capsule update stored at a second memory location, a startup authenticated code module to ensure the integrity of the boot block upon a restart of the processor-based system, code which is executable by the processor-based system to cause the processor-based system to validate the boot block with the startup authenticated code module upon the restart of the processor-based system, and, if the boot block is successfully validated, to validate the capsule update for the processor-based system with the startup authenticated code module. Other embodiments are disclosed and claimed.

Abstract: In some embodiments, the integrity of firmware stored in a non-volatile memory is verified prior to initiation of a firmware reset vector. Other embodiments are described and claimed.

Abstract: A temporary memory of a computer system is configured during a boot mode. Page tables are generated for the temporary memory. System memory of the computer system is initialized. Contents of the temporary memory are migrated to the system memory.

Abstract: A temporary memory of a computer system is configured during a boot mode. Page tables are generated for the temporary memory. System memory of the computer system is initialized. Contents of the temporary memory are migrated to the system memory.

Abstract: A technique for providing communication between two computers through a network in a way to allow one computer to control the other.

Abstract: A technique for providing communication between two computers through a network in a way to allow one computer to control the other.

Abstract: An embodiment of the present invention relates generally to computer configuration and, more specifically, to a system and method to seamlessly determine the component configurations of a series of heterogeneous platforms and enable their respective component configurations to be intelligently migrated from one platform to another. In some embodiments, the invention involves generating configuration binaries for a plurality of target platforms. The configuration binaries are used with tools to create configuration directives for the target machines. In at least one embodiment, the configuration directives are sent to the target platforms in a scripting language. In some embodiments, the scripts are automatically generated by a tool using the configuration binaries for various platforms and policy guidance to determine which settings should be set on or off. Other embodiments are described and claimed.

Abstract: A method for using an operating system device for non-operating system uses. A false event signal is generated to indicate that a device should be shut down. After this is accomplished, the device is used for a different purpose while the operating system thinks it is inoperative. Once the other use is completed, another false event signal is generated so that the device is activated again and returned to use in the operating system in normal fashion.

Abstract: An embodiment of the present invention is a system and method relating to seamlessly enable enhanced management and scripting of a computer system and its add-in devices. In at least one embodiment, the present invention enables a system administrator or integrator to script a common configuration for multiple devices and then automatically configure the devices using the script. The language construct and central data repository for configuration settings are extended to comprehend a scripting language. A script is read by a script engine during either pre-boot or runtime. The script engine searches a keyword database on the central data repository to determine requested configuration settings. A data offset is corresponding to a specific op-code is used to determine where configuration settings are located, for modification.

Abstract: Disclosed is a method, apparatus, and system in which a basic input/output BIOS is run and a non-volatile memory coupled to the BIOS is read. The BIOS determines if legacy partition address data is not present for a disk partition identified in the non-volatile memory, and if legacy partition address data is not present for the disk partition, legacy partition address data may be obtained by a legacy OPROM. The disk drive may then be updated with the legacy partition address data.

Abstract: Disclosed is a method, apparatus, and system in which a basic input/output BIOS is run and a non-volatile memory coupled to the BIOS is read. The BIOS determines if legacy partition address data is not present for a disk partition identified in the non-volatile memory, and if legacy partition address data is not present for the disk partition, the BIOS causes the execution of a Legacy OPROM. The execution of the Legacy OPROM causes legacy partition address data for the disk partition that does not have associated legacy partition address data to be obtained. The non-volatile memory as well as the disk drive is updated with the legacy partition address data.

Abstract: Methods and apparatus to enable console redirection in a multiple execution environment are disclosed. In an example method, at least one periodic interrupt in a first basic input/output system (BIOS) execution environment of a local console is initiated. Data associated with a second BIOS execution environment of the local console is retrieved. The data associated with the second BIOS execution environment is communicated to a remote terminal.

Abstract: A method of testing at least a selected portion of system memory for a microprocessor system is disclosed, the microprocessor system having burst mode capability to transfer data values between the microprocessor and the system memory via a system bus. The method includes the steps of: writing at least a selected portion of system memory with a predetermined test pattern using the burst mode capability of the microprocessor system; reading back values from the at least a selected portion of system memory using the burst mode capability of the microprocessor system; and comparing the values read from the at least a selected portion of system memory with the predetermined test pattern written.

Abstract: A multiprocessor computer system determines that the hard reset designated BSP has failed by examining its status bits. The designated BSP then selects a processor from among the APs that will take the place of the designated BSP. The selection is accomplished by, successively for every AP indicated to be good by examining its corresponding status flag, determining whether the AP is present, starting up the AP if it is present, determining whether the AP has passed its BIST, and selecting the AP to take the place of the designated BSP if the AP has passed its BIST. The BSP then designates the selected AP as the BSP instead of itself. The bootstrap indicator bit of the selected AP is set to indicate that the AP is the BSP. The bootstrap indicator bit of the designated BSP is cleared. The computer system then undergoes a soft reset which causes the selected AP to become the BSP and begin running the BIOS code from the reset vector.