Abstract: Methods, systems, and computer programs encoded on computer storage medium, for verifying, by a mask ROM of a CPU of a first computing device and with fused keys included by the CPU, a boot loader that is included by a flash memory of the first computing device, in response to verifying the boot loader, verifying, by the boot loader and with boot loader keys included by the flash memory, a kernel included by the a memory device of the first computing device, in response to verifying the kernel, decrypting, by the kernel using a hidden root key (HRK) included by the CPU of the first computing device, a device unique certification (DUC) included by the flash memory, in response to decrypting the DUC, generating, by the first computing device, a proof-of-possession of the DUC.

Abstract: In one or more embodiments, one or more systems, methods, and/or processes may start a single threaded power on self test process without a periodic handler to communicate with a watchdog timer of an information handling system; may initialize the watchdog timer with an amount of time; may store the amount of time and watchdog timer access interface information via a memory medium of the information handling system; may, after storing the amount of time and the watchdog timer access interface information, boot an operating system; may provide information indicating a location of the amount of time and the watchdog timer access interface information to the operating system; and may periodically reset the watchdog timer via a device driver of the operating system.

Abstract: Embodiments of systems and methods for providing video redirection across multiple Information Handling Systems (IHSs) are discussed. In some embodiments, a method may include: receiving, via a video redirection client, a video stream produced by a video redirection server executed by a Baseboard Management Controller (BMC) of a selected IHS; providing the video stream to a framebuffer driver, where the frame buffer driver is configured to: (i) store frame data from the video stream onto a framebuffer memory; and (ii) in response to a determination that a host is not available, transmit control signals to a graphics core via an Advanced Microcontroller Bus Architecture (AMBA) high-performance bus (AHB)-to-Peripheral Component Interconnect (PCI) (AHB-to-PCI) bridge, where the graphics core is accessible via a PCI bus exclusively when the host is available; and transmitting the frame data to a display coupled to the chassis.

Abstract: An inter-process communication (IPC) system, includes a first client engine, a first server engine, and a broker engine that is coupled to the first client engine. The broker engine initiates a first timer that is configured to reset when traffic is received from the first server engine while the first server engine is registered with the broker engine and coupled to the broker engine via a communication channel. The traffic that causes the first timer to reset includes at least one of: traffic generated by the first client engine to complete a request, and a first server-to-broker heartbeat message generated by the first server engine. The broker engine determines that the first timer has reached a predefined time amount, and in response, removes the registration of the first server engine and removes the communication channel between the broker engine and the first server engine.

Abstract: Embodiments provide secure discovery of a first IHS operating within a plurality of IHSs (Information Handling Systems), such as within a data center, by a remote management tool. The remote management tool is registered with a DNS (Domain Name System). Upon initializing a first IHS, that first IHS is not automatically recognized by the remote management tool. A remote access controller of the first IHS retrieves information from the registration of the remote management tool from the DNS. The remote access controller notifies the remote management tool of the initialized first IHS. The notification is transmitted, by the remote access controller, to a network address specified in the DNS registration information of the remote management tool. The remote management tool confirms the authenticity of the notification provided by the remote access controller and configures the first IHS for remote management.

Abstract: Embodiments of systems and methods for providing video redirection across multiple Information Handling Systems (IHSs) are discussed. In some embodiments, a method may include: receiving, via a video redirection client, a video stream produced by a video redirection server executed by a Baseboard Management Controller (BMC) of a selected IHS; providing the video stream to a framebuffer driver, where the frame buffer driver is configured to: (i) store frame data from the video stream onto a framebuffer memory; and (ii) in response to a determination that a host is not available, transmit control signals to a graphics core via an Advanced Microcontroller Bus Architecture (AMBA) high-performance bus (AHB)-to-Peripheral Component Interconnect (PCI) (AHB-to-PCI) bridge, where the graphics core is accessible via a PCI bus exclusively when the host is available; and transmitting the frame data to a display coupled to the chassis.

Abstract: An inter-process communication (IPC) system, includes a first client engine, a first server engine, and a broker engine that is coupled to the first client engine. The broker engine initiates a first timer that is configured to reset when traffic is received from the first server engine while the first server engine is registered with the broker engine and coupled to the broker engine via a communication channel. The traffic that causes the first timer to reset includes at least one of: traffic generated by the first client engine to complete a request, and a first server-to-broker heartbeat message generated by the first server engine. The broker engine determines that the first timer has reached a predefined time amount, and in response, removes the registration of the first server engine and removes the communication channel between the broker engine and the first server engine.

Abstract: An information handling system for providing comprehensive remote authorized access to multiple equipment in a datacenter. A mobile device security credential is first authenticated before access information is configured in the mobile device using a short-range wireless interface. The configured access information is mapped to the equipment and the corresponding access token and encryption keys from the equipment are received by the mobile device. The mobile device uses the access token and the encryption keys to simultaneously access the equipment through a long-range wireless interface. The simultaneous access includes parallel accessing of the equipment at a next accessing instance without requiring re-authentication. With the accessed equipment, the mobile device manages the accessed equipment based on the configured access information.

Abstract: Methods, systems, and computer programs encoded on computer storage medium, for identifying a power event of a chassis system; in response to identifying the power event, negotiating between a first and a second enclosure controller (EC) to place the one of the ECs in an active state, wherein the first and the second EC are redundant; in response to placing one of the ECs in the active state, performing, by a chassis orchestration engine, a sequence of actions, including: determining, by coordinating with a first daemon, whether a condition is present that would prevent safe activation of a power supply unit, activating, by coordinating with a second daemon, the power supply unit of the chassis system, activating, by coordinating with a third daemon, a cooling system of the chassis system after performing the sequence of actions, providing a signal to components indicating the active state of the first EC.

Abstract: Methods, systems, and computer programs encoded on computer storage medium, for verifying, by a mask ROM of a CPU of a first computing device and with fused keys included by the CPU, a boot loader that is included by a flash memory of the first computing device, in response to verifying the boot loader, verifying, by the boot loader and with boot loader keys included by the flash memory, a kernel included by the a memory device of the first computing device, in response to verifying the kernel, decrypting, by the kernel using a hidden root key (HRK) included by the CPU of the first computing device, a device unique certification (DUC) included by the flash memory, in response to decrypting the DUC, generating, by the first computing device, a proof-of-possession of the DUC.

Abstract: In one or more embodiments, one or more systems, methods, and/or process may allow a customer to install and boot their own firmware securely, without compromising secure boot. A baseboard management controller (BMC) may include a BMC firmware stored via a BMC partition of a non-volatile storage, a customer firmware image including a customer firmware and a signed customer boot block (CBB) file including a CBB, a hidden root key (HRK) hash of the CBB based on a HRK, and a manufacturer signature. The BMC firmware may, when an alternate path to boot the CBB is detected, verify the manufacturer signature on the CBB and the HRK hash, verify the HRK hash based on the unique HRK, and when the manufacturer signature and the HRK hash have been verified, hardware lock the BMC partition, disable the HRK, and transfer control to the CBB.

Abstract: Methods, systems, and computer programs encoded on computer storage medium, for identifying a power event of a chassis system; in response to identifying the power event, negotiating between a first and a second enclosure controller (EC) to place the one of the ECs in an active state, wherein the first and the second EC are redundant; in response to placing one of the ECs in the active state, performing, by a chassis orchestration engine, a sequence of actions, including: determining, by coordinating with a first daemon, whether a condition is present that would prevent safe activation of a power supply unit, activating, by coordinating with a second daemon, the power supply unit of the chassis system, activating, by coordinating with a third daemon, a cooling system of the chassis system after performing the sequence of actions, providing a signal to components indicating the active state of the first EC.

Abstract: In one or more embodiments, one or more systems, methods, and/or processes may start a single threaded power on self test process without a periodic handler to communicate with a watchdog timer of an information handling system; may initialize the watchdog timer with an amount of time; may store the amount of time and watchdog timer access interface information via a memory medium of the information handling system; may, after storing the amount of time and the watchdog timer access interface information, boot an operating system; may provide information indicating a location of the amount of time and the watchdog timer access interface information to the operating system; and may periodically reset the watchdog timer via a device driver of the operating system.

Abstract: Embodiments of systems and methods for providing video redirection across multiple Information Handling Systems (IHSs) are discussed. In some embodiments, a method may include: receiving, via a video redirection client, a video stream produced by a video redirection server executed by a Baseboard Management Controller (BMC) of a selected IHS; providing the video stream to a framebuffer driver, where the frame buffer driver is configured to: (i) store frame data from the video stream onto a framebuffer memory; and (ii) in response to a determination that a host is not available, transmit control signals to a graphics core via an Advanced Microcontroller Bus Architecture (AMBA) high-performance bus (AHB)-to-Peripheral Component Interconnect (PCI) (AHB-to-PCI) bridge, where the graphics core is accessible via a PCI bus exclusively when the host is available; and transmitting the frame data to a display coupled to the chassis.

Abstract: An inter-process communication (IPC) system, includes a first client engine, a first server engine, and a broker engine that is coupled to the first client engine. The broker engine initiates a first timer that is configured to reset when traffic is received from the first server engine while the first server engine is registered with the broker engine and coupled to the broker engine via a communication channel. The traffic that causes the first timer to reset includes at least one of: traffic generated by the first client engine to complete a request, and a first server-to-broker heartbeat message generated by the first server engine. The broker engine determines that the first timer has reached a predefined time amount, and in response, removes the registration of the first server engine and removes the communication channel between the broker engine and the first server engine.

Abstract: In accordance with embodiments of the present disclosure, an information handling system may include a host system comprising a host system processor and a device coupled to the host system processor. The information handling system may also include a management controller communicatively coupled to the host system processor and configured to provide management of the information handling system via management traffic communicated between the management controller and a network external to the information handling system and perform runtime verification of a firmware image of the management controller by responsive to each particular read request of the firmware image during runtime of the firmware, verifying integrity of a respective block of the read request and responsive to determining the respective block is corrupted, causing a bootloader of the firmware to, on a subsequent boot of the firmware image, perform recovery of the firmware image.

Abstract: Systems and methods for automated system-level failure and recovery are described. In some embodiments, an Information Handling System (IHS) includes a processor and a memory, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to execute a selected process configured to participate in an inter-process communication (IPC) with at least one other process, invoke an error handling process by simulating a fault in the IPC, and determine if the error handling process successfully handles the fault.

Abstract: In accordance with embodiments of the present disclosure, an information handling system may include a host system comprising a host system processor and a device coupled to the host system processor. The information handling system may also include a management controller communicatively coupled to the host system processor and configured to provide management of the information handling system via management traffic communicated between the management controller and a network external to the information handling system and perform runtime verification of a firmware image of the management controller by responsive to each particular read request of the firmware image during runtime of the firmware, verifying integrity of a respective block of the read request and responsive to determining the respective block is corrupted, causing a bootloader of the firmware to, on a subsequent boot of the firmware image, perform recovery of the firmware image.

Abstract: Systems and methods for automated system-level failure and recovery are described. In some embodiments, an Information Handling System (IHS) includes a processor and a memory, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to execute a selected process configured to participate in an inter-process communication (IPC) with at least one other process, invoke an error handling process by simulating a fault in the IPC, and determine if the error handling process successfully handles the fault.