Computing devices can utilize an interface to initialize hardware included in the computing device during the startup sequence of the computing device. For example, a basic input/output system (BIOS) can provide runtime services for an operating system (OS) and/or other programs. The Unified Extensible Firmware Interface (UEFI) may additionally be utilized as an interface between an OS of the computing device and firmware of the computing device.
A computing device can utilize the BIOS to perform certain actions. As used herein, the term “BIOS” refers to a non-volatile firmware to perform hardware initialization during a startup sequence of the computing device and to provide runtime services for OS's and/or other programs. For example, as a computing device is started (e.g., booted), the BIOS can initialize hardware of the computing device.
As used herein, the term “computing device” can be, for example, a laptop computer, a notebook computer, a desktop computer, and/or a mobile device (e.g., a smart phone, tablet, personal digital assistant, smart glasses, a wrist-worn device, etc.), among other types of computing devices. As used herein, a mobile device can include devices that are (or can be) carried and/or worn by a user. For example, a mobile device can be a phone (e.g., a smart phone), a tablet, a personal digital assistant (PDA), smart glasses, and/or a wrist-worn device (e.g., a smart watch), among other types of mobile devices.
As described above, a computing device can utilize UEFI to interface between an OS of the computing device and firmware of the computing device. As used herein, the term “UEFI” refers to a specification that defines a software interface between an OS and platform firmware. For example, UEFI can define a software interface between an OS of the computing device and firmware of the computing device. As used herein, the term “operating system” refers to software that supports a computing device's basic functions, such as scheduling tasks, executing applications, and/or controlling peripheral devices, As used herein, the term “firmware” refers to software that provides low-level control of particular hardware of a computing device.
As described above, UEFI can be a specification defining an interface between an OS and hardware of a computing device. The UEFI specification can define signatures included in memory of the BIOS. As used herein, the term “signature” refers to an authenticator to verify authenticity of an executable instruction. As described above, the BIOS can include executable instructions to provide services to an OS and/or other programs of the computing device. The BIOS can include function pointers to point to the executable instructions stored in the BIOS. As used herein, the term “function pointer” refers to a mapping of a memory location where executable instructions are stored.
The signatures defined by the UEFI specification can be unencrypted and pre-defined. Accordingly, these signatures can be public. Therefore, if a malicious user such as a hacker can access the BIOS memory, the malicious user can determine a function pointer by searching the signatures. The malicious user may, in some examples, redirect a function pointer to malicious code which may be executed.
Encrypting table signatures, according to the disclosure, can allow for signatures corresponding to tables to be encrypted during power-on self-test (POST) of the computing device. Encrypting the table signatures can prevent a user from determining a function pointer by searching the signatures, as the signatures are encrypted. The encrypted table signatures can prevent a malicious user from redirecting a function pointer to malicious code. Encrypting table signatures according to the disclosure can provide strong security without extra hardware, applications, OS changes, driver changes, and/or any impact on user experience of the computing device.
As illustrated in
The computing device 102 can generate the EFI table 106 during a power-on self-test (POST) sequence by the BIOS 104. As used herein, the term “POST sequence” refers to a process performed by firmware and/or software routines after a computing device is powered on to determine whether hardware of the computing device is working correctly. For example, the computing device 102 can run a POST sequence when powered on to determine whether certain hardware of the computing device 102 (e.g., random access memory (RAM), disk drives, peripheral devices, and/or other hardware) is working correctly.
As described above, the UEFI specification can define signatures. The signatures can correspond to different EFI table types. For example, a first signature can correspond to an EFI system table, a second signature can correspond to an EFI boot services table, a third signature can correspond to an EFI runtime services table, etc.
The BIOS 104 can encrypt a signature corresponding to the EFI table 106 during the POST sequence. As used herein, the term “encrypt” refers to translation of plaintext data to ciphered data using a key. For example, the BIOS 104 can encrypt a signature from plaintext data to ciphered data. Encrypting signatures corresponding to EFI tables can prevent a malicious user from reading plaintext signatures, as the user is unable to determine the meaning of the ciphered data (e.g., the encrypted signatures). In some examples, the BIOS 104 can encrypt the signatures via bit-wise encryption. In some examples, the BIOS 104 can encrypt the signatures by replacing the UEFI signature with a pre-determined signature, For example, the plaintext signature for the EFI table 106 may be “IBITSYS”, and the BIOS 104 can encrypt the plaintext signature by replacing the UEFI signature (e.g., IBITSYS) with a pre-determined signature (e.g., “CNETSYS”).
Although encryption schemes are described above as including bit-wise encryption and/or replacing a UEFI signature with a pre-determined signature, examples of the disclosure are not so limited. For example, the BIOS 104 can encrypt the signatures via any other method of encryption.
The BIOS 104 can decrypt the signatures in response to an input. The input can be, for example, a call to the BIOS from a caller UEFI driver 105 and/or a hardware control transfer, as is further described herein.
In some examples, the input can be a call to the BIOS 104 from a caller UEFI driver 105. As used herein, the term “call” refers to a request of a service. As used herein, the term “driver” refers to a computer program that operates and/or controls a particular device of a computing device. For example, a caller UEFI driver 105 can request a service from the BIOS 104 by transmitting a call to the BIOS 104, as is further described herein. The caller UEFI driver 105 can transmit a call to the BIOS 104 after the EFI table 106 is installed in memory during the POST sequence.
The caller UEFI driver 105 can be a particular caller UEFI driver. The particular caller UEFI driver 105 may be directed to use an encrypted signature for the EFI table 106 and can call the BIOS 104 to decrypt the encrypted signature for the EFI table 106. The BIOS 104 can, accordingly, decrypt the signature for the EFI table 106 in response to the call by the particular caller UEFI driver 105. As used herein, the term “decrypt” refers to translation of ciphered data to plaintext data using a key. For example, the encrypted signature may be CNETSYS and the BIOS 104 can decrypt the encrypted signature to its plaintext form (e.g., IBITSYS).
After use by the particular caller UEFI driver 105, the BIOS 104 can re-encrypt the signature for the EFI table 106. For example, the particular caller UEFI driver 105 may utilize the signature for the EFI table 106 to cause an operation by a particular device of the computing device 102 during the POST sequence of the computing device 102, and once complete, the BIOS 104 can re-encrypt the signature for the EFI table 106. For example, the BIOS 104 can re-encrypt the plaintext signature for the EFI table 106 (e.g., IBITSYS) to a ciphered signature (e.g., CNETSYS).
Another caller UEFI driver (e.g., caller UEFI driver 105, or a caller UEFI driver that is a different caller UEFI driver than caller UEFI driver 105) may make a call to the BIOS 104. For example, the another caller UEFI driver may utilize the signature for the EFI table 106 to cause an operation by another device of the computing device 102 during the POST sequence of the computing device 102. The another caller UEFI driver can request a service (e.g., decryption) from the BIOS 104 by transmitting a call to the BIOS 104 to decrypt the signature for the EFI table 106.
The BIOS 104 can re-encrypt the signature for the EFI table 106 after use by the another caller UEFI driver. For example, the another caller UEFI driver may utilize the signature for the EFI table 106 to cause an operation by the another device of the computing device 102 during the POST sequence of the computing device 102, and once complete, the BIOS 104 can re-encrypt the signature for the EFI table 106. For example, the BIOS 104 can re-encrypt the plaintext signature for the EFI table 106 (e.g., IBITSYS) to a ciphered signature (e.g., CNETSYS).
In some examples, the input can be a hardware control transfer from the BIOS 104 to the OS of the computing device 102. For example, during POST, the BIOS 104 can control the hardware of the computing device (e.g., as the BIOS 104 determines whether certain hardware of the computing device 102 are working correctly. According to the UEFI standard, the signatures for the EFI table 106 are to be decrypted prior to POST being completed and hardware control transferred to the OS of the computing device 102. Accordingly, the BIOS 104 can decrypt the signature for the EFI table 106 prior to the BIOS 104 transferring hardware control to the OS.
Encrypting table signatures, according to the disclosure, can allow for signatures corresponding to EFI tables to be encrypted by a BIOS of the computing device during a POST sequence of a computing device. Encrypting the signatures corresponding to EFI tables during the POST sequence can prevent a malicious user from redirecting a function pointer to malicious code, providing for strong security without extra hardware, applications, OS changes, driver changes, and/or any impact on user experience of the computing device. The BIOS can decrypt the signatures prior to the POST sequence finishing and transferring control of the computing device hardware to the OS.
Processing resource 208 may be a central processing unit (CPU), a semiconductor-based microprocessor, and/or other hardware devices suitable for retrieval and execution of machine-readable instructions 212, 214, 216 stored in a memory resource 210. Processing resource 208 may fetch, decode, and execute instructions 212, 214, 216. As an alternative or in addition to retrieving and executing instructions 212, 214, 216, processing resource 208 may include a plurality of electronic circuits that include electronic components for performing the functionality of instructions 212, 214, 216.
Memory resource 210 may be any electronic, magnetic, optical, or other physical storage device that stores executable instructions 212, 214, 216 and/or data. Thus, memory resource 210 may be, for example, Random Access Memory (RAM), an Electrically-Erasable Programmable Read-Only Memory (EEPROM), a storage drive, an optical disc, and the like. Memory resource 210 may be disposed within the computing device 202, as shown in
The computing device 202 may include generate instructions 212 stored in the memory resource 210 and executable by the processing resource 208 to generate a table having a corresponding signature. The table can be an EFI table, such as an EFI system table, an EFI boot services table, an EFI runtime services table, and/or any other EFI table. The computing device 202 can generate, by a BIOS of the computing device 202, the table during a POST sequence of the computing device 202.
The computing device 202 may include encrypt instructions 214 stored in the memory resource 210 and executable by the processing resource 208 to encrypt the signature during the POST sequence by the BIOS of the computing device 202. For example, the signature can be plaintext data, and the BIOS of the computing device 202 can translate the plaintext data to ciphered data using a key. The BIOS can encrypt the signature using bit-wise encryption, replacement of the signature with a pre-determined signature, and/or any other type of encryption method.
The computing device 202 may include decrypt instructions 216 stored in the memory resource 210 and executable by the processing resource 208 to decrypt the signature in response to an input. In some examples, the input can be a call to the BIOS from a caller UEFI driver. For example, the caller UEFI driver can request a decrypt service from the BIOS such that the BIOS decrypts the signature for use by the caller UEFI driver, and re-encrypts the signature following use of the signature by the caller UEFI driver. In some examples, the input can be a hardware control transfer. For example, according to the UEFI standard, the signatures for the table are to be decrypted prior to POST being completed and hardware control transferred from the BIOS to the OS of the computing device 202. Accordingly, the BIOS can decrypt the signature for the table prior to the BIOS transferring hardware control to the OS to complete the POST sequence.
Processing resource 320 may be a central processing unit (CPU), microprocessor, and/or other hardware device suitable for retrieval and execution of instructions stored in machine-readable storage medium 322. In the particular example shown in
Machine-readable storage medium 322 may be any electronic, magnetic, optical, or other physical storage device that stores executable instructions. Thus, machine-readable storage medium 322 may be, for example, Random Access Memory (RAM), an Electrically-Erasable Programmable Read-Only Memory (EEPROM), a storage drive, an optical disc, and the like. The executable instructions may be “installed” on the system 318 illustrated in
Generate an EFI table instructions 324, when executed by a processor such as processing resource 320, may cause system 318 to generate an EFI table during a POST sequence by a BIOS of the computing device 302. The EFI table can be, for example, an EFI system table, an EFI boot services table, an EFI runtime services table, and/or any other EFI table.
Encrypt a signature instructions 326, when executed by a processor such as processing resource 320, may cause system 318 to encrypt a signature corresponding to the EFI table during the POST sequence. For example, the signature can be plaintext data, and the BIOS of the computing device 302 can translate the plaintext data to ciphered data using a key. The BIOS can encrypt the signature using bit-wise encryption, replacement of the signature with a pre-determined signature, and/or any other type of encryption method.
Decrypt a signature instructions 328, when executed by a processor such as processing resource 320, may cause system 318 to decrypt the signature in response to an input. In some examples, the input can be a call to the BIOS from a caller UEFI driver. For example, the caller UEFI driver can request a decrypt service from the BIOS such that the BIOS decrypts the signature for use by the caller UEFI driver, and re-encrypts the signature following use of the signature by the caller UEFI driver. In some examples, the input can be a hardware control transfer. For example, according to the UEFI standard, the signatures for the table are to be decrypted prior to POST being completed and hardware control transferred from the BIOS to the OS of the computing device 302. Accordingly, the BIOS can decrypt the signature for the table prior to the BIOS transferring hardware control to the OS to complete the POST sequence.
At 432, the method 430 includes generating, by a computing device, an EFI table having a corresponding signature in response to a POST sequence of the computing device. The EFI table can be, for example, an EFI system table, an EFI boot services table, an EFI runtime services table, and/or any other EFI table.
At 434, the method 430 includes encrypting, by a BIOS of the computing device, the signature in response to a POST sequence of the computing device commencing. The signature can be, for example, plaintext data according to the UEFI specification, and the BIOS of the computing device can translate the plaintext data to ciphered data using a key. The BIOS can encrypt the signature using bit-wise encryption, replacement of the signature with a pre-determined signature, and/or any other type of encryption method.
At 436, the method 430 includes decrypting, by the BIOS of the computing device, the signature for use by a caller UEFI driver in response to a call to the BIOS from the caller UEFI driver. For example, the caller UEFI driver can request a decrypt service from the BIOS such that the BIOS decrypts the signature for use by the caller UEFI driver.
In some examples, the method 430 includes encrypting, by the BIOS, the signature after use by the caller UEFI driver. For example, the BIOS can re-encrypt the signature following use of the signature by the caller UEFI driver. Re-encrypting the signature following use by the caller UEFI driver can keep the signature encrypted during the remaining portion of the POST sequence until the caller UEFI driver or another caller UEFI driver is to utilize the signature, and/or the POST sequence is to cease and control of the hardware is to be transferred from the BIOS to the OS of the computing device.
In the foregoing detailed description of the disclosure, reference is made to the accompanying drawings that form a part hereof, and in which is shown by way of illustration how examples of the disclosure may be practiced. These examples are described in sufficient detail to enable those of ordinary skill in the art to practice the examples of this disclosure, and it is to be understood that other examples may be utilized and that process, electrical, and/or structural changes may be made without departing from the scope of the disclosure. Further, as used herein, “a” can refer to one such thing or more than one such thing.
The figures herein follow a numbering convention in which the first digit corresponds to the drawing figure number and the remaining digits identify an element or component in the drawing. For example, reference numeral 102 may refer to element 102 in
It can be understood that when an element is referred to as being “on,” “connected to”, “coupled to”, or “coupled with” another element, it can be directly on, connected, or coupled with the other element or intervening elements may be present. In contrast, when an object is “directly coupled to” or “directly coupled with” another element it is understood that are no intervening elements (adhesives, screws, other elements) etc.
The above specification, examples and data provide a description of the method and applications, and use of the system and method of the disclosure. Since many examples can be made without departing from the spirit and scope of the system and method of the disclosure, this specification merely sets forth some of the many possible example configurations and implementations.
Filing Document | Filing Date | Country | Kind |
---|---|---|---|
PCT/US2019/048471 | 8/28/2019 | WO | 00 |