Typically, an x86 PC, x86 server, or other type of computing device includes an embedded baseboard management controller (BMC) system firmware. Modifying the embedded BMC system firmware such that the BMC is no longer functional may cause denial of service (DoS) of the computing device. The BMC system firmware is an updatable entity in which operating system (OS) based utilities provide a way to modify the BMC read only memory (ROM) containing the BMC firmware. Upon system restart, the BMC system firmware is loaded from the BMC ROM for execution by the BMC microcontroller.
One technique maintains a backup copy of BMC ROM image and relies on the backup copy of the BMC ROM image so that this image can be used during system restart to provide a BMC firmware image when the primary or original copy has been corrupted and is invalid. This technique may not provide recovery if both the ROM back up image and the primary image has become corrupted. Yet another technique requires the expense of additional hardware logic to prevent host-based access to the serial peripheral interface (SPI) that controls the access to the BMC ROM.
Another technique for basic input/output system/unified extensible firmware (BIOS/UEFI) ROM protection may use suitable chipset hooks that prevent writing to the system address range of the BIOS/UEFI ROM unless the CPU is in the secure SMM mode. However, this technique does not work for the BMC ROM, because the BMC ROM image executes in the BMC microcontroller environment so it is not visible in host system address space.
In view of the foregoing, there is a need for improved systems and techniques for performing operations on memory of a computing device and for protecting BMC ROM.