A firmware interface generally provides an interface between an operating system (OS) and the underlying firmware and/or hardware associated with the system platform. Examples of firmware interfaces include the legacy Basic Input Output System (BIOS) and the more recent Unified Extensible Firmware Interface (UEFI). The firmware interface typically provides system boot services as well as runtime services. The runtime services provided by UEFI include management of access to system variables by the OS or other entities. The UEFI is generally required to guarantee that any updates that are made to these variables are durable, for example, that the updates will persist in the event of an unexpected power loss, reset or other interruption.
A potentially conflicting goal for the UEFI, however, is that these system variables be stored in a trusted and secure memory region or device that is not directly accessible by any entity other than the UEFI. For example, an OS that is compromised should not be able to access this UEFI reserved memory. Additionally, access to these variables by the OS may cause memory contention problems if they are concurrent with UEFI access. Unfortunately, memory that may be available for such a secure or isolated operating mode is typically volatile, such as, for example, dynamic random access memory (DRAM), the contents of which are lost in the event of power interruption.
Although the following Detailed Description will proceed with reference being made to illustrative embodiments, many alternatives, modifications, and variations thereof will be apparent to those skilled in the art.