As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
Some information handling systems are configured for remote management. One such remote management system is the Intel AMT (Active Management Technology) architecture. Platforms supporting the Intel AMT architecture employ a hardware flash memory protection mechanism that can be enabled at the end of the manufacturing process. Once invoked, this mechanism prohibits host writes to lockable portions of programmable memory (such as flash memory) within the system (i.e., certain non-BIOS regions of the flash memory) for the lifetime of the motherboard. The only method to override this locking mechanism, as set forth in the AMT architecture, is to open the computer system chassis and install a physical jumper on the motherboard to toggle the security override signal on the motherboard chipset. According to the AMT architecture, the detection of this security override signal is latched only on a system power cycle. This security override architecture, therefore, does not allow unlocks of the flash memory unless the motherboard is physically accessed in order to install the jumper.
The lack of dynamic unlocking in the AMT architecture (i.e., requirement for physical access and jumper installation) can become a major issue in the manufacturing teardown process where a “locked” system may be rerouted back through the manufacturing flow to be re-imaged with a new image. To allow improved manufacturability of the computing platform, a programmable GPIO (General Purpose Input Output) output pin has been used to provide the security override signal on the chipset for the motherboard. This GPIO output signal can then be toggled through the use of a factory loaded software tool to unlock the flash memory in a dynamic fashion. The factory tool can then cycle the power to the system to latch the security override signal when necessary.
FIG. 2 (Prior Art) is a block diagram for a prior implementation for an information handling system 200 using a software-based override mechanism for unlocking programmable memory, such as flash memory, using the AMT architecture. As depicted, programmable memory circuitry 202, such as flash memory, is coupled to control circuitry 21 0. The programmable memory circuitry 202 includes a lockable area 204 and a BIOS area 206. Within the BIOS area 206 is also stored a software override module 208 that can be loaded into the BIOS, for example, during manufacturing. Control circuitry 210 provides BIOS control and lock control signals 212 to the programmable memory circuitry 202. According to the Intel AMT solution, a physical override mechanism 216, such as a jumper, provides an override signal 218 as input 220 to the control circuitry 210. When this override signal is applied as a signal input 220, the control circuitry 210 provides an unlock signal to the programmable memory circuitry 202 through signal lines 212. This unlock signal acts to unlock the lockable area 204 to allow it to be written or rewritten with desired code. The software override module 208 can operate to provide signals to the control circuitry 210 through signal lines 212 that instruct the control circuitry 210 to output a software override signal 214 as an output. When asserted, this software override signal 214 is used to provide a security override signal as an input 220 to the control circuitry 210, thereby acting as if the physical override mechanism 216 has been engaged. And as indicated above, the software override signal 220 can be provided as an output signal from a GPIO pin associated with the control circuitry 210. It is further noted that the BIOS area itself is typically lockable using a separate locking mechanism so that it can be locked (protected).
One problem with this use of a GPIO pin output signal as a security override signal is that this technique exposes a security risk. In particular, a rogue program could toggle the GPIO output signal using standard input/output operations to provide the security override signal and thereby gain access to reprogram the programmable memory (e.g., flash memory).