In many devices, such as cell phones and other programmable electronic devices, the operating system and application code may be stored in a flash memory device and loaded into memory to initialize the runtime environment. Alternatively, for certain flash memory devices, such as a NOR flash, the code may be executed directly from the flash memory. Malicious code, known as malware, which includes viruses, worms, adware, etc., may attack core components of the operating system to compromise key applications, including critical applications that operate in the operating system kernel. One concern is that malicious code may be loaded into blocks in the flash memory device and then executed during operations of the programmable device.
Certain flash memory devices, such as the Intel Corporation Sibley flash device, may support Extended Flash Array (EFA) blocks, which are blocks in the flash memory that are not accessible in the initialized flash memory map. To access code or data from these blocks, a program must issue a command to map memory addresses in the memory map to the EFA blocks. After using the code or data from the EFA blocks, the memory addresses mapped to the EFA blocks may be mapped back to the blocks addressed in the initial mapping. In this way, the EFA blocks may be swapped in and out of memory during operations.
To ensure the integrity of the data and code maintained in the flash memory, the boot process may scan the content of each block in the flash memory to calculate a hash or checksum value to compare against a stored valid value to determine whether code or data has been modified. If the code in the blocks of the non-volatile memory device do not validate during initialization, then the boot sequence will fail and the electronic device may not go into operational mode until valid code is reinstalled in the flash memory.