1. Field of the Invention
The present invention concerns computer platform firmware in general, and concerns a method for hardening an extensible firmware framework that permits the use of third party firmware modules in particular.
2. Background Information
Computer platform firmware is used during initialization of computer systems to verify system integrity and configuration. It also generally provides the basic low-level interface between hardware and software components of those computer systems, enabling specific hardware functions to be implemented via execution of higher-level software instructions contained in computer programs that run on the computer systems. in many computers, a primary portion of this firmware is known as the Basic Input/Output System (BIOS) code of a computer system. The BIOS code comprises a set of permanently recorded (or semi-permanently recorded in the case of systems that use flash BIOS) software routines that provides the system with its fundamental operational characteristics, including instructions telling the computer how to test itself when it is turned on, and how to determine the configurations for various built-in components and add-on peripherals.
In a typical PC architecture, the BIOS is generally defined as the firmware that runs between the processor reset and the first instruction of the Operating System (OS) loader. This corresponds to the startup operations performed during a cold boot or in response to a system reset. At the start of a cold boot, very little of the system beyond the processor and firmware is actually initialized. It is up to the code in the firmware to initialize the system to the point that an operating system loaded off of media, such as a hard disk, can take over.
Typically, firmware code is stored in a “monolithic” form comprising a single set of code that is provided by a platform manufacturer or a BIOS vendor such as Phoenix or AMI. Various portions of the single set of code are used to initialize different system components. Since there is only a single set of code, the trustworthiness and reliability of the firmware may be verified through testing by its producer. In other situations, a monolithic BIOS may be extended using one or more “Option ROMs” that are contained on one or more periphery device cards. For example, SCSI device driver cards and video cards often include an option ROM that contains BIOS code corresponding to services provided by these cards. Typically, firmware in option ROMs is loaded after the firmware in the monolithic BIOS has been loaded or during loading of the monolithic BIOS in accordance with a predefined scheme.
Recently, a new firmware architecture has been defined that enables platform firmware to include firmware “modules” and “drivers” that may be provided by one or more third party vendors in addition to the firmware provided by a platform manufacturer or BIOS vendor that is originally supplied with a computer system. This firmware architecture, as defined by the EFI (Extensible Firmware Interface) 2.0 framework specification, enables a system's firmware to be “extended” beyond conventional firmware capabilities through the use of the third-party firmware modules and drivers.
Although the EFI 2.0 framework provides many advantages, it opens up the opportunity for a system to be disabled or damaged through use of an errant or rogue firmware module or driver. For example, a flawed firmware module may not operate properly, causing one or more system components to be disabled. Even worse, it may cause problems to the operation of other firmware components and modules.