This invention relates to the field of memory devices and, more specifically, to protection of data stored within memory devices.
A motherboard is the main circuit board inside a computer system that connects directly or indirectly to every part of the computer system. The motherboard contains processors, memories, control chipsets and various buses used to link the motherboard components with various hardware devices such as a display, a drive, a keyboard, etc.
In order for a computer system to function, the computer""s operating system needs to be configured to communicate with the computer system""s devices. A Basic Input Output System (BIOS) is used for this configuration. The BIOS resides in a non-volatile memory device, such as a flash memory, hereinafter referred to as a BIOS memory. The BIOS includes low-level code, referred to as boot code, that enables communication between the computer""s operating system and hardware devices. The boot code provides the initial instructions for power on self-test (POST) and booting system files. When a computer system is powered on, the boot code is fetched from BIOS memory and placed into a random access memory (RAM) for execution (although some boot code may be executed directly from the BIOS memory). The boot code is executed, for example, to load the operating system into the system""s processor.
The BIOS memory is typically tested by memory manufacturers to verify compliance with specifications before shipment to a motherboard manufacturer. The motherboard manufacturer, such as an original equipment manufacturer (OEM), then programs the code into the BIOS memory. The BIOS memory can then be configured for its regular operation. As such, a BIOS memory may have different interfaces for each of these modes, for example, a programming mode and an operation mode. The particular mode is selected prior to power-up or before return from reset. The programming mode may be used as a programming interface for OEMs to use during motherboard manufacturing or component pre-programming. The programming interface is generally not intended for use during regular computer operations. The operation interface is used to operate with the control chipsets during platform operations.
The use of different interfaces allows for security and manageability features, while also allowing for the component to be tested and programmed quickly with automated test equipment (ATE) and memory programmers in the OEM""s manufacturing flow. One of the security features is the ability to protect certain sections, or blocks, of the BIOS memory from accidental or intentional corruption during such a process. A BIOS memory may come in different sizes, for example, 8 Megabits (Mb, also referred to as 1 Megabyte (MB)) and 4 Mb (xc2xd MB). Each BIOS memory has a set of contiguous blocks. Typically block granularity may be 65536 bytes (64 KB). As such, on an 8 Mb BOIS BIOS memory, there may be 16 blocks as illustrated in FIG. 1.
Prior BIOS memories use the top most block (e.g., block 15 of an 8 Mb) to store critical code, such as the boot code. Access to the boot code stored in the top most block may be controlled by a top block lock (TBL) input. The TBL input is configured to receive a signal that when held low (active) prevents program or block erase operations in the top most block. BIOS memories may also include a write protect (WP) input that serves the same function as TBL for the remaining blocks: all blocks except the top block. The WP input operates independently from the TBL input and does not affect the lock status of the top block.
Currently, the TBL input of a BIOS memory provides protection only on the top most (e.g., 64 Kbyte size) block of the BIOS. Due to boot code sizes growing greater than block granularity, the top block lock feature of prior BIOS memories may not meet newer security requirements.