JP2013156799A - Method for updating system firmware and computer - Google Patents

Abstract

A method for reliably updating system firmware is provided.
A BIOS_ROM boot block 101 stores an old CRTM 100a, a system block 103 stores an old BIOS 117a, an old flash driver 119a, and an old encryption digest 121a, and a staging block 105 stores an old CRTM 100a- 1 is stored. First, the new BIOS 117b, the new flash driver 119b, and the new encryption digest 121b are written in the system block, and the new CRTM 100b-1 is written in the staging block. After resetting, after executing a part of the old CRTM, the new CRTM is executed, followed by the new flash driver. The new flash driver writes the new CRTM for the staging block to the boot block.
[Selection] Figure 3

Description

  The present invention relates to a technique for updating system firmware implemented in a computer.

  The computer is equipped with a BIOS that provides an interface between hardware and an operating system (OS), a higher-level program such as a device driver or an application program, and the device. The BIOS is normally stored in a flash memory (BIOS_ROM) attached to the motherboard and executed before loading the operating system (OS) when the power supply is activated.

  In an organization called TCG (Trusted Computing Group), computer manufacturers develop specifications for hardware, BIOS, and OS to provide safer and more reliable computers. In the TCG specification, a code called CRTM (Core Root of Trust for Measurement) whose integrity is guaranteed to be the basis of trust of all programs operating on the same system is defined as part of the BIOS.

  The CRTM is absolutely guaranteed to be complete among programs executed on a computer. As used herein, program integrity means that anyone other than the computer manufacturer or system owner (hereinafter referred to as the manufacturer) has not updated or modified the system firmware. integrity).

  The CRTM is stored in a storage area called a boot block defined in the BIOS_ROM. A storage area other than the BIOS_ROM boot block is called a system block. The entire code stored in the BIOS_ROM is referred to as system firmware. In the computer, device firmware is also mounted on a controller of an individual device.

  A reset vector is set in the processor to first execute the CRTM of the boot block when reset. The CRTM verifies the integrity of the code that passes the control of the processor next in the BIOS before passing the control. Thereafter, the code that has received the control right verifies the integrity of the code before passing the control right to another code. Thereafter, the chain of trust can be established for the entire program executed on one computer by sequentially verifying the integrity of the subsequent program in the same manner. At this time, CRTM is positioned at the top of the chain of trust and builds the foundation of trust.

  By the way, the system firmware needs to be updated as the device evolves. Since the new system firmware also needs to continue to build the foundation of trust from the old CRTM, the old CRTM verifies in advance that the new system firmware was manufactured by a genuine manufacturer. Also, it is desirable to write the new CRTM into the BIOS_ROM in a safe environment before loading the OS. Thus, the code that writes the new CRTM is embedded in them as part of the old system firmware or the new system firmware.

  Patent Document 1 includes a primary flash bank in which a CRTM is stored in a boot block and a BIOS is stored in a BIOS block, and a secondary flash bank in which a copy of the CRTM and the BIOS is stored in the boot block and the BIOS block. A computer system is disclosed. When the BIOS of one bank cannot be executed, the bank is switched to the other bank. The boot block stores a code for updating the CRTM.

  Patent Document 2 discloses a method for updating CRTM. In the update method described in the document, the new CRTM is developed in the main memory, a flag is set, and the computer is changed to the suspended state. When a flag is detected during resume, the old CRTM authenticates the new update module. After the authenticated module of BIOS_ROM is updated with the new update module, the CRTM lock is released. The authenticated new update module is executed, and the old CRTM is rewritten to the new CRTM.

U.S. Pat. No. 7613872 JP 2008-523494 A

  CRTM provides write protection (write lock) to the boot block when transferring control to the system block. Thereafter, since no other code can release the write lock, the boot block is configured as a secure storage area. Accordingly, if the CRTM is damaged, the user cannot easily recover it. In recent years, the CRTM code amount has been kept to a minimum. For this reason, a code for updating the CRTM is also stored in the system block. As a result, an unprecedented update problem was discovered.

  FIG. 6 is a diagram for explaining a problem when the old system firmware stored in the BIOS_ROM is updated by the conventional method. In FIG. 6A showing the state before the update, the old CRTM 1a is stored in the boot block, and the old BIOS 3a and the old CRTM 1-a are stored in the system block. Here, as shown in FIG. 6C showing the state after the update, the old CRTM 1a is rewritten with the new CRTM 1b, and the old BIOS 3a is rewritten with the new BIOS 3b. The old CRTM 1a-1 and the new CRTM 1b-1 are copy source codes of the old CRTM 1a and the new CRTM 1b, respectively, and are required only when updating.

  Since the code for rewriting the old CRTM 1a with the new CRTM 1b-1 in the state of FIG. 6B is embedded in the new BIOS 3b, the CPU is reset and the old CRTM 1a is executed first when updating. The old CRTM 1a is updated after verifying the integrity of the new system firmware composed of the new BIOS 3b and the new CRTM 1b-1. For these reasons, updating the system firmware is performed in a two-stage process.

  Specifically, first, as shown in FIG. 6B, new system firmware composed of the new BIOS 3b and the new CRTM 1b-1 is written in the system block. Next, after resetting the CPU, the old CRTM 1a verifies the integrity of the new system firmware using the PKI (Public Key Infrastructure) method. When verifying the integrity of the new system firmware, the old CRTM 1a passes the processor control right to the new BIOS 3b without performing a write lock on the boot block for its own update. The new BIOS 3b writes the new CRTM 1b-1 as the new CRTM 1a in the boot block. At this time, a state in which the old CRTM 1a and the new BIOS 3b are mixed occurs in the BIOS_ROM as shown in FIG. 6B. When the reset processor executes the old CRTM 1a and further executes the new BIOS 3b to write the new CRTM 1b-1, the CRTM and the BIOS refer to the same file in coding / build, and the new system firmware When the file is updated, if the definition of the variable of the old CRTM1a is different from the definition of the variable of the new BIOS 3b, the execution of the program is interrupted at that point and the update cannot be performed.

  When coding the new BIOS 3b, there is no problem if the definition of the variable is matched with that of the old CRTM 1a, but it may put an excessive burden on the manufacturer of the system firmware. In addition, the new system firmware is subject to coding restrictions from the old CRTM 1a and cannot be improved freely. If you code more carelessly, you need to give up updating the module or debug over time.

  In the CRTM update method according to Patent Document 2, the same problem occurs because the old CRTM and the new update module coexist in the BIOS_ROM. Since the manufacturer can easily achieve consistency between the new CRTM and the new BIOS, it is desirable to be able to avoid consistency problems with the old CRTM when securely updating in a two-stage process.

  Accordingly, an object of the present invention is to provide a method for reliably updating system firmware. Furthermore, the object of the present invention was to provide a method for updating with system firmware whose integrity was verified. It is a further object of the present invention to provide an update method that can reduce the amount of code stored in a write-lockable storage area. It is a further object of the present invention to provide an update method with an increased degree of freedom in coding new system firmware. A further object of the present invention is to provide a computer and a computer program for realizing such a method.

  The nonvolatile memory according to the present invention stores a first old module and a second old module. The first new module for updating the first old module and the second new module for updating the second old module can be provided to the computer through an external memory or a network.

  First, the first new module and the second new module are written into the nonvolatile memory so as to overwrite the second old module. Subsequently, the first old module verifies the integrity of the first new module and the second new module. Subsequently, the first new module is executed in response to the reset of the processor. Subsequently, the second new module executed following the first new module overwrites the first new module in the storage area in which the first old module was written.

  By such a procedure, the first old module and the second old module are updated with the first new module and the second new module whose integrity has been verified before loading the OS in a normal boot. Can do. At this time, when the processor is reset, the control right is transferred to the second new module after the first new module is executed. Therefore, the variable definition between the first old module and the second new module is performed. Even if they are not consistent, program execution will not stop halfway. Since the manufacturer only needs to match the variables defined between the first new module and the second new module, the new system firmware can be coded without being restricted by the first old module. .

  The first old module can write to a write-protected storage area of the nonvolatile memory. The storage area that can be write-protected can be a boot block having an address that is first executed by the reset processor. At this time, since the second new module writes the first new module into the boot block, the amount of code stored in the boot block can be reduced. The first old module and the first new module can be a Core Root of Trust for Measurement (CRTM) that is positioned at the top of a chain of trust that ensures the integrity of a program executed on a computer.

  In the step of executing the first new module, it can be determined whether the first old module executes the remaining part of the first old module or the first new module. At this time, it is possible to set a mixed flag indicating that the first old module and the second new module coexist in the nonvolatile memory. At this time, the mixed flag may be confirmed in the determining step.

  The flash tool sets the update flag after writing the first new module and the second new module after connecting the boot tool storing the first new module and the second new module. be able to. At this time, the step of setting the mixed flag may be executed by the first old module executed in response to the reset of the processor confirming the update flag. The first new module and the second new module may be written by the flash tool. It is also desirable for the first old module to verify its integrity before executing the flash tool.

  The present invention can provide a method for reliably updating the system firmware. Furthermore, the present invention can provide a method for updating with system firmware whose integrity has been verified. Furthermore, according to the present invention, it is possible to provide an update method capable of reducing the amount of code stored in a write-lockable storage area. Furthermore, according to the present invention, an update method with an increased degree of freedom in coding the new system firmware can be provided. Furthermore, according to the present invention, it is possible to provide a computer and a computer program for realizing such a method.

1 is a schematic functional block diagram of a notebook PC according to the present invention. It is a figure which shows an example of the data structure of a non-volatile memory, USB memory, and NVRAM. It is a figure which shows the transition of the data of BIOS_ROM at the time of updating system firmware. It is a flowchart which shows the update procedure of a system firmware. It is a flowchart which shows the update procedure of a system firmware. It is a figure explaining the problem at the time of updating system firmware.

  FIG. 1 is a functional block diagram showing a main hardware configuration of a notebook personal computer (notebook PC) 10. FIG. 1 shows only the hardware necessary to explain the present invention. Since the hardware configuration is well known in the present invention, it will be briefly described here. The north bridge 13 is connected to the CPU 11, the main memory 15, the video controller 17, and the south bridge 21. An LCD 19 is connected to the video controller 17.

  The south bridge 21 has interfaces of various standards. In FIG. 1, a hard disk drive (HDD) 23 is typically connected to SATA, a BIOS_ROM 25 is connected to SPI, a USB connector 27 is connected to USB, and an LPC Fig. 9 shows a state in which the NVRAM 31 is connected. The BIOS_ROM 25 is attached to the motherboard of the notebook PC 10. The USB memory 29 can be an external memory connected to the USB connector 27. The NVRAM 31 is a non-volatile memory that retains memory even when the power is stopped, and has a secure storage area that can be read / locked and locked.

  FIG. 2 is a diagram illustrating an example of the data structure of the BIOS_ROM 25, the USB memory 29, and the NVRAM 31. In the storage area of the BIOS_ROM 25, a boot block 101, a system block 103, and a staging block 105 are defined. All codes and data stored in the BIOS_ROM 25 are called system firmware. In the reference numbers of codes stored in the BIOS_ROM 25, a suffix a is added to the code before the update, and a suffix b is added to the code after the update. In the following description, the description about the code before the update applies to the code after the update.

  The entire code stored in the boot block 101 is referred to as an old CRTM 100a. The old CRTM 100a has the address of the reset vector that is executed first when the CPU 11 is reset. The boot block 101 is a storage area in the BIOS_ROM 25 in which a write lock that prohibits writing can be set. The old CRTM 100a uses the SPI interface of the south bridge 21 to transfer the control right of the CPU 11 to the old BIOS 117a stored in the system block 103 when executing a normal boot routine. 101 is write-locked.

  The old CRTM 100a jumps to the new CRTM 100b-1 without setting the write lock when executing the update according to the present embodiment. The procedure will be described later. The write lock is automatically released when the south bridge 21 is reset. Since the old CRTM 100a itself is a CRTM except when it is updated, the old CRTM 100a performs the write lock of the boot block 101. In addition, when the old CRTM 100a overwrites the boot block 101 with the new CRTM 100b, the old CRTM 100a verifies the integrity of the new CRTM 100b in advance and performs a determination process not to perform a write lock. Therefore, the new CRTM 100b related to the update is not altered by malware after it is manufactured, and it is consistently guaranteed that it is manufactured by the manufacturer who manufactured the old CRTM 100a or the first CRTM.

  The old CRTM 100a is composed of minimum necessary codes such as a basic device initialization code 111a, an execution path control code 112a, an integrity verification code 113a, and an update processing code 115a. The basic device initialization code 111 a is a code for performing a POST (Power On Self Test) process for a minimum device necessary for enabling the reset CPU 11 to use the main memory 15.

  The execution path control code 112a refers to the mixed flag 153 of the NVRAM 31 and determines the boot routine as either a normal boot routine or an update boot routine. The execution path control code 112a is executed as early as possible after the basic device initialization code 111 is executed in order to minimize the code of the old CRTM 100a executed in a state where the old CRTM 100a and the new system firmware are mixed in the BIOS_ROM 25. Is done. The integrity verification code 113a includes a SHA-1 engine for calculating a hash value of the new system firmware at the time of update, and calculating a hash value of the old BIOS 117a before passing the control right of the CPU 11 at the normal boot time. .

  The integrity verification code 113a includes a public key for verifying the integrity of the new system firmware by the PKI method. The integrity verification code 113a verifies the integrity of the BIOS 117a that passes the control right of the CPU 11 next in the actual boot routine. The update processing code 115a refers to the update flag 151 of the NVRAM 31. When it is determined that the old CRTM 100a and the new system firmware are mixed in the BIOS_ROM 25, the mixed flag 153 is set in the NVRAM 31, and when it is determined that they are not mixed, it is normal. After the boot block 101 is write-locked according to the boot routine, the control right of the CPU 11 is transferred to the BIOS 117a.

  The system block 103 is a storage area for storing codes other than CRTM in the system firmware. The start address of the system block 103 is a fixed address. The system block 103 stores an old BIOS 117a, an old flash driver 119a, and an old encryption digest 121a. The old BIOS 117a displays a POST code for inspecting and initializing the device, an I / O code for directly controlling the device, a password processing code for processing a power-on password and an HDD password, and a setup screen to set up the BIOS. For example, and a power management code for controlling the power supply of the notebook PC 10.

  The old BIOS 117a may have a SHA-1 engine and a public key for verifying the integrity of the device firmware and the boot loader that pass control of the CPU 11 next. Thus, by verifying the completeness of the module to which each module next passes the control right, it is possible to construct a software trust chain in the entire system based on the old CRTM 100a.

  The old flash driver 119 a is a code that is a copy source for writing the old CRTM 100 a-1 written in the staging block 105 when it was last updated into the boot block 101. The old flash driver 119a is not executed after the old system firmware is updated. The old encryption digest 121a is data obtained by encrypting a hash value of the old system firmware with a secret key held by a genuine manufacturer. This digest covers the system block 103 and the staging block 105. The staging block 105 is a storage area temporarily used for updating the system firmware. The start address of the staging block 105 is a fixed address. In the staging block 105, the old CRTM 100a-1 is stored. The old CRTM 100a-1 is required only when updating with the same code as the old CRTM 100a stored in the boot block 101.

  The USB memory 29 includes a new system firmware 131, a flash tool 133, an OS 135, and an encryption digest 137. The new system firmware 131 is a new code for rewriting the old system firmware stored in the BIOS_ROM 25. The flash tool 133 is a code that performs processing for causing the old CRTM 100a to update instead of normal boot when the CPU 11 is reset.

  The flash tool 133 expands the new system firmware 131 in the main memory 15 when updating. The OS 135 is a program that provides an interface between the flash tool 133 and hardware. The encryption digest 137 is data obtained by encrypting the hash values of the flash tool 133 and the OS 135 stored in the USB memory 29 with a secret key held by the manufacturer of the old system firmware.

  The NVRAM 31 has an update flag 151 and a mixed flag 153. The update flag 151 is set by the flash tool 133, and the mixed flag 153 is set by the update processing code 115a of the old CRTM 100a. The update flag 151 and the mixed flag 153 are set in a write-lockable storage area of the NVRAM 31. The write lock of the NVRAM 31 is released when the south bridge 21 is reset, but the update processing code 115a writes the lock to the LPC interface of the south bridge 21 after setting the update flag 151 or the mixed flag 153. Set. When the old BIOS 117a determines that the boot device is the USB memory 29, the old BIOS 117a releases the write lock of the NVRAM 31 when the control right is transferred to the flash tool 133.

  FIG. 3 is a diagram showing the transition of codes written in the BIOS_ROM 25 when the system firmware is updated. FIG. 3A shows a state before update, FIG. 3B shows a state in the middle of update, and FIG. 3C shows a state in which the update is completed. 4 and 5 are flowcharts showing a system firmware update procedure. Next, a procedure for updating the system firmware will be described with reference to FIGS.

  In the block 201 of FIG. 4, the old system firmware is stored in the BIOS_ROM 25 as shown in FIG. The old system firmware includes the old CRTM 100 a stored in the boot block 101, the old BIOS 117 a stored in the system block 103, the old flash driver 119 a, the old encryption digest 121 a, and the old stored in the staging block 105. It consists of CRTM100a-1.

  The reason for the update is in the old CRTM 100a stored in the boot block 101 and / or the old BIOS 117a stored in the system block 103. In block 203, when the USB memory 29 including the new system firmware 131 is attached to the USB connector 27 and the power is started from the power-off state, the CPU 11 is reset and the old CRTM 100a is executed. At this time, the south bridge 21 is also reset, and the write lock of the NVRAM 31 is automatically released. Next, the POST code of the BIOS 117a is executed following the old CRTM 100a.

  While the POST code is being executed, the user presses a specific function key to call up the setup code and display the BIOS setup screen on the LCD 19. The user sets the USB memory 29 to the highest level of the boot device through the setup screen and ends the setup. When POST is completed, the BIOS 117a verifies the integrity in block 205 and then loads the flash tool 133 and OS 135 into the main memory 15.

  In block 207, the flash tool 133 reads the new system firmware 131 into the main memory 15, and in block 209 writes the new system firmware in the system block 103 and the staging block 105. The state of the BIOS_ROM 25 at this time is shown in FIG. In FIG. 3B, the boot block 101 stores the old CRTM 100a, but the system block 103 is written with the new BIOS 117b, new flash driver 119b, and new encryption digest 121b, and the staging block 105. Is written with a new CRTM 100b-1.

  In block 211, the flash tool 133 sets the update flag 151 in the NVRAM 31. At block 213, the flash tool 133 restarts the power supply. When the notebook PC 10 is powered on / reset, the CPU 11 starts the boot by executing the old CRTM 100a in block 301 of FIG. At this time, the write lock of the NVRAM 31 is also automatically released. In block 303, the execution path control code 112 a refers to the mixed flag 153 in the NVRAM 31.

  Since the mixed flag 153 is not set at this time, the execution path control code 112a jumps to the integrity verification code 113a. In block 305, the integrity verification code 113a verifies the integrity of the new system firmware 131 written to the system block 103 and the staging block 105. The integrity verification code 113a calculates a hash value of the new system firmware 131.

  The integrity verification code 113a includes the digest obtained by decrypting the new encrypted digest 121b with the public key generated in pair with the secret key used for encrypting the digest when the new encrypted digest 121b is generated, and the calculated new system. The hash values (digests) of the firmware 131 are compared. If the two match, the new system firmware is manufactured by the manufacturer who provided the public key held by the old CRTM 100a, and the integrity verification is successful. If they do not match, the new system firmware has been tampered with after being manufactured by a genuine manufacturer or manufactured by a third party and integrity verification fails.

  If the integrity verification fails, the process proceeds to block 311, and if successful, the process proceeds to block 321. In block 311, the integrity verification code 113 a sets a write lock for the boot block 101. In block 313, the integrity verification code 113a beeps to inform the user that the update has failed and stops the operation of the notebook PC 10.

  Thereafter, the user can store the complete new system firmware in the USB memory 29 and update again. Alternatively, the old BIOS 117a, the old flash driver 119a, and the old encrypted digest 121a written in the system block 103 before writing the new system firmware into the BIOS_ROM 25 are saved in any nonvolatile memory, and the old system is saved. -You may make it write back to firmware.

  In block 321, the integrity verification code 113a passes the control right of the CPU 11 to the update processing code 115a. The update processing code 115 a refers to the NVRAM 31 and confirms the update flag 151. At this time, since the update flag 151 is set in the block 211, the process proceeds to the block 331. In block 331, the update processing code 115 a sets the mixed flag 153 in the NVRAM 31. In block 333, the update processing code 115a resets the CPU 11 without setting a write lock for the boot block 101, and proceeds to block 301.

  The block 321 is shifted to the block 323 when the normal boot routine is executed without setting the update flag 151 in the block 211. In block 323, the update processing code 115a sets a write lock to the boot block 101, and then jumps to the POST code of the old BIOS 117a to continue the normal boot routine. When POST ends, at block 325, the BIOS 117a reads the boot loader whose integrity has been verified and executes a normal boot routine.

  When the block 333 is changed to the block 301, the south bridge 21 is not reset, but the write block of the boot block 101 remains released at block 333. In block 303, the execution path control code 112a refers to the mixed display flag 153 in the NVRAM 31 and shifts to block 341. In block 341, the execution path control code 112a skips the integrity verification code 113a and jumps to the start address of the new CRTM 100b-1 written in the staging block 105.

  When the power-on reset is performed after the write lock is performed in the block 333, the execution path control code 112a can move to the block 341 without performing the write lock of the boot block 101. At block 343, the new CRTM 100b-1 jumps to the new BIOS 117b of the system block 105 when it completes its processing. If it can be confirmed that the mixed flag 153 is set in the NVRAM 31 in the CRTM 100b-1, the integrity verification code 113b can be skipped.

  When the new BIOS 117b confirms that the mixed flag 153 is set in the NVRAM 31, the new CRTM 100b-1 written to the staging block 105 using the new flash driver 119b is replaced with the old CRTM 100a during the POST process. Is overwritten on the boot block 101 in which is written. The state of the BIOS_ROM 25 at this time is shown in FIG.

  FIG. 3C shows a state in which a new CRTM 100 b that is the same code as the new CRTM 100 b-1 in the staging block 105 is written in the boot block 101. In block 345, the new flash driver 119b clears the update flag 151 and the mixed flag 153 of the NVRAM 31, resets the CPU 11 in block 347, and executes the new CRTM 100b in block 349. Thereafter, returning to block 303, the normal boot routine by the new system firmware 131 is executed. Note that the new CRTM 100b-1 of the staging block 105 is not executed during subsequent boots.

  The new system firmware 131 sets a write lock in the boot block 101 and NVRAM 31 in block 323 via the execution path from block 301 to block 321, and moves to block 325. The procedure after the block 301 is executed in a safe environment that is not attacked by malware before the OS stored in the HDD 23 is loaded after the notebook PC 10 is powered on. Since the update is stopped when the old CRTM 100a does not recognize the integrity of the new system firmware 131, it can be updated to a safe system firmware in a secure environment. In addition, since the integrity verification is performed using the original manufacturer's public key stored in the boot block 101, the chain of trust of the program from the beginning of manufacture of the notebook PC 10 can be maintained.

  If the above procedure is followed, when booting is started with the old CRTM 100a and the new system firmware 131 coexisting in the BIOS_ROM 25 as shown in FIG. 3B, the old CRTM 100a will check the mixed flag 153 at an early stage. Jump to CRTM100b-1. Since the manufacturer codes the new CRTM 100b-1 and the new BIOS 117b at the same timing, the definition of variables can be easily matched. Therefore, even if the definitions of the variables of the old CRTM 100a and the new BIOS 117b are different, if the definitions of the variables of the new CRTM 100b-1 and the new BIOS 117b are consistent, there will be no hang-up during the update.

  In this embodiment, since the new flash driver 119b can be stored in the system block 103 and the code amount of the new CRTM 100b can be reduced, the reliability over time of the CRTM can be improved. So far, the method of providing the new system firmware from the USB memory 29 has been described, but the method of providing the new system firmware is not limited to this. For example, the new system firmware may be downloaded from the HDD 23 to an independent partition of the HDD 23 via the network. The old CRTM 100a verifies the integrity of the entire new firmware, but the integrity of the new CRTM 100b-1 and the new BIOS 117b may be individually verified.

  Although the present invention has been described with the specific embodiments shown in the drawings, the present invention is not limited to the embodiments shown in the drawings, and is known so far as long as the effects of the present invention are achieved. It goes without saying that any configuration can be adopted.

101 Boot block 103 System block 105 Staging block

Claims (18)

A computer updates a first old module and a second old module stored in a non-volatile memory with a first new module and a second new module,
Writing the first new module and the second new module to overwrite the second old module;
The first old module verifies the integrity of the first new module and the second new module;
Executing the first new module in response to a processor reset;
The second new module executed subsequent to the first new module writing the first new module to the storage area in which the first old module was written.   The method of claim 1, wherein the first old module is written to a write-protected storage area of the non-volatile memory.   3. The method according to claim 1, wherein the write-protectable storage area is a boot block having an address that is first executed by the reset processor.   2. The Core Root of Trust for Measurement (CRTM), wherein the first old module and the first new module are located at the top of a chain of trust that ensures the integrity of a program executed on the computer. A method according to any of claims 3 to 4.   The step of executing the first new module includes the step of determining whether the first old module executes the first old module or the first new module. The method in any one of. Setting a mixed flag indicating that the first old module and the second new module coexist in the nonvolatile memory;
6. The method of claim 5, wherein the step of determining includes checking the mixed flag. Connecting a flash tool, a boot device storing the first new module and the second new module;
Following the step of writing the first new module and the second new module, the flash tool setting an update flag;
The method according to claim 6, wherein the step of setting the mixed flag is executed by the first old module executed in response to the reset of the processor confirming the update flag.   8. The method of claim 7, wherein the step of writing the first new module and the second new module includes the step of the flash tool performing. A non-volatile memory in which a boot block for storing a first old module, a system block for storing a second old module, and a staging block for storing the first old module are defined by the computer. A method of updating with a new module and a second new module,
Writing the second new module to the system block and writing the first new module to the staging block;
The first old module verifies the integrity of the first new module and the second new module;
Executing the first new module before the first old module completes execution when the processor is reset;
The second new module executed subsequent to the first new module writing the first new module to the boot block. The boot block stores a public key corresponding to a secret key held by a manufacturer of the first old module, and the system block stores hash values of the first new module and the second new module. Storing an encrypted digest encrypted with the secret key;
Verifying the integrity comprises:
The first old module decrypting the encrypted digest with the public key;
The method of claim 9, wherein the first old module comprises calculating a hash value of the first new module and the second new module.   The method according to claim 9 or 10, wherein the step of executing the first new module comprises the step of not performing a write lock of the boot block. Setting an update flag to reset the processor;
Setting the mixed flag when the first old module detects the update flag and resetting the processor;
The step of executing the first new module includes the step of jumping from the first new module to the first new module when the first old module detects the mixed flag. The method according to claim 11.   The method of claim 12, further comprising setting a write lock on the boot block to perform a normal boot when the first old module does not detect the update flag. A processor;
A non-volatile memory storing a first old module to be executed first when the processor is reset and a second module to be executed subsequent to the first old module;
An interface connectable to a storage device storing a first new module for updating the first old module and a second new module for updating the second old module;
Means for writing the first new module and the second new module to the non-volatile memory to overwrite the second old module;
Means for executing the first old module to verify the integrity of the first new module and the second new module;
Means for executing the first new module in response to a reset of the processor;
A computer comprising: the second new module executed subsequent to the first new module; and means for writing the first new module into a storage area in which the first old module has been written.   The storage area in which the first old module is written is a boot block in which a write lock can be set before the first old module transfers control of the processor to the second old module. Item 15. The computer according to Item 14.   16. The computer according to claim 14, wherein the first old module and the first new module are guaranteed by a public key infrastructure (PKI) method by the computer manufacturer. In order to update the non-volatile memory storing the first old module and the second old module with the first new module and the second new module,
The first old module verifying the integrity of the first new module and the second new module written to overwrite the second old module;
Jumping from the first old module to the first new module in response to a reset of the computer;
A computer for executing a process including a step of writing the first new module in a storage area in which the first old module is stored, the second new module executed following the first new module. ·program. A computer for updating a non-volatile memory in which a boot block for storing a first old module, a system block for storing a second old module, and a staging block for storing the first old module are defined. ,
The old module verifies the integrity of the second new module written to the system block and the first new module written to the staging block;
Executing the first new module before the first old module completes execution when the processor is reset;
A computer program causing the second new module to be executed subsequent to the first new module to execute a process including writing the first new module to the boot block.

Images