Computing systems employing measurement of boot components, such as prior to trusted platform module (TPM) availability, for enhanced boot security, and related methods

Assignee

• Ampere Computing LLC · US

Inventors

• Vivek Kumar · Foster City, US
• Harb Abdulhamid · Raleigh, US
• Loc Ho · Anaheim, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/575
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

In exemplary aspects, to extend the measured boot process performed by a trusted platform module (TPM) circuit to earlier, primitive boot components that are processed before the TPM circuit becomes available to perform boot measurements, a secure boot processing system is configured to measure earlier, primitive boot components. The measured primitive boot components are used to update a virtual configuration register (CR) value in a final virtual CR. The TPM circuit uses the final virtual CR value as an initial starting CR value to measure subsequent boot components to provide end-to-end security for boot operations. In this manner, the final virtual CR value protects boot integrity of boot operations of its CPU even if they occur before availability of the TPM circuit.