Patent application number | Description | Published |
20080209124 | SYSTEM, METHOD AND APPARATUS TO AGGREGATE HETEROGENEOUS RAID SETS - A method according to one embodiment may include partitioning a plurality of core processors into a main partition comprising at least one processor core capable of executing an operating system and an embedded partition comprising at least one different processor core. The main partition and embedded partition may communicate with each other through a bridge. The embedded partition of this embodiment may be capable of: mapping two or more mass storage systems, coupled to the embedded partition, into a single logical device; presenting the logical device to the bridge; and receiving at least one I/O request, generated by the main partition and directed to the logical device, and in response to the I/O request, the embedded partition may be further capable of communicating with at least one of the two or more mass storage systems using at least one communication protocol to process said I/O request; and reporting the status of the I/O request to the main partition, via the bridge. | 08-28-2008 |
20080228971 | Device modeling in a multi-core environment - A method and apparatus for modeling devices in a multi-core environment is herein described. A hardware offload engine or add-in device is modeled by offload engine code or device model code stored in memory. An event agent in a hypervisor traps accesses to the offload engine or add-in device and routes them to at least one core of a multi-core processor to be serviced. The core of the multi-core processor executes the offload engine code or device model code to emulate the physical hardware offload engine or add-in device to service the access. Therefore, virtual devices may be provided by providing virtual device code, allowing upgrade of a computer system without adding physical hardware. | 09-18-2008 |
20080235436 | STORAGE ACCESS CONTROL - A system and device are disclosed. In one embodiment, the system includes a processor, system memory, chipset, flash memory, and flash memory controller. The flash memory controller includes a base address register for a flash memory hidden protected area (HPA) to store a flash memory HPA base address, a size register for a flash memory HPA to store a size of the flash memory HPA, and control logic to allocate a portion of the flash memory as a flash memory HPA using the flash memory HPA base address and the flash memory HPA size address. | 09-25-2008 |
20080244105 | ENHANCING PERFORMANCE OF INPUT-OUTPUT (I/O) COMPONENTS - A computing platform may comprise a flash memory that may operate as a cache to the transactions targeting the hard disk. The flash memory may increase the speed of fulfilling the transactions (or reduce the latency) and may consume lesser power compared to the hard disk fulfilling the transactions. The latency and higher power consumption of the hard disk may be associated with the physically moving parts of the hard disk. A host device and a chipset may send the transactions to the flash memory if the I/O routing is enabled, which otherwise may be routed to the hard disk. | 10-02-2008 |
20080244122 | Providing keyboard, video, mouse switching via software - A keyboard, video, mouse switch may be implemented by software. An agent in a sequestered partition may handle routing of input and output requests for handling by a remote, common, keyboard, video, or mouse used for a plurality of servers. | 10-02-2008 |
20080244212 | SYSTEM AND METHOD TO ENABLE HIERARCHICAL DATA SPILLING - In some embodiments, the invention involves managing access to firmware non-volatile storage which is currently an extremely limited resource. A system and method provide a seamless means by which to enable spilling of such access to an alternate non-volatile storage target. One embodiment uses a virtualization platform to proxy NV store I/O requests via a virtual machine manager (VMM). Another embodiment uses an embedded platform to proxy I/O requests. Another embodiment uses IDS redirection in an embedded microcontroller on the platform to proxy I/O requests. Non-priority data may be stored in the alternative medium, even when space is available on the firmware memory store, based on platform policy. Other embodiments are described and claimed. | 10-02-2008 |
20080244249 | Managed redundant enterprise basic input/output system store update - A basic input/output system may be stored on two different memories coupled to active management technology firmware and a trusted platform module. The trusted platform module ensures that access to the correct memory. One of the memories is selected to store an update of the basic input/output system. | 10-02-2008 |
20080244250 | Instant on video - In some embodiments, the invention involves speeding boot up of a platform by initializing the video card early on in the boot process. In an embodiment, processor cache memory is to be used as cache as RAM (CAR). Video graphics adapter (VGA) card initialization uses the CAR instead of system RAM to perform initialization. A portion of the firmware code, interrupt vector tables and handlers are mirrored in the CAR, from flash memory to mimic the behavior of system RAM during the video initialization. VGA initialization may occur before system RAM has initialized to enable early visual feedback to a user. Other embodiments are described and claimed. | 10-02-2008 |
20080244252 | USING PROTECTED/HIDDEN REGION OF A MAGNETIC MEDIA UNDER FIRMWARE CONTROL - A method and firmware for accessing a protected area of a magnetic storage device via firmware control. During early system initialization, various firmware components are loaded and executed to initialize a computer system. These firmware components include a firmware driver for accessing magnetic storage devices connected to the computer system. The system firmware enables a protected area on a magnetic storage device's media to be accessed under firmware control. After firmware accesses, the protected area is closed from access by non-firmware entities (e.g., operating systems) by “hiding” the true size of the media such that those entities are unaware of this area of the media. Mechanisms are disclosed for providing firmware access to the protected area only during pre-boot, and for both pre-boot and run-time operations. The firmware-controlled media access scheme may be used to load firmware stored on magnetic media during pre-boot and to store system information in the protected area during pre-boot and/or run-time operations. | 10-02-2008 |
20080244257 | Server active management technology (AMT) assisted secure boot - In some embodiments, the invention involves a system and method relating to secure booting of a platform. In at least one embodiment, the present invention is intended to securely boot a platform using one or more signature keys stored in a secure location on the platform, where access to the signature is by a microcontroller on the platform and the host processor has no direct access to alter the signature key. Other embodiments are described and claimed. | 10-02-2008 |
20080244259 | Component firmware integration in distributed systems - A plurality of platforms may be defined in a distributed system. Each of the platforms may include a processor and a chipset from a common source on a single motherboard. Extensible firmware interface drivers are provided for the processors and the chipsets. Each of the platforms may be defined pursuant to a system definition model where the system definition model defines the firmware for each of the platforms. As a result, any of the platforms can be updateable from a common source, such as an Internet web site. | 10-02-2008 |
20080244267 | Local and remote access control of a resource - Embodiments of the invention are generally directed to systems, methods, and apparatuses for local and remote access to a resource. In some embodiments, an integrated circuit includes a configurable hardware resource. In addition, the integrated circuit may also include access control logic to authenticate agents that attempt to configure the resource. In some embodiments, the agents may be in-band or out-of-band agents. Other embodiments are described and claimed. | 10-02-2008 |
20080313449 | Offloading the processing of a network protocol stack - A computer system is partitioned during a pre-boot phase of the computer system between a first partition and a second partition, wherein the first partition to include a first processing unit and the second partition to include a second processing unit. An Input/Output (I/O) operating system is booted on the first partition. A general purpose operating system is booted on the second partition. Network transactions are issued by the general purpose operating system to be performed by the I/O operating system. The network transactions are performed by the I/O operating system. | 12-18-2008 |
20090006717 | EMULATION OF READ-ONCE MEMORIES IN VIRTUALIZED SYSTEMS - The subject matter herein relates to computer systems and, more particularly, to emulation of read-once memories in virtualized systems. Various embodiments described herein provide systems, methods, and software that leverage the value of read-once memory for purposes such as keeping data or instructions secret and protected from unauthorized viewers, applications, hackers, and other processes. Some such embodiments include a virtual machine manager that emulates hardware memories in a system memory to facilitate virtual access to the hardware memories. | 01-01-2009 |
20090006827 | Firmware Processing for Operating System Panic Data - A processor includes firmware and at least one instance of an operating system (OS). When the OS encounters an unrecoverable error (a “panic”), data regarding the error is pushed to the firmware via capsule services, rather than immediately being displayed to the screen via legacy video INT10h services. The panic data may be provided to the OS and displayed by the OS after a reset. Other embodiments are also described and claimed. | 01-01-2009 |
20090006830 | ENCRYPTION ACCELERATION - The subject mater herein relates to data processing and, more particularly, to encryption acceleration. Various embodiments herein provide devices and systems including a standardized encryption application programming interface embedded in firmware to perform encryption services. Some such embodiments move encryption operations away from operating system processes into firmware. As a result, encryption operations are generally accelerated. | 01-01-2009 |
20090006834 | PROXIED FIRMWARE UPDATES - The subject mater herein relates to computing systems and, more particularly, to proxied firmware updates. Some embodiments provide one or more of systems, methods, software, and firmware that, upon receiving a source of power, initialize an out-of-band controller that, may initialize a network interface to facilitate communication by the out-of-band controller with network resources and receive a firmware update payload from a remote network source over the network interface. These, and other embodiments may also include powering on a computing system including a BIOS and initializing at least a portion of the BIOS. If the computing system supports proxied firmware updates and a firmware update exists in a memory, such embodiments retrieve the payload and launching the payload to implement the firmware update. | 01-01-2009 |
20090006837 | METHOD AND APPARATUS FOR IMPROVED MEMORY RELIABILITY, AVAILABILITY AND SERVICEABILITY - Methods and apparatus dynamically reconfigure storage or channel capacities in a memory system. A fully-buffered dual in-line memory module (DIMM) is configured for a particular storage capacity and a particular channel capacity. An error may be detected at a memory address in some portion of the DIMM. To resolve the problem, the storage capacity or the channel capacity may be reduced and the DIMM may be dynamically reconfigured according to the reduced capacity. For one embodiment the DIMM may be reconfigured by mapping the portion of the DIMM containing the error as unavailable and taking that portion off-line without taking the entire DIMM off-line. For another embodiment the DIMM may be reconfigured by throttling the DIMM at a reduced frequency. The portion of the DIMM containing the error may be retested at the reduced frequency. If no errors are detected, the DIMM may be made available at the reduced frequency. | 01-01-2009 |
20090006859 | SYSTEM AND METHOD FOR OUT-OF-BAND ASSISTED BIOMETRIC SECURE BOOT - In some embodiments, the invention involves using a dedicated service processor with out-of-band capabilities to enable a secure boot using biometric data to authenticate the user. In some embodiments, at least a secondary token is used enhance the secure boot. An off-line database may be accessed by the service processor during boot to store or retrieve biometric templates to compare with scanned, live, biometric data. Other embodiments are described and claimed. | 01-01-2009 |
20090007089 | Method and Apparatus to Enable Dynamically Activated Firmware Updates - Dynamic updating of firmware in a processing system without performing a system reset may be accomplished by allocating memory space for updated firmware in a dynamic random access memory of the processing system during the system initialization process for the processing system; receiving the updated firmware during runtime of the processing system; validating the updated firmware; storing the updated firmware into the allocated memory space when the updated firmware is validated; and setting a pointer variable indicating the start of a portion of the firmware to point to the start of the updated firmware stored in the allocated memory space. | 01-01-2009 |
20090007104 | PARTITIONED SCHEME FOR TRUSTED PLATFORM MODULE SUPPORT - The subject mater herein relates to processing of sensitive data and, more particularly, to a partitioned scheme for trusted platform module support. Various embodiments provide systems, methods, and software that instantiate one or more emulated trusted platform modules in respective sequestered processor cores. In some embodiments, a trusted platform module in instantiated in a processor core, sequestered for the trusted platform module, for each operating system or virtual machine operating on a computing device. The operating system may then communicate with the appropriate trusted platform module over a secure communication channel, such as an interpartition bridge. | 01-01-2009 |
20090023414 | Software-Defined Radio Support in Sequestered Partitions - A software-defined radio (SDR) capability may be provided in a general purpose, many core processing system by sequestering one or more partitions running on one or more cores and instantiating a communications capability by having discrete SDR functions performed by the sequestered partitions. Each SDR module embodied in a sequestered partition may be independently upgraded without modifying the hardware of the underlying processing system. By executing SDR modules in cores not accessible by application programs and/or an operating system (OS), a better Quality of Service (QoS) may be provided for wireless communications on the general purpose, multi-core processing system. An embodiment comprises isolating a core of a many core processing system as a sequestered partition, loading a software-defined radio module onto the core, and executing the software-defined module to implement wireless communications. | 01-22-2009 |
20090031010 | OS Independent Device Management Methods and Apparatuses - An apparatus adapted to facilitate remote configuration and/or management of a system, independent of its operating system, is disclosed. In various embodiments, the apparatus includes a first and a second interface coupled to an input device and a network interface of the system respectively, and a controller. | 01-29-2009 |
20090037719 | Enabling a heterogeneous blade environment - In one embodiment, the present invention includes a method for receiving a request for power-up of a first blade of a chassis, enabling the first blade to power-up in a reduced boot mode and receiving a communication including characteristic information and policy information associated with the first blade, and analyzing the characteristic information and the policy information to determine a policy and a boot configuration for the first blade. Other embodiments are described and claimed. | 02-05-2009 |
20090063835 | Method for firmware isolation - In one embodiment, the present invention includes a method for determining if an isolation driver is present and a processor supports virtualization, launching the isolation driver in a first privilege level different than a system privilege level and user privilege level, creating a 1:1 virtual mapping between a virtual address and a physical address, using the isolation driver, and controlling access to a memory page using the isolation driver. Other embodiments are described and claimed. | 03-05-2009 |
20090063836 | Extended fault resilience for a platform - In one embodiment, the present invention includes a method for allocating a fail-over memory region, determining if multiple processors have reached a rendezvous state, and verifying a memory failure in a system software memory region associated with a non-rendezvousing processor and sending a message to the non-rendezvousing processor to update a range register to the fail-over memory region. Other embodiments are described and claimed. | 03-05-2009 |
20090064274 | Dual non-volatile memories for a trusted hypervisor - In one embodiment, the present invention includes a method for executing a first code portion of a pre-boot environment from a first non-volatile memory, authenticating a trusted hypervisor in the first non-volatile memory using the first code portion, executing the trusted hypervisor if the trusted hypervisor is authenticated, and authenticating a basic input/output system (BIOS) present in a second non-volatile memory with the trusted hypervisor and transferring control from the trusted hypervisor to the BIOS if the BIOS is authenticated. Other embodiments are described and claimed. | 03-05-2009 |
20090070574 | Remote diagnostic apparatus - Example apparatus and methods associated with remote diagnostics are described. One apparatus embodiment includes a logic to determine a state of a device associated with a computing platform to which the apparatus is operably connected. The apparatus embodiment may include logic to provide a signal to a remote logic regardless of the state of the computing platform. The apparatus embodiment may also include logic to receive a signal from a remote logic regardless of the state of the computing platform. The apparatus may facilitate actions associated with remote diagnostics including, inventorying add-on devices, controlling add-on device diagnostic execution, and selectively configuring the computing platform based on add-on device diagnostic results. | 03-12-2009 |
20090083528 | SYSTEM INFORMATION SYNCHRONIZATION IN A LINKS-BASED MULTI-PROCESSOR SYSTEM - Various embodiments described herein include one or more of systems, methods, firmware, and software to synchronize system information between processors during system boot in a links-based multi-processor system. Some embodiments synchronize data block by block through memory rather than piece by piece through registers by allowing a System Bootstrap Processor (“SBSP”) to directly access synchronization data in local memory of each of one or more Application Processors. These and other embodiments are described in greater detail below. | 03-26-2009 |
20090089467 | BUS COMMUNICATION EMULATION - Provided are a method, system, and program for initializing a processor of a computer system, to enumerate a remote bus and remote devices coupled to the remote bus, as operating components of the computer system. In another embodiment, a controller stores a message containing a directive in a memory shared by a processor of a computer system and the controller which may be operated independently of the state of said processor and said operating system. The processor may read a message stored in the shared memory by the controller and process the message. In addition, the processor may store a message intended for the controller to provide, for example, status information to be forwarded to another computer system. Other embodiments are described and claimed. | 04-02-2009 |
20090129597 | REMOTE PROVISIONING UTILIZING DEVICE IDENTIFIER - Embodiments of the present invention provide for remote provisioning using a device identifier. In some embodiments, a client device may transmit the device identifier to a provisioning server and, sometime after an association of the device identifier and the client device has been authenticated, receive an operating system boot image from the provisioning server. Other embodiments may be described and claimed. | 05-21-2009 |
20090132839 | Method and device to handle denial of service attacks on wake events - A method and device may selectively resume a computing device from a low power state according to a security policy. The security policy may be embedded in the hardware of the computing device and may be enforced even when the device is in a low power state. Such a policy may provide protection from hacker and virus based denial of service attacks using a flood of packets formatted to provide a wake event request. Other embodiments are described and claimed. | 05-21-2009 |
20090138875 | METHOD, PROGRAM AND SYSTEM TO UPDATE FILES IN A COMPUTER SYSTEM - Provided is a method, program and system to update files in a computer system. A patch is received for an installed program in a computer and message from a server over a network. Program files for the installed program are updated with contents of the patch. A determination is made as to whether the message indicates to automatically reboot the computer. Information is generated to a user indicating that the computer will be automatically rebooted. Operations are initiated in the computer to reboot the computer after a delay period to provide the user opportunity to close files and applications before the reboot. | 05-28-2009 |
20090144046 | METHOD TO ENCAPSULATE AN OPTION ROM FOR OPERATION IN MULTIPLE FIRMWARE AND PLATFORM ARCHITECTURES - A method and apparatus described herein are for providing a simplified option Read Only Memory (ROM) that is compatible in multiple firmware and platform architectures. Instead of providing multiple option ROM images for every variation of platform architecture and firmware architecture, a single code image is provided along with an interpreter stub. If the default code type of the code image is supported by a platform, then the option ROM is directly launched from the single code image without launching the interpreter stub. However, if a device including the option ROM is inserted in a different variation of platform or firmware architecture that does not support the single code image code type, then the interpreter is launched, which in turn interprets, translates, and/or launches the single code image. | 06-04-2009 |
20090144754 | BIOS ROUTINE AVOIDANCE - A method, computer readable medium, and device are disclosed. In one embodiment the method includes determining whether an entry exists in a firmware interface table to direct the processor to handle the event in a non-legacy mode. This is done after an event for a processor that triggers a legacy mode processor handling routine. The method also includes the processor handling the event in the non-legacy mode when the entry exists. | 06-04-2009 |
20090150594 | METHOD TO MINIMIZE FLASH WRITES ACROSS A RESET - A method and apparatus described herein are for minimizing flash writes across reset. When a commonly accessed variable is to be updated, an erase conscious value is written to minimize erase operations. As an example, the location for the commonly accessed variable holds consecutive values to represent a usable value instead of a binary representation. Furthermore, when the commonly accessed variable is to be read, the stored value is translated into the associated usable value for use by a system. | 06-11-2009 |
20090163226 | Device, system, and method of power saving using location sensing modules - A method, apparatus and system for, in a computing apparatus, periodically activating a location operating system detecting a substantial change in the location of the apparatus, selecting a computing environment from a predetermined set of computing environments based on the change in the location of the apparatus, where the selected computing environment may be the most appropriate computing environment for the changed location, and altering the power mode of one or more components of the apparatus, specified by the selected computing environment. | 06-25-2009 |
20090164770 | HYPERVISOR RUNTIME INTEGRITY SUPPORT - A method and system are disclosed. In one embodiment the method includes computing, during runtime, an active hash value of a hypervisor on a computer platform using an authenticated integrity agent. The method also includes comparing the active hash value to a registered hash reference value. The method also includes verifying the integrity of the hypervisor when the active hash value and the registered hash reference value match. | 06-25-2009 |
20090164772 | LOCATION BASED POLICY SYSTEM AND METHOD FOR CHANGING COMPUTING ENVIRONMENTS - A system and method for changing compute environments for a mobile platform device. The mobile platform includes a sensory and location determination engine coupled to a policy engine. The sensory and location determination engine determines a current location of the mobile platform device and the policy engine determines what applications to launch, what applications not to launch, and what core usage to invoke for the determined location of the mobile platform device. | 06-25-2009 |
20090164837 | Reliable memory for memory controller with multiple channels - One embodiment of the invention includes a memory RAS mode whereby a multi-channel memory controller utilizes both memory mirroring and memory sparing to form more complete memory redundancy loss protection. | 06-25-2009 |
20090169020 | Migration of full-disk encrypted virtualized storage between blade servers - A method, system and computer-readable storage medium with instructions to migrate full-disk encrypted virtual storage between blade servers. A key is obtained to perform an operation on a first blade server. The key is obtained from a virtual security hardware instance and provided to the first blade server via a secure out-of-band communication channel. The key is migrated from the first blade server to a second blade server. The key is used to perform hardware encryption of data stored on the first blade server. The data are migrated to the second blade server without decrypting the data at the first blade server, and the second blade server uses the key to access the data. Other embodiments are described and claimed. | 07-02-2009 |
20090172125 | METHOD AND SYSTEM FOR MIGRATING A COMPUTER ENVIRONMENT ACROSS BLADE SERVERS - A method and system for migrating a computer environment, such as a virtual machine, from a first blade server to a second blade server includes storing data generated by the first and second blade servers on a shared hard drive and transferring a logic unit number from the first blade server to the second blade server. The logic unit number identifies a location of the shared hard drive used by the first blade server to store data. Additionally, the state of the central processing unit of the first blade server may be transferred to the second blade server. | 07-02-2009 |
20090172228 | METHOD AND SYSTEM FOR HANDLING A MANAGEMENT INTERRUPT EVENT IN A MULTI-PROCESSOR COMPUTING DEVICE - A method and system for handling a management interrupt, such as a system management interrupt (SMI) and/or a platform management interrupt (PMI), includes sequestering two or more processor cores from a plurality of processor cores to form a group of sequestered processor cores for handling the management interrupt. Generated management interrupts are directed to the group of sequestered processor cores and not to non-sequestered processor cores. At least one of the sequestered processor cores handles the management interrupt without disrupting the current operation of the non-sequestered processor cores. | 07-02-2009 |
20090172232 | METHOD AND SYSTEM FOR HANDLING A MANAGEMENT INTERRUPT EVENT - A method and system for handling a management interrupt, such as a system management interrupt (SMI) and/or a platform management interrupt (PMI), includes sequestering one or more processor cores for handling the management interrupt. Generated management interrupts are directed to the sequestered processor core and not to other processor cores allocated to a main partition. The sequestered processor core(s) handles the management interrupt without disrupting the current operation of the remaining processor cores. | 07-02-2009 |
20090172253 | Methods and apparatuses for nonvolatile memory wear leveling - Apparatuses, systems, and computer program products that enable wear leveling of nonvolatile memory devices, such as flash memory devices, are disclosed. One or more embodiments an apparatus that has a receiver and a wear leveling module. The receiver may receive low-level write requests to update direct-mapped values of nonvolatile memory. The wear leveling module may determine physical locations of the nonvolatile memory that correspond to logical locations of the write requests. Alternative embodiments may comprise systems or apparatuses that include one or more various types of additional modules, such as low-level driver modules, error correction code modules, queue modules, bad block management modules, and flash translation layer modules. Other embodiments comprise computer program products that receive a direct-mapped low-level write request, determine a physical write location of nonvolatile memory that corresponds to a logical write location of the low-level write request. | 07-02-2009 |
20090172379 | SYSTEM AND METHOD TO ENABLE PARALLELIZATION OF EARLY PLATFORM INITIALIZATION - In some embodiments, the invention involves reducing the time required for a platform to boot to its target application/operating-system using parallelization of firmware image content decompression and loading. An embodiment dispatches alternate processing agents as a means to intelligently assist in off-loading some of the initialization tasks so that the main processor may share the burden of boot tasks. In at least one embodiment, it is intended to build firmware images that facilitate parallelization, utilizing co-processing agents that can split these transactions across various processing agents. Other embodiments are described and claimed. | 07-02-2009 |
20090172381 | ENHANCED NETWORK AND LOCAL BOOT OF UNIFIED EXTENSIBLE FIRMWARE INTERFACE IMAGES - Techniques and architectures to provide high assurance image invocation in a pre-boot environment. These techniques may augment implementations of the Unified Extensible Firmware Interface (UEFI) to invoke UEFI images using Trusted Execution Technology (TXT). This can operate to combine pre-boot secure flows, such as UEFI image invocation, with the secure launch instruction set extensions of TXT. This may entail combination of the UEFI StartImage instruction with the SMX leaf SENTER instruction. This may operate to allow original equipment manufacturer (OEM) firmware as a guard and that uses UEFI and TXT access control logic at the same instance to pass control to the operating system (OS). | 07-02-2009 |
20090172443 | Methods and apparatuses for processing wake events of communication networks - Methods, apparatuses, and computer program products that respond to wake events of communication networks are disclosed. One or more embodiments comprise setting a wake password of a computing device, such as a notebook computer or a server. Some of the embodiments comprise receiving a wake request from a communications network, establishing a secure communication session, and setting the wake password with the secure communication session. Some embodiments comprise an apparatus having a network controller to allow a platform to communicate via a communications network, non-volatile memory that stores a wake password, and a management controller which may communicate with a management console via a secure communication session to update the wake password. One or more embodiments the network controller may wake management hardware and/or wake the management controller while keeping one or more of the devices in the power conservation mode. | 07-02-2009 |
20090172462 | METHOD AND SYSTEM FOR RECOVERY OF A COMPUTING ENVIRONMENT - A method and system for recovery of a computing environment includes monitoring during a pre-boot phase and a runtime phase of a computing device for selection of a hot key sequence by a user and performing a recovery action in response to the selection of the hot key sequence by the user. The recovery action may be any one of a number of predetermined and/or selectable actions such as restoring system defaults, migrating memory, displaying a menu of options, setting various software flags, restarting or rebooting the computing device, and/or the like. | 07-02-2009 |
20090172471 | METHOD AND SYSTEM FOR RECOVERY FROM AN ERROR IN A COMPUTING DEVICE - A method and system for supporting recovery of a computing device includes determining and storing a sub-set of firmware instructions used to establish a pre-boot environment and executing the sub-set of firmware instructions in response to an error. | 07-02-2009 |
20090172661 | METHOD AND SYSTEM FOR ESTABLISHING A ROBUST VIRTUALIZED ENVIRONMENT - A method and system for establishing a virtualized environment includes booting a first virtual machine monitor to establish a first virtual machine and booting a second virtual machine monitor in the first virtual machine. The first and second virtual machine monitors may be hypervisors. The method may also include directing management interrupts, such as system management interrupts and/or platform management interrupts, to the first virtual machine monitor. | 07-02-2009 |
20090172690 | System and Method for supporting metered clients with manycore - In some embodiments, the invention involves partitioning resources of a manycore platform for simultaneous use by multiple clients, or adding/reducing capacity to a single client. Cores and resources are activated and assigned to a client environment by reprogramming the cores' route tables and source address decoders. Memory and I/O devices are partitioned and securely assigned to a core and/or a client environment. Instructions regarding allocation or reallocation of resources is received by an out-of-band processor having privileges to reprogram the chipsets and cores. Other embodiments are described and claimed. | 07-02-2009 |
20090172698 | METHOD AND SYSTEM FOR PROVIDING KEYBOARD, VIDEO, AND MOUSE SWITCHING - A method and system for providing keyboard, video, and mouse switching includes establishing a basic input/output system (BIOS) agent and an operating system (OS) agent on a server of a plurality of servers. The basic input/output system agent routes input/output data between the server and a remote keyboard, remote video device, and/or remote mouse over a network during a pre-boot phase of the server. The operating system agent routes input/output data between the server and the remote keyboard, remote video device, and/or remote mouse over the network during a runtime phase of the server. The basic input/output agent may pass data to the operating system agent to indicate that a communication connection has been established between the server and the remote keyboard, remote video device, and/or remote mouse. | 07-02-2009 |
20090172712 | BIOS RUNTIME SERVICES INTERFACE - A method and article of manufacture for accessing at least one unexposed runtime service. | 07-02-2009 |
20090172797 | METHOD AND SYSTEM FOR SECURING APPLICATION PROGRAM INTERFACES IN UNIFIED EXTENSIBLE FIRMWARE INTERFACE - A method and system for securing an unified extensible firmware interface application program interface includes establishing a software hook for the application program interface during a pre-boot phase of a computing device and granting or denying access to the application program interface based on a comparison of a user token, which identifies the user, and an access control entry of an access control list associated with the application program interface. | 07-02-2009 |
20090240963 | Distributed advanced power management - Power management commands from virtual machines (VMs) in a VM environment may be trapped by a VM monitor. Depending on the current power states of the other VMs in the VM environment, the VMM may emulate increase or decrease in available resources as applied to the VM issuing the power management commands. The VMM may modify the actual hardware resources available in a platform when such modification may not affect the current power states of the VMs in the VM environment. | 09-24-2009 |
20090249053 | METHOD AND APPARATUS FOR SEQUENTIAL HYPERVISOR INVOCATION - In some embodiments, the invention involves a system and method for invoking a series of hypervisors on a platform. A hardware-based secure boot of a chained series of virtual machines throughout the life of the pre-operating system (OS) firmware/BIOS/loader/option ROM execution, with component-wise isolation of the pre-extensible firmware interface (PEI) and driver execution environment (DXE) cores is utilized. In an embodiment, a Cache-As-RAM (CAR) based hypervisor, executing directly from Flash memory manages sequential invocation of a next hypervisor. Other embodiments are described and claimed. | 10-01-2009 |
20090249120 | REMOTE FIRMWARE RECOVERY - Embodiments of the present invention provide methods, systems, and apparatus for instantiating, by a computing system, a firmware recovery module in response to a detected firmware failure during a system startup. The firmware recovery module establishes access to a remotely disposed recovery server and retrieves from it a replacement or update firmware to address the firmware failure. | 10-01-2009 |
20090254760 | DATA SECURITY - In one embodiment, a method is provided that may include encrypting, based least in part upon at least one key, one or more respective portions of input data to generate one or more respective portions of output data to be stored in one or more locations in storage. The method of this embodiment also may include generating, based at least in part upon the one or more respective portions of the output data, check data to be stored in the storage, and/or selecting the one or more locations in the storage so as to permit the one or more respective portions of the output data to be distributed among two or more storage devices comprised in the storage. Many modifications, variations, and alternatives are possible without departing from this embodiment. | 10-08-2009 |
20090271601 | METHOD, DEVICE, AND SYSTEM FOR PRE-MEMORY SYMMETRIC MULTIPROCESSING FLOW - A cache-as-RAM (CAR) system of a multi-processor system that includes a plurality of processors may be initialized. The CAR system may assign a physical data address range for each of the plurality of processors such that the physical data address ranges allocated to all of the plurality of processors overlap with each other. A boot code stream may be executed with the CAR appearing to the executing boot stream as a memory store for executing the boot code stream. Other embodiments are described and claimed. | 10-29-2009 |
20090271641 | Method and apparatus for quick resumption - When transitioning from sleep mode to active mode, a processing system loads first stage resume content and second stage resume content into a volatile memory of the processing system. The first stage resume content may contain contextual data for a first program that was in use before the processing system transitioned to sleep mode. The second stage resume content may contain contextual data for another program that was in use before the processing system transitioned to sleep mode. The processing system may provide a user interface for the first program before all of the second stage resume content has been loaded into the volatile memory. Other embodiments are described and claimed. | 10-29-2009 |
20090282486 | PRE-BOOT FIRMWARE BASED VIRUS SCANNER - The present disclosure relates to allowing the utilization of a virus scanner and cleaner that operates primarily in the pre-boot phase of computer operation and, more particularly, to allowing the utilization of a virus scanner and cleaner that operates primarily during the loading of an operating system. | 11-12-2009 |
20090300370 | Enabling byte-code based image isolation - In one embodiment, the present invention includes a method for setting an extensible policy mechanism to protect a root data structure including a page table, interpreting a bytecode of a pre-boot driver in a byte code interpreter, and controlling access to a memory location based on the extensible policy mechanism. Other embodiments are described and claimed. | 12-03-2009 |
20090319759 | SEAMLESS FREQUENCY SEQUESTERING - A method and apparatus for seamless frequency sequestering is herein described. In response to a frequency throttle event, controlling software, such as an OS, is provided access to a throttled amount of frequency associated with the frequency throttle event, while another amount of frequency is transparently sequestered for performance of non-controlling software tasks. | 12-24-2009 |
20090319763 | NON-BLOCKING UEFI I/O CHANNEL ENHANCEMENTS - A method and apparatus for providing platform initialization enhancements is discussed herein. In one embodiment, buses, activities, devices, and/or nodes to be processed during boot, are processed in a non-blocking fashion, which potentially results in faster boot times. Moreover, some devices/nodes, such as root nodes, may be boot in an early phase of initialization to enhance both available resources and initialization times. Furthermore, early connects in an early phase of initialization may be performed to construct partial or entire device paths, which also potentially results in faster boot times. | 12-24-2009 |
20090319806 | Extensible pre-boot authentication - In one embodiment, the present invention includes a method for obtaining a pre-boot authentication (PBA) image from a full disk encryption disk in a pre-boot environment, executing the PBA using a chipset to obtain user credential information, authorizing the user based on the user credential information and stored credential information, and storing the user credential information in a PBA metadata region of the disk. Other embodiments are described and claimed. | 12-24-2009 |
20090327679 | OS-MEDIATED LAUNCH OF OS-INDEPENDENT APPLICATION - A system, method, and computer readable medium for an operating system (OS) mediated launch of an OS dependent application is disclosed. An application running within an OS may operate outside an OS environment by constructing for example a capsule file, passing the capsule file to firmware interface, and restarting the system. The firmware interface may load various drivers and applications contained within the capsule file and execute them to perform a task. Upon completion of the task, the OS is booted again and the original application may resume control, making use of any information stored by the firmware interface in a dedicated status table or file. Other embodiments may be employed, and other embodiments are described and claimed. | 12-31-2009 |
20090327684 | Apparatus and method for secure boot environment - In some embodiments, a processor-based system may include at least one processor, at least one memory coupled to the at least one processor, a boot block stored at a first memory location, a capsule update stored at a second memory location, a startup authenticated code module to ensure the integrity of the boot block upon a restart of the processor-based system, code which is executable by the processor-based system to cause the processor-based system to validate the boot block with the startup authenticated code module upon the restart of the processor-based system, and, if the boot block is successfully validated, to validate the capsule update for the processor-based system with the startup authenticated code module. Other embodiments are disclosed and claimed. | 12-31-2009 |
20090327741 | SYSTEM AND METHOD TO SECURE BOOT UEFI FIRMWARE AND UEFI-AWARE OPERATING SYSTEMS ON A MOBILE INTERNET DEVICE (MID) - In some embodiments, the invention involves adding a capability for a platform owner or administrator to ensure that the firmware is only executed in an owner-authorized fashion, such as with signed components managed by a security processor. Embodiments may extend the Core Root of Trust for Measurement (CRTM), via use of a cryptographic unit coupled to the security processor in a mobile Internet device (MID) as a Root-of-Trust for Storage (RTS) Storage Root Key (SRK), into a unified extensible firmware interface (UEFI) Platform Initialization (PI) image authorization and boot manager. Other embodiments are described and claimed. | 12-31-2009 |
20100048173 | DYNAMIC PASSING OF WIRELESS CONFIGURATION PARAMETERS - Methods and apparatuses allow for wireless configuration parameters to be passed to a client to enable the client to configure a wireless network interface to connect to a wireless network. | 02-25-2010 |
20100079472 | METHOD AND SYSTEMS TO DISPLAY PLATFORM GRAPHICS DURING OPERATING SYSTEM INITIALIZATION - Methods and systems to display platform graphics during initialization of an computer system, including to interrupt initialization of an operating system and to update a video frame buffer with platform graphics data when the initialization of the operating system is interrupted, and to merge platform graphics data with graphics generated by operating system initialization logic. The methods and systems include virtualization methods and systems and system management mode methods and systems. | 04-01-2010 |
20100082932 | HARDWARE AND FILE SYSTEM AGNOSTIC MECHANISM FOR ACHIEVING CAPSULE SUPPORT - Methods and apparatus relating to a hardware and file system agnostic mechanism for achieving capsule support are described. In one embodiment, content associate with a capsule are stored in a non-volatile memory prior to a cold reset. A capsule descriptor may also be constructed, prior to the reset, which includes information about the physical location of the capsule content on the non-volatile memory. Other embodiments are also described and claimed. | 04-01-2010 |
20100083002 | Method and System for Secure Booting Unified Extensible Firmware Interface Executables - A method and computing device for secure booting of unified extensible firmware interface executables includes generating a platform private key, signing a third party credential, storing the signed third party credential in a database located in a trusted platform module, and executing a unified extensible firmware interface executable only if an associated signed third party credential is stored in the trusted platform module. | 04-01-2010 |
20100083260 | METHODS AND SYSTEMS TO PERFORM A COMPUTER TASK IN A REDUCED POWER CONSUMPTION STATE - Methods and systems to perform a computer task in a reduced power consumption state, including to virtualize physical resources with respect to an operating environment and service environment, to exit the operating environment and enter the service environment, to place a first set of one or more of the physical resources in a reduced power consumption state, and to perform a task in the service environment utilizing a processor and a second set of one or more of the physical resources. A physical resource may be assigned to an operating environment upon an initialization of the operating environment, and re-assigned to the service environment to be utilized by the service environment while other physical resources are placed in a reduced power consumption state. | 04-01-2010 |
20100088499 | SEAMLESS DATA MIGRATION - Provided are techniques for migrating data. Contents are sealed to one or more registers. In response to determining that secure backup is enabled, platform metrics are stored in a private store. An out-of-band request is received. A response to the out-of-band request is provided using the stored platform metrics. | 04-08-2010 |
20100095140 | System and method for power reduction by sequestering at least one device or partition in a platform from operating system access - In some embodiments, the invention involves a system and method relating to managing power utilization in partitioned systems. In at least one embodiment, the present invention is intended to control the sleeping/wakefulness of devices, as necessary, to minimize power utilization of devices whose accesses are routed away. Inter-partition communication is used to utilize devices in a sequestered partition while devices in the OS partition are put into a sleep state to save power. Other embodiments are described and claimed. | 04-15-2010 |
20100115202 | METHODS AND SYSTEMS FOR MICROCODE PATCHING - Methods and systems for performing microcode patching are presented. In one embodiment, a data processing system comprises a cache memory and a processor. The cache memory comprises a plurality of cache sections. The processor sequesters one or more cache sections of the cache memory and stores processor microcode therein. In one embodiment, the processor executes the microcode in the one or more cache sections. | 05-06-2010 |
20100125723 | METHOD AND SYSTEM TO ENABLE FAST PLATFORM RESTART - A method and system to perform a fast reset or restart of a platform by minimizing the hardware initialization of IO devices in the platform during a restart of the platform. The basic input/output system (BIOS) of the platform traps any software initiated reset request (SIRR) or warm reset. The BIOS restores the input/output (IO) devices coupled with the platform to their previous hardware state to avoid the full platform initialization when the SIRR is trapped. The restart of the platform can be performed in a fast manner as the full platform initialization is minimized. | 05-20-2010 |
20100153603 | Share Resources and Increase Reliability in a Server Environment - Methods and systems for a low-cost high density compute environment with increased fail-over support through resource sharing and resources chaining. In one embodiment, one of a number of servers qualified to share resources is elected as a resource server. The shared resource can be firmware memory, hard-drive, co-processor, etc. The elected server responds to requests from individual requesters and provides the responses, such as firmware images. In one embodiment, all the blade servers on a rack use an image server for their firmware image so that these blade servers can automatically adopt a common personality across the entire rack. If the elected image server fails, a dynamic process elects an alternate image server. In one embodiment, among a set of qualified servers, only one is actively elected at a given time. | 06-17-2010 |
20100169631 | AUTHENTICATION FOR RESUME BOOT PATH - Methods and systems to perform an authentication operation after resuming from a sleep state are presented. In one embodiment, a method includes starting a boot process from a sleep state. The method further includes providing platform services to support an authentication operation as part of the boot process and determining whether to complete the boot process based at least on results of the authentication operation. | 07-01-2010 |
20100169634 | SYSTEM AND METHOD FOR SELF-CLOCKING OS KERNEL BOOT - In some embodiments, the invention involves a system and method to enable a mobile device to utilize self-clocking during boot. In at least one embodiment, a platform has at least one processor core coupled to an internal timer. For an X86 processor, the internal timer may reside in an advanced programmable interrupt controller. A boot kernel executing on the platform is configured to use the internal timer early in the boot phase, when the platform is not compliant with legacy PC/AT architecture. If the platform does conform to the legacy architecture, then the boot may use an external clock for timing and clocking early in boot. In both cases, the internal timer is calibrated to the external clock before completing the boot phase. Other embodiments are described and claimed. | 07-01-2010 |
20100169967 | Apparatus and method for runtime integrity verification - In some embodiments, a processor-based system may include at least one processor, at least one memory coupled to the at least one processor, a code block, and code which is executable by the processor-based system to cause the processor-based system to generate integrity information for the code block upon a restart of the processor-based system, securely store the integrity information, and validate the integrity of the code block during a runtime of the processor-based system using the securely stored integrity information. Other embodiments are disclosed and claimed. | 07-01-2010 |
20100250916 | Component Firmware Integration in Distributed Systems - A plurality of platforms may be defined in a distributed system. Each of the platforms may include a processor and a chipset from a common source on a single motherboard. Extensible firmware interface drivers are provided for the processors and the chipsets. Each of the platforms may be defined pursuant to a system definition model where the system definition model defines the firmware for each of the platforms. As a result, any of the platforms can be updateable from a common source, such as an Internet web site. | 09-30-2010 |
20100262743 | System management mode inter-processor interrupt redirection - A method, processor, and system are disclosed. In one embodiment method includes a first processor core among several processor cores entering into a system management mode. At least one of the other additional processor cores apart from the first processor core remain operational and do not enter the system management mode. Then, once in the system management mode, the first processor core responds to an inter-processor interrupt. | 10-14-2010 |
20100275016 | DATA SECURITY - In one embodiment, a method is provided that may include one or more operations. One of these operations may include, in response, at least in part, to a request to store input data in storage, encrypting, based least in part upon one or more keys, the input data to generate output data to store in the storage. The one or more keys may be authorized by a remote authority. Alternatively or additionally, another of these operations may include, in response, at least in part, to a request to retrieve the input data from the storage, decrypting, based at least in part upon the at least one key, the output data. Many modifications, variations, and alternatives are possible without departing from this embodiment. | 10-28-2010 |
20100318993 | METHOD AND APPARATUS FOR PROVIDING VIRTUAL SERVER LADES - Methods and apparatus to provide virtual server blades are described. In one embodiment, a first virtual machine (VM) in a processing system may emulate a first server blade, and a second VM in the processing system may emulate a second server blade. The emulated server blades may be referred to as virtual server blades. A virtual machine monitor (VMM) in the processing system may provide a communication channel to at least one of the virtual server blades. Other embodiments are described and claimed. | 12-16-2010 |
20100332813 | SYSTEM AND METHOD FOR UTILIZING A PROTECTED/HIDDEN REGION OF SEMICONDUCTOR BASED MEMORY/STORAGE - A method for accessing a protected area of a solid-state storage device via firmware control is described. During system initialization, firmware components are loaded and executed to initialize a computer system. These firmware components include a firmware driver for accessing solid-state storage devices connected to the computer system. The system firmware enables a protected area on a solid-state storage device's media to be accessed under firmware control. After firmware accesses, the protected area is closed from access by non-firmware entities by “hiding” the true size of the media such that those entities are unaware of this area of the media. Mechanisms are disclosed for providing firmware access to the protected area only during pre-boot, and for both pre-boot and run-time operations. The firmware-controlled media access scheme may be used to load firmware stored on solid-state media during pre-boot and to store system information in the protected area during pre-boot and/or run-time operations. | 12-30-2010 |
20110004715 | METHOD AND SYSTEM FOR HANDLING A MANAGEMENT INTERRUPT EVENT IN A MULTI-PROCESSOR COMPUTING DEVICE - A method and system for handling a management interrupt, such as a system management interrupt (SMI) and/or a platform management interrupt (PMI), includes sequestering two or more processor cores from a plurality of processor cores to form a group of sequestered processor cores for handling the management interrupt. Generated management interrupts are directed to the group of sequestered processor cores and not to non-sequestered processor cores. At least one of the sequestered processor cores handles the management interrupt without disrupting the current operation of the non-sequestered processor cores. | 01-06-2011 |
20110083005 | Enabling a heterogeneous blade environment - In one embodiment, the present invention includes a method for receiving a request for power-up of a first blade of a chassis, enabling the first blade to power-up in a reduced boot mode and receiving a communication including characteristic information and policy information associated with the first blade, and analyzing the characteristic information and the policy information to determine a policy and a boot configuration for the first blade. Other embodiments are described and claimed. | 04-07-2011 |
20110134912 | SYSTEM AND METHOD FOR PLATFORM RESILIENT VOIP PROCESSING - A system and method for platform resilient VoIP (Voice over Internet Protocol) processing in a partitioned environment. The system comprises a plurality of soft partitions. At least one soft partition is a sequestered partition. The sequestered partition includes one or more core processors having a controlled, real-time operating system and at least one network interface card (NIC) coupled to the one or more core processors. The NIC is dedicated to the sequestered partition, and the one or more core processors are used as an offload engine solely dedicated to Voice over Internet Protocol (VoIP) processing. | 06-09-2011 |
20110138166 | Extensible Pre-Boot Authentication - In one embodiment, the present invention includes a method for obtaining a pre-boot authentication (PBA) image from a non-volatile storage that is configured with full disk encryption (FDE), and storing the PBA image in a memory. Then a callback protocol can be performed between a loader executing on an engine of a chipset and an integrity checker of a third party that provided the PBA image to confirm integrity of the PBA image, the PBA image is executed if the integrity is confirmed, and otherwise it is deleted. Other embodiments are described and claimed. | 06-09-2011 |
20110154065 | OPERATING SYSTEM INDEPENDENT NETWORK EVENT HANDLING - Methods and apparatuses for re-instantiating a firmware environment that includes one or more firmware functions available at pre-boot time when transitioning the computing device from a wake state to a sleep state. A network event received by the computing device while in a sleep state may be handled by the firmware environment independent of the operating system and without returning the entire computing device to the wake state. | 06-23-2011 |
20110161726 | SYSTEM RAS PROTECTION FOR UMA STYLE MEMORY - In some embodiments, the invention involves a system and method relating to system recovery in a fault resilient manner by isolating errors associated with the management engine (ME) UMA memory. BIOS logs errors occurring on memory within the system. The ME UMA is invisible to the host OS, so the OS will not be notified about the errors occurring in the ME UMA range. When an error threshold has been reached for a memory unit in which ME UMA resides, ME UMA data is migrated to a previously reserved backup region of memory and the ME is notified of the new ME UMA location. The faulty memory is flagged for replacement at a next maintenance cycle. Embodiments may be applied to workstations that utilize ECC memory protection which utilize AMT (Active Management Technology) and ME UMA. Other embodiments are described and claimed. | 06-30-2011 |
20110213942 | PARALLEL MEMORY MIGRATION - A method and apparatus is described herein for performing parallel memory migration, as well as execution of management tasks over a plurality of management windows. Handlers are dispatched to multiple resources, such as processing elements or threads, to determine a proper memory migration handler. Each resource, during a management mode, executes a designated memory migration handler or an instance of a memory migration handler to perform a portion of a memory migration task in parallel. A task data structure is capable of supporting tracking of portions of memory migrated. In addition the task data structure is potentially also capable of tracking management tasks through plurality of management windows to support servicing of management tasks through multiple management windows. | 09-01-2011 |
20110246597 | REMOTE DIRECT STORAGE ACCESS - Embodiments of the present disclosure include systems, apparatuses, and methods that relate to remote, direct access of solid-state storage. In some embodiments, a network interface component (NIC) of a server may access a solid-state storage module of the server by a network storage access link that bypasses a central processing unit (CPU) and main memory of the server. Other embodiments may be described and claimed. | 10-06-2011 |
20110252223 | ENCRYPTION ACCELERATION - The subject matter herein relates to data processing and, more particularly, to encryption acceleration. Various embodiments herein provide devices and systems including a standardized encryption application programming interface embedded in firmware to perform encryption services. Some such embodiments move encryption operations away from operating system processes into firmware. As a result, encryption operations are generally accelerated. | 10-13-2011 |
20110271090 | Providing a secure execution mode in a pre-boot environment - In one embodiment, the present invention includes a method to establish a secure pre-boot environment in a computer system; and perform at least one secure operation in the secure environment. In one embodiment, the secure operation may be storage of a secret in the secure pre-boot environment. | 11-03-2011 |
20110271142 | METHOD AND SYSTEM FOR HANDLING A MANAGEMENT INTERRUPT EVENT IN A MULTI-PROCESSOR COMPUTING DEVICE - A method and system for handling a management interrupt, such as a system management interrupt (SMI) and/or a platform management interrupt (PMI), includes allocating two or more processor cores from a plurality of processor cores to form a group of management interrupt handling processor cores. Generated management interrupts are directed to this first group of processor cores and not to remaining processor cores, which forma second group. At least one of the processor cores in the first group handles the management interrupt without disrupting the current operation of the processor cores in the second group. | 11-03-2011 |
20110271347 | PRE-BOOT FIRMWARE BASED VIRUS SCANNER - The present disclosure relates to allowing the utilization of a virus scanner and cleaner that operates primarily in the pre-boot phase of computer operation and, more particularly, to allowing the utilization of a virus scanner and cleaner that operates primarily during the loading of an operating system. | 11-03-2011 |
20110289305 | METHOD AND SYSTEM FOR REMOTE CONFIGURATIONOF A COMPUTING DEVICE - A method and system for remote configuration of a computing device includes generating initialization code configured to initialize a memory and/or processor of the computing device dependent on initialization data. The initialization data is generated based on platform data, which is validate based on predetermined criteria. The platform data identifies platform-specific parameters and may be received over a network from a platform manufacturer. In response to validation of the platform data, the initialization data is generated and transmitted to the platform manufacturer for incorporation into the computing device. Upon a processor reset, the initialization code is configured to use the initialization data to perform initialization procedures to initialize the memory and/or processor of the computing device. The platform data may be updated periodically by an end-user of the computing device. | 11-24-2011 |
20110307712 | MULTI-OWNER DEPLOYMENT OF FIRMWARE IMAGES - A method, apparatus, system, and computer program product for multi-owner deployment of firmware images. The method includes obtaining a signed firmware image that comprises a first code module signed by a first code owner and a second code module signed by a second code owner. The method further includes obtaining an updated first code module comprising updated code for the first code module, verifying that the updated first code module is signed by the first code owner, and updating the signed firmware image with the updated first code module in response to verifying that the updated first code module is signed by the first code owner. The signed firmware image may further comprise an access control list that authorizes updates to the first code module by the first code owner and updates to the second code module by the second code owner. | 12-15-2011 |
20110314298 | SYSTEM AND METHOD FOR N-ARY LOCALITY IN A SECURITY CO-PROCESSOR - Enhancing locality in a security co-processor module of a computing system may be achieved by including one or more additional attributes such as geographic location, trusted time, a hardware vendor string, and one or more environmental factors into an access control space for machine mode measurement of a computing system. | 12-22-2011 |
20110314468 | UNIFORM STORAGE DEVICE BY PARTIAL VIRTUALIZATION MACHINE - In a computing system having a processor package, an operating system, and a physical I/O device, a partial virtual machine is provided to instantiate a virtual I/O device corresponding to the physical I/O device, the virtual I/O device having a virtual I/O controller. The partial virtual machine includes an I/O port trap to capture an I/O request to the virtual I/O device by the operating system; an I/O controller emulator coupled to the I/O port trap to handle an I/O control request to the virtual I/O controller, when the I/O request comprises an I/O control request; an I/O device emulator coupled to the I/O port trap component to handle an I/O access request to communicate with the virtual I/O device, when the I/O request comprises an I/O access request; and a device driver coupled to the I/O controller emulator and the I/O device emulator to communicate with the physical I/O device based at least in part on the I/O control request and the I/O access request. The partial virtual machine executes within a secure enclave session within the processor package, improving security of I/O transactions by preventing access to the partial virtual machine by the operating system. | 12-22-2011 |
20110314469 | METHOD FOR NETWORK INTERFACE SHARING AMONG MULTIPLE VIRTUAL MACHINES - In a computing system, sharing a physical NIC device among multiple virtual machines may be implemented by a customer virtual machine by receiving, by a virtual network interface card (NIC) driver of a customer operating system (OS) running in the customer virtual machine on a computing system, a customer OS request packet for transmission by a physical NIC driver over a network coupled to the computing system, and copying at least a portion of the customer OS request packet into a free block of shared memory of the computing system and appending the block to a transmission queue in the shared memory. Next, a service virtual machine may support the implementation by fetching the block from the transmission queue by a virtual NIC driver of a service OS running in a service virtual machine and packaging the portion into a service OS request packet, passing the service OS request packet to a service OS network stack component of the service OS, routing the service OS request packet, by a bridge driver of the service OS network stack component, to the physical NIC driver, and sending the service OS request packet over the network by the physical NIC driver. | 12-22-2011 |
20110320798 | Providing Silicon Integrated Code For A System - In one embodiment, a semiconductor integrated code (SIC) may be provided in a binary format by a processor manufacturer. This SIC may include platform independent code of the processor manufacturer. Such code may include embedded processor logic to initialize the processor and at least one link that couples the processor to a memory, and embedded memory logic to initialize the memory. Other embodiments are described and claimed. | 12-29-2011 |
20120023318 | PROVIDING PLATFORM INDEPENDENT MEMORY LOGIC - In one embodiment, the present invention includes semiconductor integrated code (SIC) corresponding to platform independent code of a processor manufacturer. This code may include embedded memory code (EMC) to initialize a memory via initialization of a memory controller, and a mapping of memory signals using an on-die termination (ODT) data structure accessible via the EMC, where the ODT data structure is provided by an original equipment manufacturer (OEM) and corresponds to a parameterized rule set for a platform dependent memory configuration of the memory. Other embodiments are described and claimed. | 01-26-2012 |
20120023364 | METHODS AND APPARATUS TO PROTECT SEGMENTS OF MEMORY - Methods and apparatus to protect segments of memory are disclosed herein. An example method includes intercepting an interrupt request indicating an error; determining whether a first segment of memory is corrupt, the first segment of memory being designated as a protected region of memory; when the protected region of memory is corrupt, repairing the corrupted region of memory using a parity block of code; and in response to validating the protected region of memory, generating an interrupt enabling a utilization of code stored in the protected region of memory to handle the error associated with the interrupt request. | 01-26-2012 |
20120025953 | MULTI-SOCKET SERVER MANAGEMENT WITH RFID - Using radio frequency identification (RFID) tags embedded in processors within a computing system to assist in system initialization processing. The RFID tags provide a separate communication path to other components of the computing system during initialization processing, apart from the system interconnect. When the computing system is powered up, each processor in the system may cause its RFID tag to broadcast data regarding the processor's interconnect location and initialization status. The RFID tags may be sensed by a RFID receiver in the Platform Control Hub (PCH) of the computing system, and each processor's interconnect location and initialization status data may be stored in selected registers within the PCH. When the BIOS executes during system initialization processing, the BIOS may access these PCH registers to obtain the processor's data. The interconnect location and initialization status data may be used by the BIOS to select the optimal routing table and to configure the virtual network within the computing system based at least in part on the optimal routing table and the RFID tag data and without the need for interrogating each processor individually over the system interconnect. | 02-02-2012 |
20120030457 | OFFLOADING THE PROCESSING OF A NETWORK PROTOCOL STACK - A computer system is partitioned during a pre-boot phase of the computer system between a first partition and a second partition, wherein the first partition to include a first processing unit and the second partition to include a second processing unit. An Input/Output (I/O) operating system is booted on the first partition. A general purpose operating system is booted on the second partition. Network transactions are issued by the general purpose operating system to be performed by the I/O operating system. The network transactions are performed by the I/O operating system. | 02-02-2012 |
20120036308 | SUPPORTING A SECURE READABLE MEMORY REGION FOR PRE-BOOT AND SECURE MODE OPERATIONS - In one embodiment, the present invention includes a method for determining whether an address map of a system includes support for a read only region of system memory, and if so configuring the region and storing protected data in the region. This data, at least some of which can be readable in both trusted and untrusted modes, can be accessed from the read only region during execution of untrusted code. Other embodiments are described and claimed. | 02-09-2012 |
20120036347 | PROVIDING FAST NON-VOLATILE STORAGE IN A SECURE ENVIRONMENT - In one embodiment, a peripheral controller coupled to a processor can include a storage controller. This storage controller can control access to a non-volatile storage coupled to the peripheral controller. The storage may include both secure and open partitions, and the storage controller can enable access to the secure partition only when the processor is in a secure mode. In turn, during unsecure operation such as third party code execution, visibility of the secure partition can be prevented. Other embodiments are described and claimed. | 02-09-2012 |
20120079085 | CLUSTER COMPUTING - NIC BASED OS PROVISION - A network interface card with read-only memory having at least a micro-kernel of a cluster computing operation system, a server formed with such network interface card, and a computing cluster formed with such servers are disclosed herein. In various embodiments, on transfer, after an initial initialization phase during an initialization of a server, the network interface card loads the cluster computing operation system into system memory of the server, to enable the server, in conjunction with other similarly provisioned servers to form a computing cluster. Other embodiments are also disclosed and claimed. | 03-29-2012 |
20120079118 | SYSTEM AND METHOD FOR FACILITATING WIRELESS COMMUNICATION DURING A PRE-BOOT PHASE OF A COMPUTING DEVICE - A system, device, and method for facilitating wireless communications during a pre-boot phase of a computing device includes establishing a communications interface between a unified extensible firmware interface executed on the computing device and a wireless transceiver of the computing device during a pre-boot phase of the computing device. An OOB processor of the computing device processes data communications between the unified extensible firmware interface and the wireless communication circuit during the pre-boot phase by reformatting the data communications between wired and wireless communication standards. | 03-29-2012 |
20120084552 | DEMAND BASED USB PROXY FOR DATA STORES IN SERVICE PROCESSOR COMPLEX - A method, apparatus, system, and computer program product for secure server system management. A payload containing system software and/or firmware updates is distributed in an on-demand, secure I/O operation. The I/O operation is performed via a secured communication channel inaccessible by the server operating system to an emulated USB drive. The secure communication channel can be established for the I/O operation only after authenticating the recipient of the payload, and the payload can be protected from access by a potentially-infected server operating system. Furthermore, the payload can be delivered on demand rather than relying on a BIOS update schedule, and the payload can be delivered at speeds of a write operation to a USB drive. | 04-05-2012 |
20120096305 | Method and System for Recovery of a Computing Environment - A method and system for recovery of a computing environment includes monitoring during a pre-boot phase and a runtime phase of a computing device for selection of a hot key sequence by a user and performing a recovery action in response to the selection of the hot key sequence by the user. The recovery action may be any one of a number of predetermined and/or selectable actions such as restoring system defaults, migrating memory, displaying a menu of options, setting various software flags, restarting or rebooting the computing device, and/or the like. | 04-19-2012 |
20120102312 | DECOUPLED HARDWARE CONFIGURATION MANAGER - The present disclosure relates to a technique or device to allow hardware related drivers to present a centralized configuration program and, more particularly, to a technique or device to allow hardware related drivers to present configuration information to a centralized user interface manager. | 04-26-2012 |
20120124357 | METHOD OF PROVISIONING FIRMWARE IN AN OPERATING SYSTEM (OS) ABSENT SERVICES ENVIRONMENT - Methods and apparatuses for re-instantiating a firmware environment that includes one or more firmware functions available at pre-boot time when transitioning the computing device from a first, higher power consumption state to a second, lower power consumption state. The firmware environment determines whether a cryptographic signature on a firmware volume is verified; whether hardware resources of the computing device requested by a manifest of the firmware volume are available; and whether a firmware module of the firmware volume is compatible with installed firmware of the firmware environment. If so, the firmware environment reserves space in a memory to accommodate resources used by the firmware module, and executes the firmware module with the computing device in the second, lower power consumption state. | 05-17-2012 |
20120159028 | System Management Mode Inter-Processor Interrupt Redirection - A method, processor, and system are disclosed. In one embodiment method includes a first processor core among several processor cores entering into a system management mode. At least one of the other additional processor cores apart from the first processor core remain operational and do not enter the system management mode. Then, once in the system management mode, the first processor core responds to an inter-processor interrupt. | 06-21-2012 |
20120159136 | COMPUTER SYSTEM BOOT ENHANCEMENTS WITH USER OVERRIDE - Methods, systems and computer program products are disclosed for enhanced system boot processing that is faster to launch the OS because it does not interrogate I/O devices for possible interruption, but that also may be modified to interrogate such devices based on a user selection mechanism. The user selection mechanism may be, for at least one embodiment, a software mechanism such as a control panel module. For other embodiments, the user selection mechanism may be a hardware mechanism, such as a power button or other hardware button or switch. Other embodiments are described and claimed. | 06-21-2012 |
20120163602 | Method and Apparatus for Providing Seamless File System Encryption from a Pre-Boot Environment Into a Firmware Interface Aware Operating System - Methods and apparatus for providing seamless functionality in a computer are disclosed. For example, an encrypted file system manager is included to layer an encoded File Allocation Table on top of a disk and to pass to the operating system an Embedded Root Key to provide access to an encrypted Firmware Interface System Partition. | 06-28-2012 |
20120166840 | METHOD AND APPARATUS FOR IMPROVING THE RESUME TIME OF A PLATFORM - A method and apparatus for improving the resume time of a platform. In one embodiment of the invention, the context of the platform is saved prior to entering an inactive state of the platform. When the platform is switched back to an active state, it reads the saved context and restores the platform to its original state prior to entering the inactive state. In one embodiment of the invention, the platform determines whether it should compress the saved context before storing it in a non-volatile memory based on the operating condition of the platform. This allows the platform to select the optimum method to allow faster resume time of the platform. | 06-28-2012 |
20120167205 | RUNTIME PLATFORM FIRMWARE VERIFICATION - Embodiments of the invention are directed towards logic and/or modules stored in processor secure storage to determine whether a first platform firmware image (e.g., basic input/output system (BIOS), device read-only memory (ROM), manageability engine firmware) loaded onto a processor cache is valid. The processor executes the first platform firmware image if it is determined to be valid. If the first platform image is determined to be invalid, a second platform firmware image is located. If this platform firmware image is determined to be valid, the processor will execute said second platform image. | 06-28-2012 |
20120173897 | LOCATION BASED POLICY SYSTEM AND METHOD FOR CHANGING COMPUTING ENVIRONMENTS - A system and method for changing computing environments for a mobile platform device. The mobile platform includes a sensory and location determination engine coupled to a policy engine. The sensory and location determination engine determines a current location of the mobile platform device and the policy engine determines what applications to launch, what applications not to launch, and what core usage to invoke for the determined location of the mobile platform device. | 07-05-2012 |
20120266012 | METHOD AND SYSTEM FOR RECOVERY OF A COMPUTING ENVIRONMENT DURING PRE-BOOT AND RUNTIME PHASES - A method and system for recovery of a computing environment includes monitoring during a pre-boot phase and a runtime phase of a computing device for selection of a hot key sequence by a user and performing a recovery action in response to the selection of the hot key sequence by the user. The recovery action may be any one of a number of predetermined and/or selectable actions such as restoring system defaults, migrating memory, displaying a menu of options, setting various software flags, restarting or rebooting the computing device, and/or the like. | 10-18-2012 |
20120317431 | SYSTEM AND METHOD FOR POWER REDUCTION BY SEQUESTERING AT LEAST ONE DEVICE OR PARTITION IN A PLATFORM FROM OPERATING SYSTEM ACCESS - In some embodiments, the invention involves a system and method relating to managing power utilization in systems having multiple processing elements. In at least one embodiment, the present invention is intended to control the sleeping/wakefulness of processing elements, as necessary, to maintain a preferred level of power utilization in the platform. Activity is routed to sequestered processing elements instead of sleeping processing elements to save power. | 12-13-2012 |
20130013905 | BIOS FLASH ATTACK PROTECTION AND NOTIFICATION - A system and method for BIOS flash attack protection and notification. A processor initialization module, including initialization firmware verification module may be configured to execute first in response to a power on and/or reset and to verify initialization firmware stored in non-volatile memory in a processor package. The initialization firmware is configured to verify the BIOS. If the verification of the initialization firmware and/or the BIOS fails, the system is configured to select at least one of a plurality of responses including, but not limited to, preventing the BIOS from executing, initiating recovery, reporting the verification failure, halting, shutting down and/or allowing the BIOS to execute and an operating system (OS) to boot in a limited functionality mode. | 01-10-2013 |
20130111477 | METHODS AND APPARATUS TO PROVIDE DYNAMIC MESSAGING SERVICES | 05-02-2013 |
20130198502 | Method For Reducing Platform Boot Times By Providing Lazy Input/Output Abstractions - Methods, systems and computer program products are disclosed for enhanced system boot processing that is faster to launch an operating system, as certain devices such as user input hardware devices may not be initialized unless it is determined that a user-interruption to the boot process is likely. That is, although an interface for the devices is exposed, no initialization occurs unless a call to the interface occurs. Other embodiments are described and claimed. | 08-01-2013 |
20130205395 | PRE-BOOT FIRMWARE BASED VIRUS SCANNER - The present disclosure relates to allowing the utilization of a virus scanner and cleaner that operates primarily in the pre-boot phase of computer operation and, more particularly, to allowing the utilization of a virus scanner and cleaner that operates primarily during the loading of an operating system. | 08-08-2013 |
20130210483 | SOFTWARE-DEFINED RADIO SUPPORT IN SEQUESTERED PARTITIONS - A software-defined radio (SDR) capability may be provided in a general purpose, many core processing system by sequestering one or more partitions running on one or more cores and instantiating a communications capability by having discrete SDR functions performed by the sequestered partitions. Each SDR module embodied in a sequestered partition may be independently upgraded without modifying the hardware of the underlying processing system. By executing SDR modules in cores not accessible by application programs and/or an operating system (OS), a better Quality of Service (QoS) may be provided for wireless communications on the general purpose, multi-core processing system. An embodiment comprises isolating a core of a many core processing system as a sequestered partition, loading a software-defined radio module onto the core, and executing the software-defined module to implement wireless communications. | 08-15-2013 |
20130218551 | DEMAND BASED USB PROXY FOR DATA STORES IN SERVICE PROCESSOR COMPLEX - A method, apparatus, system, and computer program product for secure server system management. A payload containing system software and/or firmware updates is distributed in an on-demand, secure I/O operation. The I/O operation is performed via a secured communication channel inaccessible by the server operating system to an emulated USB drive. The secure communication channel can be established for the I/O operation only after authenticating the recipient of the payload, and the payload can be protected from access by a potentially-infected server operating system. Furthermore, the payload can be delivered on demand rather than relying on a BIOS update schedule, and the payload can be delivered at speeds of a write operation to a USB drive. | 08-22-2013 |
20130275661 | PLATFORM STORAGE HIERARCHY WITH NON-VOLATILE RANDOM ACCESS MEMORY WITH CONFIGURABLE PARTITIONS - A non-volatile random access memory (NVRAM) is used in a computer system to perform multiple roles in a platform storage hierarchy. The NVRAM is byte-addressable by the processor and can be configured into one or more partitions, with each partition implementing a different tier of the platform storage hierarchy. The NVRAM can be used as mass storage that can be accessed without a storage driver. | 10-17-2013 |
20130283079 | METHOD AND SYSTEM FOR PROVIDING INSTANT RESPONSES TO SLEEP STATE TRANSITIONS WITH NON-VOLATILE RANDOM ACCESS MEMORY - A non-volatile random access memory (NVRAM) is used in a computer system to provide instant responses to sleep state transitions. The computer system includes a processor coupled to an NVRAM, which is accessible by the processor without passing through an I/O subsystem. The NVRAM is byte-rewritable and byte-erasable by the processor. In response to a request to enter a powered sleep state, the computer system converts the powered sleep state into a powered-off sleep state with system memory context stored in the NVRAM. The powered sleep state is defined as a state in which power is supplied to volatile random access memory in the computer system, and the powered-off sleep state is defined as a state in which power is removed from the volatile random access memory. In response to a wake event, the computer system resumes working state operations using the system memory context stored in the NVRAM. | 10-24-2013 |
20130304979 | ACCESS CONTROL FOR NON-VOLATILE RANDOM ACCESS MEMORY ACROSS PLATFORM AGENTS - A controller is used in a computer system to control access to an NVRAM. The computer system includes a processor coupled to a non-volatile random access memory (NVRAM). The NVRAM is byte-rewritable and byte-erasable. The NVRAM stores data to be used by a set of agents including in-band agents and an out-of-band agent. The in-band agents run on a processor having one or more cores, and the out-of-band agent that runs on a non-host processing element. When the controller receives an access request from the out-of-band agent, the controller determines, based on attributes associated with the out-of-band agent, whether a region in the NVRAM is shareable by the out-of-band agent and at least one of the in-band agents. | 11-14-2013 |
20130311665 | SYSTEM AND METHOD FOR FACILITATING WIRELESS COMMUNICATION DURING A PRE-BOOT PHASE OF A COMPUTING DEVICE - A system, device, and method for facilitating wireless communications during a pre-boot phase of a computing device includes establishing a communications interface between a unified extensible firmware interface executed on the computing device and a wireless transceiver of the computing device during a pre-boot phase of the computing device. An OOB processor of the computing device processes data communications between the unified extensible firmware interface and the wireless communication circuit during the pre-boot phase by reformatting the data communications between wired and wireless communication standards. | 11-21-2013 |
20130318577 | TRUSTED APPLICATION MIGRATION ACROSS COMPUTER NODES - An embodiment includes a secure and stable method for sending information across a compute continuum. For example, the method may include executing an application (e.g., video player) on a first node (e.g., tablet) with a desire to perform “context migration” to a second node (e.g., desktop). This may allow a user to watch a movie on the tablet, stop watching the movie, and then resume watching the movie from the desktop. To do so in a secure and stable manner, the first node may request security and performance credentials from the second node. If both credential sets satisfy thresholds, the first node may transfer content (e.g., encrypted copy of a movie) and state information (e.g., placeholder indicating where the movie was when context transfer began). The second node may then allow the user to resume his or her movie watching from the desktop. Other embodiments are described herein. | 11-28-2013 |
20130326216 | METHODS AND ARRANGEMENTS TO LAUNCH TRUSTED, COEXISTING ENVIRONMENTS - Methods and arrangements to launch trusted, distinct, co-existing environments are disclosed. Embodiments may launch trusted, distinct, co-existing environments in pre-OS space with high assurance. A hardware-enforced isolation scheme may isolate the partitions to facilitate storage and execution of code and data. In many embodiments, the system may launch a partition manager to establish embedded and main partitions. Embedded partitions may not be visible to the main OS and may host critical operations. A main partition may host a general-purpose OS and user applications, and may manage resources that are not assigned to the embedded partitions. Trustworthiness in the launch of the embedded partition is established by comparing integrity metrics for the runtime environment against integrity measurements of a trusted runtime environment for the embedded partition, e.g., by sealing a cryptographic key with the integrity metrics in a trusted platform module. Other embodiments are described and claimed. | 12-05-2013 |
20140013095 | Providing Silicon Integrated Code For A System - In one embodiment, a semiconductor integrated code (SIC) may be provided in a binary format by a processor manufacturer. This SIC may include platform independent code of the processor manufacturer. Such code may include embedded processor logic to initialize the processor and at least one link that couples the processor to a memory, and embedded memory logic to initialize the memory. Other embodiments are described and claimed. | 01-09-2014 |
20140025939 | METHODS AND APPARATUS FOR TRUSTED BOOT OPTIMIZATION - A data processing system may include a high integrity storage (HIS) device with a partition or cache that is protected from updates. The data processing system may perform a boot process in response to being reactivated. The boot process may include the operation of executing a boot object. During the boot process, before executing the boot object, the data processing system may retrieve a digest for the boot object from the protected cache of the HIS device. The digest may be a cryptographic hash value for the boot object. During the boot process, the retrieved digest may be extended into a platform configuration register in a trusted platform module of the data processing system. Other embodiments are described and claimed. | 01-23-2014 |
20140047174 | SECURE DATA PROTECTION WITH IMPROVED READ-ONLY MEMORY LOCKING DURING SYSTEM PRE-BOOT - Generally, this disclosure provides methods and systems for secure data protection with improved read-only memory locking during system pre-boot including protection of Advanced Configuration and Power Interface (ACPI) tables. The methods may include selecting a region of system memory to be protected, the selection occurring in response to a system reset state and performed by a trusted control block (TCB) comprising a trusted basic input/output system (BIOS); programming an address decoder circuit to configure the selected region as read-write; moving data to be secured to the selected region; programming the address decoder circuit to configure the selected region as read-only; and locking the read-only configuration in the address decoder circuit. | 02-13-2014 |
20140089551 | COMMUNICATION OF DEVICE PRESENCE BETWEEN BOOT ROUTINE AND OPERATING SYSTEM - Various embodiments are directed to creating multiple device blocks associated with hardware devices, arranging the device blocks in an order indicative of positions of the hardware devices in a hierarchy of buses and bridges, and enabling access to the multiple device blocks from an operating system. An apparatus comprises a processor circuit and storage storing instructions operative on the processor circuit to create a device table comprising multiple device blocks, each device block corresponding to one of multiple hardware devices accessible to the processor circuit, the device blocks arranged in an order indicative of relative positions of the hardware devices in a hierarchy of buses and at least one bridge device; enable access to the device table by an operating system; and execute a second sequence of instructions of the operating system operative on the processor circuit to access the device table. Other embodiments are described and claimed herein. | 03-27-2014 |
20140089651 | COMPUTING DEVICE BOOT SOFTWARE AUTHENTICATION - Various embodiments are generally directed to authenticating a chain of components of boot software of a computing device. An apparatus comprises a processor circuit and storage storing an initial boot software component comprising instructions operative on the processor circuit to select a first set of boot software components of multiple sets of boot software components, each set of boot software components defines a pathway that branches from the initial boot software component and that rejoins at a latter boot software component; authenticate a first boot software component of the first set of boot software components; and execute a sequence of instructions of the first boot software component to authenticate a second boot software component of the first set of boot software components to form a chain of authentication through a first pathway defined by the first set of boot software components. Other embodiments are described and claimed herein. | 03-27-2014 |
20140146183 | METHODS AND APPARATUS FOR DISPLAYING VIDEO DESPITE A NONFUNCTIONAL OPERATING SYSTEM - A first video messaging service, running on top of an operating system in a data processing system, automatically presents a first video message. After using the first video messaging service to present the first video message, the data processing system automatically determines whether the first video messaging service has become nonfunctional. In response to determining that the first video messaging service has become nonfunctional, the data processing system automatically uses a backup video messaging service to present a second video message. The backup video messaging service operates in a boot environment. In one embodiment, the data processing system is configured to provide digital signage, the first video messaging service presents content for the digital signage when the operating system is operational, and the second video messaging service presents content for the digital signage when the operating system is nonfunctional. Other embodiments are described and claimed. | 05-29-2014 |
20140189399 | METHODS, SYSTEMS AND APPARATUS TO MANAGE POWER CONSUMPTION OF A GRAPHICS ENGINE - Methods and apparatus are disclosed to manage power consumption at a graphics engine. An example method to manage power usage of a graphics engine via an application level interface includes obtaining a policy directive for the graphics engine via the application level interface, the policy directive identifying a threshold corresponding to power consumed by the graphics engine operating in a first graphics state. The example method also includes determining a power consumed by the graphics engine during operation. The example method also includes comparing the power consumed to the threshold of the policy directive, and when the threshold is met, setting the graphics engine in a second graphics state to cause the graphics engine to comply with the policy directive. | 07-03-2014 |
20140195763 | HARDWARE AND FILE SYSTEM AGNOSTIC MECHANISM FOR ACHIEVING CAPSULE SUPPORT - Methods and apparatus relating to a hardware and file system agnostic mechanism for achieving capsule support are described. In one embodiment, content associate with a capsule are stored in a non-volatile memory prior to a cold reset. A capsule descriptor may also be constructed, prior to the reset, which includes information about the physical location of the capsule content on the non-volatile memory. Other embodiments are also described and claimed. | 07-10-2014 |
20140282815 | POLICY-BASED SECURE WEB BOOT - A system, device, and method for providing policy-based secure cloud booting include a mobile computing device and a web server. The mobile computing device determines a remote boot address specifying the location of a boot resource on the web server. The mobile computing device opens a secure connection to the web server and maps the boot resource to a local firmware protocol. The mobile computing device executes the boot resource as a firmware image using the local firmware protocol. The boot resource may be a compact disc or DVD image mapped through a block I/O protocol. The boot resource may be a remote file system mapped through a file system protocol. The remote boot address may be configured using a manageability engine capable of out-of-band communication. The remote boot address may be determined based on the context of the mobile computing device, including location. Other embodiments are described and claimed. | 09-18-2014 |
20140304540 | OPERATING SYSTEM INDEPENDENT NETWORK EVENT HANDLING - Methods and apparatuses for re-instantiating a firmware environment that includes one or more firmware functions available at pre-boot time when transitioning the computing device from a wake state to a sleep state. A network event received by the computing device while in a sleep state may be handled by the firmware environment independent of the operating system and without returning the entire computing device to the wake state. | 10-09-2014 |
20140325512 | METHODS AND APPARATUS TO PROVIDE DYNAMIC MESSAGING SERVICES - Methods and apparatus to provide dynamic messaging services are disclosed. An example method of displaying information on a display screen includes determining, using a virtual machine manager, supported dimensions for display of information on the display screen; generating, using the virtual machine manager, restricted dimensions that are less than the supported dimensions; providing the restricted dimensions to an operating system of a virtual machine supported by the virtual machine manager, wherein the restricted dimensions define a boundary between a first screen portion and a second screen portion; and using the virtual machine manager to display first information in the first screen portion, the virtual machine manager enforcing the presence of the first screen portion on the display screen. | 10-30-2014 |
20140380033 | OFFLOADING THE PROCESSING OF A NETWORK PROTOCOL STACK - A computer system is partitioned during a pre-boot phase of the computer system between a first partition and a second partition, wherein the first partition to include a first processing unit and the second partition to include a second processing unit. An Input/Output (I/O) operating system is booted on the first partition. A general purpose operating system is booted on the second partition. Network transactions are issued by the general purpose operating system to be performed by the I/O operating system. The network transactions are performed by the I/O operating system. | 12-25-2014 |
20140380034 | SYSTEM AND METHOD FOR REDIRECTING INPUT/OUTPUT (I/O) SEQUENCES - A method for redirecting I/O (Input/Output) sequences. A computer platform is initialized. If the computer platform is enabled for command packet rerouting, the platform firmware may be used to install a runtime enable block I/O interface and a standard UNDI (Universal Network Device Interface) interface for routing I/O requests to a network controller or an out-of-band processor may be used to route I/O requests to a network interface controller. The routing of the I/O requests to the network controller or network interface controller enables the computer platform to boot from a remote block I/O storage device. | 12-25-2014 |
20150033225 | OPERATING SYSTEM SWITCHING METHOD AND APPARATUS - Apparatuses, methods and storage media associated with switching operating systems are disclosed herewith. In embodiments, an apparatus for computing may include one or more processors; and a virtual machine manager to be operated by the one or more processors to instantiate a first virtual machine with a first operating system in a background, and a second virtual machine with a second operating system in a foreground; wherein the virtual machine manager is further to place the first virtual machine, on instantiation, in background into a standby state. Other embodiments may be disclosed or claimed. | 01-29-2015 |
20150067163 | LOCATION AWARE RESOURCE LOCATOR - Systems and methods providing a location-aware resource locator model for facilitating communication with networked electronic devices are generally disclosed herein. One embodiment includes a resource locator using a standard Uniform Resource Locator (URL) format, but enabling identification of one or many devices based on logical location information provided in the resource locator. The resource locator may also enable identification of the one or many devices based on logical proximity information (such as a logical term indicating a location property) relative to a dynamic location. Further disclosed embodiments include uses of a hierarchical structure to define logical terms and classes for use with a resource locator, and various location determination and lookup techniques used in connection with accessing an electronic device. | 03-05-2015 |