CN109472131A - A kind of capsule-type UEFI firmware remote-control method based on BMC with safety certification - Google Patents
A kind of capsule-type UEFI firmware remote-control method based on BMC with safety certification Download PDFInfo
- Publication number
- CN109472131A CN109472131A CN201811330476.6A CN201811330476A CN109472131A CN 109472131 A CN109472131 A CN 109472131A CN 201811330476 A CN201811330476 A CN 201811330476A CN 109472131 A CN109472131 A CN 109472131A
- Authority
- CN
- China
- Prior art keywords
- capsule
- firmware
- bmc
- uefi
- data packet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 27
- 239000002775 capsule Substances 0.000 claims abstract description 59
- 230000008569 process Effects 0.000 claims abstract description 7
- 238000012423 maintenance Methods 0.000 claims description 12
- 238000004891 communication Methods 0.000 claims description 6
- 238000004806 packaging method and process Methods 0.000 claims description 3
- 238000005192 partition Methods 0.000 claims description 3
- 238000012795 verification Methods 0.000 claims description 3
- 238000005516 engineering process Methods 0.000 abstract description 2
- 238000005538 encapsulation Methods 0.000 abstract 1
- 230000006870 function Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 2
- 238000009434 installation Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Stored Programmes (AREA)
Abstract
The present invention provides a kind of capsule-type UEFI firmware remote-control method based on BMC with safety certification, belong to computer system firmware security technology area, the present invention is according to Capsule protocol encapsulation more new data, pass through the remote-control mode of BMC platform, the management control of specified module and entirety is carried out to client UEFI firmware, increase safety certification process simultaneously, reinforces firmware safety, improve the maintainability of fixer system.
Description
Technical Field
The invention relates to a computer system firmware security technology, in particular to a capsule type UEFI firmware remote control method based on BMC (baseboard management controller) with security authentication.
Background
The UEFI unified extensible firmware interface is a set of definitions of interfaces and data structures between platform firmware and an operating system. UEFI BIOS is rapidly developed and more popular in application, and the maintainability and safety requirements of UEFI BIOS are higher and higher.
The UEFI starting process includes several stages, such as SEC (security sets the CPU protection mode), PEI (PEI initialization before EFI), DXE (execution driver, Device handle installation, protocol installation), BDS (boot Device selection), TSL (temporary system load), RT (run time), and the like. The UEFI program is classified into kernel, driver, and application 3 classes. The UEFI kernel provides services including memory management, event management, task priority management, handle management and the like, and drives to realize access and management of hardware resources and support drive development and expansion of new equipment. The application program provides services of firmware function extension, customization, value increment and the like.
Capsule is a specification defined by UEFI for data transfer between an operating system and a firmware system. PPI is an interface defined by UEFI for transferring functions and data between PEI phase modules (PEIM).
The customer needs specific function customization to UEFI BIOS, and needs not to carry out whole firmware update to the firmware system repair of the fixed module, etc. and reduces the risk brought by the update process. Or the mass client server platforms need to be maintained in a unified way, and manufacturers can perform ready-made upgrading and respective maintenance in the modes of hardware refreshing, storage media and the like, which obviously brings inconvenience for management. Moreover, in the firmware maintenance process, if there is no necessary security measure, malicious attack is suffered, which will bring serious consequences.
Disclosure of Invention
In order to solve the technical problems, the invention provides a capsule-type UEFI firmware remote control method based on BMC (baseboard management controller) with security authentication, which is used for centrally updating and managing the firmware of a large-scale client in a remote management mode, managing and maintaining a fixed module and ensuring the security of firmware maintenance.
The technical scheme adopted by the invention is as follows:
the invention relates to a BMC (baseboard management controller) based Capsule UEFI (unified extensible firmware interface) firmware remote control method with security authentication.
Further, the UEFI BIOS data needing to be changed are packaged into a data packet according to a Capsule (Capsule) protocol, communication is established with the UEFI BIOS platform through a BMC (baseboard management controller) remote management platform resident in the server, and after the BMC security authentication is passed, the data packet is sent to a firmware system of the client server platform. And identifying and analyzing the Capsule data packet and encapsulating the Capsule data packet into a PEI service, after the validity verification is passed, performing drive allocation loading at a DXE stage of UEFI, updating and writing the firmware, and modifying to complete system restart.
The capsule mode is adopted to facilitate the customized updating of the firmware product, selectively update the firmware system file or module, pertinently solve the computer fault, perform the firmware function expansion and the like; meanwhile, the BMC remote management control method reduces the dependence on firmware refreshing tools, facilitates the remote centralized management of mass customers and increases the maintainability of a computer; and a safety authentication process is added, so that malicious tampering is avoided, and the safety of the firmware system is ensured.
The specific operation steps are as follows:
1) firstly, packaging the specified modules needing to be changed into a Capsule data packet according to a Capsule specification.
The Capsule data packet consists of a header structure and a volume.
Wherein,
the Capsule eImageSize in the Capsule header structure indicates the file size, the OffsetToCapsuleBody indicates the position of the Capsule in the firmware volume, and the instanceId indicates the partition identifier of the Capsule.
The Capsule volume structure is the same as the standard firmware volume file structure.
2) And sending the Capsule data packet to a BMC remote management platform resident in the server.
3) And the BMC platform carries out safety certification, stops firmware maintenance if the certification is not passed, and continues to carry out the next operation if the certification is passed.
4) And the BMC remote management platform reads the IP from the IP list of the server BMC and establishes communication with the UEFI BIOS platform.
5) And sending the Capsule data packet to a firmware system of the client server platform according to the network protocol.
6) UEFI firmware starts, and PPI identifies and parses the Capsule data packet to be re-encapsulated into PEI service at the PEI stage of the firmware.
7) And the firmware continues to run to a DXE stage, acquires the Capsule information from the HOB linked list, extracts the size of the data packet and the position of the firmware volume, performs validity check judgment, exits firmware writing if invalid, calls a drive allocation loading service Dispatch at the stage if valid, and searches and executes UEFI firmware writing maintenance according to a specified sequence.
8) And restarting the system after the writing is executed.
The invention has the advantages that
The capsule mode is convenient for customizing and updating the firmware product, selectively updating a firmware system file or module, pertinently solving computer faults, expanding firmware functions and the like; meanwhile, the BMC remote management control method reduces the dependence on firmware refreshing tools, facilitates the remote centralized management of mass customers and increases the maintainability of a computer; and a safety authentication process is added, so that malicious tampering is avoided, and the safety of the firmware system is ensured.
The method can be applied to centralized management and customized updating and maintenance of firmware of a plurality of servers, is convenient for remote management and maintenance, and simultaneously ensures the safety.
Drawings
FIG. 1 is a flow diagram of a firmware maintenance phase of the present invention.
FIG. 2 is a block diagram of a firmware remote maintenance flow of the present invention.
Detailed Description
The invention is explained in more detail below:
the capsule UEFI firmware remote control method based on BMC with security authentication maintains UEFI firmware, is packaged according to capsule rules, and has remote management and security authentication functions.
And encapsulating a data packet according to a Capsule (Capsule) protocol for UEFI BIOS data needing to be changed, establishing communication with the UEFI BIOS platform through a BMC (baseboard management controller) remote management platform resident in a server, and sending the data packet to a firmware system of a client server platform after the BMC security authentication is passed. And identifying and analyzing the Capsule data packet and encapsulating the Capsule data packet into a PEI service, after the validity verification is passed, performing drive allocation loading at a DXE stage of UEFI, updating and writing the firmware, and modifying to complete system restart.
The specific operation steps are as follows:
1) firstly, packaging the specified modules needing to be changed into a Capsule data packet according to a Capsule specification. The Capsule packet consists of a header structure and a volume. Wherein the Capsule eImageSize in the Capsule header structure represents the file size, the OffsetToCapsuleBody represents the position of the Capsule in the firmware volume, and the instanceId represents the partition identifier of the Capsule. The Capsule volume structure is the same as the standard firmware volume file structure.
2) And sending the Capsule data packet to a BMC platform on the remote management server.
3) And the BMC platform carries out safety certification, stops firmware maintenance if the certification is not passed, and continues to carry out the next operation if the certification is passed.
4) And the BMC remote management platform reads the IP from the IP list of the server BMC and establishes communication with the UEFI BIOS platform.
5) And sending the Capsule data packet to a firmware system of the client server platform according to the network protocol.
6) UEFI firmware starts, and PPI identifies and parses the Capsule data packet to be re-encapsulated into PEI service at the PEI stage of the firmware.
7) And the firmware continues to run to a DXE stage, acquiring the Capsule information from the HOB linked list, extracting the size of the data packet and the position of the firmware volume, carrying out validity check judgment, exiting firmware writing if invalid, calling a drive allocation loading service Dispatch at the stage if valid, searching UEFI USB drive module addresses according to a specified sequence, and executing UEFI firmware writing.
8) And restarting the system after the writing is executed.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (8)
1. A Capsule UEFI firmware remote control method based on BMC with security authentication is characterized in that updating data is packaged according to a Capsule Capsule protocol, management control of a designated module and the whole is performed on UEFI firmware of a client through a remote control mode of a BMC platform, and meanwhile, a security authentication process is added.
2. The method of claim 1,
further comprising the steps of (a) further comprising,
and encapsulating the UEFI BIOS data needing to be changed according to a Capsule protocol, establishing communication with the UEFI BIOS platform through a BMC remote management platform resident in the server, and sending the data packet to a firmware system of the client server platform after the BMC security authentication is passed.
3. The method of claim 2,
further comprising the steps of (a) further comprising,
and identifying and analyzing the Capsule data packet and encapsulating the Capsule data packet into a PEI service, after the validity verification is passed, performing drive allocation loading at a DXE stage of UEFI, updating and writing the firmware, and modifying to complete system restart.
4. The method of claim 3,
the method further comprises the following specific operation steps:
1) firstly, packaging a specified module to be changed into a Capsule data packet according to a Capsule specification;
2) sending the Capsule data packet to a BMC remote management platform of a resident server;
3) the BMC platform carries out safety certification, if the certification is not passed, the firmware maintenance is stopped, and if the certification is passed, the next operation is continued;
4) the BMC remote management platform reads an IP from an IP list of the server BMC and establishes communication with the UEFI BIOS platform;
5) the Capsule data packet is sent to a firmware system of the client server platform according to a network protocol;
6) UEFI firmware is started, and PPI identifies and analyzes the Capsule data packet at the PEI stage of the firmware and encapsulates the Capsule data packet into PEI service again;
7) the firmware continues to run to a DXE stage, the information of the Capsule is obtained from the HOB linked list, the size of the data packet and the position of the firmware volume are extracted, and validity check judgment is carried out;
8) and restarting the system after the writing is executed.
5. The method of claim 4,
further comprising, in step 1), the Capsule packet is composed of a header structure and a volume.
6. The method of claim 5,
further included is the method, wherein the capsuleImageSize in the Capsule header structure indicates the file size, the OffsetToCapsuleBody indicates the location of the Capsule in the firmware volume, and the InstanceId indicates the partition identifier of the Capsule.
7. The method of claim 6,
further comprising, the Capsule volume structure is the same as the standard firmware volume file structure.
8. The method of claim 4,
further comprising, in step 7), performing validity check judgment, that is, if invalid, exiting firmware writing, and if valid, invoking the driver allocation load service Dispatch at this stage, and performing UEFI firmware writing maintenance according to a specified sequence.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811330476.6A CN109472131A (en) | 2018-11-09 | 2018-11-09 | A kind of capsule-type UEFI firmware remote-control method based on BMC with safety certification |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811330476.6A CN109472131A (en) | 2018-11-09 | 2018-11-09 | A kind of capsule-type UEFI firmware remote-control method based on BMC with safety certification |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109472131A true CN109472131A (en) | 2019-03-15 |
Family
ID=65672439
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811330476.6A Pending CN109472131A (en) | 2018-11-09 | 2018-11-09 | A kind of capsule-type UEFI firmware remote-control method based on BMC with safety certification |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109472131A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110175057A (en) * | 2019-05-31 | 2019-08-27 | 联想(北京)有限公司 | A kind of data processing method, electronic equipment and server |
| US11789821B1 (en) | 2022-04-29 | 2023-10-17 | Microsoft Technology Licensing, Llc | Out-of-band method to change boot firmware configuration |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1936840A (en) * | 2005-09-23 | 2007-03-28 | 联想(北京)有限公司 | Computer system not relying on operation system renewing software data and method |
| CN102541606A (en) * | 2011-12-31 | 2012-07-04 | 曙光信息产业股份有限公司 | Method and device for remote management of BIOS (basic input/output system) configuration based on UEFI (unified extensible firmware interface |
| CN103207797A (en) * | 2013-03-15 | 2013-07-17 | 南京工业大学 | Capsule type customized updating method based on universal extensible firmware interface firmware system |
| CN108710804A (en) * | 2018-05-19 | 2018-10-26 | 济南浪潮高新科技投资发展有限公司 | A kind of band hardware encryption Rapid Updating of computer UEFI firmwares |
-
2018
- 2018-11-09 CN CN201811330476.6A patent/CN109472131A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1936840A (en) * | 2005-09-23 | 2007-03-28 | 联想(北京)有限公司 | Computer system not relying on operation system renewing software data and method |
| CN102541606A (en) * | 2011-12-31 | 2012-07-04 | 曙光信息产业股份有限公司 | Method and device for remote management of BIOS (basic input/output system) configuration based on UEFI (unified extensible firmware interface |
| CN103207797A (en) * | 2013-03-15 | 2013-07-17 | 南京工业大学 | Capsule type customized updating method based on universal extensible firmware interface firmware system |
| CN108710804A (en) * | 2018-05-19 | 2018-10-26 | 济南浪潮高新科技投资发展有限公司 | A kind of band hardware encryption Rapid Updating of computer UEFI firmwares |
Non-Patent Citations (1)
| Title |
|---|
| 杜振龙等: "基于 UEFI的胶囊式固件定制更新研究", 《计算机工程》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110175057A (en) * | 2019-05-31 | 2019-08-27 | 联想(北京)有限公司 | A kind of data processing method, electronic equipment and server |
| US11789821B1 (en) | 2022-04-29 | 2023-10-17 | Microsoft Technology Licensing, Llc | Out-of-band method to change boot firmware configuration |
| WO2023211553A1 (en) * | 2022-04-29 | 2023-11-02 | Microsoft Technology Licensing, Llc | Out-of-band method to change boot firmware configuration |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108206847B (en) | CDN management system, method and device | |
| US7013462B2 (en) | Method to map an inventory management system to a configuration management system | |
| CN111698283B (en) | Management and control method, device, equipment and storage medium of distributed cluster host | |
| US20060075076A1 (en) | Updating software while it is running | |
| CN105306225B (en) | A kind of physical machine remote power-off method based on Openstack | |
| JP2009070375A (en) | System and method for custom installation of operating system on remote client | |
| CN109375933B (en) | Method and equipment for upgrading client | |
| CN103164244A (en) | Firmware system remote updating method based on universal extensible firmware interface | |
| CN104573494A (en) | Safety mobile office method based on WMI software whitelist mechanism | |
| CN112491980B (en) | Cloud host service management method, system, terminal and storage medium | |
| CN102663298B (en) | Safety online detecting system facing to terminal computers | |
| CN109472131A (en) | A kind of capsule-type UEFI firmware remote-control method based on BMC with safety certification | |
| CN111273924A (en) | Software updating method and device | |
| CN110365524B (en) | Mirror image upgrading method and system for server node firmware | |
| CN113434254B (en) | Client deployment method, client deployment apparatus, computer device, and storage medium | |
| CN113672336A (en) | K8S container cluster deployment method, device, equipment and readable storage medium | |
| CN115665265A (en) | Request processing method, device, equipment, storage medium and system | |
| CN107623581A (en) | Service list generation method, apparatus and system, acquisition, report method and device | |
| CN107453959B (en) | Network card management method and device | |
| EP0791195A1 (en) | Method and apparatus for controlling network and workstation access prior to workstation boot | |
| US20230289193A1 (en) | Systems and methods for deploying a distributed containers-as-a-service platform architecture for telecommunications applications | |
| CN100386726C (en) | Method and system for renewing long-distance operation and control of computer platform system programe | |
| CN115758334A (en) | Cloud application access method and device, electronic equipment and storage medium | |
| US11425203B2 (en) | Commissioning a virtualized network function | |
| CN114615285A (en) | Physical machine deployment method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190315 |