|
|
|
| United States Patent | 5724027 |
| Link to this page | http://www.wikipatents.com/5724027.html |
| Inventor(s) | Shipman; Mark (Hillsboro, OR);
Christeson; Orville (Portland, OR) |
| Abstract | A transparent system management interrupt (SMI) handler equipped with
system security functions is provided to a personal computer (PC) for
providing system security to the PC. Additionally, the keyboard
controlling facility of the PC is enhanced to cooperate with the SMI
handler to deliver system security under the direction of the SMI handler.
The SMI handler's system security functions include a number of functions
for handling a number of security related events detected by the keyboard
controlling facility. The keyboard controlling facility is enhanced to
operate in one of three modes, a normal mode, a sleuth mode, and a secured
mode, under which the keyboard controlling facility allows "unrestricted"
keyboard operations, communicates exclusively with the SMI handler, and
allows only "restricted" keyboard operations respectively. |
|
|
 |
Title Information  |
|
|
|
|
|
Drawing from US Patent 5724027 |
|
|
Method and apparatus for providing system security to personal computer
systems using transparent system interrupt |
|
|
|
|
|
| Publication Date |
March 3, 1998 |
|
|
|
|
|
| Filing Date |
September 28, 1995 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 |
|
 |
Title Information |
|
|
|
References |
|
|
| *references marked with an asterisk below are user-added references |
 |
U.S. References |
|
|
| Add a new US reference: |
| | Reference | Relevancy | Comments | Reference | Relevancy | Comments | 5577209
Boyle
726/4
Nov,1996 |  Your vote accepted
[0 after 0 votes] | | 5465084
Cottrell
340/5.27
Nov,1995 | Your vote accepted
[0 after 0 votes] | | 5408536
Lemelson
382/115
Apr,1995 | Your vote accepted
[0 after 0 votes] | | 5377269
Heptig
726/20
Dec,1994 | Your vote accepted
[0 after 0 votes] | | 5355414
Hale
726/34
Oct,1994 | Your vote accepted
[0 after 0 votes] | | 5339437
Yuen
710/261
Aug,1994 | Your vote accepted
[0 after 0 votes] | | 5313639
Chao
726/19
May,1994 | Your vote accepted
[0 after 0 votes] | | 5263157
Janis
707/9
Nov,1993 | Your vote accepted
[0 after 0 votes] | | 5187352
Blair
235/382
Feb,1993 | Your vote accepted
[0 after 0 votes] | | 5173490
Peglion
514/254.04
Dec,1992 | Your vote accepted
[0 after 0 votes] | | 5097506
Kaiser, Jr.
726/19
Mar,1992 | Your vote accepted
[0 after 0 votes] | | 4942606
Kaiser
726/19
Jul,1990 | Your vote accepted
[0 after 0 votes] | | |
|
 |
|
|
|
U.S. References |
|
|
|
Foreign References |
|
|
|
|
|
|
|
|
Foreign References |
|
|
|
Other References |
|
|
|
|
|
|
|
|
Other References |
|
|
|
|
|
|
|
References |
|
|
|
|
|
|
| Market Size |
|
Estimate the gross annual revenues of the relevant market
sector:
|
| | |
| |
|
|
| Market Share |
|
Estimate the percentage of the relevant market sector this invention will capture:
|
| | |
| |
|
|
| Reasonable Royalty |
|
What percentage of gross sales should the inventor or assignee be paid?
|
| | |
| |
|
|
|
Public's "Guesstimation" of Royalty Value
|
| Market Size | N/A | [No votes] | | x | Market Share | N/A | [No votes] | | x | Reasonable Royalty | N/A | [No votes] |
| | N/A | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Market Review |
|
|
|
Technical Review |
|
|
|
Claims |
|
|
What is claimed is:
1. In a computer system, a computer implemented method for providing system
security to the computer system, the method comprising the steps of:
a) operating a processor of the computer system in a first state and
keyboard control facility of the computer system in a first mode, allowing
commands and data to be freely exchanged between the processor and a
keyboard of the computer system in a substantially unrestricted manner,
except for a first plurality of system security related commands and data;
b) operating the processor in a second state and the keyboard control
facility in a second mode in response to the presence of the first system
security related command and data while the processor is operating in the
first state and the keyboard control facility is operating in the first
mode, wherein the keyboard control facility communicates exclusively with
a transparent system management interrupt (SMI) handler, facilitating
servicing of the first system security related commands and data by the
SMI handler, and inhibiting all exchange of commands and data between the
processor and the keyboard.
2. The method as set forth in claim 1, wherein
the method further comprises the step of (c) operating the processor in the
first state and the keyboard control facility in a third mode,
substantially inhibiting exchange of commands and data between the
processor and the keyboard, except for a second plurality of system
security related commands and data;
step (b) further comprises operating the processor in the second state and
the keyboard controlling facility in the second mode in response to the
presence of the second commands and data while the processor is operating
in the first state and the keyboard controlling facility is operating in
the third mode, wherein the keyboard controlling facility also
communicates exclusively with the transparent system management interrupt
(SMI) handler, facilitating servicing of the second system security
related commands and data by the SMI handler, and inhibiting exchange of
commands and data between the processor and the keyboard.
3. In a computer system, a computer implemented method for providing system
security to the computer system, the method comprising the steps of:
a) operating a processor of the computer system in a first state and
keyboard control facility of the computer system in a first mode,
substantially inhibiting commands and data to be exchanged between the
processor and a keyboard of the computer system, except for a first
plurality of system security related commands and data;
b) operating the processor in a second state and the keyboard control
facility in a second mode in response to the presence of the first system
security related command and data while the processor is operating in the
first state and the keyboard control facility is operating in the first
mode, wherein the keyboard control facility communicates exclusively with
a transparent system management interrupt (SMI) handler, facilitating
servicing of the first system security related commands and data by the
SMI handler, inhibiting exchange of commands and data between the
processor and the keyboard.
4. An apparatus comprising keyboard controlling facility that operates in
one of three modes in any point in time during operation,
the three modes including a first mode wherein commands and data are
allowed to be exchanged between a coupled keyboard/auxiliary device and a
coupled processor operating in a first state through the keyboard
controlling facility in a substantially unrestricted manner, except for a
first plurality of security related commands and data,
a second mode wherein commands and data exchanges between the processor
operating in the first state and the keyboard/auxiliary device through the
keyboard controlling facility are substantially inhibited, except for a
second plurality of security related commands and data; and
a third mode wherein the keyboard controlling facilitating communicates
exclusively with the processor operating in a second state, facilitating
servicing of either the first or the second security related commands and
data, and inhibiting all command and data exchanges between the processor
and the keyboard/auxiliary device.
5. The apparatus as set forth in claim 4, wherein the keyboard controlling
facility includes logic for unconditionally channeling data received from
the keyboard/auxiliary device to the processor, except for a plurality of
predetermined key sequences from the keyboard/auxiliary device, while the
processor is operating in the first state and the keyboard controlling
facility is operating in the first mode.
6. The apparatus as set forth in claim 5, wherein the keyboard controlling
facility includes logic for transitioning into and operating the keyboard
controlling facility in the third mode, in response to one of the
predetermined key sequences from the keyboard/auxiliary device, while the
processor is operating in the first state and the keyboard controlling
facility is operating in the first mode.
7. The apparatus as set forth in claim 6, wherein the predetermined key
sequences include a predetermined key sequence denoting a user's desire
for a system comprising the processor to be secured.
8. The apparatus as set forth in claim 4, wherein the keyboard controlling
facility includes logic for unconditionally responding to commands from
the processor directed towards the keyboard controlling facility and
unconditionally channeling data received from the processor to the
keyboard/auxiliary device, except for a plurality of predetermined
commands from the processor that are directed towards the keyboard
controlling facility, while the processor is operating in the first state
and the keyboard controlling facility is operating in the first mode.
9. The apparatus as set forth in claim 8, wherein the keyboard controlling
facility includes logic for conditionally performing zero or at least one
pre-transition operation depending on the command, and then transitioning
into and operating the keyboard controller in the third mode, in response
to one of the predetermined commands from the processor, while the
processor is operating in the first state and the keyboard controlling
facility in the first mode.
10. The apparatus as set forth in claim 9, wherein the predetermined
commands include a command instructing the keyboard controlling facility
to download a password from a non-volatile memory into the keyboard
controlling facility, the keyboard controlling facility downloading the
password before transitioning into and operating the keyboard controlling
facility in the third mode.
11. The apparatus as set forth in claim 9, wherein the predetermined
commands include a command instructing the keyboard controlling facility
to enter the second mode, the keyboard controlling facility transitioning
into and operating the keyboard controlling facility in the third mode,
without performing any pre-transition operations.
12. The apparatus as set forth in claim 4, wherein the keyboard controlling
facility includes logic for conditionally channeling data received from
the keyboard device to the processor if the data are expected responses
from the keyboard, while the processor is operating in the first state and
the keyboard controlling facility is operating in the second mode.
13. The apparatus as set forth in claim 12, wherein the keyboard
controlling facility includes logic for transitioning into and operating
the keyboard controlling facility in the third mode, in response to
unexpected data received from the keyboard, while the processor is
operating in the first state and the keyboard controlling facility is
operating in the second mode.
14. The apparatus as set forth in claim 4, wherein the keyboard controlling
facility includes logic for unconditionally responding to commands from
the processor directed towards the keyboard controlling facility and
unconditionally channeling data received from the processor to the
keyboard, while the processor is operating in the first state and the
keyboard controlling facility is operating in the second mode.
15. The apparatus as set forth in claim 4, wherein the keyboard controlling
facility includes logic for uploading a password to the processor, in
response to a command from the processor, while the processor is operating
in the second state and the keyboard controlling facility is operating in
the third mode.
16. The apparatus as set forth in claim 4, wherein the keyboard controlling
facility includes logic for transitioning into and operating the keyboard
controlling facility in either the first or the second mode, in response
to a command from the processor, while the processor is operating in the
second state and the keyboard controlling facility is operating in the
third mode.
17. An apparatus comprising:
a processor having a first and a second state of operation, an interrupt
for switching the processor from the first state to the second state, and
an instruction for returning the processor to the first state from the
second state;
keyboard controlling facility that operates in a one of three modes in any
point in time during operation, the three modes including
a first mode wherein commands and data are allowed to be exchanged between
a coupled keyboard/auxiliary device and the processor operating in the
first state through the keyboard controlling facility in a substantially
unrestricted manner, except for a first plurality of security related
commands and data,
a second mode wherein commands and data exchanges between the processor
operating in the first state and the keyboard/auxiliary device through the
keyboard controlling facility are substantially inhibited, except for a
second plurality of security related commands and data, and
a third mode wherein the keyboard controlling facilitating communicates
exclusively with the processor operating in a second state, facilitating
servicing of either the first or the second security related commands and
data, and inhibiting all command and data exchanges between the processor
and the keyboard/auxiliary device; and
an interrupt handler executed by the processor in the second state for
servicing the first or the second security related commands and data.
18. The apparatus as set forth in claim 17, wherein
the keyboard controlling facility includes logic for establishing exclusive
communication with the interrupt handler to operate the keyboard
controlling facility in the third mode by triggering the interrupt, when
transitioning from either the first or the second mode to the third mode;
and
the keyboard controlling facility further includes logic for providing the
interrupt handler with a reason for triggering the interrupt.
19. The apparatus as set forth in claim 18, wherein the interrupt handler
includes logic for instructing the keyboard controlling facility to upload
a password, and upon receiving and saving the password, instructing the
keyboard controlling facility to operate in the first mode, in response to
a triggering reason, the triggering reason being the keyboard controlling
facility having received a command to download a password from the
processor.
20. The apparatus as set forth in claim 18, wherein the interrupt handler
includes logic for instructing the keyboard controlling facility to
operate in the second mode, in response to a triggering reason, the
triggering reason being the keyboard controlling facility having received
a command to activate security from the processor.
21. The apparatus as set forth in claim 18, wherein the interrupt handler
includes logic for updating a running sequence of unexpected data received
from the keyboard, and conditionally instructing the keyboard controlling
facility to operate in either the first or the second mode depending on
whether a required password has been entered, in response to a triggering
reason, the triggering reason being the keyboard controlling facility
having received unexpected data from the keyboard.
22. A keyboard controller comprising controlling firmware that operates in
one of three modes in any point in time during operation,
the three modes including a first mode wherein commands and data are
allowed to be exchanged between a coupled keyboard/auxiliary device and a
coupled processor operating in a first state through the keyboard
controller in a substantially unrestricted manner, except for a first
plurality of security related commands and data,
a second mode wherein commands and data exchanges between the processor
operating in the first state and the keyboard/auxiliary device through the
keyboard controller are substantially inhibited, except for a second
plurality of security related commands and data; and
a third mode wherein the keyboard controller communicates exclusively with
the processor operating in a second state, facilitating servicing of
either the first or the second security related commands and data, and
inhibiting all command and data exchanges between the processor and the
keyboard/auxiliary device.
23. A computer motherboard comprising:
a processor having a first and a second state of operation, an interrupt
for switching the processor from the first state to the second state, and
an instruction for returning the processor to the first state from the
second state;
keyboard controlling facility wherein said keyboard controlling facility
includes a virtual keyboard controller that operates in one of three modes
in any point in time during operation, the three modes including
a first mode wherein commands and data are allowed to be exchanged between
a coupled keyboard/auxiliary device and the processor operating in the
first state through the keyboard controlling facility in a substantially
unrestricted manner, except for a first plurality of security related
commands and data,
a second mode wherein commands and data exchanges between the processor
operating in the first state and the keyboard/auxiliary device through the
keyboard controlling facility are substantially inhibited, except for a
second plurality of security related commands and data, and
a third mode wherein the keyboard controlling facilitating communicates
exclusively with the processor operating in a second state, facilitating
servicing of either the first or the second security related commands and
data, and inhibiting all command and data exchanges between the processor
and the keyboard/auxiliary device; and
an interrupt handler executed by the processor in the second state for
servicing the first or the second security related commands and data.
24. A computer motherboard comprising:
a processor having a first and a second state of operation, an interrupt
for switching the processor from the first state to the second state, and
an instruction for returning the processor to the first state from the
second state;
a keyboard controller that operates in one of three modes in any point in
time during operation, the three modes including
a first mode wherein commands and data are allowed to be exchanged between
a coupled keyboard/auxiliary device and the processor operating in the
first state through the keyboard controller in a substantially
unrestricted manner, except for a first plurality of security related
commands and data,
a second mode wherein commands and data exchanges between the processor
operating in the first state and the keyboard/auxiliary device through the
keyboard controller are substantially inhibited, except for a second
plurality of security related commands and data, and
a third mode wherein the keyboard controller communicates exclusively with
the processor operating in a second state, facilitating servicing of
either the first or the second security related commands and data, and
inhibiting all command and data exchanges between the processor and the
keyboard/auxiliary device; and
an interrupt handler executed by the processor in the second state for
servicing the first or the second security related commands and data.
25. A computer system comprising:
a processor having a first and a second state of operation, an interrupt
for switching the processor from the first state to the second state, and
an instruction for returning the processor to the first state from the
second state;
a keyboard including an auxiliary device for inputting control
signals/data;
keyboard controlling facility that operates in one of three modes in any
point in time during operation, the three modes including
a first mode wherein commands and data are allowed to be exchanged between
the keyboard/auxiliary device and the processor operating in the first
state through the keyboard controlling facility in a substantially
unrestricted manner, except for a first plurality of security related
commands and data,
a second mode wherein commands and data exchanges between the processor
operating in the first state and the keyboard/auxiliary device through the
keyboard controlling facility are substantially inhibited, except for a
second plurality of security related commands and data, and
a third mode wherein the keyboard controlling facilitating communicates
exclusively with the processor operating in a second state, facilitating
servicing of either the first or the second security related commands and
data, and inhibiting all command and data exchanges between the processor
and the keyboard/auxiliary device; and
an interrupt handler executed by the processor in the second state for
servicing the first or the second security related commands and data. |
|
|
|
|
|
|
Claims |
|
|
|
Description |
|
|
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to the field of computer systems. More
specifically, the present invention relates to system security of personal
computer systems.
2. Background Information
Historically, when personal computer systems were first introduced, system
security or prevention of unauthorized uses of these systems was not a
very important issue. Thus, system security approaches are typically
simple and unsophisticated, as exemplified by the physical key switch
approach which prevents unauthorized usage by disabling the connected
keyboard of a personal computer system from being able to provide keyboard
inputs to the system.
Over the years, as personal computer systems are increasingly being used
for critical or sensitive applications, system security has become a much
more important issue. Various hardware, software, or combination
approaches with increased capability and/or versatility have been
developed in the industry to achieve the desired security. For example,
U.S. Pat. No. 4,942,606, discloses a more versatile keyboard/auxiliary
device interface controller which supports the selective restriction of
user interaction with the computer system, thereby preventing the personal
computer system from being used, and yet the full internal functionality
of the host/peripheral interface is still maintained, allowing
interactions between the CPU and the connected input devices to continue
even under the "locked mode". As a further example, U.S. Pat. No.
5,097,506 discloses an even more capable keyboard controller/interface
which allows the "locked mode" to be activated through a programmable key
sequence entered from the keyboard.
However, both of these approaches and others like them all suffer the
disadvantage in that the keyboard controller bears the main burden of
supporting the system security feature or capability, resulting in
increased cost for the keyboard controller. Furthermore, since most
keyboard controllers are implemented with low cost controllers having
limited capabilities (due to cost constraints), these and other approaches
like them also suffer the disadvantage of being difficult to extend the
system security capabilities.
Thus, it is desirable to have a system security approach that is more
capable as well as more extensible, without increasing the cost of a
keyboard controller. It is even more desirable if the increased capability
and extendibility can be achieved with less costly keyboard controllers.
As will be disclosed in more detail below, the method and apparatus of the
present invention achieves these and other desirable results.
SUMMARY OF THE INVENTION
A transparent system management interrupt (SMI) handler equipped with
system security functions is provided to a personal computer (PC) for
providing system security to the PC. Additionally, the keyboard
controlling facility of the PC is enhanced to cooperate with the SMI
handler to deliver system security under the direction of the SMI handler.
The SMI handler's system security functions include a number of functions
for handling a number of security related events detected by the keyboard
controlling facility. These security related events include the detection
of "hot keys" from the keyboard, and the detection of a number of security
related commands issued by the processor, while the system is operating in
an unsecured manner. These events further include the detection of
"unexpected responses" from the keyboard, while the system is operating
under the security enforced by the SMI handler in conjunction with the
keyboard controlling facility.
The keyboard controlling facility is enhanced to operate in one of three
modes, a normal mode, a sleuth mode, and a secured mode. Under the normal
mode, the keyboard controlling facility allows commands and data to be
freely exchanged between the processor and the keyboard (including any
auxiliary device attached to the keyboard) in a substantially unrestricted
manner, except for "hot keys" entered by the keyboard, and a number of
security related commands issued by the processor. Under the secured mode,
the keyboard controlling facility allows commands and data to be exchanged
between the processor and the keyboard in a substantially restricted
manner, except for certain commands from the processor to the keyboard and
the keyborad's "expected responses" to these commands. Under the sleuth
mode, the keyboard controlling facility communicates exclusively with the
SMI handler to cooperatively service the security related events that
caused the keyboard controlling facility to enter the sleuth mode, under
the direction of the SMI handler.
The normal mode is the defaulted mode of operation for the keyboard
controlling facility. From the normal mode, the keyboard controlling
facility transitions to the sleuth mode in response to the "restricted"
events. From the sleuth mode, the keyboard controlling facility
transitions to either the normal or the secured mode in accordance to the
direction of the SMI handler. From the secured mode, the keyboard
controlling facility transitions to the sleuth mode in response to the
"restricted" events.
As a result, the SMI handler bears the main burden for providing system
security, allowing minimal functionality to be required of the keyboard
controlling facility, thereby reducing the cost of the keyboard
controlling facility. Furthermore, by virtue of the extendibility of the
SMI handler, the system security functions may be easily extended.
BRIEF DESCRIPTION OF DRAWINGS
The present invention will be described by way of exemplary embodiments,
but not limitations, illustrated in the accompanying drawings in which
like references denote similar elements, and in which:
FIG. 1 illustrates an exemplary computer system incorporating the teachings
of the present invention;
FIG. 2 illustrates one embodiment of the method steps employed by exemplary
computer system of FIG. 1 for handling transparent system interrupts;
FIG. 3 illustrates one embodiment of the keyboard controller of FIG. 1;
FIG. 4 illustrates the operational modes of the keyboard controller of FIG.
3;
FIGS. 5-8 illustrate one embodiment each of the method steps employed by
the keyboard controller of FIG. 3 for operating under the various modes;
FIGS. 9-12 illustrate one embodiment each of the method steps employed by
the keyboard controller of FIG. 3 for transitioning between the various
modes;
FIGS. 13-15 illustrate one embodiment of the method steps employed by the
SMI handler to provide system security; and
FIGS. 16-17 illustrate two exemplary alternate embodiments of the present
invention.
DETAILED DESCRIPTION OF THE INVENTION
In the following description, for purposes of explanation, specific
numbers, materials and configurations are set forth in order to provide a
thorough understanding of the present invention. However, it will be
apparent to one skilled in the art that the present invention may be
practiced without the specific details. In other instances, well known
features are omitted or simplified in order not to obscure the present
invention. Furthermore, in describing various method steps, for ease of
explanation, some of the steps are described as multiple steps, however it
should not be construed that these steps are necessarily order dependent.
Referring now to FIG. 1, an exemplary computer system incorporating the
teachings of the present invention is illustrated. Exemplary computer
system 10 includes motherboard 11 incorporated with the teachings of the
present invention, and external devices 26 and 30-32. Motherboard 11
includes processor 12, cache memory 14, main memory 16, system management
mode (SMM) memory 18, memory controller 20, and processor bus 22 coupled
to each other as shown. Additionally, motherboard 11 further includes
input/output (I/O) controller 24, non-volatile (NV) memory 17, keyboard
controller 28 incorporated with the teachings of the present invention,
and I/O bus 34, coupled to each other and the earlier enumerated elements
as shown. External devices 26 and 30-32 include mass storage 26, keyboard
30 and auxiliary device 32 such as a mouse. Mass storage 26 is coupled to
I/O bus 34 directly, while keyboard 30 and auxiliary device 32 are coupled
to I/O bus 34 through keyboard controller 28. Other I/O devices (not
shown) may also be coupled to I/O bus 34 through keyboard controller 28.
Processor 12 performs its conventional function of executing instructions
of programs, including application programs, subsystem and operating
systems. In particular, processor 12 includes circuitry for being
interrupted by a system management interrupt (SMI), which is an interrupt
unmaskable by the executing programs. Furthermore, the instruction set
supported by processor 12 includes a Resume instruction for subsequently
resuming execution of the interrupted programs. As will be described in
more detail below, the interrupted programs resume execution as if they
were never interrupted. During this period, from interruption to
resumption, processor 12 is said to be executing in a system management
mode (SMM). Particular examples of processor 12 include i486.TM. and
Pentium.RTM. processors manufactured by Intel Corp. of Santa Clara,
Calif., assignee of the present invention.
SMM memory 18 is used to store an SMI handler for servicing each SMI, and
temporarily saving the processor state while servicing an SMI. SMI handler
further includes security functions for providing system security to
computer system 10, which will be described in more detail below. Upon
servicing an SMI, the SMI handler uses the Resume instruction to resume
execution of the interrupted programs. SMM memory 18 is normally not
mapped into the system memory space. SMM memory 18 is mapped into the
system memory space only when an SMI needs to be serviced, and unmapped
upon servicing the SMI. SMM memory 18 may be implemented with any number
of random access memory (RAM) known in the art.
Non-volatile (NV) memory 17 is used to store a programmable password, which
is used during operation to impose system security and prevent
unauthorized usage of computer system 10. Similarly, NV memory 17 may be
implemented in any number of manners known in the art.
Memory controller 20 performs its conventional function of controlling
accesses to the various memories 14, 16, 17, and 18. In particular, memory
controller 20 includes circuitry for dynamically mapping and unmapping SMM
memory 18 into the system memory space under the control of processor 12.
Memory controller 20 may also be implemented with any number of memory
controllers known in the art.
Keyboard controller 28 performs its conventional function of controlling
keyboard 30 and auxiliary device 32. However, keyboard controller 28 is
enhanced to complement the security functions of the SMI handler to
deliver system security, which will be more fully described below.
All other elements 14-16, 22-26, and 32-34 perform their conventional
functions. Their constitutions are well known and will not be otherwise
described.
Before describing the SMI handler and keyboard controller 28 in detail, it
should be noted that while for ease of understanding, the present
invention is being mainly described with the keyboard controller 28 being
enhanced to complement the security functions of the SMI handler for
delivering system security, based on the description to follow, a person
skilled in the art will appreciate that the present invention may be
practiced with the enhanced keyboard controlling facility being embodied
in a number of alternative manners, including but not limited to a
coordinated I/O and keyboard controllers approach, or an integrated
I/O-Keyboard controller approach, etc.
Additionally, while for ease of explanation, enumerated elements 12-24, 28
and 34 are shown as being disposed on a single circuit board or
motherboard 11, in other embodiments, selected ones of these enumerated
elements may be disposed off motherboard 11.
Furthermore, with references to FIG. 2, we will briefly describe the
servicing of an SMI. As shown, upon detection of an SMI, processor 12
directs memory controller 20 to switch in and map SMM memory 18 as part of
the system memory space, and in response, memory controller 20 performs
the requested switching and mapping accordingly, step 48. Next, processor
12 saves the processor state into SMM memory 18, step 50. Upon saving the
processor state, processor 12 transfers execution control to the
pre-stored SMI handler, step 56.
The SMI handler then determines the cause of the SMI and services the SMI
accordingly. Upon servicing the SMI, the SMI handler executes a Resume
instruction to transfer execution control back to the interrupted
programs. In response, processor 12 restores the saved processor state in
SMM memory 18, step 52. Furthermore, processor 12 directs memory
controller 20 to unmap SMM memory 18 from the system memory space and
switch out SMM memory 18. In response, memory controller 20 performs the
requested unmapping and switching accordingly, step 54.
As a result, the SMI is serviced in a manner that is transparent to the
executing operating system, subsystems as well as applications. In other
words, an SMI is a transparent system service interrupt. As will be
explained in more detail, the present invention exploits the functions
offered by the SMI and the SMM to allow the SMI handler to bear the main
burden for providing system security to computer system 10.
Referring now to FIG. 3, wherein one embodiment of keyboard controller 28
of FIG. 1 is illustrated. As shown, keyboard controller 28 includes clock
62, control logic 64, read only memory 68, random access memory 72 and bus
80 coupled to each other as shown. Additionally, keyboard controller 28
also includes data bus input register 66, data bus output register 70, and
status register 74, coupled to bus 80 and interface 82 as shown.
Furthermore, keyboard controller 28 includes timer counter 76 and I/O
lines 78 coupled to bus 80 as shown. Keyboard 30 and auxiliary device 32
are coupled to I/O lines 78 through interface 84. Collectively, data bus
input register 66, data bus output register 70, and status register 74 are
also referred to as the "system port", whereas I/O lines 78 are also
referred to as the "device port".
Control logic 64 controls the operation of keyboard controller 28,
executing controller firmware incorporated with the teachings of the
present invention. In particular, the firmware implements a plurality of
commands supported by keyboard controller 28. For the most part, these
commands are the commands required to be compatible with what's known in
the art as the standard IBM.RTM. PS/2 Keyboard Controller commands. These
commands includes a first command for processor 12 to download a password
from NV memory 17 to keyboard controller 28, and a second command for
processor 12 to direct keyboard controller 28 to activate system security
(but without shutting off commands from processor 12 to connected devices
30-32, nor proper responses from connected devices 30-32 to processor 12).
As will be described in more detail below, in accordance with the present
invention, the controller firmware implements these support by causing
keyboard controller 28 to operate in one of three modes, a normal mode, a
sleuth mode, and a secured mode. The controller firmware is pre-loaded in
read only memory 68. Random access memory 72 is used to store various
operational data. I/O lines 76 are used to transfer commands/status and
data to/from the connected devices, which include keyboard 30 and
auxiliary device 32. Data bus input and output registers 66 and 70, and
status register 74 are used to transfer commands/status and data from/to
processor 12.
As will be obvious from the description to follow, keyboard controller 28
having the requisite controller firmware in accordance with the present
invention may be implemented with any number of well known "programmable"
keyboard controllers, including but not limited to the 8042 keyboard
controller manufactured by Intel Corp. of Santa Clara, Calif., assignee of
the present invention.
FIG. 4 illustrates the operating modes of keyboard controller 28 in further
detail. As shown, keyboard controller 28 operates in one of three modes,
normal mode 102, sleuth mode 106, and secured mode 1 | | |
