Vol. 3 9-49
PROCESSOR MANAGEMENT AND INITIALIZATION
Example 9-10. Pseudo Code to Authenticate the Update
Z ← Obtain Update Revision from the Update Header to be authenticated;
X ← Obtain Current Update Signature from MSR 8BH;
If (Z > X)
{
Load Update that is to be authenticated;
Y ← Obtain New Signature from MSR 8BH;
If (Z == Y)
Success
Else
Fail
}
Else
Fail
Example 9-10 requires that the BIOS only authenticate updates that contain a
numerically larger revision than the currently loaded revision, where Current Signa-
ture (X) < New Update Revision (Z). A processor with no loaded update is considered
to have a revision equal to zero.
This authentication procedure relies upon the decoding provided by the processor to
verify an update from a potentially hostile source. As an example, this mechanism in
conjunction with other safeguards provides security for dynamically incorporating
field updates into the BIOS.
9.11.8 Pentium 4, Intel Xeon, and P6 Family Processor
Microcode Update Specifications
This section describes the interface that an application can use to dynamically inte-
grate processor-specific updates into the system BIOS. In this discussion, the appli-
cation is referred to as the calling program or caller.
The real mode INT15 call specification described here is an Intel extension to an OEM
BIOS. This extension allows an application to read and modify the contents of the
microcode update data in NVRAM. The update loader, which is part of the system
BIOS, cannot be updated by the interface. All of the functions defined in the specifi
-
cation must be implemented for a system to be considered compliant with the speci-
fication. The INT15 functions are accessible only from real mode.
9.11.8.1 Responsibilities of the BIOS
If a BIOS passes the presence test (INT 15H, AX = 0D042H, BL = 0H), it must imple-
ment all of the sub-functions defined in the INT 15H, AX = 0D042H specification.