	US 12,333,004 B2
	Privileged firmware mode protection
Baibhav Singh, Sunnyvale, CA (US); Stephen Elliot McLaughlin, San Jose, CA (US); and Hayawardh Vijayakumar, San Jose, CA (US)
Assigned to Samsung Electronics Co., Ltd., Suwon-si (KR)
Filed by Samsung Electronics Co., Ltd., Suwon-si (KR)
Filed on Oct. 18, 2022, as Appl. No. 17/968,182.
Claims priority of provisional application 63/355,969, filed on Jun. 27, 2022.
Prior Publication US 2023/0418937 A1, Dec. 28, 2023
Int. Cl. G06F 21/55 (2013.01); G06F 21/54 (2013.01); G06F 21/60 (2013.01)

CPC G06F 21/554 (2013.01) [G06F 21/54 (2013.01); G06F 21/604 (2013.01)]

20 Claims

1. A method comprising:

accessing a request from a lower privileged process executing on a booted computing device operating a processor in a lower-privileged mode, wherein the request is to access a privileged firmware mode of the booted computing device in which the processor operates in a full-privileged mode having full access to the booted computing device's systems and resources, wherein the privileged firmware mode comprises one or more active system management interrupts;

accessing a set of access policies for detecting whether the request is an unauthorized access to the privileged firmware mode;

determining, prior to operating the booted computing device in the privileged firmware mode and based on at least part of a content of the request and on the set of access policies, whether the request to access the privileged firmware mode comprising the one or more active system management interrupts is authorized; and

denying or permitting, based on the determination, access by the lower privileged process to the privileged firmware mode.