HP INCFollow

Abstract

DMA protection is a very important industry security feature. It can block any

unauthorized DMA access. Here we use Intel design as the overall example, this

feature is implemented by Intel VT-d (Intel® Virtualization Technology for Directed

I/O).

 Currently, customer may get two kinds of error message while an unauthorized DMA

access blocked on HP commercial personal computer products. One is BSOD 0xE6

(Windows feature) and the other is a warning PPI in pre-boot (HP feature).

 Once the error happened, the worst case is the system stuck every time. Customer

will wait for a very long time for issue fixed. (This kind of issue is usually hard to

reproduce with very low fail rate. It may be fixed by BIOS or OS driver, so it will cost

lots of time to fix the root cause.) It will also impact the factory process.

 Customer can’t use their own PCIE add-on Card which is not DMAR compatible.

 To solve above problems, BIOS provided an interface for the DMAR exception list to

allow a PCIE device to execute DMA operation without following DMAR mechanism.

 Required a new SW driver can monitor if there is any DMAR error happened or not.

If yes, SW driver can notify IT to approve this PCIE device and update the result to

BIOS. BIOS will also monitor the DMAR error during pre-boot phase.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 4.0 License.

Download

Share

COinS