Abstract
DMA protection is a very important industry security feature. It can block any
unauthorized DMA access. Here we use Intel design as the overall example, this
feature is implemented by Intel VT-d (Intel® Virtualization Technology for Directed
I/O).
Currently, customer may get two kinds of error message while an unauthorized DMA
access blocked on HP commercial personal computer products. One is BSOD 0xE6
(Windows feature) and the other is a warning PPI in pre-boot (HP feature).
Once the error happened, the worst case is the system stuck every time. Customer
will wait for a very long time for issue fixed. (This kind of issue is usually hard to
reproduce with very low fail rate. It may be fixed by BIOS or OS driver, so it will cost
lots of time to fix the root cause.) It will also impact the factory process.
Customer can’t use their own PCIE add-on Card which is not DMAR compatible.
To solve above problems, BIOS provided an interface for the DMAR exception list to
allow a PCIE device to execute DMA operation without following DMAR mechanism.
Required a new SW driver can monitor if there is any DMAR error happened or not.
If yes, SW driver can notify IT to approve this PCIE device and update the result to
BIOS. BIOS will also monitor the DMAR error during pre-boot phase.
Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 4.0 License.
Recommended Citation
INC, HP, "DMA ERROR MANAGEMENT SYSTEM", Technical Disclosure Commons, (February 08, 2021)
https://www.tdcommons.org/dpubs_series/4059