Intel Corporation
METHOD AND APPARATUS FOR DETECTING ATS-BASED DMA ATTACK

Abstract:

Embodiments are directed to providing a secure address translation service. An embodiment of a system includes a computer-readable memory for storage of data, the computer-readable memory comprising a first memory buffer and a second memory buffer, an attack discovery unit device comprising processing circuitry to perform operations, comprising, receiving a direct memory access (DMA) request from a remote device via a Peripheral Component Interconnect Express (PCIe) link, the direct memory access (DMA) request comprising a host physical address and a header indicating that the target memory address has previously been translated to a host physical address (HPA), and blocking a direct memory access in response to a determination of at least one of that the remote device has not obtained a valid address translation from a translation agent, or that the remote device has not obtained a valid translation for the target memory address from the translation agent.