Communication between devices within a computer system is typically performed using one or more buses that interconnect such devices. These buses may be dedicated buses coupling two devices or non dedicated buses that are multiplexed by a number of units and devices (e.g., bus agents). Moreover, buses within a computer system may be dedicated to transferring a specific type of information. For example, the X86 Microprocessor Architecture developed by Intel® Corporation of Santa Clara, Calif., includes a three bus system with address, data and control buses for respectively transferring data, address and control signals.
A vast amount of research and system architecture design efforts have been directed to increasing data throughput within computer systems. Technology such as data pipelining, out-of-order execution, and the like, enable advanced architectures in processing with significantly higher clock rates and world class performance. One technique for speeding up overall computer architecture operation is direct memory access (DMA). DMA is a capability provided by advanced architectures which allows data to be sent directly from an attached device to the memory on the computer's motherboard. As a result, the system's microprocessor is freed from involvement with the data transfer, thus speeding up overall computer operation.
Architectures that employ DMA channels can transfer data to and from devices much more quickly than systems which do not include DMA channels. In addition, such systems may employ bus masters, which are provided with the capability to execute direct memory access. A bus master is a program either in a microprocessor or more usually in a separate I/O controller that directs traffic on the system bus or input/output paths. The bus master is the master and the I/O devices on the bus are the slaves. As a result, the bus master controls the bus paths on which the address and control signals flow. Accordingly, once a bus master is setup, the flow of data bits goes directly between the I/O device and the memory.
Currently, well developed memory access control mechanisms exist for system microprocessors. The control provided generally defines, on a per process basis, whether certain memory pages may be accessed. Usually this mechanism is coupled with virtual to physical address translation. However, hardware devices which may be designated as bus masters are generally trusted. As a result, if a hardware card gets bus master access, it is free to perform any transaction (read/write) to/from any memory area. This imposes a high security risk and reduces system reliability. For example, a network interface controller (NIC) with bugs can write to a wrong memory region and cause unpredictable damage. Moreover, a network card who's firmware is hacked can grab the contents of the whole physical memory and send it to a remote location.