The invention of multiprogramming has led to higher demands for protection and sharing between programs. Multiprogramming also led to the concept of a process, that is, a running program plus any state needed to continue running the program. For a process to operate correctly whether it executes continuously from start to finish or is interrupted repeatedly and switched with other processes, there is needed some protection mechanism so that one process cannot modify another process or alter state information stored in memory.
Some processor architectures provide different protection mechanisms to maintain memory integrity between processes. For example, the IA-32 architecture provides three protection mechanisms: protection levels; descriptors, and address mapping (linear and virtual addresses translated to physical addresses). If these mechanisms are properly utilized, stray memory accesses or other such reckless behavior by one process will interrupt the processor before damage is done, provided the process is executed on the processor.
However, host processors are not the only devices in a computer system that may generate an address (memory or I/O) and potentially corrupt data, programs or I/O devices. Demands on the capacities of processors have caused system designers to develop ways to offload certain tasks (such as moving blocks of data) to I/O processors, offload engines, direct memory access (DMA) devices or other bus masters (hereinafter bus masters), which may generate memory or I/O addresses.
In the operation of modem buses, master/slave or master/target is one model for a communication protocol in which one device or process (known as the master) controls one or more other devices or processes (known as slaves). Once the master/slave relationship is established, the direction of control is generally from the master to the slave(s) (i.e. transactions are initiated by the master).
These bus masters are typically programmed by software device drivers. Once the bus master is programmed, the bus master may access system memory without consulting the processor, thereby bypassing the protection mechanisms of the processor. Thus, a malicious or unbehaved driver could potentially cause a bus master to corrupt data, programs, or the configuration of other bus masters. Such concerns are of particular importance when computer systems handle sensitive data or are connected to public networks.