Driver Verifier DMA Violation Blue Screen With MXIe or Thunderbolt Modules

Updated Dec 17, 2023

Reported In

Hardware

  • PXI Controller
  • PXIe-8301
  • PCIe-8361

Operating System

  • Windows

Issue Details

  • I have a PXIe MXI system that uses a Thunderbolt PXIe-8301 module. If I have any PXI/PXIe cards (such as the PXI-5922 or PXI-5600) installed in my PXI chassis when I start the connected host computer, I get a Blue Screen, with the error message “DRIVER_VERIFIER_DMA_VIOLATION”. This error occurs both before and after logging in to my Windows account.
  • I have a PXIe system connected to my PC using NI PCIe-8361. The PXIe chassis houses PXI modules. As soon as I switch on the whole system and try to open NI MAX, I experience a Blue Screen with the error message “DRIVER_VERIFIER_DMA_VIOLATION”.

Solution

This issue has been resolved with Microsoft service pack update KB5014699  for Windows 10 versions 20H2 and newer. Please update the version of Windows being used.

This was a known issue as stated in Stop code DRIVER_VERIFIER_DMA_VIOLATION when Kernel DMA Protection is enabled

For older versions of Windows 10 prior to 20H2, the workaround is to disable the Kernel DMA Protection in the computer’s BIOS.

Some computers do not specifically have the option Kernel DMA Protection in the BIOS. You will need to look for the Virtualization Technology for Directed I/O (Vtd) option and disable it, this will disable the Kernel DMA Protection.  

Note, not all laptops with Kernel DMA Protection enabled will give a blue screen. It depends on how the DMA Protection has been implemented by the manufacturer.

Additional Information

This Blue Screen occurs due to the interaction between the data transmitted from the PXIe controller to the connected PC and the Kernel DMA (Direct Memory Access) Protection added in Windows 10 Version 1803.

The attack which the Kernel DMA Protection prevents requires the attacker to have hands-on access with the computer. As such, keeping the computer in a secured environment will reduce the risk of an attack.

As the previous workaround left the end-user vulnerable to a cyberattack, it is advisable to first update Windows to include service pack KB5014032 or pursue all other lines of troubleshooting first. If updating Windows is not an option, please make sure the end-user is aware of the risk.

Laptop manufacturers/vendors determine which PCI segments DMA protection is applied to by setting specific attributes in the AHCI information that Windows gathers when booting the system. The attribute settings are a design decision that is normally based on the intended use of various PCI ports but could easily be an oversight as this new capability is rolled out. It's not something that is easily checked ahead of time.

The best way to check if a laptop would be compatible is to check the ability to disable Intel VT-d or AMD-Vi in the BIOS. While some laptops will work without this needing to be done, there is no way to tell this without testing the laptop with a system.