dma

<?xml encoding="utf-8" ?>We believe a game-changing anti-cheat mechanism against DMA cheating has emerged.Important Disclaimer: All information in this article is based on publicly available Intel VT-d technical documentation and actual anti-cheat testing, and is not from direct analysis of ACE anti-cheat code. The actual mechanism may be more complex! How It WorksVT-d Forced Activation: When players enable VT-d, the system forces all PCIe device DMA requests to be managed through IOMMU channels, at minimum DMA device requests will go through IOMMU channels.Memory Access Monitoring: When any PCIe device attempts to read game-specific memory base addresses or offsets protected by ACE anti-cheat, the IOMMU detects this unauthorized access and triggers an exception.Exception Capture and Detection: The ACE anti-cheat system only needs to capture the exception information thrown by the IOMMU to confirm that protected game data has been read by external hardware devices.Punishment Mechanism: If the firmware of the DMA cheating device has obvious flaws in simulating authentic PCIe device responses (not realistic enough), ACE will directly ban the account. If the firmware's simulation of authentic PCIe device responses is more convincing (sufficiently realistic), ACE will kick the player from the current game session.Key Point: Since normal PCIe devices do not actively access protected memory regions of game processes, this mechanism has an extremely low probability of false positives.Actual Testing ObservationsTesting confirmed that merely running DMA speed testing tools without accessing any game-related addresses, or reading unconventional data/data not protected by game anti-cheat, does not trigger IOMMU exceptions or any form of bans/kicks.Platform LimitationsCurrently, ACE anti-cheat has reached cooperation with Intel, enabling them to force players using Intel CPUs to enable VT-d functionality. As of now, ACE has not reached similar cooperation with AMD, so this mandatory requirement does not apply to AMD platforms.How to Solve This Issue1.DMA software reads unconventional data, already avoiding detection. Anti-cheat only needs to target DMA software to resolve this.2.Modify motherboard BIOS to deceive the system that VT-d has been enabled.3.Spoof AMD CPU to deceive the system that VT-d enforcement is unnecessary.4.Use AMD CPU, as ACE has not yet established cooperation with AMD CPUs.5.DMA firmware can independently intercept IOMMU exception information, so if anti-cheat cannot capture any exception information, it will not trigger any behavioral detection.And many more solutions exist.