-
-
Notifications
You must be signed in to change notification settings - Fork 104
Device_FPGA_DMA_Not_Working
The reason why the DMA card isn't working may be due to different things. Here we'll try to find and resolve the more common issues. This guide is primarily written with FT601 based USB boards in mind. ZDMA which uses Thunderbolt have a different driver.
Even if the plan is to use the API it's recommended to try DMA out with the pcileech command-line tool if it's not working.
This guide is just outlining the more common issues. It is in no way a complete guide. Before looking into other issues it's recommended to try the steps in this guide though.
- Ensure the USB cable is connected to the DATA port of the DMA board and to your 2nd PC.
- Download PCILeech from Github, unzip it to a folder.
- Download FTD3XX.DLL from ftdichip.com and put it into the PCILeech folder alongside PCILeech. NB! this is not required on Linux.
- Make sure the 1st PC (the one with the DMA board inserted into it) is freshly started (not rebooted) and that you have logged on to Windows.
- Run PCILeech:
pcileech.exe -device fpga -v display -min 0x1000
If you see the message below this means the USB connection is working and that the device have firmware revision 4.14
flashed. Also PCIe was detected and PCIe ID was assigned value 0400
. Some memory was successfully read. The USB connection seems to be working!
Q:\>pcileech.exe -device fpga -v display -min 0x1000
DEVICE: FPGA: ScreamerM2 PCIe gen2 x1 [300,25,500] [v4.14,0400] [ASYNC,NORM]
Memory Display: Contents for address: 0x0000000000001000
0000 e9 4d 06 00 01 00 00 00 01 00 00 00 3f 00 18 10 .M..........?...
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 9b 20 00 .............. .
The following error message means that FTD3XX.DLL isn't downloaded and installed alongside PCILeech.
Q:\>pcileech.exe -device fpga -v display -min 0x1000
DEVICE: FPGA: ERROR: Unable to load 'FTD3XX.dll' or 'leechcore_driver.dll' [0,v0.0,0000]
PCILEECH: Failed to connect to the device.
If you see the message below that means there is no working USB connection.
Q:\>pcileech.exe -device fpga -v display -min 0x1000
DEVICE: FPGA: ERROR: Unable to connect to FPGA device [0,v0.0,0000]
PCILEECH: Failed to connect to the device.
This may be due to several reasons, common ones includes:
- USB cable not connected to DATA port of the DMA board.
- DMA PC not powered on.
- FT601 driver is not properly installed:
- In device manager, it should show up as
Universal Serial Bus controllers > FTDI FT601 USB 3.0 Bridge Device
(if USB cable is connected and DMA PC is powered on). - If this is not found or there is an error with the automatic driver download, download manually from ftdichip.com and install manually.
- DMA board is not properly flashed.
- Generally if the DMA board is properly flashed it should blink a couple of times when the DMA PC is powered on.
If the USB connection is working, i.e. you're able to see the firmware version (4.14 or similar) but DMA is still not working, that may be due to some different things.
Since DMA may stop working under certain conditions it's strongly recommended to run any tests on a freshly powered on system (not rebooted) after the user logged on to Windows, also before any additional applications (including games) are started.
If the DMA isn't working at all when running the command:
pcileech.exe -device fpga -v display -min 0x1000
If the above command does not work try:
pcileech.exe -device fpga -v -vvv display -min 0x1000
or
pcileech.exe -device fpga://algo=1 -v -vvv display -min 0x1000
If none of the above commands work it may be due to Anti-DMA protections by Windows.
In BIOS/UEFI settings disable VT-d / IOMMU etc. If running via a Thunderbolt eGPU enclosure or similar Thunderbolt security level must also be set to Legacy/None/etc.
If you're targeting an AMD system or doing DMA over Thunderbolt (eGPU enclosure or similar) DMA will often stop working when a non-valid memory address is read. This often happens by mistake. If this happens DMA will most often stop working until the DMA computer is powered off and then on again.
Read the Guide Entry about AMD and Thunderbolt about how to resolve this issue by using a memory map aka. memmap.
Implementing a memmap will hopefully resolve this issue.
Sponsor PCILeech and MemProcFS:
PCILeech and MemProcFS is free and open source!
I put a lot of time and energy into PCILeech and MemProcFS and related research to make this happen. Some aspects of the projects relate to hardware and I put quite some money into my projects and related research. If you think PCILeech and/or MemProcFS are awesome tools and/or if you had a use for them it's now possible to contribute by becoming a sponsor!
If you like what I've created with PCIleech and MemProcFS with regards to DMA, Memory Analysis and Memory Forensics and would like to give something back to support future development please consider becoming a sponsor at: /~https://github.com/sponsors/ufrisk
Thank You 💖