From af0fe5983d9bba72677c4af4ed381c71a63404a4 Mon Sep 17 00:00:00 2001
From: aktsuda <aktsuda@microsoft.com>
Date: Thu, 30 Jul 2020 14:32:07 +0900
Subject: [PATCH 1/2] Update kernel-dma-protection-for-thunderbolt.md

Add the following FAQ:
### My system's Kernel DMA Protection is off. Can DMA-remapping for a specific device be turned on?

Yes. DMA remapping for a specific device can be turned on independent from Kernel DMA Protection. (i.e. if the driver opts in and VT-d is turned on, then DMA remapping will be enabled for the devices driver, even if Kernel DMA Protection is off).

Kernel DMA Protection is a policy that allows/disallows devices to perform DMA, based on their remapping state/capabilities.
---
 .../kernel-dma-protection-for-thunderbolt.md                | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
index b36af3f717..c951585127 100644
--- a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
+++ b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
@@ -115,6 +115,12 @@ Please check the driver instance for the device you are testing. Some drivers ma
 
 If the peripherals do have class drivers provided by Windows 10, please use these drivers on your systems. If there are no class drivers provided by Windows for your peripherals, please contact your peripheral vendor/driver vendor to update the driver to support [DMA Remapping](https://docs.microsoft.com/windows-hardware/drivers/pci/enabling-dma-remapping-for-device-drivers).
 
+### My system's Kernel DMA Protection is off. Can DMA-remapping for a specific device be turned on?
+
+Yes. DMA remapping for a specific device can be turned on independent from Kernel DMA Protection. (i.e. if the driver opts in and VT-d is turned on, then DMA remapping will be enabled for the devices driver, even if Kernel DMA Protection is off).
+
+Kernel DMA Protection is a policy that allows/disallows devices to perform DMA, based on their remapping state/capabilities.
+
 ### Do Microsoft drivers support DMA-remapping?
 In Windows 10 1803 and beyond, the Microsoft inbox drivers for USB XHCI (3.x) Controllers, Storage AHCI/SATA Controllers and Storage NVMe Controllers support DMA Remapping.
 

From 9134e24e0deb9ecf90f5394837bcdf36907f60ca Mon Sep 17 00:00:00 2001
From: Daniel Simpson <dansimp@microsoft.com>
Date: Thu, 30 Jul 2020 13:39:46 -0700
Subject: [PATCH 2/2] Update kernel-dma-protection-for-thunderbolt.md

minor edits
---
 .../kernel-dma-protection-for-thunderbolt.md                  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
index c951585127..6ea046a8f3 100644
--- a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
+++ b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
@@ -117,9 +117,9 @@ If the peripherals do have class drivers provided by Windows 10, please use thes
 
 ### My system's Kernel DMA Protection is off. Can DMA-remapping for a specific device be turned on?
 
-Yes. DMA remapping for a specific device can be turned on independent from Kernel DMA Protection. (i.e. if the driver opts in and VT-d is turned on, then DMA remapping will be enabled for the devices driver, even if Kernel DMA Protection is off).
+Yes. DMA remapping for a specific device can be turned on independent from Kernel DMA Protection. For example, if the driver opts in and VT-d (Virtualization Technology for Directed I/O) is turned on, then DMA remapping will be enabled for the devices driver even if Kernel DMA Protection is turned off.
 
-Kernel DMA Protection is a policy that allows/disallows devices to perform DMA, based on their remapping state/capabilities.
+Kernel DMA Protection is a policy that allows or blocks devices to perform DMA, based on their remapping state and capabilities.
 
 ### Do Microsoft drivers support DMA-remapping?
 In Windows 10 1803 and beyond, the Microsoft inbox drivers for USB XHCI (3.x) Controllers, Storage AHCI/SATA Controllers and Storage NVMe Controllers support DMA Remapping.