Hardening is the process of ensuring that a driver works correctly in spite of faults in the I/O device that it controls or other faults originating outside the system core. A hardened driver must not panic, hang the system, or allow the uncontrolled spread of corrupted data as the result of any such faults.
A hardened driver obeys all the rules of a standard Solaris device driver plus some additional rules:
Each piece of hardware should be controlled by a separate instance of the device driver.
Programmed I/O (PIO) must be performed only through the DDI access functions, using the appropriate data access handle.
Device driver must assume that data it receives from the device could be corrupted. The driver must check the integrity of the data before using it.
Driver must control the effects of any faults that it detects. Device-supplied data must be integrity checked before it is released to the rest of the system.
Driver must ensure that all device writes using DMA buffers must be contained within pages of memory controlled entirely by the driver. This prevents a DMA fault from corrupting an arbitrary part of the system's main memory.
Driver must not be an unlimited drain on system resources if the device locks up. It should time-out if a device claims to be continuously busy. The driver should also detect a pathological (stuck) interrupt request and take appropriate action.
Driver must free up resources after a fault. For example, the system must be able to close all minor devices and detach driver instances, even after the hardware fails.