could someone explain what hardware virtualization is and why most CPS's have it turned off?? Also how can hardware make sure that we can use an OS in the virtual mode??
Asked
Active
Viewed 126 times
1 Answers
3
Hardware Virtualization refers to a set of CPU instructions and capabilities that make OS Virtualization [ the sort of virtualization that involves Hypervisors from the likes of VMWare, Xen, KVM, Hyper-V etc ] tasks simpler/faster by allowing the CPU to carry out tasks directly that would otherwise require the hypervisor to do quite a lot of work. The specific commands and features are things like VMMEntry\VMMExit (handling VM context switching on the CPU) and features like second level address translation and page table shadowing (like Intel's EPT, AMD's RVI). It's not just one feature even though it is commonly referred to as if it was, and it is constantly being expanded to cover additional areas like memory management and IO Virtualization so the vTX capabilities in earlier systems (like the original dual core Xeons) are not as effective as those in more recent CPUs.
As far as why it's turned off by default - I suspect it is because it was not commonly utilized when it originally appeared and there were concerns that it could be used by malware to facilitate undetectable root kit type attacks. Whether that is true or not there was a lot of negative comment online about it at one stage as concerns about the security implications were thrashed out.
There's a technical primer on Intel's vTX here which explains briefly how it's evolved and which new capabilities\features are being developed.
Helvick
- 20,019
- 4
- 38
- 55