No "Trusted Execution" on Xeon E5540, what am I missing?

Question

I seems the Xeon E5540 ticks all the "fun" boxes for Hyper-V (especially VT-d) on Windows Server 2012. The only one conspicuously missing is "Trusted Execution".

I read the information on Wikipedia and Intel's page. If I understand it correctly it enables the OS to mark data as non-executable and prevent attacks in various ways.

So I understand it's generally a good thing to have. Question then becomes: If I use this CPU (or another CPU w/o Trusted Execution) in my Hyper-V servers, how am I potentially shooting myself in the foot? What features will I NOT be able to use?

FYI- Trusted execution does not "enables the OS to mark data as non-executable". That is Data Execution Prevention and the NX bit. Trusted Execution uses code signing to verify that only authorized code is allowed to be loaded and executed. — longneck, Oct 10 '13 at 20:47

score 3 · Accepted Answer · answered Jul 16 '13 at 11:01

3

Chips with the "Trusted Execution" basically allow EFI booting to work correctly and to make use of a TPM module. Since you're using Hyper-V, there's no purpose for this technology. Most Xeons that I've seen actually lack this feature in particular anyway.

answered Jul 16 '13 at 11:01

Nathan C

15,059
4
43
62

Thanks, EFI Booting indeed isn't a priority. At least not at the moment (unless I'll need to start booting from GPD partitioned drives..). – Vincent Vancalbergh Jul 16 '13 at 12:20

No "Trusted Execution" on Xeon E5540, what am I missing?

1 Answers1