Intel 2760QM FF8062701065300 User Manual
Product codes
FF8062701065300
Technologies
22
Datasheet, Volume 1
3.1.2
Intel
®
VT-x Features
The processor core supports the following Intel VT-x features:
• Extended Page Tables (EPT)
— hardware assisted page table virtualization
— eliminates VM exits from guest OS to the VMM for shadow page-table
maintenance
• Virtual Processor IDs (VPID)
— Ability to assign a VM ID to tag processor core hardware structures (such as,
TLBs)
— This avoids flushes on VM transitions to give a lower-cost VM transition time
and an overall reduction in virtualization overhead.
• Guest Preemption Timer
— Mechanism for a VMM to preempt the execution of a guest OS after an amount
of time specified by the VMM. The VMM sets a timer value before entering a
guest
guest
— The feature aids VMM developers in flexibility and Quality of Service (QoS)
guarantees
• Descriptor-Table Exiting
— Descriptor-table exiting allows a VMM to protect a guest OS from internal
(malicious software based) attack by preventing relocation of key system data
structures like IDT (interrupt descriptor table), GDT (global descriptor table),
LDT (local descriptor table), and TSS (task segment selector).
structures like IDT (interrupt descriptor table), GDT (global descriptor table),
LDT (local descriptor table), and TSS (task segment selector).
— A VMM using this feature can intercept (by a VM exit) attempts to relocate
these data structures and prevent them from being tampered by malicious
software.
software.
3.1.3
Intel
®
VT-d Objectives
The key Intel VT-d objectives are abstraction and robustness. Hardware abstraction has
two key benefits. First is partitioning hardware into configurable isolated environments
called domains to which a subset of host physical memory is allocated. Second is
greater flexibility in modifying hardware capability without direct operating system
interference. Virtualization allows for the creation of one or more partitions on a single
system. This could be multiple partitions in the same operating system, or there can be
multiple operating system instances running on the same system. The VT-d
architecture provides the flexibility to support multiple usage models and in turn
complement Intel VT-x capability. This offers benefits such as system consolidation,
legacy migration, activity partitioning, or security. The second objective is robustness.
VT-d enables protected access to I/O devices from a given virtual machine so that it
does not interfere with a different virtual machine on the same platform. Any errors or
permission violation are trapped and hence the system is more robust.
two key benefits. First is partitioning hardware into configurable isolated environments
called domains to which a subset of host physical memory is allocated. Second is
greater flexibility in modifying hardware capability without direct operating system
interference. Virtualization allows for the creation of one or more partitions on a single
system. This could be multiple partitions in the same operating system, or there can be
multiple operating system instances running on the same system. The VT-d
architecture provides the flexibility to support multiple usage models and in turn
complement Intel VT-x capability. This offers benefits such as system consolidation,
legacy migration, activity partitioning, or security. The second objective is robustness.
VT-d enables protected access to I/O devices from a given virtual machine so that it
does not interfere with a different virtual machine on the same platform. Any errors or
permission violation are trapped and hence the system is more robust.