Intel G1620T CM8063701448300 User Manual
Product codes
CM8063701448300
Processor Core
110
Datasheet
•
Guest Preemption Timer
— Mechanism for a VMM to preempt the execution of a guest OS VM after an
amount of time specified by the VMM. The VMM sets a timer value before
entering a guest.
entering a guest.
— The feature aids VMM developers in flexibility and Quality of Service (QoS)
guarantees flexibility in guest VM scheduling and building Quality of Service
(QoS) schemes
(QoS) schemes
•
Descriptor-Table Exiting
— Descriptor-table exiting allows a VMM to protect a guest OS from internal
(malicious software based) attack by preventing relocation of key system data
structures like IDT (interrupt descriptor table), GDT (global descriptor table),
LDT (local descriptor table), and TSS (task segment selector)
structures like IDT (interrupt descriptor table), GDT (global descriptor table),
LDT (local descriptor table), and TSS (task segment selector)
— A VMM using this feature can intercept (by a VM exit) attempts to relocate these
data structures and prevent them from being tampered by malicious software
•
VM Functions
— A VM function is an operation provided by the processor that can be invoked
using the VMFUNC instruction from guest VM without a VM exit
— A VM function to perform EPTP switching is supported and allows guest VM to
load a new value for the EPT pointer, thereby establishing a different EPT paging
structure hierarchy
structure hierarchy
10.1.2
Security and Cryptography Technologies
10.1.2.1
PCLMULQDQ Instruction
The processor supports the carry-less multiplication instruction, PCLMULQDQ.
PCLMULQDQ is a Single Instruction Multiple Data (SIMD) instruction that computes the
128-bit carry-less multiplication of two, 64-bit operands without generating and
propagating carries. Carry-less multiplication is an essential processing component of
several cryptographic systems and standards. Hence, accelerating carry-less
multiplication can significantly contribute to achieving high speed secure computing
and communication.
PCLMULQDQ is a Single Instruction Multiple Data (SIMD) instruction that computes the
128-bit carry-less multiplication of two, 64-bit operands without generating and
propagating carries. Carry-less multiplication is an essential processing component of
several cryptographic systems and standards. Hence, accelerating carry-less
multiplication can significantly contribute to achieving high speed secure computing
and communication.
10.1.2.2
Digital Random Number Generator
The processor introduces a software visible digital random number generation
mechanism supported by a high quality entropy source. This capability is available to
programmers through the new RDRAND instruction. The resultant random number
generation capability is designed to comply with existing industry standards (ANSI
X9.82 and NIST SP 800-90).
mechanism supported by a high quality entropy source. This capability is available to
programmers through the new RDRAND instruction. The resultant random number
generation capability is designed to comply with existing industry standards (ANSI
X9.82 and NIST SP 800-90).
Some possible uses of the new RDRAND instruction include cryptographic key
generation as used in a variety of applications including communication, digital
signatures, secure storage, etc.
generation as used in a variety of applications including communication, digital
signatures, secure storage, etc.