Episode: 31
Title: HPR0031: Intel Virtualization Technology
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr0031/hpr0031.mp3
Transcribed: 2025-10-07 10:28:27

---

Then you can go.
Oh, Ok.
Hello and welcome to Hacker Public Radio.
This is the MerroVinci.
Coming to you today to discuss a little more virtualization technologies.
Today I'd like to look at an article, if included in the link in the show notes, called
Intel Virtualization Technology and it has a pretty large list of authors.
The top three are Rich, Ulig, Gil Niger, and Dion Rogers.
There's a handful of other authors involved, but they are all members of the Intel Corporation
design team I believe and this article was a cover feature of the March 2005 IEEE,
or of an 2005 IEEE journal featuring the new VT technology that Intel was releasing
within their architecture within the third two-bit and 64-bit architecture.
Basically, in a nutshell, the VT technology allows you to take virtualization and bring
it down to the hardware level.
When we last talked about the main two different types of virtualization, like full virtualization
and pair of virtualization, with this VT technology, this VT technology paired with pair
of virtualization brings the virtualization from that software controlling the hardware
functionality and brings it down entirely to the hardware level and allows you to provide
our two, create CPU access or allow CPU level access to the guest operating system or
the guest virtual machine without having to emulate this technology.
With the VT, they originally had two forms and it was the VTX and VTI.
The VTX technology allows for two new forms of CPU operation.
Those are broken down into VMX, root operation and VMX non-root operation and basically a
virtual machine runs in the VMX root operation and it runs its guests in the VMX non-root
operation.
Both forms of this operation supports the four privileged levels or the four CPU privilege
rings.
Since the VMX root and the guest run in the VMX non-root, that means the guest runs
in a technically lower or they run in a less privileged ring but to the guest operating
system, it has its own ring structure.
To the guest operating system, it has access to ring zero which is the most privileged
access when in reality it's still contained within ring three or ring four and yet doesn't
have access to ring zero except through the virtual machine monitor, the hypervisor as
it were.
Now this technology is absolutely incredible because now we've taken what we needed
to do in software and what we had to worry about code escalation or code privilege to these
access rings, I mean now there's no emulation whatsoever in the software level, it's all
taken care of in the hardware level.
Now the other form of Intel's virtualization technology is the VTI architecture and basically
this is a principal hardware extension and as a addition of a new bit in the processor
status register, so that's the PSR, I'm not very big on CPU construction architecture
so this article might make more sense to other people but basically what the VTI architecture
allows is that as it runs the PSR.VM bit, it's either zero or a one, zero being, as if there
were no VMs that it has to worry about, no virtualized guests that it has to worry about
so basically if there was no VTI technology in the chip or if that bit is signaled as a one
which allows, which would allow privilege instructions and some non-privileged instructions
to cause a new virtualization fault in the processor as it's working.
Now like I said, I'm not a processor individual so I would definitely encourage you to go
through and read through this article to maybe find more information and hopefully some of you
all can go through this article in full, amounts of information that I did not discuss here
because maybe quite frankly I don't understand. I would like to also include though that this
article focuses on Intel's VTI technology. Now that's not to say other chips at manufacturers
have not been working on their own virtualization technology. I know that AMD has their own
VTS technology although they have their own internal name for it which I do not remember but
ultimately this technology has allowed for massive virtualization machines to be brought down
to the consumer prosumer level so that you can run multiple virtual machines on your own personal
computer and yet not be any overhead in terms of processing costs for hardware costs or software
costs because it all occurs in hardware and basically that is closer to as if you had an individual
machine for each virtual machine monitor. This has been the MerroVinci. If you have any questions
feel free to email me MerroVinci at Gino.com. You can usually find me lurking in the Infanamacon
channel on the free node IRC server but this is another episode. Thank you for listening to
the Haftler Public Radio. HPR is sponsored by Carol.net so head on over to C-A-R-O dot N-E-T for all