ra2 studio - Fotolia


Understand hardware support for virtualization

Intel, AMD and ARM processors optimize virtualization in a number of ways, from instruction set extensions to interrupts, via Intel VT, AMD-V, ARMv8, Intel APICv and AMD AVIC.

Chipmakers Intel, Advanced Micro Devices Inc. and ARM Ltd. implement instruction set extensions that enable hardware...

support for virtualization, but it can be difficult to make sense of the alphabet soup of codes and acronyms involved.

Hardware support has long been an indispensable requirement for practical virtualization, enabling the selected hypervisor to handle complex instruction privilege translations and manage virtualized memory resources at hardware clock speeds.

Instruction set extensions -- complete sets of new transistors added to processors and other chips that bring new capabilities and process specific new instructions directly – provide hardware support for virtualization. Without extensions, the features and tasks needed to support virtualization would require software emulation, which is often too cumbersome and inefficient to handle vital virtualization tasks.

Virtualization is largely a compute activity that requires comprehensive memory management and control over privileged access. Consequently, both Intel and Advanced Micro Devices (AMD) include virtualization support by adding instruction set extensions and a complementary array of features to their processors.

Intel Virtualization Technology (VT)

Intel's hardware support for virtualization was first introduced in 2005 with the introduction of Intel VT-x on two models of the Pentium 4 processor. VT-x added 10 new instructions that enable VM creation and control. The virtualization software runs in a virtual execution mode where a guest OS has full privileges so as not to disrupt the host OS, which is protected and isolated.

Additional virtualization technologies appeared after the initial introduction of VT-x. While these aren't specifically VT-x commands, the additional features offer more virtualization capabilities to Intel processors.

In 2008, Intel added support for Extended Page Tables (EPTs), which was Intel's implementation of Second Level Address Translation (SLAT) or nested paging.

Virtualization must translate physical memory addresses into virtual memory addresses. The problem is that this translation happens twice: once for the host VM and then a second time for each guest VM. This increases overhead and slows performance. SLAT technologies, such as EPT, improve memory management and boost performance by eliminating this overhead and handling all the memory management tasks together.

In 2010, Intel supported unrestricted guests -- also called IA-32e mode -- enabling logical processors and virtual CPUs to run in real mode on the processor. This enables a VM guest to run in bare-metal mode using its own EPT. Some software, such as VMware Workstation 14 and Fusion 10, requires the processor to support IA-32e mode.

ARM processors typically use reduced instruction sets, which require less energy and cooling because there are far fewer transistors, and they often provide better performance due to a simpler processor design.

By 2013, Intel introduced Virtual Machine Control Structure (VMCS) shadowing. One long-standing challenge with virtualization is the issue of nesting, which is running a VM within a VM. Every VM uses a unique data structure. When a VM runs within a VM, that data structure must be swapped or changed.

Before 2013, the means of addressing this issue was to cache each VMCS and use software to handle them, but the process took too much time and reduced performance. Adding VMCS shadowing to the processor makes VMCS handling far more efficient and boosts VM performance.

AMD Virtualization (AMD-V)

AMD initially added the command set extensions needed for virtualization support in several of its processor families in 2006, including the Athlon 64, Athlon 64 X2, Athlon 64 FX, Turion 64 X2 and some Opteron, Phenom and Phenom II processors. AMD-V commands enable developers to write software that creates and controls VMs, supporting the use of hypervisors.

AMD later added support for SLAT or nested paging to some K10 and Phenom II processors in the form of rapid virtualization indexing -- which is functionally identical to Intel's EPT -- to speed the performance of physical-to-virtual memory translations.

ARM virtualization

Processors that use RISC architectures have started to adopt virtualization support. The industry-standard ARM architecture version eight -- ARMv8-A -- now supports virtualization capabilities, enabling the ARM chip to run multiple VMs, each with a different OS.

ARMv8.1 introduces Virtualization Host Extensions (VHE), which provide enhanced support for Type 2 hypervisors. ARMv8.1-VHE also provides basic address translation. ARMv8.3-NV added support for nested virtualization.

ARM processors typically use reduced instruction sets, which require less energy and cooling because there are far fewer transistors, and they often provide better performance due to a simpler processor design. ARM chips have long been employed in embedded systems and servers intended for basic, high-volume workloads, such as web servers.

Today, the addition of hardware support for virtualization is garnering more attention for ARM-based systems that can host even more workloads, appealing to extremely high-volume data centers.

Intel APICv and AMD AVIC

Processors use interrupts that enable the system to be interrupted by real-world events, such as a keyboard signal or system condition. However, a high volume of interrupts can potentially affect the performance of a virtualized system, constantly requiring the workloads to stop and wait for the CPU to address other things going on in the system.

The concept of interrupt virtualization alleviates these potential performance effects by sorting and queuing interrupts. Sorting enables the system to address interrupts based on priority, while queuing lets the system wait for the most opportune time to address an interrupt. Taken together, the technologies can minimize the performance effects of interrupts on virtualized environments.

Intel and AMD both added interrupt virtualization in 2012. AMD uses the Advanced Virtual Interrupt Controller (AVIC), which is available on later-model Carrizo processors. Intel uses Advanced Programmable Interrupt Controller virtualization (APICv), which first appeared on several Xeon E5 processors in 2013 and 2014.

In 2019, almost all the major processor models have hardware support for virtualization except for some Intel Atom models. For example, the Diamondville, Pineview and Cedarview variants of the Atom processor don't support Intel-VT.

Virtualization support isn't always enabled by default. Some system motherboards require administrators to enable virtualization features in the system's firmware -- BIOS -- before software can use virtualization capabilities.

Part two of this three-part series will cover each of the major GPU extensions.

Dig Deeper on Containers and virtualization