Intel Vt-D Objectives; Intel Vt-D Features - Intel BX80605X3430 - Xeon 2.4 GHz Processor Datasheet

• Guest Preemption Timer
— Mechanism for a VMM to preempt the execution of a guest OS after an amount
of time specified by the VMM. The VMM sets a timer value before entering a
guest
— The feature aids VMM developers in flexibility and Quality of Service (QoS)
guarantees
• Descriptor-Table Exiting
— Descriptor-table exiting allows a VMM to protect a guest OS from internal
(malicious software based) attack by preventing relocation of key system data
structures like IDT (interrupt descriptor table), GDT (global descriptor table),
LDT (local descriptor table), and TSS (task segment selector).
— A VMM using this feature can intercept (by a VM exit) attempts to relocate
these data structures and prevent them from being tampered by malicious
software.
®
3.1.3 Intel
The key Intel VT-d objectives are domain-based isolation and hardware-based
virtualization. A domain can be abstractly defined as an isolated environment in a
platform to which a subset of host physical memory is allocated. Virtualization allows
for the creation of one or more partitions on a single system. This could be multiple
partitions in the same operating system, or there can be multiple operating system
instances running on the same system—offering benefits such as system consolidation,
legacy migration, activity partitioning, or security.
®
3.1.4 Intel
The processor supports the following Intel VT-d features:
• 48-bit maximum guest address width and 36-bit maximum host address width for
non-isoch traffic, in UP profiles
• 39-bit maximum guest address width and 36-bit maximum host address width for
isoch (Intel High Definition Audio isoch) traffic
• Support for 4K page sizes only
• Support for register-based fault recording only (for single entry only) and support
for MSI interrupts for faults
— Support for fault collapsing based on Requester ID
• Support for both leaf and non-leaf caching
• Support for boot protection of default page table
• Support for non-caching of invalid page table entries
• Support for hardware based flushing of translated but pending writes and pending
reads, on IOTLB invalidation
• Support for page-selective IOTLB invalidation
• Support for queue-based invalidation interface
• Support for Intel VT-d read prefetching/snarfing (such as, translations within a
cacheline are stored in an internal buffer for reuse for subsequent transactions)
• Support for ARI (Alternate Requester ID—a PCI SIG ECR for increasing the function
number count in a PCI Express device) to support IOV devices
32
VT-d Objectives
VT-d Features
Technologies
Datasheet, Volume 1