Linked by Thom Holwerda on Thu 7th May 2009 18:01 UTC
Windows Windows XP Mode, the virtualisation tool currently in beta for Windows 7, only works on processors with virtualisation extensions, known as AMD-V and Intel VT-x. Microsoft made this clear from the get-go, but still various news websites regurgitated it as "news" yesterday that some Intel processors do not support XPM. Twenty-four hours down the road, and Intel had a few things to say about this.
Thread beginning with comment 362329
To read all comments associated with this story, please click here.
Comment by Kroc
by Kroc on Thu 7th May 2009 18:34 UTC
Kroc
Member since:
2005-11-10

Reasons why XPM only supports VT-capable processors:

* ‘Thinner’ virtualisation. Faster.

* More secure. The VM cannot escape the sandbox

* Less code to write/support back-porting to non VT-capable CPUs

* Business customers only—less diversity to target

* Optional install—use another of the million solutions out there if XPM does not work for you.

In short, Microsoft are keeping things simple (for once). Having to enable VT in the BIOS is a blow though. Thank you BIOS/Mobo OEMs for your 25 year old system that’s been hindering us ever since.

Reply Score: 3

RE: Comment by Kroc
by mckill on Thu 7th May 2009 19:08 in reply to "Comment by Kroc"
mckill Member since:
2007-06-12

I remember seeing a VMWare core dev speaking unofficially at a conference saying VT was actually slower and their software implementation was much faster.

Essentially this was just a quick way for MS to get virtualization in the OS pretty fast.

Edited 2009-05-07 19:14 UTC

Reply Parent Score: 1

RE[2]: Comment by Kroc
by Drumhellar on Thu 7th May 2009 19:32 in reply to "RE: Comment by Kroc"
Drumhellar Member since:
2005-07-12

Essentially this was just a quick way for MS to get virtualization in the OS pretty fast.


This is how it breaks down:

AMD-V/VT-x: Generally slowest, but very stable, especially when the guest uses wierd processor features.

Software: Faster, not as stable. Wierd processor stuff can crash the guest.

AMD-V/VT-x + nested page tables: Faster than software, as stable as hardware. The first chips with AMD-V/VT-x didn't support NPT, but later ones.

Reply Parent Score: 3

RE: Comment by Kroc
by darknexus on Thu 7th May 2009 19:15 in reply to "Comment by Kroc"
darknexus Member since:
2008-07-15

Thank you BIOS/Mobo OEMs for your 25 year old system that’s been hindering us ever since.

And thank Intel as well, for basically disabling EFI on most PC boards... thank Microsoft, too, for insisting on using the cludgy BIOS calls in win9x for years, and for not even beginning to support EFI until Vista. There's a lot of blame to go around when it comes to the bios, the whole thing should've been reworked from the ground-up once its limitations became apparent years and years ago, but instead we just got hack after hack...
</rant>

Reply Parent Score: 3

RE: Comment by Kroc
by cyclops on Thu 7th May 2009 20:00 in reply to "Comment by Kroc"
cyclops Member since:
2006-03-12

Reasons why XPM only supports VT-capable processors:

* ‘Thinner’ virtualisation. Faster.

* More secure. The VM cannot escape the sandbox

* Less code to write/support back-porting to non VT-capable CPUs

* Business customers only—less diversity to target

* Optional install—use another of the million solutions out there if XPM does not work for you.

In short, Microsoft are keeping things simple (for once). Having to enable VT in the BIOS is a blow though. Thank you BIOS/Mobo OEMs for your 25 year old system that’s been hindering us ever since.


Wow. Hardware virtualisation under hardware is slower under some circumstances than Software. In fact a hybrid solution is considered optimal. I have seen little of its security benefits. As for writing code to backport its interesting that companies who's entire infrastructure like say Sun sorry Oracle can do this, when they do not have the same vested interest in backward *binary* compatibility that Microsoft. As for smaller target of end-users being a good thing...its bizarroworld.

I look forward to Microsoft getting slapped from a Monopolistic and User standpoint. Personally I hope they continue these business decisions.

As for the bios switch comments well I never, as defending Microsoft, After Netscape; Wordperfect; IE6 etc etc them buggers have held back progress for years. Thank goodness we have other OS's with real virtualisation Support

Reply Parent Score: 1

RE[2]: Comment by Kroc
by Kroc on Thu 7th May 2009 20:15 in reply to "RE: Comment by Kroc"
Kroc Member since:
2005-11-10

Hardware VT being slower; that's news to me. Always good to learn something new.

I'm not defending Microsoft though, but seeing it from a software development perspective. They probably cobbled this together relatively quickly so the shortest code-path was the best option for them. There's many better ways to run XP in a VM, certainly; I just feel the hoo-ha over XPM's limited support is overblown.

Edited 2009-05-07 20:19 UTC

Reply Parent Score: 1

RE: Comment by Kroc
by 7q2z3lp02@sneakemail on Thu 7th May 2009 20:38 in reply to "Comment by Kroc"
7q2z3lp02@sneakemail Member since:
2009-05-07

Yes, the BIOS disables the processor virtualization feature on most Intel and AMD platforms that could support the processor virtualization. The desk visit is for the IT person to change the setting in the BIOS setup program.

Remember the Blue Pill attack? The good people over at Invisible Things Lab published a virtualization hack that can take over a machine at a level where anything running in an OS would have a difficult task of detecting the attack.

In a quick reaction, the processor, BIOS, and system vendors decided to disable the feature by default. To enable it, the person holding the system has to hit DEL, F2, ESC, or whatever BIOS Setup key is defined and turn the feature on. Sorry.

If those pesky virus writers would go away, the vendors could ship systems that have all of the security features disabled.

This setting is done in legacy BIOSs, EFI BIOSs, and should be done in boot loaders / linux BIOSs. Don't forget the major purpose of the pre-OS firmware is to get the hardware ready for the OS. All of the pre-OS firmware has to support some of the older interfaces if you want to boot anything other than an Apple OS.

Reply Parent Score: 2