Lets consider the difference between virtualized and non-virtualized platforms.
Here VMM refers to Hypervisor. There are different privilege levels in the processor for instruction execution. These levels are called Rings (Ring 0, 1, 2, 3).
When you enable Intel VT:
When you enable Intel VT-x:
Here VMM refers to Hypervisor. There are different privilege levels in the processor for instruction execution. These levels are called Rings (Ring 0, 1, 2, 3).
When you enable Intel VT:
- In a non-virtualized environment OS runs on ring 0. A single operating system controls all hardware resources
- Four privilege levels (rings) are employed on VT platforms
- When it is enabled hypervisor now runs on Ring 0 instead of an OS. Guest OS runs in Ring 1 or Ring 3
- VT allows the hypervisor to present each guest OS a virtual machine (VM) environment that emulates the hardware environment needed by the guest OS
When you enable Intel VT-x:
- Intel (VT-x) - is a hardware assisted virtualization technology
- Hardware support for processor virtualization enables system vendors to provide simple, robust, and reliable hypervisor software
- VT-x consists of a set of virtual machine extensions (VMX) that support virtualization of processor hardware for multiple software environments using virtual machine
- A hypervisor written to take advantage of the Intel®Virtualization Technology runs in a new CPU mode called “VMX Root” mode and the guest OS in the “VMX Non-root” mode. The VMM will manage the virtual machines through the VM Exit and VM Entry mechanism
- Hypervisor has its own privileged level (VMX Root) where it executes
Below figure shows difference in Ring levels of Intel VT and Intel VT-x
Reference: Intel