x86 virtualization

[4]: 10 [9]: 17 and 21 On traditional mainframes, the classic type 1 hypervisor was self-standing and did not depend on any operating system or run any user applications itself.

[10] The initial version of x86-64 (AMD64) did not allow for a software-only full virtualization due to the lack of segmentation support in long mode, which made the protection of the hypervisor's memory impossible, in particular, the protection of the trap handler that runs in the guest kernel address space.

[11][12]: 11 and 20  Revision D and later 64-bit AMD processors (as a rule of thumb, those manufactured in 90 nm or less) added basic support for segmentation in long mode, making it possible to run 64-bit guests in 64-bit hosts via binary translation.

AMD Opteron CPUs beginning with the Family 0x10 Barcelona line, and Phenom II CPUs, support a second generation hardware virtualization technology called Rapid Virtualization Indexing (formerly known as Nested Page Tables during its development), later adopted by Intel as Extended Page Tables (EPT).

[19] Instructions in AMD-V include VMRUN, VMLOAD, VMSAVE, CLGI, VMMCALL, INVLPGA, SKINIT, and STGI.

[19][21][22] "VMX" stands for Virtual Machine Extensions, which adds 13 new instructions: VMPTRLD, VMPTRST, VMCLEAR, VMREAD, VMWRITE, VMCALL, VMLAUNCH, VMRESUME, VMXOFF, VMXON, INVEPT, INVVPID, and VMFUNC.

[25] Intel started to include Extended Page Tables (EPT),[26] a technology for page-table virtualization,[27] since the Nehalem architecture,[28][29] released in 2008.

In 2010, Westmere added support for launching the logical processor directly in real mode – a feature called "unrestricted guest", which requires EPT to work.

[30][31] Since the Haswell microarchitecture (announced in 2013), Intel started to include VMCS shadowing as a technology that accelerates nested virtualization of VMMs.

[33] As soon as more than one VMM or nested VMMs are used, a problem appears in a way similar to what required shadow page table management to be invented, as described above.

[34] VIA Nano 3000 Series Processors and higher support VIA VT virtualization technology compatible with Intel VT-x.

An input/output memory management unit (IOMMU) allows guest virtual machines to directly use peripheral devices, such as Ethernet, accelerated graphics cards, and hard-drive controllers, through DMA and interrupt remapping.

At the same time, an IOMMU also allows operating systems and hypervisors to prevent buggy or malicious hardware from compromising memory security.

[54] With SR-IOV enabled, virtualized network interfaces are directly accessible to the guests,[55] avoiding involvement of the VMM and resulting in high overall performance;[53] for example, SR-IOV achieves over 95% of the bare metal network bandwidth in NASA's virtualized datacenter[56] and in the Amazon Public Cloud.

AMD Phenom die
Intel Core i7 (Bloomfield) CPU
A Linux kernel log showing AMD-Vi information