Intel® Virtualization Technology (Intel® VT) offers a variety of capabilities that can be used by virtualization solutions and security solutions alike. One capability is that Intel® VT redefines the highest privilege level in the system via VMX root. Typical virtualization solutions provide a virtual machine monitor (VMM) that utilizes Intel® VT to virtualize the underlying hardware for the purpose of running multiple operating systems. However, for reasons stated in the previous section, general purpose VMMs have not focused on providing the security properties the industry needs.
To maximize security, it is important to ensure that the highest privilege code executing on a platform has a small trusted computing base (TCB). This is because it must be acknowledged that any code introduced into a system has potential bugs, and these bugs can be exploited as vulnerabilities. There is simply a higher probability of bugs in a large quantity of code over a small quantity of code. Thus, in a secure system, the highest-privilege core components from which the rest of the system derives its security must be designed to be as minimalistic as possible. Unlike a general-purpose VMM, there
are no device drivers, schedulers, or general-purpose hardware virtualization components needed for a specialized security monitor—only the essential security functionality. This approach fundamentally minimizes the exposure of the core high-privilege security code.
Minimal code and security specialization also enable a low-overhead solution. By keeping the tasks of the VMX root components as minimal as possible, we create a system where the transitions into and out of VMX root are minimized.
Maintaining a single operating system view and allowing a single operating system to retain full control over resource scheduling means that processor time does not have to be shared with other guest operating systems or programs.
Additionally, a security specialized monitor using VMX root actually improves the overall compatibility of the system as well. For example, device drivers in the Intel® VT system stay in the same form when loaded within the operating system and do not need to be ported or replicated in the VMM layer as they would with a general-purpose VMM. Thus, existing update mechanisms, hardware interactions, and system services are entirely preserved.
There is no need for IT or consumers to update additional components, change their existing images, or wait for specialized compatible drivers to become available in order to deploy a security monitor. Advanced power management, 3D graphics, storage, and networking operate unobstructed.