Brief History of the x86 Architecture
The x86 architecture has roots that reach back to 8‐bit processors built by Intel in the late 1970s. As
manufacturing capabilities improved and software demands increased, Intel extended the 8‐bit architecture to 16 bits with the 8086 processor. Later still, with the arrival of the 80386 CPU in 1985, Intel extended the architecture to 32 bits. Intel calls this architecture IA‐32, but the vendor‐neutral term x86 is also common. Over the following two decades, the basic 32‐bit architecture remained the same, although successive generations of CPUs added many new features, including an on‐chip floating point unit, support for large physical memories through physical address extension (PAE), and vector instructions. In 2003, AMD introduced a 64‐bit extension to the x86 architecture, initially dubbed AMD64, and began shipping 64‐bit Opteron CPUs in 2004. Later in 2004, Intel announced its own 64‐bit architectural extension of IA‐32, calling it IA‐32e and later also EM64T. The AMD and Intel 64‐bit extensions are extremely similar, although they differ in some minor ways, one of which is crucial for virtualization.
Instruction Set Virtualization
In order to run one or more virtual machines safely on a single host, ESX must isolate the virtual machines so that they cannot interfere with each other or with the VMkernel. In particular, it must prevent the virtual machines from directly executing privileged instructions that could affect the state of the physical machine as a whole. Instead, it must intercept such instructions and emulate them so their effect is applied to the virtual machine’s hardware, not the physical machine’s hardware. For example, issuing the reboot command in a virtual machine should reboot just that virtual machine, not the entire host. In 2003, when AMD extended the x86 architecture from 32 to 64 bits, it eliminated segment limit checks for 64‐bit code (32‐bit code still retained segment limit checks for backwards compatibility). This change meant that a BT‐based VMM could not use segmentation to protect the VMM from a 64‐bit virtual machine. In other words, BT32 could virtualize the 32‐bit x86 architecture efficiently, but BT64 could not virtualize the 64‐bit architecture efficiently.
When this architectural deficiency became apparent, AMD added segment limits back into 64‐bit code. This addition missed the initial Opteron Rev C processor (which shipped in limited quantities only) but was present beginning with the next revision, Rev D, and has remained present in AMD 64‐bit CPUs ever since. Thus, all 64‐bit AMD CPUs, with the exception of the original Opteron Rev C, can run virtual machines with BT64. The Intel 64‐bit extensions to the x86 architecture also omitted support for segment limit checks for 64‐bit code. Unlike AMD, however, Intel has not added support for segment limit checks in subsequent processors. This limitation makes it inefficient to run 64‐bit virtual machines using BT64 on Intel CPUs.
Hardware Technique: VT-x and AMD-V
About the same time they were making the transition from 32‐bit to 64‐bit hardware, both Intel and AMD recognized the importance of virtualization. Both companies began designing hardware that made it easier for a VMM to run virtual machines. The first hardware designs focused on the subproblem of how to virtualize the 32‐ and 64‐bit x86 instruction set. The Intel design, called VT‐x, took on particular importance because it provided a way to virtualize 64‐bit virtual machines efficiently. (BT64 is not efficient because of the lack of segment limit checks in 64‐bit mode on Intel CPUs.) AMD subsequently introduced AMD‐V to provide hardware support for instruction set virtualization but virtualization of 64‐bit virtual machines using BT64 was possible already for AMD CPUs.