29

If I am not using any virtualization software on my computer, do I gain or lose anything by enabling (or disabling) x86 virtualization?

Improve this question
1

2 Answers 2

Reset to default
18

No. Intel VT technology is only useful when running programs that are compatible with it, and actually use it. AFAIK, the only useful tools that can do this are sandboxes and virtual machines. Even then, enabling this technology can be a security risk in some cases. Often, virtualization technology is not required to emulate x86 or x86-64 instructions, albeit at the expense of speed.

As a best practice, I would leave it explicitly disabled unless required.

Improve this answer
4

while it is true you should not enable VT unless you really use it, there is no more risk if the feature is on or not. you need to protect your system the best you can, whether it is for virtualization or not.

VT makes nothing possible that was not possible before!

http://x86vmm.blogspot.com/2006/08/blue-pill-is-quasi-illiterate.html

Improve this answer
3
  • 4
    Actually, VT does make something possible that wasn't before - it allows for a program running under an operating system to obtain full control of the CPU (which is impossible under any modern operating system without virtualization). Although I do agree that you can do just as much without virtualization as you can with (gotta love Turing completeness :).
    – Breakthrough
    Commented May 1, 2012 at 18:08
  • 2
    Thanks, but do you have any reference for that "full control"? Not really want to make it a polemic, because my understanding is that it makes the virtual cpu appear to have the full control of cpu, but actually not, but adding additional instructions? Intel source itself also seems to disagree: intel.com/content/www/us/en/virtualization/… and from what heard, the recent versions makes VT-enabled chips more secure with Intel TXT.
    – johnshen64
    Commented May 1, 2012 at 18:16
  • 2
    I read that in the Intel 64 and IA-32 Architectures Software Developer Manuals. It literally allows a VM to execute x86 code directly on the CPU, avoiding a performance penalty incurred if you were to simply emulate the CPU (which is required without virtualization support).
    – Breakthrough
    Commented May 1, 2012 at 18:45

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .