Why does PF_VIRT_FIRMWARE_ENABLED return false even when virtualization is enabl...
source link: https://devblogs.microsoft.com/oldnewthing/20201216-00/?p=104550
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Why does PF_VIRT_FIRMWARE_ENABLED return false even when virtualization is enabled in the firmware?
Raymond
December 16th, 2020
The IsProcessorFeaturePresent
function has a processor feature called PF_
VIRT_
FIRMWARE_
ENABLED
. A customer enabled virtualization in their firmware, but calling IsProcessorFeaturePresent
with that feature still returned FALSE
. Why is this function lying?
It’s not lying.
Even if you enable virtualization in firmware, it may not actually be available. If the operating system is running inside a virtual machine, then it cannot access the virtualization extensions because the virtualization host is using them. Checking for PF_
VIRT_
FIRMWARE_
ENABLED
will say “No virtual extensions for you.”
Even if you think that you’re not running inside a virtual machine, you could be. If Hyper-V is enabled, then the root operating system is not actually in charge. The root operating system is running inside its own virtual machine, under the control of the hypervisor.
And remember that features like Virtualization Based Security and and Windows Defender Application Guard are security features which secretly use Hyper-V to create virtual machines to isolate untrusted code into their own containers.
Bonus chatter: I dimly recall that the IBM 360 supported self-virtualization, so you could have the host hypervisor create a virtual machine, and in the virtual machine, the operating system could itself act as a hypervisor for its own little universe of virtual machines. It’s virtual machine turtles all the way down!
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK