Intel's Trusted Execution Technology (TXT): enable in BIOS or not?












0















I have a new Dell 7530 mobile workstation that I just started configuring.



This machine uses an Intel Xeon E-2186M and has 32 GB of ECC DRAM. This CPU fully supports the latest hardware virtualization technologies (VT-x, VT-d, EPT).



Initially this machine will be running Windows 10 due to lack of time to switch operating systems. I really hope to have time in about a year to invest in switching to Linux, as I hate the Bea$t's new spyware as a service business model. I certainly will be running Linux virtual machines on it in the interim.



One of my first steps was to go into its BIOS and pour thru all the settings. I was pleased to see that Dell's defaults were mostly good, only a few changes were needed. For example, it was default configured for Secure Boot.



In its Virtualization Support section, they enabled both "Intel Virtualization Technology" (VT-x) and "VT for Direct I/O" (VT-d) by default, which is also good.



However, there was a 3rd option for Intel's Trusted Execution Technology (TXT) that was disabled. I think that the BIOS description said this:




This option specifies whether a Measured Virtual Machine Monitor
(MVMM) can utilize the additional hardware capabilities provided by
Intel Trusted Execution Technology. The TPM Virtualization Technology,
and Virtualization technology for direct I/O must be enabled to use
this feature.



Trusted Execution - disabled by default.




I say "think" because the official Dell documentation for the 7530's BIOS, as of today, does not not mention that option. The text above is for the Dell Latitude E7470, altho it is what I recall my BIOS saying.



From that description, plus Intel's whitepaper, it sounds like something that I would want to enable, since I for sure will be using VirtualBox (and in the future, something more powerful like KVM or Xen). Unfortunately, a web search found no endorsements for that theory.



Instead, all I have found is several reports saying to turn off, especially on Dell systems, for both VirtualBox and KVM: link 1, link 2. (My original question put more links in here, but when I tried to submit, this website claimed that my question was spam...)



Does anyone know the definitive answer?



I note that some of the links saying not to enable it go back several years, so perhaps it was once true advice that now is no longer valid?










share|improve this question

























  • Does your processor even support VT-d? Update your question to include this vital information

    – Ramhound
    Jan 5 at 6:40











  • If using Linux, also post the output if cat proc/cpuinfo - this should have an appropriate flag set if it's enables (TXT I think)

    – davidgo
    Jan 5 at 9:42











  • @Ramhound: you are right, I should have mentioned that, question updated as requested.

    – HaroldFinch
    Jan 5 at 15:19











  • @davidgo: question edited: Win 10 for now, Linux in the future.

    – HaroldFinch
    Jan 5 at 15:25











  • I very much doubt VirtualBox makes any use of TXT.

    – Daniel B
    Jan 5 at 15:30
















0















I have a new Dell 7530 mobile workstation that I just started configuring.



This machine uses an Intel Xeon E-2186M and has 32 GB of ECC DRAM. This CPU fully supports the latest hardware virtualization technologies (VT-x, VT-d, EPT).



Initially this machine will be running Windows 10 due to lack of time to switch operating systems. I really hope to have time in about a year to invest in switching to Linux, as I hate the Bea$t's new spyware as a service business model. I certainly will be running Linux virtual machines on it in the interim.



One of my first steps was to go into its BIOS and pour thru all the settings. I was pleased to see that Dell's defaults were mostly good, only a few changes were needed. For example, it was default configured for Secure Boot.



In its Virtualization Support section, they enabled both "Intel Virtualization Technology" (VT-x) and "VT for Direct I/O" (VT-d) by default, which is also good.



However, there was a 3rd option for Intel's Trusted Execution Technology (TXT) that was disabled. I think that the BIOS description said this:




This option specifies whether a Measured Virtual Machine Monitor
(MVMM) can utilize the additional hardware capabilities provided by
Intel Trusted Execution Technology. The TPM Virtualization Technology,
and Virtualization technology for direct I/O must be enabled to use
this feature.



Trusted Execution - disabled by default.




I say "think" because the official Dell documentation for the 7530's BIOS, as of today, does not not mention that option. The text above is for the Dell Latitude E7470, altho it is what I recall my BIOS saying.



From that description, plus Intel's whitepaper, it sounds like something that I would want to enable, since I for sure will be using VirtualBox (and in the future, something more powerful like KVM or Xen). Unfortunately, a web search found no endorsements for that theory.



Instead, all I have found is several reports saying to turn off, especially on Dell systems, for both VirtualBox and KVM: link 1, link 2. (My original question put more links in here, but when I tried to submit, this website claimed that my question was spam...)



Does anyone know the definitive answer?



I note that some of the links saying not to enable it go back several years, so perhaps it was once true advice that now is no longer valid?










share|improve this question

























  • Does your processor even support VT-d? Update your question to include this vital information

    – Ramhound
    Jan 5 at 6:40











  • If using Linux, also post the output if cat proc/cpuinfo - this should have an appropriate flag set if it's enables (TXT I think)

    – davidgo
    Jan 5 at 9:42











  • @Ramhound: you are right, I should have mentioned that, question updated as requested.

    – HaroldFinch
    Jan 5 at 15:19











  • @davidgo: question edited: Win 10 for now, Linux in the future.

    – HaroldFinch
    Jan 5 at 15:25











  • I very much doubt VirtualBox makes any use of TXT.

    – Daniel B
    Jan 5 at 15:30














0












0








0








I have a new Dell 7530 mobile workstation that I just started configuring.



This machine uses an Intel Xeon E-2186M and has 32 GB of ECC DRAM. This CPU fully supports the latest hardware virtualization technologies (VT-x, VT-d, EPT).



Initially this machine will be running Windows 10 due to lack of time to switch operating systems. I really hope to have time in about a year to invest in switching to Linux, as I hate the Bea$t's new spyware as a service business model. I certainly will be running Linux virtual machines on it in the interim.



One of my first steps was to go into its BIOS and pour thru all the settings. I was pleased to see that Dell's defaults were mostly good, only a few changes were needed. For example, it was default configured for Secure Boot.



In its Virtualization Support section, they enabled both "Intel Virtualization Technology" (VT-x) and "VT for Direct I/O" (VT-d) by default, which is also good.



However, there was a 3rd option for Intel's Trusted Execution Technology (TXT) that was disabled. I think that the BIOS description said this:




This option specifies whether a Measured Virtual Machine Monitor
(MVMM) can utilize the additional hardware capabilities provided by
Intel Trusted Execution Technology. The TPM Virtualization Technology,
and Virtualization technology for direct I/O must be enabled to use
this feature.



Trusted Execution - disabled by default.




I say "think" because the official Dell documentation for the 7530's BIOS, as of today, does not not mention that option. The text above is for the Dell Latitude E7470, altho it is what I recall my BIOS saying.



From that description, plus Intel's whitepaper, it sounds like something that I would want to enable, since I for sure will be using VirtualBox (and in the future, something more powerful like KVM or Xen). Unfortunately, a web search found no endorsements for that theory.



Instead, all I have found is several reports saying to turn off, especially on Dell systems, for both VirtualBox and KVM: link 1, link 2. (My original question put more links in here, but when I tried to submit, this website claimed that my question was spam...)



Does anyone know the definitive answer?



I note that some of the links saying not to enable it go back several years, so perhaps it was once true advice that now is no longer valid?










share|improve this question
















I have a new Dell 7530 mobile workstation that I just started configuring.



This machine uses an Intel Xeon E-2186M and has 32 GB of ECC DRAM. This CPU fully supports the latest hardware virtualization technologies (VT-x, VT-d, EPT).



Initially this machine will be running Windows 10 due to lack of time to switch operating systems. I really hope to have time in about a year to invest in switching to Linux, as I hate the Bea$t's new spyware as a service business model. I certainly will be running Linux virtual machines on it in the interim.



One of my first steps was to go into its BIOS and pour thru all the settings. I was pleased to see that Dell's defaults were mostly good, only a few changes were needed. For example, it was default configured for Secure Boot.



In its Virtualization Support section, they enabled both "Intel Virtualization Technology" (VT-x) and "VT for Direct I/O" (VT-d) by default, which is also good.



However, there was a 3rd option for Intel's Trusted Execution Technology (TXT) that was disabled. I think that the BIOS description said this:




This option specifies whether a Measured Virtual Machine Monitor
(MVMM) can utilize the additional hardware capabilities provided by
Intel Trusted Execution Technology. The TPM Virtualization Technology,
and Virtualization technology for direct I/O must be enabled to use
this feature.



Trusted Execution - disabled by default.




I say "think" because the official Dell documentation for the 7530's BIOS, as of today, does not not mention that option. The text above is for the Dell Latitude E7470, altho it is what I recall my BIOS saying.



From that description, plus Intel's whitepaper, it sounds like something that I would want to enable, since I for sure will be using VirtualBox (and in the future, something more powerful like KVM or Xen). Unfortunately, a web search found no endorsements for that theory.



Instead, all I have found is several reports saying to turn off, especially on Dell systems, for both VirtualBox and KVM: link 1, link 2. (My original question put more links in here, but when I tried to submit, this website claimed that my question was spam...)



Does anyone know the definitive answer?



I note that some of the links saying not to enable it go back several years, so perhaps it was once true advice that now is no longer valid?







bios virtualization






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 5 at 15:24







HaroldFinch

















asked Jan 5 at 5:37









HaroldFinchHaroldFinch

11




11













  • Does your processor even support VT-d? Update your question to include this vital information

    – Ramhound
    Jan 5 at 6:40











  • If using Linux, also post the output if cat proc/cpuinfo - this should have an appropriate flag set if it's enables (TXT I think)

    – davidgo
    Jan 5 at 9:42











  • @Ramhound: you are right, I should have mentioned that, question updated as requested.

    – HaroldFinch
    Jan 5 at 15:19











  • @davidgo: question edited: Win 10 for now, Linux in the future.

    – HaroldFinch
    Jan 5 at 15:25











  • I very much doubt VirtualBox makes any use of TXT.

    – Daniel B
    Jan 5 at 15:30



















  • Does your processor even support VT-d? Update your question to include this vital information

    – Ramhound
    Jan 5 at 6:40











  • If using Linux, also post the output if cat proc/cpuinfo - this should have an appropriate flag set if it's enables (TXT I think)

    – davidgo
    Jan 5 at 9:42











  • @Ramhound: you are right, I should have mentioned that, question updated as requested.

    – HaroldFinch
    Jan 5 at 15:19











  • @davidgo: question edited: Win 10 for now, Linux in the future.

    – HaroldFinch
    Jan 5 at 15:25











  • I very much doubt VirtualBox makes any use of TXT.

    – Daniel B
    Jan 5 at 15:30

















Does your processor even support VT-d? Update your question to include this vital information

– Ramhound
Jan 5 at 6:40





Does your processor even support VT-d? Update your question to include this vital information

– Ramhound
Jan 5 at 6:40













If using Linux, also post the output if cat proc/cpuinfo - this should have an appropriate flag set if it's enables (TXT I think)

– davidgo
Jan 5 at 9:42





If using Linux, also post the output if cat proc/cpuinfo - this should have an appropriate flag set if it's enables (TXT I think)

– davidgo
Jan 5 at 9:42













@Ramhound: you are right, I should have mentioned that, question updated as requested.

– HaroldFinch
Jan 5 at 15:19





@Ramhound: you are right, I should have mentioned that, question updated as requested.

– HaroldFinch
Jan 5 at 15:19













@davidgo: question edited: Win 10 for now, Linux in the future.

– HaroldFinch
Jan 5 at 15:25





@davidgo: question edited: Win 10 for now, Linux in the future.

– HaroldFinch
Jan 5 at 15:25













I very much doubt VirtualBox makes any use of TXT.

– Daniel B
Jan 5 at 15:30





I very much doubt VirtualBox makes any use of TXT.

– Daniel B
Jan 5 at 15:30










0






active

oldest

votes











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1390789%2fintels-trusted-execution-technology-txt-enable-in-bios-or-not%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes
















draft saved

draft discarded




















































Thanks for contributing an answer to Super User!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1390789%2fintels-trusted-execution-technology-txt-enable-in-bios-or-not%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Probability when a professor distributes a quiz and homework assignment to a class of n students.

Aardman Animations

Are they similar matrix