Breaking BIOS: Enabling VT-x Virtualization Support on Acer Aspire One Netbook
In this article we will tell you step by step how to classify your netbook or laptop, in which MSR 0x3A bit 2 is disabled and locked in this state for a misunderstanding - in simple words, you have virtualization support in the processor, but it is blocked by the biosomes.
DISCLAIMER: Everything described in this article is designed to let you know what you are doing. All at your own risk! If you're not sure, don't try to repeat this at home.
So what's the problem? The problem we are going to solve for the computer end user looks like this: when using a second type of hypervisor (e.g. VirtualBox), you cannot run virtual machines with more than one CPU you cannot run 64-bit guest operating systems in a 32-bit host operating system.You may see this message when trying to start an 
virtual machine with CPU count greater than 1: You also get a similar error message if you intend to boot a 64-bit VM (e.g. Debian amd64) from a host of 32-bit operating system, for example WinXP.
Can this be cured? This question can be resolved by checking certain bits in certain processor status words. The easiest way to make sure that in your case the problem is fixed is to look at what SecurAble shows. In my case it looked like this:
So, if your program shows the same image as above, you can solve this problem. However, the nuance is that it is possible to set the desired bit in the processor register only in the BIOS, because the harmful BIOS of your laptop sets it to zero, then it activates the blocking bit and the change of this bit is no longer possible (until the computer restarts, where the BIOS during POST will be launched and locked again).
BIOS on the Acer Aspire netbook made by Insyde, its settings are very sparse, and on F2, naturally, we cannot enter the BIOS settings editing program and enable virtualization there. That would be too easy.
Therefore, we will disassemble the BIOS and modify its code so that our bit is set to 1. If you are ready, then read on.
What you need to know before you start So, some technical information - to understand what we do and why.Modern processors, at least many of them, support virtualization. Bit 5 of the ECX word is responsible for this when the CPUID command is called with the EAX = 01H parameter. This verification method is the only true one, because, as practice shows, the Intel website lies, for example, for my Intel Atom N570 processor. This link says:
Intel® Virtualization Technology (VT-x) No However, we know that is not true. For those who are on the "you" with assembly language programming, it's easy to find out by writing something like MOV EAX, 1 CPU ID then checking the 5th bit of the ECX register. I was too lazy to do that, so I downloaded the open source CPUID Explorer program, ran it, and watched the result. By the way, CPU-Z is not suitable here - it gives too "friendly" result - we also needed to know the exact bit value. Here's what it looked like in my case:
The interesting VMX bit for is surrounded by us. It is set to 1, despite what the Intel website tells us. A value of 1 indicates that the processor supports this technology
But that's not all. In order for hypervisors of the second type to be able to use virtualization support commands (VMX), it is necessary to explicitly enable these instructions in the MSR (special processor register) number 0x3A. Here is what the documentation for this register tells us on page 237: register 3Ah: IA32_FEATURE_CONTROLBit 0: lock bit - if set, no further changes to this register are allowed until next reboot. Bit 1: VMX in SMX - safer mode extensions. Virtualization functions in SMX are only allowed when the processor supports SMX - this is indicated in the neighboring 6th bit on ECX when the command CPUID.01H is invoked - in the...
DISCLAIMER: Everything described in this article is designed to let you know what you are doing. All at your own risk! If you're not sure, don't try to repeat this at home.
So what's the problem? The problem we are going to solve for the computer end user looks like this: when using a second type of hypervisor (e.g. VirtualBox), you cannot run virtual machines with more than one CPU you cannot run 64-bit guest operating systems in a 32-bit host operating system.You may see this message when trying to start an
virtual machine with CPU count greater than 1: You also get a similar error message if you intend to boot a 64-bit VM (e.g. Debian amd64) from a host of 32-bit operating system, for example WinXP.
Can this be cured? This question can be resolved by checking certain bits in certain processor status words. The easiest way to make sure that in your case the problem is fixed is to look at what SecurAble shows. In my case it looked like this:So, if your program shows the same image as above, you can solve this problem. However, the nuance is that it is possible to set the desired bit in the processor register only in the BIOS, because the harmful BIOS of your laptop sets it to zero, then it activates the blocking bit and the change of this bit is no longer possible (until the computer restarts, where the BIOS during POST will be launched and locked again).
BIOS on the Acer Aspire netbook made by Insyde, its settings are very sparse, and on F2, naturally, we cannot enter the BIOS settings editing program and enable virtualization there. That would be too easy.
Therefore, we will disassemble the BIOS and modify its code so that our bit is set to 1. If you are ready, then read on.
What you need to know before you start So, some technical information - to understand what we do and why.Modern processors, at least many of them, support virtualization. Bit 5 of the ECX word is responsible for this when the CPUID command is called with the EAX = 01H parameter. This verification method is the only true one, because, as practice shows, the Intel website lies, for example, for my Intel Atom N570 processor. This link says:
Intel® Virtualization Technology (VT-x) No However, we know that is not true. For those who are on the "you" with assembly language programming, it's easy to find out by writing something like MOV EAX, 1 CPU ID then checking the 5th bit of the ECX register. I was too lazy to do that, so I downloaded the open source CPUID Explorer program, ran it, and watched the result. By the way, CPU-Z is not suitable here - it gives too "friendly" result - we also needed to know the exact bit value. Here's what it looked like in my case:The interesting VMX bit for is surrounded by us. It is set to 1, despite what the Intel website tells us. A value of 1 indicates that the processor supports this technology
But that's not all. In order for hypervisors of the second type to be able to use virtualization support commands (VMX), it is necessary to explicitly enable these instructions in the MSR (special processor register) number 0x3A. Here is what the documentation for this register tells us on page 237: register 3Ah: IA32_FEATURE_CONTROLBit 0: lock bit - if set, no further changes to this register are allowed until next reboot. Bit 1: VMX in SMX - safer mode extensions. Virtualization functions in SMX are only allowed when the processor supports SMX - this is indicated in the neighboring 6th bit on ECX when the command CPUID.01H is invoked - in the...
What's Your Reaction?
![Three of ID's top PR executives quit ad firm Powerhouse [EXCLUSIVE]](https://variety.com/wp-content/uploads/2023/02/ID-PR-Logo.jpg?#){kind=logo}
