Vol. 3C 23-3
INTRODUCTION TO VIRTUAL MACHINE EXTENSIONS
23.7
ENABLING AND ENTERING VMX OPERATION
Before system software can enter VMX operation, it enables VMX by setting CR4.VMXE[bit 13] = 1. VMX operation
is then entered by executing the VMXON instruction. VMXON causes an invalid-opcode exception (#UD) if executed
with CR4.VMXE = 0. Once in VMX operation, it is not possible to clear CR4.VMXE (see Section 23.8). System soft-
ware leaves VMX operation by executing the VMXOFF instruction. CR4.VMXE can be cleared outside of VMX opera-
tion after executing of VMXOFF.
VMXON is also controlled by the IA32_FEATURE_CONTROL MSR (MSR address 3AH). This MSR is cleared to zero
when a logical processor is reset. The relevant bits of the MSR are:
•
Bit 0 is the lock bit. If this bit is clear, VMXON causes a general-protection exception. If the lock bit is set,
WRMSR to this MSR causes a general-protection exception; the MSR cannot be modified until a power-up reset
condition. System BIOS can use this bit to provide a setup option for BIOS to disable support for VMX. To
enable VMX support in a platform, BIOS must set bit 1, bit 2, or both (see below), as well as the lock bit.
•
Bit 1 enables VMXON in SMX operation. If this bit is clear, execution of VMXON in SMX operation causes a
general-protection exception. Attempts to set this bit on logical processors that do not support both VMX
operation (see Section 23.6) and SMX operation (see Chapter 6, “Safer Mode Extensions Reference,” in Intel®
64 and IA-32 Architectures Software Developer’s Manual, Volume 2D) cause general-protection exceptions.
•
Bit 2 enables VMXON outside SMX operation. If this bit is clear, execution of VMXON outside SMX
operation causes a general-protection exception. Attempts to set this bit on logical processors that do not
support VMX operation (see Section 23.6) cause general-protection exceptions.
NOTE
A logical processor is in SMX operation if GETSEC[SEXIT] has not been executed since the last
execution of GETSEC[SENTER]. A logical processor is outside SMX operation if GETSEC[SENTER]
has not been executed or if GETSEC[SEXIT] was executed after the last execution of
GETSEC[SENTER]. See Chapter 6, “Safer Mode Extensions Reference,” in Intel® 64 and IA-32
Architectures Software Developer’s Manual, Volume 2D.
Before executing VMXON, software should allocate a naturally aligned 4-KByte region of memory that a logical
processor may use to support VMX operation.
1
This region is called the VMXON region. The address of the VMXON
region (the VMXON pointer) is provided in an operand to VMXON. Section 24.11.5, “VMXON Region,” details how
software should initialize and access the VMXON region.
23.8
RESTRICTIONS ON VMX OPERATION
VMX operation places restrictions on processor operation. These are detailed below:
•
In VMX operation, processors may fix certain bits in CR0 and CR4 to specific values and not support other
values. VMXON fails if any of these bits contains an unsupported value (see “VMXON—Enter VMX Operation” in
Chapter 30). Any attempt to set one of these bits to an unsupported value while in VMX operation (including
VMX root operation) using any of the CLTS, LMSW, or MOV CR instructions causes a general-protection
exception. VM entry or VM exit cannot set any of these bits to an unsupported value. Software should consult
the VMX capability MSRs IA32_VMX_CR0_FIXED0 and IA32_VMX_CR0_FIXED1 to determine how bits in CR0
are fixed (see Appendix A.7). For CR4, software should consult the VMX capability MSRs
IA32_VMX_CR4_FIXED0 and IA32_VMX_CR4_FIXED1 (see Appendix A.8).
NOTES
The first processors to support VMX operation require that the following bits be 1 in VMX operation:
CR0.PE, CR0.NE, CR0.PG, and CR4.VMXE. The restrictions on CR0.PE and CR0.PG imply that VMX
operation is supported only in paged protected mode (including IA-32e mode). Therefore, guest
software cannot be run in unpaged protected mode or in real-address mode. See Section 31.2,
1. Future processors may require that a different amount of memory be reserved. If so, this fact is reported to software using the
VMX capability-reporting mechanism.