26-6 Vol. 3C
VM ENTRIES
•
Reserved bits in the VM-entry controls must be set properly. Software may consult the VMX capability MSRs to
determine the proper settings (see Appendix A.5).
•
Fields relevant to VM-entry event injection must be set properly. These fields are the VM-entry interruption-
information field (see Table 24-13 in Section 24.8.3), the VM-entry exception error code, and the VM-entry
instruction length. If the valid bit (bit 31) in the VM-entry interruption-information field is 1, the following must
hold:
— The field’s interruption type (bits 10:8) is not set to a reserved value. Value 1 is reserved on all logical
processors; value 7 (other event) is reserved on logical processors that do not support the 1-setting of the
“monitor trap flag” VM-execution control.
— The field’s vector (bits 7:0) is consistent with the interruption type:
•
If the interruption type is non-maskable interrupt (NMI), the vector is 2.
•
If the interruption type is hardware exception, the vector is at most 31.
•
If the interruption type is other event, the vector is 0 (pending MTF VM exit).
— The field's deliver-error-code bit (bit 11) is 1 if and only if (1) either (a) the "unrestricted guest" VM-
execution control is 0; or (b) bit 0 (corresponding to CR0.PE) is set in the CR0 field in the guest-state area;
(2) the interruption type is hardware exception; and (3) the vector indicates an exception that would
normally deliver an error code (8 = #DF; 10 = TS; 11 = #NP; 12 = #SS; 13 = #GP; 14 = #PF; or 17 =
#AC).
— Reserved bits in the field (30:12) are 0.
— If the deliver-error-code bit (bit 11) is 1, bits 31:15 of the VM-entry exception error-code field are 0.
— If the interruption type is software interrupt, software exception, or privileged software exception, the
VM-entry instruction-length field is in the range 0–15. A VM-entry instruction length of 0 is allowed only if
IA32_VMX_MISC[30] is read as 1; see Appendix A.6.
•
The following checks are performed for the VM-entry MSR-load address if the VM-entry MSR-load count field is
non-zero:
— The lower 4 bits of the VM-entry MSR-load address must be 0. The address should not set any bits beyond
the processor’s physical-address width.
1
— The address of the last byte in the VM-entry MSR-load area should not set any bits beyond the processor’s
physical-address width. The address of this last byte is VM-entry MSR-load address + (MSR count * 16) –
1. (The arithmetic used for the computation uses more bits than the processor’s physical-address width.)
If IA32_VMX_BASIC[48] is read as 1, neither address should set any bits in the range 63:32; see Appendix
A.1.
•
If the processor is not in SMM, the “entry to SMM” and “deactivate dual-monitor treatment” VM-entry controls
must be 0.
•
The “entry to SMM” and “deactivate dual-monitor treatment” VM-entry controls cannot both be 1.
26.2.2
Checks on Host Control Registers and MSRs
The following checks are performed on fields in the host-state area that correspond to control registers and MSRs:
•
The CR0 field must not set any bit to a value not supported in VMX operation (see Section 23.8).
2
•
The CR4 field must not set any bit to a value not supported in VMX operation (see Section 23.8).
•
On processors that support Intel 64 architecture, the CR3 field must be such that bits 63:52 and bits in the
range 51:32 beyond the processor’s physical-address width must be 0.
3,4
1. Software can determine a processor’s physical-address width by executing CPUID with 80000008H in EAX. The physical-address
width is returned in bits 7:0 of EAX.
2. The bits corresponding to CR0.NW (bit 29) and CR0.CD (bit 30) are never checked because the values of these bits are not changed
by VM exit; see Section 27.5.1.