Vol. 3C 26-7

VM ENTRIES

•

On processors that support Intel 64 architecture, the IA32_SYSENTER_ESP field and the IA32_SYSENTER_EIP 
field must each contain a canonical address.

•

If the “load IA32_PERF_GLOBAL_CTRL” VM-exit control is 1, bits reserved in the IA32_PERF_GLOBAL_CTRL 
MSR must be 0 in the field for that register (see Figure 18-3).

•

If the “load IA32_PAT” VM-exit control is 1, the value of the field for the IA32_PAT MSR must be one that could 
be written by WRMSR without fault at CPL 0. Specifically, each of the 8 bytes in the field must have one of the 
values 0 (UC), 1 (WC), 4 (WT), 5 (WP), 6 (WB), or 7 (UC-).

•

If the “load IA32_EFER” VM-exit control is 1, bits reserved in the IA32_EFER MSR must be 0 in the field for that 
register. In addition, the values of the LMA and LME bits in the field must each be that of the “host address-
space size” VM-exit control.

26.2.3 

Checks on Host Segment and Descriptor-Table Registers

The following checks are performed on fields in the host-state area that correspond to segment and descriptor-
table registers:

•

In the selector field for each of CS, SS, DS, ES, FS, GS and TR, the RPL (bits 1:0) and the TI flag (bit 2) must 
be 0.

•

The selector fields for CS and TR cannot be 0000H.

•

The selector field for SS cannot be 0000H if the “host address-space size” VM-exit control is 0.

•

On processors that support Intel 64 architecture, the base-address fields for FS, GS, GDTR, IDTR, and TR must 
contain canonical addresses.

26.2.4 

Checks Related to Address-Space Size

On processors that support Intel 64 architecture, the following checks related to address-space size are performed 
on VMX controls and fields in the host-state area:

•

If the logical processor is outside IA-32e mode (if IA32_EFER.LMA = 0) at the time of VM entry, the following 
must hold:
— The “IA-32e mode guest” VM-entry control is 0.
— The “host address-space size” VM-exit control is 0.

•

If the logical processor is in IA-32e mode (if IA32_EFER.LMA = 1) at the time of VM entry, the “host address-
space size” VM-exit control must be 1.

•

If the “host address-space size” VM-exit control is 0, the following must hold:
— The “IA-32e mode guest” VM-entry control is 0.
— Bit 17 of the CR4 field (corresponding to CR4.PCIDE) is 0.
— Bits 63:32 in the RIP field is 0.

•

If the “host address-space size” VM-exit control is 1, the following must hold:
— Bit 5 of the CR4 field (corresponding to CR4.PAE) is 1.
— The RIP field contains a canonical address.

On processors that do not support Intel 64 architecture, checks are performed to ensure that the “IA-32e mode 
guest” VM-entry control and the “host address-space size” VM-exit control are both 0.

3. Software can determine a processor’s physical-address width by executing CPUID with 80000008H in EAX. The physical-address 

width is returned in bits 7:0 of EAX.

4. Bit 63 of the CR3 field in the host-state area must be 0. This is true even though, If CR4.PCIDE = 1, bit 63 of the source operand to 

MOV to CR3 is used to determine whether cached translation information is invalidated.