Vol. 3C 26-9
VM ENTRIES
— If the “load debug controls” VM-entry control is 1, bits 63:32 in the DR7 field must be 0. The first
processors to support the virtual-machine extensions supported only the 1-setting of this control and thus
performed this check unconditionally (if they supported Intel 64 architecture).
— The IA32_SYSENTER_ESP field and the IA32_SYSENTER_EIP field must each contain a canonical address.
•
If the “load IA32_PERF_GLOBAL_CTRL” VM-entry control is 1, bits reserved in the IA32_PERF_GLOBAL_CTRL
MSR must be 0 in the field for that register (see Figure 18-3).
•
If the “load IA32_PAT” VM-entry control is 1, the value of the field for the IA32_PAT MSR must be one that could
be written by WRMSR without fault at CPL 0. Specifically, each of the 8 bytes in the field must have one of the
values 0 (UC), 1 (WC), 4 (WT), 5 (WP), 6 (WB), or 7 (UC-).
•
If the “load IA32_EFER” VM-entry control is 1, the following checks are performed on the field for the
IA32_EFER MSR :
— Bits reserved in the IA32_EFER MSR must be 0.
— Bit 10 (corresponding to IA32_EFER.LMA) must equal the value of the “IA-32e mode guest” VM-entry
control. It must also be identical to bit 8 (LME) if bit 31 in the CR0 field (corresponding to CR0.PG) is 1.
1
•
If the “load IA32_BNDCFGS” VM-entry control is 1, the following checks are performed on the field for the
IA32_BNDCFGS MSR :
— Bits reserved in the IA32_BNDCFGS MSR must be 0.
— The linear address in bits 63:12 must be canonical.
26.3.1.2 Checks on Guest Segment Registers
This section specifies the checks on the fields for CS, SS, DS, ES, FS, GS, TR, and LDTR. The following terms are
used in defining these checks:
•
The guest will be virtual-8086 if the VM flag (bit 17) is 1 in the RFLAGS field in the guest-state area.
•
The guest will be IA-32e mode if the “IA-32e mode guest” VM-entry control is 1. (This is possible only on
processors that support Intel 64 architecture.)
•
Any one of these registers is said to be usable if the unusable bit (bit 16) is 0 in the access-rights field for that
register.
The following are the checks on these fields:
•
Selector fields.
— TR. The TI flag (bit 2) must be 0.
— LDTR. If LDTR is usable, the TI flag (bit 2) must be 0.
— SS. If the guest will not be virtual-8086 and the “unrestricted guest” VM-execution control is 0, the RPL
(bits 1:0) must equal the RPL of the selector field for CS.
2
•
Base-address fields.
— CS, SS, DS, ES, FS, GS. If the guest will be virtual-8086, the address must be the selector field shifted left
4 bits (multiplied by 16).
— The following checks are performed on processors that support Intel 64 architecture:
•
TR, FS, GS. The address must be canonical.
•
LDTR. If LDTR is usable, the address must be canonical.
•
CS. Bits 63:32 of the address must be zero.
5. Bit 63 of the CR3 field in the guest-state area must be 0. This is true even though, If CR4.PCIDE = 1, bit 63 of the source operand to
MOV to CR3 is used to determine whether cached translation information is invalidated.
1. If the capability MSR IA32_VMX_CR0_FIXED0 reports that CR0.PG must be 1 in VMX operation, bit 31 in the CR0 field must be 1
unless the “unrestricted guest” VM-execution control and bit 31 of the primary processor-based VM-execution controls are both 1.
2. “Unrestricted guest” is a secondary processor-based VM-execution control. If bit 31 of the primary processor-based VM-execution
controls is 0, VM entry functions as if the “unrestricted guest” VM-execution control were 0. See Section 24.6.2.