Vol. 3C 26-17
VM ENTRIES
26.3.2.4 Loading Page-Directory-Pointer-Table Entries
As noted in Section 26.3.1.6, the logical processor uses PAE paging if CR0.PG = 1, CR4.PAE = 1, and
IA32_EFER.LME = 0. A VM entry to a guest that uses PAE paging loads the PDPTEs into internal, non-architectural
registers based on the setting of the “enable EPT” VM-execution control:
•
If the control is 0, the PDPTEs are loaded from the page-directory-pointer table referenced by the physical
address in the value of CR3 being loaded by the VM entry (see Section 26.3.2.1). The values loaded are treated
as physical addresses in VMX non-root operation.
•
If the control is 1, the PDPTEs are loaded from corresponding fields in the guest-state area (see Section
24.4.2). The values loaded are treated as guest-physical addresses in VMX non-root operation.
26.3.2.5 Updating Non-Register State
Section 28.3 describes how the VMX architecture controls how a logical processor manages information in the TLBs
and paging-structure caches. The following items detail how VM entries invalidate cached mappings:
•
If the “enable VPID” VM-execution control is 0, the logical processor invalidates linear mappings and combined
mappings associated with VPID 0000H (for all PCIDs); combined mappings for VPID 0000H are invalidated for
all EP4TA values (EP4TA is the value of bits 51:12 of EPTP).
•
VM entries are not required to invalidate any guest-physical mappings, nor are they required to invalidate any
linear mappings or combined mappings if the “enable VPID” VM-execution control is 1.
If the “virtual-interrupt delivery” VM-execution control is 1, VM entry loads the values of RVI and SVI from the
guest interrupt-status field in the VMCS (see Section 24.4.2). After doing so, the logical processor first causes PPR
virtualization (Section 29.1.3) and then evaluates pending virtual interrupts (Section 29.2.1).
If a virtual interrupt is recognized, it may be delivered in VMX non-root operation immediately after VM entry
(including any specified event injection) completes; see Section 26.6.5. See Section 29.2.2 for details regarding
the delivery of virtual interrupts.
26.3.3
Clearing Address-Range Monitoring
The Intel 64 and IA-32 architectures allow software to monitor a specified address range using the MONITOR and
MWAIT instructions. See Section 8.10.4 in the Intel® 64 and IA-32 Architectures Software Developer’s Manual,
Volume 3A. VM entries clear any address-range monitoring that may be in effect.
26.4 LOADING
MSRS
VM entries may load MSRs from the VM-entry MSR-load area (see Section 24.8.2). Specifically each entry in that
area (up to the number specified in the VM-entry MSR-load count) is processed in order by loading the MSR
indexed by bits 31:0 with the contents of bits 127:64 as they would be written by WRMSR.
1
Processing of an entry fails in any of the following cases:
•
The value of bits 31:0 is either C0000100H (the IA32_FS_BASE MSR) or C0000101 (the IA32_GS_BASE MSR).
•
The value of bits 31:8 is 000008H, meaning that the indexed MSR is one that allows access to an APIC register
when the local APIC is in x2APIC mode.
•
The value of bits 31:0 indicates an MSR that can be written only in system-management mode (SMM) and the
VM entry did not commence in SMM. (IA32_SMM_MONITOR_CTL is an MSR that can be written only in SMM.)
•
The value of bits 31:0 indicates an MSR that cannot be loaded on VM entries for model-specific reasons. A
processor may prevent loading of certain MSRs even if they can normally be written by WRMSR. Such model-
specific behavior is documented in Chapter 35.
•
Bits 63:32 are not all 0.
1. Because attempts to modify the value of IA32_EFER.LMA by WRMSR are ignored, attempts to modify it using the VM-entry MSR-
load area are also ignored.