background image

28-14 Vol. 3C

VMX SUPPORT FOR ADDRESS TRANSLATION

— Guest-physical paging-structure-cache entries. Each of these is a mapping from the upper portion of a 

guest-physical address to the physical address of the EPT paging structure used to translate the corre-
sponding region of the guest-physical address space, along with information about access privileges.

The information in guest-physical mappings about access privileges and memory typing is derived from EPT 
paging structures.

Combined mappings.

1

 There are two kinds:

— Combined translations. Each of these is a mapping from a linear page number to the physical page frame to 

which it translates, along with information about access privileges and memory typing.

— Combined paging-structure-cache entries. Each of these is a mapping from the upper portion of a linear 

address to the physical address of the paging structure used to translate the corresponding region of the 
linear-address space, along with information about access privileges.

The information in combined mappings about access privileges and memory typing is derived from both guest 
paging structures and EPT paging structures.

28.3.2 

Creating and Using Cached Translation Information

The following items detail the creation of the mappings described in the previous section:

2

The following items describe the creation of mappings while EPT is not in use (including execution outside VMX 
non-root operation):
— Linear mappings may be created. They are derived from the paging structures referenced (directly or 

indirectly) by the current value of CR3 and are associated with the current VPID and the current PCID.

— No linear mappings are created with information derived from paging-structure entries that are not present 

(bit 0 is 0) or that set reserved bits. For example, if a PTE is not present, no linear mapping are created for 
any linear page number whose translation would use that PTE.

— No guest-physical or combined mappings are created while EPT is not in use.

The following items describe the creation of mappings while EPT is in use:
— Guest-physical mappings may be created. They are derived from the EPT paging structures referenced 

(directly or indirectly) by bits 51:12 of the current EPTP. These 40 bits contain the address of the EPT-PML4-
table. (the notation EP4TA refers to those 40 bits). Newly created guest-physical mappings are associated 
with the current EP4TA.

— Combined mappings may be created. They are derived from the EPT paging structures referenced (directly 

or indirectly) by the current EP4TA. If CR0.PG = 1, they are also derived from the paging structures 
referenced (directly or indirectly) by the current value of CR3. They are associated with the current VPID, 
the current PCID, and the current EP4TA.

3

 No combined paging-structure-cache entries are created if 

CR0.PG = 0.

4

— No guest-physical mappings or combined mappings are created with information derived from EPT paging-

structure entries that are not present (bits 2:0 are all 0) or that are misconfigured (see Section 28.2.3.1).

— No combined mappings are created with information derived from guest paging-structure entries that are 

not present or that set reserved bits.

— No linear mappings are created while EPT is in use.

1. Earlier versions of this manual used the term “dual-tagged” to identify combined mappings.
2. This section associated cached information with the current VPID and PCID. If PCIDs are not supported or are not being used (e.g., 

because CR4.PCIDE = 0), all the information is implicitly associated with PCID 000H; see Section 4.10.1, “Process-Context Identifiers 

(PCIDs),” in Intel® 64 and IA-32 Architectures Software Developer’s Manual, Volume 3A.

3. At any given time, a logical processor may be caching combined mappings for a VPID and a PCID that are associated with different 

EP4TAs. Similarly, it may be caching combined mappings for an EP4TA that are associated with different VPIDs and PCIDs.

4. If the capability MSR IA32_VMX_CR0_FIXED0 reports that CR0.PG must be 1 in VMX operation, CR0.PG can be 0 in VMX non-root 

operation only if the “unrestricted guest” VM-execution control and bit 31 of the primary processor-based VM-execution controls are 

both 1.