background image

Vol. 3C 30-27

VMX INSTRUCTION REFERENCE

VMXON—Enter VMX Operation

Description

Puts the logical processor in VMX operation with no current VMCS, blocks INIT signals, disables A20M, and clears 
any address-range monitoring established by the MONITOR instruction.

1

 

The operand of this instruction is a 4KB-aligned physical address (the VMXON pointer) that references the VMXON 
region, which the logical processor may use to support VMX operation. This operand is always 64 bits and is always 
in memory. 

Operation

IF (register operand) or (CR0.PE = 0) or (CR4.VMXE = 0) or (RFLAGS.VM = 1) or (IA32_EFER.LMA = 1 and CS.L = 0)

THEN #UD;

ELSIF not in VMX operation

THEN

IF (CPL > 0) or (in A20M mode) or
(the values of CR0 and CR4 are not supported in VMX operation; see Section 23.8) or
(bit 0 (lock bit) of IA32_FEATURE_CONTROL MSR is clear) or
(in SMX operation

2

 and bit 1 of IA32_FEATURE_CONTROL MSR is clear) or

(outside SMX operation and bit 2 of IA32_FEATURE_CONTROL MSR is clear)

THEN #GP(0);
ELSE

addr ← contents of 64-bit in-memory source operand;

IF addr is not 4KB-aligned or 
addr sets any bits beyond the physical-address width

3

THEN VMfailInvalid;
ELSE

rev ← 32 bits located at physical address addr;

IF rev[30:0] ≠ VMCS revision identifier supported by processor OR rev[31] = 1

THEN VMfailInvalid;
ELSE

current-VMCS pointer ← FFFFFFFF_FFFFFFFFH;

enter VMX operation;
block INIT signals;
block and disable A20M;
clear address-range monitoring;
IF the processor supports Intel PT but does not allow it to be used in VMX operation

4

THEN IA32_RTIT_CTL.TraceEn ← 0;

FI;
VMsucceed;

Opcode

Instruction

Description

F3 0F C7 /6

VMXON m64

Enter VMX root operation.

1. See the information on MONITOR/MWAIT in Chapter 8, “Multiple-Processor Management,” of thIntel® 64 and IA-32 Architectures 

Software Developer’s Manual, Volume 3A.

2. A logical processor is in SMX operation if GETSEC[SEXIT] has not been executed since the last execution of GETSEC[SENTER]. A logi-

cal processor is outside SMX operation if GETSEC[SENTER] has not been executed or if GETSEC[SEXIT] was executed after the last 

execution of GETSEC[SENTER]. See Chapter 6, “Safer Mode Extensions Reference.”

3. If IA32_VMX_BASIC[48] is read as 1, VMfailInvalid occurs if addr sets any bits in the range 63:32; see Appendix A.1.
4. Software should read the VMX capability MSR IA32_VMX_MISC to determine whether the processor allows Intel PT to be used in 

VMX operation (see Appendix A.6).