Vol. 3C 30-27
VMX INSTRUCTION REFERENCE
VMXON—Enter VMX Operation
Description
Puts the logical processor in VMX operation with no current VMCS, blocks INIT signals, disables A20M, and clears
any address-range monitoring established by the MONITOR instruction.
1
The operand of this instruction is a 4KB-aligned physical address (the VMXON pointer) that references the VMXON
region, which the logical processor may use to support VMX operation. This operand is always 64 bits and is always
in memory.
Operation
IF (register operand) or (CR0.PE = 0) or (CR4.VMXE = 0) or (RFLAGS.VM = 1) or (IA32_EFER.LMA = 1 and CS.L = 0)
THEN #UD;
ELSIF not in VMX operation
THEN
IF (CPL > 0) or (in A20M mode) or
(the values of CR0 and CR4 are not supported in VMX operation; see Section 23.8) or
(bit 0 (lock bit) of IA32_FEATURE_CONTROL MSR is clear) or
(in SMX operation
2
and bit 1 of IA32_FEATURE_CONTROL MSR is clear) or
(outside SMX operation and bit 2 of IA32_FEATURE_CONTROL MSR is clear)
THEN #GP(0);
ELSE
addr ← contents of 64-bit in-memory source operand;
IF addr is not 4KB-aligned or
addr sets any bits beyond the physical-address width
3
THEN VMfailInvalid;
ELSE
rev ← 32 bits located at physical address addr;
IF rev[30:0] ≠ VMCS revision identifier supported by processor OR rev[31] = 1
THEN VMfailInvalid;
ELSE
current-VMCS pointer ← FFFFFFFF_FFFFFFFFH;
enter VMX operation;
block INIT signals;
block and disable A20M;
clear address-range monitoring;
IF the processor supports Intel PT but does not allow it to be used in VMX operation
4
THEN IA32_RTIT_CTL.TraceEn ← 0;
FI;
VMsucceed;
Opcode
Instruction
Description
F3 0F C7 /6
VMXON m64
Enter VMX root operation.
1. See the information on MONITOR/MWAIT in Chapter 8, “Multiple-Processor Management,” of the Intel® 64 and IA-32 Architectures
Software Developer’s Manual, Volume 3A.
2. A logical processor is in SMX operation if GETSEC[SEXIT] has not been executed since the last execution of GETSEC[SENTER]. A logi-
cal processor is outside SMX operation if GETSEC[SENTER] has not been executed or if GETSEC[SEXIT] was executed after the last
execution of GETSEC[SENTER]. See Chapter 6, “Safer Mode Extensions Reference.”
3. If IA32_VMX_BASIC[48] is read as 1, VMfailInvalid occurs if addr sets any bits in the range 63:32; see Appendix A.1.
4. Software should read the VMX capability MSR IA32_VMX_MISC to determine whether the processor allows Intel PT to be used in
VMX operation (see Appendix A.6).