Vol. 3C 31-7

VIRTUAL-MACHINE MONITOR PROGRAMMING CONSIDERATIONS

addresses with that width. The term “guest-VMCS address” refers to the physical address of the new VMCS 
region for the following steps.

•

Initialize the version identifier in the VMCS (first 31 bits) with the VMCS revision identifier reported by the VMX 
capability MSR IA32_VMX_BASIC. Clear bit 31 of the first 4 bytes of the VMCS region.

•

Execute the VMCLEAR instruction by supplying the guest-VMCS address. This will initialize the new VMCS 
region in memory and set the launch state of the VMCS to “clear”. This action also invalidates the working-
VMCS pointer register to FFFFFFFF_FFFFFFFFH. Software should verify successful execution of VMCLEAR by 
checking if RFLAGS.CF = 0 and RFLAGS.ZF = 0.

•

Execute the VMPTRLD instruction by supplying the guest-VMCS address. This initializes the working-VMCS 
pointer with the new VMCS region’s physical address.

•

Issue a sequence of VMWRITEs to initialize various host-state area fields in the working VMCS. The initialization 
sets up the context and entry-points to the VMM upon subsequent VM exits from the guest. Host-state fields 
include control registers (CR0, CR3 and CR4), selector fields for the segment registers (CS, SS, DS, ES, FS, GS 
and TR), and base-address fields (for FS, GS, TR, GDTR and IDTR; RSP, RIP and the MSRs that control fast 
system calls). 
Chapter 27 describes the host-state consistency checking done by the processor for VM entries. The VMM is 
required to set up host-state that comply with these consistency checks. For example, VMX requires the host-
area to have a task register (TR) selector with TI and RPL fields set to 0 and pointing to a valid TSS.

•

Use VMWRITEs to set up the various VM-exit control fields, VM-entry control fields, and VM-execution control 
fields in the VMCS. Care should be taken to make sure the settings of individual fields match the allowed 0 and 
1 settings for the respective controls as reported by the VMX capability MSRs (see Appendix A). Any settings 
inconsistent with the settings reported by the capability MSRs will cause VM entries to fail.

•

Use VMWRITE to initialize various guest-state area fields in the working VMCS. This sets up the context and 
entry-point for guest execution upon VM entry. Chapter 27 describes the guest-state loading and checking 
done by the processor for VM entries to protected and virtual-8086 guest execution. 

•

The VMM is required to set up guest-state that complies with these consistency checks:
— If the VMM design requires the initial VM launch to cause guest software (typically the guest virtual BIOS) 

execution from the guest’s reset vector, it may need to initialize the guest execution state to reflect the 
state of a physical processor at power-on reset (described in Chapter 9, Intel® 64 and IA-32 Architectures 
Software Developer’s Manual, Volume 3A). 

— The VMM may need to initialize additional guest execution state that is not captured in the VMCS guest-

state area by loading them directly on the respective processor registers. Examples include general 
purpose registers, the CR2 control register, debug registers, floating point registers and so forth. VMM may 
support lazy loading of FPU, MMX, SSE, and SSE2 states with CR0.TS = 1 (described in Intel® 64 and IA-32 
Architectures Software Developer’s Manual, Volume 3A).

•

Execute VMLAUNCH to launch the guest VM. If VMLAUNCH fails due to any consistency checks before guest-
state loading, RFLAGS.CF or RFLAGS.ZF will be set and the VM-instruction error field (see Section 24.9.5) will 
contain the error-code. If guest-state consistency checks fail upon guest-state loading, the processor loads 
state from the host-state area as if a VM exit had occurred (see Section 31.6).

VMLAUNCH updates the controlling-VMCS pointer with the working-VMCS pointer and saves the old value of 
controlling-VMCS as the parent pointer. In addition, the launch state of the guest VMCS is changed to “launched” 
from “clear”. Any programmed exit conditions will cause the guest to VM exit to the VMM. The VMM should execute 
VMRESUME instruction for subsequent VM entries to guests in a “launched” state.

31.7 

HANDLING OF VM EXITS

This section provides examples of software steps involved in a VMM’s handling of VM-exit conditions:

•

Determine the exit reason through a VMREAD of the exit-reason field in the working-VMCS. Appendix C 
describes exit reasons and their encodings.

•

VMREAD the exit-qualification from the VMCS if the exit-reason field provides a valid qualification. The exit-
qualification field provides additional details on the VM-exit condition. For example, in case of page faults, the 
exit-qualification field provides the guest linear address that caused the page fault.