31-16 Vol. 3C
VIRTUAL-MACHINE MONITOR PROGRAMMING CONSIDERATIONS
31.10.4.1 Handling IA32_EFER MSR
The IA32_EFER MSR includes bit fields that allow system software to enable processor features. For example: the
SCE bit enables SYSCALL/SYSRET and the NXE bit enables the execute-disable bits in the paging-structure entries.
VMX provides hardware support to load the IA32_EFER MSR on VMX transitions and to save it on VM exits. Because
of this, VMM software need not use the RDMSR and WRMSR instruction to give the register different values during
host and guest execution.
31.10.4.2 Handling the SYSENTER and SYSEXIT Instructions
The SYSENTER and SYSEXIT instructions use three dedicated MSRs (IA32_SYSENTER_CS, IA32_SYSENTER_ESP
and IA32_SYSENTER_EIP) to manage fast system calls. These MSRs may be utilized by both the VMM and the
guest OS to manage system calls in VMX root operation and VMX non-root operation respectively.
VM entries load these MSRs from fields in the guest-state area of the VMCS. VM exits save the values of these MSRs
into those fields and loads the MSRs from fields in the host-state area.
31.10.4.3 Handling the SYSCALL and SYSRET Instructions
The SYSCALL/SYSRET instructions are similar to SYSENTER/SYSEXIT but are designed to operate within the
context of a 64-bit flat code segment. They are available only in 64-bit mode and only when the SCE bit of the
IA32_EFER MSR is set. SYSCALL/SYSRET invocations can occur from either 32-bit compatibility mode application
code or from 64-bit application code. Three related MSR registers (IA32_STAR, IA32_LSTAR, IA32_FMASK) are
used in conjunction with fast system calls/returns that use these instructions.
64-Bit hosts which make use of these instructions in the VMM environment will need to save the guest state of the
above registers on VM exit, load the host state, and restore the guest state on VM entry. One possible approach is
to use the VM-exit MSR-save and MSR-load areas and the VM-entry MSR-load area defined by controls in the VMCS.
A disadvantage to this approach, however, is that the approach results in the unconditional saving, loading, and
restoring of MSR registers on each VM exit or VM entry.
Depending on the design of the VMM, it is likely that many VM-exits will require no fast system call support but the
VMM will be burdened with the additional overhead of saving and restoring MSRs if the VMM chooses to support fast
system call uniformly. Further, even if the host intends to support fast system calls during a VM-exit, some of the
MSR values (such as the setting of the SCE bit in IA32_EFER) may not require modification as they may already be
set to the appropriate value in the guest.
For performance reasons, a VMM may perform lazy save, load, and restore of these MSR values on certain VM exits
when it is determined that this is acceptable. The lazy-save-load-restore operation can be carried out “manually”
using RDMSR and WRMSR.
31.10.4.4 Handling the SWAPGS Instruction
The SWAPGS instruction is available only in 64-bit mode. It swaps the contents of two specific MSRs
(IA32_GSBASE and IA32_KERNEL_GSBASE). The IA32_GSBASE MSR shadows the base address portion of the GS
descriptor register; the IA32_KERNEL_GSBASE MSR holds the base address of the GS segment used by the kernel
(typically it houses kernel structures). SWAPGS is intended for use with fast system calls when in 64-bit mode to
allow immediate access to kernel structures on transition to kernel mode.
Similar to SYSCALL/SYSRET, IA-32e mode hosts which use fast system calls may need to save, load, and restore
these MSR registers on VM exit and VM entry using the guidelines discussed in previous paragraphs.
31.10.4.5 Implementation Specific Behavior on Writing to Certain MSRs
As noted in Section 26.4 and Section 27.4, a processor may prevent writing to certain MSRs when loading guest
states on VM entries or storing guest states on VM exits. This is done to ensure consistent operation. The subset
and number of MSRs subject to restrictions are implementation specific. For initial VMX implementations, there are
two MSRs: IA32_BIOS_UPDT_TRIG and IA32_BIOS_SIGN_ID (see Chapter 35).