34-22 Vol. 3C
SYSTEM MANAGEMENT MODE
34.15.4 VM Entries that Return from SMM
The SMM-transfer monitor (STM) returns from SMM using a VM entry with the “entry to SMM” VM-entry control
clear. VM entries that return from SMM reverse the effects of an SMM VM exit (see Section 34.15.2).
VM entries that return from SMM may differ from other VM entries in that they do not necessarily enter VMX non-
root operation. If the executive-VMCS pointer field in the current VMCS contains the VMXON pointer, the logical
processor remains in VMX root operation after VM entry.
For differences between VM entries that return from SMM and other VM entries see Sections 34.15.4.1 through
34.15.4.10.
34.15.4.1 Checks on the Executive-VMCS Pointer Field
VM entries that return from SMM perform the following checks on the executive-VMCS pointer field in the current
VMCS:
•
Bits 11:0 must be 0.
•
The pointer must not set any bits beyond the processor’s physical-address width.
1,2
•
The 32 bits located in memory referenced by the physical address in the pointer must contain the processor’s
VMCS revision identifier (see Section 24.2).
The checks above are performed before the checks described in Section 34.15.4.2 and before any of the following
checks:
•
'If the “deactivate dual-monitor treatment” VM-entry control is 0 and the executive-VMCS pointer field does not
contain the VMXON pointer, the launch state of the executive VMCS (the VMCS referenced by the executive-
VMCS pointer field) must be launched (see Section 24.11.3).
•
If the “deactivate dual-monitor treatment” VM-entry control is 1, the executive-VMCS pointer field must
contain the VMXON pointer (see Section 34.15.7).
3
34.15.4.2 Checks on VM-Execution Control Fields
VM entries that return from SMM differ from other VM entries with regard to the checks performed on the VM-
execution control fields specified in Section 26.2.1.1. They do not apply the checks to the current VMCS. Instead,
VM-entry behavior depends on whether the executive-VMCS pointer field contains the VMXON pointer:
•
If the executive-VMCS pointer field contains the VMXON pointer (the VM entry remains in VMX root operation),
the checks are not performed at all.
•
If the executive-VMCS pointer field does not contain the VMXON pointer (the VM entry enters VMX non-root
operation), the checks are performed on the VM-execution control fields in the executive VMCS (the VMCS
referenced by the executive-VMCS pointer field in the current VMCS). These checks are performed after
checking the executive-VMCS pointer field itself (for proper alignment).
Other VM entries ensure that, if “activate VMX-preemption timer” VM-execution control is 0, the “save VMX-
preemption timer value” VM-exit control is also 0. This check is not performed by VM entries that return from SMM.
34.15.4.3 Checks on VM-Entry Control Fields
VM entries that return from SMM differ from other VM entries with regard to the checks performed on the VM-entry
control fields specified in Section 26.2.1.3.
Specifically, if the executive-VMCS pointer field contains the VMXON pointer (the VM entry remains in VMX root
operation), the following must not all hold for the VM-entry interruption-information field:
1. Software can determine a processor’s physical-address width by executing CPUID with 80000008H in EAX. The physical-address
width is returned in bits 7:0 of EAX.
2. If IA32_VMX_BASIC[48] is read as 1, this pointer must not set any bits in the range 63:32; see Appendix A.1.
3. The STM can determine the VMXON pointer by reading the executive-VMCS pointer field in the current VMCS after the SMM VM exit
that activates the dual-monitor treatment.