34-24 Vol. 3C
SYSTEM MANAGEMENT MODE
34.15.4.8 VM Exits Induced by VM Entry
Section 26.5.1.2 describes how the event-delivery process invoked by event injection may lead to a VM exit.
Section 26.6.3 to Section 26.6.7 describe other situations that may cause a VM exit to occur immediately after a
VM entry.
Whether these VM exits occur is determined by the VM-execution control fields in the current VMCS. For VM entries
that return from SMM, they can occur only if the executive-VMCS pointer field does not contain the VMXON pointer
(the VM entry enters VMX non-root operation).
In this case, determination is based on the VM-execution control fields in the VMCS that is current after the
VM entry. This is the VMCS referenced by the value of the executive-VMCS pointer field at the time of the VM entry
(see Section 34.15.4.7). This VMCS also controls the delivery of such VM exits. Thus, VM exits induced by a
VM entry returning from SMM are to the executive monitor and not to the STM.
34.15.4.9 SMI Blocking
VM entries that return from SMM determine the blocking of system-management interrupts (SMIs) as follows:
•
If the “deactivate dual-monitor treatment” VM-entry control is 0, SMIs are blocked after VM entry if and only if
the bit 2 in the interruptibility-state field is 1.
•
If the “deactivate dual-monitor treatment” VM-entry control is 1, the blocking of SMIs depends on whether the
logical processor is in SMX operation:
1
— If the logical processor is in SMX operation, SMIs are blocked after VM entry.
— If the logical processor is outside SMX operation, SMIs are unblocked after VM entry.
VM entries that return from SMM and that do not deactivate the dual-monitor treatment may leave SMIs blocked.
This feature exists to allow the STM to invoke functionality outside of SMM without unblocking SMIs.
34.15.4.10 Failures of VM Entries That Return from SMM
Section 26.7 describes the treatment of VM entries that fail during or after loading guest state. Such failures record
information in the VM-exit information fields and load processor state as would be done on a VM exit. The VMCS
used is the one that was current before the VM entry commenced. Control is thus transferred to the STM and the
logical processor remains in SMM.
34.15.5 Enabling the Dual-Monitor Treatment
Code and data for the SMM-transfer monitor (STM) reside in a region of SMRAM called the monitor segment
(MSEG). Code running in SMM determines the location of MSEG and establishes its content. This code is also
responsible for enabling the dual-monitor treatment.
SMM code enables the dual-monitor treatment and specifies the location of MSEG by writing to the
IA32_SMM_MONITOR_CTL MSR (index 9BH). The MSR has the following format:
•
Bit 0 is the register’s valid bit. The STM may be invoked using VMCALL only if this bit is 1. Because VMCALL is
used to activate the dual-monitor treatment (see Section 34.15.6), the dual-monitor treatment cannot be
activated if the bit is 0. This bit is cleared when the logical processor is reset.
•
Bit 1 is reserved.
•
Bit 2 determines whether executions of VMXOFF unblock SMIs under the default treatment of SMIs and SMM.
Executions of VMXOFF unblock SMIs unless bit 2 is 1 (the value of bit 0 is irrelevant). See Section 34.14.4.
Certain leaf functions of the GETSEC instruction clear this bit (see Chapter 6, “Safer Mode Extensions
Reference,” in Intel® 64 and IA-32 Architectures Software Developer’s Manual, Volume 2D).
1. A logical processor is in SMX operation if GETSEC[SEXIT] has not been executed since the last execution of GETSEC[SENTER]. A logi-
cal processor is outside SMX operation if GETSEC[SENTER] has not been executed or if GETSEC[SEXIT] was executed after the last
execution of GETSEC[SENTER]. See Chapter 6, “Safer Mode Extensions Reference‚” in the Intel® 64 and IA-32 Architectures Soft-