Volume 3B System Programming Guide_ Part 2 (794104), страница 35
Текст из файла (страница 35)
(A logical processor may alsoprevent such a VM exit if there is blocking of events by STI.) Such a VM exitoccurs immediately after VM entry if the above conditions are true (see Section22.6.5).Debug-trap exceptions and higher priority events take priority over VM exitscaused by this control. VM exits caused by this control take priority over nonmaskable interrupts (NMIs) and lower priority events.These VM exits wake a logical processor from the same inactive states as wouldan NMI. Specifically, they wake a logical processor from the shutdown state andfrom the states entered using the HLT and MWAIT instructions. These VM exits donot occur if the logical processor is in the wait-for-SIPI state.21.4CHANGES TO INSTRUCTION BEHAVIOR IN VMX NONROOT OPERATIONThe behavior of some instructions is changed in VMX non-root operation.
Some ofthese changes are determined by the settings of certain VM-execution control fields.The following items detail such changes:1. Under the dual-monitor treatment of SMIs and SMM, SMIs also cause SMM VM exits if they occurin VMX root operation outside SMM. If the processor is using the default treatment of SMIs andSMM, SMIs are delivered as described in Section 24.15.1.1. This chapter uses the notation RAX, RIP, RSP, RFLAGS, etc. for processor registers because mostprocessors that support VMX operation also support Intel 64 architecture.
For IA-32 processors,this notation refers to the 32-bit forms of those registers (EAX, EIP, ESP, EFLAGS, etc.). In a fewplaces, notation such as EAX is used to refer specifically to lower 32 bits of the indicated register.21-10 Vol. 3VMX NON-ROOT OPERATION•CLTS. Behavior of the CLTS instruction is determined by the bits in position 3(corresponding to CR0.TS) in the CR0 guest/host mask and the CR0 readshadow:— If bit 3 in the CR0 guest/host mask is 0, CLTS clears CR0.TS normally (thevalue of bit 3 in the CR0 read shadow is irrelevant in this case), unless CR0.TSis fixed to 1 in VMX operation (see Section 19.8), in which case CLTS causesa general-protection exception.— If bit 3 in the CR0 guest/host mask is 1 and bit 3 in the CR0 read shadow is 0,CLTS completes but does not change the contents of CR0.TS.— If the bits in position 3 in the CR0 guest/host mask and the CR0 read shadoware both 1, CLTS causes a VM exit (see Section 21.1.3).•IRET.
Behavior of IRET with regard to NMI blocking (see Table 20-3) isdetermined by the settings of the “NMI exiting” and “virtual NMIs” VM-executioncontrols:— If the “NMI exiting” VM-execution control is 0, IRET operates normally andunblocks NMIs.— If the “NMI exiting” VM-execution control is 1, IRET does not affect blockingof NMIs.— If the “virtual NMIs” VM-execution control is 1, the logical processor tracksvirtual-NMI blocking. In this case, IRET removes any virtual-NMI blocking.If the “NMI exiting” VM-execution control is 0, the “virtual NMIs” control must be0. (See Section 22.2.1.1.)•LMSW. An execution of LMSW that does not cause a VM exit (see Section 21.1.3)leaves unmodified any bit in CR0 corresponding to a bit set in the CR0 guest/hostmask. It causes a general-protection exception if it attempts to set any bit to avalue not supported in VMX operation (see Section 19.8)•MOV from CR0.
The behavior of MOV from CR0 is determined by the CR0guest/host mask and the CR0 read shadow. For each position corresponding to abit clear in the CR0 guest/host mask, the destination operand is loaded with thevalue of the corresponding bit in CR0. For each position corresponding to a bit setin the CR0 guest/host mask, the destination operand is loaded with the value ofthe corresponding bit in the CR0 read shadow.
Thus, if every bit is cleared in theCR0 guest/host mask, MOV from CR0 reads normally from CR0; if every bit is setin the CR0 guest/host mask, MOV from CR0 returns the value of the CR0 readshadow.Note that, depending on the contents of the CR0 guest/host mask and the CR0read shadow, bits may be set in the destination that would never be set whenreading directly from CR0.•MOV from CR4. The behavior of MOV from CR4 is determined by the CR4guest/host mask and the CR4 read shadow. For each position corresponding to abit clear in the CR4 guest/host mask, the destination operand is loaded with thevalue of the corresponding bit in CR4.
For each position corresponding to a bit setVol. 3 21-11VMX NON-ROOT OPERATIONin the CR4 guest/host mask, the destination operand is loaded with the value ofthe corresponding bit in the CR4 read shadow. Thus, if every bit is cleared in theCR4 guest/host mask, MOV from CR4 reads normally from CR4; if every bit is setin the CR4 guest/host mask, MOV from CR4 returns the value of the CR4 readshadow.Note that, depending on the contents of the CR4 guest/host mask and the CR4read shadow, bits may be set in the destination that would never be set whenreading directly from CR4.•MOV from CR8. Behavior of the MOV from CR8 instruction (which can beexecuted only in 64-bit mode) is determined by the settings of the “CR8-storeexiting” and “use TPR shadow” VM-execution controls:— If both controls are 0, MOV from CR8 operates normally.— If the “CR8-store exiting” VM-execution control is 0 and the “use TPRshadow” VM-execution control is 1, MOV from CR8 reads from the TPRshadow.
Specifically, it loads bits 3:0 of its destination operand with the valueof bits 7:4 of byte 128 of the virtual-APIC page (see Section 20.6.8). Bits63:4 of the destination operand are cleared.— If the “CR8-store exiting” VM-execution control is 1, MOV from CR8 causes aVM exit (see Section 21.1.3); the “use TPR shadow” VM-execution control isignored in this case.•MOV to CR0. An execution of MOV to CR0 that does not cause a VM exit (seeSection 21.1.3) leaves unmodified any bit in CR0 corresponding to a bit set in theCR0 guest/host mask.
It causes a general-protection exception if it attempts toset any bit to a value not supported in VMX operation (see Section 19.8).•MOV to CR4. An execution of MOV to CR4 that does not cause a VM exit (seeSection 21.1.3) leaves unmodified any bit in CR4 corresponding to a bit set in theCR4 guest/host mask. Such an execution causes a general-protection exceptionif it attempts to set any bit to a value not supported in VMX operation (seeSection 19.8).•MOV to CR8. Behavior of the MOV to CR8 instruction (which can be executedonly in 64-bit mode) is determined by the settings of the “CR8-load exiting” and“use TPR shadow” VM-execution controls:— If both controls are 0, MOV to CR8 operates normally.— If the “CR8-load exiting” VM-execution control is 0 and the “use TPR shadow”VM-execution control is 1, MOV to CR8 writes to the TPR shadow.
Specifically,it stores bits 3:0 of its source operand into bits 7:4 of byte 128 of the virtualAPIC page (see Section 20.6.8); bits 3:0 of that byte and bytes 129-131 ofthat page are cleared. Such a store may cause a VM exit to occur after itcompletes (see Section 21.1.3).— If the “CR8-load exiting” VM-execution control is 1, MOV to CR8 causes aVM exit (see Section 21.1.3); the “use TPR shadow” VM-execution control isignored in this case.21-12 Vol. 3VMX NON-ROOT OPERATION•RDMSR. Section 21.1.3 identifies when executions of the RDMSR instructioncause VM exits.
If an execution of RDMSR does not cause a VM exit and if RCXcontains 10H (indicating the IA32_TIME_STAMP_COUNTER MSR), the valuereturned by the RDMSR instruction is determined by the setting of the “use TSCoffsetting” VM-execution control as well as the TSC offset:— If the control is 0, RDMSR operates normally, loading EAX:EDX with the valueof the IA32_TIME_STAMP_COUNTER MSR.— If the control is 1, RDMSR loads EAX:EDX with the sum (using signedaddition) of the value of the IA32_TIME_STAMP_COUNTER MSR and thevalue of the TSC offset (interpreted as a signed value).•RDTSC.
Behavior of the RDTSC instruction is determined by the settings of the“RDTSC exiting” and “use TSC offsetting” VM-execution controls as well as theTSC offset:— If both controls are 0, RDTSC operates normally.— If the “RDTSC exiting” VM-execution control is 0 and the “use TSC offsetting”VM-execution control is 1, RDTSC loads EAX:EDX with the sum (using signedaddition) of the value of the IA32_TIME_STAMP_COUNTER MSR and thevalue of the TSC offset (interpreted as a signed value).— If the “RDTSC exiting” VM-execution control is 1, RDTSC causes a VM exit(see Section 21.1.3).•SMSW. The behavior of SMSW is determined by the CR0 guest/host mask andthe CR0 read shadow.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
