Volume 3B System Programming Guide_ Part 2 (794104), страница 41
Текст из файла (страница 41)
The physical-address width is returned in bits 7:0 of EAX.2. On processors that support Intel 64 architecture, the physical-address extension may supportmore than 36 physical-address bits. Software can determine the number physical-address bitssupported by executing CPUID with 80000008H in EAX.
The physical-address width is returnedin bits 7:0 of EAX.Vol. 3 22-15VM ENTRIESA VM entry that checks the validity of the PDPTRs uses the same checks that are usedwhen CR3 is loaded with MOV to CR3 when PAE paging is in use. If MOV to CR3 wouldcause a general-protection exception due to the PDPTRs that would be loaded (forexample: because a reserved bit is set), the VM entry fails.22.3.2 Loading Guest StateProcessor state is updated on VM entries in the following ways:•••Some state is loaded from the guest-state area.Some state is determined by VM-entry controls.The page-directory pointers are loaded based on the values of certain controlregisters.This loading may be performed in any order and in parallel with the checking of VMCScontents (see Section 22.3.1).The loading of guest state is detailed in Section 22.3.2.1 to Section 22.3.2.4.
Thesesections reference VMCS fields that correspond to processor state. Unless otherwisestated, these references are to fields in the guest-state area.In addition to the state loading described in this section, VM entries may load MSRsfrom the VM-entry MSR-load area (see Section 22.4). This loading occurs only afterthe state loading described in this section and the checking of VMCS contentsdescribed in Section 22.3.1.22.3.2.1Loading Guest Control Registers, Debug Registers, and MSRsThe following items describe how guest control registers, debug registers, and MSRsare loaded on VM entry:•CR0 is loaded from the CR0 field with the exception of the following bits, whichare never modified on VM entry: ET (bit 4); reserved bits 15:6, 17, and 28:19;NW (bit 29) and CD (bit 30).1 The values of these bits in the CR0 field areignored.••CR3 and CR4 are loaded from the CR3 field and the CR4 field, respectively.•The following describes how some MSRs are loaded using fields in the guest-statearea:DR7 is loaded from the DR7 field with the exception that bit 12 and bits 15:14 arealways 0 and bit 10 is always 1.
The values of these bits in the DR7 field areignored.— IA32_DEBUGCTL MSR is loaded from the IA32_DEBUGCTL field.1. Bits 15:6, bit 17, and bit 28:19 of CR0 and CR0.ET are unchanged by executions of MOV to CR0.Bits 15:6, bit 17, and bit 28:19 of CR0 are always 0 and CR0.ET is always 1.22-16 Vol. 3VM ENTRIES— The IA32_SYSENTER_CS MSR is loaded from the IA32_SYSENTER_CS field.Since this field has only 32 bits, bits 63:32 of the MSR are cleared to 0.— The IA32_SYSENTER_ESP and IA32_SYSENTER_EIP MSRs are loaded fromthe IA32_SYSENTER_ESP field and the IA32_SYSENTER_EIP field, respectively.
On processors that do not support Intel 64 architecture, these fieldshave only 32 bits; bits 63:32 of the MSRs are cleared to 0.— The following are performed on processors that support Intel 64 architecture:•The MSRs FS.base and GS.base are loaded from the base-address fieldsfor FS and GS, respectively (see Section 22.3.2.2).•The LMA and LME bits in the IA32_EFER MSR are each loaded with thesetting of the “IA-32e mode guest” VM-entry control.With the exception of FS.base and GS.base, any of these MSRs may be subsequently overwritten if it appears in the VM-entry MSR-load area. See Section22.4.•The SMBASE register is unmodified by all VM entries except those that returnfrom SMM.If any of CR3[63:5] (CR3[31:5] on processors that do not support Intel 64 architecture), CR4.PAE, CR4.PSE, or IA32_EFER.LMA is changing, the TLBs are updated sothat, after VM entry, the logical processor will not use any translations that werecached before the transition.
This is not necessary for changes that would not affectpaging due to the settings of other bits (for example, changes to CR4.PSE if CR4.PAEwas 1 before and after the transition).22.3.2.2Loading Guest Segment Registers and Descriptor-Table RegistersFor each of CS, SS, DS, ES, FS, GS, TR, and LDTR, fields are loaded from the gueststate area as follows:•The unusable bit is loaded from the access-rights field. This bit can never be setfor TR (see Section 22.3.1.2). If it is set for one of the other registers, thefollowing apply:— For each of CS, SS, DS, ES, FS, and GS, uses of the segment cause faults(general-protection exception or stack-fault exception) outside 64-bit mode,just as they would had the segment been loaded using a null selector. This bitdoes not cause accesses to fault in 64-bit mode.— If this bit is set for LDTR, uses of LDTR cause general-protection exceptions inall modes, just as they would had LDTR been loaded using a null selector.If this bit is clear for any of CS, SS, DS, ES, FS, GS, TR, and LDTR, a nullselector value does not cause a fault (general-protection exception or stackfault exception).•TR.
The selector, base, limit, and access-rights fields are loaded.Vol. 3 22-17VM ENTRIES•CS.— The following fields are always loaded: selector, base address, limit, and(from the access-rights field) the L, D, and G bits.— For the other fields, the unusable bit of the access-rights field is consulted:•••If the unusable bit is 0, all of the access-rights fields are loaded.If the unusable bit is 1, the remainder of CS access rights are undefinedafter VM entry.SS, DS, ES, FS, and GS, and LDTR.— The selector fields are loaded.— For the other fields, the unusable bit of the corresponding access-rights fieldis consulted:•If the unusable bit is 0, the base-address, limit, and access-rights fieldsare loaded.•If the unusable bit is 1, the base address, the segment limit, and theremainder of the access rights are undefined after VM entry.
The onlyexceptions are the following:— SS.DPL: always loaded from the SS access-rights field. This will bethe current privilege level (CPL) after the VM entry completes.— The base addresses for FS and GS: always loaded. Note that, onprocessors that support Intel 64 architecture, the values loaded forbase addresses for FS and GS are also manifest in the FS.base andGS.base MSRs.— The base address for LDTR on processors that support Intel 64 architecture: set to an undefined but canonical value.— Bits 63:32 of the base addresses for SS, DS, and ES on processorsthat support Intel 64 architecture: cleared to 0.GDTR and IDTR are loaded using the base and limit fields.22.3.2.3Loading Guest RIP, RSP, and RFLAGSRSP, RIP, and RFLAGS are loaded from the RSP field, the RIP field, and the RFLAGSfield, respectively. The following items regard the upper 32 bits of these fields onVM entries that are not to 64-bit mode:•Bits 63:32 of RSP are undefined outside 64-bit mode.
Thus, a logical processormay ignore the contents of bits 63:32 of the RSP field on VM entries that are notto 64-bit mode.•As noted in Section 22.3.1.4, bits 63:32 of the RIP and RFLAGS fields must be 0on VM entries that are not to 64-bit mode.22-18 Vol. 3VM ENTRIES22.3.2.4Loading Page-Directory PointersAs noted in Section 22.3.1.6, the logical processor uses PAE paging if bit 5 in CR4(CR4.PAE) is 1 and IA32_EFER.LMA is 0. When PAE paging is in use, the physicaladdress in CR3 references a table of page-directory pointers (PDPTRs).
A MOV to CR3when PAE paging is in use loads the PDPTRs into the processor (into internal, nonarchitectural registers).A VM entry to a guest that uses PAE paging loads the PDPTRs into the processor aswould MOV to CR3, using the value of CR3 being load by the VM entry.22.3.3Clearing Address-Range MonitoringThe Intel 64 and IA-32 architectures allow software to monitor a specified addressrange using the MONITOR and MWAIT instructions. See Section 7.11.4 in the Intel®64 and IA-32 Architectures Software Developer’s Manual, Volume 3A. VM entriesclear any address-range monitoring that may be in effect.22.4LOADING MSRSVM entries may load MSRs from the VM-entry MSR-load area (see Section 20.8.2).Specifically each entry in that area (up to the number specified in the VM-entry MSRload count) is processed in order by loading the MSR indexed by bits 31:0 with thecontents of bits 127:64 as they would be written by WRMSR.Processing of an entry fails in any of the following cases:•The value of bits 31:0 is either C0000100H (the IA32_FS_BASE MSR) orC0000101 (the IA32_GS_BASE MSR).•The value of bits 31:0 indicates an MSR that can be written only in systemmanagement mode (SMM) and the VM entry did not commence in SMM.(IA32_SMM_MONITOR_CTL is an MSR that can be written only in SMM.)•The value of bits 31:0 indicates an MSR that cannot be loaded on VM entries formodel-specific reasons.
A processor may prevent loading of certain MSRs even ifthey can normally be written by WRMSR. Such model-specific behavior isdocumented in Appendix B.••Bits 63:32 are not all 0.An attempt to write bits 127:64 to the MSR indexed by bits 31:0 of the entrywould cause a general-protection exception if executed via WRMSR withCPL = 0.11.
Note the following about processors that support Intel 64 architecture. If CR0.PG = 1, WRMSR tothe IA32_EFER MSR causes a general-protection exception if it would modify the LME bit. SinceCR0.PG is always 1 in VMX operation, the IA32_EFER MSR should not be included in theVM-entry MSR-load area for the purpose of modifying the LME bit.Vol. 3 22-19VM ENTRIESThe VM entry fails if processing fails for any entry. The logical processor responds tosuch failures by loading state from the host-state area, as it would for a VM exit. SeeSection 22.7.If any MSR is being loaded in such a way that would architecturally require a TLBflush, the TLBs are updated so that, after VM entry, the logical processor will not useany translations that were cached before the transition.22.5EVENT INJECTIONIf the valid bit in the VM-entry interruption-information field is 1, the logicalprocessor delivers an event after all components of guest state have been loaded(including MSRs).
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
