Volume 3B System Programming Guide_ Part 2 (794104), страница 57
Текст из файла (страница 57)
The differences follow.•Exit reason.— Bits 15:0 of this field contain the basic exit reason. The field is loaded withthe reason for the SMM VM exit: I/O SMI (an SMI arrived immediately afterretirement of an I/O instruction), other SMI, or VMCALL. See Appendix I,“VMX Basic Exit Reasons”.— SMM VM exits are the only VM exits that may occur in VMX root operation.Because the SMM monitor may need to know whether it was invoked fromVMX root or VMX non-root operation, this information is stored in bit 29 of theexit-reason field (see Table 20-12 in Section 20.9.1).
The bit is set by SMMVM exits from VMX root operation.— Bits 28:16 and bits 31:30 are clear.•Exit qualification. For an SMM VM exit due an SMI that arrives immediatelyafter the retirement of an I/O instruction, the exit qualification containsinformation about the I/O instruction that retired immediately before the SMI.Ithas the format given in Table 24-8.Table 24-8. Exit Qualification for SMIs That Arrive ImmediatelyAfter the Retirement of an I/O InstructionBit Position(s)Contents2:0Size of access:0 = 1-byte1 = 2-byte3 = 4-byteOther values not used.3Direction of the attempted access (0 = OUT, 1 = IN)4String instruction (0 = not string; 1 = string)5REP prefixed (0 = not REP; 1 = REP)6Operand encoding (0 = DX, 1 = immediate)15:7Reserved (cleared to 0)Vol.
3 24-27SYSTEM MANAGEMENTTable 24-8. Exit Qualification for SMIs That Arrive ImmediatelyAfter the Retirement of an I/O Instruction (Contd.)Bit Position(s)Contents31:16Port number (as specified in the I/O instruction)63:32Reserved (cleared to 0). These bits exist only on processorsthat support Intel 64 architecture.•Guest linear address. This field is used for VM exits due to SMIs that arriveimmediately after the retirement of an INS or OUTS instruction for which therelevant segment (ES for INS; DS for OUTS unless overridden by an instructionprefix) is usable. The field receives the value of the linear address generated byES:(E)DI (for INS) or segment:(E)SI (for OUTS; the default segment is DS butcan be overridden by a segment override prefix) at the time the instructionstarted.
If the relevant segment is not usable, the value is undefined. Onprocessors that support Intel 64 architecture, bits 63:32 are clear if the logicalprocessor was not in 64-bit mode before the VM exit.•I/O RCX, I/O RSI, I/O RDI, and I/O RIP. For an SMM VM exit due an SMIthat arrives immediately after the retirement of an I/O instruction, these fieldsreceive the values that were in RCX, RSI, RDI, and RIP, respectively, before theI/O instruction executed.
Thus, the value saved for I/O RIP addresses the I/Oinstruction.24.16.2.4 Saving Guest StateSMM VM exits save the contents of the SMBASE register into the corresponding fieldin the guest-state area.24.16.2.5 Updating Non-Register StateSMM VM exits affect the non-register state of a logical processor as follows:•SMM VM exits cause non-maskable interrupts (NMIs) to be blocked; they may beunblocked through execution of IRET or through a VM entry (depending on thevalue loaded for the interruptibility state and the setting of the “virtual NMIs”VM-execution control).•SMM VM exits cause SMIs to be blocked; they may be unblocked by a VM entrythat returns from SMM (see Section 24.16.4).24.16.3 Operation of an SMM MonitorOnce invoked, an SMM monitor is in VMX root operation and can use VMX instructionsto configure VMCSs and to cause VM entries to virtual machines supported by those24-28 Vol.
3SYSTEM MANAGEMENTstructures. As noted in Section 24.16.1, the VMXOFF instruction cannot be usedunder the dual-monitor treatment and thus cannot be used by an SMM monitor.The RSM instruction also cannot be used under the dual-monitor treatment. As notedin Section 21.1.3, it causes a VM exit if executed in SMM in VMX non-root operation.If executed in VMX root operation, it causes an invalid-opcode exception. SMMmonitor uses VM entries to return from SMM (see Section 24.16.4).24.16.4 VM Entries that Return from SMMThe SMM monitor returns from SMM using a VM entry with the “entry to SMM”VM-entry control clear.
VM entries that return from SMM reverse the effects of anSMM VM exit (see Section 24.16.2).VM entries that return from SMM may differ from other VM entries in that they do notnecessarily enter VMX non-root operation. If the executive-VMCS pointer field in thecurrent VMCS contains the VMXON pointer, the logical processor remains in VMX rootoperation after VM entry.For differences between VM entries that return from SMM and other VM entries seeSections 24.16.4.1 through 24.16.4.8.24.16.4.1 Checks on the Executive-VMCS Pointer FieldVM entries that return from SMM perform the following checks on the executiveVMCS pointer field in the current VMCS:•••Bits 11:0 must be 0.On processors that support Intel 64 architecture, the pointer must not set anybits beyond the processor’s physical-address width.1 On processors that do notsupport Intel 64 architecture, it must not set any bits in the range 63:32.The 32 bits located in memory referenced by the physical address in the pointermust contain the processor’s VMCS revision identifier (see Section 20.2).The checks above are performed before the checks described in Section 24.16.4.2and before any of the following checks:•If the “deactivate dual-monitor treatment” VM-entry control is 0, the launch stateof the executive VMCS (the VMCS referenced by the executive-VMCS pointerfield) must be launched (see Section 20.11).•If the “deactivate dual-monitor treatment” VM-entry control is 1, the executiveVMCS pointer field must contain the VMXON pointer (see Section 24.16.7).21.
Software can determine a processor’s physical-address width by executing CPUID with80000008H in EAX. The physical-address width is returned in bits 7:0 of EAX.2. An SMM monitor can determine the VMXON pointer by reading the executive-VMCS pointer fieldin the current VMCS after the SMM VM exit that activates the dual-monitor treatment.Vol. 3 24-29SYSTEM MANAGEMENT24.16.4.2 Checks on VM-Execution Control FieldsVM entries that return from SMM differ from other VM entries with regard to thechecks performed on the VM-execution control fields specified in Section 22.2.1.1.They do not apply the checks to the current VMCS. Instead, VM-entry behaviordepends on whether the executive-VMCS pointer field contains the VMXON pointer:4•If the executive-VMCS pointer field contains the VMXON pointer (the VM entryremains in VMX root operation), the checks are not performed at all.•If the executive-VMCS pointer field does not contain the VMXON pointer (theVM entry enters VMX non-root operation), the checks are performed on theVM-execution control fields in the executive VMCS (the VMCS referenced by theexecutive-VMCS pointer field in the current VMCS).
These checks are performedafter checking the executive-VMCS pointer field itself (for proper alignment).24.16.4.3 Checks on Guest Non-Register StateFor VM entries that return from SMM, the activity-state field must not indicate thewait-for-SIPI state if the executive-VMCS pointer field contains the VMXON pointer(the VM entry is to VMX root operation).Section 22.3.1.5 includes the following check on the interruptibility-state field: bit 3(blocking by NMI) must be 0 if the “virtual NMIs” VM-execution control is 1, the validbit (bit 31) in the VM-entry interruption-information field is 1, and the interruptiontype (bits 10:8) in that field has value 2 (indicating NMI). VM entries that return fromSMM modify this check based on whether the executive-VMCS pointer field containsthe VMXON pointer:1•If the executive-VMCS pointer field contains the VMXON pointer (the VM entryremains in VMX root operation), this check is not performed at all.•If the executive-VMCS pointer field does not contain the VMXON pointer (theVM entry enters VMX non-root operation), this check is performed based on thesetting of the “virtual NMIs” VM-execution control in the executive VMCS (theVMCS referenced by the executive-VMCS pointer field in the current VMCS).24.16.4.4 Loading Guest StateVM entries that return from SMM load the SMBASE register from the SMBASE field.1.
An SMM monitor can determine the VMXON pointer by reading the executive-VMCS pointer fieldin the current VMCS after the SMM VM exit that activates the dual-monitor treatment.24-30 Vol. 3SYSTEM MANAGEMENT24.16.4.5 Updating the Current-VMCS and SMM-Transfer VMCS PointersSuccessful VM entries (returning from SMM) load the SMM-transfer VMCS pointerwith the current-VMCS pointer. Following this, they load the current-VMCS pointerfrom a field in the current VMCS:•If the executive-VMCS pointer field contains the VMXON pointer (the VM entryremains in VMX root operation), the current-VMCS pointer is loaded from theVMCS-link pointer field.•If the executive-VMCS pointer field does not contain the VMXON pointer (theVM entry enters VMX non-root operation), the current-VMCS pointer is loadedwith the value of the executive-VMCS pointer field.If the VM entry successfully enters VMX non-root operation, the VM-executioncontrols in effect after the VM entry are those from the new current VMCS.
Thisincludes any structures external to the VMCS referenced by VM-execution controlfields.The updating of these VMCS pointers occurs before event injection. Event injection isdetermined, however, by the VM-entry control fields in the VMCS that was currentwhen the VM entry commenced.24.16.4.6 VM Exits Induced by VM EntrySection 22.5.2 describes how the event-delivery process invoked by event injectionmay lead to a VM exit. Section 22.6.3 to Section 22.6.6 describe other situations thatmay cause a VM exit to occur immediately after a VM entry.Whether these VM exits occur is determined by the VM-execution control fields in thecurrent VMCS.
For VM entries that return from SMM, they can occur only if the executive-VMCS pointer field does not contain the VMXON pointer (the VM entry entersVMX non-root operation).In this case, determination is based on the VM-execution control fields in the VMCSthat is current after the VM entry. This is the VMCS referenced by the value of theexecutive-VMCS pointer field at the time of the VM entry (see Section 24.16.4.5).This VMCS also controls the delivery of such VM exits. Thus, VM exits induced by aVM entry returning from SMM are to the executive monitor and not to the SMMmonitor.24.16.4.7 SMI BlockingVM entries that return from SMM determine the blocking of system-managementinterrupts (SMIs) as follows:•If the “deactivate dual-monitor treatment” VM-entry control is 0, SMIs areblocked after VM entry if and only if the bit 2 in the interruptibility-state field is 1.•If the “deactivate dual-monitor treatment” VM-entry control is 1, SMIs areunblocked by VM entry.Vol.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
