Intel® 64 and IA-32 Architectures
Software Developer’s Manual
Volume 3B:
System Programming Guide, Part 2
NOTE: The Intel
®
64 and IA-32 Architectures Software Developer's Manual
consists of five volumes: Basic Architecture, Order Number 253665;
Instruction Set Reference A-M, Order Number 253666; Instruction Set
Reference N-Z, Order Number 253667; System Programming Guide,
Part 1, Order Number 253668; System Programming Guide, Part 2, Order
Number 253669. Refer to all five volumes when evaluating your design
needs.
Order Number: 253669-033US
December 2009
ii Vol. 3B
INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE,
EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANT-
ED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL'S TERMS AND CONDITIONS OF SALE FOR SUCH
PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED
WARRANTY, RELATING TO SALE AND/OR USE OF INTEL PRODUCTS INCLUDING LIABILITY OR WARRANTIES
RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY
PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT.
UNLESS OTHERWISE AGREED IN WRITING BY INTEL, THE INTEL PRODUCTS ARE NOT DESIGNED NOR IN-
TENDED FOR ANY APPLICATION IN WHICH THE FAILURE OF THE INTEL PRODUCT COULD CREATE A SITUA-
TION WHERE PERSONAL INJURY OR DEATH MAY OCCUR.
Intel may make changes to specifications and product descriptions at any time, without notice. Designers
must not rely on the absence or characteristics of any features or instructions marked "reserved" or "unde-
fined." Intel reserves these for future definition and shall have no responsibility whatsoever for conflicts or
incompatibilities arising from future changes to them. The information here is subject to change without no-
tice. Do not finalize a design with this information.
The Intel
®
64 architecture processors may contain design defects or errors known as errata. Current char-
acterized errata are available on request.
Intel
®
Hyper-Threading Technology requires a computer system with an Intel
®
processor supporting Intel
Hyper-Threading Technology and an Intel
®
HT Technology enabled chipset, BIOS and operating system.
Performance will vary depending on the specific hardware and software you use. For more information, see
http://www.intel.com/technology/hyperthread/index.htm; including details on which processors support Intel HT
Technology.
Intel
®
Virtualization Technology requires a computer system with an enabled Intel
®
processor, BIOS, virtual
machine monitor (VMM) and for some uses, certain platform software enabled for it. Functionality, perfor-
mance or other benefits will
vary depending on hardware and software configurations. Intel
®
Virtualization
Technology-enabled BIOS and VMM applications are currently in development.
64-bit computing on Intel architecture requires a computer system with a processor, chipset, BIOS, oper-
ating system, device drivers and applications enabled for Intel
®
64 architecture. Processors will not operate
(including 32-bit operation) without an Intel
®
64 architecture-enabled BIOS. Performance will vary depend-
ing on your hardware and software configurations. Consult with your system vendor for more information.
Enabling Execute Disable Bit functionality requires a PC with a processor with Execute Disable Bit capability
and a supporting operating system. Check with your PC manufacturer on whether your system delivers Ex-
ecute Disable Bit functionality.
Intel, Pentium, Intel Xeon, Intel NetBurst, Intel Core, Intel Core Solo, Intel Core Duo, Intel Core 2 Duo,
Intel Core 2 Extreme, Intel Pentium D, Itanium, Intel SpeedStep, MMX, Intel Atom, and VTune are trade-
marks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other coun-
tries.
*Other names and brands may be claimed as the property of others.
Contact your local Intel sales office or your distributor to obtain the latest specifications and before placing
your product order.
Copies of documents which have an ordering number and are referenced in this document, or other Intel
literature, may be obtained by calling 1-800-548-4725, or by visiting Intel’s website at http://www.intel.com
Copyright © 1997-2009 Intel Corporation
Vol. 3 20-1
CHAPTER 20
INTRODUCTION TO VIRTUAL-MACHINE EXTENSIONS
20.1 OVERVIEW
This chapter describes the basics of virtual machine architecture and an overview of
the virtual-machine extensions (VMX) that support virtualization of processor hard-
ware for multiple software environments.
Information about VMX instructions is provided in Intel® 64 and IA-32 Architectures
Software Developer’s Manual, Volume 2B. Other aspects of VMX and system
programming considerations are described in chapters of Intel® 64 and IA-32 Archi-
tectures Software Developer’s Manual, Volume 3B.
20.2 VIRTUAL MACHINE ARCHITECTURE
Virtual-machine extensions define processor-level support for virtual machines on
IA-32 processors. Two principal classes of software are supported:
• Virtual-machine monitors (VMM) — A VMM acts as a host and has full control
of the processor(s) and other platform hardware. A VMM presents guest software
(see next paragraph) with an abstraction of a virtual processor and allows it to
execute directly on a logical processor. A VMM is able to retain selective control of
processor resources, physical memory, interrupt management, and I/O.
• Guest software — Each virtual machine (VM) is a guest software environment
that supports a stack consisting of operating system (OS) and application
software. Each operates independently of other virtual machines and uses on the
same interface to processor(s), memory, storage, graphics, and I/O provided by
a physical platform. The software stack acts as if it were running on a platform
with no VMM. Software executing in a virtual machine must operate with reduced
privilege so that the VMM can retain control of platform resources.
20.3 INTRODUCTION TO VMX OPERATION
Processor support for virtualization is provided by a form of processor operation
called VMX operation. There are two kinds of VMX operation: VMX root operation and
VMX non-root operation. In general, a VMM will run in VMX root operation and guest
software will run in VMX non-root operation. Transitions between VMX root operation
and VMX non-root operation are called VMX transitions. There are two kinds of VMX
transitions. Transitions into VMX non-root operation are called VM entries. Transi-
tions from VMX non-root operation to VMX root operation are called VM exits.
20-2 Vol. 3
INTRODUCTION TO VIRTUAL-MACHINE EXTENSIONS
Processor behavior in VMX root operation is very much as it is outside VMX operation.
The principal differences are that a set of new instructions (the VMX instructions) is
available and that the values that can be loaded into certain control registers are
limited (see Section 20.8).
Processor behavior in VMX non-root operation is restricted and modified to facilitate
virtualization. Instead of their ordinary operation, certain instructions (including the
new VMCALL instruction) and events cause VM exits to the VMM. Because these
VM exits replace ordinary behavior, the functionality of software in VMX non-root
operation is limited. It is this limitation that allows the VMM to retain control of
processor resources.
There is no software-visible bit whose setting indicates whether a logical processor is
in VMX non-root operation. This fact may allow a VMM to prevent guest software from
determining that it is running in a virtual machine.
Because VMX operation places restrictions even on software running with current
privilege level (CPL) 0, guest software can run at the privilege level for which it was
originally designed. This capability may simplify the development of a VMM.
20.4 LIFE CYCLE OF VMM SOFTWARE
Figure 20-1 illustrates the life cycle of a VMM and its guest software as well as the
interactions between them. The following items summarize that life cycle:
• Software enters VMX operation by executing a VMXON instruction.
• Using VM entries, a VMM can then enter guests into virtual machines (one at a
time). The VMM effects a VM entry using instructions VMLAUNCH and
VMRESUME; it regains control using VM exits.
• VM exits transfer control to an entry point specified by the VMM. The VMM can
take action appropriate to the cause of the VM exit and can then return to the
virtual machine using a VM entry.
• Eventually, the VMM may decide to shut itself down and leave VMX operation. It
does so by executing the VMXOFF instruction.
Vol. 3 20-3
INTRODUCTION TO VIRTUAL-MACHINE EXTENSIONS
20.5 VIRTUAL-MACHINE CONTROL STRUCTURE
VMX non-root operation and VMX transitions are controlled by a data structure called
a virtual-machine control structure (VMCS).
Access to the VMCS is managed through a component of processor state called the
VMCS pointer (one per logical processor). The value of the VMCS pointer is the 64-bit
address of the VMCS. The VMCS pointer is read and written using the instructions
VMPTRST and VMPTRLD. The VMM configures a VMCS using the VMREAD, VMWRITE,
and VMCLEAR instructions.
A VMM could use a different VMCS for each virtual machine that it supports. For a
virtual machine with multiple logical processors (virtual processors), the VMM could
use a different VMCS for each virtual processor.
20.6 DISCOVERING SUPPORT FOR VMX
Before system software enters into VMX operation, it must discover the presence of
VMX support in the processor. System software can determine whether a processor
supports VMX operation using CPUID. If CPUID.1:ECX.VMX[bit 5] = 1, then VMX
operation is supported. See Chapter 3, “Instruction Set Reference, A-M” of Intel® 64
and IA-32 Architectures Software Developer’s Manual, Volume 2A.
The VMX architecture is designed to be extensible so that future processors in VMX
operation can support additional features not present in first-generation implemen-
tations of the VMX architecture. The availability of extensible VMX features is
reported to software using a set of VMX capability MSRs (see Appendix G, “VMX
Capability Reporting Facility”).
Figure 20-1. Interaction of a Virtual-Machine Monitor and Guests
VM Monitor
Guest 0 Guest 1
VM Exit VM Exit
VM Entry
VMXOFFVMXON
