vmptrld will load the vmcs pointer for the virtual-machine to be launched. The vmcs stands for Virtual Machine Control Structure. The vmcs is a region in memory which holds all the data for the virtual-machine to be launched. The instruction usage is similar to vmxon:
vmptrld [vmcs_ptr]
vmcs_ptr dq vmcs_region
vmcs_region:
rev_id dd 0
As with vmxon, the revision id of the vmcs_region should be updated with the revision-id supported by the processor (contained in msr 0x480) prior to executing vmptrld. As with vmxon, the vmcs_region must be located on a 4K boundary.
The only other thing worth mentioning is if you try to load the vmxon_ptr as an operand to vmptrld, then execution of vmptrld will fail. Meaning, a code sequence like the one shown below is guaranteed to fail vmptrld:
vmxon [vmxon_ptr]
jbe vmxon_failed
vmptrld [vmxon_ptr]
jbe vmptrld_failed
When the processor executes vmptrld, it realizes that vmptrld's pointer points to the same region as vmxon. This will cuase vmptrld to fail.
It may also be a good practice to execute vmclear before executing vmptrld to load the vmcs-pointer. So the hypervisor may want to do this:
vmclear [vmcs_ptr]
jbe vmclear_failed
vmptrld [vmcs_ptr]
jbe vmptrld_failed
At this point we have executed vmxon, entered VMX_ROOT mode, initialized the virtual-machine-vmcs with vmclear and loaded the virtual-machine-vmcs pointer into the processor by executing vmptrld. The next step is to initialize the vmcs with the virtual-machine's (hence forth referred to as guest) data and then launch the guest.
Subscribe to:
Post Comments (Atom)
Thanks for your excellent notes! I am a little confused though. In the first half of this article, you mention about updating the VMCS region with the rev_id value read from the MSR at address 0x480. In the second half, you provide a code snippet that calls VMCLEAR followed by VMPTRLD in which case the rev_id is not updated in the VMCS region. The latter seems right though. Thoughts?
ReplyDeleteJust checked the Intel System manual. Section 24.2 clearly states that: Software should write the VMCS revision identifier to the VMCS region before using that region for a VMCS. The VMCS revision identifier is never written by the
ReplyDeleteprocessor; VMPTRLD may fail if its operand references a VMCS region whose VMCS revision identifier differs from that used by the processor.