VMREAD — Read Field from Virtual-Machine Control Structure

Opcode/Instruction Op/En Description
NP 0F 78 VMREAD r/m64, r64 MR Reads a specified VMCS field (in 64-bit mode).
NP 0F 78 VMREAD r/m32, r32 MR Reads a specified VMCS field (outside 64-bit mode).

Instruction Operand Encoding

Op/En Operand 1 Operand 2 Operand 3 Operand 4
MR ModRM:r/m (w) ModRM:reg (r) NA NA

Description

Reads a specified field from a VMCS and stores it into a specified destination operand (register or memory). In VMX root operation, the instruction reads from the current VMCS. If executed in VMX non-root operation, the instruction reads from the VMCS referenced by the VMCS link pointer field in the current VMCS.

The VMCS field is specified by the VMCS-field encoding contained in the register source operand. Outside IA-32e mode, the source operand has 32 bits, regardless of the value of CS.D. In 64-bit mode, the source operand has 64 bits.

The effective size of the destination operand, which may be a register or in memory, is always 32 bits outside IA-32e mode (the setting of CS.D is ignored with respect to operand size) and 64 bits in 64-bit mode. If the VMCS field specified by the source operand is shorter than this effective operand size, the high bits of the destination operand are cleared to 0. If the VMCS field is longer, then the high bits of the field are not read.

Note that any faults resulting from accessing a memory destination operand can occur only after determining, in the operation section below, that the relevant VMCS pointer is valid and that the specified VMCS field is supported.

Operation

IF (not in VMX operation) or (CR0.PE = 0) or (RFLAGS.VM = 1) or (IA32_EFER.LMA = 1 and CS.L = 0)
    THEN #UD;
ELSIF in VMX non-root operation AND (“VMCS shadowing” is 0 OR source operand sets bits in range 63:15 OR
VMREAD bit corresponding to bits 14:0 of source operand is 1)1
    THEN VMexit;
ELSIF CPL > 0
    THEN #GP(0);
ELSIF (in VMX root operation AND current-VMCS pointer is not valid) OR
(in VMX non-root operation AND VMCS link pointer is not valid)
    THEN VMfailInvalid;
ELSIF source operand does not correspond to any VMCS field
    THEN VMfailValid(VMREAD/VMWRITE from/to unsupported VMCS component);
    ELSE
        IF in VMX root operation
            THEN destination operand := contents of field indexed by source operand in current VMCS;
            ELSE destination operand := contents of field indexed by source operand in VMCS referenced by VMCS link pointer;
        FI;
        VMsucceed;
FI;

1. The VMREAD bit for a source operand is defined as follows. Let x be the value of bits 14:0 of the source operand and let addr be the VMREAD-bitmap address. The corresponding VMREAD bit is in bit position x & 7 of the byte at physical address addr | (x » 3).

Flags Affected

See the operation section and Section 31.2.

Protected Mode Exceptions

#GP(0) If the current privilege level is not 0.
If a memory destination operand effective address is outside the CS, DS, ES, FS, or GS segment limit.
If the DS, ES, FS, or GS register contains an unusable segment.
If the destination operand is located in a read-only data segment or any code segment.
#PF(fault-code) If a page fault occurs in accessing a memory destination operand.
#SS(0) If a memory destination operand effective address is outside the SS segment limit.
If the SS register contains an unusable segment.
#UD If not in VMX operation.

Real-Address Mode Exceptions

#UD The VMREAD instruction is not recognized in real-address mode.

Virtual-8086 Mode Exceptions

#UD The VMREAD instruction is not recognized in virtual-8086 mode.

Compatibility Mode Exceptions

#UD The VMREAD instruction is not recognized in compatibility mode.

64-Bit Mode Exceptions

#GP(0) If the current privilege level is not 0.
If the memory destination operand is in the CS, DS, ES, FS, or GS segments and the memory address is in a non-canonical form.
#PF(fault-code) If a page fault occurs in accessing a memory destination operand.
#SS(0) If the memory destination operand is in the SS segment and the memory address is in a non-canonical form.
#UD If not in VMX operation.