Programmable Intercept Types
This section describes the principal mechanism that the hypervisor provides to facilitate the virtualization of certain guest operating system events. These events occur when a virtual processor executes certain instructions or generates certain exceptions.
An authorized guest that is installed on a parent partition can install an intercept for certain events that occur on another guest that is installed on a child partition. An intercept involves the detection of an event that is performed by a virtual processor (explicitly or implicitly). When an intercepted event occurs in the child partition, the hypervisor suspends the virtual processor that triggered the event and sends an intercept message to the parent. The virtual processor remains suspended until the parent calls the HvSetVpRegisters functions to explicitly clear the virtual processor register HvRegisterInterceptSuspend (from the HV_REGISTER_NAME enumeration).
In general, the register state of the virtual processor when the virtual processor is suspended corresponds to the state before the execution of the instruction that triggered the intercept. As such, the instruction can be restarted.
The purpose of the intercept mechanism is to allow a virtualization-aware parent to create a virtual environment that allows an unmodified legacy guest--that was written to execute on the physical hardware--to execute in a hypervisor partition. Such legacy guests might attempt to access physical devices that do not exist in a hypervisor partition (for example, by accessing certain I/O ports). The intercept mechanism described in this section makes it possible to intercept all such accesses and transfer control to the parent partition. The parent partition can alter the effect of the intercepted instruction such that, to the child, the instruction mirrors the expected behavior in physical hardware.
An intercept affects only the state of a single virtual processor. Other virtual processors within the same partition continue to run. Therefore, multiple intercept messages can be in progress concurrently. Intercept messages are queued to the parent in the order in which they are detected.
The available processor intercept events depend on the virtual processor architecture and the capabilities of the physical hardware's virtualization facilities.
The following types of processor events can be intercepted on x64 platforms:
-
Accesses to I/O Ports
-
Accesses to model-specific registers (MSR)
-
Execution of the CPUID instruction
-
Exceptions
The following table describes the scope and intercept-access flags that the hypervisor allows for each intercept type.
| Intercept type | Intercept applies to | Valid access flags |
|---|---|---|
|
I/O port access |
A specific I/O port. The I/O port is specified with each hypercall. |
Read and Write access flags must be specified to install an intercept. |
|
MSR access |
All MSRs not being virtualized by the hypervisor. Note that certain privileges affect MSR virtualization. No MSR value is specified with the hypercall. |
Read and Write access flags must be specified to install the intercept. |
|
CPUID instruction execution |
A specific CPUID leaf. The CPUID leaf is specified with each hypercall. |
Execute access flag must be specified to install an intercept. |
|
Exceptions |
A specific exception vector. The exception vector is specified with each hypercall. |
Execute access flag must be specified to install an intercept. |
Send comments about this topic to Microsoft
Build date: 11/16/2013