Changeset 81786 in vbox for trunk/src/VBox

Timestamp:

Nov 12, 2019 4:20:34 AM (5 years ago)

Author:

vboxsync

Message:

VMM: Nested VMX: bugref:9180 Implement VMX-preemption timer for nested-guest. It's still disabled though.

Location:

trunk/src/VBox/VMM

Files:

• VMMAll/CPUMAllRegs.cpp (modified) (1 diff)
• VMMAll/IEMAll.cpp (modified) (2 diffs)
• VMMAll/IEMAllCImplVmxInstr.cpp.h (modified) (6 diffs)
• VMMR0/HMVMXR0.cpp (modified) (3 diffs)
• VMMR3/CPUM.cpp (modified) (8 diffs)
• VMMR3/CPUMR3CpuId.cpp (modified) (1 diff)
• VMMR3/EM.cpp (modified) (1 diff)
• include/CPUMInternal.h (modified) (3 diffs)
• include/CPUMInternal.mac (modified) (2 diffs)

trunk/src/VBox/VMM/VMMAll/CPUMAllRegs.cpp

@@ -2342 +2342 @@
         fMask |= X86_CR4_FSGSBASE;
     return fMask;
+}
+
+
+/**
+ * Starts a VMX-preemption timer to expire as specified by the nested hypervisor.
+ *
+ * @returns VBox status code.
+ * @param   pVCpu           The cross context virtual CPU structure of the calling thread.
+ * @param   uTimer          The VMCS preemption timer value.
+ * @param   cShift          The VMX-preemption timer shift (usually based on guest
+ *                          VMX MSR rate).
+ * @param   pu64EntryTick   Where to store the current tick when the timer is
+ *                          programmed.
+ * @thread  EMT(pVCpu)
+ */
+VMM_INT_DECL(int) CPUMStartGuestVmxPremptTimer(PVMCPUCC pVCpu, uint32_t uTimer, uint8_t cShift, uint64_t *pu64EntryTick)
+{
+    Assert(uTimer);
+    Assert(cShift <= 31);
+    Assert(pu64EntryTick);
+    VMCPU_ASSERT_EMT(pVCpu);
+    uint64_t const cTicksToNext = uTimer << cShift;
+    return TMTimerSetRelative(pVCpu->cpum.s.CTX_SUFF(pNestedVmxPreemptTimer), cTicksToNext, pu64EntryTick);
+}
+
+
+/**
+ * Stops the VMX-preemption timer from firing.
+ *
+ * @returns VBox status code.
+ * @param   pVCpu   The cross context virtual CPU structure of the calling thread.
+ * @thread  EMT.
+ *
+ * @remarks This can be called during VM reset, so we cannot assume it will be on
+ *          the EMT corresponding to @c pVCpu.
+ */
+VMM_INT_DECL(int) CPUMStopGuestVmxPremptTimer(PVMCPUCC pVCpu)
+{
+    /*
+     * CPUM gets initialized before TM, so we defer creation of timers till CPUMR3InitCompleted().
+     * However, we still get called during CPUMR3Init() and hence we need to check if we  have
+     * a valid timer object before trying to stop it.
+     */
+    PTMTIMER pTimer = pVCpu->cpum.s.CTX_SUFF(pNestedVmxPreemptTimer);
+    if (!pTimer)
+        return VERR_NOT_FOUND;
+
+    int rc = TMTimerLock(pTimer, VERR_IGNORED);
+    if (rc == VINF_SUCCESS)
+    {
+        if (TMTimerIsActive(pTimer))
+            TMTimerStop(pTimer);
+        TMTimerUnlock(pTimer);
+    }
+    return rc;
 }
 

trunk/src/VBox/VMM/VMMAll/IEMAll.cpp

@@ -13792 +13792 @@
         {
             rcStrict = iemVmxVmexitPreemptTimer(pVCpu);
-            if (rcStrict == VINF_VMX_INTERCEPT_NOT_ACTIVE)
-                rcStrict = VINF_SUCCESS;
-            else
-            {
-                Assert(!VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS));
-                Assert(!VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_VMX_PREEMPT_TIMER));
-                return rcStrict;
-            }
+            Assert(!VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_VMX_PREEMPT_TIMER));
         }
-        else
-            rcStrict = VINF_SUCCESS;
-
         /*
          * Check remaining intercepts.
@@ -13814 +13804 @@
          * See Intel spec. 26.7.5 "Interrupt-Window Exiting and Virtual-Interrupt Delivery".
          */
-        if (   VMCPU_FF_IS_ANY_SET(pVCpu, VMCPU_FF_VMX_NMI_WINDOW | VMCPU_FF_VMX_INT_WINDOW)
-            && !VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS)
-            && !TRPMHasTrap(pVCpu))
+        else if (   VMCPU_FF_IS_ANY_SET(pVCpu, VMCPU_FF_VMX_NMI_WINDOW | VMCPU_FF_VMX_INT_WINDOW)
+                 && !VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS)
+                 && !TRPMHasTrap(pVCpu))
         {
             Assert(CPUMIsGuestVmxInterceptEvents(&pVCpu->cpum.GstCtx));

trunk/src/VBox/VMM/VMMAll/IEMAllCImplVmxInstr.cpp.h

@@ -360 +360 @@
         /*    20 */ RT_UOFFSETOF(VMXVVMCS, u32GuestSmBase),
         /*    21 */ RT_UOFFSETOF(VMXVVMCS, u32GuestSysenterCS),
-        /*    22 */ RT_UOFFSETOF(VMXVVMCS, u32PreemptTimer),
-        /* 23-25 */ UINT16_MAX, UINT16_MAX, UINT16_MAX
+        /*    22 */ UINT16_MAX,
+        /*    23 */ RT_UOFFSETOF(VMXVVMCS, u32PreemptTimer),
+        /* 24-25 */ UINT16_MAX, UINT16_MAX
     },
     /* VMX_VMCSFIELD_WIDTH_32BIT | VMX_VMCSFIELD_TYPE_HOST_STATE: */
@@ -2604 +2605 @@
 
     /*
+     * Stop any running VMX-preemption timer if necessary.
+     */
+    if (pVmcs->u32PinCtls & VMX_PIN_CTLS_PREEMPT_TIMER)
+        CPUMStopGuestVmxPremptTimer(pVCpu);
+
+    /*
      * Clear any pending VMX nested-guest force-flags.
-     * These force-flags have no effect on guest execution and will
+     * These force-flags have no effect on (outer) guest execution and will
      * be re-evaluated and setup on the next nested-guest VM-entry.
      */
-    VMCPU_FF_CLEAR_MASK(pVCpu, VMCPU_FF_VMX_PREEMPT_TIMER
-                             | VMCPU_FF_VMX_MTF
-                             | VMCPU_FF_VMX_APIC_WRITE
-                             | VMCPU_FF_VMX_INT_WINDOW
-                             | VMCPU_FF_VMX_NMI_WINDOW);
+    VMCPU_FF_CLEAR_MASK(pVCpu, VMCPU_FF_VMX_ALL_MASK);
 
     /* Restore the host (outer guest) state. */
@@ -3477 +3480 @@
     PVMXVVMCS pVmcs = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pVmcs);
     Assert(pVmcs);
-
-    /* The VM-exit is subject to "Activate VMX-preemption timer" being set. */
-    if (pVmcs->u32PinCtls & VMX_PIN_CTLS_PREEMPT_TIMER)
-    {
-        /* Import the hardware virtualization state (for nested-guest VM-entry TSC-tick). */
-        IEM_CTX_IMPORT_RET(pVCpu, CPUMCTX_EXTRN_HWVIRT);
-
-        /*
-         * Calculate the current VMX-preemption timer value.
-         * Only if the value has reached zero, we cause the VM-exit.
-         */
-        uint32_t uPreemptTimer = iemVmxCalcPreemptTimer(pVCpu);
-        if (!uPreemptTimer)
-        {
-            /* Save the VMX-preemption timer value (of 0) back in to the VMCS if the CPU supports this feature. */
-            if (pVmcs->u32ExitCtls & VMX_EXIT_CTLS_SAVE_PREEMPT_TIMER)
-                pVmcs->u32PreemptTimer = 0;
-
-            /* Cause the VMX-preemption timer VM-exit. The Exit qualification MBZ. */
-            return iemVmxVmexit(pVCpu, VMX_EXIT_PREEMPT_TIMER, 0 /* u64ExitQual */);
-        }
-    }
-
-    return VINF_VMX_INTERCEPT_NOT_ACTIVE;
+    Assert(VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_VMX_PREEMPT_TIMER));
+    Assert(pVmcs->u32PinCtls & VMX_PIN_CTLS_PREEMPT_TIMER);
+
+    /* Import the hardware virtualization state (for nested-guest VM-entry TSC-tick). */
+    IEM_CTX_IMPORT_RET(pVCpu, CPUMCTX_EXTRN_HWVIRT);
+
+    /* Save the VMX-preemption timer value (of 0) back in to the VMCS if the CPU supports this feature. */
+    if (pVmcs->u32ExitCtls & VMX_EXIT_CTLS_SAVE_PREEMPT_TIMER)
+        pVmcs->u32PreemptTimer = 0;
+
+    /* Cause the VMX-preemption timer VM-exit. The Exit qualification MBZ. */
+    return iemVmxVmexit(pVCpu, VMX_EXIT_PREEMPT_TIMER, 0 /* u64ExitQual */);
 }
 
@@ -7085 +7076 @@
     if (pVmcs->u32PinCtls & VMX_PIN_CTLS_PREEMPT_TIMER)
     {
-        uint64_t const uEntryTick = TMCpuTickGetNoCheck(pVCpu);
+        /*
+         * If the timer is 0, we must cause a VM-exit before executing the first
+         * nested-guest instruction. So we can flag as though the timer has already
+         * expired and we will check and cause a VM-exit at the right priority elsewhere
+         * in the code.
+         */
+        uint64_t uEntryTick;
+        uint32_t const uPreemptTimer = pVmcs->u32PreemptTimer;
+        if (uPreemptTimer)
+        {
+            int rc = CPUMStartGuestVmxPremptTimer(pVCpu, uPreemptTimer, VMX_V_PREEMPT_TIMER_SHIFT, &uEntryTick);
+            AssertRC(rc);
+            Log(("%s: VM-entry set up VMX-preemption timer at %#RX64\n", pszInstr, uEntryTick));
+        }
+        else
+        {
+            uEntryTick = TMCpuTickGetNoCheck(pVCpu);
+            VMCPU_FF_SET(pVCpu, VMCPU_FF_VMX_PREEMPT_TIMER);
+            Log(("%s: VM-entry set up VMX-preemption timer at %#RX64 to expire immediately!\n", pszInstr, uEntryTick));
+        }
+
         pVCpu->cpum.GstCtx.hwvirt.vmx.uEntryTick = uEntryTick;
-        VMCPU_FF_SET(pVCpu, VMCPU_FF_VMX_PREEMPT_TIMER);
-
-        Log(("%s: VM-entry set up VMX-preemption timer at %#RX64\n", pszInstr, uEntryTick));
     }
     else
@@ -7235 +7243 @@
      * Any VMCS field which we do not establish on every VM-exit but may potentially
      * be used on the VM-exit path of a nested hypervisor -and- is not explicitly
-     * specified to be undefined needs to be initialized here.
+     * specified to be undefined, needs to be initialized here.
      *
      * Thus, it is especially important to clear the Exit qualification field
@@ -7584 +7592 @@
     Assert(uIndex <= VMX_V_VMCS_MAX_INDEX);
     uint16_t const offField   = g_aoffVmcsMap[uWidthType][uIndex];
-    Assert(offField < VMX_V_VMCS_SIZE);
+    AssertMsg(offField < VMX_V_VMCS_SIZE, ("%u field=%#RX64 uWidth=%#x uType=%#x uWidthType=%#x uIndex=%u\n", offField, u64VmcsField, uWidth, uType, uWidthType, uIndex));
     AssertCompile(VMX_V_SHADOW_VMCS_SIZE == VMX_V_VMCS_SIZE);
 

trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp

@@ -7664 +7664 @@
  *         to the EM loop.
  *
- * @param   pVCpu       The cross context virtual CPU structure.
- * @param   fStepping   Whether we are single-stepping the guest using the
- *                      hypervisor debugger.
+ * @param   pVCpu           The cross context virtual CPU structure.
+ * @param   pVmxTransient   The VMX-transient structure.
+ * @param   fStepping       Whether we are single-stepping the guest using the
+ *                          hypervisor debugger.
  *
  * @remarks This might cause nested-guest VM-exits, caller must check if the guest
  *          is no longer in VMX non-root mode.
  */
-static VBOXSTRICTRC hmR0VmxCheckForceFlags(PVMCPUCC pVCpu, bool fStepping)
+static VBOXSTRICTRC hmR0VmxCheckForceFlags(PVMCPUCC pVCpu, PCVMXTRANSIENT pVmxTransient, bool fStepping)
 {
     Assert(VMMRZCallRing3IsEnabled(pVCpu));
@@ -7743 +7744 @@
 
 #ifdef VBOX_WITH_NESTED_HWVIRT_VMX
-    /* Pending nested-guest APIC-write (has highest priority among nested-guest FFs). */
-    if (VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_VMX_APIC_WRITE))
-    {
-        Log4Func(("Pending nested-guest APIC-write\n"));
-        VBOXSTRICTRC rcStrict = IEMExecVmxVmexitApicWrite(pVCpu);
-        Assert(rcStrict != VINF_VMX_INTERCEPT_NOT_ACTIVE);
-        return rcStrict;
-    }
-    /** @todo VMCPU_FF_VMX_MTF, VMCPU_FF_VMX_PREEMPT_TIMER */
+    /*
+     * Pending nested-guest events.
+     *
+     * Please note the priority of these events are specified and important.
+     * See Intel spec. 29.4.3.2 "APIC-Write Emulation".
+     * See Intel spec. 6.9 "Priority Among Simultaneous Exceptions And Interrupts".
+     */
+    if (pVmxTransient->fIsNestedGuest)
+    {
+        /* Pending nested-guest APIC-write. */
+        if (VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_VMX_APIC_WRITE))
+        {
+            Log4Func(("Pending nested-guest APIC-write\n"));
+            VBOXSTRICTRC rcStrict = IEMExecVmxVmexitApicWrite(pVCpu);
+            Assert(rcStrict != VINF_VMX_INTERCEPT_NOT_ACTIVE);
+            return rcStrict;
+        }
+
+        /* Pending nested-guest monitor-trap flag (MTF). */
+        if (VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_VMX_MTF))
+        {
+            Log4Func(("Pending nested-guest MTF\n"));
+            VBOXSTRICTRC rcStrict = IEMExecVmxVmexit(pVCpu, VMX_EXIT_MTF, 0 /* uExitQual */);
+            Assert(rcStrict != VINF_VMX_INTERCEPT_NOT_ACTIVE);
+            return rcStrict;
+        }
+
+        /* Pending nested-guest VMX-preemption timer expired. */
+        if (VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_VMX_PREEMPT_TIMER))
+        {
+            Log4Func(("Pending nested-guest MTF\n"));
+            VBOXSTRICTRC rcStrict = IEMExecVmxVmexitPreemptTimer(pVCpu);
+            Assert(rcStrict != VINF_VMX_INTERCEPT_NOT_ACTIVE);
+            return rcStrict;
+        }
+    }
+#else
+    NOREF(pVmxTransient);
 #endif
 
@@ -10244 +10274 @@
      * Check and process force flag actions, some of which might require us to go back to ring-3.
      */
-    VBOXSTRICTRC rcStrict = hmR0VmxCheckForceFlags(pVCpu, fStepping);
+    VBOXSTRICTRC rcStrict = hmR0VmxCheckForceFlags(pVCpu, pVmxTransient, fStepping);
     if (rcStrict == VINF_SUCCESS)
     {

trunk/src/VBox/VMM/VMMR3/CPUM.cpp

@@ -1404 +1404 @@
     pCtx->hwvirt.vmx.fInVmxNonRootMode = false;
     /* Don't reset diagnostics here. */
+
+    /* Stop any VMX-preemption timer. */
+    CPUMStopGuestVmxPremptTimer(pVCpu);
+
+    /* Clear all nested-guest FFs. */
+    VMCPU_FF_CLEAR_MASK(pVCpu, VMCPU_FF_VMX_ALL_MASK);
 }
 
@@ -1864 +1870 @@
     EmuFeat.fVmxNmiExit               = 1;
     EmuFeat.fVmxVirtNmi               = 0;
-    EmuFeat.fVmxPreemptTimer          = 0;  /** @todo NSTVMX: enable this. */
+    EmuFeat.fVmxPreemptTimer          = 0;  /* Currently disabled on purpose, see @bugref{9180#c}. */
     EmuFeat.fVmxPostedInt             = 0;
     EmuFeat.fVmxIntWindowExit         = 1;
@@ -1918 +1924 @@
     EmuFeat.fVmxExitSaveEferMsr       = 1;
     EmuFeat.fVmxExitLoadEferMsr       = 1;
-    EmuFeat.fVmxSavePreemptTimer      = 0;
+    EmuFeat.fVmxSavePreemptTimer      = 0;  /* Cannot be enabled if VMX-preemption timer is disabled. */
     EmuFeat.fVmxExitSaveEferLma       = 1;  /* Cannot be disabled if unrestricted guest is enabled. */
     EmuFeat.fVmxIntelPt               = 0;
@@ -1997 +2003 @@
     pGuestFeat->fVmxEntryInjectSoftInt    = (pBaseFeat->fVmxEntryInjectSoftInt    & EmuFeat.fVmxEntryInjectSoftInt   );
 
-    if (HMIsSubjectToVmxPreemptTimerErratum())
-    {
-        Log(("CPUM: VMX-preemption timer erratum detected. Cannot expose VMX-preemption timer feature to guests.\n"));
-        pGuestFeat->fVmxPreemptTimer = 0;
+    if (   !pVM->cpum.s.fNestedVmxPreemptTimer
+        || HMIsSubjectToVmxPreemptTimerErratum())
+    {
+        LogRel(("CPUM: Warning! VMX-preemption timer not exposed to guest due to forced CFGM setting or CPU erratum.\n"));
+        pGuestFeat->fVmxPreemptTimer     = 0;
+        pGuestFeat->fVmxSavePreemptTimer = 0;
     }
 
@@ -2084 +2092 @@
 
 /**
+ * Callback that fires when the nested VMX-preemption timer expired.
+ *
+ * @param   pVM     The cross context VM structure.
+ * @param   pTimer  Pointer to timer.
+ * @param   pvUser  Opaque pointer to the virtual-CPU.
+ */
+static DECLCALLBACK(void) cpumR3VmxPreemptTimerCallback(PVM pVM, PTMTIMER pTimer, void *pvUser)
+{
+    RT_NOREF2(pVM, pTimer);
+    Assert(pvUser);
+
+    PVMCPU pVCpu = (PVMCPUR3)pvUser;
+    VMCPU_FF_SET(pVCpu, VMCPU_FF_VMX_PREEMPT_TIMER);
+}
+
+
+/**
  * Initializes the CPUM.
  *
@@ -2243 +2268 @@
      * This must be done after initializing CPUID/MSR features as we access the
      * the VMX/SVM guest features below.
+     *
+     * In the case of nested VT-x, we also need to create the per-VCPU
+     * VMX preemption timers.
      */
     if (pVM->cpum.s.GuestFeatures.fVmx)
@@ -2295 +2323 @@
 
     if (pVM->cpum.s.GuestFeatures.fVmx)
+    {
+        for (VMCPUID idCpu = 0; idCpu < pVM->cCpus; idCpu++)
+        {
+            PVMCPU pVCpu = pVM->apCpusR3[idCpu];
+            int rc = TMR3TimerDestroy(pVCpu->cpum.s.pNestedVmxPreemptTimerR3); AssertRC(rc);
+            pVCpu->cpum.s.pNestedVmxPreemptTimerR0 = NIL_RTR0PTR;
+        }
+
         cpumR3FreeVmxHwVirtState(pVM);
+    }
     else if (pVM->cpum.s.GuestFeatures.fSvm)
         cpumR3FreeSvmHwVirtState(pVM);
@@ -4509 +4546 @@
             /* Register statistic counters for MSRs. */
             cpumR3MsrRegStats(pVM);
+
+            /* Create VMX-preemption timer for nested guests if required. */
+            if (pVM->cpum.s.GuestFeatures.fVmx)
+            {
+                for (VMCPUID idCpu = 0; idCpu < pVM->cCpus; idCpu++)
+                {
+                    PVMCPU pVCpu = pVM->apCpusR3[idCpu];
+                    int rc = TMR3TimerCreateInternal(pVM, TMCLOCK_VIRTUAL_SYNC, cpumR3VmxPreemptTimerCallback, pVCpu,
+                                                     "Nested Guest VMX-preempt. timer", &pVCpu->cpum.s.pNestedVmxPreemptTimerR3);
+                    AssertLogRelRCReturn(rc, rc);
+                    pVCpu->cpum.s.pNestedVmxPreemptTimerR0 = TMTimerR0Ptr(pVCpu->cpum.s.pNestedVmxPreemptTimerR3);
+                }
+            }
             break;
         }

trunk/src/VBox/VMM/VMMR3/CPUMR3CpuId.cpp

@@ -4183 +4183 @@
             pConfig->fNestedHWVirt = false;
         }
+
+        /** @cfgm{/CPUM/NestedVmxPreemptTimer, bool, true}
+         * Whether to expose the VMX-preemption timer feature to the guest (if also
+         * supported by the host hardware). The default is true, and when disabled will
+         * prevent exposing the VMX-preemption timer feature to the guest even if the host
+         * supports it.
+         */
+        rc = CFGMR3QueryBoolDef(pCpumCfg, "NestedVmxPreemptTimer", &pVM->cpum.s.fNestedVmxPreemptTimer, true);
+        AssertLogRelRCReturn(rc, rc);
     }
 

trunk/src/VBox/VMM/VMMR3/EM.cpp

@@ -1894 +1894 @@
             {
                 rc2 = VBOXSTRICTRC_VAL(IEMExecVmxVmexitPreemptTimer(pVCpu));
-                if (rc2 != VINF_VMX_INTERCEPT_NOT_ACTIVE)
-                    UPDATE_RC();
+                Assert(rc2 != VINF_VMX_INTERCEPT_NOT_ACTIVE);
+                UPDATE_RC();
             }
         }

trunk/src/VBox/VMM/include/CPUMInternal.h

@@ -364 +364 @@
     /** The host MXCSR mask (determined at init). */
     uint32_t                fHostMxCsrMask;
-    uint8_t                 abPadding1[20+8];
+    /** Nested VMX: Whether to expose VMX-preemption timer to the guest. */
+    bool                    fNestedVmxPreemptTimer;
+    uint8_t                 abPadding1[3];
+
+    /** Align to 64-byte boundary. */
+    uint8_t                 abPadding2[20+4];
 
     /** Host CPU feature information.
@@ -417 +422 @@
     CPUMCTXMSRS             GuestMsrs;
 
+    /** Nested VMX: VMX-preemption timer - R0 ptr. */
+    PTMTIMERR0              pNestedVmxPreemptTimerR0;
+    /** Nested VMX: VMX-preemption timer - R3 ptr. */
+    PTMTIMERR3              pNestedVmxPreemptTimerR3;
+
     /** Use flags.
      * These flags indicates both what is to be used and what has been used.
@@ -454 +464 @@
     bool                    fCpuIdApicFeatureVisible;
 
-    /** Align the next member on a 64-byte boundrary. */
-    uint8_t                 abPadding2[64 - 16 - 8 - 4 - 1 - 2 + 4];
+    /** Align the next member on a 64-byte boundary. */
+    uint8_t                 abPadding2[64 - (16 + 12 + 4 + 8 + 1 + 2)];
 
     /** Saved host context.  Only valid while inside RC or HM contexts.

trunk/src/VBox/VMM/include/CPUMInternal.mac

@@ -262 +262 @@
     ; Other stuff.
     ;
+    .pNestedVmxPreemptTimerR0   RTR0PTR_RES    1
+    .pNestedVmxPreemptTimerR3   RTR3PTR_RES    1
+
     .fUseFlags            resd    1
     .fChanged             resd    1
@@ -274 +277 @@
 %endif
 
-    .fRemEntered          resb    1
-    .fCpuIdApicFeatureVisible resb 1
-
-    .abPadding2           resb    (64 - 16 - RTR0PTR_CB - 4 - 1 - 2 + 4)
+    .fRemEntered                resb    1
+    .fCpuIdApicFeatureVisible   resb    1
+
+    .abPadding2           resb    (64 - (RTR0PTR_CB + RTR3PTR_CB + 12 + 4 + RTR0PTR_CB + 1 + 2))
 
     ;