APIC-access address Virtual-APIC address IA32_APIC_BASE

virtual-APIC页唯一功能是影子化TPR。
存在三个有意思地址，三个地址全部都是物理地址（意思是它们没有进行过任何一种转换）
1. IA32_APIC_BASE。这个地址包含在MSR中， 这个地址是实际硬件APIC映射的地址。访问这个地址就是访问实际硬件APIC映射的寄存器。VMM将不映射这个物理地址到任何一个客户机地址空间。那意味着（1）：如果EPT启用，EPT相应的表项不包含这个地址。（2）如果使用影子页表，相应页表项包含这个地址。（例外是下面#2）VMM不允许任何客户机访问IA32_APIC_BASE MSR。

2. APIC-access address. 这是APIC-access页地址，通过VMCS里字段编程处理。CPU将特殊处理客户机在个地址上访问。大多数情况下，这些地址将导致VM退出。特殊情况是读写偏移080H地址。见#3它们如何处理的。相关访问定义如下：如果EPT启用， 访问就是使用包含APIC-address的EPT页表项 （2）如果使用影子页表，访问就是使用包含APIC-access地址的EPT页表项。注意：APIC-access地址优先于IA32_APIC_BASE地址。如果两者在有相同的值并且在一个页表项中，通过页表项实现访问虚拟化（大多数情况下引起VM退出）并且不访问实际硬件APIC，在#1中解释了这个特殊情况（客户机运行时，IA32_APIC_BASE地址不在PTE页表中）

3. Virtual-APIC address.这是virtual-APIC页地址，通过VMCS里相应字段编程处理。CPU三种情况使用这个字段：(1) 访问CR8; (2) RDMSR/WRMSR to MSR 808H; (3)访问APIC-access页偏移080H (TPR)。如果CPU侦测到访问在APIC-access页面080H（见上面），它将重定向访问virtual-APIC页偏移080H。VMM不映射这个地址到任何客户机地址空间，但是对于客户机来说，virtual-APIC地址与APIC-access相同

APIC-access和virtual-APIC地址对于多处理器的客户机们互相不同的。在这样一种情况下，单一等级EPT分页结构支持所有虚拟处理器， 这个等级包括一个EPT页表项，对于所有虚拟处理器，页表项地址就是APIC-access地址，也就是说，每个虚拟处理器的VMCS都包含这个地址作为他的APIC-access，但是这些VMCS都有它们自己的virtual-APIC地址
这样，通过一个单一EPT分页结构支持一个单独的客户机的所有虚拟处理器而每个处理器有自己虚拟APIC。

备注：由于32位Windows XP和2003频繁的访问TPR。采用上面虚拟化技术大多数情况下，VM虚拟机不必退出，当然存在退出情况,当 修改TPR小于TPR Threshold时，发生TPR-below-threshold类型的虚拟机退出。

=================================================================================================

It is correct that the only function of the virtual-APIC page is to shadow the TPR.

There are three address of interest, all of which are physical addresses (meaning that they are not subject to any kind of translation).

1. IA32_APIC_BASE. This address is contained in an MSR. This is the address at which that actual hardware APIC is mapped. Accesses to this physical address (e.g., if this physical address is the output of paging) will access the memory-mapped registers of the actual hardware APIC. It is expected that a VMM will not map this physical address into the address space of any guest. That means the following: (1) if EPT is in use, no EPT PTE should contain this address; (2) if EPT is not in use, no ordinary PTE should have this address while a guest is running. (See #2 below for an exception.) It is also expected that the VMM will not allow any guest software to access the IA32_APIC_BASE MSR.

2. APIC-access address. This is the address of the APIC-access page and is programmed via a field in the VMCS. The CPU will treat specially guest accesses to physical addresses on this page. For most cases, such accesses cause VM exits. The only exceptions are reads and writes of offset 080H (TPR) on the page. See item #3 for how they are treated. The relevant accesses are defined as follows: (1) if EPT is in use, accesses that use an EPT PTE that contains the APIC-address; (2) if EPT is not in use, accesses that use an ordinary PTE that contains the APIC-access address. NOTE: the APIC-access address take priority over the address in IA32_APIC_BASE. If both have the same value and are programmed into a PTE, accesses through that PTE are virtualized (cause VM exits in most cases) and do not access the actual hardware APIC. This is an exception to statements in #1 (that the address in IA32_APIC_BASE not appear in PTEs while a guest is running).

3. Virtual-APIC address. This is the address of the virtual-APIC page and is programmed via a field in the VMCS. The CPU uses this field in three situations: (1) MOV to/from CR8; (2) RDMSR/WRMSR to MSR 808H; and (3) for accesses to offset 080H (TPR) on the APIC-access page. If the CPU detects an access to offset 080H on the APIC-access page (see above), it will redirect the access to offset 080H on the virtual-APIC page. It is expected that a VMM will not map this physical address into the address space of any guest, except guests for which the virtual-APIC address is identical to the APIC-access address.

The APIC-access address and the virtual-APIC address were made distinct from each other to support guests with multiple virtual processors. In such a situation, the virtual processors could all be supported with a single hierarchy of EPT paging structures. This hierarchy would include an EPT PTE with an address that is the APIC-access address for all the virtual processors. That is, the VMCS of each virtual processor would include this address as its APIC-access address. But these VMCS's would each have its own virtual-APIC address.

In this way, the virtual processors of a single guest can be supported by a single hierarchy of EPT paging structures while each having its own virtual APIC.