On Fri, Apr 27, 2018 at 10:01:11AM -0700, Jim Mattson wrote:
> Enforce the invariant that existing VMCS12 field offsets must not
> change. Experience has shown that without strict enforcement, this
> invariant will not be maintained.
>
> Signed-off-by: Jim Mattson <jmattson@xxxxxxxxxx>
> ---
> arch/x86/kvm/vmx.c | 152 +++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 152 insertions(+)
>
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index 41f9f932de54..f7628ac71672 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -411,6 +411,158 @@ struct __packed vmcs12 {
> u16 guest_pml_index;
> };
>
> +/*
> + * For save/restore compatibility, the vmcs12 field offsets must not change.
> + */
> +#define CHECK_OFFSET(field, loc) \
> + _Static_assert(offsetof(struct vmcs12, field) == (loc), \
> + "Offset of " #field " in struct vmcs12 has changed.")
> +
> +CHECK_OFFSET(revision_id, 0);
> +CHECK_OFFSET(abort, 4);
> +CHECK_OFFSET(launch_state, 8);
> +CHECK_OFFSET(io_bitmap_a, 40);
[...]
Instead of maintaining a separate set of field offset checks, wouldn't
it be better to merge this assertion into FIELD/FIELD64 macros?
Roman.
