vitalif
/
mirror_qemu
mirror of https://github.com/proxmox/mirror_qemu
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

qxl: fix guest cursor tracking 

(1) If the guest cursor command is empty, don't reload it after migration.
(2) Cleaning the guest cursor when it is released by
    the spice server. In addition, explicitly reset the
    cursor in spice upon destroying the primary surface
    (was done by spice-server implicitly). This will prevent
    access to pci memory that was released.

RHBZ: 744518

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
master
Yonit Halperin 2011-10-18 18:58:54 +02:00 committed by Gerd Hoffmann
parent 78e60ba53d
commit 30f6da6656
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
hw/qxl.c
View File

@ -236,6 +236,9 @@ void qxl_spice_reset_image_cache(PCIQXLDevice *qxl)
void qxl_spice_reset_cursor(PCIQXLDevice *qxl)
{
qxl->ssd.worker->reset_cursor(qxl->ssd.worker);
qemu_mutex_lock(&qxl->track_lock);
qxl->guest_cursor = 0;
qemu_mutex_unlock(&qxl->track_lock);
}
@ -400,7 +403,9 @@ static void qxl_track_command(PCIQXLDevice *qxl, struct QXLCommandExt *ext)
{
QXLCursorCmd *cmd = qxl_phys2virt(qxl, ext->cmd.data, ext->group_id);
if (cmd->type == QXL_CURSOR_SET) {
qemu_mutex_lock(&qxl->track_lock);
qxl->guest_cursor = ext->cmd.data;
qemu_mutex_unlock(&qxl->track_lock);
}
break;
}
@ -1065,6 +1070,7 @@ static int qxl_destroy_primary(PCIQXLDevice *d, qxl_async_io async)
d->mode = QXL_MODE_UNDEFINED;
qemu_spice_destroy_primary_surface(&d->ssd, 0, async);
qxl_spice_reset_cursor(d);
return 1;
}
@ -1704,10 +1710,12 @@ static int qxl_post_load(void *opaque, int version)
cmds[out].group_id = MEMSLOT_GROUP_GUEST;
out++;
}
cmds[out].cmd.data = d->guest_cursor;
cmds[out].cmd.type = QXL_CMD_CURSOR;
cmds[out].group_id = MEMSLOT_GROUP_GUEST;
out++;
if (d->guest_cursor) {
cmds[out].cmd.data = d->guest_cursor;
cmds[out].cmd.type = QXL_CMD_CURSOR;
cmds[out].group_id = MEMSLOT_GROUP_GUEST;
out++;
}
qxl_spice_loadvm_commands(d, cmds, out);
g_free(cmds);