* [Qemu-devel] [PATCH] qxl: fix guest cursor tracking
@ 2011-10-18 16:58 Yonit Halperin
2011-10-18 17:54 ` Alon Levy
2011-10-19 12:48 ` Gerd Hoffmann
0 siblings, 2 replies; 3+ messages in thread
From: Yonit Halperin @ 2011-10-18 16:58 UTC (permalink / raw)
To: qemu-devel; +Cc: Yonit Halperin, alevy, kraxel, spice-devel
(1) If the guest cursor command is empty, don't reload it after migration.
(2) Cleaning the guest cursor when it is released by
the spice server. In addition, explicitly reset the
cursor in spice upon destroying the primary surface
(was done by spice-server implicitly). This will prevent
access to pci memory that was released.
RHBZ: 744518
Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
---
hw/qxl.c | 16 ++++++++++++----
1 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/hw/qxl.c b/hw/qxl.c
index 03848ed..c9b60a2 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -238,6 +238,9 @@ void qxl_spice_reset_image_cache(PCIQXLDevice *qxl)
void qxl_spice_reset_cursor(PCIQXLDevice *qxl)
{
qxl->ssd.worker->reset_cursor(qxl->ssd.worker);
+ qemu_mutex_lock(&qxl->track_lock);
+ qxl->guest_cursor = 0;
+ qemu_mutex_unlock(&qxl->track_lock);
}
@@ -402,7 +405,9 @@ static void qxl_track_command(PCIQXLDevice *qxl, struct QXLCommandExt *ext)
{
QXLCursorCmd *cmd = qxl_phys2virt(qxl, ext->cmd.data, ext->group_id);
if (cmd->type == QXL_CURSOR_SET) {
+ qemu_mutex_lock(&qxl->track_lock);
qxl->guest_cursor = ext->cmd.data;
+ qemu_mutex_unlock(&qxl->track_lock);
}
break;
}
@@ -1067,6 +1072,7 @@ static int qxl_destroy_primary(PCIQXLDevice *d, qxl_async_io async)
d->mode = QXL_MODE_UNDEFINED;
qemu_spice_destroy_primary_surface(&d->ssd, 0, async);
+ qxl_spice_reset_cursor(d);
return 1;
}
@@ -1710,10 +1716,12 @@ static int qxl_post_load(void *opaque, int version)
cmds[out].group_id = MEMSLOT_GROUP_GUEST;
out++;
}
- cmds[out].cmd.data = d->guest_cursor;
- cmds[out].cmd.type = QXL_CMD_CURSOR;
- cmds[out].group_id = MEMSLOT_GROUP_GUEST;
- out++;
+ if (d->guest_cursor) {
+ cmds[out].cmd.data = d->guest_cursor;
+ cmds[out].cmd.type = QXL_CMD_CURSOR;
+ cmds[out].group_id = MEMSLOT_GROUP_GUEST;
+ out++;
+ }
qxl_spice_loadvm_commands(d, cmds, out);
g_free(cmds);
--
1.7.6.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Qemu-devel] [PATCH] qxl: fix guest cursor tracking
2011-10-18 16:58 [Qemu-devel] [PATCH] qxl: fix guest cursor tracking Yonit Halperin
@ 2011-10-18 17:54 ` Alon Levy
2011-10-19 12:48 ` Gerd Hoffmann
1 sibling, 0 replies; 3+ messages in thread
From: Alon Levy @ 2011-10-18 17:54 UTC (permalink / raw)
To: Yonit Halperin; +Cc: qemu-devel, spice-devel, kraxel
On Tue, Oct 18, 2011 at 06:58:54PM +0200, Yonit Halperin wrote:
> (1) If the guest cursor command is empty, don't reload it after migration.
> (2) Cleaning the guest cursor when it is released by
> the spice server. In addition, explicitly reset the
> cursor in spice upon destroying the primary surface
> (was done by spice-server implicitly). This will prevent
> access to pci memory that was released.
>
Reviewed-by: Alon Levy <alevy@redhat.com>
> RHBZ: 744518
>
> Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
> ---
> hw/qxl.c | 16 ++++++++++++----
> 1 files changed, 12 insertions(+), 4 deletions(-)
>
> diff --git a/hw/qxl.c b/hw/qxl.c
> index 03848ed..c9b60a2 100644
> --- a/hw/qxl.c
> +++ b/hw/qxl.c
> @@ -238,6 +238,9 @@ void qxl_spice_reset_image_cache(PCIQXLDevice *qxl)
> void qxl_spice_reset_cursor(PCIQXLDevice *qxl)
> {
> qxl->ssd.worker->reset_cursor(qxl->ssd.worker);
> + qemu_mutex_lock(&qxl->track_lock);
> + qxl->guest_cursor = 0;
> + qemu_mutex_unlock(&qxl->track_lock);
> }
>
>
> @@ -402,7 +405,9 @@ static void qxl_track_command(PCIQXLDevice *qxl, struct QXLCommandExt *ext)
> {
> QXLCursorCmd *cmd = qxl_phys2virt(qxl, ext->cmd.data, ext->group_id);
> if (cmd->type == QXL_CURSOR_SET) {
> + qemu_mutex_lock(&qxl->track_lock);
> qxl->guest_cursor = ext->cmd.data;
> + qemu_mutex_unlock(&qxl->track_lock);
> }
> break;
> }
> @@ -1067,6 +1072,7 @@ static int qxl_destroy_primary(PCIQXLDevice *d, qxl_async_io async)
>
> d->mode = QXL_MODE_UNDEFINED;
> qemu_spice_destroy_primary_surface(&d->ssd, 0, async);
> + qxl_spice_reset_cursor(d);
> return 1;
> }
>
> @@ -1710,10 +1716,12 @@ static int qxl_post_load(void *opaque, int version)
> cmds[out].group_id = MEMSLOT_GROUP_GUEST;
> out++;
> }
> - cmds[out].cmd.data = d->guest_cursor;
> - cmds[out].cmd.type = QXL_CMD_CURSOR;
> - cmds[out].group_id = MEMSLOT_GROUP_GUEST;
> - out++;
> + if (d->guest_cursor) {
> + cmds[out].cmd.data = d->guest_cursor;
> + cmds[out].cmd.type = QXL_CMD_CURSOR;
> + cmds[out].group_id = MEMSLOT_GROUP_GUEST;
> + out++;
> + }
> qxl_spice_loadvm_commands(d, cmds, out);
> g_free(cmds);
>
> --
> 1.7.6.4
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Qemu-devel] [PATCH] qxl: fix guest cursor tracking
2011-10-18 16:58 [Qemu-devel] [PATCH] qxl: fix guest cursor tracking Yonit Halperin
2011-10-18 17:54 ` Alon Levy
@ 2011-10-19 12:48 ` Gerd Hoffmann
1 sibling, 0 replies; 3+ messages in thread
From: Gerd Hoffmann @ 2011-10-19 12:48 UTC (permalink / raw)
To: Yonit Halperin; +Cc: alevy, qemu-devel, spice-devel
On 10/18/11 18:58, Yonit Halperin wrote:
> (1) If the guest cursor command is empty, don't reload it after migration.
> (2) Cleaning the guest cursor when it is released by
> the spice server. In addition, explicitly reset the
> cursor in spice upon destroying the primary surface
> (was done by spice-server implicitly). This will prevent
> access to pci memory that was released.
Added to spice patch queue.
thanks,
Gerd
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-10-19 12:48 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-10-18 16:58 [Qemu-devel] [PATCH] qxl: fix guest cursor tracking Yonit Halperin
2011-10-18 17:54 ` Alon Levy
2011-10-19 12:48 ` Gerd Hoffmann
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).