diff options
| author | Yonit Halperin <yhalperi@redhat.com> | 2011-10-18 18:58:54 +0200 |
|---|---|---|
| committer | Gerd Hoffmann <kraxel@redhat.com> | 2011-10-25 14:00:54 +0200 |
| commit | 30f6da6656c94964ba8677928588592d9667007e (patch) | |
| tree | ec225acda612000a98d710f11c988654ac95ac89 /hw/qxl.c | |
| parent | 78e60ba53d5bf3c8b59aada8c22c1bd3aed3d344 (diff) | |
| download | qemu-30f6da6656c94964ba8677928588592d9667007e.zip qemu-30f6da6656c94964ba8677928588592d9667007e.tar.gz qemu-30f6da6656c94964ba8677928588592d9667007e.tar.bz2 | |
qxl: fix guest cursor tracking
(1) If the guest cursor command is empty, don't reload it after migration.
(2) Cleaning the guest cursor when it is released by
the spice server. In addition, explicitly reset the
cursor in spice upon destroying the primary surface
(was done by spice-server implicitly). This will prevent
access to pci memory that was released.
RHBZ: 744518
Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Diffstat (limited to 'hw/qxl.c')
| -rw-r--r-- | hw/qxl.c | 16 |
1 files changed, 12 insertions, 4 deletions
@@ -236,6 +236,9 @@ void qxl_spice_reset_image_cache(PCIQXLDevice *qxl) void qxl_spice_reset_cursor(PCIQXLDevice *qxl) { qxl->ssd.worker->reset_cursor(qxl->ssd.worker); + qemu_mutex_lock(&qxl->track_lock); + qxl->guest_cursor = 0; + qemu_mutex_unlock(&qxl->track_lock); } @@ -400,7 +403,9 @@ static void qxl_track_command(PCIQXLDevice *qxl, struct QXLCommandExt *ext) { QXLCursorCmd *cmd = qxl_phys2virt(qxl, ext->cmd.data, ext->group_id); if (cmd->type == QXL_CURSOR_SET) { + qemu_mutex_lock(&qxl->track_lock); qxl->guest_cursor = ext->cmd.data; + qemu_mutex_unlock(&qxl->track_lock); } break; } @@ -1065,6 +1070,7 @@ static int qxl_destroy_primary(PCIQXLDevice *d, qxl_async_io async) d->mode = QXL_MODE_UNDEFINED; qemu_spice_destroy_primary_surface(&d->ssd, 0, async); + qxl_spice_reset_cursor(d); return 1; } @@ -1704,10 +1710,12 @@ static int qxl_post_load(void *opaque, int version) cmds[out].group_id = MEMSLOT_GROUP_GUEST; out++; } - cmds[out].cmd.data = d->guest_cursor; - cmds[out].cmd.type = QXL_CMD_CURSOR; - cmds[out].group_id = MEMSLOT_GROUP_GUEST; - out++; + if (d->guest_cursor) { + cmds[out].cmd.data = d->guest_cursor; + cmds[out].cmd.type = QXL_CMD_CURSOR; + cmds[out].group_id = MEMSLOT_GROUP_GUEST; + out++; + } qxl_spice_loadvm_commands(d, cmds, out); g_free(cmds); |