From a87ad12db7a2b9bd2cbee8587d4f4bb359fa7ea5 Mon Sep 17 00:00:00 2001
Message-Id: <a87ad12db7a2b9bd2cbee8587d4f4bb359fa7ea5.1389010971.git.minovotn@redhat.com>
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Thu, 12 Sep 2013 09:17:26 +0200
Subject: [PATCH 1/3] qxl: fix local renderer

RH-Author: Gerd Hoffmann <kraxel@redhat.com>
Message-id: <1378977446-19314-2-git-send-email-kraxel@redhat.com>
Patchwork-id: 54335
O-Subject: [RHEL-6.5 qemu-kvm PATCH 1/1] qxl: fix local renderer
Bugzilla: 1005037
RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
RH-Acked-by: Markus Armbruster <armbru@redhat.com>
RH-Acked-by: Hans de Goede <hdegoede@redhat.com>

The local spice renderer assumes the primary surface is located at the
start of the "ram" bar.  This used to be a requirement in qxl hardware
revision 1.  In revision 2+ this is relaxed.  Nevertheless guest drivers
continued to use the traditional location, for historical and backward
compatibility reasons.  The qxl kms driver doesn't though as it depends
on qxl revision 4+ anyway.

Result is that local rendering is hosed for recent linux guests, you'll
get pixel garbage with non-spice ui (gtk, sdl, vnc) and when doing
screendumps.  Fix that by doing a proper mapping of the guest-specified
memory location.

https://bugzilla.redhat.com/show_bug.cgi?id=948717

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit c58c7b959b93b864a27fd6b3646ee1465ab8832b)

Conflicts:
	hw/qxl-render.c		[ no memory api in rhel6 ]
---
 hw/qxl-render.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

Signed-off-by: Michal Novotny <minovotn@redhat.com>
---
 hw/qxl-render.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/hw/qxl-render.c b/hw/qxl-render.c
index c119a2a..474948d 100644
--- a/hw/qxl-render.c
+++ b/hw/qxl-render.c
@@ -32,10 +32,6 @@ static void qxl_blit(PCIQXLDevice *qxl, QXLRect *rect)
     if (is_buffer_shared(qxl->vga.ds->surface)) {
         return;
     }
-    if (!qxl->guest_primary.data) {
-        trace_qxl_render_blit_guest_primary_initialized();
-        qxl->guest_primary.data = qemu_get_ram_ptr(qxl->vga.vram_offset);
-    }
     trace_qxl_render_blit(qxl->guest_primary.qxl_stride,
             rect->left, rect->right, rect->top, rect->bottom);
     src = qxl->guest_primary.data;
@@ -105,7 +101,12 @@ static void qxl_render_update_area_unlocked(PCIQXLDevice *qxl)
 
     if (qxl->guest_primary.resized) {
         qxl->guest_primary.resized = 0;
-        qxl->guest_primary.data = qemu_get_ram_ptr(qxl->vga.vram_offset);
+        qxl->guest_primary.data = qxl_phys2virt(qxl,
+                                                qxl->guest_primary.surface.mem,
+                                                MEMSLOT_GROUP_GUEST);
+        if (!qxl->guest_primary.data) {
+            return;
+        }
         qxl_set_rect_to_surface(qxl, &qxl->dirty[0]);
         qxl->num_dirty_rects = 1;
         trace_qxl_render_guest_primary_resized(
@@ -132,6 +133,10 @@ static void qxl_render_update_area_unlocked(PCIQXLDevice *qxl)
         }
         dpy_resize(vga->ds);
     }
+
+    if (!qxl->guest_primary.data) {
+        return;
+    }
     for (i = 0; i < qxl->num_dirty_rects; i++) {
         if (qemu_spice_rect_is_empty(qxl->dirty+i)) {
             break;
-- 
1.7.11.7