Blob Blame History Raw
From 319f3876fafc35412bbf0ef6797c6764c95af6f3 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Tue, 21 Mar 2017 09:58:03 +0100
Subject: [PATCH 3/7] cirrus: add option to disable blitter

RH-Author: Gerd Hoffmann <kraxel@redhat.com>
Message-id: <1490090287-1503-4-git-send-email-kraxel@redhat.com>
Patchwork-id: 74424
O-Subject: [RHEL-7.4 qemu-kvm PATCH 3/7] cirrus: add option to disable blitter
Bugzilla: 1430059
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
RH-Acked-by: Laurent Vivier <lvivier@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>

Ok, we have this beast in the cirrus code which is not used at all by
modern guests, except when you try to find security holes in qemu.  So,
add an option to disable blitter altogether.  Guests released within
the last ten years should not show any rendering issues if you turn off
blitter support.

There are no known bugs in the cirrus blitter code.  But in the past we
hoped a few times already that we've finally nailed the last issue.  So
having some easy way to mitigate in case yet another blitter issue shows
up certainly makes me sleep a bit better at night.

For completeness:  The by far better way to mitigate is to switch away
from cirrus and use stdvga instead.  Or something more modern like
virtio-vga in case your guest has support for it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1489494540-15745-1-git-send-email-kraxel@redhat.com
(cherry picked from commit 827bd5172641f2a360ff9a3bad57bcf82e7f03f0)
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>

Conflicts:
	hw/display/cirrus_vga.c
---
 hw/display/cirrus_vga.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index 83cef70..86b4c8b 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -203,6 +203,7 @@ typedef struct CirrusVGAState {
     uint8_t cirrus_hidden_palette[48];
     uint32_t hw_cursor_x;
     uint32_t hw_cursor_y;
+    bool enable_blitter;
     int cirrus_blt_pixelwidth;
     int cirrus_blt_width;
     int cirrus_blt_height;
@@ -954,6 +955,10 @@ static void cirrus_bitblt_start(CirrusVGAState * s)
 {
     uint8_t blt_rop;
 
+    if (!s->enable_blitter) {
+        goto bitblt_ignore;
+    }
+
     s->vga.gr[0x31] |= CIRRUS_BLT_BUSY;
 
     s->cirrus_blt_width = (s->vga.gr[0x20] | (s->vga.gr[0x21] << 8)) + 1;
@@ -2995,6 +3000,8 @@ static int vga_initfn(ISADevice *dev)
 static Property isa_cirrus_vga_properties[] = {
     DEFINE_PROP_UINT32("vgamem_mb", struct ISACirrusVGAState,
                        cirrus_vga.vga.vram_size_mb, 16),
+    DEFINE_PROP_BOOL("blitter", struct ISACirrusVGAState,
+                       cirrus_vga.enable_blitter, true),
     DEFINE_PROP_END_OF_LIST(),
 };
 
@@ -3060,6 +3067,8 @@ static int pci_cirrus_vga_initfn(PCIDevice *dev)
 static Property pci_vga_cirrus_properties[] = {
     DEFINE_PROP_UINT32("vgamem_mb", struct PCICirrusVGAState,
                        cirrus_vga.vga.vram_size_mb, 16),
+    DEFINE_PROP_BOOL("blitter", struct PCICirrusVGAState,
+                     cirrus_vga.enable_blitter, true),
     DEFINE_PROP_END_OF_LIST(),
 };
 
-- 
1.8.3.1