The 'bochs' display device is a recommended[1] safe option for UEFI
guests. This is supported in libvirt from version 5.6.0; Nova's current
MIN_LIBVIRT_VERSION (6.0.0) satisfies this requirement.
Partially quoting the "bochs display device" section from a post written
by a QEMU graphics maintainer[1]:
[...] Main advantage over standard VGA is that this device is alot
simpler. The code size and complexity needed to emulate this device
is an order of magnitude smaller, resulting in a reduced attack
surface. Another nice feature is that you can place this device in a
PCI Express slot.
For UEFI guests it is safe to use the bochs display device instead
of the standard VGA device. The firmware will setup a linear
framebuffer as GOP anyway and never use any legacy VGA features.
For BIOS guests this device might be useable as well, depending on
whenever they depend on direct VGA hardware access or not. There is
a vgabios which supports text rendering on a linear framebuffer, so
software which uses the vgabios services for text output will
continue to work. Linux bootloaders typically fall into this
category. The linux text mode console (vgacon) uses direct hardware
access and does not work. The framebuffer console (fbcon running on
vesafb or bochs-drm) works.
[1] https://www.kraxel.org/blog/2019/09/display-devices-in-qemu/
Implements: blueprint add-bochs-display-device
Change-Id: Id194028f5d2cbaac1c5e699b71fd9751f87f5da5
Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
c590843974