1 #include "qemu/osdep.h"
2 #include "qapi/error.h"
3 #include "chardev/char.h"
4 #include "qemu/buffer.h"
5 #include "qemu/error-report.h"
6 #include "qemu/option.h"
7 #include "qemu/units.h"
8 #include "hw/qdev-core.h"
9 #include "migration/blocker.h"
10 #include "ui/clipboard.h"
11 #include "ui/console.h"
12 #include "ui/input.h"
13 #include "trace.h"
14
15 #include "qapi/qapi-types-char.h"
16 #include "qapi/qapi-types-ui.h"
17
18 #include "spice/vd_agent.h"
19
20 #define CHECK_SPICE_PROTOCOL_VERSION(major, minor, micro) \
21 (CONFIG_SPICE_PROTOCOL_MAJOR > (major) || \
22 (CONFIG_SPICE_PROTOCOL_MAJOR == (major) && \
23 CONFIG_SPICE_PROTOCOL_MINOR > (minor)) || \
24 (CONFIG_SPICE_PROTOCOL_MAJOR == (major) && \
25 CONFIG_SPICE_PROTOCOL_MINOR == (minor) && \
26 CONFIG_SPICE_PROTOCOL_MICRO >= (micro)))
27
28 #define VDAGENT_BUFFER_LIMIT (1 * MiB)
29 #define VDAGENT_MOUSE_DEFAULT true
30 #define VDAGENT_CLIPBOARD_DEFAULT false
31
32 struct VDAgentChardev {
33 Chardev parent;
34
35 /* TODO: migration isn't yet supported */
36 Error *migration_blocker;
37
38 /* config */
39 bool mouse;
40 bool clipboard;
41
42 /* guest vdagent */
43 uint32_t caps;
44 VDIChunkHeader chunk;
45 uint32_t chunksize;
46 uint8_t *msgbuf;
47 uint32_t msgsize;
48 uint8_t *xbuf;
49 uint32_t xoff, xsize;
50 Buffer outbuf;
51
52 /* mouse */
53 DeviceState mouse_dev;
54 uint32_t mouse_x;
55 uint32_t mouse_y;
56 uint32_t mouse_btn;
57 uint32_t mouse_display;
58 QemuInputHandlerState *mouse_hs;
59
60 /* clipboard */
61 QemuClipboardPeer cbpeer;
62 uint32_t last_serial[QEMU_CLIPBOARD_SELECTION__COUNT];
63 uint32_t cbpending[QEMU_CLIPBOARD_SELECTION__COUNT];
64 };
65 typedef struct VDAgentChardev VDAgentChardev;
66
67 #define TYPE_CHARDEV_QEMU_VDAGENT "chardev-qemu-vdagent"
68
69 DECLARE_INSTANCE_CHECKER(VDAgentChardev, QEMU_VDAGENT_CHARDEV,
70 TYPE_CHARDEV_QEMU_VDAGENT);
71
72 /* ------------------------------------------------------------------ */
73 /* names, for debug logging */
74
75 static const char *cap_name[] = {
76 [VD_AGENT_CAP_MOUSE_STATE] = "mouse-state",
77 [VD_AGENT_CAP_MONITORS_CONFIG] = "monitors-config",
78 [VD_AGENT_CAP_REPLY] = "reply",
79 [VD_AGENT_CAP_CLIPBOARD] = "clipboard",
80 [VD_AGENT_CAP_DISPLAY_CONFIG] = "display-config",
81 [VD_AGENT_CAP_CLIPBOARD_BY_DEMAND] = "clipboard-by-demand",
82 [VD_AGENT_CAP_CLIPBOARD_SELECTION] = "clipboard-selection",
83 [VD_AGENT_CAP_SPARSE_MONITORS_CONFIG] = "sparse-monitors-config",
84 [VD_AGENT_CAP_GUEST_LINEEND_LF] = "guest-lineend-lf",
85 [VD_AGENT_CAP_GUEST_LINEEND_CRLF] = "guest-lineend-crlf",
86 [VD_AGENT_CAP_MAX_CLIPBOARD] = "max-clipboard",
87 [VD_AGENT_CAP_AUDIO_VOLUME_SYNC] = "audio-volume-sync",
88 [VD_AGENT_CAP_MONITORS_CONFIG_POSITION] = "monitors-config-position",
89 [VD_AGENT_CAP_FILE_XFER_DISABLED] = "file-xfer-disabled",
90 [VD_AGENT_CAP_FILE_XFER_DETAILED_ERRORS] = "file-xfer-detailed-errors",
91 [VD_AGENT_CAP_GRAPHICS_DEVICE_INFO] = "graphics-device-info",
92 #if CHECK_SPICE_PROTOCOL_VERSION(0, 14, 1)
93 [VD_AGENT_CAP_CLIPBOARD_NO_RELEASE_ON_REGRAB] = "clipboard-no-release-on-regrab",
94 [VD_AGENT_CAP_CLIPBOARD_GRAB_SERIAL] = "clipboard-grab-serial",
95 #endif
96 };
97
98 static const char *msg_name[] = {
99 [VD_AGENT_MOUSE_STATE] = "mouse-state",
100 [VD_AGENT_MONITORS_CONFIG] = "monitors-config",
101 [VD_AGENT_REPLY] = "reply",
102 [VD_AGENT_CLIPBOARD] = "clipboard",
103 [VD_AGENT_DISPLAY_CONFIG] = "display-config",
104 [VD_AGENT_ANNOUNCE_CAPABILITIES] = "announce-capabilities",
105 [VD_AGENT_CLIPBOARD_GRAB] = "clipboard-grab",
106 [VD_AGENT_CLIPBOARD_REQUEST] = "clipboard-request",
107 [VD_AGENT_CLIPBOARD_RELEASE] = "clipboard-release",
108 [VD_AGENT_FILE_XFER_START] = "file-xfer-start",
109 [VD_AGENT_FILE_XFER_STATUS] = "file-xfer-status",
110 [VD_AGENT_FILE_XFER_DATA] = "file-xfer-data",
111 [VD_AGENT_CLIENT_DISCONNECTED] = "client-disconnected",
112 [VD_AGENT_MAX_CLIPBOARD] = "max-clipboard",
113 [VD_AGENT_AUDIO_VOLUME_SYNC] = "audio-volume-sync",
114 [VD_AGENT_GRAPHICS_DEVICE_INFO] = "graphics-device-info",
115 };
116
117 static const char *sel_name[] = {
118 [VD_AGENT_CLIPBOARD_SELECTION_CLIPBOARD] = "clipboard",
119 [VD_AGENT_CLIPBOARD_SELECTION_PRIMARY] = "primary",
120 [VD_AGENT_CLIPBOARD_SELECTION_SECONDARY] = "secondary",
121 };
122
123 static const char *type_name[] = {
124 [VD_AGENT_CLIPBOARD_NONE] = "none",
125 [VD_AGENT_CLIPBOARD_UTF8_TEXT] = "text",
126 [VD_AGENT_CLIPBOARD_IMAGE_PNG] = "png",
127 [VD_AGENT_CLIPBOARD_IMAGE_BMP] = "bmp",
128 [VD_AGENT_CLIPBOARD_IMAGE_TIFF] = "tiff",
129 [VD_AGENT_CLIPBOARD_IMAGE_JPG] = "jpg",
130 #if CHECK_SPICE_PROTOCOL_VERSION(0, 14, 3)
131 [VD_AGENT_CLIPBOARD_FILE_LIST] = "files",
132 #endif
133 };
134
135 #define GET_NAME(_m, _v) \
136 (((_v) < ARRAY_SIZE(_m) && (_m[_v])) ? (_m[_v]) : "???")
137
138 /* ------------------------------------------------------------------ */
139 /* send messages */
140
vdagent_send_buf(VDAgentChardev * vd)141 static void vdagent_send_buf(VDAgentChardev *vd)
142 {
143 uint32_t len;
144
145 while (!buffer_empty(&vd->outbuf)) {
146 len = qemu_chr_be_can_write(CHARDEV(vd));
147 if (len == 0) {
148 return;
149 }
150 if (len > vd->outbuf.offset) {
151 len = vd->outbuf.offset;
152 }
153 qemu_chr_be_write(CHARDEV(vd), vd->outbuf.buffer, len);
154 buffer_advance(&vd->outbuf, len);
155 }
156 }
157
vdagent_send_msg(VDAgentChardev * vd,VDAgentMessage * msg)158 static void vdagent_send_msg(VDAgentChardev *vd, VDAgentMessage *msg)
159 {
160 uint8_t *msgbuf = (void *)msg;
161 uint32_t msgsize = sizeof(VDAgentMessage) + msg->size;
162 uint32_t msgoff = 0;
163 VDIChunkHeader chunk;
164
165 trace_vdagent_send(GET_NAME(msg_name, msg->type));
166
167 msg->protocol = VD_AGENT_PROTOCOL;
168
169 if (vd->outbuf.offset + msgsize > VDAGENT_BUFFER_LIMIT) {
170 error_report("buffer full, dropping message");
171 return;
172 }
173
174 while (msgoff < msgsize) {
175 chunk.port = VDP_CLIENT_PORT;
176 chunk.size = msgsize - msgoff;
177 if (chunk.size > 1024) {
178 chunk.size = 1024;
179 }
180 buffer_reserve(&vd->outbuf, sizeof(chunk) + chunk.size);
181 buffer_append(&vd->outbuf, &chunk, sizeof(chunk));
182 buffer_append(&vd->outbuf, msgbuf + msgoff, chunk.size);
183 msgoff += chunk.size;
184 }
185 vdagent_send_buf(vd);
186 }
187
vdagent_send_caps(VDAgentChardev * vd,bool request)188 static void vdagent_send_caps(VDAgentChardev *vd, bool request)
189 {
190 g_autofree VDAgentMessage *msg = g_malloc0(sizeof(VDAgentMessage) +
191 sizeof(VDAgentAnnounceCapabilities) +
192 sizeof(uint32_t));
193 VDAgentAnnounceCapabilities *caps = (void *)msg->data;
194
195 msg->type = VD_AGENT_ANNOUNCE_CAPABILITIES;
196 msg->size = sizeof(VDAgentAnnounceCapabilities) + sizeof(uint32_t);
197 if (vd->mouse) {
198 caps->caps[0] |= (1 << VD_AGENT_CAP_MOUSE_STATE);
199 }
200 if (vd->clipboard) {
201 caps->caps[0] |= (1 << VD_AGENT_CAP_CLIPBOARD_BY_DEMAND);
202 caps->caps[0] |= (1 << VD_AGENT_CAP_CLIPBOARD_SELECTION);
203 #if CHECK_SPICE_PROTOCOL_VERSION(0, 14, 1)
204 caps->caps[0] |= (1 << VD_AGENT_CAP_CLIPBOARD_GRAB_SERIAL);
205 #endif
206 }
207
208 caps->request = request;
209 vdagent_send_msg(vd, msg);
210 }
211
212 /* ------------------------------------------------------------------ */
213 /* mouse events */
214
have_mouse(VDAgentChardev * vd)215 static bool have_mouse(VDAgentChardev *vd)
216 {
217 return vd->mouse &&
218 (vd->caps & (1 << VD_AGENT_CAP_MOUSE_STATE));
219 }
220
vdagent_send_mouse(VDAgentChardev * vd)221 static void vdagent_send_mouse(VDAgentChardev *vd)
222 {
223 g_autofree VDAgentMessage *msg = g_malloc0(sizeof(VDAgentMessage) +
224 sizeof(VDAgentMouseState));
225 VDAgentMouseState *mouse = (void *)msg->data;
226
227 msg->type = VD_AGENT_MOUSE_STATE;
228 msg->size = sizeof(VDAgentMouseState);
229
230 mouse->x = vd->mouse_x;
231 mouse->y = vd->mouse_y;
232 mouse->buttons = vd->mouse_btn;
233 mouse->display_id = vd->mouse_display;
234
235 vdagent_send_msg(vd, msg);
236 }
237
vdagent_pointer_event(DeviceState * dev,QemuConsole * src,InputEvent * evt)238 static void vdagent_pointer_event(DeviceState *dev, QemuConsole *src,
239 InputEvent *evt)
240 {
241 static const int bmap[INPUT_BUTTON__MAX] = {
242 [INPUT_BUTTON_LEFT] = VD_AGENT_LBUTTON_MASK,
243 [INPUT_BUTTON_RIGHT] = VD_AGENT_RBUTTON_MASK,
244 [INPUT_BUTTON_MIDDLE] = VD_AGENT_MBUTTON_MASK,
245 [INPUT_BUTTON_WHEEL_UP] = VD_AGENT_UBUTTON_MASK,
246 [INPUT_BUTTON_WHEEL_DOWN] = VD_AGENT_DBUTTON_MASK,
247 #ifdef VD_AGENT_EBUTTON_MASK
248 [INPUT_BUTTON_SIDE] = VD_AGENT_SBUTTON_MASK,
249 [INPUT_BUTTON_EXTRA] = VD_AGENT_EBUTTON_MASK,
250 #endif
251 };
252
253 VDAgentChardev *vd = container_of(dev, struct VDAgentChardev, mouse_dev);
254 InputMoveEvent *move;
255 InputBtnEvent *btn;
256 uint32_t xres, yres;
257
258 switch (evt->type) {
259 case INPUT_EVENT_KIND_ABS:
260 move = evt->u.abs.data;
261 xres = qemu_console_get_width(src, 1024);
262 yres = qemu_console_get_height(src, 768);
263 if (move->axis == INPUT_AXIS_X) {
264 vd->mouse_x = qemu_input_scale_axis(move->value,
265 INPUT_EVENT_ABS_MIN,
266 INPUT_EVENT_ABS_MAX,
267 0, xres);
268 } else if (move->axis == INPUT_AXIS_Y) {
269 vd->mouse_y = qemu_input_scale_axis(move->value,
270 INPUT_EVENT_ABS_MIN,
271 INPUT_EVENT_ABS_MAX,
272 0, yres);
273 }
274 vd->mouse_display = qemu_console_get_index(src);
275 break;
276
277 case INPUT_EVENT_KIND_BTN:
278 btn = evt->u.btn.data;
279 if (btn->down) {
280 vd->mouse_btn |= bmap[btn->button];
281 } else {
282 vd->mouse_btn &= ~bmap[btn->button];
283 }
284 break;
285
286 default:
287 /* keep gcc happy */
288 break;
289 }
290 }
291
vdagent_pointer_sync(DeviceState * dev)292 static void vdagent_pointer_sync(DeviceState *dev)
293 {
294 VDAgentChardev *vd = container_of(dev, struct VDAgentChardev, mouse_dev);
295
296 if (vd->caps & (1 << VD_AGENT_CAP_MOUSE_STATE)) {
297 vdagent_send_mouse(vd);
298 }
299 }
300
301 static const QemuInputHandler vdagent_mouse_handler = {
302 .name = "vdagent mouse",
303 .mask = INPUT_EVENT_MASK_BTN | INPUT_EVENT_MASK_ABS,
304 .event = vdagent_pointer_event,
305 .sync = vdagent_pointer_sync,
306 };
307
308 /* ------------------------------------------------------------------ */
309 /* clipboard */
310
have_clipboard(VDAgentChardev * vd)311 static bool have_clipboard(VDAgentChardev *vd)
312 {
313 return vd->clipboard &&
314 (vd->caps & (1 << VD_AGENT_CAP_CLIPBOARD_BY_DEMAND));
315 }
316
have_selection(VDAgentChardev * vd)317 static bool have_selection(VDAgentChardev *vd)
318 {
319 return vd->caps & (1 << VD_AGENT_CAP_CLIPBOARD_SELECTION);
320 }
321
type_qemu_to_vdagent(enum QemuClipboardType type)322 static uint32_t type_qemu_to_vdagent(enum QemuClipboardType type)
323 {
324 switch (type) {
325 case QEMU_CLIPBOARD_TYPE_TEXT:
326 return VD_AGENT_CLIPBOARD_UTF8_TEXT;
327 default:
328 return VD_AGENT_CLIPBOARD_NONE;
329 }
330 }
331
vdagent_send_clipboard_grab(VDAgentChardev * vd,QemuClipboardInfo * info)332 static void vdagent_send_clipboard_grab(VDAgentChardev *vd,
333 QemuClipboardInfo *info)
334 {
335 g_autofree VDAgentMessage *msg =
336 g_malloc0(sizeof(VDAgentMessage) +
337 sizeof(uint32_t) * (QEMU_CLIPBOARD_TYPE__COUNT + 1) +
338 sizeof(uint32_t));
339 uint8_t *s = msg->data;
340 uint32_t *data = (uint32_t *)msg->data;
341 uint32_t q, type;
342
343 if (have_selection(vd)) {
344 *s = info->selection;
345 data++;
346 msg->size += sizeof(uint32_t);
347 } else if (info->selection != QEMU_CLIPBOARD_SELECTION_CLIPBOARD) {
348 return;
349 }
350
351 #if CHECK_SPICE_PROTOCOL_VERSION(0, 14, 1)
352 if (vd->caps & (1 << VD_AGENT_CAP_CLIPBOARD_GRAB_SERIAL)) {
353 if (!info->has_serial) {
354 /* client should win */
355 info->serial = vd->last_serial[info->selection]++;
356 info->has_serial = true;
357 }
358 *data = info->serial;
359 data++;
360 msg->size += sizeof(uint32_t);
361 }
362 #endif
363
364 for (q = 0; q < QEMU_CLIPBOARD_TYPE__COUNT; q++) {
365 type = type_qemu_to_vdagent(q);
366 if (type != VD_AGENT_CLIPBOARD_NONE && info->types[q].available) {
367 *data = type;
368 data++;
369 msg->size += sizeof(uint32_t);
370 }
371 }
372
373 msg->type = VD_AGENT_CLIPBOARD_GRAB;
374 vdagent_send_msg(vd, msg);
375 }
376
vdagent_send_clipboard_release(VDAgentChardev * vd,QemuClipboardInfo * info)377 static void vdagent_send_clipboard_release(VDAgentChardev *vd,
378 QemuClipboardInfo *info)
379 {
380 g_autofree VDAgentMessage *msg = g_malloc0(sizeof(VDAgentMessage) +
381 sizeof(uint32_t));
382
383 if (have_selection(vd)) {
384 uint8_t *s = msg->data;
385 *s = info->selection;
386 msg->size += sizeof(uint32_t);
387 } else if (info->selection != QEMU_CLIPBOARD_SELECTION_CLIPBOARD) {
388 return;
389 }
390
391 msg->type = VD_AGENT_CLIPBOARD_RELEASE;
392 vdagent_send_msg(vd, msg);
393 }
394
vdagent_send_clipboard_data(VDAgentChardev * vd,QemuClipboardInfo * info,QemuClipboardType type)395 static void vdagent_send_clipboard_data(VDAgentChardev *vd,
396 QemuClipboardInfo *info,
397 QemuClipboardType type)
398 {
399 g_autofree VDAgentMessage *msg = g_malloc0(sizeof(VDAgentMessage) +
400 sizeof(uint32_t) * 2 +
401 info->types[type].size);
402
403 uint8_t *s = msg->data;
404 uint32_t *data = (uint32_t *)msg->data;
405
406 if (have_selection(vd)) {
407 *s = info->selection;
408 data++;
409 msg->size += sizeof(uint32_t);
410 } else if (info->selection != QEMU_CLIPBOARD_SELECTION_CLIPBOARD) {
411 return;
412 }
413
414 *data = type_qemu_to_vdagent(type);
415 data++;
416 msg->size += sizeof(uint32_t);
417
418 memcpy(data, info->types[type].data, info->types[type].size);
419 msg->size += info->types[type].size;
420
421 msg->type = VD_AGENT_CLIPBOARD;
422 vdagent_send_msg(vd, msg);
423 }
424
vdagent_send_empty_clipboard_data(VDAgentChardev * vd,QemuClipboardSelection selection,QemuClipboardType type)425 static void vdagent_send_empty_clipboard_data(VDAgentChardev *vd,
426 QemuClipboardSelection selection,
427 QemuClipboardType type)
428 {
429 g_autoptr(QemuClipboardInfo) info = qemu_clipboard_info_new(&vd->cbpeer, selection);
430
431 trace_vdagent_send_empty_clipboard();
432 vdagent_send_clipboard_data(vd, info, type);
433 }
434
vdagent_clipboard_update_info(VDAgentChardev * vd,QemuClipboardInfo * info)435 static void vdagent_clipboard_update_info(VDAgentChardev *vd,
436 QemuClipboardInfo *info)
437 {
438 QemuClipboardSelection s = info->selection;
439 QemuClipboardType type;
440 bool self_update = info->owner == &vd->cbpeer;
441
442 if (info != qemu_clipboard_info(s)) {
443 vd->cbpending[s] = 0;
444 if (!self_update) {
445 if (info->owner) {
446 vdagent_send_clipboard_grab(vd, info);
447 } else {
448 vdagent_send_clipboard_release(vd, info);
449 }
450 }
451 return;
452 }
453
454 if (self_update) {
455 return;
456 }
457
458 for (type = 0; type < QEMU_CLIPBOARD_TYPE__COUNT; type++) {
459 if (vd->cbpending[s] & (1 << type)) {
460 vd->cbpending[s] &= ~(1 << type);
461 vdagent_send_clipboard_data(vd, info, type);
462 }
463 }
464 }
465
vdagent_clipboard_reset_serial(VDAgentChardev * vd)466 static void vdagent_clipboard_reset_serial(VDAgentChardev *vd)
467 {
468 Chardev *chr = CHARDEV(vd);
469
470 /* reopen the agent connection to reset the serial state */
471 qemu_chr_be_event(chr, CHR_EVENT_CLOSED);
472 /* OPENED again after the guest disconnected, see set_fe_open */
473 }
474
vdagent_clipboard_notify(Notifier * notifier,void * data)475 static void vdagent_clipboard_notify(Notifier *notifier, void *data)
476 {
477 VDAgentChardev *vd =
478 container_of(notifier, VDAgentChardev, cbpeer.notifier);
479 QemuClipboardNotify *notify = data;
480
481 switch (notify->type) {
482 case QEMU_CLIPBOARD_UPDATE_INFO:
483 vdagent_clipboard_update_info(vd, notify->info);
484 return;
485 case QEMU_CLIPBOARD_RESET_SERIAL:
486 vdagent_clipboard_reset_serial(vd);
487 return;
488 }
489 }
490
vdagent_clipboard_request(QemuClipboardInfo * info,QemuClipboardType qtype)491 static void vdagent_clipboard_request(QemuClipboardInfo *info,
492 QemuClipboardType qtype)
493 {
494 VDAgentChardev *vd = container_of(info->owner, VDAgentChardev, cbpeer);
495 g_autofree VDAgentMessage *msg = g_malloc0(sizeof(VDAgentMessage) +
496 sizeof(uint32_t) * 2);
497 uint32_t type = type_qemu_to_vdagent(qtype);
498 uint8_t *s = msg->data;
499 uint32_t *data = (uint32_t *)msg->data;
500
501 if (type == VD_AGENT_CLIPBOARD_NONE) {
502 return;
503 }
504
505 if (have_selection(vd)) {
506 *s = info->selection;
507 data++;
508 msg->size += sizeof(uint32_t);
509 }
510
511 *data = type;
512 msg->size += sizeof(uint32_t);
513
514 msg->type = VD_AGENT_CLIPBOARD_REQUEST;
515 vdagent_send_msg(vd, msg);
516 }
517
vdagent_clipboard_recv_grab(VDAgentChardev * vd,uint8_t s,uint32_t size,void * data)518 static void vdagent_clipboard_recv_grab(VDAgentChardev *vd, uint8_t s, uint32_t size, void *data)
519 {
520 g_autoptr(QemuClipboardInfo) info = NULL;
521
522 trace_vdagent_cb_grab_selection(GET_NAME(sel_name, s));
523 info = qemu_clipboard_info_new(&vd->cbpeer, s);
524 #if CHECK_SPICE_PROTOCOL_VERSION(0, 14, 1)
525 if (vd->caps & (1 << VD_AGENT_CAP_CLIPBOARD_GRAB_SERIAL)) {
526 if (size < sizeof(uint32_t)) {
527 /* this shouldn't happen! */
528 return;
529 }
530
531 info->has_serial = true;
532 info->serial = *(uint32_t *)data;
533 if (info->serial < vd->last_serial[s]) {
534 trace_vdagent_cb_grab_discard(GET_NAME(sel_name, s),
535 vd->last_serial[s], info->serial);
536 /* discard lower-ordering guest grab */
537 return;
538 }
539 vd->last_serial[s] = info->serial;
540 data += sizeof(uint32_t);
541 size -= sizeof(uint32_t);
542 }
543 #endif
544 if (size > sizeof(uint32_t) * 10) {
545 /*
546 * spice has 6 types as of 2021. Limiting to 10 entries
547 * so we have some wiggle room.
548 */
549 return;
550 }
551 while (size >= sizeof(uint32_t)) {
552 trace_vdagent_cb_grab_type(GET_NAME(type_name, *(uint32_t *)data));
553 switch (*(uint32_t *)data) {
554 case VD_AGENT_CLIPBOARD_UTF8_TEXT:
555 info->types[QEMU_CLIPBOARD_TYPE_TEXT].available = true;
556 break;
557 default:
558 break;
559 }
560 data += sizeof(uint32_t);
561 size -= sizeof(uint32_t);
562 }
563 qemu_clipboard_update(info);
564 }
565
vdagent_clipboard_recv_request(VDAgentChardev * vd,uint8_t s,uint32_t size,void * data)566 static void vdagent_clipboard_recv_request(VDAgentChardev *vd, uint8_t s, uint32_t size, void *data)
567 {
568 QemuClipboardType type;
569 QemuClipboardInfo *info;
570
571 if (size < sizeof(uint32_t)) {
572 return;
573 }
574 switch (*(uint32_t *)data) {
575 case VD_AGENT_CLIPBOARD_UTF8_TEXT:
576 type = QEMU_CLIPBOARD_TYPE_TEXT;
577 break;
578 default:
579 return;
580 }
581
582 info = qemu_clipboard_info(s);
583 if (info && info->types[type].available && info->owner != &vd->cbpeer) {
584 if (info->types[type].data) {
585 vdagent_send_clipboard_data(vd, info, type);
586 } else {
587 vd->cbpending[s] |= (1 << type);
588 qemu_clipboard_request(info, type);
589 }
590 } else {
591 vdagent_send_empty_clipboard_data(vd, s, type);
592 }
593 }
594
vdagent_clipboard_recv_data(VDAgentChardev * vd,uint8_t s,uint32_t size,void * data)595 static void vdagent_clipboard_recv_data(VDAgentChardev *vd, uint8_t s, uint32_t size, void *data)
596 {
597 QemuClipboardType type;
598
599 if (size < sizeof(uint32_t)) {
600 return;
601 }
602 switch (*(uint32_t *)data) {
603 case VD_AGENT_CLIPBOARD_UTF8_TEXT:
604 type = QEMU_CLIPBOARD_TYPE_TEXT;
605 break;
606 default:
607 return;
608 }
609 data += 4;
610 size -= 4;
611
612 if (qemu_clipboard_peer_owns(&vd->cbpeer, s)) {
613 qemu_clipboard_set_data(&vd->cbpeer, qemu_clipboard_info(s),
614 type, size, data, true);
615 }
616 }
617
vdagent_clipboard_recv_release(VDAgentChardev * vd,uint8_t s)618 static void vdagent_clipboard_recv_release(VDAgentChardev *vd, uint8_t s)
619 {
620 qemu_clipboard_peer_release(&vd->cbpeer, s);
621 }
622
vdagent_chr_recv_clipboard(VDAgentChardev * vd,VDAgentMessage * msg)623 static void vdagent_chr_recv_clipboard(VDAgentChardev *vd, VDAgentMessage *msg)
624 {
625 uint8_t s = VD_AGENT_CLIPBOARD_SELECTION_CLIPBOARD;
626 uint32_t size = msg->size;
627 void *data = msg->data;
628
629 if (have_selection(vd)) {
630 if (size < 4) {
631 return;
632 }
633 s = *(uint8_t *)data;
634 if (s >= QEMU_CLIPBOARD_SELECTION__COUNT) {
635 return;
636 }
637 data += 4;
638 size -= 4;
639 }
640
641 switch (msg->type) {
642 case VD_AGENT_CLIPBOARD_GRAB:
643 return vdagent_clipboard_recv_grab(vd, s, size, data);
644 case VD_AGENT_CLIPBOARD_REQUEST:
645 return vdagent_clipboard_recv_request(vd, s, size, data);
646 case VD_AGENT_CLIPBOARD: /* data */
647 return vdagent_clipboard_recv_data(vd, s, size, data);
648 case VD_AGENT_CLIPBOARD_RELEASE:
649 return vdagent_clipboard_recv_release(vd, s);
650 default:
651 g_assert_not_reached();
652 }
653 }
654
655 /* ------------------------------------------------------------------ */
656 /* chardev backend */
657
vdagent_chr_open(Chardev * chr,ChardevBackend * backend,bool * be_opened,Error ** errp)658 static void vdagent_chr_open(Chardev *chr,
659 ChardevBackend *backend,
660 bool *be_opened,
661 Error **errp)
662 {
663 VDAgentChardev *vd = QEMU_VDAGENT_CHARDEV(chr);
664 ChardevQemuVDAgent *cfg = backend->u.qemu_vdagent.data;
665
666 #if HOST_BIG_ENDIAN
667 /*
668 * TODO: vdagent protocol is defined to be LE,
669 * so we have to byteswap everything on BE hosts.
670 */
671 error_setg(errp, "vdagent is not supported on bigendian hosts");
672 return;
673 #endif
674
675 if (migrate_add_blocker(&vd->migration_blocker, errp) != 0) {
676 return;
677 }
678
679 vd->mouse = VDAGENT_MOUSE_DEFAULT;
680 if (cfg->has_mouse) {
681 vd->mouse = cfg->mouse;
682 }
683
684 vd->clipboard = VDAGENT_CLIPBOARD_DEFAULT;
685 if (cfg->has_clipboard) {
686 vd->clipboard = cfg->clipboard;
687 }
688
689 if (vd->mouse) {
690 vd->mouse_hs = qemu_input_handler_register(&vd->mouse_dev,
691 &vdagent_mouse_handler);
692 }
693
694 *be_opened = true;
695 }
696
vdagent_chr_recv_caps(VDAgentChardev * vd,VDAgentMessage * msg)697 static void vdagent_chr_recv_caps(VDAgentChardev *vd, VDAgentMessage *msg)
698 {
699 VDAgentAnnounceCapabilities *caps = (void *)msg->data;
700 int i;
701
702 if (msg->size < (sizeof(VDAgentAnnounceCapabilities) +
703 sizeof(uint32_t))) {
704 return;
705 }
706
707 for (i = 0; i < ARRAY_SIZE(cap_name); i++) {
708 if (caps->caps[0] & (1 << i)) {
709 trace_vdagent_peer_cap(GET_NAME(cap_name, i));
710 }
711 }
712
713 vd->caps = caps->caps[0];
714 if (caps->request) {
715 vdagent_send_caps(vd, false);
716 }
717 if (have_mouse(vd) && vd->mouse_hs) {
718 qemu_input_handler_activate(vd->mouse_hs);
719 }
720
721 memset(vd->last_serial, 0, sizeof(vd->last_serial));
722
723 if (have_clipboard(vd) && vd->cbpeer.notifier.notify == NULL) {
724 qemu_clipboard_reset_serial();
725
726 vd->cbpeer.name = "vdagent";
727 vd->cbpeer.notifier.notify = vdagent_clipboard_notify;
728 vd->cbpeer.request = vdagent_clipboard_request;
729 qemu_clipboard_peer_register(&vd->cbpeer);
730 }
731 }
732
vdagent_chr_recv_msg(VDAgentChardev * vd,VDAgentMessage * msg)733 static void vdagent_chr_recv_msg(VDAgentChardev *vd, VDAgentMessage *msg)
734 {
735 trace_vdagent_recv_msg(GET_NAME(msg_name, msg->type), msg->size);
736
737 switch (msg->type) {
738 case VD_AGENT_ANNOUNCE_CAPABILITIES:
739 vdagent_chr_recv_caps(vd, msg);
740 break;
741 case VD_AGENT_CLIPBOARD:
742 case VD_AGENT_CLIPBOARD_GRAB:
743 case VD_AGENT_CLIPBOARD_REQUEST:
744 case VD_AGENT_CLIPBOARD_RELEASE:
745 if (have_clipboard(vd)) {
746 vdagent_chr_recv_clipboard(vd, msg);
747 }
748 break;
749 default:
750 break;
751 }
752 }
753
vdagent_reset_xbuf(VDAgentChardev * vd)754 static void vdagent_reset_xbuf(VDAgentChardev *vd)
755 {
756 g_clear_pointer(&vd->xbuf, g_free);
757 vd->xoff = 0;
758 vd->xsize = 0;
759 }
760
vdagent_chr_recv_chunk(VDAgentChardev * vd)761 static void vdagent_chr_recv_chunk(VDAgentChardev *vd)
762 {
763 VDAgentMessage *msg = (void *)vd->msgbuf;
764
765 if (!vd->xsize) {
766 if (vd->msgsize < sizeof(*msg)) {
767 error_report("%s: message too small: %d < %zd", __func__,
768 vd->msgsize, sizeof(*msg));
769 return;
770 }
771 if (vd->msgsize == msg->size + sizeof(*msg)) {
772 vdagent_chr_recv_msg(vd, msg);
773 return;
774 }
775 }
776
777 if (!vd->xsize) {
778 vd->xsize = msg->size + sizeof(*msg);
779 vd->xbuf = g_malloc0(vd->xsize);
780 }
781
782 if (vd->xoff + vd->msgsize > vd->xsize) {
783 error_report("%s: Oops: %d+%d > %d", __func__,
784 vd->xoff, vd->msgsize, vd->xsize);
785 vdagent_reset_xbuf(vd);
786 return;
787 }
788
789 memcpy(vd->xbuf + vd->xoff, vd->msgbuf, vd->msgsize);
790 vd->xoff += vd->msgsize;
791 if (vd->xoff < vd->xsize) {
792 return;
793 }
794
795 msg = (void *)vd->xbuf;
796 vdagent_chr_recv_msg(vd, msg);
797 vdagent_reset_xbuf(vd);
798 }
799
vdagent_reset_bufs(VDAgentChardev * vd)800 static void vdagent_reset_bufs(VDAgentChardev *vd)
801 {
802 memset(&vd->chunk, 0, sizeof(vd->chunk));
803 vd->chunksize = 0;
804 g_free(vd->msgbuf);
805 vd->msgbuf = NULL;
806 vd->msgsize = 0;
807 }
808
vdagent_chr_write(Chardev * chr,const uint8_t * buf,int len)809 static int vdagent_chr_write(Chardev *chr, const uint8_t *buf, int len)
810 {
811 VDAgentChardev *vd = QEMU_VDAGENT_CHARDEV(chr);
812 uint32_t copy, ret = len;
813
814 while (len) {
815 if (vd->chunksize < sizeof(vd->chunk)) {
816 copy = sizeof(vd->chunk) - vd->chunksize;
817 if (copy > len) {
818 copy = len;
819 }
820 memcpy((void *)(&vd->chunk) + vd->chunksize, buf, copy);
821 vd->chunksize += copy;
822 buf += copy;
823 len -= copy;
824 if (vd->chunksize < sizeof(vd->chunk)) {
825 break;
826 }
827
828 assert(vd->msgbuf == NULL);
829 vd->msgbuf = g_malloc0(vd->chunk.size);
830 }
831
832 copy = vd->chunk.size - vd->msgsize;
833 if (copy > len) {
834 copy = len;
835 }
836 memcpy(vd->msgbuf + vd->msgsize, buf, copy);
837 vd->msgsize += copy;
838 buf += copy;
839 len -= copy;
840
841 if (vd->msgsize == vd->chunk.size) {
842 trace_vdagent_recv_chunk(vd->chunk.size);
843 vdagent_chr_recv_chunk(vd);
844 vdagent_reset_bufs(vd);
845 }
846 }
847
848 return ret;
849 }
850
vdagent_chr_accept_input(Chardev * chr)851 static void vdagent_chr_accept_input(Chardev *chr)
852 {
853 VDAgentChardev *vd = QEMU_VDAGENT_CHARDEV(chr);
854
855 vdagent_send_buf(vd);
856 }
857
vdagent_disconnect(VDAgentChardev * vd)858 static void vdagent_disconnect(VDAgentChardev *vd)
859 {
860 trace_vdagent_disconnect();
861
862 buffer_reset(&vd->outbuf);
863 vdagent_reset_bufs(vd);
864 vd->caps = 0;
865 if (vd->mouse_hs) {
866 qemu_input_handler_deactivate(vd->mouse_hs);
867 }
868 if (vd->cbpeer.notifier.notify) {
869 qemu_clipboard_peer_unregister(&vd->cbpeer);
870 memset(&vd->cbpeer, 0, sizeof(vd->cbpeer));
871 }
872 }
873
vdagent_chr_set_fe_open(struct Chardev * chr,int fe_open)874 static void vdagent_chr_set_fe_open(struct Chardev *chr, int fe_open)
875 {
876 VDAgentChardev *vd = QEMU_VDAGENT_CHARDEV(chr);
877
878 trace_vdagent_fe_open(fe_open);
879
880 if (!fe_open) {
881 trace_vdagent_close();
882 vdagent_disconnect(vd);
883 /* To reset_serial, we CLOSED our side. Make sure the other end knows we
884 * are ready again. */
885 qemu_chr_be_event(chr, CHR_EVENT_OPENED);
886 return;
887 }
888
889 vdagent_send_caps(vd, true);
890 }
891
vdagent_chr_parse(QemuOpts * opts,ChardevBackend * backend,Error ** errp)892 static void vdagent_chr_parse(QemuOpts *opts, ChardevBackend *backend,
893 Error **errp)
894 {
895 ChardevQemuVDAgent *cfg;
896
897 backend->type = CHARDEV_BACKEND_KIND_QEMU_VDAGENT;
898 cfg = backend->u.qemu_vdagent.data = g_new0(ChardevQemuVDAgent, 1);
899 qemu_chr_parse_common(opts, qapi_ChardevQemuVDAgent_base(cfg));
900 cfg->has_mouse = true;
901 cfg->mouse = qemu_opt_get_bool(opts, "mouse", VDAGENT_MOUSE_DEFAULT);
902 cfg->has_clipboard = true;
903 cfg->clipboard = qemu_opt_get_bool(opts, "clipboard", VDAGENT_CLIPBOARD_DEFAULT);
904 }
905
906 /* ------------------------------------------------------------------ */
907
vdagent_chr_class_init(ObjectClass * oc,void * data)908 static void vdagent_chr_class_init(ObjectClass *oc, void *data)
909 {
910 ChardevClass *cc = CHARDEV_CLASS(oc);
911
912 cc->parse = vdagent_chr_parse;
913 cc->open = vdagent_chr_open;
914 cc->chr_write = vdagent_chr_write;
915 cc->chr_set_fe_open = vdagent_chr_set_fe_open;
916 cc->chr_accept_input = vdagent_chr_accept_input;
917 }
918
vdagent_chr_init(Object * obj)919 static void vdagent_chr_init(Object *obj)
920 {
921 VDAgentChardev *vd = QEMU_VDAGENT_CHARDEV(obj);
922
923 buffer_init(&vd->outbuf, "vdagent-outbuf");
924 error_setg(&vd->migration_blocker,
925 "The vdagent chardev doesn't yet support migration");
926 }
927
vdagent_chr_fini(Object * obj)928 static void vdagent_chr_fini(Object *obj)
929 {
930 VDAgentChardev *vd = QEMU_VDAGENT_CHARDEV(obj);
931
932 migrate_del_blocker(&vd->migration_blocker);
933 vdagent_disconnect(vd);
934 if (vd->mouse_hs) {
935 qemu_input_handler_unregister(vd->mouse_hs);
936 }
937 buffer_free(&vd->outbuf);
938 }
939
940 static const TypeInfo vdagent_chr_type_info = {
941 .name = TYPE_CHARDEV_QEMU_VDAGENT,
942 .parent = TYPE_CHARDEV,
943 .instance_size = sizeof(VDAgentChardev),
944 .instance_init = vdagent_chr_init,
945 .instance_finalize = vdagent_chr_fini,
946 .class_init = vdagent_chr_class_init,
947 };
948
register_types(void)949 static void register_types(void)
950 {
951 type_register_static(&vdagent_chr_type_info);
952 }
953
954 type_init(register_types);
955