xref: /openbmc/qemu/ui/vdagent.c (revision f9bcb2d68496a8fa620443edacb27cad1acc1492)
1  #include "qemu/osdep.h"
2  #include "qapi/error.h"
3  #include "chardev/char.h"
4  #include "qemu/buffer.h"
5  #include "qemu/option.h"
6  #include "qemu/units.h"
7  #include "hw/qdev-core.h"
8  #include "migration/blocker.h"
9  #include "ui/clipboard.h"
10  #include "ui/console.h"
11  #include "ui/input.h"
12  #include "trace.h"
13  
14  #include "qapi/qapi-types-char.h"
15  #include "qapi/qapi-types-ui.h"
16  
17  #include "spice/vd_agent.h"
18  
19  #define CHECK_SPICE_PROTOCOL_VERSION(major, minor, micro) \
20      (CONFIG_SPICE_PROTOCOL_MAJOR > (major) ||             \
21       (CONFIG_SPICE_PROTOCOL_MAJOR == (major) &&           \
22        CONFIG_SPICE_PROTOCOL_MINOR > (minor)) ||           \
23       (CONFIG_SPICE_PROTOCOL_MAJOR == (major) &&           \
24        CONFIG_SPICE_PROTOCOL_MINOR == (minor) &&           \
25        CONFIG_SPICE_PROTOCOL_MICRO >= (micro)))
26  
27  #define VDAGENT_BUFFER_LIMIT (1 * MiB)
28  #define VDAGENT_MOUSE_DEFAULT true
29  #define VDAGENT_CLIPBOARD_DEFAULT false
30  
31  struct VDAgentChardev {
32      Chardev parent;
33  
34      /* TODO: migration isn't yet supported */
35      Error *migration_blocker;
36  
37      /* config */
38      bool mouse;
39      bool clipboard;
40  
41      /* guest vdagent */
42      uint32_t caps;
43      VDIChunkHeader chunk;
44      uint32_t chunksize;
45      uint8_t *msgbuf;
46      uint32_t msgsize;
47      uint8_t *xbuf;
48      uint32_t xoff, xsize;
49      Buffer outbuf;
50  
51      /* mouse */
52      DeviceState mouse_dev;
53      uint32_t mouse_x;
54      uint32_t mouse_y;
55      uint32_t mouse_btn;
56      uint32_t mouse_display;
57      QemuInputHandlerState *mouse_hs;
58  
59      /* clipboard */
60      QemuClipboardPeer cbpeer;
61      uint32_t last_serial[QEMU_CLIPBOARD_SELECTION__COUNT];
62      uint32_t cbpending[QEMU_CLIPBOARD_SELECTION__COUNT];
63  };
64  typedef struct VDAgentChardev VDAgentChardev;
65  
66  #define TYPE_CHARDEV_QEMU_VDAGENT "chardev-qemu-vdagent"
67  
68  DECLARE_INSTANCE_CHECKER(VDAgentChardev, QEMU_VDAGENT_CHARDEV,
69                           TYPE_CHARDEV_QEMU_VDAGENT);
70  
71  /* ------------------------------------------------------------------ */
72  /* names, for debug logging                                           */
73  
74  static const char *cap_name[] = {
75      [VD_AGENT_CAP_MOUSE_STATE]                    = "mouse-state",
76      [VD_AGENT_CAP_MONITORS_CONFIG]                = "monitors-config",
77      [VD_AGENT_CAP_REPLY]                          = "reply",
78      [VD_AGENT_CAP_CLIPBOARD]                      = "clipboard",
79      [VD_AGENT_CAP_DISPLAY_CONFIG]                 = "display-config",
80      [VD_AGENT_CAP_CLIPBOARD_BY_DEMAND]            = "clipboard-by-demand",
81      [VD_AGENT_CAP_CLIPBOARD_SELECTION]            = "clipboard-selection",
82      [VD_AGENT_CAP_SPARSE_MONITORS_CONFIG]         = "sparse-monitors-config",
83      [VD_AGENT_CAP_GUEST_LINEEND_LF]               = "guest-lineend-lf",
84      [VD_AGENT_CAP_GUEST_LINEEND_CRLF]             = "guest-lineend-crlf",
85      [VD_AGENT_CAP_MAX_CLIPBOARD]                  = "max-clipboard",
86      [VD_AGENT_CAP_AUDIO_VOLUME_SYNC]              = "audio-volume-sync",
87      [VD_AGENT_CAP_MONITORS_CONFIG_POSITION]       = "monitors-config-position",
88      [VD_AGENT_CAP_FILE_XFER_DISABLED]             = "file-xfer-disabled",
89      [VD_AGENT_CAP_FILE_XFER_DETAILED_ERRORS]      = "file-xfer-detailed-errors",
90  #if CHECK_SPICE_PROTOCOL_VERSION(0, 14, 0)
91      [VD_AGENT_CAP_GRAPHICS_DEVICE_INFO]           = "graphics-device-info",
92  #endif
93  #if CHECK_SPICE_PROTOCOL_VERSION(0, 14, 1)
94      [VD_AGENT_CAP_CLIPBOARD_NO_RELEASE_ON_REGRAB] = "clipboard-no-release-on-regrab",
95      [VD_AGENT_CAP_CLIPBOARD_GRAB_SERIAL]          = "clipboard-grab-serial",
96  #endif
97  };
98  
99  static const char *msg_name[] = {
100      [VD_AGENT_MOUSE_STATE]           = "mouse-state",
101      [VD_AGENT_MONITORS_CONFIG]       = "monitors-config",
102      [VD_AGENT_REPLY]                 = "reply",
103      [VD_AGENT_CLIPBOARD]             = "clipboard",
104      [VD_AGENT_DISPLAY_CONFIG]        = "display-config",
105      [VD_AGENT_ANNOUNCE_CAPABILITIES] = "announce-capabilities",
106      [VD_AGENT_CLIPBOARD_GRAB]        = "clipboard-grab",
107      [VD_AGENT_CLIPBOARD_REQUEST]     = "clipboard-request",
108      [VD_AGENT_CLIPBOARD_RELEASE]     = "clipboard-release",
109      [VD_AGENT_FILE_XFER_START]       = "file-xfer-start",
110      [VD_AGENT_FILE_XFER_STATUS]      = "file-xfer-status",
111      [VD_AGENT_FILE_XFER_DATA]        = "file-xfer-data",
112      [VD_AGENT_CLIENT_DISCONNECTED]   = "client-disconnected",
113      [VD_AGENT_MAX_CLIPBOARD]         = "max-clipboard",
114      [VD_AGENT_AUDIO_VOLUME_SYNC]     = "audio-volume-sync",
115  #if CHECK_SPICE_PROTOCOL_VERSION(0, 14, 0)
116      [VD_AGENT_GRAPHICS_DEVICE_INFO]  = "graphics-device-info",
117  #endif
118  };
119  
120  static const char *sel_name[] = {
121      [VD_AGENT_CLIPBOARD_SELECTION_CLIPBOARD] = "clipboard",
122      [VD_AGENT_CLIPBOARD_SELECTION_PRIMARY]   = "primary",
123      [VD_AGENT_CLIPBOARD_SELECTION_SECONDARY] = "secondary",
124  };
125  
126  static const char *type_name[] = {
127      [VD_AGENT_CLIPBOARD_NONE]       = "none",
128      [VD_AGENT_CLIPBOARD_UTF8_TEXT]  = "text",
129      [VD_AGENT_CLIPBOARD_IMAGE_PNG]  = "png",
130      [VD_AGENT_CLIPBOARD_IMAGE_BMP]  = "bmp",
131      [VD_AGENT_CLIPBOARD_IMAGE_TIFF] = "tiff",
132      [VD_AGENT_CLIPBOARD_IMAGE_JPG]  = "jpg",
133  #if CHECK_SPICE_PROTOCOL_VERSION(0, 14, 3)
134      [VD_AGENT_CLIPBOARD_FILE_LIST]  = "files",
135  #endif
136  };
137  
138  #define GET_NAME(_m, _v) \
139      (((_v) < ARRAY_SIZE(_m) && (_m[_v])) ? (_m[_v]) : "???")
140  
141  /* ------------------------------------------------------------------ */
142  /* send messages                                                      */
143  
144  static void vdagent_send_buf(VDAgentChardev *vd)
145  {
146      uint32_t len;
147  
148      while (!buffer_empty(&vd->outbuf)) {
149          len = qemu_chr_be_can_write(CHARDEV(vd));
150          if (len == 0) {
151              return;
152          }
153          if (len > vd->outbuf.offset) {
154              len = vd->outbuf.offset;
155          }
156          qemu_chr_be_write(CHARDEV(vd), vd->outbuf.buffer, len);
157          buffer_advance(&vd->outbuf, len);
158      }
159  }
160  
161  static void vdagent_send_msg(VDAgentChardev *vd, VDAgentMessage *msg)
162  {
163      uint8_t *msgbuf = (void *)msg;
164      uint32_t msgsize = sizeof(VDAgentMessage) + msg->size;
165      uint32_t msgoff = 0;
166      VDIChunkHeader chunk;
167  
168      trace_vdagent_send(GET_NAME(msg_name, msg->type));
169  
170      msg->protocol = VD_AGENT_PROTOCOL;
171  
172      if (vd->outbuf.offset + msgsize > VDAGENT_BUFFER_LIMIT) {
173          error_report("buffer full, dropping message");
174          return;
175      }
176  
177      while (msgoff < msgsize) {
178          chunk.port = VDP_CLIENT_PORT;
179          chunk.size = msgsize - msgoff;
180          if (chunk.size > 1024) {
181              chunk.size = 1024;
182          }
183          buffer_reserve(&vd->outbuf, sizeof(chunk) + chunk.size);
184          buffer_append(&vd->outbuf, &chunk, sizeof(chunk));
185          buffer_append(&vd->outbuf, msgbuf + msgoff, chunk.size);
186          msgoff += chunk.size;
187      }
188      vdagent_send_buf(vd);
189  }
190  
191  static void vdagent_send_caps(VDAgentChardev *vd)
192  {
193      g_autofree VDAgentMessage *msg = g_malloc0(sizeof(VDAgentMessage) +
194                                                 sizeof(VDAgentAnnounceCapabilities) +
195                                                 sizeof(uint32_t));
196      VDAgentAnnounceCapabilities *caps = (void *)msg->data;
197  
198      msg->type = VD_AGENT_ANNOUNCE_CAPABILITIES;
199      msg->size = sizeof(VDAgentAnnounceCapabilities) + sizeof(uint32_t);
200      if (vd->mouse) {
201          caps->caps[0] |= (1 << VD_AGENT_CAP_MOUSE_STATE);
202      }
203      if (vd->clipboard) {
204          caps->caps[0] |= (1 << VD_AGENT_CAP_CLIPBOARD_BY_DEMAND);
205          caps->caps[0] |= (1 << VD_AGENT_CAP_CLIPBOARD_SELECTION);
206  #if CHECK_SPICE_PROTOCOL_VERSION(0, 14, 1)
207          caps->caps[0] |= (1 << VD_AGENT_CAP_CLIPBOARD_GRAB_SERIAL);
208  #endif
209      }
210  
211      vdagent_send_msg(vd, msg);
212  }
213  
214  /* ------------------------------------------------------------------ */
215  /* mouse events                                                       */
216  
217  static bool have_mouse(VDAgentChardev *vd)
218  {
219      return vd->mouse &&
220          (vd->caps & (1 << VD_AGENT_CAP_MOUSE_STATE));
221  }
222  
223  static void vdagent_send_mouse(VDAgentChardev *vd)
224  {
225      g_autofree VDAgentMessage *msg = g_malloc0(sizeof(VDAgentMessage) +
226                                                 sizeof(VDAgentMouseState));
227      VDAgentMouseState *mouse = (void *)msg->data;
228  
229      msg->type = VD_AGENT_MOUSE_STATE;
230      msg->size = sizeof(VDAgentMouseState);
231  
232      mouse->x          = vd->mouse_x;
233      mouse->y          = vd->mouse_y;
234      mouse->buttons    = vd->mouse_btn;
235      mouse->display_id = vd->mouse_display;
236  
237      vdagent_send_msg(vd, msg);
238  }
239  
240  static void vdagent_pointer_event(DeviceState *dev, QemuConsole *src,
241                                    InputEvent *evt)
242  {
243      static const int bmap[INPUT_BUTTON__MAX] = {
244          [INPUT_BUTTON_LEFT]        = VD_AGENT_LBUTTON_MASK,
245          [INPUT_BUTTON_RIGHT]       = VD_AGENT_RBUTTON_MASK,
246          [INPUT_BUTTON_MIDDLE]      = VD_AGENT_MBUTTON_MASK,
247          [INPUT_BUTTON_WHEEL_UP]    = VD_AGENT_UBUTTON_MASK,
248          [INPUT_BUTTON_WHEEL_DOWN]  = VD_AGENT_DBUTTON_MASK,
249  #ifdef VD_AGENT_EBUTTON_MASK
250          [INPUT_BUTTON_SIDE]        = VD_AGENT_SBUTTON_MASK,
251          [INPUT_BUTTON_EXTRA]       = VD_AGENT_EBUTTON_MASK,
252  #endif
253      };
254  
255      VDAgentChardev *vd = container_of(dev, struct VDAgentChardev, mouse_dev);
256      InputMoveEvent *move;
257      InputBtnEvent *btn;
258      uint32_t xres, yres;
259  
260      switch (evt->type) {
261      case INPUT_EVENT_KIND_ABS:
262          move = evt->u.abs.data;
263          xres = qemu_console_get_width(src, 1024);
264          yres = qemu_console_get_height(src, 768);
265          if (move->axis == INPUT_AXIS_X) {
266              vd->mouse_x = qemu_input_scale_axis(move->value,
267                                                  INPUT_EVENT_ABS_MIN,
268                                                  INPUT_EVENT_ABS_MAX,
269                                                  0, xres);
270          } else if (move->axis == INPUT_AXIS_Y) {
271              vd->mouse_y = qemu_input_scale_axis(move->value,
272                                                  INPUT_EVENT_ABS_MIN,
273                                                  INPUT_EVENT_ABS_MAX,
274                                                  0, yres);
275          }
276          vd->mouse_display = qemu_console_get_index(src);
277          break;
278  
279      case INPUT_EVENT_KIND_BTN:
280          btn = evt->u.btn.data;
281          if (btn->down) {
282              vd->mouse_btn |= bmap[btn->button];
283          } else {
284              vd->mouse_btn &= ~bmap[btn->button];
285          }
286          break;
287  
288      default:
289          /* keep gcc happy */
290          break;
291      }
292  }
293  
294  static void vdagent_pointer_sync(DeviceState *dev)
295  {
296      VDAgentChardev *vd = container_of(dev, struct VDAgentChardev, mouse_dev);
297  
298      if (vd->caps & (1 << VD_AGENT_CAP_MOUSE_STATE)) {
299          vdagent_send_mouse(vd);
300      }
301  }
302  
303  static QemuInputHandler vdagent_mouse_handler = {
304      .name  = "vdagent mouse",
305      .mask  = INPUT_EVENT_MASK_BTN | INPUT_EVENT_MASK_ABS,
306      .event = vdagent_pointer_event,
307      .sync  = vdagent_pointer_sync,
308  };
309  
310  /* ------------------------------------------------------------------ */
311  /* clipboard                                                          */
312  
313  static bool have_clipboard(VDAgentChardev *vd)
314  {
315      return vd->clipboard &&
316          (vd->caps & (1 << VD_AGENT_CAP_CLIPBOARD_BY_DEMAND));
317  }
318  
319  static bool have_selection(VDAgentChardev *vd)
320  {
321      return vd->caps & (1 << VD_AGENT_CAP_CLIPBOARD_SELECTION);
322  }
323  
324  static uint32_t type_qemu_to_vdagent(enum QemuClipboardType type)
325  {
326      switch (type) {
327      case QEMU_CLIPBOARD_TYPE_TEXT:
328          return VD_AGENT_CLIPBOARD_UTF8_TEXT;
329      default:
330          return VD_AGENT_CLIPBOARD_NONE;
331      }
332  }
333  
334  static void vdagent_send_clipboard_grab(VDAgentChardev *vd,
335                                          QemuClipboardInfo *info)
336  {
337      g_autofree VDAgentMessage *msg =
338          g_malloc0(sizeof(VDAgentMessage) +
339                    sizeof(uint32_t) * (QEMU_CLIPBOARD_TYPE__COUNT + 1) +
340                    sizeof(uint32_t));
341      uint8_t *s = msg->data;
342      uint32_t *data = (uint32_t *)msg->data;
343      uint32_t q, type;
344  
345      if (have_selection(vd)) {
346          *s = info->selection;
347          data++;
348          msg->size += sizeof(uint32_t);
349      } else if (info->selection != QEMU_CLIPBOARD_SELECTION_CLIPBOARD) {
350          return;
351      }
352  
353  #if CHECK_SPICE_PROTOCOL_VERSION(0, 14, 1)
354      if (vd->caps & (1 << VD_AGENT_CAP_CLIPBOARD_GRAB_SERIAL)) {
355          if (!info->has_serial) {
356              /* client should win */
357              info->serial = vd->last_serial[info->selection]++;
358              info->has_serial = true;
359          }
360          *data = info->serial;
361          data++;
362          msg->size += sizeof(uint32_t);
363      }
364  #endif
365  
366      for (q = 0; q < QEMU_CLIPBOARD_TYPE__COUNT; q++) {
367          type = type_qemu_to_vdagent(q);
368          if (type != VD_AGENT_CLIPBOARD_NONE && info->types[q].available) {
369              *data = type;
370              data++;
371              msg->size += sizeof(uint32_t);
372          }
373      }
374  
375      msg->type = VD_AGENT_CLIPBOARD_GRAB;
376      vdagent_send_msg(vd, msg);
377  }
378  
379  static void vdagent_send_clipboard_release(VDAgentChardev *vd,
380                                             QemuClipboardInfo *info)
381  {
382      g_autofree VDAgentMessage *msg = g_malloc0(sizeof(VDAgentMessage) +
383                                                 sizeof(uint32_t));
384  
385      if (have_selection(vd)) {
386          uint8_t *s = msg->data;
387          *s = info->selection;
388          msg->size += sizeof(uint32_t);
389      } else if (info->selection != QEMU_CLIPBOARD_SELECTION_CLIPBOARD) {
390          return;
391      }
392  
393      msg->type = VD_AGENT_CLIPBOARD_RELEASE;
394      vdagent_send_msg(vd, msg);
395  }
396  
397  static void vdagent_send_clipboard_data(VDAgentChardev *vd,
398                                          QemuClipboardInfo *info,
399                                          QemuClipboardType type)
400  {
401      g_autofree VDAgentMessage *msg = g_malloc0(sizeof(VDAgentMessage) +
402                                                 sizeof(uint32_t) * 2 +
403                                                 info->types[type].size);
404  
405      uint8_t *s = msg->data;
406      uint32_t *data = (uint32_t *)msg->data;
407  
408      if (have_selection(vd)) {
409          *s = info->selection;
410          data++;
411          msg->size += sizeof(uint32_t);
412      } else if (info->selection != QEMU_CLIPBOARD_SELECTION_CLIPBOARD) {
413          return;
414      }
415  
416      *data = type_qemu_to_vdagent(type);
417      data++;
418      msg->size += sizeof(uint32_t);
419  
420      memcpy(data, info->types[type].data, info->types[type].size);
421      msg->size += info->types[type].size;
422  
423      msg->type = VD_AGENT_CLIPBOARD;
424      vdagent_send_msg(vd, msg);
425  }
426  
427  static void vdagent_send_empty_clipboard_data(VDAgentChardev *vd,
428                                                QemuClipboardSelection selection,
429                                                QemuClipboardType type)
430  {
431      g_autoptr(QemuClipboardInfo) info = qemu_clipboard_info_new(&vd->cbpeer, selection);
432  
433      trace_vdagent_send_empty_clipboard();
434      vdagent_send_clipboard_data(vd, info, type);
435  }
436  
437  static void vdagent_clipboard_update_info(VDAgentChardev *vd,
438                                            QemuClipboardInfo *info)
439  {
440      QemuClipboardSelection s = info->selection;
441      QemuClipboardType type;
442      bool self_update = info->owner == &vd->cbpeer;
443  
444      if (info != qemu_clipboard_info(s)) {
445          vd->cbpending[s] = 0;
446          if (!self_update) {
447              if (info->owner) {
448                  vdagent_send_clipboard_grab(vd, info);
449              } else {
450                  vdagent_send_clipboard_release(vd, info);
451              }
452          }
453          return;
454      }
455  
456      if (self_update) {
457          return;
458      }
459  
460      for (type = 0; type < QEMU_CLIPBOARD_TYPE__COUNT; type++) {
461          if (vd->cbpending[s] & (1 << type)) {
462              vd->cbpending[s] &= ~(1 << type);
463              vdagent_send_clipboard_data(vd, info, type);
464          }
465      }
466  }
467  
468  static void vdagent_clipboard_reset_serial(VDAgentChardev *vd)
469  {
470      Chardev *chr = CHARDEV(vd);
471  
472      /* reopen the agent connection to reset the serial state */
473      qemu_chr_be_event(chr, CHR_EVENT_CLOSED);
474      qemu_chr_be_event(chr, CHR_EVENT_OPENED);
475  }
476  
477  static void vdagent_clipboard_notify(Notifier *notifier, void *data)
478  {
479      VDAgentChardev *vd =
480          container_of(notifier, VDAgentChardev, cbpeer.notifier);
481      QemuClipboardNotify *notify = data;
482  
483      switch (notify->type) {
484      case QEMU_CLIPBOARD_UPDATE_INFO:
485          vdagent_clipboard_update_info(vd, notify->info);
486          return;
487      case QEMU_CLIPBOARD_RESET_SERIAL:
488          vdagent_clipboard_reset_serial(vd);
489          return;
490      }
491  }
492  
493  static void vdagent_clipboard_request(QemuClipboardInfo *info,
494                                        QemuClipboardType qtype)
495  {
496      VDAgentChardev *vd = container_of(info->owner, VDAgentChardev, cbpeer);
497      g_autofree VDAgentMessage *msg = g_malloc0(sizeof(VDAgentMessage) +
498                                                 sizeof(uint32_t) * 2);
499      uint32_t type = type_qemu_to_vdagent(qtype);
500      uint8_t *s = msg->data;
501      uint32_t *data = (uint32_t *)msg->data;
502  
503      if (type == VD_AGENT_CLIPBOARD_NONE) {
504          return;
505      }
506  
507      if (have_selection(vd)) {
508          *s = info->selection;
509          data++;
510          msg->size += sizeof(uint32_t);
511      }
512  
513      *data = type;
514      msg->size += sizeof(uint32_t);
515  
516      msg->type = VD_AGENT_CLIPBOARD_REQUEST;
517      vdagent_send_msg(vd, msg);
518  }
519  
520  static void vdagent_clipboard_recv_grab(VDAgentChardev *vd, uint8_t s, uint32_t size, void *data)
521  {
522      g_autoptr(QemuClipboardInfo) info = NULL;
523  
524      trace_vdagent_cb_grab_selection(GET_NAME(sel_name, s));
525      info = qemu_clipboard_info_new(&vd->cbpeer, s);
526  #if CHECK_SPICE_PROTOCOL_VERSION(0, 14, 1)
527      if (vd->caps & (1 << VD_AGENT_CAP_CLIPBOARD_GRAB_SERIAL)) {
528          if (size < sizeof(uint32_t)) {
529              /* this shouldn't happen! */
530              return;
531          }
532  
533          info->has_serial = true;
534          info->serial = *(uint32_t *)data;
535          if (info->serial < vd->last_serial[s]) {
536              /* discard lower-ordering guest grab */
537              return;
538          }
539          vd->last_serial[s] = info->serial;
540          data += sizeof(uint32_t);
541          size -= sizeof(uint32_t);
542      }
543  #endif
544      if (size > sizeof(uint32_t) * 10) {
545          /*
546           * spice has 6 types as of 2021. Limiting to 10 entries
547           * so we we have some wiggle room.
548           */
549          return;
550      }
551      while (size >= sizeof(uint32_t)) {
552          trace_vdagent_cb_grab_type(GET_NAME(type_name, *(uint32_t *)data));
553          switch (*(uint32_t *)data) {
554          case VD_AGENT_CLIPBOARD_UTF8_TEXT:
555              info->types[QEMU_CLIPBOARD_TYPE_TEXT].available = true;
556              break;
557          default:
558              break;
559          }
560          data += sizeof(uint32_t);
561          size -= sizeof(uint32_t);
562      }
563      qemu_clipboard_update(info);
564  }
565  
566  static void vdagent_clipboard_recv_request(VDAgentChardev *vd, uint8_t s, uint32_t size, void *data)
567  {
568      QemuClipboardType type;
569      QemuClipboardInfo *info;
570  
571      if (size < sizeof(uint32_t)) {
572          return;
573      }
574      switch (*(uint32_t *)data) {
575      case VD_AGENT_CLIPBOARD_UTF8_TEXT:
576          type = QEMU_CLIPBOARD_TYPE_TEXT;
577          break;
578      default:
579          return;
580      }
581  
582      info = qemu_clipboard_info(s);
583      if (info && info->types[type].available && info->owner != &vd->cbpeer) {
584          if (info->types[type].data) {
585              vdagent_send_clipboard_data(vd, info, type);
586          } else {
587              vd->cbpending[s] |= (1 << type);
588              qemu_clipboard_request(info, type);
589          }
590      } else {
591          vdagent_send_empty_clipboard_data(vd, s, type);
592      }
593  }
594  
595  static void vdagent_clipboard_recv_data(VDAgentChardev *vd, uint8_t s, uint32_t size, void *data)
596  {
597      QemuClipboardType type;
598  
599      if (size < sizeof(uint32_t)) {
600          return;
601      }
602      switch (*(uint32_t *)data) {
603      case VD_AGENT_CLIPBOARD_UTF8_TEXT:
604          type = QEMU_CLIPBOARD_TYPE_TEXT;
605          break;
606      default:
607          return;
608      }
609      data += 4;
610      size -= 4;
611  
612      if (qemu_clipboard_peer_owns(&vd->cbpeer, s)) {
613          qemu_clipboard_set_data(&vd->cbpeer, qemu_clipboard_info(s),
614                                  type, size, data, true);
615      }
616  }
617  
618  static void vdagent_clipboard_recv_release(VDAgentChardev *vd, uint8_t s)
619  {
620      qemu_clipboard_peer_release(&vd->cbpeer, s);
621  }
622  
623  static void vdagent_chr_recv_clipboard(VDAgentChardev *vd, VDAgentMessage *msg)
624  {
625      uint8_t s = VD_AGENT_CLIPBOARD_SELECTION_CLIPBOARD;
626      uint32_t size = msg->size;
627      void *data = msg->data;
628  
629      if (have_selection(vd)) {
630          if (size < 4) {
631              return;
632          }
633          s = *(uint8_t *)data;
634          if (s >= QEMU_CLIPBOARD_SELECTION__COUNT) {
635              return;
636          }
637          data += 4;
638          size -= 4;
639      }
640  
641      switch (msg->type) {
642      case VD_AGENT_CLIPBOARD_GRAB:
643          return vdagent_clipboard_recv_grab(vd, s, size, data);
644      case VD_AGENT_CLIPBOARD_REQUEST:
645          return vdagent_clipboard_recv_request(vd, s, size, data);
646      case VD_AGENT_CLIPBOARD: /* data */
647          return vdagent_clipboard_recv_data(vd, s, size, data);
648      case VD_AGENT_CLIPBOARD_RELEASE:
649          return vdagent_clipboard_recv_release(vd, s);
650      default:
651          g_assert_not_reached();
652      }
653  }
654  
655  /* ------------------------------------------------------------------ */
656  /* chardev backend                                                    */
657  
658  static void vdagent_chr_open(Chardev *chr,
659                               ChardevBackend *backend,
660                               bool *be_opened,
661                               Error **errp)
662  {
663      VDAgentChardev *vd = QEMU_VDAGENT_CHARDEV(chr);
664      ChardevQemuVDAgent *cfg = backend->u.qemu_vdagent.data;
665  
666  #if HOST_BIG_ENDIAN
667      /*
668       * TODO: vdagent protocol is defined to be LE,
669       * so we have to byteswap everything on BE hosts.
670       */
671      error_setg(errp, "vdagent is not supported on bigendian hosts");
672      return;
673  #endif
674  
675      if (migrate_add_blocker(vd->migration_blocker, errp) != 0) {
676          return;
677      }
678  
679      vd->mouse = VDAGENT_MOUSE_DEFAULT;
680      if (cfg->has_mouse) {
681          vd->mouse = cfg->mouse;
682      }
683  
684      vd->clipboard = VDAGENT_CLIPBOARD_DEFAULT;
685      if (cfg->has_clipboard) {
686          vd->clipboard = cfg->clipboard;
687      }
688  
689      if (vd->mouse) {
690          vd->mouse_hs = qemu_input_handler_register(&vd->mouse_dev,
691                                                     &vdagent_mouse_handler);
692      }
693  
694      *be_opened = true;
695  }
696  
697  static void vdagent_chr_recv_caps(VDAgentChardev *vd, VDAgentMessage *msg)
698  {
699      VDAgentAnnounceCapabilities *caps = (void *)msg->data;
700      int i;
701  
702      if (msg->size < (sizeof(VDAgentAnnounceCapabilities) +
703                       sizeof(uint32_t))) {
704          return;
705      }
706  
707      for (i = 0; i < ARRAY_SIZE(cap_name); i++) {
708          if (caps->caps[0] & (1 << i)) {
709              trace_vdagent_peer_cap(GET_NAME(cap_name, i));
710          }
711      }
712  
713      vd->caps = caps->caps[0];
714      if (caps->request) {
715          vdagent_send_caps(vd);
716      }
717      if (have_mouse(vd) && vd->mouse_hs) {
718          qemu_input_handler_activate(vd->mouse_hs);
719      }
720      if (have_clipboard(vd) && vd->cbpeer.notifier.notify == NULL) {
721          memset(vd->last_serial, 0, sizeof(vd->last_serial));
722          vd->cbpeer.name = "vdagent";
723          vd->cbpeer.notifier.notify = vdagent_clipboard_notify;
724          vd->cbpeer.request = vdagent_clipboard_request;
725          qemu_clipboard_peer_register(&vd->cbpeer);
726      }
727  }
728  
729  static void vdagent_chr_recv_msg(VDAgentChardev *vd, VDAgentMessage *msg)
730  {
731      trace_vdagent_recv_msg(GET_NAME(msg_name, msg->type), msg->size);
732  
733      switch (msg->type) {
734      case VD_AGENT_ANNOUNCE_CAPABILITIES:
735          vdagent_chr_recv_caps(vd, msg);
736          break;
737      case VD_AGENT_CLIPBOARD:
738      case VD_AGENT_CLIPBOARD_GRAB:
739      case VD_AGENT_CLIPBOARD_REQUEST:
740      case VD_AGENT_CLIPBOARD_RELEASE:
741          if (have_clipboard(vd)) {
742              vdagent_chr_recv_clipboard(vd, msg);
743          }
744          break;
745      default:
746          break;
747      }
748  }
749  
750  static void vdagent_reset_xbuf(VDAgentChardev *vd)
751  {
752      g_clear_pointer(&vd->xbuf, g_free);
753      vd->xoff = 0;
754      vd->xsize = 0;
755  }
756  
757  static void vdagent_chr_recv_chunk(VDAgentChardev *vd)
758  {
759      VDAgentMessage *msg = (void *)vd->msgbuf;
760  
761      if (!vd->xsize) {
762          if (vd->msgsize < sizeof(*msg)) {
763              error_report("%s: message too small: %d < %zd", __func__,
764                           vd->msgsize, sizeof(*msg));
765              return;
766          }
767          if (vd->msgsize == msg->size + sizeof(*msg)) {
768              vdagent_chr_recv_msg(vd, msg);
769              return;
770          }
771      }
772  
773      if (!vd->xsize) {
774          vd->xsize = msg->size + sizeof(*msg);
775          vd->xbuf = g_malloc0(vd->xsize);
776      }
777  
778      if (vd->xoff + vd->msgsize > vd->xsize) {
779          error_report("%s: Oops: %d+%d > %d", __func__,
780                       vd->xoff, vd->msgsize, vd->xsize);
781          vdagent_reset_xbuf(vd);
782          return;
783      }
784  
785      memcpy(vd->xbuf + vd->xoff, vd->msgbuf, vd->msgsize);
786      vd->xoff += vd->msgsize;
787      if (vd->xoff < vd->xsize) {
788          return;
789      }
790  
791      msg = (void *)vd->xbuf;
792      vdagent_chr_recv_msg(vd, msg);
793      vdagent_reset_xbuf(vd);
794  }
795  
796  static void vdagent_reset_bufs(VDAgentChardev *vd)
797  {
798      memset(&vd->chunk, 0, sizeof(vd->chunk));
799      vd->chunksize = 0;
800      g_free(vd->msgbuf);
801      vd->msgbuf = NULL;
802      vd->msgsize = 0;
803  }
804  
805  static int vdagent_chr_write(Chardev *chr, const uint8_t *buf, int len)
806  {
807      VDAgentChardev *vd = QEMU_VDAGENT_CHARDEV(chr);
808      uint32_t copy, ret = len;
809  
810      while (len) {
811          if (vd->chunksize < sizeof(vd->chunk)) {
812              copy = sizeof(vd->chunk) - vd->chunksize;
813              if (copy > len) {
814                  copy = len;
815              }
816              memcpy((void *)(&vd->chunk) + vd->chunksize, buf, copy);
817              vd->chunksize += copy;
818              buf += copy;
819              len -= copy;
820              if (vd->chunksize < sizeof(vd->chunk)) {
821                  break;
822              }
823  
824              assert(vd->msgbuf == NULL);
825              vd->msgbuf = g_malloc0(vd->chunk.size);
826          }
827  
828          copy = vd->chunk.size - vd->msgsize;
829          if (copy > len) {
830              copy = len;
831          }
832          memcpy(vd->msgbuf + vd->msgsize, buf, copy);
833          vd->msgsize += copy;
834          buf += copy;
835          len -= copy;
836  
837          if (vd->msgsize == vd->chunk.size) {
838              trace_vdagent_recv_chunk(vd->chunk.size);
839              vdagent_chr_recv_chunk(vd);
840              vdagent_reset_bufs(vd);
841          }
842      }
843  
844      return ret;
845  }
846  
847  static void vdagent_chr_accept_input(Chardev *chr)
848  {
849      VDAgentChardev *vd = QEMU_VDAGENT_CHARDEV(chr);
850  
851      vdagent_send_buf(vd);
852  }
853  
854  static void vdagent_disconnect(VDAgentChardev *vd)
855  {
856      buffer_reset(&vd->outbuf);
857      vdagent_reset_bufs(vd);
858      vd->caps = 0;
859      if (vd->mouse_hs) {
860          qemu_input_handler_deactivate(vd->mouse_hs);
861      }
862      if (vd->cbpeer.notifier.notify) {
863          qemu_clipboard_peer_unregister(&vd->cbpeer);
864          memset(&vd->cbpeer, 0, sizeof(vd->cbpeer));
865      }
866  }
867  
868  static void vdagent_chr_set_fe_open(struct Chardev *chr, int fe_open)
869  {
870      if (!fe_open) {
871          trace_vdagent_close();
872          return;
873      }
874  
875      trace_vdagent_open();
876  }
877  
878  static void vdagent_chr_parse(QemuOpts *opts, ChardevBackend *backend,
879                                Error **errp)
880  {
881      ChardevQemuVDAgent *cfg;
882  
883      backend->type = CHARDEV_BACKEND_KIND_QEMU_VDAGENT;
884      cfg = backend->u.qemu_vdagent.data = g_new0(ChardevQemuVDAgent, 1);
885      qemu_chr_parse_common(opts, qapi_ChardevQemuVDAgent_base(cfg));
886      cfg->has_mouse = true;
887      cfg->mouse = qemu_opt_get_bool(opts, "mouse", VDAGENT_MOUSE_DEFAULT);
888      cfg->has_clipboard = true;
889      cfg->clipboard = qemu_opt_get_bool(opts, "clipboard", VDAGENT_CLIPBOARD_DEFAULT);
890  }
891  
892  /* ------------------------------------------------------------------ */
893  
894  static void vdagent_chr_class_init(ObjectClass *oc, void *data)
895  {
896      ChardevClass *cc = CHARDEV_CLASS(oc);
897  
898      cc->parse            = vdagent_chr_parse;
899      cc->open             = vdagent_chr_open;
900      cc->chr_write        = vdagent_chr_write;
901      cc->chr_set_fe_open  = vdagent_chr_set_fe_open;
902      cc->chr_accept_input = vdagent_chr_accept_input;
903  }
904  
905  static void vdagent_chr_init(Object *obj)
906  {
907      VDAgentChardev *vd = QEMU_VDAGENT_CHARDEV(obj);
908  
909      buffer_init(&vd->outbuf, "vdagent-outbuf");
910      error_setg(&vd->migration_blocker,
911                 "The vdagent chardev doesn't yet support migration");
912  }
913  
914  static void vdagent_chr_fini(Object *obj)
915  {
916      VDAgentChardev *vd = QEMU_VDAGENT_CHARDEV(obj);
917  
918      migrate_del_blocker(vd->migration_blocker);
919      vdagent_disconnect(vd);
920      buffer_free(&vd->outbuf);
921      error_free(vd->migration_blocker);
922  }
923  
924  static const TypeInfo vdagent_chr_type_info = {
925      .name = TYPE_CHARDEV_QEMU_VDAGENT,
926      .parent = TYPE_CHARDEV,
927      .instance_size = sizeof(VDAgentChardev),
928      .instance_init = vdagent_chr_init,
929      .instance_finalize = vdagent_chr_fini,
930      .class_init = vdagent_chr_class_init,
931  };
932  
933  static void register_types(void)
934  {
935      type_register_static(&vdagent_chr_type_info);
936  }
937  
938  type_init(register_types);
939