1 /* 2 * QEMU VNC display driver 3 * 4 * Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws> 5 * Copyright (C) 2006 Fabrice Bellard 6 * Copyright (C) 2009 Red Hat, Inc 7 * 8 * Permission is hereby granted, free of charge, to any person obtaining a copy 9 * of this software and associated documentation files (the "Software"), to deal 10 * in the Software without restriction, including without limitation the rights 11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 12 * copies of the Software, and to permit persons to whom the Software is 13 * furnished to do so, subject to the following conditions: 14 * 15 * The above copyright notice and this permission notice shall be included in 16 * all copies or substantial portions of the Software. 17 * 18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 21 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 24 * THE SOFTWARE. 25 */ 26 27 #include "qemu/osdep.h" 28 #include "vnc.h" 29 #include "vnc-jobs.h" 30 #include "trace.h" 31 #include "hw/qdev-core.h" 32 #include "sysemu/sysemu.h" 33 #include "sysemu/runstate.h" 34 #include "qemu/error-report.h" 35 #include "qemu/main-loop.h" 36 #include "qemu/module.h" 37 #include "qemu/option.h" 38 #include "qemu/sockets.h" 39 #include "qemu/timer.h" 40 #include "authz/list.h" 41 #include "qemu/config-file.h" 42 #include "qapi/qapi-emit-events.h" 43 #include "qapi/qapi-events-ui.h" 44 #include "qapi/error.h" 45 #include "qapi/qapi-commands-ui.h" 46 #include "ui/input.h" 47 #include "crypto/hash.h" 48 #include "crypto/tlscredsanon.h" 49 #include "crypto/tlscredsx509.h" 50 #include "crypto/random.h" 51 #include "qom/object_interfaces.h" 52 #include "qemu/cutils.h" 53 #include "qemu/help_option.h" 54 #include "io/dns-resolver.h" 55 56 #define VNC_REFRESH_INTERVAL_BASE GUI_REFRESH_INTERVAL_DEFAULT 57 #define VNC_REFRESH_INTERVAL_INC 50 58 #define VNC_REFRESH_INTERVAL_MAX GUI_REFRESH_INTERVAL_IDLE 59 static const struct timeval VNC_REFRESH_STATS = { 0, 500000 }; 60 static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 }; 61 62 #include "vnc_keysym.h" 63 #include "crypto/cipher.h" 64 65 static QTAILQ_HEAD(, VncDisplay) vnc_displays = 66 QTAILQ_HEAD_INITIALIZER(vnc_displays); 67 68 static int vnc_cursor_define(VncState *vs); 69 static void vnc_update_throttle_offset(VncState *vs); 70 71 static void vnc_set_share_mode(VncState *vs, VncShareMode mode) 72 { 73 #ifdef _VNC_DEBUG 74 static const char *mn[] = { 75 [0] = "undefined", 76 [VNC_SHARE_MODE_CONNECTING] = "connecting", 77 [VNC_SHARE_MODE_SHARED] = "shared", 78 [VNC_SHARE_MODE_EXCLUSIVE] = "exclusive", 79 [VNC_SHARE_MODE_DISCONNECTED] = "disconnected", 80 }; 81 fprintf(stderr, "%s/%p: %s -> %s\n", __func__, 82 vs->ioc, mn[vs->share_mode], mn[mode]); 83 #endif 84 85 switch (vs->share_mode) { 86 case VNC_SHARE_MODE_CONNECTING: 87 vs->vd->num_connecting--; 88 break; 89 case VNC_SHARE_MODE_SHARED: 90 vs->vd->num_shared--; 91 break; 92 case VNC_SHARE_MODE_EXCLUSIVE: 93 vs->vd->num_exclusive--; 94 break; 95 default: 96 break; 97 } 98 99 vs->share_mode = mode; 100 101 switch (vs->share_mode) { 102 case VNC_SHARE_MODE_CONNECTING: 103 vs->vd->num_connecting++; 104 break; 105 case VNC_SHARE_MODE_SHARED: 106 vs->vd->num_shared++; 107 break; 108 case VNC_SHARE_MODE_EXCLUSIVE: 109 vs->vd->num_exclusive++; 110 break; 111 default: 112 break; 113 } 114 } 115 116 117 static void vnc_init_basic_info(SocketAddress *addr, 118 VncBasicInfo *info, 119 Error **errp) 120 { 121 switch (addr->type) { 122 case SOCKET_ADDRESS_TYPE_INET: 123 info->host = g_strdup(addr->u.inet.host); 124 info->service = g_strdup(addr->u.inet.port); 125 if (addr->u.inet.ipv6) { 126 info->family = NETWORK_ADDRESS_FAMILY_IPV6; 127 } else { 128 info->family = NETWORK_ADDRESS_FAMILY_IPV4; 129 } 130 break; 131 132 case SOCKET_ADDRESS_TYPE_UNIX: 133 info->host = g_strdup(""); 134 info->service = g_strdup(addr->u.q_unix.path); 135 info->family = NETWORK_ADDRESS_FAMILY_UNIX; 136 break; 137 138 case SOCKET_ADDRESS_TYPE_VSOCK: 139 case SOCKET_ADDRESS_TYPE_FD: 140 error_setg(errp, "Unsupported socket address type %s", 141 SocketAddressType_str(addr->type)); 142 break; 143 default: 144 abort(); 145 } 146 147 return; 148 } 149 150 static void vnc_init_basic_info_from_server_addr(QIOChannelSocket *ioc, 151 VncBasicInfo *info, 152 Error **errp) 153 { 154 SocketAddress *addr = NULL; 155 156 if (!ioc) { 157 error_setg(errp, "No listener socket available"); 158 return; 159 } 160 161 addr = qio_channel_socket_get_local_address(ioc, errp); 162 if (!addr) { 163 return; 164 } 165 166 vnc_init_basic_info(addr, info, errp); 167 qapi_free_SocketAddress(addr); 168 } 169 170 static void vnc_init_basic_info_from_remote_addr(QIOChannelSocket *ioc, 171 VncBasicInfo *info, 172 Error **errp) 173 { 174 SocketAddress *addr = NULL; 175 176 addr = qio_channel_socket_get_remote_address(ioc, errp); 177 if (!addr) { 178 return; 179 } 180 181 vnc_init_basic_info(addr, info, errp); 182 qapi_free_SocketAddress(addr); 183 } 184 185 static const char *vnc_auth_name(VncDisplay *vd) { 186 switch (vd->auth) { 187 case VNC_AUTH_INVALID: 188 return "invalid"; 189 case VNC_AUTH_NONE: 190 return "none"; 191 case VNC_AUTH_VNC: 192 return "vnc"; 193 case VNC_AUTH_RA2: 194 return "ra2"; 195 case VNC_AUTH_RA2NE: 196 return "ra2ne"; 197 case VNC_AUTH_TIGHT: 198 return "tight"; 199 case VNC_AUTH_ULTRA: 200 return "ultra"; 201 case VNC_AUTH_TLS: 202 return "tls"; 203 case VNC_AUTH_VENCRYPT: 204 switch (vd->subauth) { 205 case VNC_AUTH_VENCRYPT_PLAIN: 206 return "vencrypt+plain"; 207 case VNC_AUTH_VENCRYPT_TLSNONE: 208 return "vencrypt+tls+none"; 209 case VNC_AUTH_VENCRYPT_TLSVNC: 210 return "vencrypt+tls+vnc"; 211 case VNC_AUTH_VENCRYPT_TLSPLAIN: 212 return "vencrypt+tls+plain"; 213 case VNC_AUTH_VENCRYPT_X509NONE: 214 return "vencrypt+x509+none"; 215 case VNC_AUTH_VENCRYPT_X509VNC: 216 return "vencrypt+x509+vnc"; 217 case VNC_AUTH_VENCRYPT_X509PLAIN: 218 return "vencrypt+x509+plain"; 219 case VNC_AUTH_VENCRYPT_TLSSASL: 220 return "vencrypt+tls+sasl"; 221 case VNC_AUTH_VENCRYPT_X509SASL: 222 return "vencrypt+x509+sasl"; 223 default: 224 return "vencrypt"; 225 } 226 case VNC_AUTH_SASL: 227 return "sasl"; 228 } 229 return "unknown"; 230 } 231 232 static VncServerInfo *vnc_server_info_get(VncDisplay *vd) 233 { 234 VncServerInfo *info; 235 Error *err = NULL; 236 237 if (!vd->listener || !vd->listener->nsioc) { 238 return NULL; 239 } 240 241 info = g_malloc0(sizeof(*info)); 242 vnc_init_basic_info_from_server_addr(vd->listener->sioc[0], 243 qapi_VncServerInfo_base(info), &err); 244 info->has_auth = true; 245 info->auth = g_strdup(vnc_auth_name(vd)); 246 if (err) { 247 qapi_free_VncServerInfo(info); 248 info = NULL; 249 error_free(err); 250 } 251 return info; 252 } 253 254 static void vnc_client_cache_auth(VncState *client) 255 { 256 if (!client->info) { 257 return; 258 } 259 260 if (client->tls) { 261 client->info->x509_dname = 262 qcrypto_tls_session_get_peer_name(client->tls); 263 client->info->has_x509_dname = 264 client->info->x509_dname != NULL; 265 } 266 #ifdef CONFIG_VNC_SASL 267 if (client->sasl.conn && 268 client->sasl.username) { 269 client->info->has_sasl_username = true; 270 client->info->sasl_username = g_strdup(client->sasl.username); 271 } 272 #endif 273 } 274 275 static void vnc_client_cache_addr(VncState *client) 276 { 277 Error *err = NULL; 278 279 client->info = g_malloc0(sizeof(*client->info)); 280 vnc_init_basic_info_from_remote_addr(client->sioc, 281 qapi_VncClientInfo_base(client->info), 282 &err); 283 client->info->websocket = client->websocket; 284 if (err) { 285 qapi_free_VncClientInfo(client->info); 286 client->info = NULL; 287 error_free(err); 288 } 289 } 290 291 static void vnc_qmp_event(VncState *vs, QAPIEvent event) 292 { 293 VncServerInfo *si; 294 295 if (!vs->info) { 296 return; 297 } 298 299 si = vnc_server_info_get(vs->vd); 300 if (!si) { 301 return; 302 } 303 304 switch (event) { 305 case QAPI_EVENT_VNC_CONNECTED: 306 qapi_event_send_vnc_connected(si, qapi_VncClientInfo_base(vs->info)); 307 break; 308 case QAPI_EVENT_VNC_INITIALIZED: 309 qapi_event_send_vnc_initialized(si, vs->info); 310 break; 311 case QAPI_EVENT_VNC_DISCONNECTED: 312 qapi_event_send_vnc_disconnected(si, vs->info); 313 break; 314 default: 315 break; 316 } 317 318 qapi_free_VncServerInfo(si); 319 } 320 321 static VncClientInfo *qmp_query_vnc_client(const VncState *client) 322 { 323 VncClientInfo *info; 324 Error *err = NULL; 325 326 info = g_malloc0(sizeof(*info)); 327 328 vnc_init_basic_info_from_remote_addr(client->sioc, 329 qapi_VncClientInfo_base(info), 330 &err); 331 if (err) { 332 error_free(err); 333 qapi_free_VncClientInfo(info); 334 return NULL; 335 } 336 337 info->websocket = client->websocket; 338 339 if (client->tls) { 340 info->x509_dname = qcrypto_tls_session_get_peer_name(client->tls); 341 info->has_x509_dname = info->x509_dname != NULL; 342 } 343 #ifdef CONFIG_VNC_SASL 344 if (client->sasl.conn && client->sasl.username) { 345 info->has_sasl_username = true; 346 info->sasl_username = g_strdup(client->sasl.username); 347 } 348 #endif 349 350 return info; 351 } 352 353 static VncDisplay *vnc_display_find(const char *id) 354 { 355 VncDisplay *vd; 356 357 if (id == NULL) { 358 return QTAILQ_FIRST(&vnc_displays); 359 } 360 QTAILQ_FOREACH(vd, &vnc_displays, next) { 361 if (strcmp(id, vd->id) == 0) { 362 return vd; 363 } 364 } 365 return NULL; 366 } 367 368 static VncClientInfoList *qmp_query_client_list(VncDisplay *vd) 369 { 370 VncClientInfoList *prev = NULL; 371 VncState *client; 372 373 QTAILQ_FOREACH(client, &vd->clients, next) { 374 QAPI_LIST_PREPEND(prev, qmp_query_vnc_client(client)); 375 } 376 return prev; 377 } 378 379 VncInfo *qmp_query_vnc(Error **errp) 380 { 381 VncInfo *info = g_malloc0(sizeof(*info)); 382 VncDisplay *vd = vnc_display_find(NULL); 383 SocketAddress *addr = NULL; 384 385 if (vd == NULL || !vd->listener || !vd->listener->nsioc) { 386 info->enabled = false; 387 } else { 388 info->enabled = true; 389 390 /* for compatibility with the original command */ 391 info->has_clients = true; 392 info->clients = qmp_query_client_list(vd); 393 394 addr = qio_channel_socket_get_local_address(vd->listener->sioc[0], 395 errp); 396 if (!addr) { 397 goto out_error; 398 } 399 400 switch (addr->type) { 401 case SOCKET_ADDRESS_TYPE_INET: 402 info->host = g_strdup(addr->u.inet.host); 403 info->service = g_strdup(addr->u.inet.port); 404 if (addr->u.inet.ipv6) { 405 info->family = NETWORK_ADDRESS_FAMILY_IPV6; 406 } else { 407 info->family = NETWORK_ADDRESS_FAMILY_IPV4; 408 } 409 break; 410 411 case SOCKET_ADDRESS_TYPE_UNIX: 412 info->host = g_strdup(""); 413 info->service = g_strdup(addr->u.q_unix.path); 414 info->family = NETWORK_ADDRESS_FAMILY_UNIX; 415 break; 416 417 case SOCKET_ADDRESS_TYPE_VSOCK: 418 case SOCKET_ADDRESS_TYPE_FD: 419 error_setg(errp, "Unsupported socket address type %s", 420 SocketAddressType_str(addr->type)); 421 goto out_error; 422 default: 423 abort(); 424 } 425 426 info->has_host = true; 427 info->has_service = true; 428 info->has_family = true; 429 430 info->has_auth = true; 431 info->auth = g_strdup(vnc_auth_name(vd)); 432 } 433 434 qapi_free_SocketAddress(addr); 435 return info; 436 437 out_error: 438 qapi_free_SocketAddress(addr); 439 qapi_free_VncInfo(info); 440 return NULL; 441 } 442 443 444 static void qmp_query_auth(int auth, int subauth, 445 VncPrimaryAuth *qmp_auth, 446 VncVencryptSubAuth *qmp_vencrypt, 447 bool *qmp_has_vencrypt); 448 449 static VncServerInfo2List *qmp_query_server_entry(QIOChannelSocket *ioc, 450 bool websocket, 451 int auth, 452 int subauth, 453 VncServerInfo2List *prev) 454 { 455 VncServerInfo2 *info; 456 Error *err = NULL; 457 SocketAddress *addr; 458 459 addr = qio_channel_socket_get_local_address(ioc, NULL); 460 if (!addr) { 461 return prev; 462 } 463 464 info = g_new0(VncServerInfo2, 1); 465 vnc_init_basic_info(addr, qapi_VncServerInfo2_base(info), &err); 466 qapi_free_SocketAddress(addr); 467 if (err) { 468 qapi_free_VncServerInfo2(info); 469 error_free(err); 470 return prev; 471 } 472 info->websocket = websocket; 473 474 qmp_query_auth(auth, subauth, &info->auth, 475 &info->vencrypt, &info->has_vencrypt); 476 477 QAPI_LIST_PREPEND(prev, info); 478 return prev; 479 } 480 481 static void qmp_query_auth(int auth, int subauth, 482 VncPrimaryAuth *qmp_auth, 483 VncVencryptSubAuth *qmp_vencrypt, 484 bool *qmp_has_vencrypt) 485 { 486 switch (auth) { 487 case VNC_AUTH_VNC: 488 *qmp_auth = VNC_PRIMARY_AUTH_VNC; 489 break; 490 case VNC_AUTH_RA2: 491 *qmp_auth = VNC_PRIMARY_AUTH_RA2; 492 break; 493 case VNC_AUTH_RA2NE: 494 *qmp_auth = VNC_PRIMARY_AUTH_RA2NE; 495 break; 496 case VNC_AUTH_TIGHT: 497 *qmp_auth = VNC_PRIMARY_AUTH_TIGHT; 498 break; 499 case VNC_AUTH_ULTRA: 500 *qmp_auth = VNC_PRIMARY_AUTH_ULTRA; 501 break; 502 case VNC_AUTH_TLS: 503 *qmp_auth = VNC_PRIMARY_AUTH_TLS; 504 break; 505 case VNC_AUTH_VENCRYPT: 506 *qmp_auth = VNC_PRIMARY_AUTH_VENCRYPT; 507 *qmp_has_vencrypt = true; 508 switch (subauth) { 509 case VNC_AUTH_VENCRYPT_PLAIN: 510 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_PLAIN; 511 break; 512 case VNC_AUTH_VENCRYPT_TLSNONE: 513 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_NONE; 514 break; 515 case VNC_AUTH_VENCRYPT_TLSVNC: 516 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_VNC; 517 break; 518 case VNC_AUTH_VENCRYPT_TLSPLAIN: 519 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_PLAIN; 520 break; 521 case VNC_AUTH_VENCRYPT_X509NONE: 522 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_NONE; 523 break; 524 case VNC_AUTH_VENCRYPT_X509VNC: 525 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_VNC; 526 break; 527 case VNC_AUTH_VENCRYPT_X509PLAIN: 528 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_PLAIN; 529 break; 530 case VNC_AUTH_VENCRYPT_TLSSASL: 531 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_SASL; 532 break; 533 case VNC_AUTH_VENCRYPT_X509SASL: 534 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_SASL; 535 break; 536 default: 537 *qmp_has_vencrypt = false; 538 break; 539 } 540 break; 541 case VNC_AUTH_SASL: 542 *qmp_auth = VNC_PRIMARY_AUTH_SASL; 543 break; 544 case VNC_AUTH_NONE: 545 default: 546 *qmp_auth = VNC_PRIMARY_AUTH_NONE; 547 break; 548 } 549 } 550 551 VncInfo2List *qmp_query_vnc_servers(Error **errp) 552 { 553 VncInfo2List *prev = NULL; 554 VncInfo2 *info; 555 VncDisplay *vd; 556 DeviceState *dev; 557 size_t i; 558 559 QTAILQ_FOREACH(vd, &vnc_displays, next) { 560 info = g_new0(VncInfo2, 1); 561 info->id = g_strdup(vd->id); 562 info->clients = qmp_query_client_list(vd); 563 qmp_query_auth(vd->auth, vd->subauth, &info->auth, 564 &info->vencrypt, &info->has_vencrypt); 565 if (vd->dcl.con) { 566 dev = DEVICE(object_property_get_link(OBJECT(vd->dcl.con), 567 "device", &error_abort)); 568 info->has_display = true; 569 info->display = g_strdup(dev->id); 570 } 571 for (i = 0; vd->listener != NULL && i < vd->listener->nsioc; i++) { 572 info->server = qmp_query_server_entry( 573 vd->listener->sioc[i], false, vd->auth, vd->subauth, 574 info->server); 575 } 576 for (i = 0; vd->wslistener != NULL && i < vd->wslistener->nsioc; i++) { 577 info->server = qmp_query_server_entry( 578 vd->wslistener->sioc[i], true, vd->ws_auth, 579 vd->ws_subauth, info->server); 580 } 581 582 QAPI_LIST_PREPEND(prev, info); 583 } 584 return prev; 585 } 586 587 /* TODO 588 1) Get the queue working for IO. 589 2) there is some weirdness when using the -S option (the screen is grey 590 and not totally invalidated 591 3) resolutions > 1024 592 */ 593 594 static int vnc_update_client(VncState *vs, int has_dirty); 595 static void vnc_disconnect_start(VncState *vs); 596 597 static void vnc_colordepth(VncState *vs); 598 static void framebuffer_update_request(VncState *vs, int incremental, 599 int x_position, int y_position, 600 int w, int h); 601 static void vnc_refresh(DisplayChangeListener *dcl); 602 static int vnc_refresh_server_surface(VncDisplay *vd); 603 604 static int vnc_width(VncDisplay *vd) 605 { 606 return MIN(VNC_MAX_WIDTH, ROUND_UP(surface_width(vd->ds), 607 VNC_DIRTY_PIXELS_PER_BIT)); 608 } 609 610 static int vnc_height(VncDisplay *vd) 611 { 612 return MIN(VNC_MAX_HEIGHT, surface_height(vd->ds)); 613 } 614 615 static void vnc_set_area_dirty(DECLARE_BITMAP(dirty[VNC_MAX_HEIGHT], 616 VNC_MAX_WIDTH / VNC_DIRTY_PIXELS_PER_BIT), 617 VncDisplay *vd, 618 int x, int y, int w, int h) 619 { 620 int width = vnc_width(vd); 621 int height = vnc_height(vd); 622 623 /* this is needed this to ensure we updated all affected 624 * blocks if x % VNC_DIRTY_PIXELS_PER_BIT != 0 */ 625 w += (x % VNC_DIRTY_PIXELS_PER_BIT); 626 x -= (x % VNC_DIRTY_PIXELS_PER_BIT); 627 628 x = MIN(x, width); 629 y = MIN(y, height); 630 w = MIN(x + w, width) - x; 631 h = MIN(y + h, height); 632 633 for (; y < h; y++) { 634 bitmap_set(dirty[y], x / VNC_DIRTY_PIXELS_PER_BIT, 635 DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT)); 636 } 637 } 638 639 static void vnc_dpy_update(DisplayChangeListener *dcl, 640 int x, int y, int w, int h) 641 { 642 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 643 struct VncSurface *s = &vd->guest; 644 645 vnc_set_area_dirty(s->dirty, vd, x, y, w, h); 646 } 647 648 void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h, 649 int32_t encoding) 650 { 651 vnc_write_u16(vs, x); 652 vnc_write_u16(vs, y); 653 vnc_write_u16(vs, w); 654 vnc_write_u16(vs, h); 655 656 vnc_write_s32(vs, encoding); 657 } 658 659 static void vnc_desktop_resize_ext(VncState *vs, int reject_reason) 660 { 661 vnc_lock_output(vs); 662 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 663 vnc_write_u8(vs, 0); 664 vnc_write_u16(vs, 1); /* number of rects */ 665 vnc_framebuffer_update(vs, 666 reject_reason ? 1 : 0, 667 reject_reason, 668 vs->client_width, vs->client_height, 669 VNC_ENCODING_DESKTOP_RESIZE_EXT); 670 vnc_write_u8(vs, 1); /* number of screens */ 671 vnc_write_u8(vs, 0); /* padding */ 672 vnc_write_u8(vs, 0); /* padding */ 673 vnc_write_u8(vs, 0); /* padding */ 674 vnc_write_u32(vs, 0); /* screen id */ 675 vnc_write_u16(vs, 0); /* screen x-pos */ 676 vnc_write_u16(vs, 0); /* screen y-pos */ 677 vnc_write_u16(vs, vs->client_width); 678 vnc_write_u16(vs, vs->client_height); 679 vnc_write_u32(vs, 0); /* screen flags */ 680 vnc_unlock_output(vs); 681 vnc_flush(vs); 682 } 683 684 static void vnc_desktop_resize(VncState *vs) 685 { 686 if (vs->ioc == NULL || (!vnc_has_feature(vs, VNC_FEATURE_RESIZE) && 687 !vnc_has_feature(vs, VNC_FEATURE_RESIZE_EXT))) { 688 return; 689 } 690 691 assert(pixman_image_get_width(vs->vd->server) < 65536 && 692 pixman_image_get_width(vs->vd->server) >= 0); 693 assert(pixman_image_get_height(vs->vd->server) < 65536 && 694 pixman_image_get_height(vs->vd->server) >= 0); 695 vs->client_width = pixman_image_get_width(vs->vd->server); 696 vs->client_height = pixman_image_get_height(vs->vd->server); 697 698 if (vnc_has_feature(vs, VNC_FEATURE_RESIZE_EXT)) { 699 vnc_desktop_resize_ext(vs, 0); 700 return; 701 } 702 703 vnc_lock_output(vs); 704 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 705 vnc_write_u8(vs, 0); 706 vnc_write_u16(vs, 1); /* number of rects */ 707 vnc_framebuffer_update(vs, 0, 0, vs->client_width, vs->client_height, 708 VNC_ENCODING_DESKTOPRESIZE); 709 vnc_unlock_output(vs); 710 vnc_flush(vs); 711 } 712 713 static void vnc_abort_display_jobs(VncDisplay *vd) 714 { 715 VncState *vs; 716 717 QTAILQ_FOREACH(vs, &vd->clients, next) { 718 vnc_lock_output(vs); 719 vs->abort = true; 720 vnc_unlock_output(vs); 721 } 722 QTAILQ_FOREACH(vs, &vd->clients, next) { 723 vnc_jobs_join(vs); 724 } 725 QTAILQ_FOREACH(vs, &vd->clients, next) { 726 vnc_lock_output(vs); 727 if (vs->update == VNC_STATE_UPDATE_NONE && 728 vs->job_update != VNC_STATE_UPDATE_NONE) { 729 /* job aborted before completion */ 730 vs->update = vs->job_update; 731 vs->job_update = VNC_STATE_UPDATE_NONE; 732 } 733 vs->abort = false; 734 vnc_unlock_output(vs); 735 } 736 } 737 738 int vnc_server_fb_stride(VncDisplay *vd) 739 { 740 return pixman_image_get_stride(vd->server); 741 } 742 743 void *vnc_server_fb_ptr(VncDisplay *vd, int x, int y) 744 { 745 uint8_t *ptr; 746 747 ptr = (uint8_t *)pixman_image_get_data(vd->server); 748 ptr += y * vnc_server_fb_stride(vd); 749 ptr += x * VNC_SERVER_FB_BYTES; 750 return ptr; 751 } 752 753 static void vnc_update_server_surface(VncDisplay *vd) 754 { 755 int width, height; 756 757 qemu_pixman_image_unref(vd->server); 758 vd->server = NULL; 759 760 if (QTAILQ_EMPTY(&vd->clients)) { 761 return; 762 } 763 764 width = vnc_width(vd); 765 height = vnc_height(vd); 766 vd->server = pixman_image_create_bits(VNC_SERVER_FB_FORMAT, 767 width, height, 768 NULL, 0); 769 770 memset(vd->guest.dirty, 0x00, sizeof(vd->guest.dirty)); 771 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0, 772 width, height); 773 } 774 775 static bool vnc_check_pageflip(DisplaySurface *s1, 776 DisplaySurface *s2) 777 { 778 return (s1 != NULL && 779 s2 != NULL && 780 surface_width(s1) == surface_width(s2) && 781 surface_height(s1) == surface_height(s2) && 782 surface_format(s1) == surface_format(s2)); 783 784 } 785 786 static void vnc_dpy_switch(DisplayChangeListener *dcl, 787 DisplaySurface *surface) 788 { 789 static const char placeholder_msg[] = 790 "Display output is not active."; 791 static DisplaySurface *placeholder; 792 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 793 bool pageflip = vnc_check_pageflip(vd->ds, surface); 794 VncState *vs; 795 796 if (surface == NULL) { 797 if (placeholder == NULL) { 798 placeholder = qemu_create_message_surface(640, 480, placeholder_msg); 799 } 800 surface = placeholder; 801 } 802 803 vnc_abort_display_jobs(vd); 804 vd->ds = surface; 805 806 /* guest surface */ 807 qemu_pixman_image_unref(vd->guest.fb); 808 vd->guest.fb = pixman_image_ref(surface->image); 809 vd->guest.format = surface->format; 810 811 if (pageflip) { 812 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0, 813 surface_width(surface), 814 surface_height(surface)); 815 return; 816 } 817 818 /* server surface */ 819 vnc_update_server_surface(vd); 820 821 QTAILQ_FOREACH(vs, &vd->clients, next) { 822 vnc_colordepth(vs); 823 vnc_desktop_resize(vs); 824 vnc_cursor_define(vs); 825 memset(vs->dirty, 0x00, sizeof(vs->dirty)); 826 vnc_set_area_dirty(vs->dirty, vd, 0, 0, 827 vnc_width(vd), 828 vnc_height(vd)); 829 vnc_update_throttle_offset(vs); 830 } 831 } 832 833 /* fastest code */ 834 static void vnc_write_pixels_copy(VncState *vs, 835 void *pixels, int size) 836 { 837 vnc_write(vs, pixels, size); 838 } 839 840 /* slowest but generic code. */ 841 void vnc_convert_pixel(VncState *vs, uint8_t *buf, uint32_t v) 842 { 843 uint8_t r, g, b; 844 845 #if VNC_SERVER_FB_FORMAT == PIXMAN_FORMAT(32, PIXMAN_TYPE_ARGB, 0, 8, 8, 8) 846 r = (((v & 0x00ff0000) >> 16) << vs->client_pf.rbits) >> 8; 847 g = (((v & 0x0000ff00) >> 8) << vs->client_pf.gbits) >> 8; 848 b = (((v & 0x000000ff) >> 0) << vs->client_pf.bbits) >> 8; 849 #else 850 # error need some bits here if you change VNC_SERVER_FB_FORMAT 851 #endif 852 v = (r << vs->client_pf.rshift) | 853 (g << vs->client_pf.gshift) | 854 (b << vs->client_pf.bshift); 855 switch (vs->client_pf.bytes_per_pixel) { 856 case 1: 857 buf[0] = v; 858 break; 859 case 2: 860 if (vs->client_be) { 861 buf[0] = v >> 8; 862 buf[1] = v; 863 } else { 864 buf[1] = v >> 8; 865 buf[0] = v; 866 } 867 break; 868 default: 869 case 4: 870 if (vs->client_be) { 871 buf[0] = v >> 24; 872 buf[1] = v >> 16; 873 buf[2] = v >> 8; 874 buf[3] = v; 875 } else { 876 buf[3] = v >> 24; 877 buf[2] = v >> 16; 878 buf[1] = v >> 8; 879 buf[0] = v; 880 } 881 break; 882 } 883 } 884 885 static void vnc_write_pixels_generic(VncState *vs, 886 void *pixels1, int size) 887 { 888 uint8_t buf[4]; 889 890 if (VNC_SERVER_FB_BYTES == 4) { 891 uint32_t *pixels = pixels1; 892 int n, i; 893 n = size >> 2; 894 for (i = 0; i < n; i++) { 895 vnc_convert_pixel(vs, buf, pixels[i]); 896 vnc_write(vs, buf, vs->client_pf.bytes_per_pixel); 897 } 898 } 899 } 900 901 int vnc_raw_send_framebuffer_update(VncState *vs, int x, int y, int w, int h) 902 { 903 int i; 904 uint8_t *row; 905 VncDisplay *vd = vs->vd; 906 907 row = vnc_server_fb_ptr(vd, x, y); 908 for (i = 0; i < h; i++) { 909 vs->write_pixels(vs, row, w * VNC_SERVER_FB_BYTES); 910 row += vnc_server_fb_stride(vd); 911 } 912 return 1; 913 } 914 915 int vnc_send_framebuffer_update(VncState *vs, int x, int y, int w, int h) 916 { 917 int n = 0; 918 919 switch(vs->vnc_encoding) { 920 case VNC_ENCODING_ZLIB: 921 n = vnc_zlib_send_framebuffer_update(vs, x, y, w, h); 922 break; 923 case VNC_ENCODING_HEXTILE: 924 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_HEXTILE); 925 n = vnc_hextile_send_framebuffer_update(vs, x, y, w, h); 926 break; 927 case VNC_ENCODING_TIGHT: 928 n = vnc_tight_send_framebuffer_update(vs, x, y, w, h); 929 break; 930 case VNC_ENCODING_TIGHT_PNG: 931 n = vnc_tight_png_send_framebuffer_update(vs, x, y, w, h); 932 break; 933 case VNC_ENCODING_ZRLE: 934 n = vnc_zrle_send_framebuffer_update(vs, x, y, w, h); 935 break; 936 case VNC_ENCODING_ZYWRLE: 937 n = vnc_zywrle_send_framebuffer_update(vs, x, y, w, h); 938 break; 939 default: 940 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_RAW); 941 n = vnc_raw_send_framebuffer_update(vs, x, y, w, h); 942 break; 943 } 944 return n; 945 } 946 947 static void vnc_mouse_set(DisplayChangeListener *dcl, 948 int x, int y, int visible) 949 { 950 /* can we ask the client(s) to move the pointer ??? */ 951 } 952 953 static int vnc_cursor_define(VncState *vs) 954 { 955 QEMUCursor *c = vs->vd->cursor; 956 int isize; 957 958 if (!vs->vd->cursor) { 959 return -1; 960 } 961 962 if (vnc_has_feature(vs, VNC_FEATURE_ALPHA_CURSOR)) { 963 vnc_lock_output(vs); 964 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 965 vnc_write_u8(vs, 0); /* padding */ 966 vnc_write_u16(vs, 1); /* # of rects */ 967 vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height, 968 VNC_ENCODING_ALPHA_CURSOR); 969 vnc_write_s32(vs, VNC_ENCODING_RAW); 970 vnc_write(vs, c->data, c->width * c->height * 4); 971 vnc_unlock_output(vs); 972 return 0; 973 } 974 if (vnc_has_feature(vs, VNC_FEATURE_RICH_CURSOR)) { 975 vnc_lock_output(vs); 976 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 977 vnc_write_u8(vs, 0); /* padding */ 978 vnc_write_u16(vs, 1); /* # of rects */ 979 vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height, 980 VNC_ENCODING_RICH_CURSOR); 981 isize = c->width * c->height * vs->client_pf.bytes_per_pixel; 982 vnc_write_pixels_generic(vs, c->data, isize); 983 vnc_write(vs, vs->vd->cursor_mask, vs->vd->cursor_msize); 984 vnc_unlock_output(vs); 985 return 0; 986 } 987 return -1; 988 } 989 990 static void vnc_dpy_cursor_define(DisplayChangeListener *dcl, 991 QEMUCursor *c) 992 { 993 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 994 VncState *vs; 995 996 cursor_put(vd->cursor); 997 g_free(vd->cursor_mask); 998 999 vd->cursor = c; 1000 cursor_get(vd->cursor); 1001 vd->cursor_msize = cursor_get_mono_bpl(c) * c->height; 1002 vd->cursor_mask = g_malloc0(vd->cursor_msize); 1003 cursor_get_mono_mask(c, 0, vd->cursor_mask); 1004 1005 QTAILQ_FOREACH(vs, &vd->clients, next) { 1006 vnc_cursor_define(vs); 1007 } 1008 } 1009 1010 static int find_and_clear_dirty_height(VncState *vs, 1011 int y, int last_x, int x, int height) 1012 { 1013 int h; 1014 1015 for (h = 1; h < (height - y); h++) { 1016 if (!test_bit(last_x, vs->dirty[y + h])) { 1017 break; 1018 } 1019 bitmap_clear(vs->dirty[y + h], last_x, x - last_x); 1020 } 1021 1022 return h; 1023 } 1024 1025 /* 1026 * Figure out how much pending data we should allow in the output 1027 * buffer before we throttle incremental display updates, and/or 1028 * drop audio samples. 1029 * 1030 * We allow for equiv of 1 full display's worth of FB updates, 1031 * and 1 second of audio samples. If audio backlog was larger 1032 * than that the client would already suffering awful audio 1033 * glitches, so dropping samples is no worse really). 1034 */ 1035 static void vnc_update_throttle_offset(VncState *vs) 1036 { 1037 size_t offset = 1038 vs->client_width * vs->client_height * vs->client_pf.bytes_per_pixel; 1039 1040 if (vs->audio_cap) { 1041 int bps; 1042 switch (vs->as.fmt) { 1043 default: 1044 case AUDIO_FORMAT_U8: 1045 case AUDIO_FORMAT_S8: 1046 bps = 1; 1047 break; 1048 case AUDIO_FORMAT_U16: 1049 case AUDIO_FORMAT_S16: 1050 bps = 2; 1051 break; 1052 case AUDIO_FORMAT_U32: 1053 case AUDIO_FORMAT_S32: 1054 bps = 4; 1055 break; 1056 } 1057 offset += vs->as.freq * bps * vs->as.nchannels; 1058 } 1059 1060 /* Put a floor of 1MB on offset, so that if we have a large pending 1061 * buffer and the display is resized to a small size & back again 1062 * we don't suddenly apply a tiny send limit 1063 */ 1064 offset = MAX(offset, 1024 * 1024); 1065 1066 if (vs->throttle_output_offset != offset) { 1067 trace_vnc_client_throttle_threshold( 1068 vs, vs->ioc, vs->throttle_output_offset, offset, vs->client_width, 1069 vs->client_height, vs->client_pf.bytes_per_pixel, vs->audio_cap); 1070 } 1071 1072 vs->throttle_output_offset = offset; 1073 } 1074 1075 static bool vnc_should_update(VncState *vs) 1076 { 1077 switch (vs->update) { 1078 case VNC_STATE_UPDATE_NONE: 1079 break; 1080 case VNC_STATE_UPDATE_INCREMENTAL: 1081 /* Only allow incremental updates if the pending send queue 1082 * is less than the permitted threshold, and the job worker 1083 * is completely idle. 1084 */ 1085 if (vs->output.offset < vs->throttle_output_offset && 1086 vs->job_update == VNC_STATE_UPDATE_NONE) { 1087 return true; 1088 } 1089 trace_vnc_client_throttle_incremental( 1090 vs, vs->ioc, vs->job_update, vs->output.offset); 1091 break; 1092 case VNC_STATE_UPDATE_FORCE: 1093 /* Only allow forced updates if the pending send queue 1094 * does not contain a previous forced update, and the 1095 * job worker is completely idle. 1096 * 1097 * Note this means we'll queue a forced update, even if 1098 * the output buffer size is otherwise over the throttle 1099 * output limit. 1100 */ 1101 if (vs->force_update_offset == 0 && 1102 vs->job_update == VNC_STATE_UPDATE_NONE) { 1103 return true; 1104 } 1105 trace_vnc_client_throttle_forced( 1106 vs, vs->ioc, vs->job_update, vs->force_update_offset); 1107 break; 1108 } 1109 return false; 1110 } 1111 1112 static int vnc_update_client(VncState *vs, int has_dirty) 1113 { 1114 VncDisplay *vd = vs->vd; 1115 VncJob *job; 1116 int y; 1117 int height, width; 1118 int n = 0; 1119 1120 if (vs->disconnecting) { 1121 vnc_disconnect_finish(vs); 1122 return 0; 1123 } 1124 1125 vs->has_dirty += has_dirty; 1126 if (!vnc_should_update(vs)) { 1127 return 0; 1128 } 1129 1130 if (!vs->has_dirty && vs->update != VNC_STATE_UPDATE_FORCE) { 1131 return 0; 1132 } 1133 1134 /* 1135 * Send screen updates to the vnc client using the server 1136 * surface and server dirty map. guest surface updates 1137 * happening in parallel don't disturb us, the next pass will 1138 * send them to the client. 1139 */ 1140 job = vnc_job_new(vs); 1141 1142 height = pixman_image_get_height(vd->server); 1143 width = pixman_image_get_width(vd->server); 1144 1145 y = 0; 1146 for (;;) { 1147 int x, h; 1148 unsigned long x2; 1149 unsigned long offset = find_next_bit((unsigned long *) &vs->dirty, 1150 height * VNC_DIRTY_BPL(vs), 1151 y * VNC_DIRTY_BPL(vs)); 1152 if (offset == height * VNC_DIRTY_BPL(vs)) { 1153 /* no more dirty bits */ 1154 break; 1155 } 1156 y = offset / VNC_DIRTY_BPL(vs); 1157 x = offset % VNC_DIRTY_BPL(vs); 1158 x2 = find_next_zero_bit((unsigned long *) &vs->dirty[y], 1159 VNC_DIRTY_BPL(vs), x); 1160 bitmap_clear(vs->dirty[y], x, x2 - x); 1161 h = find_and_clear_dirty_height(vs, y, x, x2, height); 1162 x2 = MIN(x2, width / VNC_DIRTY_PIXELS_PER_BIT); 1163 if (x2 > x) { 1164 n += vnc_job_add_rect(job, x * VNC_DIRTY_PIXELS_PER_BIT, y, 1165 (x2 - x) * VNC_DIRTY_PIXELS_PER_BIT, h); 1166 } 1167 if (!x && x2 == width / VNC_DIRTY_PIXELS_PER_BIT) { 1168 y += h; 1169 if (y == height) { 1170 break; 1171 } 1172 } 1173 } 1174 1175 vs->job_update = vs->update; 1176 vs->update = VNC_STATE_UPDATE_NONE; 1177 vnc_job_push(job); 1178 vs->has_dirty = 0; 1179 return n; 1180 } 1181 1182 /* audio */ 1183 static void audio_capture_notify(void *opaque, audcnotification_e cmd) 1184 { 1185 VncState *vs = opaque; 1186 1187 assert(vs->magic == VNC_MAGIC); 1188 switch (cmd) { 1189 case AUD_CNOTIFY_DISABLE: 1190 vnc_lock_output(vs); 1191 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1192 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1193 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_END); 1194 vnc_unlock_output(vs); 1195 vnc_flush(vs); 1196 break; 1197 1198 case AUD_CNOTIFY_ENABLE: 1199 vnc_lock_output(vs); 1200 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1201 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1202 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_BEGIN); 1203 vnc_unlock_output(vs); 1204 vnc_flush(vs); 1205 break; 1206 } 1207 } 1208 1209 static void audio_capture_destroy(void *opaque) 1210 { 1211 } 1212 1213 static void audio_capture(void *opaque, const void *buf, int size) 1214 { 1215 VncState *vs = opaque; 1216 1217 assert(vs->magic == VNC_MAGIC); 1218 vnc_lock_output(vs); 1219 if (vs->output.offset < vs->throttle_output_offset) { 1220 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1221 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1222 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA); 1223 vnc_write_u32(vs, size); 1224 vnc_write(vs, buf, size); 1225 } else { 1226 trace_vnc_client_throttle_audio(vs, vs->ioc, vs->output.offset); 1227 } 1228 vnc_unlock_output(vs); 1229 vnc_flush(vs); 1230 } 1231 1232 static void audio_add(VncState *vs) 1233 { 1234 struct audio_capture_ops ops; 1235 1236 if (vs->audio_cap) { 1237 error_report("audio already running"); 1238 return; 1239 } 1240 1241 ops.notify = audio_capture_notify; 1242 ops.destroy = audio_capture_destroy; 1243 ops.capture = audio_capture; 1244 1245 vs->audio_cap = AUD_add_capture(vs->vd->audio_state, &vs->as, &ops, vs); 1246 if (!vs->audio_cap) { 1247 error_report("Failed to add audio capture"); 1248 } 1249 } 1250 1251 static void audio_del(VncState *vs) 1252 { 1253 if (vs->audio_cap) { 1254 AUD_del_capture(vs->audio_cap, vs); 1255 vs->audio_cap = NULL; 1256 } 1257 } 1258 1259 static void vnc_disconnect_start(VncState *vs) 1260 { 1261 if (vs->disconnecting) { 1262 return; 1263 } 1264 trace_vnc_client_disconnect_start(vs, vs->ioc); 1265 vnc_set_share_mode(vs, VNC_SHARE_MODE_DISCONNECTED); 1266 if (vs->ioc_tag) { 1267 g_source_remove(vs->ioc_tag); 1268 vs->ioc_tag = 0; 1269 } 1270 qio_channel_close(vs->ioc, NULL); 1271 vs->disconnecting = TRUE; 1272 } 1273 1274 void vnc_disconnect_finish(VncState *vs) 1275 { 1276 int i; 1277 1278 trace_vnc_client_disconnect_finish(vs, vs->ioc); 1279 1280 vnc_jobs_join(vs); /* Wait encoding jobs */ 1281 1282 vnc_lock_output(vs); 1283 vnc_qmp_event(vs, QAPI_EVENT_VNC_DISCONNECTED); 1284 1285 buffer_free(&vs->input); 1286 buffer_free(&vs->output); 1287 1288 qapi_free_VncClientInfo(vs->info); 1289 1290 vnc_zlib_clear(vs); 1291 vnc_tight_clear(vs); 1292 vnc_zrle_clear(vs); 1293 1294 #ifdef CONFIG_VNC_SASL 1295 vnc_sasl_client_cleanup(vs); 1296 #endif /* CONFIG_VNC_SASL */ 1297 audio_del(vs); 1298 qkbd_state_lift_all_keys(vs->vd->kbd); 1299 1300 if (vs->mouse_mode_notifier.notify != NULL) { 1301 qemu_remove_mouse_mode_change_notifier(&vs->mouse_mode_notifier); 1302 } 1303 QTAILQ_REMOVE(&vs->vd->clients, vs, next); 1304 if (QTAILQ_EMPTY(&vs->vd->clients)) { 1305 /* last client gone */ 1306 vnc_update_server_surface(vs->vd); 1307 } 1308 1309 vnc_unlock_output(vs); 1310 1311 qemu_mutex_destroy(&vs->output_mutex); 1312 if (vs->bh != NULL) { 1313 qemu_bh_delete(vs->bh); 1314 } 1315 buffer_free(&vs->jobs_buffer); 1316 1317 for (i = 0; i < VNC_STAT_ROWS; ++i) { 1318 g_free(vs->lossy_rect[i]); 1319 } 1320 g_free(vs->lossy_rect); 1321 1322 object_unref(OBJECT(vs->ioc)); 1323 vs->ioc = NULL; 1324 object_unref(OBJECT(vs->sioc)); 1325 vs->sioc = NULL; 1326 vs->magic = 0; 1327 g_free(vs->zrle); 1328 g_free(vs->tight); 1329 g_free(vs); 1330 } 1331 1332 size_t vnc_client_io_error(VncState *vs, ssize_t ret, Error *err) 1333 { 1334 if (ret <= 0) { 1335 if (ret == 0) { 1336 trace_vnc_client_eof(vs, vs->ioc); 1337 vnc_disconnect_start(vs); 1338 } else if (ret != QIO_CHANNEL_ERR_BLOCK) { 1339 trace_vnc_client_io_error(vs, vs->ioc, 1340 err ? error_get_pretty(err) : "Unknown"); 1341 vnc_disconnect_start(vs); 1342 } 1343 1344 error_free(err); 1345 return 0; 1346 } 1347 return ret; 1348 } 1349 1350 1351 void vnc_client_error(VncState *vs) 1352 { 1353 VNC_DEBUG("Closing down client sock: protocol error\n"); 1354 vnc_disconnect_start(vs); 1355 } 1356 1357 1358 /* 1359 * Called to write a chunk of data to the client socket. The data may 1360 * be the raw data, or may have already been encoded by SASL. 1361 * The data will be written either straight onto the socket, or 1362 * written via the GNUTLS wrappers, if TLS/SSL encryption is enabled 1363 * 1364 * NB, it is theoretically possible to have 2 layers of encryption, 1365 * both SASL, and this TLS layer. It is highly unlikely in practice 1366 * though, since SASL encryption will typically be a no-op if TLS 1367 * is active 1368 * 1369 * Returns the number of bytes written, which may be less than 1370 * the requested 'datalen' if the socket would block. Returns 1371 * 0 on I/O error, and disconnects the client socket. 1372 */ 1373 size_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen) 1374 { 1375 Error *err = NULL; 1376 ssize_t ret; 1377 ret = qio_channel_write(vs->ioc, (const char *)data, datalen, &err); 1378 VNC_DEBUG("Wrote wire %p %zd -> %ld\n", data, datalen, ret); 1379 return vnc_client_io_error(vs, ret, err); 1380 } 1381 1382 1383 /* 1384 * Called to write buffered data to the client socket, when not 1385 * using any SASL SSF encryption layers. Will write as much data 1386 * as possible without blocking. If all buffered data is written, 1387 * will switch the FD poll() handler back to read monitoring. 1388 * 1389 * Returns the number of bytes written, which may be less than 1390 * the buffered output data if the socket would block. Returns 1391 * 0 on I/O error, and disconnects the client socket. 1392 */ 1393 static size_t vnc_client_write_plain(VncState *vs) 1394 { 1395 size_t offset; 1396 size_t ret; 1397 1398 #ifdef CONFIG_VNC_SASL 1399 VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SSF %d\n", 1400 vs->output.buffer, vs->output.capacity, vs->output.offset, 1401 vs->sasl.waitWriteSSF); 1402 1403 if (vs->sasl.conn && 1404 vs->sasl.runSSF && 1405 vs->sasl.waitWriteSSF) { 1406 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->sasl.waitWriteSSF); 1407 if (ret) 1408 vs->sasl.waitWriteSSF -= ret; 1409 } else 1410 #endif /* CONFIG_VNC_SASL */ 1411 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->output.offset); 1412 if (!ret) 1413 return 0; 1414 1415 if (ret >= vs->force_update_offset) { 1416 if (vs->force_update_offset != 0) { 1417 trace_vnc_client_unthrottle_forced(vs, vs->ioc); 1418 } 1419 vs->force_update_offset = 0; 1420 } else { 1421 vs->force_update_offset -= ret; 1422 } 1423 offset = vs->output.offset; 1424 buffer_advance(&vs->output, ret); 1425 if (offset >= vs->throttle_output_offset && 1426 vs->output.offset < vs->throttle_output_offset) { 1427 trace_vnc_client_unthrottle_incremental(vs, vs->ioc, vs->output.offset); 1428 } 1429 1430 if (vs->output.offset == 0) { 1431 if (vs->ioc_tag) { 1432 g_source_remove(vs->ioc_tag); 1433 } 1434 vs->ioc_tag = qio_channel_add_watch( 1435 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR, 1436 vnc_client_io, vs, NULL); 1437 } 1438 1439 return ret; 1440 } 1441 1442 1443 /* 1444 * First function called whenever there is data to be written to 1445 * the client socket. Will delegate actual work according to whether 1446 * SASL SSF layers are enabled (thus requiring encryption calls) 1447 */ 1448 static void vnc_client_write_locked(VncState *vs) 1449 { 1450 #ifdef CONFIG_VNC_SASL 1451 if (vs->sasl.conn && 1452 vs->sasl.runSSF && 1453 !vs->sasl.waitWriteSSF) { 1454 vnc_client_write_sasl(vs); 1455 } else 1456 #endif /* CONFIG_VNC_SASL */ 1457 { 1458 vnc_client_write_plain(vs); 1459 } 1460 } 1461 1462 static void vnc_client_write(VncState *vs) 1463 { 1464 assert(vs->magic == VNC_MAGIC); 1465 vnc_lock_output(vs); 1466 if (vs->output.offset) { 1467 vnc_client_write_locked(vs); 1468 } else if (vs->ioc != NULL) { 1469 if (vs->ioc_tag) { 1470 g_source_remove(vs->ioc_tag); 1471 } 1472 vs->ioc_tag = qio_channel_add_watch( 1473 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR, 1474 vnc_client_io, vs, NULL); 1475 } 1476 vnc_unlock_output(vs); 1477 } 1478 1479 void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting) 1480 { 1481 vs->read_handler = func; 1482 vs->read_handler_expect = expecting; 1483 } 1484 1485 1486 /* 1487 * Called to read a chunk of data from the client socket. The data may 1488 * be the raw data, or may need to be further decoded by SASL. 1489 * The data will be read either straight from to the socket, or 1490 * read via the GNUTLS wrappers, if TLS/SSL encryption is enabled 1491 * 1492 * NB, it is theoretically possible to have 2 layers of encryption, 1493 * both SASL, and this TLS layer. It is highly unlikely in practice 1494 * though, since SASL encryption will typically be a no-op if TLS 1495 * is active 1496 * 1497 * Returns the number of bytes read, which may be less than 1498 * the requested 'datalen' if the socket would block. Returns 1499 * 0 on I/O error or EOF, and disconnects the client socket. 1500 */ 1501 size_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen) 1502 { 1503 ssize_t ret; 1504 Error *err = NULL; 1505 ret = qio_channel_read(vs->ioc, (char *)data, datalen, &err); 1506 VNC_DEBUG("Read wire %p %zd -> %ld\n", data, datalen, ret); 1507 return vnc_client_io_error(vs, ret, err); 1508 } 1509 1510 1511 /* 1512 * Called to read data from the client socket to the input buffer, 1513 * when not using any SASL SSF encryption layers. Will read as much 1514 * data as possible without blocking. 1515 * 1516 * Returns the number of bytes read, which may be less than 1517 * the requested 'datalen' if the socket would block. Returns 1518 * 0 on I/O error or EOF, and disconnects the client socket. 1519 */ 1520 static size_t vnc_client_read_plain(VncState *vs) 1521 { 1522 size_t ret; 1523 VNC_DEBUG("Read plain %p size %zd offset %zd\n", 1524 vs->input.buffer, vs->input.capacity, vs->input.offset); 1525 buffer_reserve(&vs->input, 4096); 1526 ret = vnc_client_read_buf(vs, buffer_end(&vs->input), 4096); 1527 if (!ret) 1528 return 0; 1529 vs->input.offset += ret; 1530 return ret; 1531 } 1532 1533 static void vnc_jobs_bh(void *opaque) 1534 { 1535 VncState *vs = opaque; 1536 1537 assert(vs->magic == VNC_MAGIC); 1538 vnc_jobs_consume_buffer(vs); 1539 } 1540 1541 /* 1542 * First function called whenever there is more data to be read from 1543 * the client socket. Will delegate actual work according to whether 1544 * SASL SSF layers are enabled (thus requiring decryption calls) 1545 * Returns 0 on success, -1 if client disconnected 1546 */ 1547 static int vnc_client_read(VncState *vs) 1548 { 1549 size_t ret; 1550 1551 #ifdef CONFIG_VNC_SASL 1552 if (vs->sasl.conn && vs->sasl.runSSF) 1553 ret = vnc_client_read_sasl(vs); 1554 else 1555 #endif /* CONFIG_VNC_SASL */ 1556 ret = vnc_client_read_plain(vs); 1557 if (!ret) { 1558 if (vs->disconnecting) { 1559 vnc_disconnect_finish(vs); 1560 return -1; 1561 } 1562 return 0; 1563 } 1564 1565 while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) { 1566 size_t len = vs->read_handler_expect; 1567 int ret; 1568 1569 ret = vs->read_handler(vs, vs->input.buffer, len); 1570 if (vs->disconnecting) { 1571 vnc_disconnect_finish(vs); 1572 return -1; 1573 } 1574 1575 if (!ret) { 1576 buffer_advance(&vs->input, len); 1577 } else { 1578 vs->read_handler_expect = ret; 1579 } 1580 } 1581 return 0; 1582 } 1583 1584 gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED, 1585 GIOCondition condition, void *opaque) 1586 { 1587 VncState *vs = opaque; 1588 1589 assert(vs->magic == VNC_MAGIC); 1590 1591 if (condition & (G_IO_HUP | G_IO_ERR)) { 1592 vnc_disconnect_start(vs); 1593 return TRUE; 1594 } 1595 1596 if (condition & G_IO_IN) { 1597 if (vnc_client_read(vs) < 0) { 1598 /* vs is free()ed here */ 1599 return TRUE; 1600 } 1601 } 1602 if (condition & G_IO_OUT) { 1603 vnc_client_write(vs); 1604 } 1605 1606 if (vs->disconnecting) { 1607 if (vs->ioc_tag != 0) { 1608 g_source_remove(vs->ioc_tag); 1609 } 1610 vs->ioc_tag = 0; 1611 } 1612 return TRUE; 1613 } 1614 1615 1616 /* 1617 * Scale factor to apply to vs->throttle_output_offset when checking for 1618 * hard limit. Worst case normal usage could be x2, if we have a complete 1619 * incremental update and complete forced update in the output buffer. 1620 * So x3 should be good enough, but we pick x5 to be conservative and thus 1621 * (hopefully) never trigger incorrectly. 1622 */ 1623 #define VNC_THROTTLE_OUTPUT_LIMIT_SCALE 5 1624 1625 void vnc_write(VncState *vs, const void *data, size_t len) 1626 { 1627 assert(vs->magic == VNC_MAGIC); 1628 if (vs->disconnecting) { 1629 return; 1630 } 1631 /* Protection against malicious client/guest to prevent our output 1632 * buffer growing without bound if client stops reading data. This 1633 * should rarely trigger, because we have earlier throttling code 1634 * which stops issuing framebuffer updates and drops audio data 1635 * if the throttle_output_offset value is exceeded. So we only reach 1636 * this higher level if a huge number of pseudo-encodings get 1637 * triggered while data can't be sent on the socket. 1638 * 1639 * NB throttle_output_offset can be zero during early protocol 1640 * handshake, or from the job thread's VncState clone 1641 */ 1642 if (vs->throttle_output_offset != 0 && 1643 (vs->output.offset / VNC_THROTTLE_OUTPUT_LIMIT_SCALE) > 1644 vs->throttle_output_offset) { 1645 trace_vnc_client_output_limit(vs, vs->ioc, vs->output.offset, 1646 vs->throttle_output_offset); 1647 vnc_disconnect_start(vs); 1648 return; 1649 } 1650 buffer_reserve(&vs->output, len); 1651 1652 if (vs->ioc != NULL && buffer_empty(&vs->output)) { 1653 if (vs->ioc_tag) { 1654 g_source_remove(vs->ioc_tag); 1655 } 1656 vs->ioc_tag = qio_channel_add_watch( 1657 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR | G_IO_OUT, 1658 vnc_client_io, vs, NULL); 1659 } 1660 1661 buffer_append(&vs->output, data, len); 1662 } 1663 1664 void vnc_write_s32(VncState *vs, int32_t value) 1665 { 1666 vnc_write_u32(vs, *(uint32_t *)&value); 1667 } 1668 1669 void vnc_write_u32(VncState *vs, uint32_t value) 1670 { 1671 uint8_t buf[4]; 1672 1673 buf[0] = (value >> 24) & 0xFF; 1674 buf[1] = (value >> 16) & 0xFF; 1675 buf[2] = (value >> 8) & 0xFF; 1676 buf[3] = value & 0xFF; 1677 1678 vnc_write(vs, buf, 4); 1679 } 1680 1681 void vnc_write_u16(VncState *vs, uint16_t value) 1682 { 1683 uint8_t buf[2]; 1684 1685 buf[0] = (value >> 8) & 0xFF; 1686 buf[1] = value & 0xFF; 1687 1688 vnc_write(vs, buf, 2); 1689 } 1690 1691 void vnc_write_u8(VncState *vs, uint8_t value) 1692 { 1693 vnc_write(vs, (char *)&value, 1); 1694 } 1695 1696 void vnc_flush(VncState *vs) 1697 { 1698 vnc_lock_output(vs); 1699 if (vs->ioc != NULL && vs->output.offset) { 1700 vnc_client_write_locked(vs); 1701 } 1702 if (vs->disconnecting) { 1703 if (vs->ioc_tag != 0) { 1704 g_source_remove(vs->ioc_tag); 1705 } 1706 vs->ioc_tag = 0; 1707 } 1708 vnc_unlock_output(vs); 1709 } 1710 1711 static uint8_t read_u8(uint8_t *data, size_t offset) 1712 { 1713 return data[offset]; 1714 } 1715 1716 static uint16_t read_u16(uint8_t *data, size_t offset) 1717 { 1718 return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF); 1719 } 1720 1721 static int32_t read_s32(uint8_t *data, size_t offset) 1722 { 1723 return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) | 1724 (data[offset + 2] << 8) | data[offset + 3]); 1725 } 1726 1727 uint32_t read_u32(uint8_t *data, size_t offset) 1728 { 1729 return ((data[offset] << 24) | (data[offset + 1] << 16) | 1730 (data[offset + 2] << 8) | data[offset + 3]); 1731 } 1732 1733 static void client_cut_text(VncState *vs, size_t len, uint8_t *text) 1734 { 1735 } 1736 1737 static void check_pointer_type_change(Notifier *notifier, void *data) 1738 { 1739 VncState *vs = container_of(notifier, VncState, mouse_mode_notifier); 1740 int absolute = qemu_input_is_absolute(); 1741 1742 if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE) && vs->absolute != absolute) { 1743 vnc_lock_output(vs); 1744 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 1745 vnc_write_u8(vs, 0); 1746 vnc_write_u16(vs, 1); 1747 vnc_framebuffer_update(vs, absolute, 0, 1748 pixman_image_get_width(vs->vd->server), 1749 pixman_image_get_height(vs->vd->server), 1750 VNC_ENCODING_POINTER_TYPE_CHANGE); 1751 vnc_unlock_output(vs); 1752 vnc_flush(vs); 1753 } 1754 vs->absolute = absolute; 1755 } 1756 1757 static void pointer_event(VncState *vs, int button_mask, int x, int y) 1758 { 1759 static uint32_t bmap[INPUT_BUTTON__MAX] = { 1760 [INPUT_BUTTON_LEFT] = 0x01, 1761 [INPUT_BUTTON_MIDDLE] = 0x02, 1762 [INPUT_BUTTON_RIGHT] = 0x04, 1763 [INPUT_BUTTON_WHEEL_UP] = 0x08, 1764 [INPUT_BUTTON_WHEEL_DOWN] = 0x10, 1765 }; 1766 QemuConsole *con = vs->vd->dcl.con; 1767 int width = pixman_image_get_width(vs->vd->server); 1768 int height = pixman_image_get_height(vs->vd->server); 1769 1770 if (vs->last_bmask != button_mask) { 1771 qemu_input_update_buttons(con, bmap, vs->last_bmask, button_mask); 1772 vs->last_bmask = button_mask; 1773 } 1774 1775 if (vs->absolute) { 1776 qemu_input_queue_abs(con, INPUT_AXIS_X, x, 0, width); 1777 qemu_input_queue_abs(con, INPUT_AXIS_Y, y, 0, height); 1778 } else if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE)) { 1779 qemu_input_queue_rel(con, INPUT_AXIS_X, x - 0x7FFF); 1780 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - 0x7FFF); 1781 } else { 1782 if (vs->last_x != -1) { 1783 qemu_input_queue_rel(con, INPUT_AXIS_X, x - vs->last_x); 1784 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - vs->last_y); 1785 } 1786 vs->last_x = x; 1787 vs->last_y = y; 1788 } 1789 qemu_input_event_sync(); 1790 } 1791 1792 static void press_key(VncState *vs, QKeyCode qcode) 1793 { 1794 qkbd_state_key_event(vs->vd->kbd, qcode, true); 1795 qkbd_state_key_event(vs->vd->kbd, qcode, false); 1796 } 1797 1798 static void vnc_led_state_change(VncState *vs) 1799 { 1800 if (!vnc_has_feature(vs, VNC_FEATURE_LED_STATE)) { 1801 return; 1802 } 1803 1804 vnc_lock_output(vs); 1805 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 1806 vnc_write_u8(vs, 0); 1807 vnc_write_u16(vs, 1); 1808 vnc_framebuffer_update(vs, 0, 0, 1, 1, VNC_ENCODING_LED_STATE); 1809 vnc_write_u8(vs, vs->vd->ledstate); 1810 vnc_unlock_output(vs); 1811 vnc_flush(vs); 1812 } 1813 1814 static void kbd_leds(void *opaque, int ledstate) 1815 { 1816 VncDisplay *vd = opaque; 1817 VncState *client; 1818 1819 trace_vnc_key_guest_leds((ledstate & QEMU_CAPS_LOCK_LED), 1820 (ledstate & QEMU_NUM_LOCK_LED), 1821 (ledstate & QEMU_SCROLL_LOCK_LED)); 1822 1823 if (ledstate == vd->ledstate) { 1824 return; 1825 } 1826 1827 vd->ledstate = ledstate; 1828 1829 QTAILQ_FOREACH(client, &vd->clients, next) { 1830 vnc_led_state_change(client); 1831 } 1832 } 1833 1834 static void do_key_event(VncState *vs, int down, int keycode, int sym) 1835 { 1836 QKeyCode qcode = qemu_input_key_number_to_qcode(keycode); 1837 1838 /* QEMU console switch */ 1839 switch (qcode) { 1840 case Q_KEY_CODE_1 ... Q_KEY_CODE_9: /* '1' to '9' keys */ 1841 if (vs->vd->dcl.con == NULL && down && 1842 qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CTRL) && 1843 qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_ALT)) { 1844 /* Reset the modifiers sent to the current console */ 1845 qkbd_state_lift_all_keys(vs->vd->kbd); 1846 console_select(qcode - Q_KEY_CODE_1); 1847 return; 1848 } 1849 default: 1850 break; 1851 } 1852 1853 /* Turn off the lock state sync logic if the client support the led 1854 state extension. 1855 */ 1856 if (down && vs->vd->lock_key_sync && 1857 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) && 1858 keycode_is_keypad(vs->vd->kbd_layout, keycode)) { 1859 /* If the numlock state needs to change then simulate an additional 1860 keypress before sending this one. This will happen if the user 1861 toggles numlock away from the VNC window. 1862 */ 1863 if (keysym_is_numlock(vs->vd->kbd_layout, sym & 0xFFFF)) { 1864 if (!qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK)) { 1865 trace_vnc_key_sync_numlock(true); 1866 press_key(vs, Q_KEY_CODE_NUM_LOCK); 1867 } 1868 } else { 1869 if (qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK)) { 1870 trace_vnc_key_sync_numlock(false); 1871 press_key(vs, Q_KEY_CODE_NUM_LOCK); 1872 } 1873 } 1874 } 1875 1876 if (down && vs->vd->lock_key_sync && 1877 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) && 1878 ((sym >= 'A' && sym <= 'Z') || (sym >= 'a' && sym <= 'z'))) { 1879 /* If the capslock state needs to change then simulate an additional 1880 keypress before sending this one. This will happen if the user 1881 toggles capslock away from the VNC window. 1882 */ 1883 int uppercase = !!(sym >= 'A' && sym <= 'Z'); 1884 bool shift = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_SHIFT); 1885 bool capslock = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CAPSLOCK); 1886 if (capslock) { 1887 if (uppercase == shift) { 1888 trace_vnc_key_sync_capslock(false); 1889 press_key(vs, Q_KEY_CODE_CAPS_LOCK); 1890 } 1891 } else { 1892 if (uppercase != shift) { 1893 trace_vnc_key_sync_capslock(true); 1894 press_key(vs, Q_KEY_CODE_CAPS_LOCK); 1895 } 1896 } 1897 } 1898 1899 qkbd_state_key_event(vs->vd->kbd, qcode, down); 1900 if (!qemu_console_is_graphic(NULL)) { 1901 bool numlock = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK); 1902 bool control = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CTRL); 1903 /* QEMU console emulation */ 1904 if (down) { 1905 switch (keycode) { 1906 case 0x2a: /* Left Shift */ 1907 case 0x36: /* Right Shift */ 1908 case 0x1d: /* Left CTRL */ 1909 case 0x9d: /* Right CTRL */ 1910 case 0x38: /* Left ALT */ 1911 case 0xb8: /* Right ALT */ 1912 break; 1913 case 0xc8: 1914 kbd_put_keysym(QEMU_KEY_UP); 1915 break; 1916 case 0xd0: 1917 kbd_put_keysym(QEMU_KEY_DOWN); 1918 break; 1919 case 0xcb: 1920 kbd_put_keysym(QEMU_KEY_LEFT); 1921 break; 1922 case 0xcd: 1923 kbd_put_keysym(QEMU_KEY_RIGHT); 1924 break; 1925 case 0xd3: 1926 kbd_put_keysym(QEMU_KEY_DELETE); 1927 break; 1928 case 0xc7: 1929 kbd_put_keysym(QEMU_KEY_HOME); 1930 break; 1931 case 0xcf: 1932 kbd_put_keysym(QEMU_KEY_END); 1933 break; 1934 case 0xc9: 1935 kbd_put_keysym(QEMU_KEY_PAGEUP); 1936 break; 1937 case 0xd1: 1938 kbd_put_keysym(QEMU_KEY_PAGEDOWN); 1939 break; 1940 1941 case 0x47: 1942 kbd_put_keysym(numlock ? '7' : QEMU_KEY_HOME); 1943 break; 1944 case 0x48: 1945 kbd_put_keysym(numlock ? '8' : QEMU_KEY_UP); 1946 break; 1947 case 0x49: 1948 kbd_put_keysym(numlock ? '9' : QEMU_KEY_PAGEUP); 1949 break; 1950 case 0x4b: 1951 kbd_put_keysym(numlock ? '4' : QEMU_KEY_LEFT); 1952 break; 1953 case 0x4c: 1954 kbd_put_keysym('5'); 1955 break; 1956 case 0x4d: 1957 kbd_put_keysym(numlock ? '6' : QEMU_KEY_RIGHT); 1958 break; 1959 case 0x4f: 1960 kbd_put_keysym(numlock ? '1' : QEMU_KEY_END); 1961 break; 1962 case 0x50: 1963 kbd_put_keysym(numlock ? '2' : QEMU_KEY_DOWN); 1964 break; 1965 case 0x51: 1966 kbd_put_keysym(numlock ? '3' : QEMU_KEY_PAGEDOWN); 1967 break; 1968 case 0x52: 1969 kbd_put_keysym('0'); 1970 break; 1971 case 0x53: 1972 kbd_put_keysym(numlock ? '.' : QEMU_KEY_DELETE); 1973 break; 1974 1975 case 0xb5: 1976 kbd_put_keysym('/'); 1977 break; 1978 case 0x37: 1979 kbd_put_keysym('*'); 1980 break; 1981 case 0x4a: 1982 kbd_put_keysym('-'); 1983 break; 1984 case 0x4e: 1985 kbd_put_keysym('+'); 1986 break; 1987 case 0x9c: 1988 kbd_put_keysym('\n'); 1989 break; 1990 1991 default: 1992 if (control) { 1993 kbd_put_keysym(sym & 0x1f); 1994 } else { 1995 kbd_put_keysym(sym); 1996 } 1997 break; 1998 } 1999 } 2000 } 2001 } 2002 2003 static const char *code2name(int keycode) 2004 { 2005 return QKeyCode_str(qemu_input_key_number_to_qcode(keycode)); 2006 } 2007 2008 static void key_event(VncState *vs, int down, uint32_t sym) 2009 { 2010 int keycode; 2011 int lsym = sym; 2012 2013 if (lsym >= 'A' && lsym <= 'Z' && qemu_console_is_graphic(NULL)) { 2014 lsym = lsym - 'A' + 'a'; 2015 } 2016 2017 keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF, 2018 vs->vd->kbd, down) & SCANCODE_KEYMASK; 2019 trace_vnc_key_event_map(down, sym, keycode, code2name(keycode)); 2020 do_key_event(vs, down, keycode, sym); 2021 } 2022 2023 static void ext_key_event(VncState *vs, int down, 2024 uint32_t sym, uint16_t keycode) 2025 { 2026 /* if the user specifies a keyboard layout, always use it */ 2027 if (keyboard_layout) { 2028 key_event(vs, down, sym); 2029 } else { 2030 trace_vnc_key_event_ext(down, sym, keycode, code2name(keycode)); 2031 do_key_event(vs, down, keycode, sym); 2032 } 2033 } 2034 2035 static void framebuffer_update_request(VncState *vs, int incremental, 2036 int x, int y, int w, int h) 2037 { 2038 if (incremental) { 2039 if (vs->update != VNC_STATE_UPDATE_FORCE) { 2040 vs->update = VNC_STATE_UPDATE_INCREMENTAL; 2041 } 2042 } else { 2043 vs->update = VNC_STATE_UPDATE_FORCE; 2044 vnc_set_area_dirty(vs->dirty, vs->vd, x, y, w, h); 2045 vnc_colordepth(vs); 2046 vnc_desktop_resize(vs); 2047 vnc_led_state_change(vs); 2048 vnc_cursor_define(vs); 2049 } 2050 } 2051 2052 static void send_ext_key_event_ack(VncState *vs) 2053 { 2054 vnc_lock_output(vs); 2055 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2056 vnc_write_u8(vs, 0); 2057 vnc_write_u16(vs, 1); 2058 vnc_framebuffer_update(vs, 0, 0, 2059 pixman_image_get_width(vs->vd->server), 2060 pixman_image_get_height(vs->vd->server), 2061 VNC_ENCODING_EXT_KEY_EVENT); 2062 vnc_unlock_output(vs); 2063 vnc_flush(vs); 2064 } 2065 2066 static void send_ext_audio_ack(VncState *vs) 2067 { 2068 vnc_lock_output(vs); 2069 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2070 vnc_write_u8(vs, 0); 2071 vnc_write_u16(vs, 1); 2072 vnc_framebuffer_update(vs, 0, 0, 2073 pixman_image_get_width(vs->vd->server), 2074 pixman_image_get_height(vs->vd->server), 2075 VNC_ENCODING_AUDIO); 2076 vnc_unlock_output(vs); 2077 vnc_flush(vs); 2078 } 2079 2080 static void send_xvp_message(VncState *vs, int code) 2081 { 2082 vnc_lock_output(vs); 2083 vnc_write_u8(vs, VNC_MSG_SERVER_XVP); 2084 vnc_write_u8(vs, 0); /* pad */ 2085 vnc_write_u8(vs, 1); /* version */ 2086 vnc_write_u8(vs, code); 2087 vnc_unlock_output(vs); 2088 vnc_flush(vs); 2089 } 2090 2091 static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings) 2092 { 2093 int i; 2094 unsigned int enc = 0; 2095 2096 vs->features = 0; 2097 vs->vnc_encoding = 0; 2098 vs->tight->compression = 9; 2099 vs->tight->quality = -1; /* Lossless by default */ 2100 vs->absolute = -1; 2101 2102 /* 2103 * Start from the end because the encodings are sent in order of preference. 2104 * This way the preferred encoding (first encoding defined in the array) 2105 * will be set at the end of the loop. 2106 */ 2107 for (i = n_encodings - 1; i >= 0; i--) { 2108 enc = encodings[i]; 2109 switch (enc) { 2110 case VNC_ENCODING_RAW: 2111 vs->vnc_encoding = enc; 2112 break; 2113 case VNC_ENCODING_HEXTILE: 2114 vs->features |= VNC_FEATURE_HEXTILE_MASK; 2115 vs->vnc_encoding = enc; 2116 break; 2117 case VNC_ENCODING_TIGHT: 2118 vs->features |= VNC_FEATURE_TIGHT_MASK; 2119 vs->vnc_encoding = enc; 2120 break; 2121 #ifdef CONFIG_VNC_PNG 2122 case VNC_ENCODING_TIGHT_PNG: 2123 vs->features |= VNC_FEATURE_TIGHT_PNG_MASK; 2124 vs->vnc_encoding = enc; 2125 break; 2126 #endif 2127 case VNC_ENCODING_ZLIB: 2128 /* 2129 * VNC_ENCODING_ZRLE compresses better than VNC_ENCODING_ZLIB. 2130 * So prioritize ZRLE, even if the client hints that it prefers 2131 * ZLIB. 2132 */ 2133 if ((vs->features & VNC_FEATURE_ZRLE_MASK) == 0) { 2134 vs->features |= VNC_FEATURE_ZLIB_MASK; 2135 vs->vnc_encoding = enc; 2136 } 2137 break; 2138 case VNC_ENCODING_ZRLE: 2139 vs->features |= VNC_FEATURE_ZRLE_MASK; 2140 vs->vnc_encoding = enc; 2141 break; 2142 case VNC_ENCODING_ZYWRLE: 2143 vs->features |= VNC_FEATURE_ZYWRLE_MASK; 2144 vs->vnc_encoding = enc; 2145 break; 2146 case VNC_ENCODING_DESKTOPRESIZE: 2147 vs->features |= VNC_FEATURE_RESIZE_MASK; 2148 break; 2149 case VNC_ENCODING_DESKTOP_RESIZE_EXT: 2150 vs->features |= VNC_FEATURE_RESIZE_EXT_MASK; 2151 break; 2152 case VNC_ENCODING_POINTER_TYPE_CHANGE: 2153 vs->features |= VNC_FEATURE_POINTER_TYPE_CHANGE_MASK; 2154 break; 2155 case VNC_ENCODING_RICH_CURSOR: 2156 vs->features |= VNC_FEATURE_RICH_CURSOR_MASK; 2157 break; 2158 case VNC_ENCODING_ALPHA_CURSOR: 2159 vs->features |= VNC_FEATURE_ALPHA_CURSOR_MASK; 2160 break; 2161 case VNC_ENCODING_EXT_KEY_EVENT: 2162 send_ext_key_event_ack(vs); 2163 break; 2164 case VNC_ENCODING_AUDIO: 2165 send_ext_audio_ack(vs); 2166 break; 2167 case VNC_ENCODING_WMVi: 2168 vs->features |= VNC_FEATURE_WMVI_MASK; 2169 break; 2170 case VNC_ENCODING_LED_STATE: 2171 vs->features |= VNC_FEATURE_LED_STATE_MASK; 2172 break; 2173 case VNC_ENCODING_XVP: 2174 if (vs->vd->power_control) { 2175 vs->features |= VNC_FEATURE_XVP; 2176 send_xvp_message(vs, VNC_XVP_CODE_INIT); 2177 } 2178 break; 2179 case VNC_ENCODING_COMPRESSLEVEL0 ... VNC_ENCODING_COMPRESSLEVEL0 + 9: 2180 vs->tight->compression = (enc & 0x0F); 2181 break; 2182 case VNC_ENCODING_QUALITYLEVEL0 ... VNC_ENCODING_QUALITYLEVEL0 + 9: 2183 if (vs->vd->lossy) { 2184 vs->tight->quality = (enc & 0x0F); 2185 } 2186 break; 2187 default: 2188 VNC_DEBUG("Unknown encoding: %d (0x%.8x): %d\n", i, enc, enc); 2189 break; 2190 } 2191 } 2192 check_pointer_type_change(&vs->mouse_mode_notifier, NULL); 2193 } 2194 2195 static void set_pixel_conversion(VncState *vs) 2196 { 2197 pixman_format_code_t fmt = qemu_pixman_get_format(&vs->client_pf); 2198 2199 if (fmt == VNC_SERVER_FB_FORMAT) { 2200 vs->write_pixels = vnc_write_pixels_copy; 2201 vnc_hextile_set_pixel_conversion(vs, 0); 2202 } else { 2203 vs->write_pixels = vnc_write_pixels_generic; 2204 vnc_hextile_set_pixel_conversion(vs, 1); 2205 } 2206 } 2207 2208 static void send_color_map(VncState *vs) 2209 { 2210 int i; 2211 2212 vnc_lock_output(vs); 2213 vnc_write_u8(vs, VNC_MSG_SERVER_SET_COLOUR_MAP_ENTRIES); 2214 vnc_write_u8(vs, 0); /* padding */ 2215 vnc_write_u16(vs, 0); /* first color */ 2216 vnc_write_u16(vs, 256); /* # of colors */ 2217 2218 for (i = 0; i < 256; i++) { 2219 PixelFormat *pf = &vs->client_pf; 2220 2221 vnc_write_u16(vs, (((i >> pf->rshift) & pf->rmax) << (16 - pf->rbits))); 2222 vnc_write_u16(vs, (((i >> pf->gshift) & pf->gmax) << (16 - pf->gbits))); 2223 vnc_write_u16(vs, (((i >> pf->bshift) & pf->bmax) << (16 - pf->bbits))); 2224 } 2225 vnc_unlock_output(vs); 2226 } 2227 2228 static void set_pixel_format(VncState *vs, int bits_per_pixel, 2229 int big_endian_flag, int true_color_flag, 2230 int red_max, int green_max, int blue_max, 2231 int red_shift, int green_shift, int blue_shift) 2232 { 2233 if (!true_color_flag) { 2234 /* Expose a reasonable default 256 color map */ 2235 bits_per_pixel = 8; 2236 red_max = 7; 2237 green_max = 7; 2238 blue_max = 3; 2239 red_shift = 0; 2240 green_shift = 3; 2241 blue_shift = 6; 2242 } 2243 2244 switch (bits_per_pixel) { 2245 case 8: 2246 case 16: 2247 case 32: 2248 break; 2249 default: 2250 vnc_client_error(vs); 2251 return; 2252 } 2253 2254 vs->client_pf.rmax = red_max ? red_max : 0xFF; 2255 vs->client_pf.rbits = ctpopl(red_max); 2256 vs->client_pf.rshift = red_shift; 2257 vs->client_pf.rmask = red_max << red_shift; 2258 vs->client_pf.gmax = green_max ? green_max : 0xFF; 2259 vs->client_pf.gbits = ctpopl(green_max); 2260 vs->client_pf.gshift = green_shift; 2261 vs->client_pf.gmask = green_max << green_shift; 2262 vs->client_pf.bmax = blue_max ? blue_max : 0xFF; 2263 vs->client_pf.bbits = ctpopl(blue_max); 2264 vs->client_pf.bshift = blue_shift; 2265 vs->client_pf.bmask = blue_max << blue_shift; 2266 vs->client_pf.bits_per_pixel = bits_per_pixel; 2267 vs->client_pf.bytes_per_pixel = bits_per_pixel / 8; 2268 vs->client_pf.depth = bits_per_pixel == 32 ? 24 : bits_per_pixel; 2269 vs->client_be = big_endian_flag; 2270 2271 if (!true_color_flag) { 2272 send_color_map(vs); 2273 } 2274 2275 set_pixel_conversion(vs); 2276 2277 graphic_hw_invalidate(vs->vd->dcl.con); 2278 graphic_hw_update(vs->vd->dcl.con); 2279 } 2280 2281 static void pixel_format_message (VncState *vs) { 2282 char pad[3] = { 0, 0, 0 }; 2283 2284 vs->client_pf = qemu_default_pixelformat(32); 2285 2286 vnc_write_u8(vs, vs->client_pf.bits_per_pixel); /* bits-per-pixel */ 2287 vnc_write_u8(vs, vs->client_pf.depth); /* depth */ 2288 2289 #ifdef HOST_WORDS_BIGENDIAN 2290 vnc_write_u8(vs, 1); /* big-endian-flag */ 2291 #else 2292 vnc_write_u8(vs, 0); /* big-endian-flag */ 2293 #endif 2294 vnc_write_u8(vs, 1); /* true-color-flag */ 2295 vnc_write_u16(vs, vs->client_pf.rmax); /* red-max */ 2296 vnc_write_u16(vs, vs->client_pf.gmax); /* green-max */ 2297 vnc_write_u16(vs, vs->client_pf.bmax); /* blue-max */ 2298 vnc_write_u8(vs, vs->client_pf.rshift); /* red-shift */ 2299 vnc_write_u8(vs, vs->client_pf.gshift); /* green-shift */ 2300 vnc_write_u8(vs, vs->client_pf.bshift); /* blue-shift */ 2301 vnc_write(vs, pad, 3); /* padding */ 2302 2303 vnc_hextile_set_pixel_conversion(vs, 0); 2304 vs->write_pixels = vnc_write_pixels_copy; 2305 } 2306 2307 static void vnc_colordepth(VncState *vs) 2308 { 2309 if (vnc_has_feature(vs, VNC_FEATURE_WMVI)) { 2310 /* Sending a WMVi message to notify the client*/ 2311 vnc_lock_output(vs); 2312 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2313 vnc_write_u8(vs, 0); 2314 vnc_write_u16(vs, 1); /* number of rects */ 2315 vnc_framebuffer_update(vs, 0, 0, 2316 pixman_image_get_width(vs->vd->server), 2317 pixman_image_get_height(vs->vd->server), 2318 VNC_ENCODING_WMVi); 2319 pixel_format_message(vs); 2320 vnc_unlock_output(vs); 2321 vnc_flush(vs); 2322 } else { 2323 set_pixel_conversion(vs); 2324 } 2325 } 2326 2327 static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len) 2328 { 2329 int i; 2330 uint16_t limit; 2331 uint32_t freq; 2332 VncDisplay *vd = vs->vd; 2333 2334 if (data[0] > 3) { 2335 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 2336 } 2337 2338 switch (data[0]) { 2339 case VNC_MSG_CLIENT_SET_PIXEL_FORMAT: 2340 if (len == 1) 2341 return 20; 2342 2343 set_pixel_format(vs, read_u8(data, 4), 2344 read_u8(data, 6), read_u8(data, 7), 2345 read_u16(data, 8), read_u16(data, 10), 2346 read_u16(data, 12), read_u8(data, 14), 2347 read_u8(data, 15), read_u8(data, 16)); 2348 break; 2349 case VNC_MSG_CLIENT_SET_ENCODINGS: 2350 if (len == 1) 2351 return 4; 2352 2353 if (len == 4) { 2354 limit = read_u16(data, 2); 2355 if (limit > 0) 2356 return 4 + (limit * 4); 2357 } else 2358 limit = read_u16(data, 2); 2359 2360 for (i = 0; i < limit; i++) { 2361 int32_t val = read_s32(data, 4 + (i * 4)); 2362 memcpy(data + 4 + (i * 4), &val, sizeof(val)); 2363 } 2364 2365 set_encodings(vs, (int32_t *)(data + 4), limit); 2366 break; 2367 case VNC_MSG_CLIENT_FRAMEBUFFER_UPDATE_REQUEST: 2368 if (len == 1) 2369 return 10; 2370 2371 framebuffer_update_request(vs, 2372 read_u8(data, 1), read_u16(data, 2), read_u16(data, 4), 2373 read_u16(data, 6), read_u16(data, 8)); 2374 break; 2375 case VNC_MSG_CLIENT_KEY_EVENT: 2376 if (len == 1) 2377 return 8; 2378 2379 key_event(vs, read_u8(data, 1), read_u32(data, 4)); 2380 break; 2381 case VNC_MSG_CLIENT_POINTER_EVENT: 2382 if (len == 1) 2383 return 6; 2384 2385 pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4)); 2386 break; 2387 case VNC_MSG_CLIENT_CUT_TEXT: 2388 if (len == 1) { 2389 return 8; 2390 } 2391 if (len == 8) { 2392 uint32_t dlen = read_u32(data, 4); 2393 if (dlen > (1 << 20)) { 2394 error_report("vnc: client_cut_text msg payload has %u bytes" 2395 " which exceeds our limit of 1MB.", dlen); 2396 vnc_client_error(vs); 2397 break; 2398 } 2399 if (dlen > 0) { 2400 return 8 + dlen; 2401 } 2402 } 2403 2404 client_cut_text(vs, read_u32(data, 4), data + 8); 2405 break; 2406 case VNC_MSG_CLIENT_XVP: 2407 if (!(vs->features & VNC_FEATURE_XVP)) { 2408 error_report("vnc: xvp client message while disabled"); 2409 vnc_client_error(vs); 2410 break; 2411 } 2412 if (len == 1) { 2413 return 4; 2414 } 2415 if (len == 4) { 2416 uint8_t version = read_u8(data, 2); 2417 uint8_t action = read_u8(data, 3); 2418 2419 if (version != 1) { 2420 error_report("vnc: xvp client message version %d != 1", 2421 version); 2422 vnc_client_error(vs); 2423 break; 2424 } 2425 2426 switch (action) { 2427 case VNC_XVP_ACTION_SHUTDOWN: 2428 qemu_system_powerdown_request(); 2429 break; 2430 case VNC_XVP_ACTION_REBOOT: 2431 send_xvp_message(vs, VNC_XVP_CODE_FAIL); 2432 break; 2433 case VNC_XVP_ACTION_RESET: 2434 qemu_system_reset_request(SHUTDOWN_CAUSE_HOST_QMP_SYSTEM_RESET); 2435 break; 2436 default: 2437 send_xvp_message(vs, VNC_XVP_CODE_FAIL); 2438 break; 2439 } 2440 } 2441 break; 2442 case VNC_MSG_CLIENT_QEMU: 2443 if (len == 1) 2444 return 2; 2445 2446 switch (read_u8(data, 1)) { 2447 case VNC_MSG_CLIENT_QEMU_EXT_KEY_EVENT: 2448 if (len == 2) 2449 return 12; 2450 2451 ext_key_event(vs, read_u16(data, 2), 2452 read_u32(data, 4), read_u32(data, 8)); 2453 break; 2454 case VNC_MSG_CLIENT_QEMU_AUDIO: 2455 if (len == 2) 2456 return 4; 2457 2458 switch (read_u16 (data, 2)) { 2459 case VNC_MSG_CLIENT_QEMU_AUDIO_ENABLE: 2460 audio_add(vs); 2461 break; 2462 case VNC_MSG_CLIENT_QEMU_AUDIO_DISABLE: 2463 audio_del(vs); 2464 break; 2465 case VNC_MSG_CLIENT_QEMU_AUDIO_SET_FORMAT: 2466 if (len == 4) 2467 return 10; 2468 switch (read_u8(data, 4)) { 2469 case 0: vs->as.fmt = AUDIO_FORMAT_U8; break; 2470 case 1: vs->as.fmt = AUDIO_FORMAT_S8; break; 2471 case 2: vs->as.fmt = AUDIO_FORMAT_U16; break; 2472 case 3: vs->as.fmt = AUDIO_FORMAT_S16; break; 2473 case 4: vs->as.fmt = AUDIO_FORMAT_U32; break; 2474 case 5: vs->as.fmt = AUDIO_FORMAT_S32; break; 2475 default: 2476 VNC_DEBUG("Invalid audio format %d\n", read_u8(data, 4)); 2477 vnc_client_error(vs); 2478 break; 2479 } 2480 vs->as.nchannels = read_u8(data, 5); 2481 if (vs->as.nchannels != 1 && vs->as.nchannels != 2) { 2482 VNC_DEBUG("Invalid audio channel count %d\n", 2483 read_u8(data, 5)); 2484 vnc_client_error(vs); 2485 break; 2486 } 2487 freq = read_u32(data, 6); 2488 /* No official limit for protocol, but 48khz is a sensible 2489 * upper bound for trustworthy clients, and this limit 2490 * protects calculations involving 'vs->as.freq' later. 2491 */ 2492 if (freq > 48000) { 2493 VNC_DEBUG("Invalid audio frequency %u > 48000", freq); 2494 vnc_client_error(vs); 2495 break; 2496 } 2497 vs->as.freq = freq; 2498 break; 2499 default: 2500 VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 4)); 2501 vnc_client_error(vs); 2502 break; 2503 } 2504 break; 2505 2506 default: 2507 VNC_DEBUG("Msg: %d\n", read_u16(data, 0)); 2508 vnc_client_error(vs); 2509 break; 2510 } 2511 break; 2512 case VNC_MSG_CLIENT_SET_DESKTOP_SIZE: 2513 { 2514 size_t size; 2515 uint8_t screens; 2516 2517 if (len < 8) { 2518 return 8; 2519 } 2520 2521 screens = read_u8(data, 6); 2522 size = 8 + screens * 16; 2523 if (len < size) { 2524 return size; 2525 } 2526 2527 if (dpy_ui_info_supported(vs->vd->dcl.con)) { 2528 QemuUIInfo info; 2529 memset(&info, 0, sizeof(info)); 2530 info.width = read_u16(data, 2); 2531 info.height = read_u16(data, 4); 2532 dpy_set_ui_info(vs->vd->dcl.con, &info); 2533 vnc_desktop_resize_ext(vs, 4 /* Request forwarded */); 2534 } else { 2535 vnc_desktop_resize_ext(vs, 3 /* Invalid screen layout */); 2536 } 2537 2538 break; 2539 } 2540 default: 2541 VNC_DEBUG("Msg: %d\n", data[0]); 2542 vnc_client_error(vs); 2543 break; 2544 } 2545 2546 vnc_update_throttle_offset(vs); 2547 vnc_read_when(vs, protocol_client_msg, 1); 2548 return 0; 2549 } 2550 2551 static int protocol_client_init(VncState *vs, uint8_t *data, size_t len) 2552 { 2553 char buf[1024]; 2554 VncShareMode mode; 2555 int size; 2556 2557 mode = data[0] ? VNC_SHARE_MODE_SHARED : VNC_SHARE_MODE_EXCLUSIVE; 2558 switch (vs->vd->share_policy) { 2559 case VNC_SHARE_POLICY_IGNORE: 2560 /* 2561 * Ignore the shared flag. Nothing to do here. 2562 * 2563 * Doesn't conform to the rfb spec but is traditional qemu 2564 * behavior, thus left here as option for compatibility 2565 * reasons. 2566 */ 2567 break; 2568 case VNC_SHARE_POLICY_ALLOW_EXCLUSIVE: 2569 /* 2570 * Policy: Allow clients ask for exclusive access. 2571 * 2572 * Implementation: When a client asks for exclusive access, 2573 * disconnect all others. Shared connects are allowed as long 2574 * as no exclusive connection exists. 2575 * 2576 * This is how the rfb spec suggests to handle the shared flag. 2577 */ 2578 if (mode == VNC_SHARE_MODE_EXCLUSIVE) { 2579 VncState *client; 2580 QTAILQ_FOREACH(client, &vs->vd->clients, next) { 2581 if (vs == client) { 2582 continue; 2583 } 2584 if (client->share_mode != VNC_SHARE_MODE_EXCLUSIVE && 2585 client->share_mode != VNC_SHARE_MODE_SHARED) { 2586 continue; 2587 } 2588 vnc_disconnect_start(client); 2589 } 2590 } 2591 if (mode == VNC_SHARE_MODE_SHARED) { 2592 if (vs->vd->num_exclusive > 0) { 2593 vnc_disconnect_start(vs); 2594 return 0; 2595 } 2596 } 2597 break; 2598 case VNC_SHARE_POLICY_FORCE_SHARED: 2599 /* 2600 * Policy: Shared connects only. 2601 * Implementation: Disallow clients asking for exclusive access. 2602 * 2603 * Useful for shared desktop sessions where you don't want 2604 * someone forgetting to say -shared when running the vnc 2605 * client disconnect everybody else. 2606 */ 2607 if (mode == VNC_SHARE_MODE_EXCLUSIVE) { 2608 vnc_disconnect_start(vs); 2609 return 0; 2610 } 2611 break; 2612 } 2613 vnc_set_share_mode(vs, mode); 2614 2615 if (vs->vd->num_shared > vs->vd->connections_limit) { 2616 vnc_disconnect_start(vs); 2617 return 0; 2618 } 2619 2620 assert(pixman_image_get_width(vs->vd->server) < 65536 && 2621 pixman_image_get_width(vs->vd->server) >= 0); 2622 assert(pixman_image_get_height(vs->vd->server) < 65536 && 2623 pixman_image_get_height(vs->vd->server) >= 0); 2624 vs->client_width = pixman_image_get_width(vs->vd->server); 2625 vs->client_height = pixman_image_get_height(vs->vd->server); 2626 vnc_write_u16(vs, vs->client_width); 2627 vnc_write_u16(vs, vs->client_height); 2628 2629 pixel_format_message(vs); 2630 2631 if (qemu_name) { 2632 size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name); 2633 if (size > sizeof(buf)) { 2634 size = sizeof(buf); 2635 } 2636 } else { 2637 size = snprintf(buf, sizeof(buf), "QEMU"); 2638 } 2639 2640 vnc_write_u32(vs, size); 2641 vnc_write(vs, buf, size); 2642 vnc_flush(vs); 2643 2644 vnc_client_cache_auth(vs); 2645 vnc_qmp_event(vs, QAPI_EVENT_VNC_INITIALIZED); 2646 2647 vnc_read_when(vs, protocol_client_msg, 1); 2648 2649 return 0; 2650 } 2651 2652 void start_client_init(VncState *vs) 2653 { 2654 vnc_read_when(vs, protocol_client_init, 1); 2655 } 2656 2657 static void authentication_failed(VncState *vs) 2658 { 2659 vnc_write_u32(vs, 1); /* Reject auth */ 2660 if (vs->minor >= 8) { 2661 static const char err[] = "Authentication failed"; 2662 vnc_write_u32(vs, sizeof(err)); 2663 vnc_write(vs, err, sizeof(err)); 2664 } 2665 vnc_flush(vs); 2666 vnc_client_error(vs); 2667 } 2668 2669 static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len) 2670 { 2671 unsigned char response[VNC_AUTH_CHALLENGE_SIZE]; 2672 size_t i, pwlen; 2673 unsigned char key[8]; 2674 time_t now = time(NULL); 2675 QCryptoCipher *cipher = NULL; 2676 Error *err = NULL; 2677 2678 if (!vs->vd->password) { 2679 trace_vnc_auth_fail(vs, vs->auth, "password is not set", ""); 2680 goto reject; 2681 } 2682 if (vs->vd->expires < now) { 2683 trace_vnc_auth_fail(vs, vs->auth, "password is expired", ""); 2684 goto reject; 2685 } 2686 2687 memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE); 2688 2689 /* Calculate the expected challenge response */ 2690 pwlen = strlen(vs->vd->password); 2691 for (i=0; i<sizeof(key); i++) 2692 key[i] = i<pwlen ? vs->vd->password[i] : 0; 2693 2694 cipher = qcrypto_cipher_new( 2695 QCRYPTO_CIPHER_ALG_DES_RFB, 2696 QCRYPTO_CIPHER_MODE_ECB, 2697 key, G_N_ELEMENTS(key), 2698 &err); 2699 if (!cipher) { 2700 trace_vnc_auth_fail(vs, vs->auth, "cannot create cipher", 2701 error_get_pretty(err)); 2702 error_free(err); 2703 goto reject; 2704 } 2705 2706 if (qcrypto_cipher_encrypt(cipher, 2707 vs->challenge, 2708 response, 2709 VNC_AUTH_CHALLENGE_SIZE, 2710 &err) < 0) { 2711 trace_vnc_auth_fail(vs, vs->auth, "cannot encrypt challenge response", 2712 error_get_pretty(err)); 2713 error_free(err); 2714 goto reject; 2715 } 2716 2717 /* Compare expected vs actual challenge response */ 2718 if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) { 2719 trace_vnc_auth_fail(vs, vs->auth, "mis-matched challenge response", ""); 2720 goto reject; 2721 } else { 2722 trace_vnc_auth_pass(vs, vs->auth); 2723 vnc_write_u32(vs, 0); /* Accept auth */ 2724 vnc_flush(vs); 2725 2726 start_client_init(vs); 2727 } 2728 2729 qcrypto_cipher_free(cipher); 2730 return 0; 2731 2732 reject: 2733 authentication_failed(vs); 2734 qcrypto_cipher_free(cipher); 2735 return 0; 2736 } 2737 2738 void start_auth_vnc(VncState *vs) 2739 { 2740 Error *err = NULL; 2741 2742 if (qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), &err)) { 2743 trace_vnc_auth_fail(vs, vs->auth, "cannot get random bytes", 2744 error_get_pretty(err)); 2745 error_free(err); 2746 authentication_failed(vs); 2747 return; 2748 } 2749 2750 /* Send client a 'random' challenge */ 2751 vnc_write(vs, vs->challenge, sizeof(vs->challenge)); 2752 vnc_flush(vs); 2753 2754 vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge)); 2755 } 2756 2757 2758 static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len) 2759 { 2760 /* We only advertise 1 auth scheme at a time, so client 2761 * must pick the one we sent. Verify this */ 2762 if (data[0] != vs->auth) { /* Reject auth */ 2763 trace_vnc_auth_reject(vs, vs->auth, (int)data[0]); 2764 authentication_failed(vs); 2765 } else { /* Accept requested auth */ 2766 trace_vnc_auth_start(vs, vs->auth); 2767 switch (vs->auth) { 2768 case VNC_AUTH_NONE: 2769 if (vs->minor >= 8) { 2770 vnc_write_u32(vs, 0); /* Accept auth completion */ 2771 vnc_flush(vs); 2772 } 2773 trace_vnc_auth_pass(vs, vs->auth); 2774 start_client_init(vs); 2775 break; 2776 2777 case VNC_AUTH_VNC: 2778 start_auth_vnc(vs); 2779 break; 2780 2781 case VNC_AUTH_VENCRYPT: 2782 start_auth_vencrypt(vs); 2783 break; 2784 2785 #ifdef CONFIG_VNC_SASL 2786 case VNC_AUTH_SASL: 2787 start_auth_sasl(vs); 2788 break; 2789 #endif /* CONFIG_VNC_SASL */ 2790 2791 default: /* Should not be possible, but just in case */ 2792 trace_vnc_auth_fail(vs, vs->auth, "Unhandled auth method", ""); 2793 authentication_failed(vs); 2794 } 2795 } 2796 return 0; 2797 } 2798 2799 static int protocol_version(VncState *vs, uint8_t *version, size_t len) 2800 { 2801 char local[13]; 2802 2803 memcpy(local, version, 12); 2804 local[12] = 0; 2805 2806 if (sscanf(local, "RFB %03d.%03d\n", &vs->major, &vs->minor) != 2) { 2807 VNC_DEBUG("Malformed protocol version %s\n", local); 2808 vnc_client_error(vs); 2809 return 0; 2810 } 2811 VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, vs->minor); 2812 if (vs->major != 3 || 2813 (vs->minor != 3 && 2814 vs->minor != 4 && 2815 vs->minor != 5 && 2816 vs->minor != 7 && 2817 vs->minor != 8)) { 2818 VNC_DEBUG("Unsupported client version\n"); 2819 vnc_write_u32(vs, VNC_AUTH_INVALID); 2820 vnc_flush(vs); 2821 vnc_client_error(vs); 2822 return 0; 2823 } 2824 /* Some broken clients report v3.4 or v3.5, which spec requires to be treated 2825 * as equivalent to v3.3 by servers 2826 */ 2827 if (vs->minor == 4 || vs->minor == 5) 2828 vs->minor = 3; 2829 2830 if (vs->minor == 3) { 2831 trace_vnc_auth_start(vs, vs->auth); 2832 if (vs->auth == VNC_AUTH_NONE) { 2833 vnc_write_u32(vs, vs->auth); 2834 vnc_flush(vs); 2835 trace_vnc_auth_pass(vs, vs->auth); 2836 start_client_init(vs); 2837 } else if (vs->auth == VNC_AUTH_VNC) { 2838 VNC_DEBUG("Tell client VNC auth\n"); 2839 vnc_write_u32(vs, vs->auth); 2840 vnc_flush(vs); 2841 start_auth_vnc(vs); 2842 } else { 2843 trace_vnc_auth_fail(vs, vs->auth, 2844 "Unsupported auth method for v3.3", ""); 2845 vnc_write_u32(vs, VNC_AUTH_INVALID); 2846 vnc_flush(vs); 2847 vnc_client_error(vs); 2848 } 2849 } else { 2850 vnc_write_u8(vs, 1); /* num auth */ 2851 vnc_write_u8(vs, vs->auth); 2852 vnc_read_when(vs, protocol_client_auth, 1); 2853 vnc_flush(vs); 2854 } 2855 2856 return 0; 2857 } 2858 2859 static VncRectStat *vnc_stat_rect(VncDisplay *vd, int x, int y) 2860 { 2861 struct VncSurface *vs = &vd->guest; 2862 2863 return &vs->stats[y / VNC_STAT_RECT][x / VNC_STAT_RECT]; 2864 } 2865 2866 void vnc_sent_lossy_rect(VncState *vs, int x, int y, int w, int h) 2867 { 2868 int i, j; 2869 2870 w = (x + w) / VNC_STAT_RECT; 2871 h = (y + h) / VNC_STAT_RECT; 2872 x /= VNC_STAT_RECT; 2873 y /= VNC_STAT_RECT; 2874 2875 for (j = y; j <= h; j++) { 2876 for (i = x; i <= w; i++) { 2877 vs->lossy_rect[j][i] = 1; 2878 } 2879 } 2880 } 2881 2882 static int vnc_refresh_lossy_rect(VncDisplay *vd, int x, int y) 2883 { 2884 VncState *vs; 2885 int sty = y / VNC_STAT_RECT; 2886 int stx = x / VNC_STAT_RECT; 2887 int has_dirty = 0; 2888 2889 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT); 2890 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT); 2891 2892 QTAILQ_FOREACH(vs, &vd->clients, next) { 2893 int j; 2894 2895 /* kernel send buffers are full -> refresh later */ 2896 if (vs->output.offset) { 2897 continue; 2898 } 2899 2900 if (!vs->lossy_rect[sty][stx]) { 2901 continue; 2902 } 2903 2904 vs->lossy_rect[sty][stx] = 0; 2905 for (j = 0; j < VNC_STAT_RECT; ++j) { 2906 bitmap_set(vs->dirty[y + j], 2907 x / VNC_DIRTY_PIXELS_PER_BIT, 2908 VNC_STAT_RECT / VNC_DIRTY_PIXELS_PER_BIT); 2909 } 2910 has_dirty++; 2911 } 2912 2913 return has_dirty; 2914 } 2915 2916 static int vnc_update_stats(VncDisplay *vd, struct timeval * tv) 2917 { 2918 int width = MIN(pixman_image_get_width(vd->guest.fb), 2919 pixman_image_get_width(vd->server)); 2920 int height = MIN(pixman_image_get_height(vd->guest.fb), 2921 pixman_image_get_height(vd->server)); 2922 int x, y; 2923 struct timeval res; 2924 int has_dirty = 0; 2925 2926 for (y = 0; y < height; y += VNC_STAT_RECT) { 2927 for (x = 0; x < width; x += VNC_STAT_RECT) { 2928 VncRectStat *rect = vnc_stat_rect(vd, x, y); 2929 2930 rect->updated = false; 2931 } 2932 } 2933 2934 qemu_timersub(tv, &VNC_REFRESH_STATS, &res); 2935 2936 if (timercmp(&vd->guest.last_freq_check, &res, >)) { 2937 return has_dirty; 2938 } 2939 vd->guest.last_freq_check = *tv; 2940 2941 for (y = 0; y < height; y += VNC_STAT_RECT) { 2942 for (x = 0; x < width; x += VNC_STAT_RECT) { 2943 VncRectStat *rect= vnc_stat_rect(vd, x, y); 2944 int count = ARRAY_SIZE(rect->times); 2945 struct timeval min, max; 2946 2947 if (!timerisset(&rect->times[count - 1])) { 2948 continue ; 2949 } 2950 2951 max = rect->times[(rect->idx + count - 1) % count]; 2952 qemu_timersub(tv, &max, &res); 2953 2954 if (timercmp(&res, &VNC_REFRESH_LOSSY, >)) { 2955 rect->freq = 0; 2956 has_dirty += vnc_refresh_lossy_rect(vd, x, y); 2957 memset(rect->times, 0, sizeof (rect->times)); 2958 continue ; 2959 } 2960 2961 min = rect->times[rect->idx]; 2962 max = rect->times[(rect->idx + count - 1) % count]; 2963 qemu_timersub(&max, &min, &res); 2964 2965 rect->freq = res.tv_sec + res.tv_usec / 1000000.; 2966 rect->freq /= count; 2967 rect->freq = 1. / rect->freq; 2968 } 2969 } 2970 return has_dirty; 2971 } 2972 2973 double vnc_update_freq(VncState *vs, int x, int y, int w, int h) 2974 { 2975 int i, j; 2976 double total = 0; 2977 int num = 0; 2978 2979 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT); 2980 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT); 2981 2982 for (j = y; j <= y + h; j += VNC_STAT_RECT) { 2983 for (i = x; i <= x + w; i += VNC_STAT_RECT) { 2984 total += vnc_stat_rect(vs->vd, i, j)->freq; 2985 num++; 2986 } 2987 } 2988 2989 if (num) { 2990 return total / num; 2991 } else { 2992 return 0; 2993 } 2994 } 2995 2996 static void vnc_rect_updated(VncDisplay *vd, int x, int y, struct timeval * tv) 2997 { 2998 VncRectStat *rect; 2999 3000 rect = vnc_stat_rect(vd, x, y); 3001 if (rect->updated) { 3002 return ; 3003 } 3004 rect->times[rect->idx] = *tv; 3005 rect->idx = (rect->idx + 1) % ARRAY_SIZE(rect->times); 3006 rect->updated = true; 3007 } 3008 3009 static int vnc_refresh_server_surface(VncDisplay *vd) 3010 { 3011 int width = MIN(pixman_image_get_width(vd->guest.fb), 3012 pixman_image_get_width(vd->server)); 3013 int height = MIN(pixman_image_get_height(vd->guest.fb), 3014 pixman_image_get_height(vd->server)); 3015 int cmp_bytes, server_stride, line_bytes, guest_ll, guest_stride, y = 0; 3016 uint8_t *guest_row0 = NULL, *server_row0; 3017 VncState *vs; 3018 int has_dirty = 0; 3019 pixman_image_t *tmpbuf = NULL; 3020 3021 struct timeval tv = { 0, 0 }; 3022 3023 if (!vd->non_adaptive) { 3024 gettimeofday(&tv, NULL); 3025 has_dirty = vnc_update_stats(vd, &tv); 3026 } 3027 3028 /* 3029 * Walk through the guest dirty map. 3030 * Check and copy modified bits from guest to server surface. 3031 * Update server dirty map. 3032 */ 3033 server_row0 = (uint8_t *)pixman_image_get_data(vd->server); 3034 server_stride = guest_stride = guest_ll = 3035 pixman_image_get_stride(vd->server); 3036 cmp_bytes = MIN(VNC_DIRTY_PIXELS_PER_BIT * VNC_SERVER_FB_BYTES, 3037 server_stride); 3038 if (vd->guest.format != VNC_SERVER_FB_FORMAT) { 3039 int width = pixman_image_get_width(vd->server); 3040 tmpbuf = qemu_pixman_linebuf_create(VNC_SERVER_FB_FORMAT, width); 3041 } else { 3042 int guest_bpp = 3043 PIXMAN_FORMAT_BPP(pixman_image_get_format(vd->guest.fb)); 3044 guest_row0 = (uint8_t *)pixman_image_get_data(vd->guest.fb); 3045 guest_stride = pixman_image_get_stride(vd->guest.fb); 3046 guest_ll = pixman_image_get_width(vd->guest.fb) 3047 * DIV_ROUND_UP(guest_bpp, 8); 3048 } 3049 line_bytes = MIN(server_stride, guest_ll); 3050 3051 for (;;) { 3052 int x; 3053 uint8_t *guest_ptr, *server_ptr; 3054 unsigned long offset = find_next_bit((unsigned long *) &vd->guest.dirty, 3055 height * VNC_DIRTY_BPL(&vd->guest), 3056 y * VNC_DIRTY_BPL(&vd->guest)); 3057 if (offset == height * VNC_DIRTY_BPL(&vd->guest)) { 3058 /* no more dirty bits */ 3059 break; 3060 } 3061 y = offset / VNC_DIRTY_BPL(&vd->guest); 3062 x = offset % VNC_DIRTY_BPL(&vd->guest); 3063 3064 server_ptr = server_row0 + y * server_stride + x * cmp_bytes; 3065 3066 if (vd->guest.format != VNC_SERVER_FB_FORMAT) { 3067 qemu_pixman_linebuf_fill(tmpbuf, vd->guest.fb, width, 0, y); 3068 guest_ptr = (uint8_t *)pixman_image_get_data(tmpbuf); 3069 } else { 3070 guest_ptr = guest_row0 + y * guest_stride; 3071 } 3072 guest_ptr += x * cmp_bytes; 3073 3074 for (; x < DIV_ROUND_UP(width, VNC_DIRTY_PIXELS_PER_BIT); 3075 x++, guest_ptr += cmp_bytes, server_ptr += cmp_bytes) { 3076 int _cmp_bytes = cmp_bytes; 3077 if (!test_and_clear_bit(x, vd->guest.dirty[y])) { 3078 continue; 3079 } 3080 if ((x + 1) * cmp_bytes > line_bytes) { 3081 _cmp_bytes = line_bytes - x * cmp_bytes; 3082 } 3083 assert(_cmp_bytes >= 0); 3084 if (memcmp(server_ptr, guest_ptr, _cmp_bytes) == 0) { 3085 continue; 3086 } 3087 memcpy(server_ptr, guest_ptr, _cmp_bytes); 3088 if (!vd->non_adaptive) { 3089 vnc_rect_updated(vd, x * VNC_DIRTY_PIXELS_PER_BIT, 3090 y, &tv); 3091 } 3092 QTAILQ_FOREACH(vs, &vd->clients, next) { 3093 set_bit(x, vs->dirty[y]); 3094 } 3095 has_dirty++; 3096 } 3097 3098 y++; 3099 } 3100 qemu_pixman_image_unref(tmpbuf); 3101 return has_dirty; 3102 } 3103 3104 static void vnc_refresh(DisplayChangeListener *dcl) 3105 { 3106 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 3107 VncState *vs, *vn; 3108 int has_dirty, rects = 0; 3109 3110 if (QTAILQ_EMPTY(&vd->clients)) { 3111 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_MAX); 3112 return; 3113 } 3114 3115 graphic_hw_update(vd->dcl.con); 3116 3117 if (vnc_trylock_display(vd)) { 3118 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 3119 return; 3120 } 3121 3122 has_dirty = vnc_refresh_server_surface(vd); 3123 vnc_unlock_display(vd); 3124 3125 QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) { 3126 rects += vnc_update_client(vs, has_dirty); 3127 /* vs might be free()ed here */ 3128 } 3129 3130 if (has_dirty && rects) { 3131 vd->dcl.update_interval /= 2; 3132 if (vd->dcl.update_interval < VNC_REFRESH_INTERVAL_BASE) { 3133 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_BASE; 3134 } 3135 } else { 3136 vd->dcl.update_interval += VNC_REFRESH_INTERVAL_INC; 3137 if (vd->dcl.update_interval > VNC_REFRESH_INTERVAL_MAX) { 3138 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_MAX; 3139 } 3140 } 3141 } 3142 3143 static void vnc_connect(VncDisplay *vd, QIOChannelSocket *sioc, 3144 bool skipauth, bool websocket) 3145 { 3146 VncState *vs = g_new0(VncState, 1); 3147 bool first_client = QTAILQ_EMPTY(&vd->clients); 3148 int i; 3149 3150 trace_vnc_client_connect(vs, sioc); 3151 vs->zrle = g_new0(VncZrle, 1); 3152 vs->tight = g_new0(VncTight, 1); 3153 vs->magic = VNC_MAGIC; 3154 vs->sioc = sioc; 3155 object_ref(OBJECT(vs->sioc)); 3156 vs->ioc = QIO_CHANNEL(sioc); 3157 object_ref(OBJECT(vs->ioc)); 3158 vs->vd = vd; 3159 3160 buffer_init(&vs->input, "vnc-input/%p", sioc); 3161 buffer_init(&vs->output, "vnc-output/%p", sioc); 3162 buffer_init(&vs->jobs_buffer, "vnc-jobs_buffer/%p", sioc); 3163 3164 buffer_init(&vs->tight->tight, "vnc-tight/%p", sioc); 3165 buffer_init(&vs->tight->zlib, "vnc-tight-zlib/%p", sioc); 3166 buffer_init(&vs->tight->gradient, "vnc-tight-gradient/%p", sioc); 3167 #ifdef CONFIG_VNC_JPEG 3168 buffer_init(&vs->tight->jpeg, "vnc-tight-jpeg/%p", sioc); 3169 #endif 3170 #ifdef CONFIG_VNC_PNG 3171 buffer_init(&vs->tight->png, "vnc-tight-png/%p", sioc); 3172 #endif 3173 buffer_init(&vs->zlib.zlib, "vnc-zlib/%p", sioc); 3174 buffer_init(&vs->zrle->zrle, "vnc-zrle/%p", sioc); 3175 buffer_init(&vs->zrle->fb, "vnc-zrle-fb/%p", sioc); 3176 buffer_init(&vs->zrle->zlib, "vnc-zrle-zlib/%p", sioc); 3177 3178 if (skipauth) { 3179 vs->auth = VNC_AUTH_NONE; 3180 vs->subauth = VNC_AUTH_INVALID; 3181 } else { 3182 if (websocket) { 3183 vs->auth = vd->ws_auth; 3184 vs->subauth = VNC_AUTH_INVALID; 3185 } else { 3186 vs->auth = vd->auth; 3187 vs->subauth = vd->subauth; 3188 } 3189 } 3190 VNC_DEBUG("Client sioc=%p ws=%d auth=%d subauth=%d\n", 3191 sioc, websocket, vs->auth, vs->subauth); 3192 3193 vs->lossy_rect = g_malloc0(VNC_STAT_ROWS * sizeof (*vs->lossy_rect)); 3194 for (i = 0; i < VNC_STAT_ROWS; ++i) { 3195 vs->lossy_rect[i] = g_new0(uint8_t, VNC_STAT_COLS); 3196 } 3197 3198 VNC_DEBUG("New client on socket %p\n", vs->sioc); 3199 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 3200 qio_channel_set_blocking(vs->ioc, false, NULL); 3201 if (vs->ioc_tag) { 3202 g_source_remove(vs->ioc_tag); 3203 } 3204 if (websocket) { 3205 vs->websocket = 1; 3206 if (vd->tlscreds) { 3207 vs->ioc_tag = qio_channel_add_watch( 3208 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR, 3209 vncws_tls_handshake_io, vs, NULL); 3210 } else { 3211 vs->ioc_tag = qio_channel_add_watch( 3212 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR, 3213 vncws_handshake_io, vs, NULL); 3214 } 3215 } else { 3216 vs->ioc_tag = qio_channel_add_watch( 3217 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR, 3218 vnc_client_io, vs, NULL); 3219 } 3220 3221 vnc_client_cache_addr(vs); 3222 vnc_qmp_event(vs, QAPI_EVENT_VNC_CONNECTED); 3223 vnc_set_share_mode(vs, VNC_SHARE_MODE_CONNECTING); 3224 3225 vs->last_x = -1; 3226 vs->last_y = -1; 3227 3228 vs->as.freq = 44100; 3229 vs->as.nchannels = 2; 3230 vs->as.fmt = AUDIO_FORMAT_S16; 3231 vs->as.endianness = 0; 3232 3233 qemu_mutex_init(&vs->output_mutex); 3234 vs->bh = qemu_bh_new(vnc_jobs_bh, vs); 3235 3236 QTAILQ_INSERT_TAIL(&vd->clients, vs, next); 3237 if (first_client) { 3238 vnc_update_server_surface(vd); 3239 } 3240 3241 graphic_hw_update(vd->dcl.con); 3242 3243 if (!vs->websocket) { 3244 vnc_start_protocol(vs); 3245 } 3246 3247 if (vd->num_connecting > vd->connections_limit) { 3248 QTAILQ_FOREACH(vs, &vd->clients, next) { 3249 if (vs->share_mode == VNC_SHARE_MODE_CONNECTING) { 3250 vnc_disconnect_start(vs); 3251 return; 3252 } 3253 } 3254 } 3255 } 3256 3257 void vnc_start_protocol(VncState *vs) 3258 { 3259 vnc_write(vs, "RFB 003.008\n", 12); 3260 vnc_flush(vs); 3261 vnc_read_when(vs, protocol_version, 12); 3262 3263 vs->mouse_mode_notifier.notify = check_pointer_type_change; 3264 qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier); 3265 } 3266 3267 static void vnc_listen_io(QIONetListener *listener, 3268 QIOChannelSocket *cioc, 3269 void *opaque) 3270 { 3271 VncDisplay *vd = opaque; 3272 bool isWebsock = listener == vd->wslistener; 3273 3274 qio_channel_set_name(QIO_CHANNEL(cioc), 3275 isWebsock ? "vnc-ws-server" : "vnc-server"); 3276 qio_channel_set_delay(QIO_CHANNEL(cioc), false); 3277 vnc_connect(vd, cioc, false, isWebsock); 3278 } 3279 3280 static const DisplayChangeListenerOps dcl_ops = { 3281 .dpy_name = "vnc", 3282 .dpy_refresh = vnc_refresh, 3283 .dpy_gfx_update = vnc_dpy_update, 3284 .dpy_gfx_switch = vnc_dpy_switch, 3285 .dpy_gfx_check_format = qemu_pixman_check_format, 3286 .dpy_mouse_set = vnc_mouse_set, 3287 .dpy_cursor_define = vnc_dpy_cursor_define, 3288 }; 3289 3290 void vnc_display_init(const char *id, Error **errp) 3291 { 3292 VncDisplay *vd; 3293 3294 if (vnc_display_find(id) != NULL) { 3295 return; 3296 } 3297 vd = g_malloc0(sizeof(*vd)); 3298 3299 vd->id = strdup(id); 3300 QTAILQ_INSERT_TAIL(&vnc_displays, vd, next); 3301 3302 QTAILQ_INIT(&vd->clients); 3303 vd->expires = TIME_MAX; 3304 3305 if (keyboard_layout) { 3306 trace_vnc_key_map_init(keyboard_layout); 3307 vd->kbd_layout = init_keyboard_layout(name2keysym, 3308 keyboard_layout, errp); 3309 } else { 3310 vd->kbd_layout = init_keyboard_layout(name2keysym, "en-us", errp); 3311 } 3312 3313 if (!vd->kbd_layout) { 3314 return; 3315 } 3316 3317 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 3318 vd->connections_limit = 32; 3319 3320 qemu_mutex_init(&vd->mutex); 3321 vnc_start_worker_thread(); 3322 3323 vd->dcl.ops = &dcl_ops; 3324 register_displaychangelistener(&vd->dcl); 3325 vd->kbd = qkbd_state_init(vd->dcl.con); 3326 } 3327 3328 3329 static void vnc_display_close(VncDisplay *vd) 3330 { 3331 if (!vd) { 3332 return; 3333 } 3334 vd->is_unix = false; 3335 3336 if (vd->listener) { 3337 qio_net_listener_disconnect(vd->listener); 3338 object_unref(OBJECT(vd->listener)); 3339 } 3340 vd->listener = NULL; 3341 3342 if (vd->wslistener) { 3343 qio_net_listener_disconnect(vd->wslistener); 3344 object_unref(OBJECT(vd->wslistener)); 3345 } 3346 vd->wslistener = NULL; 3347 3348 vd->auth = VNC_AUTH_INVALID; 3349 vd->subauth = VNC_AUTH_INVALID; 3350 if (vd->tlscreds) { 3351 object_unref(OBJECT(vd->tlscreds)); 3352 vd->tlscreds = NULL; 3353 } 3354 if (vd->tlsauthz) { 3355 object_unparent(OBJECT(vd->tlsauthz)); 3356 vd->tlsauthz = NULL; 3357 } 3358 g_free(vd->tlsauthzid); 3359 vd->tlsauthzid = NULL; 3360 if (vd->lock_key_sync) { 3361 qemu_remove_led_event_handler(vd->led); 3362 vd->led = NULL; 3363 } 3364 #ifdef CONFIG_VNC_SASL 3365 if (vd->sasl.authz) { 3366 object_unparent(OBJECT(vd->sasl.authz)); 3367 vd->sasl.authz = NULL; 3368 } 3369 g_free(vd->sasl.authzid); 3370 vd->sasl.authzid = NULL; 3371 #endif 3372 } 3373 3374 int vnc_display_password(const char *id, const char *password) 3375 { 3376 VncDisplay *vd = vnc_display_find(id); 3377 3378 if (!vd) { 3379 return -EINVAL; 3380 } 3381 if (vd->auth == VNC_AUTH_NONE) { 3382 error_printf_unless_qmp("If you want use passwords please enable " 3383 "password auth using '-vnc ${dpy},password'.\n"); 3384 return -EINVAL; 3385 } 3386 3387 g_free(vd->password); 3388 vd->password = g_strdup(password); 3389 3390 return 0; 3391 } 3392 3393 int vnc_display_pw_expire(const char *id, time_t expires) 3394 { 3395 VncDisplay *vd = vnc_display_find(id); 3396 3397 if (!vd) { 3398 return -EINVAL; 3399 } 3400 3401 vd->expires = expires; 3402 return 0; 3403 } 3404 3405 static void vnc_display_print_local_addr(VncDisplay *vd) 3406 { 3407 SocketAddress *addr; 3408 3409 if (!vd->listener || !vd->listener->nsioc) { 3410 return; 3411 } 3412 3413 addr = qio_channel_socket_get_local_address(vd->listener->sioc[0], NULL); 3414 if (!addr) { 3415 return; 3416 } 3417 3418 if (addr->type != SOCKET_ADDRESS_TYPE_INET) { 3419 qapi_free_SocketAddress(addr); 3420 return; 3421 } 3422 error_printf_unless_qmp("VNC server running on %s:%s\n", 3423 addr->u.inet.host, 3424 addr->u.inet.port); 3425 qapi_free_SocketAddress(addr); 3426 } 3427 3428 static QemuOptsList qemu_vnc_opts = { 3429 .name = "vnc", 3430 .head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head), 3431 .implied_opt_name = "vnc", 3432 .desc = { 3433 { 3434 .name = "vnc", 3435 .type = QEMU_OPT_STRING, 3436 },{ 3437 .name = "websocket", 3438 .type = QEMU_OPT_STRING, 3439 },{ 3440 .name = "tls-creds", 3441 .type = QEMU_OPT_STRING, 3442 },{ 3443 .name = "share", 3444 .type = QEMU_OPT_STRING, 3445 },{ 3446 .name = "display", 3447 .type = QEMU_OPT_STRING, 3448 },{ 3449 .name = "head", 3450 .type = QEMU_OPT_NUMBER, 3451 },{ 3452 .name = "connections", 3453 .type = QEMU_OPT_NUMBER, 3454 },{ 3455 .name = "to", 3456 .type = QEMU_OPT_NUMBER, 3457 },{ 3458 .name = "ipv4", 3459 .type = QEMU_OPT_BOOL, 3460 },{ 3461 .name = "ipv6", 3462 .type = QEMU_OPT_BOOL, 3463 },{ 3464 .name = "password", 3465 .type = QEMU_OPT_BOOL, 3466 },{ 3467 .name = "reverse", 3468 .type = QEMU_OPT_BOOL, 3469 },{ 3470 .name = "lock-key-sync", 3471 .type = QEMU_OPT_BOOL, 3472 },{ 3473 .name = "key-delay-ms", 3474 .type = QEMU_OPT_NUMBER, 3475 },{ 3476 .name = "sasl", 3477 .type = QEMU_OPT_BOOL, 3478 },{ 3479 .name = "acl", 3480 .type = QEMU_OPT_BOOL, 3481 },{ 3482 .name = "tls-authz", 3483 .type = QEMU_OPT_STRING, 3484 },{ 3485 .name = "sasl-authz", 3486 .type = QEMU_OPT_STRING, 3487 },{ 3488 .name = "lossy", 3489 .type = QEMU_OPT_BOOL, 3490 },{ 3491 .name = "non-adaptive", 3492 .type = QEMU_OPT_BOOL, 3493 },{ 3494 .name = "audiodev", 3495 .type = QEMU_OPT_STRING, 3496 },{ 3497 .name = "power-control", 3498 .type = QEMU_OPT_BOOL, 3499 }, 3500 { /* end of list */ } 3501 }, 3502 }; 3503 3504 3505 static int 3506 vnc_display_setup_auth(int *auth, 3507 int *subauth, 3508 QCryptoTLSCreds *tlscreds, 3509 bool password, 3510 bool sasl, 3511 bool websocket, 3512 Error **errp) 3513 { 3514 /* 3515 * We have a choice of 3 authentication options 3516 * 3517 * 1. none 3518 * 2. vnc 3519 * 3. sasl 3520 * 3521 * The channel can be run in 2 modes 3522 * 3523 * 1. clear 3524 * 2. tls 3525 * 3526 * And TLS can use 2 types of credentials 3527 * 3528 * 1. anon 3529 * 2. x509 3530 * 3531 * We thus have 9 possible logical combinations 3532 * 3533 * 1. clear + none 3534 * 2. clear + vnc 3535 * 3. clear + sasl 3536 * 4. tls + anon + none 3537 * 5. tls + anon + vnc 3538 * 6. tls + anon + sasl 3539 * 7. tls + x509 + none 3540 * 8. tls + x509 + vnc 3541 * 9. tls + x509 + sasl 3542 * 3543 * These need to be mapped into the VNC auth schemes 3544 * in an appropriate manner. In regular VNC, all the 3545 * TLS options get mapped into VNC_AUTH_VENCRYPT 3546 * sub-auth types. 3547 * 3548 * In websockets, the https:// protocol already provides 3549 * TLS support, so there is no need to make use of the 3550 * VeNCrypt extension. Furthermore, websockets browser 3551 * clients could not use VeNCrypt even if they wanted to, 3552 * as they cannot control when the TLS handshake takes 3553 * place. Thus there is no option but to rely on https://, 3554 * meaning combinations 4->6 and 7->9 will be mapped to 3555 * VNC auth schemes in the same way as combos 1->3. 3556 * 3557 * Regardless of fact that we have a different mapping to 3558 * VNC auth mechs for plain VNC vs websockets VNC, the end 3559 * result has the same security characteristics. 3560 */ 3561 if (websocket || !tlscreds) { 3562 if (password) { 3563 VNC_DEBUG("Initializing VNC server with password auth\n"); 3564 *auth = VNC_AUTH_VNC; 3565 } else if (sasl) { 3566 VNC_DEBUG("Initializing VNC server with SASL auth\n"); 3567 *auth = VNC_AUTH_SASL; 3568 } else { 3569 VNC_DEBUG("Initializing VNC server with no auth\n"); 3570 *auth = VNC_AUTH_NONE; 3571 } 3572 *subauth = VNC_AUTH_INVALID; 3573 } else { 3574 bool is_x509 = object_dynamic_cast(OBJECT(tlscreds), 3575 TYPE_QCRYPTO_TLS_CREDS_X509) != NULL; 3576 bool is_anon = object_dynamic_cast(OBJECT(tlscreds), 3577 TYPE_QCRYPTO_TLS_CREDS_ANON) != NULL; 3578 3579 if (!is_x509 && !is_anon) { 3580 error_setg(errp, 3581 "Unsupported TLS cred type %s", 3582 object_get_typename(OBJECT(tlscreds))); 3583 return -1; 3584 } 3585 *auth = VNC_AUTH_VENCRYPT; 3586 if (password) { 3587 if (is_x509) { 3588 VNC_DEBUG("Initializing VNC server with x509 password auth\n"); 3589 *subauth = VNC_AUTH_VENCRYPT_X509VNC; 3590 } else { 3591 VNC_DEBUG("Initializing VNC server with TLS password auth\n"); 3592 *subauth = VNC_AUTH_VENCRYPT_TLSVNC; 3593 } 3594 3595 } else if (sasl) { 3596 if (is_x509) { 3597 VNC_DEBUG("Initializing VNC server with x509 SASL auth\n"); 3598 *subauth = VNC_AUTH_VENCRYPT_X509SASL; 3599 } else { 3600 VNC_DEBUG("Initializing VNC server with TLS SASL auth\n"); 3601 *subauth = VNC_AUTH_VENCRYPT_TLSSASL; 3602 } 3603 } else { 3604 if (is_x509) { 3605 VNC_DEBUG("Initializing VNC server with x509 no auth\n"); 3606 *subauth = VNC_AUTH_VENCRYPT_X509NONE; 3607 } else { 3608 VNC_DEBUG("Initializing VNC server with TLS no auth\n"); 3609 *subauth = VNC_AUTH_VENCRYPT_TLSNONE; 3610 } 3611 } 3612 } 3613 return 0; 3614 } 3615 3616 3617 static int vnc_display_get_address(const char *addrstr, 3618 bool websocket, 3619 bool reverse, 3620 int displaynum, 3621 int to, 3622 bool has_ipv4, 3623 bool has_ipv6, 3624 bool ipv4, 3625 bool ipv6, 3626 SocketAddress **retaddr, 3627 Error **errp) 3628 { 3629 int ret = -1; 3630 SocketAddress *addr = NULL; 3631 3632 addr = g_new0(SocketAddress, 1); 3633 3634 if (strncmp(addrstr, "unix:", 5) == 0) { 3635 addr->type = SOCKET_ADDRESS_TYPE_UNIX; 3636 addr->u.q_unix.path = g_strdup(addrstr + 5); 3637 3638 if (websocket) { 3639 error_setg(errp, "UNIX sockets not supported with websock"); 3640 goto cleanup; 3641 } 3642 3643 if (to) { 3644 error_setg(errp, "Port range not support with UNIX socket"); 3645 goto cleanup; 3646 } 3647 ret = 0; 3648 } else { 3649 const char *port; 3650 size_t hostlen; 3651 unsigned long long baseport = 0; 3652 InetSocketAddress *inet; 3653 3654 port = strrchr(addrstr, ':'); 3655 if (!port) { 3656 if (websocket) { 3657 hostlen = 0; 3658 port = addrstr; 3659 } else { 3660 error_setg(errp, "no vnc port specified"); 3661 goto cleanup; 3662 } 3663 } else { 3664 hostlen = port - addrstr; 3665 port++; 3666 if (*port == '\0') { 3667 error_setg(errp, "vnc port cannot be empty"); 3668 goto cleanup; 3669 } 3670 } 3671 3672 addr->type = SOCKET_ADDRESS_TYPE_INET; 3673 inet = &addr->u.inet; 3674 if (addrstr[0] == '[' && addrstr[hostlen - 1] == ']') { 3675 inet->host = g_strndup(addrstr + 1, hostlen - 2); 3676 } else { 3677 inet->host = g_strndup(addrstr, hostlen); 3678 } 3679 /* plain VNC port is just an offset, for websocket 3680 * port is absolute */ 3681 if (websocket) { 3682 if (g_str_equal(addrstr, "") || 3683 g_str_equal(addrstr, "on")) { 3684 if (displaynum == -1) { 3685 error_setg(errp, "explicit websocket port is required"); 3686 goto cleanup; 3687 } 3688 inet->port = g_strdup_printf( 3689 "%d", displaynum + 5700); 3690 if (to) { 3691 inet->has_to = true; 3692 inet->to = to + 5700; 3693 } 3694 } else { 3695 inet->port = g_strdup(port); 3696 } 3697 } else { 3698 int offset = reverse ? 0 : 5900; 3699 if (parse_uint_full(port, &baseport, 10) < 0) { 3700 error_setg(errp, "can't convert to a number: %s", port); 3701 goto cleanup; 3702 } 3703 if (baseport > 65535 || 3704 baseport + offset > 65535) { 3705 error_setg(errp, "port %s out of range", port); 3706 goto cleanup; 3707 } 3708 inet->port = g_strdup_printf( 3709 "%d", (int)baseport + offset); 3710 3711 if (to) { 3712 inet->has_to = true; 3713 inet->to = to + offset; 3714 } 3715 } 3716 3717 inet->ipv4 = ipv4; 3718 inet->has_ipv4 = has_ipv4; 3719 inet->ipv6 = ipv6; 3720 inet->has_ipv6 = has_ipv6; 3721 3722 ret = baseport; 3723 } 3724 3725 *retaddr = addr; 3726 3727 cleanup: 3728 if (ret < 0) { 3729 qapi_free_SocketAddress(addr); 3730 } 3731 return ret; 3732 } 3733 3734 static void vnc_free_addresses(SocketAddress ***retsaddr, 3735 size_t *retnsaddr) 3736 { 3737 size_t i; 3738 3739 for (i = 0; i < *retnsaddr; i++) { 3740 qapi_free_SocketAddress((*retsaddr)[i]); 3741 } 3742 g_free(*retsaddr); 3743 3744 *retsaddr = NULL; 3745 *retnsaddr = 0; 3746 } 3747 3748 static int vnc_display_get_addresses(QemuOpts *opts, 3749 bool reverse, 3750 SocketAddress ***retsaddr, 3751 size_t *retnsaddr, 3752 SocketAddress ***retwsaddr, 3753 size_t *retnwsaddr, 3754 Error **errp) 3755 { 3756 SocketAddress *saddr = NULL; 3757 SocketAddress *wsaddr = NULL; 3758 QemuOptsIter addriter; 3759 const char *addr; 3760 int to = qemu_opt_get_number(opts, "to", 0); 3761 bool has_ipv4 = qemu_opt_get(opts, "ipv4"); 3762 bool has_ipv6 = qemu_opt_get(opts, "ipv6"); 3763 bool ipv4 = qemu_opt_get_bool(opts, "ipv4", false); 3764 bool ipv6 = qemu_opt_get_bool(opts, "ipv6", false); 3765 int displaynum = -1; 3766 int ret = -1; 3767 3768 *retsaddr = NULL; 3769 *retnsaddr = 0; 3770 *retwsaddr = NULL; 3771 *retnwsaddr = 0; 3772 3773 addr = qemu_opt_get(opts, "vnc"); 3774 if (addr == NULL || g_str_equal(addr, "none")) { 3775 ret = 0; 3776 goto cleanup; 3777 } 3778 if (qemu_opt_get(opts, "websocket") && 3779 !qcrypto_hash_supports(QCRYPTO_HASH_ALG_SHA1)) { 3780 error_setg(errp, 3781 "SHA1 hash support is required for websockets"); 3782 goto cleanup; 3783 } 3784 3785 qemu_opt_iter_init(&addriter, opts, "vnc"); 3786 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) { 3787 int rv; 3788 rv = vnc_display_get_address(addr, false, reverse, 0, to, 3789 has_ipv4, has_ipv6, 3790 ipv4, ipv6, 3791 &saddr, errp); 3792 if (rv < 0) { 3793 goto cleanup; 3794 } 3795 /* Historical compat - first listen address can be used 3796 * to set the default websocket port 3797 */ 3798 if (displaynum == -1) { 3799 displaynum = rv; 3800 } 3801 *retsaddr = g_renew(SocketAddress *, *retsaddr, *retnsaddr + 1); 3802 (*retsaddr)[(*retnsaddr)++] = saddr; 3803 } 3804 3805 /* If we had multiple primary displays, we don't do defaults 3806 * for websocket, and require explicit config instead. */ 3807 if (*retnsaddr > 1) { 3808 displaynum = -1; 3809 } 3810 3811 qemu_opt_iter_init(&addriter, opts, "websocket"); 3812 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) { 3813 if (vnc_display_get_address(addr, true, reverse, displaynum, to, 3814 has_ipv4, has_ipv6, 3815 ipv4, ipv6, 3816 &wsaddr, errp) < 0) { 3817 goto cleanup; 3818 } 3819 3820 /* Historical compat - if only a single listen address was 3821 * provided, then this is used to set the default listen 3822 * address for websocket too 3823 */ 3824 if (*retnsaddr == 1 && 3825 (*retsaddr)[0]->type == SOCKET_ADDRESS_TYPE_INET && 3826 wsaddr->type == SOCKET_ADDRESS_TYPE_INET && 3827 g_str_equal(wsaddr->u.inet.host, "") && 3828 !g_str_equal((*retsaddr)[0]->u.inet.host, "")) { 3829 g_free(wsaddr->u.inet.host); 3830 wsaddr->u.inet.host = g_strdup((*retsaddr)[0]->u.inet.host); 3831 } 3832 3833 *retwsaddr = g_renew(SocketAddress *, *retwsaddr, *retnwsaddr + 1); 3834 (*retwsaddr)[(*retnwsaddr)++] = wsaddr; 3835 } 3836 3837 ret = 0; 3838 cleanup: 3839 if (ret < 0) { 3840 vnc_free_addresses(retsaddr, retnsaddr); 3841 vnc_free_addresses(retwsaddr, retnwsaddr); 3842 } 3843 return ret; 3844 } 3845 3846 static int vnc_display_connect(VncDisplay *vd, 3847 SocketAddress **saddr, 3848 size_t nsaddr, 3849 SocketAddress **wsaddr, 3850 size_t nwsaddr, 3851 Error **errp) 3852 { 3853 /* connect to viewer */ 3854 QIOChannelSocket *sioc = NULL; 3855 if (nwsaddr != 0) { 3856 error_setg(errp, "Cannot use websockets in reverse mode"); 3857 return -1; 3858 } 3859 if (nsaddr != 1) { 3860 error_setg(errp, "Expected a single address in reverse mode"); 3861 return -1; 3862 } 3863 /* TODO SOCKET_ADDRESS_TYPE_FD when fd has AF_UNIX */ 3864 vd->is_unix = saddr[0]->type == SOCKET_ADDRESS_TYPE_UNIX; 3865 sioc = qio_channel_socket_new(); 3866 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-reverse"); 3867 if (qio_channel_socket_connect_sync(sioc, saddr[0], errp) < 0) { 3868 object_unref(OBJECT(sioc)); 3869 return -1; 3870 } 3871 vnc_connect(vd, sioc, false, false); 3872 object_unref(OBJECT(sioc)); 3873 return 0; 3874 } 3875 3876 3877 static int vnc_display_listen(VncDisplay *vd, 3878 SocketAddress **saddr, 3879 size_t nsaddr, 3880 SocketAddress **wsaddr, 3881 size_t nwsaddr, 3882 Error **errp) 3883 { 3884 size_t i; 3885 3886 if (nsaddr) { 3887 vd->listener = qio_net_listener_new(); 3888 qio_net_listener_set_name(vd->listener, "vnc-listen"); 3889 for (i = 0; i < nsaddr; i++) { 3890 if (qio_net_listener_open_sync(vd->listener, 3891 saddr[i], 1, 3892 errp) < 0) { 3893 return -1; 3894 } 3895 } 3896 3897 qio_net_listener_set_client_func(vd->listener, 3898 vnc_listen_io, vd, NULL); 3899 } 3900 3901 if (nwsaddr) { 3902 vd->wslistener = qio_net_listener_new(); 3903 qio_net_listener_set_name(vd->wslistener, "vnc-ws-listen"); 3904 for (i = 0; i < nwsaddr; i++) { 3905 if (qio_net_listener_open_sync(vd->wslistener, 3906 wsaddr[i], 1, 3907 errp) < 0) { 3908 return -1; 3909 } 3910 } 3911 3912 qio_net_listener_set_client_func(vd->wslistener, 3913 vnc_listen_io, vd, NULL); 3914 } 3915 3916 return 0; 3917 } 3918 3919 3920 void vnc_display_open(const char *id, Error **errp) 3921 { 3922 VncDisplay *vd = vnc_display_find(id); 3923 QemuOpts *opts = qemu_opts_find(&qemu_vnc_opts, id); 3924 SocketAddress **saddr = NULL, **wsaddr = NULL; 3925 size_t nsaddr, nwsaddr; 3926 const char *share, *device_id; 3927 QemuConsole *con; 3928 bool password = false; 3929 bool reverse = false; 3930 const char *credid; 3931 bool sasl = false; 3932 int acl = 0; 3933 const char *tlsauthz; 3934 const char *saslauthz; 3935 int lock_key_sync = 1; 3936 int key_delay_ms; 3937 const char *audiodev; 3938 3939 if (!vd) { 3940 error_setg(errp, "VNC display not active"); 3941 return; 3942 } 3943 vnc_display_close(vd); 3944 3945 if (!opts) { 3946 return; 3947 } 3948 3949 reverse = qemu_opt_get_bool(opts, "reverse", false); 3950 if (vnc_display_get_addresses(opts, reverse, &saddr, &nsaddr, 3951 &wsaddr, &nwsaddr, errp) < 0) { 3952 goto fail; 3953 } 3954 3955 password = qemu_opt_get_bool(opts, "password", false); 3956 if (password) { 3957 if (fips_get_state()) { 3958 error_setg(errp, 3959 "VNC password auth disabled due to FIPS mode, " 3960 "consider using the VeNCrypt or SASL authentication " 3961 "methods as an alternative"); 3962 goto fail; 3963 } 3964 if (!qcrypto_cipher_supports( 3965 QCRYPTO_CIPHER_ALG_DES_RFB, QCRYPTO_CIPHER_MODE_ECB)) { 3966 error_setg(errp, 3967 "Cipher backend does not support DES RFB algorithm"); 3968 goto fail; 3969 } 3970 } 3971 3972 lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true); 3973 key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 10); 3974 sasl = qemu_opt_get_bool(opts, "sasl", false); 3975 #ifndef CONFIG_VNC_SASL 3976 if (sasl) { 3977 error_setg(errp, "VNC SASL auth requires cyrus-sasl support"); 3978 goto fail; 3979 } 3980 #endif /* CONFIG_VNC_SASL */ 3981 credid = qemu_opt_get(opts, "tls-creds"); 3982 if (credid) { 3983 Object *creds; 3984 creds = object_resolve_path_component( 3985 object_get_objects_root(), credid); 3986 if (!creds) { 3987 error_setg(errp, "No TLS credentials with id '%s'", 3988 credid); 3989 goto fail; 3990 } 3991 vd->tlscreds = (QCryptoTLSCreds *) 3992 object_dynamic_cast(creds, 3993 TYPE_QCRYPTO_TLS_CREDS); 3994 if (!vd->tlscreds) { 3995 error_setg(errp, "Object with id '%s' is not TLS credentials", 3996 credid); 3997 goto fail; 3998 } 3999 object_ref(OBJECT(vd->tlscreds)); 4000 4001 if (vd->tlscreds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) { 4002 error_setg(errp, 4003 "Expecting TLS credentials with a server endpoint"); 4004 goto fail; 4005 } 4006 } 4007 if (qemu_opt_get(opts, "acl")) { 4008 error_report("The 'acl' option to -vnc is deprecated. " 4009 "Please use the 'tls-authz' and 'sasl-authz' " 4010 "options instead"); 4011 } 4012 acl = qemu_opt_get_bool(opts, "acl", false); 4013 tlsauthz = qemu_opt_get(opts, "tls-authz"); 4014 if (acl && tlsauthz) { 4015 error_setg(errp, "'acl' option is mutually exclusive with the " 4016 "'tls-authz' option"); 4017 goto fail; 4018 } 4019 if (tlsauthz && !vd->tlscreds) { 4020 error_setg(errp, "'tls-authz' provided but TLS is not enabled"); 4021 goto fail; 4022 } 4023 4024 saslauthz = qemu_opt_get(opts, "sasl-authz"); 4025 if (acl && saslauthz) { 4026 error_setg(errp, "'acl' option is mutually exclusive with the " 4027 "'sasl-authz' option"); 4028 goto fail; 4029 } 4030 if (saslauthz && !sasl) { 4031 error_setg(errp, "'sasl-authz' provided but SASL auth is not enabled"); 4032 goto fail; 4033 } 4034 4035 share = qemu_opt_get(opts, "share"); 4036 if (share) { 4037 if (strcmp(share, "ignore") == 0) { 4038 vd->share_policy = VNC_SHARE_POLICY_IGNORE; 4039 } else if (strcmp(share, "allow-exclusive") == 0) { 4040 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 4041 } else if (strcmp(share, "force-shared") == 0) { 4042 vd->share_policy = VNC_SHARE_POLICY_FORCE_SHARED; 4043 } else { 4044 error_setg(errp, "unknown vnc share= option"); 4045 goto fail; 4046 } 4047 } else { 4048 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 4049 } 4050 vd->connections_limit = qemu_opt_get_number(opts, "connections", 32); 4051 4052 #ifdef CONFIG_VNC_JPEG 4053 vd->lossy = qemu_opt_get_bool(opts, "lossy", false); 4054 #endif 4055 vd->non_adaptive = qemu_opt_get_bool(opts, "non-adaptive", false); 4056 /* adaptive updates are only used with tight encoding and 4057 * if lossy updates are enabled so we can disable all the 4058 * calculations otherwise */ 4059 if (!vd->lossy) { 4060 vd->non_adaptive = true; 4061 } 4062 4063 vd->power_control = qemu_opt_get_bool(opts, "power-control", false); 4064 4065 if (tlsauthz) { 4066 vd->tlsauthzid = g_strdup(tlsauthz); 4067 } else if (acl) { 4068 if (strcmp(vd->id, "default") == 0) { 4069 vd->tlsauthzid = g_strdup("vnc.x509dname"); 4070 } else { 4071 vd->tlsauthzid = g_strdup_printf("vnc.%s.x509dname", vd->id); 4072 } 4073 vd->tlsauthz = QAUTHZ(qauthz_list_new(vd->tlsauthzid, 4074 QAUTHZ_LIST_POLICY_DENY, 4075 &error_abort)); 4076 } 4077 #ifdef CONFIG_VNC_SASL 4078 if (sasl) { 4079 if (saslauthz) { 4080 vd->sasl.authzid = g_strdup(saslauthz); 4081 } else if (acl) { 4082 if (strcmp(vd->id, "default") == 0) { 4083 vd->sasl.authzid = g_strdup("vnc.username"); 4084 } else { 4085 vd->sasl.authzid = g_strdup_printf("vnc.%s.username", vd->id); 4086 } 4087 vd->sasl.authz = QAUTHZ(qauthz_list_new(vd->sasl.authzid, 4088 QAUTHZ_LIST_POLICY_DENY, 4089 &error_abort)); 4090 } 4091 } 4092 #endif 4093 4094 if (vnc_display_setup_auth(&vd->auth, &vd->subauth, 4095 vd->tlscreds, password, 4096 sasl, false, errp) < 0) { 4097 goto fail; 4098 } 4099 trace_vnc_auth_init(vd, 0, vd->auth, vd->subauth); 4100 4101 if (vnc_display_setup_auth(&vd->ws_auth, &vd->ws_subauth, 4102 vd->tlscreds, password, 4103 sasl, true, errp) < 0) { 4104 goto fail; 4105 } 4106 trace_vnc_auth_init(vd, 1, vd->ws_auth, vd->ws_subauth); 4107 4108 #ifdef CONFIG_VNC_SASL 4109 if (sasl) { 4110 int saslErr = sasl_server_init(NULL, "qemu"); 4111 4112 if (saslErr != SASL_OK) { 4113 error_setg(errp, "Failed to initialize SASL auth: %s", 4114 sasl_errstring(saslErr, NULL, NULL)); 4115 goto fail; 4116 } 4117 } 4118 #endif 4119 vd->lock_key_sync = lock_key_sync; 4120 if (lock_key_sync) { 4121 vd->led = qemu_add_led_event_handler(kbd_leds, vd); 4122 } 4123 vd->ledstate = 0; 4124 4125 audiodev = qemu_opt_get(opts, "audiodev"); 4126 if (audiodev) { 4127 vd->audio_state = audio_state_by_name(audiodev); 4128 if (!vd->audio_state) { 4129 error_setg(errp, "Audiodev '%s' not found", audiodev); 4130 goto fail; 4131 } 4132 } 4133 4134 device_id = qemu_opt_get(opts, "display"); 4135 if (device_id) { 4136 int head = qemu_opt_get_number(opts, "head", 0); 4137 Error *err = NULL; 4138 4139 con = qemu_console_lookup_by_device_name(device_id, head, &err); 4140 if (err) { 4141 error_propagate(errp, err); 4142 goto fail; 4143 } 4144 } else { 4145 con = NULL; 4146 } 4147 4148 if (con != vd->dcl.con) { 4149 qkbd_state_free(vd->kbd); 4150 unregister_displaychangelistener(&vd->dcl); 4151 vd->dcl.con = con; 4152 register_displaychangelistener(&vd->dcl); 4153 vd->kbd = qkbd_state_init(vd->dcl.con); 4154 } 4155 qkbd_state_set_delay(vd->kbd, key_delay_ms); 4156 4157 if (saddr == NULL) { 4158 goto cleanup; 4159 } 4160 4161 if (reverse) { 4162 if (vnc_display_connect(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) { 4163 goto fail; 4164 } 4165 } else { 4166 if (vnc_display_listen(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) { 4167 goto fail; 4168 } 4169 } 4170 4171 if (qemu_opt_get(opts, "to")) { 4172 vnc_display_print_local_addr(vd); 4173 } 4174 4175 cleanup: 4176 vnc_free_addresses(&saddr, &nsaddr); 4177 vnc_free_addresses(&wsaddr, &nwsaddr); 4178 return; 4179 4180 fail: 4181 vnc_display_close(vd); 4182 goto cleanup; 4183 } 4184 4185 void vnc_display_add_client(const char *id, int csock, bool skipauth) 4186 { 4187 VncDisplay *vd = vnc_display_find(id); 4188 QIOChannelSocket *sioc; 4189 4190 if (!vd) { 4191 return; 4192 } 4193 4194 sioc = qio_channel_socket_new_fd(csock, NULL); 4195 if (sioc) { 4196 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-server"); 4197 vnc_connect(vd, sioc, skipauth, false); 4198 object_unref(OBJECT(sioc)); 4199 } 4200 } 4201 4202 static void vnc_auto_assign_id(QemuOptsList *olist, QemuOpts *opts) 4203 { 4204 int i = 2; 4205 char *id; 4206 4207 id = g_strdup("default"); 4208 while (qemu_opts_find(olist, id)) { 4209 g_free(id); 4210 id = g_strdup_printf("vnc%d", i++); 4211 } 4212 qemu_opts_set_id(opts, id); 4213 } 4214 4215 void vnc_parse(const char *str) 4216 { 4217 QemuOptsList *olist = qemu_find_opts("vnc"); 4218 QemuOpts *opts = qemu_opts_parse_noisily(olist, str, !is_help_option(str)); 4219 const char *id; 4220 4221 if (!opts) { 4222 exit(1); 4223 } 4224 4225 id = qemu_opts_id(opts); 4226 if (!id) { 4227 /* auto-assign id if not present */ 4228 vnc_auto_assign_id(olist, opts); 4229 } 4230 } 4231 4232 int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp) 4233 { 4234 Error *local_err = NULL; 4235 char *id = (char *)qemu_opts_id(opts); 4236 4237 assert(id); 4238 vnc_display_init(id, &local_err); 4239 if (local_err) { 4240 error_propagate(errp, local_err); 4241 return -1; 4242 } 4243 vnc_display_open(id, &local_err); 4244 if (local_err != NULL) { 4245 error_propagate(errp, local_err); 4246 return -1; 4247 } 4248 return 0; 4249 } 4250 4251 static void vnc_register_config(void) 4252 { 4253 qemu_add_opts(&qemu_vnc_opts); 4254 } 4255 opts_init(vnc_register_config); 4256