1 /* 2 * QEMU VNC display driver 3 * 4 * Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws> 5 * Copyright (C) 2006 Fabrice Bellard 6 * Copyright (C) 2009 Red Hat, Inc 7 * 8 * Permission is hereby granted, free of charge, to any person obtaining a copy 9 * of this software and associated documentation files (the "Software"), to deal 10 * in the Software without restriction, including without limitation the rights 11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 12 * copies of the Software, and to permit persons to whom the Software is 13 * furnished to do so, subject to the following conditions: 14 * 15 * The above copyright notice and this permission notice shall be included in 16 * all copies or substantial portions of the Software. 17 * 18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 21 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 24 * THE SOFTWARE. 25 */ 26 27 #include "qemu/osdep.h" 28 #include "vnc.h" 29 #include "vnc-jobs.h" 30 #include "trace.h" 31 #include "sysemu/sysemu.h" 32 #include "qemu/error-report.h" 33 #include "qemu/module.h" 34 #include "qemu/option.h" 35 #include "qemu/sockets.h" 36 #include "qemu/timer.h" 37 #include "authz/list.h" 38 #include "qemu/config-file.h" 39 #include "qapi/qapi-emit-events.h" 40 #include "qapi/qapi-events-ui.h" 41 #include "qapi/error.h" 42 #include "qapi/qapi-commands-ui.h" 43 #include "ui/input.h" 44 #include "crypto/hash.h" 45 #include "crypto/tlscredsanon.h" 46 #include "crypto/tlscredsx509.h" 47 #include "crypto/random.h" 48 #include "qom/object_interfaces.h" 49 #include "qemu/cutils.h" 50 #include "io/dns-resolver.h" 51 52 #define VNC_REFRESH_INTERVAL_BASE GUI_REFRESH_INTERVAL_DEFAULT 53 #define VNC_REFRESH_INTERVAL_INC 50 54 #define VNC_REFRESH_INTERVAL_MAX GUI_REFRESH_INTERVAL_IDLE 55 static const struct timeval VNC_REFRESH_STATS = { 0, 500000 }; 56 static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 }; 57 58 #include "vnc_keysym.h" 59 #include "crypto/cipher.h" 60 61 static QTAILQ_HEAD(, VncDisplay) vnc_displays = 62 QTAILQ_HEAD_INITIALIZER(vnc_displays); 63 64 static int vnc_cursor_define(VncState *vs); 65 static void vnc_update_throttle_offset(VncState *vs); 66 67 static void vnc_set_share_mode(VncState *vs, VncShareMode mode) 68 { 69 #ifdef _VNC_DEBUG 70 static const char *mn[] = { 71 [0] = "undefined", 72 [VNC_SHARE_MODE_CONNECTING] = "connecting", 73 [VNC_SHARE_MODE_SHARED] = "shared", 74 [VNC_SHARE_MODE_EXCLUSIVE] = "exclusive", 75 [VNC_SHARE_MODE_DISCONNECTED] = "disconnected", 76 }; 77 fprintf(stderr, "%s/%p: %s -> %s\n", __func__, 78 vs->ioc, mn[vs->share_mode], mn[mode]); 79 #endif 80 81 switch (vs->share_mode) { 82 case VNC_SHARE_MODE_CONNECTING: 83 vs->vd->num_connecting--; 84 break; 85 case VNC_SHARE_MODE_SHARED: 86 vs->vd->num_shared--; 87 break; 88 case VNC_SHARE_MODE_EXCLUSIVE: 89 vs->vd->num_exclusive--; 90 break; 91 default: 92 break; 93 } 94 95 vs->share_mode = mode; 96 97 switch (vs->share_mode) { 98 case VNC_SHARE_MODE_CONNECTING: 99 vs->vd->num_connecting++; 100 break; 101 case VNC_SHARE_MODE_SHARED: 102 vs->vd->num_shared++; 103 break; 104 case VNC_SHARE_MODE_EXCLUSIVE: 105 vs->vd->num_exclusive++; 106 break; 107 default: 108 break; 109 } 110 } 111 112 113 static void vnc_init_basic_info(SocketAddress *addr, 114 VncBasicInfo *info, 115 Error **errp) 116 { 117 switch (addr->type) { 118 case SOCKET_ADDRESS_TYPE_INET: 119 info->host = g_strdup(addr->u.inet.host); 120 info->service = g_strdup(addr->u.inet.port); 121 if (addr->u.inet.ipv6) { 122 info->family = NETWORK_ADDRESS_FAMILY_IPV6; 123 } else { 124 info->family = NETWORK_ADDRESS_FAMILY_IPV4; 125 } 126 break; 127 128 case SOCKET_ADDRESS_TYPE_UNIX: 129 info->host = g_strdup(""); 130 info->service = g_strdup(addr->u.q_unix.path); 131 info->family = NETWORK_ADDRESS_FAMILY_UNIX; 132 break; 133 134 case SOCKET_ADDRESS_TYPE_VSOCK: 135 case SOCKET_ADDRESS_TYPE_FD: 136 error_setg(errp, "Unsupported socket address type %s", 137 SocketAddressType_str(addr->type)); 138 break; 139 default: 140 abort(); 141 } 142 143 return; 144 } 145 146 static void vnc_init_basic_info_from_server_addr(QIOChannelSocket *ioc, 147 VncBasicInfo *info, 148 Error **errp) 149 { 150 SocketAddress *addr = NULL; 151 152 if (!ioc) { 153 error_setg(errp, "No listener socket available"); 154 return; 155 } 156 157 addr = qio_channel_socket_get_local_address(ioc, errp); 158 if (!addr) { 159 return; 160 } 161 162 vnc_init_basic_info(addr, info, errp); 163 qapi_free_SocketAddress(addr); 164 } 165 166 static void vnc_init_basic_info_from_remote_addr(QIOChannelSocket *ioc, 167 VncBasicInfo *info, 168 Error **errp) 169 { 170 SocketAddress *addr = NULL; 171 172 addr = qio_channel_socket_get_remote_address(ioc, errp); 173 if (!addr) { 174 return; 175 } 176 177 vnc_init_basic_info(addr, info, errp); 178 qapi_free_SocketAddress(addr); 179 } 180 181 static const char *vnc_auth_name(VncDisplay *vd) { 182 switch (vd->auth) { 183 case VNC_AUTH_INVALID: 184 return "invalid"; 185 case VNC_AUTH_NONE: 186 return "none"; 187 case VNC_AUTH_VNC: 188 return "vnc"; 189 case VNC_AUTH_RA2: 190 return "ra2"; 191 case VNC_AUTH_RA2NE: 192 return "ra2ne"; 193 case VNC_AUTH_TIGHT: 194 return "tight"; 195 case VNC_AUTH_ULTRA: 196 return "ultra"; 197 case VNC_AUTH_TLS: 198 return "tls"; 199 case VNC_AUTH_VENCRYPT: 200 switch (vd->subauth) { 201 case VNC_AUTH_VENCRYPT_PLAIN: 202 return "vencrypt+plain"; 203 case VNC_AUTH_VENCRYPT_TLSNONE: 204 return "vencrypt+tls+none"; 205 case VNC_AUTH_VENCRYPT_TLSVNC: 206 return "vencrypt+tls+vnc"; 207 case VNC_AUTH_VENCRYPT_TLSPLAIN: 208 return "vencrypt+tls+plain"; 209 case VNC_AUTH_VENCRYPT_X509NONE: 210 return "vencrypt+x509+none"; 211 case VNC_AUTH_VENCRYPT_X509VNC: 212 return "vencrypt+x509+vnc"; 213 case VNC_AUTH_VENCRYPT_X509PLAIN: 214 return "vencrypt+x509+plain"; 215 case VNC_AUTH_VENCRYPT_TLSSASL: 216 return "vencrypt+tls+sasl"; 217 case VNC_AUTH_VENCRYPT_X509SASL: 218 return "vencrypt+x509+sasl"; 219 default: 220 return "vencrypt"; 221 } 222 case VNC_AUTH_SASL: 223 return "sasl"; 224 } 225 return "unknown"; 226 } 227 228 static VncServerInfo *vnc_server_info_get(VncDisplay *vd) 229 { 230 VncServerInfo *info; 231 Error *err = NULL; 232 233 if (!vd->listener || !vd->listener->nsioc) { 234 return NULL; 235 } 236 237 info = g_malloc0(sizeof(*info)); 238 vnc_init_basic_info_from_server_addr(vd->listener->sioc[0], 239 qapi_VncServerInfo_base(info), &err); 240 info->has_auth = true; 241 info->auth = g_strdup(vnc_auth_name(vd)); 242 if (err) { 243 qapi_free_VncServerInfo(info); 244 info = NULL; 245 error_free(err); 246 } 247 return info; 248 } 249 250 static void vnc_client_cache_auth(VncState *client) 251 { 252 if (!client->info) { 253 return; 254 } 255 256 if (client->tls) { 257 client->info->x509_dname = 258 qcrypto_tls_session_get_peer_name(client->tls); 259 client->info->has_x509_dname = 260 client->info->x509_dname != NULL; 261 } 262 #ifdef CONFIG_VNC_SASL 263 if (client->sasl.conn && 264 client->sasl.username) { 265 client->info->has_sasl_username = true; 266 client->info->sasl_username = g_strdup(client->sasl.username); 267 } 268 #endif 269 } 270 271 static void vnc_client_cache_addr(VncState *client) 272 { 273 Error *err = NULL; 274 275 client->info = g_malloc0(sizeof(*client->info)); 276 vnc_init_basic_info_from_remote_addr(client->sioc, 277 qapi_VncClientInfo_base(client->info), 278 &err); 279 if (err) { 280 qapi_free_VncClientInfo(client->info); 281 client->info = NULL; 282 error_free(err); 283 } 284 } 285 286 static void vnc_qmp_event(VncState *vs, QAPIEvent event) 287 { 288 VncServerInfo *si; 289 290 if (!vs->info) { 291 return; 292 } 293 294 si = vnc_server_info_get(vs->vd); 295 if (!si) { 296 return; 297 } 298 299 switch (event) { 300 case QAPI_EVENT_VNC_CONNECTED: 301 qapi_event_send_vnc_connected(si, qapi_VncClientInfo_base(vs->info)); 302 break; 303 case QAPI_EVENT_VNC_INITIALIZED: 304 qapi_event_send_vnc_initialized(si, vs->info); 305 break; 306 case QAPI_EVENT_VNC_DISCONNECTED: 307 qapi_event_send_vnc_disconnected(si, vs->info); 308 break; 309 default: 310 break; 311 } 312 313 qapi_free_VncServerInfo(si); 314 } 315 316 static VncClientInfo *qmp_query_vnc_client(const VncState *client) 317 { 318 VncClientInfo *info; 319 Error *err = NULL; 320 321 info = g_malloc0(sizeof(*info)); 322 323 vnc_init_basic_info_from_remote_addr(client->sioc, 324 qapi_VncClientInfo_base(info), 325 &err); 326 if (err) { 327 error_free(err); 328 qapi_free_VncClientInfo(info); 329 return NULL; 330 } 331 332 info->websocket = client->websocket; 333 334 if (client->tls) { 335 info->x509_dname = qcrypto_tls_session_get_peer_name(client->tls); 336 info->has_x509_dname = info->x509_dname != NULL; 337 } 338 #ifdef CONFIG_VNC_SASL 339 if (client->sasl.conn && client->sasl.username) { 340 info->has_sasl_username = true; 341 info->sasl_username = g_strdup(client->sasl.username); 342 } 343 #endif 344 345 return info; 346 } 347 348 static VncDisplay *vnc_display_find(const char *id) 349 { 350 VncDisplay *vd; 351 352 if (id == NULL) { 353 return QTAILQ_FIRST(&vnc_displays); 354 } 355 QTAILQ_FOREACH(vd, &vnc_displays, next) { 356 if (strcmp(id, vd->id) == 0) { 357 return vd; 358 } 359 } 360 return NULL; 361 } 362 363 static VncClientInfoList *qmp_query_client_list(VncDisplay *vd) 364 { 365 VncClientInfoList *cinfo, *prev = NULL; 366 VncState *client; 367 368 QTAILQ_FOREACH(client, &vd->clients, next) { 369 cinfo = g_new0(VncClientInfoList, 1); 370 cinfo->value = qmp_query_vnc_client(client); 371 cinfo->next = prev; 372 prev = cinfo; 373 } 374 return prev; 375 } 376 377 VncInfo *qmp_query_vnc(Error **errp) 378 { 379 VncInfo *info = g_malloc0(sizeof(*info)); 380 VncDisplay *vd = vnc_display_find(NULL); 381 SocketAddress *addr = NULL; 382 383 if (vd == NULL || !vd->listener || !vd->listener->nsioc) { 384 info->enabled = false; 385 } else { 386 info->enabled = true; 387 388 /* for compatibility with the original command */ 389 info->has_clients = true; 390 info->clients = qmp_query_client_list(vd); 391 392 addr = qio_channel_socket_get_local_address(vd->listener->sioc[0], 393 errp); 394 if (!addr) { 395 goto out_error; 396 } 397 398 switch (addr->type) { 399 case SOCKET_ADDRESS_TYPE_INET: 400 info->host = g_strdup(addr->u.inet.host); 401 info->service = g_strdup(addr->u.inet.port); 402 if (addr->u.inet.ipv6) { 403 info->family = NETWORK_ADDRESS_FAMILY_IPV6; 404 } else { 405 info->family = NETWORK_ADDRESS_FAMILY_IPV4; 406 } 407 break; 408 409 case SOCKET_ADDRESS_TYPE_UNIX: 410 info->host = g_strdup(""); 411 info->service = g_strdup(addr->u.q_unix.path); 412 info->family = NETWORK_ADDRESS_FAMILY_UNIX; 413 break; 414 415 case SOCKET_ADDRESS_TYPE_VSOCK: 416 case SOCKET_ADDRESS_TYPE_FD: 417 error_setg(errp, "Unsupported socket address type %s", 418 SocketAddressType_str(addr->type)); 419 goto out_error; 420 default: 421 abort(); 422 } 423 424 info->has_host = true; 425 info->has_service = true; 426 info->has_family = true; 427 428 info->has_auth = true; 429 info->auth = g_strdup(vnc_auth_name(vd)); 430 } 431 432 qapi_free_SocketAddress(addr); 433 return info; 434 435 out_error: 436 qapi_free_SocketAddress(addr); 437 qapi_free_VncInfo(info); 438 return NULL; 439 } 440 441 442 static void qmp_query_auth(int auth, int subauth, 443 VncPrimaryAuth *qmp_auth, 444 VncVencryptSubAuth *qmp_vencrypt, 445 bool *qmp_has_vencrypt); 446 447 static VncServerInfo2List *qmp_query_server_entry(QIOChannelSocket *ioc, 448 bool websocket, 449 int auth, 450 int subauth, 451 VncServerInfo2List *prev) 452 { 453 VncServerInfo2List *list; 454 VncServerInfo2 *info; 455 Error *err = NULL; 456 SocketAddress *addr; 457 458 addr = qio_channel_socket_get_local_address(ioc, &err); 459 if (!addr) { 460 error_free(err); 461 return prev; 462 } 463 464 info = g_new0(VncServerInfo2, 1); 465 vnc_init_basic_info(addr, qapi_VncServerInfo2_base(info), &err); 466 qapi_free_SocketAddress(addr); 467 if (err) { 468 qapi_free_VncServerInfo2(info); 469 error_free(err); 470 return prev; 471 } 472 info->websocket = websocket; 473 474 qmp_query_auth(auth, subauth, &info->auth, 475 &info->vencrypt, &info->has_vencrypt); 476 477 list = g_new0(VncServerInfo2List, 1); 478 list->value = info; 479 list->next = prev; 480 return list; 481 } 482 483 static void qmp_query_auth(int auth, int subauth, 484 VncPrimaryAuth *qmp_auth, 485 VncVencryptSubAuth *qmp_vencrypt, 486 bool *qmp_has_vencrypt) 487 { 488 switch (auth) { 489 case VNC_AUTH_VNC: 490 *qmp_auth = VNC_PRIMARY_AUTH_VNC; 491 break; 492 case VNC_AUTH_RA2: 493 *qmp_auth = VNC_PRIMARY_AUTH_RA2; 494 break; 495 case VNC_AUTH_RA2NE: 496 *qmp_auth = VNC_PRIMARY_AUTH_RA2NE; 497 break; 498 case VNC_AUTH_TIGHT: 499 *qmp_auth = VNC_PRIMARY_AUTH_TIGHT; 500 break; 501 case VNC_AUTH_ULTRA: 502 *qmp_auth = VNC_PRIMARY_AUTH_ULTRA; 503 break; 504 case VNC_AUTH_TLS: 505 *qmp_auth = VNC_PRIMARY_AUTH_TLS; 506 break; 507 case VNC_AUTH_VENCRYPT: 508 *qmp_auth = VNC_PRIMARY_AUTH_VENCRYPT; 509 *qmp_has_vencrypt = true; 510 switch (subauth) { 511 case VNC_AUTH_VENCRYPT_PLAIN: 512 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_PLAIN; 513 break; 514 case VNC_AUTH_VENCRYPT_TLSNONE: 515 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_NONE; 516 break; 517 case VNC_AUTH_VENCRYPT_TLSVNC: 518 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_VNC; 519 break; 520 case VNC_AUTH_VENCRYPT_TLSPLAIN: 521 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_PLAIN; 522 break; 523 case VNC_AUTH_VENCRYPT_X509NONE: 524 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_NONE; 525 break; 526 case VNC_AUTH_VENCRYPT_X509VNC: 527 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_VNC; 528 break; 529 case VNC_AUTH_VENCRYPT_X509PLAIN: 530 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_PLAIN; 531 break; 532 case VNC_AUTH_VENCRYPT_TLSSASL: 533 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_SASL; 534 break; 535 case VNC_AUTH_VENCRYPT_X509SASL: 536 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_SASL; 537 break; 538 default: 539 *qmp_has_vencrypt = false; 540 break; 541 } 542 break; 543 case VNC_AUTH_SASL: 544 *qmp_auth = VNC_PRIMARY_AUTH_SASL; 545 break; 546 case VNC_AUTH_NONE: 547 default: 548 *qmp_auth = VNC_PRIMARY_AUTH_NONE; 549 break; 550 } 551 } 552 553 VncInfo2List *qmp_query_vnc_servers(Error **errp) 554 { 555 VncInfo2List *item, *prev = NULL; 556 VncInfo2 *info; 557 VncDisplay *vd; 558 DeviceState *dev; 559 size_t i; 560 561 QTAILQ_FOREACH(vd, &vnc_displays, next) { 562 info = g_new0(VncInfo2, 1); 563 info->id = g_strdup(vd->id); 564 info->clients = qmp_query_client_list(vd); 565 qmp_query_auth(vd->auth, vd->subauth, &info->auth, 566 &info->vencrypt, &info->has_vencrypt); 567 if (vd->dcl.con) { 568 dev = DEVICE(object_property_get_link(OBJECT(vd->dcl.con), 569 "device", NULL)); 570 info->has_display = true; 571 info->display = g_strdup(dev->id); 572 } 573 for (i = 0; vd->listener != NULL && i < vd->listener->nsioc; i++) { 574 info->server = qmp_query_server_entry( 575 vd->listener->sioc[i], false, vd->auth, vd->subauth, 576 info->server); 577 } 578 for (i = 0; vd->wslistener != NULL && i < vd->wslistener->nsioc; i++) { 579 info->server = qmp_query_server_entry( 580 vd->wslistener->sioc[i], true, vd->ws_auth, 581 vd->ws_subauth, info->server); 582 } 583 584 item = g_new0(VncInfo2List, 1); 585 item->value = info; 586 item->next = prev; 587 prev = item; 588 } 589 return prev; 590 } 591 592 /* TODO 593 1) Get the queue working for IO. 594 2) there is some weirdness when using the -S option (the screen is grey 595 and not totally invalidated 596 3) resolutions > 1024 597 */ 598 599 static int vnc_update_client(VncState *vs, int has_dirty); 600 static void vnc_disconnect_start(VncState *vs); 601 602 static void vnc_colordepth(VncState *vs); 603 static void framebuffer_update_request(VncState *vs, int incremental, 604 int x_position, int y_position, 605 int w, int h); 606 static void vnc_refresh(DisplayChangeListener *dcl); 607 static int vnc_refresh_server_surface(VncDisplay *vd); 608 609 static int vnc_width(VncDisplay *vd) 610 { 611 return MIN(VNC_MAX_WIDTH, ROUND_UP(surface_width(vd->ds), 612 VNC_DIRTY_PIXELS_PER_BIT)); 613 } 614 615 static int vnc_height(VncDisplay *vd) 616 { 617 return MIN(VNC_MAX_HEIGHT, surface_height(vd->ds)); 618 } 619 620 static void vnc_set_area_dirty(DECLARE_BITMAP(dirty[VNC_MAX_HEIGHT], 621 VNC_MAX_WIDTH / VNC_DIRTY_PIXELS_PER_BIT), 622 VncDisplay *vd, 623 int x, int y, int w, int h) 624 { 625 int width = vnc_width(vd); 626 int height = vnc_height(vd); 627 628 /* this is needed this to ensure we updated all affected 629 * blocks if x % VNC_DIRTY_PIXELS_PER_BIT != 0 */ 630 w += (x % VNC_DIRTY_PIXELS_PER_BIT); 631 x -= (x % VNC_DIRTY_PIXELS_PER_BIT); 632 633 x = MIN(x, width); 634 y = MIN(y, height); 635 w = MIN(x + w, width) - x; 636 h = MIN(y + h, height); 637 638 for (; y < h; y++) { 639 bitmap_set(dirty[y], x / VNC_DIRTY_PIXELS_PER_BIT, 640 DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT)); 641 } 642 } 643 644 static void vnc_dpy_update(DisplayChangeListener *dcl, 645 int x, int y, int w, int h) 646 { 647 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 648 struct VncSurface *s = &vd->guest; 649 650 vnc_set_area_dirty(s->dirty, vd, x, y, w, h); 651 } 652 653 void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h, 654 int32_t encoding) 655 { 656 vnc_write_u16(vs, x); 657 vnc_write_u16(vs, y); 658 vnc_write_u16(vs, w); 659 vnc_write_u16(vs, h); 660 661 vnc_write_s32(vs, encoding); 662 } 663 664 665 static void vnc_desktop_resize(VncState *vs) 666 { 667 if (vs->ioc == NULL || !vnc_has_feature(vs, VNC_FEATURE_RESIZE)) { 668 return; 669 } 670 if (vs->client_width == pixman_image_get_width(vs->vd->server) && 671 vs->client_height == pixman_image_get_height(vs->vd->server)) { 672 return; 673 } 674 675 assert(pixman_image_get_width(vs->vd->server) < 65536 && 676 pixman_image_get_width(vs->vd->server) >= 0); 677 assert(pixman_image_get_height(vs->vd->server) < 65536 && 678 pixman_image_get_height(vs->vd->server) >= 0); 679 vs->client_width = pixman_image_get_width(vs->vd->server); 680 vs->client_height = pixman_image_get_height(vs->vd->server); 681 vnc_lock_output(vs); 682 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 683 vnc_write_u8(vs, 0); 684 vnc_write_u16(vs, 1); /* number of rects */ 685 vnc_framebuffer_update(vs, 0, 0, vs->client_width, vs->client_height, 686 VNC_ENCODING_DESKTOPRESIZE); 687 vnc_unlock_output(vs); 688 vnc_flush(vs); 689 } 690 691 static void vnc_abort_display_jobs(VncDisplay *vd) 692 { 693 VncState *vs; 694 695 QTAILQ_FOREACH(vs, &vd->clients, next) { 696 vnc_lock_output(vs); 697 vs->abort = true; 698 vnc_unlock_output(vs); 699 } 700 QTAILQ_FOREACH(vs, &vd->clients, next) { 701 vnc_jobs_join(vs); 702 } 703 QTAILQ_FOREACH(vs, &vd->clients, next) { 704 vnc_lock_output(vs); 705 if (vs->update == VNC_STATE_UPDATE_NONE && 706 vs->job_update != VNC_STATE_UPDATE_NONE) { 707 /* job aborted before completion */ 708 vs->update = vs->job_update; 709 vs->job_update = VNC_STATE_UPDATE_NONE; 710 } 711 vs->abort = false; 712 vnc_unlock_output(vs); 713 } 714 } 715 716 int vnc_server_fb_stride(VncDisplay *vd) 717 { 718 return pixman_image_get_stride(vd->server); 719 } 720 721 void *vnc_server_fb_ptr(VncDisplay *vd, int x, int y) 722 { 723 uint8_t *ptr; 724 725 ptr = (uint8_t *)pixman_image_get_data(vd->server); 726 ptr += y * vnc_server_fb_stride(vd); 727 ptr += x * VNC_SERVER_FB_BYTES; 728 return ptr; 729 } 730 731 static void vnc_update_server_surface(VncDisplay *vd) 732 { 733 int width, height; 734 735 qemu_pixman_image_unref(vd->server); 736 vd->server = NULL; 737 738 if (QTAILQ_EMPTY(&vd->clients)) { 739 return; 740 } 741 742 width = vnc_width(vd); 743 height = vnc_height(vd); 744 vd->server = pixman_image_create_bits(VNC_SERVER_FB_FORMAT, 745 width, height, 746 NULL, 0); 747 748 memset(vd->guest.dirty, 0x00, sizeof(vd->guest.dirty)); 749 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0, 750 width, height); 751 } 752 753 static bool vnc_check_pageflip(DisplaySurface *s1, 754 DisplaySurface *s2) 755 { 756 return (s1 != NULL && 757 s2 != NULL && 758 surface_width(s1) == surface_width(s2) && 759 surface_height(s1) == surface_height(s2) && 760 surface_format(s1) == surface_format(s2)); 761 762 } 763 764 static void vnc_dpy_switch(DisplayChangeListener *dcl, 765 DisplaySurface *surface) 766 { 767 static const char placeholder_msg[] = 768 "Display output is not active."; 769 static DisplaySurface *placeholder; 770 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 771 bool pageflip = vnc_check_pageflip(vd->ds, surface); 772 VncState *vs; 773 774 if (surface == NULL) { 775 if (placeholder == NULL) { 776 placeholder = qemu_create_message_surface(640, 480, placeholder_msg); 777 } 778 surface = placeholder; 779 } 780 781 vnc_abort_display_jobs(vd); 782 vd->ds = surface; 783 784 /* guest surface */ 785 qemu_pixman_image_unref(vd->guest.fb); 786 vd->guest.fb = pixman_image_ref(surface->image); 787 vd->guest.format = surface->format; 788 789 if (pageflip) { 790 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0, 791 surface_width(surface), 792 surface_height(surface)); 793 return; 794 } 795 796 /* server surface */ 797 vnc_update_server_surface(vd); 798 799 QTAILQ_FOREACH(vs, &vd->clients, next) { 800 vnc_colordepth(vs); 801 vnc_desktop_resize(vs); 802 if (vs->vd->cursor) { 803 vnc_cursor_define(vs); 804 } 805 memset(vs->dirty, 0x00, sizeof(vs->dirty)); 806 vnc_set_area_dirty(vs->dirty, vd, 0, 0, 807 vnc_width(vd), 808 vnc_height(vd)); 809 vnc_update_throttle_offset(vs); 810 } 811 } 812 813 /* fastest code */ 814 static void vnc_write_pixels_copy(VncState *vs, 815 void *pixels, int size) 816 { 817 vnc_write(vs, pixels, size); 818 } 819 820 /* slowest but generic code. */ 821 void vnc_convert_pixel(VncState *vs, uint8_t *buf, uint32_t v) 822 { 823 uint8_t r, g, b; 824 825 #if VNC_SERVER_FB_FORMAT == PIXMAN_FORMAT(32, PIXMAN_TYPE_ARGB, 0, 8, 8, 8) 826 r = (((v & 0x00ff0000) >> 16) << vs->client_pf.rbits) >> 8; 827 g = (((v & 0x0000ff00) >> 8) << vs->client_pf.gbits) >> 8; 828 b = (((v & 0x000000ff) >> 0) << vs->client_pf.bbits) >> 8; 829 #else 830 # error need some bits here if you change VNC_SERVER_FB_FORMAT 831 #endif 832 v = (r << vs->client_pf.rshift) | 833 (g << vs->client_pf.gshift) | 834 (b << vs->client_pf.bshift); 835 switch (vs->client_pf.bytes_per_pixel) { 836 case 1: 837 buf[0] = v; 838 break; 839 case 2: 840 if (vs->client_be) { 841 buf[0] = v >> 8; 842 buf[1] = v; 843 } else { 844 buf[1] = v >> 8; 845 buf[0] = v; 846 } 847 break; 848 default: 849 case 4: 850 if (vs->client_be) { 851 buf[0] = v >> 24; 852 buf[1] = v >> 16; 853 buf[2] = v >> 8; 854 buf[3] = v; 855 } else { 856 buf[3] = v >> 24; 857 buf[2] = v >> 16; 858 buf[1] = v >> 8; 859 buf[0] = v; 860 } 861 break; 862 } 863 } 864 865 static void vnc_write_pixels_generic(VncState *vs, 866 void *pixels1, int size) 867 { 868 uint8_t buf[4]; 869 870 if (VNC_SERVER_FB_BYTES == 4) { 871 uint32_t *pixels = pixels1; 872 int n, i; 873 n = size >> 2; 874 for (i = 0; i < n; i++) { 875 vnc_convert_pixel(vs, buf, pixels[i]); 876 vnc_write(vs, buf, vs->client_pf.bytes_per_pixel); 877 } 878 } 879 } 880 881 int vnc_raw_send_framebuffer_update(VncState *vs, int x, int y, int w, int h) 882 { 883 int i; 884 uint8_t *row; 885 VncDisplay *vd = vs->vd; 886 887 row = vnc_server_fb_ptr(vd, x, y); 888 for (i = 0; i < h; i++) { 889 vs->write_pixels(vs, row, w * VNC_SERVER_FB_BYTES); 890 row += vnc_server_fb_stride(vd); 891 } 892 return 1; 893 } 894 895 int vnc_send_framebuffer_update(VncState *vs, int x, int y, int w, int h) 896 { 897 int n = 0; 898 bool encode_raw = false; 899 size_t saved_offs = vs->output.offset; 900 901 switch(vs->vnc_encoding) { 902 case VNC_ENCODING_ZLIB: 903 n = vnc_zlib_send_framebuffer_update(vs, x, y, w, h); 904 break; 905 case VNC_ENCODING_HEXTILE: 906 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_HEXTILE); 907 n = vnc_hextile_send_framebuffer_update(vs, x, y, w, h); 908 break; 909 case VNC_ENCODING_TIGHT: 910 n = vnc_tight_send_framebuffer_update(vs, x, y, w, h); 911 break; 912 case VNC_ENCODING_TIGHT_PNG: 913 n = vnc_tight_png_send_framebuffer_update(vs, x, y, w, h); 914 break; 915 case VNC_ENCODING_ZRLE: 916 n = vnc_zrle_send_framebuffer_update(vs, x, y, w, h); 917 break; 918 case VNC_ENCODING_ZYWRLE: 919 n = vnc_zywrle_send_framebuffer_update(vs, x, y, w, h); 920 break; 921 default: 922 encode_raw = true; 923 break; 924 } 925 926 /* If the client has the same pixel format as our internal buffer and 927 * a RAW encoding would need less space fall back to RAW encoding to 928 * save bandwidth and processing power in the client. */ 929 if (!encode_raw && vs->write_pixels == vnc_write_pixels_copy && 930 12 + h * w * VNC_SERVER_FB_BYTES <= (vs->output.offset - saved_offs)) { 931 vs->output.offset = saved_offs; 932 encode_raw = true; 933 } 934 935 if (encode_raw) { 936 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_RAW); 937 n = vnc_raw_send_framebuffer_update(vs, x, y, w, h); 938 } 939 940 return n; 941 } 942 943 static void vnc_mouse_set(DisplayChangeListener *dcl, 944 int x, int y, int visible) 945 { 946 /* can we ask the client(s) to move the pointer ??? */ 947 } 948 949 static int vnc_cursor_define(VncState *vs) 950 { 951 QEMUCursor *c = vs->vd->cursor; 952 int isize; 953 954 if (vnc_has_feature(vs, VNC_FEATURE_RICH_CURSOR)) { 955 vnc_lock_output(vs); 956 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 957 vnc_write_u8(vs, 0); /* padding */ 958 vnc_write_u16(vs, 1); /* # of rects */ 959 vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height, 960 VNC_ENCODING_RICH_CURSOR); 961 isize = c->width * c->height * vs->client_pf.bytes_per_pixel; 962 vnc_write_pixels_generic(vs, c->data, isize); 963 vnc_write(vs, vs->vd->cursor_mask, vs->vd->cursor_msize); 964 vnc_unlock_output(vs); 965 return 0; 966 } 967 return -1; 968 } 969 970 static void vnc_dpy_cursor_define(DisplayChangeListener *dcl, 971 QEMUCursor *c) 972 { 973 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 974 VncState *vs; 975 976 cursor_put(vd->cursor); 977 g_free(vd->cursor_mask); 978 979 vd->cursor = c; 980 cursor_get(vd->cursor); 981 vd->cursor_msize = cursor_get_mono_bpl(c) * c->height; 982 vd->cursor_mask = g_malloc0(vd->cursor_msize); 983 cursor_get_mono_mask(c, 0, vd->cursor_mask); 984 985 QTAILQ_FOREACH(vs, &vd->clients, next) { 986 vnc_cursor_define(vs); 987 } 988 } 989 990 static int find_and_clear_dirty_height(VncState *vs, 991 int y, int last_x, int x, int height) 992 { 993 int h; 994 995 for (h = 1; h < (height - y); h++) { 996 if (!test_bit(last_x, vs->dirty[y + h])) { 997 break; 998 } 999 bitmap_clear(vs->dirty[y + h], last_x, x - last_x); 1000 } 1001 1002 return h; 1003 } 1004 1005 /* 1006 * Figure out how much pending data we should allow in the output 1007 * buffer before we throttle incremental display updates, and/or 1008 * drop audio samples. 1009 * 1010 * We allow for equiv of 1 full display's worth of FB updates, 1011 * and 1 second of audio samples. If audio backlog was larger 1012 * than that the client would already suffering awful audio 1013 * glitches, so dropping samples is no worse really). 1014 */ 1015 static void vnc_update_throttle_offset(VncState *vs) 1016 { 1017 size_t offset = 1018 vs->client_width * vs->client_height * vs->client_pf.bytes_per_pixel; 1019 1020 if (vs->audio_cap) { 1021 int bps; 1022 switch (vs->as.fmt) { 1023 default: 1024 case AUDIO_FORMAT_U8: 1025 case AUDIO_FORMAT_S8: 1026 bps = 1; 1027 break; 1028 case AUDIO_FORMAT_U16: 1029 case AUDIO_FORMAT_S16: 1030 bps = 2; 1031 break; 1032 case AUDIO_FORMAT_U32: 1033 case AUDIO_FORMAT_S32: 1034 bps = 4; 1035 break; 1036 } 1037 offset += vs->as.freq * bps * vs->as.nchannels; 1038 } 1039 1040 /* Put a floor of 1MB on offset, so that if we have a large pending 1041 * buffer and the display is resized to a small size & back again 1042 * we don't suddenly apply a tiny send limit 1043 */ 1044 offset = MAX(offset, 1024 * 1024); 1045 1046 if (vs->throttle_output_offset != offset) { 1047 trace_vnc_client_throttle_threshold( 1048 vs, vs->ioc, vs->throttle_output_offset, offset, vs->client_width, 1049 vs->client_height, vs->client_pf.bytes_per_pixel, vs->audio_cap); 1050 } 1051 1052 vs->throttle_output_offset = offset; 1053 } 1054 1055 static bool vnc_should_update(VncState *vs) 1056 { 1057 switch (vs->update) { 1058 case VNC_STATE_UPDATE_NONE: 1059 break; 1060 case VNC_STATE_UPDATE_INCREMENTAL: 1061 /* Only allow incremental updates if the pending send queue 1062 * is less than the permitted threshold, and the job worker 1063 * is completely idle. 1064 */ 1065 if (vs->output.offset < vs->throttle_output_offset && 1066 vs->job_update == VNC_STATE_UPDATE_NONE) { 1067 return true; 1068 } 1069 trace_vnc_client_throttle_incremental( 1070 vs, vs->ioc, vs->job_update, vs->output.offset); 1071 break; 1072 case VNC_STATE_UPDATE_FORCE: 1073 /* Only allow forced updates if the pending send queue 1074 * does not contain a previous forced update, and the 1075 * job worker is completely idle. 1076 * 1077 * Note this means we'll queue a forced update, even if 1078 * the output buffer size is otherwise over the throttle 1079 * output limit. 1080 */ 1081 if (vs->force_update_offset == 0 && 1082 vs->job_update == VNC_STATE_UPDATE_NONE) { 1083 return true; 1084 } 1085 trace_vnc_client_throttle_forced( 1086 vs, vs->ioc, vs->job_update, vs->force_update_offset); 1087 break; 1088 } 1089 return false; 1090 } 1091 1092 static int vnc_update_client(VncState *vs, int has_dirty) 1093 { 1094 VncDisplay *vd = vs->vd; 1095 VncJob *job; 1096 int y; 1097 int height, width; 1098 int n = 0; 1099 1100 if (vs->disconnecting) { 1101 vnc_disconnect_finish(vs); 1102 return 0; 1103 } 1104 1105 vs->has_dirty += has_dirty; 1106 if (!vnc_should_update(vs)) { 1107 return 0; 1108 } 1109 1110 if (!vs->has_dirty && vs->update != VNC_STATE_UPDATE_FORCE) { 1111 return 0; 1112 } 1113 1114 /* 1115 * Send screen updates to the vnc client using the server 1116 * surface and server dirty map. guest surface updates 1117 * happening in parallel don't disturb us, the next pass will 1118 * send them to the client. 1119 */ 1120 job = vnc_job_new(vs); 1121 1122 height = pixman_image_get_height(vd->server); 1123 width = pixman_image_get_width(vd->server); 1124 1125 y = 0; 1126 for (;;) { 1127 int x, h; 1128 unsigned long x2; 1129 unsigned long offset = find_next_bit((unsigned long *) &vs->dirty, 1130 height * VNC_DIRTY_BPL(vs), 1131 y * VNC_DIRTY_BPL(vs)); 1132 if (offset == height * VNC_DIRTY_BPL(vs)) { 1133 /* no more dirty bits */ 1134 break; 1135 } 1136 y = offset / VNC_DIRTY_BPL(vs); 1137 x = offset % VNC_DIRTY_BPL(vs); 1138 x2 = find_next_zero_bit((unsigned long *) &vs->dirty[y], 1139 VNC_DIRTY_BPL(vs), x); 1140 bitmap_clear(vs->dirty[y], x, x2 - x); 1141 h = find_and_clear_dirty_height(vs, y, x, x2, height); 1142 x2 = MIN(x2, width / VNC_DIRTY_PIXELS_PER_BIT); 1143 if (x2 > x) { 1144 n += vnc_job_add_rect(job, x * VNC_DIRTY_PIXELS_PER_BIT, y, 1145 (x2 - x) * VNC_DIRTY_PIXELS_PER_BIT, h); 1146 } 1147 if (!x && x2 == width / VNC_DIRTY_PIXELS_PER_BIT) { 1148 y += h; 1149 if (y == height) { 1150 break; 1151 } 1152 } 1153 } 1154 1155 vs->job_update = vs->update; 1156 vs->update = VNC_STATE_UPDATE_NONE; 1157 vnc_job_push(job); 1158 vs->has_dirty = 0; 1159 return n; 1160 } 1161 1162 /* audio */ 1163 static void audio_capture_notify(void *opaque, audcnotification_e cmd) 1164 { 1165 VncState *vs = opaque; 1166 1167 assert(vs->magic == VNC_MAGIC); 1168 switch (cmd) { 1169 case AUD_CNOTIFY_DISABLE: 1170 vnc_lock_output(vs); 1171 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1172 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1173 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_END); 1174 vnc_unlock_output(vs); 1175 vnc_flush(vs); 1176 break; 1177 1178 case AUD_CNOTIFY_ENABLE: 1179 vnc_lock_output(vs); 1180 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1181 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1182 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_BEGIN); 1183 vnc_unlock_output(vs); 1184 vnc_flush(vs); 1185 break; 1186 } 1187 } 1188 1189 static void audio_capture_destroy(void *opaque) 1190 { 1191 } 1192 1193 static void audio_capture(void *opaque, void *buf, int size) 1194 { 1195 VncState *vs = opaque; 1196 1197 assert(vs->magic == VNC_MAGIC); 1198 vnc_lock_output(vs); 1199 if (vs->output.offset < vs->throttle_output_offset) { 1200 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1201 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1202 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA); 1203 vnc_write_u32(vs, size); 1204 vnc_write(vs, buf, size); 1205 } else { 1206 trace_vnc_client_throttle_audio(vs, vs->ioc, vs->output.offset); 1207 } 1208 vnc_unlock_output(vs); 1209 vnc_flush(vs); 1210 } 1211 1212 static void audio_add(VncState *vs) 1213 { 1214 struct audio_capture_ops ops; 1215 1216 if (vs->audio_cap) { 1217 error_report("audio already running"); 1218 return; 1219 } 1220 1221 ops.notify = audio_capture_notify; 1222 ops.destroy = audio_capture_destroy; 1223 ops.capture = audio_capture; 1224 1225 vs->audio_cap = AUD_add_capture(&vs->as, &ops, vs); 1226 if (!vs->audio_cap) { 1227 error_report("Failed to add audio capture"); 1228 } 1229 } 1230 1231 static void audio_del(VncState *vs) 1232 { 1233 if (vs->audio_cap) { 1234 AUD_del_capture(vs->audio_cap, vs); 1235 vs->audio_cap = NULL; 1236 } 1237 } 1238 1239 static void vnc_disconnect_start(VncState *vs) 1240 { 1241 if (vs->disconnecting) { 1242 return; 1243 } 1244 trace_vnc_client_disconnect_start(vs, vs->ioc); 1245 vnc_set_share_mode(vs, VNC_SHARE_MODE_DISCONNECTED); 1246 if (vs->ioc_tag) { 1247 g_source_remove(vs->ioc_tag); 1248 vs->ioc_tag = 0; 1249 } 1250 qio_channel_close(vs->ioc, NULL); 1251 vs->disconnecting = TRUE; 1252 } 1253 1254 void vnc_disconnect_finish(VncState *vs) 1255 { 1256 int i; 1257 1258 trace_vnc_client_disconnect_finish(vs, vs->ioc); 1259 1260 vnc_jobs_join(vs); /* Wait encoding jobs */ 1261 1262 vnc_lock_output(vs); 1263 vnc_qmp_event(vs, QAPI_EVENT_VNC_DISCONNECTED); 1264 1265 buffer_free(&vs->input); 1266 buffer_free(&vs->output); 1267 1268 qapi_free_VncClientInfo(vs->info); 1269 1270 vnc_zlib_clear(vs); 1271 vnc_tight_clear(vs); 1272 vnc_zrle_clear(vs); 1273 1274 #ifdef CONFIG_VNC_SASL 1275 vnc_sasl_client_cleanup(vs); 1276 #endif /* CONFIG_VNC_SASL */ 1277 audio_del(vs); 1278 qkbd_state_lift_all_keys(vs->vd->kbd); 1279 1280 if (vs->mouse_mode_notifier.notify != NULL) { 1281 qemu_remove_mouse_mode_change_notifier(&vs->mouse_mode_notifier); 1282 } 1283 QTAILQ_REMOVE(&vs->vd->clients, vs, next); 1284 if (QTAILQ_EMPTY(&vs->vd->clients)) { 1285 /* last client gone */ 1286 vnc_update_server_surface(vs->vd); 1287 } 1288 1289 vnc_unlock_output(vs); 1290 1291 qemu_mutex_destroy(&vs->output_mutex); 1292 if (vs->bh != NULL) { 1293 qemu_bh_delete(vs->bh); 1294 } 1295 buffer_free(&vs->jobs_buffer); 1296 1297 for (i = 0; i < VNC_STAT_ROWS; ++i) { 1298 g_free(vs->lossy_rect[i]); 1299 } 1300 g_free(vs->lossy_rect); 1301 1302 object_unref(OBJECT(vs->ioc)); 1303 vs->ioc = NULL; 1304 object_unref(OBJECT(vs->sioc)); 1305 vs->sioc = NULL; 1306 vs->magic = 0; 1307 g_free(vs); 1308 } 1309 1310 size_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp) 1311 { 1312 if (ret <= 0) { 1313 if (ret == 0) { 1314 trace_vnc_client_eof(vs, vs->ioc); 1315 vnc_disconnect_start(vs); 1316 } else if (ret != QIO_CHANNEL_ERR_BLOCK) { 1317 trace_vnc_client_io_error(vs, vs->ioc, 1318 errp ? error_get_pretty(*errp) : 1319 "Unknown"); 1320 vnc_disconnect_start(vs); 1321 } 1322 1323 if (errp) { 1324 error_free(*errp); 1325 *errp = NULL; 1326 } 1327 return 0; 1328 } 1329 return ret; 1330 } 1331 1332 1333 void vnc_client_error(VncState *vs) 1334 { 1335 VNC_DEBUG("Closing down client sock: protocol error\n"); 1336 vnc_disconnect_start(vs); 1337 } 1338 1339 1340 /* 1341 * Called to write a chunk of data to the client socket. The data may 1342 * be the raw data, or may have already been encoded by SASL. 1343 * The data will be written either straight onto the socket, or 1344 * written via the GNUTLS wrappers, if TLS/SSL encryption is enabled 1345 * 1346 * NB, it is theoretically possible to have 2 layers of encryption, 1347 * both SASL, and this TLS layer. It is highly unlikely in practice 1348 * though, since SASL encryption will typically be a no-op if TLS 1349 * is active 1350 * 1351 * Returns the number of bytes written, which may be less than 1352 * the requested 'datalen' if the socket would block. Returns 1353 * 0 on I/O error, and disconnects the client socket. 1354 */ 1355 size_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen) 1356 { 1357 Error *err = NULL; 1358 ssize_t ret; 1359 ret = qio_channel_write( 1360 vs->ioc, (const char *)data, datalen, &err); 1361 VNC_DEBUG("Wrote wire %p %zd -> %ld\n", data, datalen, ret); 1362 return vnc_client_io_error(vs, ret, &err); 1363 } 1364 1365 1366 /* 1367 * Called to write buffered data to the client socket, when not 1368 * using any SASL SSF encryption layers. Will write as much data 1369 * as possible without blocking. If all buffered data is written, 1370 * will switch the FD poll() handler back to read monitoring. 1371 * 1372 * Returns the number of bytes written, which may be less than 1373 * the buffered output data if the socket would block. Returns 1374 * 0 on I/O error, and disconnects the client socket. 1375 */ 1376 static size_t vnc_client_write_plain(VncState *vs) 1377 { 1378 size_t offset; 1379 size_t ret; 1380 1381 #ifdef CONFIG_VNC_SASL 1382 VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SSF %d\n", 1383 vs->output.buffer, vs->output.capacity, vs->output.offset, 1384 vs->sasl.waitWriteSSF); 1385 1386 if (vs->sasl.conn && 1387 vs->sasl.runSSF && 1388 vs->sasl.waitWriteSSF) { 1389 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->sasl.waitWriteSSF); 1390 if (ret) 1391 vs->sasl.waitWriteSSF -= ret; 1392 } else 1393 #endif /* CONFIG_VNC_SASL */ 1394 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->output.offset); 1395 if (!ret) 1396 return 0; 1397 1398 if (ret >= vs->force_update_offset) { 1399 if (vs->force_update_offset != 0) { 1400 trace_vnc_client_unthrottle_forced(vs, vs->ioc); 1401 } 1402 vs->force_update_offset = 0; 1403 } else { 1404 vs->force_update_offset -= ret; 1405 } 1406 offset = vs->output.offset; 1407 buffer_advance(&vs->output, ret); 1408 if (offset >= vs->throttle_output_offset && 1409 vs->output.offset < vs->throttle_output_offset) { 1410 trace_vnc_client_unthrottle_incremental(vs, vs->ioc, vs->output.offset); 1411 } 1412 1413 if (vs->output.offset == 0) { 1414 if (vs->ioc_tag) { 1415 g_source_remove(vs->ioc_tag); 1416 } 1417 vs->ioc_tag = qio_channel_add_watch( 1418 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 1419 } 1420 1421 return ret; 1422 } 1423 1424 1425 /* 1426 * First function called whenever there is data to be written to 1427 * the client socket. Will delegate actual work according to whether 1428 * SASL SSF layers are enabled (thus requiring encryption calls) 1429 */ 1430 static void vnc_client_write_locked(VncState *vs) 1431 { 1432 #ifdef CONFIG_VNC_SASL 1433 if (vs->sasl.conn && 1434 vs->sasl.runSSF && 1435 !vs->sasl.waitWriteSSF) { 1436 vnc_client_write_sasl(vs); 1437 } else 1438 #endif /* CONFIG_VNC_SASL */ 1439 { 1440 vnc_client_write_plain(vs); 1441 } 1442 } 1443 1444 static void vnc_client_write(VncState *vs) 1445 { 1446 assert(vs->magic == VNC_MAGIC); 1447 vnc_lock_output(vs); 1448 if (vs->output.offset) { 1449 vnc_client_write_locked(vs); 1450 } else if (vs->ioc != NULL) { 1451 if (vs->ioc_tag) { 1452 g_source_remove(vs->ioc_tag); 1453 } 1454 vs->ioc_tag = qio_channel_add_watch( 1455 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 1456 } 1457 vnc_unlock_output(vs); 1458 } 1459 1460 void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting) 1461 { 1462 vs->read_handler = func; 1463 vs->read_handler_expect = expecting; 1464 } 1465 1466 1467 /* 1468 * Called to read a chunk of data from the client socket. The data may 1469 * be the raw data, or may need to be further decoded by SASL. 1470 * The data will be read either straight from to the socket, or 1471 * read via the GNUTLS wrappers, if TLS/SSL encryption is enabled 1472 * 1473 * NB, it is theoretically possible to have 2 layers of encryption, 1474 * both SASL, and this TLS layer. It is highly unlikely in practice 1475 * though, since SASL encryption will typically be a no-op if TLS 1476 * is active 1477 * 1478 * Returns the number of bytes read, which may be less than 1479 * the requested 'datalen' if the socket would block. Returns 1480 * 0 on I/O error or EOF, and disconnects the client socket. 1481 */ 1482 size_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen) 1483 { 1484 ssize_t ret; 1485 Error *err = NULL; 1486 ret = qio_channel_read( 1487 vs->ioc, (char *)data, datalen, &err); 1488 VNC_DEBUG("Read wire %p %zd -> %ld\n", data, datalen, ret); 1489 return vnc_client_io_error(vs, ret, &err); 1490 } 1491 1492 1493 /* 1494 * Called to read data from the client socket to the input buffer, 1495 * when not using any SASL SSF encryption layers. Will read as much 1496 * data as possible without blocking. 1497 * 1498 * Returns the number of bytes read, which may be less than 1499 * the requested 'datalen' if the socket would block. Returns 1500 * 0 on I/O error or EOF, and disconnects the client socket. 1501 */ 1502 static size_t vnc_client_read_plain(VncState *vs) 1503 { 1504 size_t ret; 1505 VNC_DEBUG("Read plain %p size %zd offset %zd\n", 1506 vs->input.buffer, vs->input.capacity, vs->input.offset); 1507 buffer_reserve(&vs->input, 4096); 1508 ret = vnc_client_read_buf(vs, buffer_end(&vs->input), 4096); 1509 if (!ret) 1510 return 0; 1511 vs->input.offset += ret; 1512 return ret; 1513 } 1514 1515 static void vnc_jobs_bh(void *opaque) 1516 { 1517 VncState *vs = opaque; 1518 1519 assert(vs->magic == VNC_MAGIC); 1520 vnc_jobs_consume_buffer(vs); 1521 } 1522 1523 /* 1524 * First function called whenever there is more data to be read from 1525 * the client socket. Will delegate actual work according to whether 1526 * SASL SSF layers are enabled (thus requiring decryption calls) 1527 * Returns 0 on success, -1 if client disconnected 1528 */ 1529 static int vnc_client_read(VncState *vs) 1530 { 1531 size_t ret; 1532 1533 #ifdef CONFIG_VNC_SASL 1534 if (vs->sasl.conn && vs->sasl.runSSF) 1535 ret = vnc_client_read_sasl(vs); 1536 else 1537 #endif /* CONFIG_VNC_SASL */ 1538 ret = vnc_client_read_plain(vs); 1539 if (!ret) { 1540 if (vs->disconnecting) { 1541 vnc_disconnect_finish(vs); 1542 return -1; 1543 } 1544 return 0; 1545 } 1546 1547 while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) { 1548 size_t len = vs->read_handler_expect; 1549 int ret; 1550 1551 ret = vs->read_handler(vs, vs->input.buffer, len); 1552 if (vs->disconnecting) { 1553 vnc_disconnect_finish(vs); 1554 return -1; 1555 } 1556 1557 if (!ret) { 1558 buffer_advance(&vs->input, len); 1559 } else { 1560 vs->read_handler_expect = ret; 1561 } 1562 } 1563 return 0; 1564 } 1565 1566 gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED, 1567 GIOCondition condition, void *opaque) 1568 { 1569 VncState *vs = opaque; 1570 1571 assert(vs->magic == VNC_MAGIC); 1572 if (condition & G_IO_IN) { 1573 if (vnc_client_read(vs) < 0) { 1574 /* vs is free()ed here */ 1575 return TRUE; 1576 } 1577 } 1578 if (condition & G_IO_OUT) { 1579 vnc_client_write(vs); 1580 } 1581 1582 if (vs->disconnecting) { 1583 if (vs->ioc_tag != 0) { 1584 g_source_remove(vs->ioc_tag); 1585 } 1586 vs->ioc_tag = 0; 1587 } 1588 return TRUE; 1589 } 1590 1591 1592 /* 1593 * Scale factor to apply to vs->throttle_output_offset when checking for 1594 * hard limit. Worst case normal usage could be x2, if we have a complete 1595 * incremental update and complete forced update in the output buffer. 1596 * So x3 should be good enough, but we pick x5 to be conservative and thus 1597 * (hopefully) never trigger incorrectly. 1598 */ 1599 #define VNC_THROTTLE_OUTPUT_LIMIT_SCALE 5 1600 1601 void vnc_write(VncState *vs, const void *data, size_t len) 1602 { 1603 assert(vs->magic == VNC_MAGIC); 1604 if (vs->disconnecting) { 1605 return; 1606 } 1607 /* Protection against malicious client/guest to prevent our output 1608 * buffer growing without bound if client stops reading data. This 1609 * should rarely trigger, because we have earlier throttling code 1610 * which stops issuing framebuffer updates and drops audio data 1611 * if the throttle_output_offset value is exceeded. So we only reach 1612 * this higher level if a huge number of pseudo-encodings get 1613 * triggered while data can't be sent on the socket. 1614 * 1615 * NB throttle_output_offset can be zero during early protocol 1616 * handshake, or from the job thread's VncState clone 1617 */ 1618 if (vs->throttle_output_offset != 0 && 1619 (vs->output.offset / VNC_THROTTLE_OUTPUT_LIMIT_SCALE) > 1620 vs->throttle_output_offset) { 1621 trace_vnc_client_output_limit(vs, vs->ioc, vs->output.offset, 1622 vs->throttle_output_offset); 1623 vnc_disconnect_start(vs); 1624 return; 1625 } 1626 buffer_reserve(&vs->output, len); 1627 1628 if (vs->ioc != NULL && buffer_empty(&vs->output)) { 1629 if (vs->ioc_tag) { 1630 g_source_remove(vs->ioc_tag); 1631 } 1632 vs->ioc_tag = qio_channel_add_watch( 1633 vs->ioc, G_IO_IN | G_IO_OUT, vnc_client_io, vs, NULL); 1634 } 1635 1636 buffer_append(&vs->output, data, len); 1637 } 1638 1639 void vnc_write_s32(VncState *vs, int32_t value) 1640 { 1641 vnc_write_u32(vs, *(uint32_t *)&value); 1642 } 1643 1644 void vnc_write_u32(VncState *vs, uint32_t value) 1645 { 1646 uint8_t buf[4]; 1647 1648 buf[0] = (value >> 24) & 0xFF; 1649 buf[1] = (value >> 16) & 0xFF; 1650 buf[2] = (value >> 8) & 0xFF; 1651 buf[3] = value & 0xFF; 1652 1653 vnc_write(vs, buf, 4); 1654 } 1655 1656 void vnc_write_u16(VncState *vs, uint16_t value) 1657 { 1658 uint8_t buf[2]; 1659 1660 buf[0] = (value >> 8) & 0xFF; 1661 buf[1] = value & 0xFF; 1662 1663 vnc_write(vs, buf, 2); 1664 } 1665 1666 void vnc_write_u8(VncState *vs, uint8_t value) 1667 { 1668 vnc_write(vs, (char *)&value, 1); 1669 } 1670 1671 void vnc_flush(VncState *vs) 1672 { 1673 vnc_lock_output(vs); 1674 if (vs->ioc != NULL && vs->output.offset) { 1675 vnc_client_write_locked(vs); 1676 } 1677 if (vs->disconnecting) { 1678 if (vs->ioc_tag != 0) { 1679 g_source_remove(vs->ioc_tag); 1680 } 1681 vs->ioc_tag = 0; 1682 } 1683 vnc_unlock_output(vs); 1684 } 1685 1686 static uint8_t read_u8(uint8_t *data, size_t offset) 1687 { 1688 return data[offset]; 1689 } 1690 1691 static uint16_t read_u16(uint8_t *data, size_t offset) 1692 { 1693 return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF); 1694 } 1695 1696 static int32_t read_s32(uint8_t *data, size_t offset) 1697 { 1698 return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) | 1699 (data[offset + 2] << 8) | data[offset + 3]); 1700 } 1701 1702 uint32_t read_u32(uint8_t *data, size_t offset) 1703 { 1704 return ((data[offset] << 24) | (data[offset + 1] << 16) | 1705 (data[offset + 2] << 8) | data[offset + 3]); 1706 } 1707 1708 static void client_cut_text(VncState *vs, size_t len, uint8_t *text) 1709 { 1710 } 1711 1712 static void check_pointer_type_change(Notifier *notifier, void *data) 1713 { 1714 VncState *vs = container_of(notifier, VncState, mouse_mode_notifier); 1715 int absolute = qemu_input_is_absolute(); 1716 1717 if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE) && vs->absolute != absolute) { 1718 vnc_lock_output(vs); 1719 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 1720 vnc_write_u8(vs, 0); 1721 vnc_write_u16(vs, 1); 1722 vnc_framebuffer_update(vs, absolute, 0, 1723 pixman_image_get_width(vs->vd->server), 1724 pixman_image_get_height(vs->vd->server), 1725 VNC_ENCODING_POINTER_TYPE_CHANGE); 1726 vnc_unlock_output(vs); 1727 vnc_flush(vs); 1728 } 1729 vs->absolute = absolute; 1730 } 1731 1732 static void pointer_event(VncState *vs, int button_mask, int x, int y) 1733 { 1734 static uint32_t bmap[INPUT_BUTTON__MAX] = { 1735 [INPUT_BUTTON_LEFT] = 0x01, 1736 [INPUT_BUTTON_MIDDLE] = 0x02, 1737 [INPUT_BUTTON_RIGHT] = 0x04, 1738 [INPUT_BUTTON_WHEEL_UP] = 0x08, 1739 [INPUT_BUTTON_WHEEL_DOWN] = 0x10, 1740 }; 1741 QemuConsole *con = vs->vd->dcl.con; 1742 int width = pixman_image_get_width(vs->vd->server); 1743 int height = pixman_image_get_height(vs->vd->server); 1744 1745 if (vs->last_bmask != button_mask) { 1746 qemu_input_update_buttons(con, bmap, vs->last_bmask, button_mask); 1747 vs->last_bmask = button_mask; 1748 } 1749 1750 if (vs->absolute) { 1751 qemu_input_queue_abs(con, INPUT_AXIS_X, x, 0, width); 1752 qemu_input_queue_abs(con, INPUT_AXIS_Y, y, 0, height); 1753 } else if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE)) { 1754 qemu_input_queue_rel(con, INPUT_AXIS_X, x - 0x7FFF); 1755 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - 0x7FFF); 1756 } else { 1757 if (vs->last_x != -1) { 1758 qemu_input_queue_rel(con, INPUT_AXIS_X, x - vs->last_x); 1759 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - vs->last_y); 1760 } 1761 vs->last_x = x; 1762 vs->last_y = y; 1763 } 1764 qemu_input_event_sync(); 1765 } 1766 1767 static void press_key(VncState *vs, QKeyCode qcode) 1768 { 1769 qkbd_state_key_event(vs->vd->kbd, qcode, true); 1770 qkbd_state_key_event(vs->vd->kbd, qcode, false); 1771 } 1772 1773 static void vnc_led_state_change(VncState *vs) 1774 { 1775 if (!vnc_has_feature(vs, VNC_FEATURE_LED_STATE)) { 1776 return; 1777 } 1778 1779 vnc_lock_output(vs); 1780 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 1781 vnc_write_u8(vs, 0); 1782 vnc_write_u16(vs, 1); 1783 vnc_framebuffer_update(vs, 0, 0, 1, 1, VNC_ENCODING_LED_STATE); 1784 vnc_write_u8(vs, vs->vd->ledstate); 1785 vnc_unlock_output(vs); 1786 vnc_flush(vs); 1787 } 1788 1789 static void kbd_leds(void *opaque, int ledstate) 1790 { 1791 VncDisplay *vd = opaque; 1792 VncState *client; 1793 1794 trace_vnc_key_guest_leds((ledstate & QEMU_CAPS_LOCK_LED), 1795 (ledstate & QEMU_NUM_LOCK_LED), 1796 (ledstate & QEMU_SCROLL_LOCK_LED)); 1797 1798 if (ledstate == vd->ledstate) { 1799 return; 1800 } 1801 1802 vd->ledstate = ledstate; 1803 1804 QTAILQ_FOREACH(client, &vd->clients, next) { 1805 vnc_led_state_change(client); 1806 } 1807 } 1808 1809 static void do_key_event(VncState *vs, int down, int keycode, int sym) 1810 { 1811 QKeyCode qcode = qemu_input_key_number_to_qcode(keycode); 1812 1813 /* QEMU console switch */ 1814 switch (qcode) { 1815 case Q_KEY_CODE_1 ... Q_KEY_CODE_9: /* '1' to '9' keys */ 1816 if (vs->vd->dcl.con == NULL && down && 1817 qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CTRL) && 1818 qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_ALT)) { 1819 /* Reset the modifiers sent to the current console */ 1820 qkbd_state_lift_all_keys(vs->vd->kbd); 1821 console_select(qcode - Q_KEY_CODE_1); 1822 return; 1823 } 1824 default: 1825 break; 1826 } 1827 1828 /* Turn off the lock state sync logic if the client support the led 1829 state extension. 1830 */ 1831 if (down && vs->vd->lock_key_sync && 1832 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) && 1833 keycode_is_keypad(vs->vd->kbd_layout, keycode)) { 1834 /* If the numlock state needs to change then simulate an additional 1835 keypress before sending this one. This will happen if the user 1836 toggles numlock away from the VNC window. 1837 */ 1838 if (keysym_is_numlock(vs->vd->kbd_layout, sym & 0xFFFF)) { 1839 if (!qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK)) { 1840 trace_vnc_key_sync_numlock(true); 1841 press_key(vs, Q_KEY_CODE_NUM_LOCK); 1842 } 1843 } else { 1844 if (qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK)) { 1845 trace_vnc_key_sync_numlock(false); 1846 press_key(vs, Q_KEY_CODE_NUM_LOCK); 1847 } 1848 } 1849 } 1850 1851 if (down && vs->vd->lock_key_sync && 1852 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) && 1853 ((sym >= 'A' && sym <= 'Z') || (sym >= 'a' && sym <= 'z'))) { 1854 /* If the capslock state needs to change then simulate an additional 1855 keypress before sending this one. This will happen if the user 1856 toggles capslock away from the VNC window. 1857 */ 1858 int uppercase = !!(sym >= 'A' && sym <= 'Z'); 1859 bool shift = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_SHIFT); 1860 bool capslock = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CAPSLOCK); 1861 if (capslock) { 1862 if (uppercase == shift) { 1863 trace_vnc_key_sync_capslock(false); 1864 press_key(vs, Q_KEY_CODE_CAPS_LOCK); 1865 } 1866 } else { 1867 if (uppercase != shift) { 1868 trace_vnc_key_sync_capslock(true); 1869 press_key(vs, Q_KEY_CODE_CAPS_LOCK); 1870 } 1871 } 1872 } 1873 1874 qkbd_state_key_event(vs->vd->kbd, qcode, down); 1875 if (!qemu_console_is_graphic(NULL)) { 1876 bool numlock = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK); 1877 bool control = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CTRL); 1878 /* QEMU console emulation */ 1879 if (down) { 1880 switch (keycode) { 1881 case 0x2a: /* Left Shift */ 1882 case 0x36: /* Right Shift */ 1883 case 0x1d: /* Left CTRL */ 1884 case 0x9d: /* Right CTRL */ 1885 case 0x38: /* Left ALT */ 1886 case 0xb8: /* Right ALT */ 1887 break; 1888 case 0xc8: 1889 kbd_put_keysym(QEMU_KEY_UP); 1890 break; 1891 case 0xd0: 1892 kbd_put_keysym(QEMU_KEY_DOWN); 1893 break; 1894 case 0xcb: 1895 kbd_put_keysym(QEMU_KEY_LEFT); 1896 break; 1897 case 0xcd: 1898 kbd_put_keysym(QEMU_KEY_RIGHT); 1899 break; 1900 case 0xd3: 1901 kbd_put_keysym(QEMU_KEY_DELETE); 1902 break; 1903 case 0xc7: 1904 kbd_put_keysym(QEMU_KEY_HOME); 1905 break; 1906 case 0xcf: 1907 kbd_put_keysym(QEMU_KEY_END); 1908 break; 1909 case 0xc9: 1910 kbd_put_keysym(QEMU_KEY_PAGEUP); 1911 break; 1912 case 0xd1: 1913 kbd_put_keysym(QEMU_KEY_PAGEDOWN); 1914 break; 1915 1916 case 0x47: 1917 kbd_put_keysym(numlock ? '7' : QEMU_KEY_HOME); 1918 break; 1919 case 0x48: 1920 kbd_put_keysym(numlock ? '8' : QEMU_KEY_UP); 1921 break; 1922 case 0x49: 1923 kbd_put_keysym(numlock ? '9' : QEMU_KEY_PAGEUP); 1924 break; 1925 case 0x4b: 1926 kbd_put_keysym(numlock ? '4' : QEMU_KEY_LEFT); 1927 break; 1928 case 0x4c: 1929 kbd_put_keysym('5'); 1930 break; 1931 case 0x4d: 1932 kbd_put_keysym(numlock ? '6' : QEMU_KEY_RIGHT); 1933 break; 1934 case 0x4f: 1935 kbd_put_keysym(numlock ? '1' : QEMU_KEY_END); 1936 break; 1937 case 0x50: 1938 kbd_put_keysym(numlock ? '2' : QEMU_KEY_DOWN); 1939 break; 1940 case 0x51: 1941 kbd_put_keysym(numlock ? '3' : QEMU_KEY_PAGEDOWN); 1942 break; 1943 case 0x52: 1944 kbd_put_keysym('0'); 1945 break; 1946 case 0x53: 1947 kbd_put_keysym(numlock ? '.' : QEMU_KEY_DELETE); 1948 break; 1949 1950 case 0xb5: 1951 kbd_put_keysym('/'); 1952 break; 1953 case 0x37: 1954 kbd_put_keysym('*'); 1955 break; 1956 case 0x4a: 1957 kbd_put_keysym('-'); 1958 break; 1959 case 0x4e: 1960 kbd_put_keysym('+'); 1961 break; 1962 case 0x9c: 1963 kbd_put_keysym('\n'); 1964 break; 1965 1966 default: 1967 if (control) { 1968 kbd_put_keysym(sym & 0x1f); 1969 } else { 1970 kbd_put_keysym(sym); 1971 } 1972 break; 1973 } 1974 } 1975 } 1976 } 1977 1978 static const char *code2name(int keycode) 1979 { 1980 return QKeyCode_str(qemu_input_key_number_to_qcode(keycode)); 1981 } 1982 1983 static void key_event(VncState *vs, int down, uint32_t sym) 1984 { 1985 int keycode; 1986 int lsym = sym; 1987 1988 if (lsym >= 'A' && lsym <= 'Z' && qemu_console_is_graphic(NULL)) { 1989 lsym = lsym - 'A' + 'a'; 1990 } 1991 1992 keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF, 1993 vs->vd->kbd, down) & SCANCODE_KEYMASK; 1994 trace_vnc_key_event_map(down, sym, keycode, code2name(keycode)); 1995 do_key_event(vs, down, keycode, sym); 1996 } 1997 1998 static void ext_key_event(VncState *vs, int down, 1999 uint32_t sym, uint16_t keycode) 2000 { 2001 /* if the user specifies a keyboard layout, always use it */ 2002 if (keyboard_layout) { 2003 key_event(vs, down, sym); 2004 } else { 2005 trace_vnc_key_event_ext(down, sym, keycode, code2name(keycode)); 2006 do_key_event(vs, down, keycode, sym); 2007 } 2008 } 2009 2010 static void framebuffer_update_request(VncState *vs, int incremental, 2011 int x, int y, int w, int h) 2012 { 2013 if (incremental) { 2014 if (vs->update != VNC_STATE_UPDATE_FORCE) { 2015 vs->update = VNC_STATE_UPDATE_INCREMENTAL; 2016 } 2017 } else { 2018 vs->update = VNC_STATE_UPDATE_FORCE; 2019 vnc_set_area_dirty(vs->dirty, vs->vd, x, y, w, h); 2020 } 2021 } 2022 2023 static void send_ext_key_event_ack(VncState *vs) 2024 { 2025 vnc_lock_output(vs); 2026 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2027 vnc_write_u8(vs, 0); 2028 vnc_write_u16(vs, 1); 2029 vnc_framebuffer_update(vs, 0, 0, 2030 pixman_image_get_width(vs->vd->server), 2031 pixman_image_get_height(vs->vd->server), 2032 VNC_ENCODING_EXT_KEY_EVENT); 2033 vnc_unlock_output(vs); 2034 vnc_flush(vs); 2035 } 2036 2037 static void send_ext_audio_ack(VncState *vs) 2038 { 2039 vnc_lock_output(vs); 2040 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2041 vnc_write_u8(vs, 0); 2042 vnc_write_u16(vs, 1); 2043 vnc_framebuffer_update(vs, 0, 0, 2044 pixman_image_get_width(vs->vd->server), 2045 pixman_image_get_height(vs->vd->server), 2046 VNC_ENCODING_AUDIO); 2047 vnc_unlock_output(vs); 2048 vnc_flush(vs); 2049 } 2050 2051 static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings) 2052 { 2053 int i; 2054 unsigned int enc = 0; 2055 2056 vs->features = 0; 2057 vs->vnc_encoding = 0; 2058 vs->tight.compression = 9; 2059 vs->tight.quality = -1; /* Lossless by default */ 2060 vs->absolute = -1; 2061 2062 /* 2063 * Start from the end because the encodings are sent in order of preference. 2064 * This way the preferred encoding (first encoding defined in the array) 2065 * will be set at the end of the loop. 2066 */ 2067 for (i = n_encodings - 1; i >= 0; i--) { 2068 enc = encodings[i]; 2069 switch (enc) { 2070 case VNC_ENCODING_RAW: 2071 vs->vnc_encoding = enc; 2072 break; 2073 case VNC_ENCODING_COPYRECT: 2074 vs->features |= VNC_FEATURE_COPYRECT_MASK; 2075 break; 2076 case VNC_ENCODING_HEXTILE: 2077 vs->features |= VNC_FEATURE_HEXTILE_MASK; 2078 vs->vnc_encoding = enc; 2079 break; 2080 case VNC_ENCODING_TIGHT: 2081 vs->features |= VNC_FEATURE_TIGHT_MASK; 2082 vs->vnc_encoding = enc; 2083 break; 2084 #ifdef CONFIG_VNC_PNG 2085 case VNC_ENCODING_TIGHT_PNG: 2086 vs->features |= VNC_FEATURE_TIGHT_PNG_MASK; 2087 vs->vnc_encoding = enc; 2088 break; 2089 #endif 2090 case VNC_ENCODING_ZLIB: 2091 vs->features |= VNC_FEATURE_ZLIB_MASK; 2092 vs->vnc_encoding = enc; 2093 break; 2094 case VNC_ENCODING_ZRLE: 2095 vs->features |= VNC_FEATURE_ZRLE_MASK; 2096 vs->vnc_encoding = enc; 2097 break; 2098 case VNC_ENCODING_ZYWRLE: 2099 vs->features |= VNC_FEATURE_ZYWRLE_MASK; 2100 vs->vnc_encoding = enc; 2101 break; 2102 case VNC_ENCODING_DESKTOPRESIZE: 2103 vs->features |= VNC_FEATURE_RESIZE_MASK; 2104 break; 2105 case VNC_ENCODING_POINTER_TYPE_CHANGE: 2106 vs->features |= VNC_FEATURE_POINTER_TYPE_CHANGE_MASK; 2107 break; 2108 case VNC_ENCODING_RICH_CURSOR: 2109 vs->features |= VNC_FEATURE_RICH_CURSOR_MASK; 2110 if (vs->vd->cursor) { 2111 vnc_cursor_define(vs); 2112 } 2113 break; 2114 case VNC_ENCODING_EXT_KEY_EVENT: 2115 send_ext_key_event_ack(vs); 2116 break; 2117 case VNC_ENCODING_AUDIO: 2118 send_ext_audio_ack(vs); 2119 break; 2120 case VNC_ENCODING_WMVi: 2121 vs->features |= VNC_FEATURE_WMVI_MASK; 2122 break; 2123 case VNC_ENCODING_LED_STATE: 2124 vs->features |= VNC_FEATURE_LED_STATE_MASK; 2125 break; 2126 case VNC_ENCODING_COMPRESSLEVEL0 ... VNC_ENCODING_COMPRESSLEVEL0 + 9: 2127 vs->tight.compression = (enc & 0x0F); 2128 break; 2129 case VNC_ENCODING_QUALITYLEVEL0 ... VNC_ENCODING_QUALITYLEVEL0 + 9: 2130 if (vs->vd->lossy) { 2131 vs->tight.quality = (enc & 0x0F); 2132 } 2133 break; 2134 default: 2135 VNC_DEBUG("Unknown encoding: %d (0x%.8x): %d\n", i, enc, enc); 2136 break; 2137 } 2138 } 2139 vnc_desktop_resize(vs); 2140 check_pointer_type_change(&vs->mouse_mode_notifier, NULL); 2141 vnc_led_state_change(vs); 2142 } 2143 2144 static void set_pixel_conversion(VncState *vs) 2145 { 2146 pixman_format_code_t fmt = qemu_pixman_get_format(&vs->client_pf); 2147 2148 if (fmt == VNC_SERVER_FB_FORMAT) { 2149 vs->write_pixels = vnc_write_pixels_copy; 2150 vnc_hextile_set_pixel_conversion(vs, 0); 2151 } else { 2152 vs->write_pixels = vnc_write_pixels_generic; 2153 vnc_hextile_set_pixel_conversion(vs, 1); 2154 } 2155 } 2156 2157 static void send_color_map(VncState *vs) 2158 { 2159 int i; 2160 2161 vnc_write_u8(vs, VNC_MSG_SERVER_SET_COLOUR_MAP_ENTRIES); 2162 vnc_write_u8(vs, 0); /* padding */ 2163 vnc_write_u16(vs, 0); /* first color */ 2164 vnc_write_u16(vs, 256); /* # of colors */ 2165 2166 for (i = 0; i < 256; i++) { 2167 PixelFormat *pf = &vs->client_pf; 2168 2169 vnc_write_u16(vs, (((i >> pf->rshift) & pf->rmax) << (16 - pf->rbits))); 2170 vnc_write_u16(vs, (((i >> pf->gshift) & pf->gmax) << (16 - pf->gbits))); 2171 vnc_write_u16(vs, (((i >> pf->bshift) & pf->bmax) << (16 - pf->bbits))); 2172 } 2173 } 2174 2175 static void set_pixel_format(VncState *vs, int bits_per_pixel, 2176 int big_endian_flag, int true_color_flag, 2177 int red_max, int green_max, int blue_max, 2178 int red_shift, int green_shift, int blue_shift) 2179 { 2180 if (!true_color_flag) { 2181 /* Expose a reasonable default 256 color map */ 2182 bits_per_pixel = 8; 2183 red_max = 7; 2184 green_max = 7; 2185 blue_max = 3; 2186 red_shift = 0; 2187 green_shift = 3; 2188 blue_shift = 6; 2189 } 2190 2191 switch (bits_per_pixel) { 2192 case 8: 2193 case 16: 2194 case 32: 2195 break; 2196 default: 2197 vnc_client_error(vs); 2198 return; 2199 } 2200 2201 vs->client_pf.rmax = red_max ? red_max : 0xFF; 2202 vs->client_pf.rbits = ctpopl(red_max); 2203 vs->client_pf.rshift = red_shift; 2204 vs->client_pf.rmask = red_max << red_shift; 2205 vs->client_pf.gmax = green_max ? green_max : 0xFF; 2206 vs->client_pf.gbits = ctpopl(green_max); 2207 vs->client_pf.gshift = green_shift; 2208 vs->client_pf.gmask = green_max << green_shift; 2209 vs->client_pf.bmax = blue_max ? blue_max : 0xFF; 2210 vs->client_pf.bbits = ctpopl(blue_max); 2211 vs->client_pf.bshift = blue_shift; 2212 vs->client_pf.bmask = blue_max << blue_shift; 2213 vs->client_pf.bits_per_pixel = bits_per_pixel; 2214 vs->client_pf.bytes_per_pixel = bits_per_pixel / 8; 2215 vs->client_pf.depth = bits_per_pixel == 32 ? 24 : bits_per_pixel; 2216 vs->client_be = big_endian_flag; 2217 2218 if (!true_color_flag) { 2219 send_color_map(vs); 2220 } 2221 2222 set_pixel_conversion(vs); 2223 2224 graphic_hw_invalidate(vs->vd->dcl.con); 2225 graphic_hw_update(vs->vd->dcl.con); 2226 } 2227 2228 static void pixel_format_message (VncState *vs) { 2229 char pad[3] = { 0, 0, 0 }; 2230 2231 vs->client_pf = qemu_default_pixelformat(32); 2232 2233 vnc_write_u8(vs, vs->client_pf.bits_per_pixel); /* bits-per-pixel */ 2234 vnc_write_u8(vs, vs->client_pf.depth); /* depth */ 2235 2236 #ifdef HOST_WORDS_BIGENDIAN 2237 vnc_write_u8(vs, 1); /* big-endian-flag */ 2238 #else 2239 vnc_write_u8(vs, 0); /* big-endian-flag */ 2240 #endif 2241 vnc_write_u8(vs, 1); /* true-color-flag */ 2242 vnc_write_u16(vs, vs->client_pf.rmax); /* red-max */ 2243 vnc_write_u16(vs, vs->client_pf.gmax); /* green-max */ 2244 vnc_write_u16(vs, vs->client_pf.bmax); /* blue-max */ 2245 vnc_write_u8(vs, vs->client_pf.rshift); /* red-shift */ 2246 vnc_write_u8(vs, vs->client_pf.gshift); /* green-shift */ 2247 vnc_write_u8(vs, vs->client_pf.bshift); /* blue-shift */ 2248 vnc_write(vs, pad, 3); /* padding */ 2249 2250 vnc_hextile_set_pixel_conversion(vs, 0); 2251 vs->write_pixels = vnc_write_pixels_copy; 2252 } 2253 2254 static void vnc_colordepth(VncState *vs) 2255 { 2256 if (vnc_has_feature(vs, VNC_FEATURE_WMVI)) { 2257 /* Sending a WMVi message to notify the client*/ 2258 vnc_lock_output(vs); 2259 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2260 vnc_write_u8(vs, 0); 2261 vnc_write_u16(vs, 1); /* number of rects */ 2262 vnc_framebuffer_update(vs, 0, 0, 2263 pixman_image_get_width(vs->vd->server), 2264 pixman_image_get_height(vs->vd->server), 2265 VNC_ENCODING_WMVi); 2266 pixel_format_message(vs); 2267 vnc_unlock_output(vs); 2268 vnc_flush(vs); 2269 } else { 2270 set_pixel_conversion(vs); 2271 } 2272 } 2273 2274 static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len) 2275 { 2276 int i; 2277 uint16_t limit; 2278 uint32_t freq; 2279 VncDisplay *vd = vs->vd; 2280 2281 if (data[0] > 3) { 2282 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 2283 } 2284 2285 switch (data[0]) { 2286 case VNC_MSG_CLIENT_SET_PIXEL_FORMAT: 2287 if (len == 1) 2288 return 20; 2289 2290 set_pixel_format(vs, read_u8(data, 4), 2291 read_u8(data, 6), read_u8(data, 7), 2292 read_u16(data, 8), read_u16(data, 10), 2293 read_u16(data, 12), read_u8(data, 14), 2294 read_u8(data, 15), read_u8(data, 16)); 2295 break; 2296 case VNC_MSG_CLIENT_SET_ENCODINGS: 2297 if (len == 1) 2298 return 4; 2299 2300 if (len == 4) { 2301 limit = read_u16(data, 2); 2302 if (limit > 0) 2303 return 4 + (limit * 4); 2304 } else 2305 limit = read_u16(data, 2); 2306 2307 for (i = 0; i < limit; i++) { 2308 int32_t val = read_s32(data, 4 + (i * 4)); 2309 memcpy(data + 4 + (i * 4), &val, sizeof(val)); 2310 } 2311 2312 set_encodings(vs, (int32_t *)(data + 4), limit); 2313 break; 2314 case VNC_MSG_CLIENT_FRAMEBUFFER_UPDATE_REQUEST: 2315 if (len == 1) 2316 return 10; 2317 2318 framebuffer_update_request(vs, 2319 read_u8(data, 1), read_u16(data, 2), read_u16(data, 4), 2320 read_u16(data, 6), read_u16(data, 8)); 2321 break; 2322 case VNC_MSG_CLIENT_KEY_EVENT: 2323 if (len == 1) 2324 return 8; 2325 2326 key_event(vs, read_u8(data, 1), read_u32(data, 4)); 2327 break; 2328 case VNC_MSG_CLIENT_POINTER_EVENT: 2329 if (len == 1) 2330 return 6; 2331 2332 pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4)); 2333 break; 2334 case VNC_MSG_CLIENT_CUT_TEXT: 2335 if (len == 1) { 2336 return 8; 2337 } 2338 if (len == 8) { 2339 uint32_t dlen = read_u32(data, 4); 2340 if (dlen > (1 << 20)) { 2341 error_report("vnc: client_cut_text msg payload has %u bytes" 2342 " which exceeds our limit of 1MB.", dlen); 2343 vnc_client_error(vs); 2344 break; 2345 } 2346 if (dlen > 0) { 2347 return 8 + dlen; 2348 } 2349 } 2350 2351 client_cut_text(vs, read_u32(data, 4), data + 8); 2352 break; 2353 case VNC_MSG_CLIENT_QEMU: 2354 if (len == 1) 2355 return 2; 2356 2357 switch (read_u8(data, 1)) { 2358 case VNC_MSG_CLIENT_QEMU_EXT_KEY_EVENT: 2359 if (len == 2) 2360 return 12; 2361 2362 ext_key_event(vs, read_u16(data, 2), 2363 read_u32(data, 4), read_u32(data, 8)); 2364 break; 2365 case VNC_MSG_CLIENT_QEMU_AUDIO: 2366 if (len == 2) 2367 return 4; 2368 2369 switch (read_u16 (data, 2)) { 2370 case VNC_MSG_CLIENT_QEMU_AUDIO_ENABLE: 2371 audio_add(vs); 2372 break; 2373 case VNC_MSG_CLIENT_QEMU_AUDIO_DISABLE: 2374 audio_del(vs); 2375 break; 2376 case VNC_MSG_CLIENT_QEMU_AUDIO_SET_FORMAT: 2377 if (len == 4) 2378 return 10; 2379 switch (read_u8(data, 4)) { 2380 case 0: vs->as.fmt = AUDIO_FORMAT_U8; break; 2381 case 1: vs->as.fmt = AUDIO_FORMAT_S8; break; 2382 case 2: vs->as.fmt = AUDIO_FORMAT_U16; break; 2383 case 3: vs->as.fmt = AUDIO_FORMAT_S16; break; 2384 case 4: vs->as.fmt = AUDIO_FORMAT_U32; break; 2385 case 5: vs->as.fmt = AUDIO_FORMAT_S32; break; 2386 default: 2387 VNC_DEBUG("Invalid audio format %d\n", read_u8(data, 4)); 2388 vnc_client_error(vs); 2389 break; 2390 } 2391 vs->as.nchannels = read_u8(data, 5); 2392 if (vs->as.nchannels != 1 && vs->as.nchannels != 2) { 2393 VNC_DEBUG("Invalid audio channel count %d\n", 2394 read_u8(data, 5)); 2395 vnc_client_error(vs); 2396 break; 2397 } 2398 freq = read_u32(data, 6); 2399 /* No official limit for protocol, but 48khz is a sensible 2400 * upper bound for trustworthy clients, and this limit 2401 * protects calculations involving 'vs->as.freq' later. 2402 */ 2403 if (freq > 48000) { 2404 VNC_DEBUG("Invalid audio frequency %u > 48000", freq); 2405 vnc_client_error(vs); 2406 break; 2407 } 2408 vs->as.freq = freq; 2409 break; 2410 default: 2411 VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 4)); 2412 vnc_client_error(vs); 2413 break; 2414 } 2415 break; 2416 2417 default: 2418 VNC_DEBUG("Msg: %d\n", read_u16(data, 0)); 2419 vnc_client_error(vs); 2420 break; 2421 } 2422 break; 2423 default: 2424 VNC_DEBUG("Msg: %d\n", data[0]); 2425 vnc_client_error(vs); 2426 break; 2427 } 2428 2429 vnc_update_throttle_offset(vs); 2430 vnc_read_when(vs, protocol_client_msg, 1); 2431 return 0; 2432 } 2433 2434 static int protocol_client_init(VncState *vs, uint8_t *data, size_t len) 2435 { 2436 char buf[1024]; 2437 VncShareMode mode; 2438 int size; 2439 2440 mode = data[0] ? VNC_SHARE_MODE_SHARED : VNC_SHARE_MODE_EXCLUSIVE; 2441 switch (vs->vd->share_policy) { 2442 case VNC_SHARE_POLICY_IGNORE: 2443 /* 2444 * Ignore the shared flag. Nothing to do here. 2445 * 2446 * Doesn't conform to the rfb spec but is traditional qemu 2447 * behavior, thus left here as option for compatibility 2448 * reasons. 2449 */ 2450 break; 2451 case VNC_SHARE_POLICY_ALLOW_EXCLUSIVE: 2452 /* 2453 * Policy: Allow clients ask for exclusive access. 2454 * 2455 * Implementation: When a client asks for exclusive access, 2456 * disconnect all others. Shared connects are allowed as long 2457 * as no exclusive connection exists. 2458 * 2459 * This is how the rfb spec suggests to handle the shared flag. 2460 */ 2461 if (mode == VNC_SHARE_MODE_EXCLUSIVE) { 2462 VncState *client; 2463 QTAILQ_FOREACH(client, &vs->vd->clients, next) { 2464 if (vs == client) { 2465 continue; 2466 } 2467 if (client->share_mode != VNC_SHARE_MODE_EXCLUSIVE && 2468 client->share_mode != VNC_SHARE_MODE_SHARED) { 2469 continue; 2470 } 2471 vnc_disconnect_start(client); 2472 } 2473 } 2474 if (mode == VNC_SHARE_MODE_SHARED) { 2475 if (vs->vd->num_exclusive > 0) { 2476 vnc_disconnect_start(vs); 2477 return 0; 2478 } 2479 } 2480 break; 2481 case VNC_SHARE_POLICY_FORCE_SHARED: 2482 /* 2483 * Policy: Shared connects only. 2484 * Implementation: Disallow clients asking for exclusive access. 2485 * 2486 * Useful for shared desktop sessions where you don't want 2487 * someone forgetting to say -shared when running the vnc 2488 * client disconnect everybody else. 2489 */ 2490 if (mode == VNC_SHARE_MODE_EXCLUSIVE) { 2491 vnc_disconnect_start(vs); 2492 return 0; 2493 } 2494 break; 2495 } 2496 vnc_set_share_mode(vs, mode); 2497 2498 if (vs->vd->num_shared > vs->vd->connections_limit) { 2499 vnc_disconnect_start(vs); 2500 return 0; 2501 } 2502 2503 assert(pixman_image_get_width(vs->vd->server) < 65536 && 2504 pixman_image_get_width(vs->vd->server) >= 0); 2505 assert(pixman_image_get_height(vs->vd->server) < 65536 && 2506 pixman_image_get_height(vs->vd->server) >= 0); 2507 vs->client_width = pixman_image_get_width(vs->vd->server); 2508 vs->client_height = pixman_image_get_height(vs->vd->server); 2509 vnc_write_u16(vs, vs->client_width); 2510 vnc_write_u16(vs, vs->client_height); 2511 2512 pixel_format_message(vs); 2513 2514 if (qemu_name) { 2515 size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name); 2516 if (size > sizeof(buf)) { 2517 size = sizeof(buf); 2518 } 2519 } else { 2520 size = snprintf(buf, sizeof(buf), "QEMU"); 2521 } 2522 2523 vnc_write_u32(vs, size); 2524 vnc_write(vs, buf, size); 2525 vnc_flush(vs); 2526 2527 vnc_client_cache_auth(vs); 2528 vnc_qmp_event(vs, QAPI_EVENT_VNC_INITIALIZED); 2529 2530 vnc_read_when(vs, protocol_client_msg, 1); 2531 2532 return 0; 2533 } 2534 2535 void start_client_init(VncState *vs) 2536 { 2537 vnc_read_when(vs, protocol_client_init, 1); 2538 } 2539 2540 static void authentication_failed(VncState *vs) 2541 { 2542 vnc_write_u32(vs, 1); /* Reject auth */ 2543 if (vs->minor >= 8) { 2544 static const char err[] = "Authentication failed"; 2545 vnc_write_u32(vs, sizeof(err)); 2546 vnc_write(vs, err, sizeof(err)); 2547 } 2548 vnc_flush(vs); 2549 vnc_client_error(vs); 2550 } 2551 2552 static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len) 2553 { 2554 unsigned char response[VNC_AUTH_CHALLENGE_SIZE]; 2555 size_t i, pwlen; 2556 unsigned char key[8]; 2557 time_t now = time(NULL); 2558 QCryptoCipher *cipher = NULL; 2559 Error *err = NULL; 2560 2561 if (!vs->vd->password) { 2562 trace_vnc_auth_fail(vs, vs->auth, "password is not set", ""); 2563 goto reject; 2564 } 2565 if (vs->vd->expires < now) { 2566 trace_vnc_auth_fail(vs, vs->auth, "password is expired", ""); 2567 goto reject; 2568 } 2569 2570 memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE); 2571 2572 /* Calculate the expected challenge response */ 2573 pwlen = strlen(vs->vd->password); 2574 for (i=0; i<sizeof(key); i++) 2575 key[i] = i<pwlen ? vs->vd->password[i] : 0; 2576 2577 cipher = qcrypto_cipher_new( 2578 QCRYPTO_CIPHER_ALG_DES_RFB, 2579 QCRYPTO_CIPHER_MODE_ECB, 2580 key, G_N_ELEMENTS(key), 2581 &err); 2582 if (!cipher) { 2583 trace_vnc_auth_fail(vs, vs->auth, "cannot create cipher", 2584 error_get_pretty(err)); 2585 error_free(err); 2586 goto reject; 2587 } 2588 2589 if (qcrypto_cipher_encrypt(cipher, 2590 vs->challenge, 2591 response, 2592 VNC_AUTH_CHALLENGE_SIZE, 2593 &err) < 0) { 2594 trace_vnc_auth_fail(vs, vs->auth, "cannot encrypt challenge response", 2595 error_get_pretty(err)); 2596 error_free(err); 2597 goto reject; 2598 } 2599 2600 /* Compare expected vs actual challenge response */ 2601 if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) { 2602 trace_vnc_auth_fail(vs, vs->auth, "mis-matched challenge response", ""); 2603 goto reject; 2604 } else { 2605 trace_vnc_auth_pass(vs, vs->auth); 2606 vnc_write_u32(vs, 0); /* Accept auth */ 2607 vnc_flush(vs); 2608 2609 start_client_init(vs); 2610 } 2611 2612 qcrypto_cipher_free(cipher); 2613 return 0; 2614 2615 reject: 2616 authentication_failed(vs); 2617 qcrypto_cipher_free(cipher); 2618 return 0; 2619 } 2620 2621 void start_auth_vnc(VncState *vs) 2622 { 2623 Error *err = NULL; 2624 2625 if (qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), &err)) { 2626 trace_vnc_auth_fail(vs, vs->auth, "cannot get random bytes", 2627 error_get_pretty(err)); 2628 error_free(err); 2629 authentication_failed(vs); 2630 return; 2631 } 2632 2633 /* Send client a 'random' challenge */ 2634 vnc_write(vs, vs->challenge, sizeof(vs->challenge)); 2635 vnc_flush(vs); 2636 2637 vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge)); 2638 } 2639 2640 2641 static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len) 2642 { 2643 /* We only advertise 1 auth scheme at a time, so client 2644 * must pick the one we sent. Verify this */ 2645 if (data[0] != vs->auth) { /* Reject auth */ 2646 trace_vnc_auth_reject(vs, vs->auth, (int)data[0]); 2647 authentication_failed(vs); 2648 } else { /* Accept requested auth */ 2649 trace_vnc_auth_start(vs, vs->auth); 2650 switch (vs->auth) { 2651 case VNC_AUTH_NONE: 2652 if (vs->minor >= 8) { 2653 vnc_write_u32(vs, 0); /* Accept auth completion */ 2654 vnc_flush(vs); 2655 } 2656 trace_vnc_auth_pass(vs, vs->auth); 2657 start_client_init(vs); 2658 break; 2659 2660 case VNC_AUTH_VNC: 2661 start_auth_vnc(vs); 2662 break; 2663 2664 case VNC_AUTH_VENCRYPT: 2665 start_auth_vencrypt(vs); 2666 break; 2667 2668 #ifdef CONFIG_VNC_SASL 2669 case VNC_AUTH_SASL: 2670 start_auth_sasl(vs); 2671 break; 2672 #endif /* CONFIG_VNC_SASL */ 2673 2674 default: /* Should not be possible, but just in case */ 2675 trace_vnc_auth_fail(vs, vs->auth, "Unhandled auth method", ""); 2676 authentication_failed(vs); 2677 } 2678 } 2679 return 0; 2680 } 2681 2682 static int protocol_version(VncState *vs, uint8_t *version, size_t len) 2683 { 2684 char local[13]; 2685 2686 memcpy(local, version, 12); 2687 local[12] = 0; 2688 2689 if (sscanf(local, "RFB %03d.%03d\n", &vs->major, &vs->minor) != 2) { 2690 VNC_DEBUG("Malformed protocol version %s\n", local); 2691 vnc_client_error(vs); 2692 return 0; 2693 } 2694 VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, vs->minor); 2695 if (vs->major != 3 || 2696 (vs->minor != 3 && 2697 vs->minor != 4 && 2698 vs->minor != 5 && 2699 vs->minor != 7 && 2700 vs->minor != 8)) { 2701 VNC_DEBUG("Unsupported client version\n"); 2702 vnc_write_u32(vs, VNC_AUTH_INVALID); 2703 vnc_flush(vs); 2704 vnc_client_error(vs); 2705 return 0; 2706 } 2707 /* Some broken clients report v3.4 or v3.5, which spec requires to be treated 2708 * as equivalent to v3.3 by servers 2709 */ 2710 if (vs->minor == 4 || vs->minor == 5) 2711 vs->minor = 3; 2712 2713 if (vs->minor == 3) { 2714 trace_vnc_auth_start(vs, vs->auth); 2715 if (vs->auth == VNC_AUTH_NONE) { 2716 vnc_write_u32(vs, vs->auth); 2717 vnc_flush(vs); 2718 trace_vnc_auth_pass(vs, vs->auth); 2719 start_client_init(vs); 2720 } else if (vs->auth == VNC_AUTH_VNC) { 2721 VNC_DEBUG("Tell client VNC auth\n"); 2722 vnc_write_u32(vs, vs->auth); 2723 vnc_flush(vs); 2724 start_auth_vnc(vs); 2725 } else { 2726 trace_vnc_auth_fail(vs, vs->auth, 2727 "Unsupported auth method for v3.3", ""); 2728 vnc_write_u32(vs, VNC_AUTH_INVALID); 2729 vnc_flush(vs); 2730 vnc_client_error(vs); 2731 } 2732 } else { 2733 vnc_write_u8(vs, 1); /* num auth */ 2734 vnc_write_u8(vs, vs->auth); 2735 vnc_read_when(vs, protocol_client_auth, 1); 2736 vnc_flush(vs); 2737 } 2738 2739 return 0; 2740 } 2741 2742 static VncRectStat *vnc_stat_rect(VncDisplay *vd, int x, int y) 2743 { 2744 struct VncSurface *vs = &vd->guest; 2745 2746 return &vs->stats[y / VNC_STAT_RECT][x / VNC_STAT_RECT]; 2747 } 2748 2749 void vnc_sent_lossy_rect(VncState *vs, int x, int y, int w, int h) 2750 { 2751 int i, j; 2752 2753 w = (x + w) / VNC_STAT_RECT; 2754 h = (y + h) / VNC_STAT_RECT; 2755 x /= VNC_STAT_RECT; 2756 y /= VNC_STAT_RECT; 2757 2758 for (j = y; j <= h; j++) { 2759 for (i = x; i <= w; i++) { 2760 vs->lossy_rect[j][i] = 1; 2761 } 2762 } 2763 } 2764 2765 static int vnc_refresh_lossy_rect(VncDisplay *vd, int x, int y) 2766 { 2767 VncState *vs; 2768 int sty = y / VNC_STAT_RECT; 2769 int stx = x / VNC_STAT_RECT; 2770 int has_dirty = 0; 2771 2772 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT); 2773 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT); 2774 2775 QTAILQ_FOREACH(vs, &vd->clients, next) { 2776 int j; 2777 2778 /* kernel send buffers are full -> refresh later */ 2779 if (vs->output.offset) { 2780 continue; 2781 } 2782 2783 if (!vs->lossy_rect[sty][stx]) { 2784 continue; 2785 } 2786 2787 vs->lossy_rect[sty][stx] = 0; 2788 for (j = 0; j < VNC_STAT_RECT; ++j) { 2789 bitmap_set(vs->dirty[y + j], 2790 x / VNC_DIRTY_PIXELS_PER_BIT, 2791 VNC_STAT_RECT / VNC_DIRTY_PIXELS_PER_BIT); 2792 } 2793 has_dirty++; 2794 } 2795 2796 return has_dirty; 2797 } 2798 2799 static int vnc_update_stats(VncDisplay *vd, struct timeval * tv) 2800 { 2801 int width = MIN(pixman_image_get_width(vd->guest.fb), 2802 pixman_image_get_width(vd->server)); 2803 int height = MIN(pixman_image_get_height(vd->guest.fb), 2804 pixman_image_get_height(vd->server)); 2805 int x, y; 2806 struct timeval res; 2807 int has_dirty = 0; 2808 2809 for (y = 0; y < height; y += VNC_STAT_RECT) { 2810 for (x = 0; x < width; x += VNC_STAT_RECT) { 2811 VncRectStat *rect = vnc_stat_rect(vd, x, y); 2812 2813 rect->updated = false; 2814 } 2815 } 2816 2817 qemu_timersub(tv, &VNC_REFRESH_STATS, &res); 2818 2819 if (timercmp(&vd->guest.last_freq_check, &res, >)) { 2820 return has_dirty; 2821 } 2822 vd->guest.last_freq_check = *tv; 2823 2824 for (y = 0; y < height; y += VNC_STAT_RECT) { 2825 for (x = 0; x < width; x += VNC_STAT_RECT) { 2826 VncRectStat *rect= vnc_stat_rect(vd, x, y); 2827 int count = ARRAY_SIZE(rect->times); 2828 struct timeval min, max; 2829 2830 if (!timerisset(&rect->times[count - 1])) { 2831 continue ; 2832 } 2833 2834 max = rect->times[(rect->idx + count - 1) % count]; 2835 qemu_timersub(tv, &max, &res); 2836 2837 if (timercmp(&res, &VNC_REFRESH_LOSSY, >)) { 2838 rect->freq = 0; 2839 has_dirty += vnc_refresh_lossy_rect(vd, x, y); 2840 memset(rect->times, 0, sizeof (rect->times)); 2841 continue ; 2842 } 2843 2844 min = rect->times[rect->idx]; 2845 max = rect->times[(rect->idx + count - 1) % count]; 2846 qemu_timersub(&max, &min, &res); 2847 2848 rect->freq = res.tv_sec + res.tv_usec / 1000000.; 2849 rect->freq /= count; 2850 rect->freq = 1. / rect->freq; 2851 } 2852 } 2853 return has_dirty; 2854 } 2855 2856 double vnc_update_freq(VncState *vs, int x, int y, int w, int h) 2857 { 2858 int i, j; 2859 double total = 0; 2860 int num = 0; 2861 2862 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT); 2863 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT); 2864 2865 for (j = y; j <= y + h; j += VNC_STAT_RECT) { 2866 for (i = x; i <= x + w; i += VNC_STAT_RECT) { 2867 total += vnc_stat_rect(vs->vd, i, j)->freq; 2868 num++; 2869 } 2870 } 2871 2872 if (num) { 2873 return total / num; 2874 } else { 2875 return 0; 2876 } 2877 } 2878 2879 static void vnc_rect_updated(VncDisplay *vd, int x, int y, struct timeval * tv) 2880 { 2881 VncRectStat *rect; 2882 2883 rect = vnc_stat_rect(vd, x, y); 2884 if (rect->updated) { 2885 return ; 2886 } 2887 rect->times[rect->idx] = *tv; 2888 rect->idx = (rect->idx + 1) % ARRAY_SIZE(rect->times); 2889 rect->updated = true; 2890 } 2891 2892 static int vnc_refresh_server_surface(VncDisplay *vd) 2893 { 2894 int width = MIN(pixman_image_get_width(vd->guest.fb), 2895 pixman_image_get_width(vd->server)); 2896 int height = MIN(pixman_image_get_height(vd->guest.fb), 2897 pixman_image_get_height(vd->server)); 2898 int cmp_bytes, server_stride, line_bytes, guest_ll, guest_stride, y = 0; 2899 uint8_t *guest_row0 = NULL, *server_row0; 2900 VncState *vs; 2901 int has_dirty = 0; 2902 pixman_image_t *tmpbuf = NULL; 2903 2904 struct timeval tv = { 0, 0 }; 2905 2906 if (!vd->non_adaptive) { 2907 gettimeofday(&tv, NULL); 2908 has_dirty = vnc_update_stats(vd, &tv); 2909 } 2910 2911 /* 2912 * Walk through the guest dirty map. 2913 * Check and copy modified bits from guest to server surface. 2914 * Update server dirty map. 2915 */ 2916 server_row0 = (uint8_t *)pixman_image_get_data(vd->server); 2917 server_stride = guest_stride = guest_ll = 2918 pixman_image_get_stride(vd->server); 2919 cmp_bytes = MIN(VNC_DIRTY_PIXELS_PER_BIT * VNC_SERVER_FB_BYTES, 2920 server_stride); 2921 if (vd->guest.format != VNC_SERVER_FB_FORMAT) { 2922 int width = pixman_image_get_width(vd->server); 2923 tmpbuf = qemu_pixman_linebuf_create(VNC_SERVER_FB_FORMAT, width); 2924 } else { 2925 int guest_bpp = 2926 PIXMAN_FORMAT_BPP(pixman_image_get_format(vd->guest.fb)); 2927 guest_row0 = (uint8_t *)pixman_image_get_data(vd->guest.fb); 2928 guest_stride = pixman_image_get_stride(vd->guest.fb); 2929 guest_ll = pixman_image_get_width(vd->guest.fb) 2930 * DIV_ROUND_UP(guest_bpp, 8); 2931 } 2932 line_bytes = MIN(server_stride, guest_ll); 2933 2934 for (;;) { 2935 int x; 2936 uint8_t *guest_ptr, *server_ptr; 2937 unsigned long offset = find_next_bit((unsigned long *) &vd->guest.dirty, 2938 height * VNC_DIRTY_BPL(&vd->guest), 2939 y * VNC_DIRTY_BPL(&vd->guest)); 2940 if (offset == height * VNC_DIRTY_BPL(&vd->guest)) { 2941 /* no more dirty bits */ 2942 break; 2943 } 2944 y = offset / VNC_DIRTY_BPL(&vd->guest); 2945 x = offset % VNC_DIRTY_BPL(&vd->guest); 2946 2947 server_ptr = server_row0 + y * server_stride + x * cmp_bytes; 2948 2949 if (vd->guest.format != VNC_SERVER_FB_FORMAT) { 2950 qemu_pixman_linebuf_fill(tmpbuf, vd->guest.fb, width, 0, y); 2951 guest_ptr = (uint8_t *)pixman_image_get_data(tmpbuf); 2952 } else { 2953 guest_ptr = guest_row0 + y * guest_stride; 2954 } 2955 guest_ptr += x * cmp_bytes; 2956 2957 for (; x < DIV_ROUND_UP(width, VNC_DIRTY_PIXELS_PER_BIT); 2958 x++, guest_ptr += cmp_bytes, server_ptr += cmp_bytes) { 2959 int _cmp_bytes = cmp_bytes; 2960 if (!test_and_clear_bit(x, vd->guest.dirty[y])) { 2961 continue; 2962 } 2963 if ((x + 1) * cmp_bytes > line_bytes) { 2964 _cmp_bytes = line_bytes - x * cmp_bytes; 2965 } 2966 assert(_cmp_bytes >= 0); 2967 if (memcmp(server_ptr, guest_ptr, _cmp_bytes) == 0) { 2968 continue; 2969 } 2970 memcpy(server_ptr, guest_ptr, _cmp_bytes); 2971 if (!vd->non_adaptive) { 2972 vnc_rect_updated(vd, x * VNC_DIRTY_PIXELS_PER_BIT, 2973 y, &tv); 2974 } 2975 QTAILQ_FOREACH(vs, &vd->clients, next) { 2976 set_bit(x, vs->dirty[y]); 2977 } 2978 has_dirty++; 2979 } 2980 2981 y++; 2982 } 2983 qemu_pixman_image_unref(tmpbuf); 2984 return has_dirty; 2985 } 2986 2987 static void vnc_refresh(DisplayChangeListener *dcl) 2988 { 2989 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 2990 VncState *vs, *vn; 2991 int has_dirty, rects = 0; 2992 2993 if (QTAILQ_EMPTY(&vd->clients)) { 2994 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_MAX); 2995 return; 2996 } 2997 2998 graphic_hw_update(vd->dcl.con); 2999 3000 if (vnc_trylock_display(vd)) { 3001 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 3002 return; 3003 } 3004 3005 has_dirty = vnc_refresh_server_surface(vd); 3006 vnc_unlock_display(vd); 3007 3008 QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) { 3009 rects += vnc_update_client(vs, has_dirty); 3010 /* vs might be free()ed here */ 3011 } 3012 3013 if (has_dirty && rects) { 3014 vd->dcl.update_interval /= 2; 3015 if (vd->dcl.update_interval < VNC_REFRESH_INTERVAL_BASE) { 3016 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_BASE; 3017 } 3018 } else { 3019 vd->dcl.update_interval += VNC_REFRESH_INTERVAL_INC; 3020 if (vd->dcl.update_interval > VNC_REFRESH_INTERVAL_MAX) { 3021 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_MAX; 3022 } 3023 } 3024 } 3025 3026 static void vnc_connect(VncDisplay *vd, QIOChannelSocket *sioc, 3027 bool skipauth, bool websocket) 3028 { 3029 VncState *vs = g_new0(VncState, 1); 3030 bool first_client = QTAILQ_EMPTY(&vd->clients); 3031 int i; 3032 3033 trace_vnc_client_connect(vs, sioc); 3034 vs->magic = VNC_MAGIC; 3035 vs->sioc = sioc; 3036 object_ref(OBJECT(vs->sioc)); 3037 vs->ioc = QIO_CHANNEL(sioc); 3038 object_ref(OBJECT(vs->ioc)); 3039 vs->vd = vd; 3040 3041 buffer_init(&vs->input, "vnc-input/%p", sioc); 3042 buffer_init(&vs->output, "vnc-output/%p", sioc); 3043 buffer_init(&vs->jobs_buffer, "vnc-jobs_buffer/%p", sioc); 3044 3045 buffer_init(&vs->tight.tight, "vnc-tight/%p", sioc); 3046 buffer_init(&vs->tight.zlib, "vnc-tight-zlib/%p", sioc); 3047 buffer_init(&vs->tight.gradient, "vnc-tight-gradient/%p", sioc); 3048 #ifdef CONFIG_VNC_JPEG 3049 buffer_init(&vs->tight.jpeg, "vnc-tight-jpeg/%p", sioc); 3050 #endif 3051 #ifdef CONFIG_VNC_PNG 3052 buffer_init(&vs->tight.png, "vnc-tight-png/%p", sioc); 3053 #endif 3054 buffer_init(&vs->zlib.zlib, "vnc-zlib/%p", sioc); 3055 buffer_init(&vs->zrle.zrle, "vnc-zrle/%p", sioc); 3056 buffer_init(&vs->zrle.fb, "vnc-zrle-fb/%p", sioc); 3057 buffer_init(&vs->zrle.zlib, "vnc-zrle-zlib/%p", sioc); 3058 3059 if (skipauth) { 3060 vs->auth = VNC_AUTH_NONE; 3061 vs->subauth = VNC_AUTH_INVALID; 3062 } else { 3063 if (websocket) { 3064 vs->auth = vd->ws_auth; 3065 vs->subauth = VNC_AUTH_INVALID; 3066 } else { 3067 vs->auth = vd->auth; 3068 vs->subauth = vd->subauth; 3069 } 3070 } 3071 VNC_DEBUG("Client sioc=%p ws=%d auth=%d subauth=%d\n", 3072 sioc, websocket, vs->auth, vs->subauth); 3073 3074 vs->lossy_rect = g_malloc0(VNC_STAT_ROWS * sizeof (*vs->lossy_rect)); 3075 for (i = 0; i < VNC_STAT_ROWS; ++i) { 3076 vs->lossy_rect[i] = g_new0(uint8_t, VNC_STAT_COLS); 3077 } 3078 3079 VNC_DEBUG("New client on socket %p\n", vs->sioc); 3080 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 3081 qio_channel_set_blocking(vs->ioc, false, NULL); 3082 if (vs->ioc_tag) { 3083 g_source_remove(vs->ioc_tag); 3084 } 3085 if (websocket) { 3086 vs->websocket = 1; 3087 if (vd->tlscreds) { 3088 vs->ioc_tag = qio_channel_add_watch( 3089 vs->ioc, G_IO_IN, vncws_tls_handshake_io, vs, NULL); 3090 } else { 3091 vs->ioc_tag = qio_channel_add_watch( 3092 vs->ioc, G_IO_IN, vncws_handshake_io, vs, NULL); 3093 } 3094 } else { 3095 vs->ioc_tag = qio_channel_add_watch( 3096 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 3097 } 3098 3099 vnc_client_cache_addr(vs); 3100 vnc_qmp_event(vs, QAPI_EVENT_VNC_CONNECTED); 3101 vnc_set_share_mode(vs, VNC_SHARE_MODE_CONNECTING); 3102 3103 vs->last_x = -1; 3104 vs->last_y = -1; 3105 3106 vs->as.freq = 44100; 3107 vs->as.nchannels = 2; 3108 vs->as.fmt = AUDIO_FORMAT_S16; 3109 vs->as.endianness = 0; 3110 3111 qemu_mutex_init(&vs->output_mutex); 3112 vs->bh = qemu_bh_new(vnc_jobs_bh, vs); 3113 3114 QTAILQ_INSERT_TAIL(&vd->clients, vs, next); 3115 if (first_client) { 3116 vnc_update_server_surface(vd); 3117 } 3118 3119 graphic_hw_update(vd->dcl.con); 3120 3121 if (!vs->websocket) { 3122 vnc_start_protocol(vs); 3123 } 3124 3125 if (vd->num_connecting > vd->connections_limit) { 3126 QTAILQ_FOREACH(vs, &vd->clients, next) { 3127 if (vs->share_mode == VNC_SHARE_MODE_CONNECTING) { 3128 vnc_disconnect_start(vs); 3129 return; 3130 } 3131 } 3132 } 3133 } 3134 3135 void vnc_start_protocol(VncState *vs) 3136 { 3137 vnc_write(vs, "RFB 003.008\n", 12); 3138 vnc_flush(vs); 3139 vnc_read_when(vs, protocol_version, 12); 3140 3141 vs->mouse_mode_notifier.notify = check_pointer_type_change; 3142 qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier); 3143 } 3144 3145 static void vnc_listen_io(QIONetListener *listener, 3146 QIOChannelSocket *cioc, 3147 void *opaque) 3148 { 3149 VncDisplay *vd = opaque; 3150 bool isWebsock = listener == vd->wslistener; 3151 3152 qio_channel_set_name(QIO_CHANNEL(cioc), 3153 isWebsock ? "vnc-ws-server" : "vnc-server"); 3154 qio_channel_set_delay(QIO_CHANNEL(cioc), false); 3155 vnc_connect(vd, cioc, false, isWebsock); 3156 } 3157 3158 static const DisplayChangeListenerOps dcl_ops = { 3159 .dpy_name = "vnc", 3160 .dpy_refresh = vnc_refresh, 3161 .dpy_gfx_update = vnc_dpy_update, 3162 .dpy_gfx_switch = vnc_dpy_switch, 3163 .dpy_gfx_check_format = qemu_pixman_check_format, 3164 .dpy_mouse_set = vnc_mouse_set, 3165 .dpy_cursor_define = vnc_dpy_cursor_define, 3166 }; 3167 3168 void vnc_display_init(const char *id, Error **errp) 3169 { 3170 VncDisplay *vd; 3171 3172 if (vnc_display_find(id) != NULL) { 3173 return; 3174 } 3175 vd = g_malloc0(sizeof(*vd)); 3176 3177 vd->id = strdup(id); 3178 QTAILQ_INSERT_TAIL(&vnc_displays, vd, next); 3179 3180 QTAILQ_INIT(&vd->clients); 3181 vd->expires = TIME_MAX; 3182 3183 if (keyboard_layout) { 3184 trace_vnc_key_map_init(keyboard_layout); 3185 vd->kbd_layout = init_keyboard_layout(name2keysym, 3186 keyboard_layout, errp); 3187 } else { 3188 vd->kbd_layout = init_keyboard_layout(name2keysym, "en-us", errp); 3189 } 3190 3191 if (!vd->kbd_layout) { 3192 return; 3193 } 3194 3195 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 3196 vd->connections_limit = 32; 3197 3198 qemu_mutex_init(&vd->mutex); 3199 vnc_start_worker_thread(); 3200 3201 vd->dcl.ops = &dcl_ops; 3202 register_displaychangelistener(&vd->dcl); 3203 vd->kbd = qkbd_state_init(vd->dcl.con); 3204 } 3205 3206 3207 static void vnc_display_close(VncDisplay *vd) 3208 { 3209 if (!vd) { 3210 return; 3211 } 3212 vd->is_unix = false; 3213 3214 if (vd->listener) { 3215 qio_net_listener_disconnect(vd->listener); 3216 object_unref(OBJECT(vd->listener)); 3217 } 3218 vd->listener = NULL; 3219 3220 if (vd->wslistener) { 3221 qio_net_listener_disconnect(vd->wslistener); 3222 object_unref(OBJECT(vd->wslistener)); 3223 } 3224 vd->wslistener = NULL; 3225 3226 vd->auth = VNC_AUTH_INVALID; 3227 vd->subauth = VNC_AUTH_INVALID; 3228 if (vd->tlscreds) { 3229 object_unparent(OBJECT(vd->tlscreds)); 3230 vd->tlscreds = NULL; 3231 } 3232 if (vd->tlsauthz) { 3233 object_unparent(OBJECT(vd->tlsauthz)); 3234 vd->tlsauthz = NULL; 3235 } 3236 g_free(vd->tlsauthzid); 3237 vd->tlsauthzid = NULL; 3238 if (vd->lock_key_sync) { 3239 qemu_remove_led_event_handler(vd->led); 3240 vd->led = NULL; 3241 } 3242 #ifdef CONFIG_VNC_SASL 3243 if (vd->sasl.authz) { 3244 object_unparent(OBJECT(vd->sasl.authz)); 3245 vd->sasl.authz = NULL; 3246 } 3247 g_free(vd->sasl.authzid); 3248 vd->sasl.authzid = NULL; 3249 #endif 3250 } 3251 3252 int vnc_display_password(const char *id, const char *password) 3253 { 3254 VncDisplay *vd = vnc_display_find(id); 3255 3256 if (!vd) { 3257 return -EINVAL; 3258 } 3259 if (vd->auth == VNC_AUTH_NONE) { 3260 error_printf_unless_qmp("If you want use passwords please enable " 3261 "password auth using '-vnc ${dpy},password'.\n"); 3262 return -EINVAL; 3263 } 3264 3265 g_free(vd->password); 3266 vd->password = g_strdup(password); 3267 3268 return 0; 3269 } 3270 3271 int vnc_display_pw_expire(const char *id, time_t expires) 3272 { 3273 VncDisplay *vd = vnc_display_find(id); 3274 3275 if (!vd) { 3276 return -EINVAL; 3277 } 3278 3279 vd->expires = expires; 3280 return 0; 3281 } 3282 3283 static void vnc_display_print_local_addr(VncDisplay *vd) 3284 { 3285 SocketAddress *addr; 3286 Error *err = NULL; 3287 3288 if (!vd->listener || !vd->listener->nsioc) { 3289 return; 3290 } 3291 3292 addr = qio_channel_socket_get_local_address(vd->listener->sioc[0], &err); 3293 if (!addr) { 3294 return; 3295 } 3296 3297 if (addr->type != SOCKET_ADDRESS_TYPE_INET) { 3298 qapi_free_SocketAddress(addr); 3299 return; 3300 } 3301 error_printf_unless_qmp("VNC server running on %s:%s\n", 3302 addr->u.inet.host, 3303 addr->u.inet.port); 3304 qapi_free_SocketAddress(addr); 3305 } 3306 3307 static QemuOptsList qemu_vnc_opts = { 3308 .name = "vnc", 3309 .head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head), 3310 .implied_opt_name = "vnc", 3311 .desc = { 3312 { 3313 .name = "vnc", 3314 .type = QEMU_OPT_STRING, 3315 },{ 3316 .name = "websocket", 3317 .type = QEMU_OPT_STRING, 3318 },{ 3319 .name = "tls-creds", 3320 .type = QEMU_OPT_STRING, 3321 },{ 3322 .name = "share", 3323 .type = QEMU_OPT_STRING, 3324 },{ 3325 .name = "display", 3326 .type = QEMU_OPT_STRING, 3327 },{ 3328 .name = "head", 3329 .type = QEMU_OPT_NUMBER, 3330 },{ 3331 .name = "connections", 3332 .type = QEMU_OPT_NUMBER, 3333 },{ 3334 .name = "to", 3335 .type = QEMU_OPT_NUMBER, 3336 },{ 3337 .name = "ipv4", 3338 .type = QEMU_OPT_BOOL, 3339 },{ 3340 .name = "ipv6", 3341 .type = QEMU_OPT_BOOL, 3342 },{ 3343 .name = "password", 3344 .type = QEMU_OPT_BOOL, 3345 },{ 3346 .name = "reverse", 3347 .type = QEMU_OPT_BOOL, 3348 },{ 3349 .name = "lock-key-sync", 3350 .type = QEMU_OPT_BOOL, 3351 },{ 3352 .name = "key-delay-ms", 3353 .type = QEMU_OPT_NUMBER, 3354 },{ 3355 .name = "sasl", 3356 .type = QEMU_OPT_BOOL, 3357 },{ 3358 .name = "acl", 3359 .type = QEMU_OPT_BOOL, 3360 },{ 3361 .name = "tls-authz", 3362 .type = QEMU_OPT_STRING, 3363 },{ 3364 .name = "sasl-authz", 3365 .type = QEMU_OPT_STRING, 3366 },{ 3367 .name = "lossy", 3368 .type = QEMU_OPT_BOOL, 3369 },{ 3370 .name = "non-adaptive", 3371 .type = QEMU_OPT_BOOL, 3372 }, 3373 { /* end of list */ } 3374 }, 3375 }; 3376 3377 3378 static int 3379 vnc_display_setup_auth(int *auth, 3380 int *subauth, 3381 QCryptoTLSCreds *tlscreds, 3382 bool password, 3383 bool sasl, 3384 bool websocket, 3385 Error **errp) 3386 { 3387 /* 3388 * We have a choice of 3 authentication options 3389 * 3390 * 1. none 3391 * 2. vnc 3392 * 3. sasl 3393 * 3394 * The channel can be run in 2 modes 3395 * 3396 * 1. clear 3397 * 2. tls 3398 * 3399 * And TLS can use 2 types of credentials 3400 * 3401 * 1. anon 3402 * 2. x509 3403 * 3404 * We thus have 9 possible logical combinations 3405 * 3406 * 1. clear + none 3407 * 2. clear + vnc 3408 * 3. clear + sasl 3409 * 4. tls + anon + none 3410 * 5. tls + anon + vnc 3411 * 6. tls + anon + sasl 3412 * 7. tls + x509 + none 3413 * 8. tls + x509 + vnc 3414 * 9. tls + x509 + sasl 3415 * 3416 * These need to be mapped into the VNC auth schemes 3417 * in an appropriate manner. In regular VNC, all the 3418 * TLS options get mapped into VNC_AUTH_VENCRYPT 3419 * sub-auth types. 3420 * 3421 * In websockets, the https:// protocol already provides 3422 * TLS support, so there is no need to make use of the 3423 * VeNCrypt extension. Furthermore, websockets browser 3424 * clients could not use VeNCrypt even if they wanted to, 3425 * as they cannot control when the TLS handshake takes 3426 * place. Thus there is no option but to rely on https://, 3427 * meaning combinations 4->6 and 7->9 will be mapped to 3428 * VNC auth schemes in the same way as combos 1->3. 3429 * 3430 * Regardless of fact that we have a different mapping to 3431 * VNC auth mechs for plain VNC vs websockets VNC, the end 3432 * result has the same security characteristics. 3433 */ 3434 if (websocket || !tlscreds) { 3435 if (password) { 3436 VNC_DEBUG("Initializing VNC server with password auth\n"); 3437 *auth = VNC_AUTH_VNC; 3438 } else if (sasl) { 3439 VNC_DEBUG("Initializing VNC server with SASL auth\n"); 3440 *auth = VNC_AUTH_SASL; 3441 } else { 3442 VNC_DEBUG("Initializing VNC server with no auth\n"); 3443 *auth = VNC_AUTH_NONE; 3444 } 3445 *subauth = VNC_AUTH_INVALID; 3446 } else { 3447 bool is_x509 = object_dynamic_cast(OBJECT(tlscreds), 3448 TYPE_QCRYPTO_TLS_CREDS_X509) != NULL; 3449 bool is_anon = object_dynamic_cast(OBJECT(tlscreds), 3450 TYPE_QCRYPTO_TLS_CREDS_ANON) != NULL; 3451 3452 if (!is_x509 && !is_anon) { 3453 error_setg(errp, 3454 "Unsupported TLS cred type %s", 3455 object_get_typename(OBJECT(tlscreds))); 3456 return -1; 3457 } 3458 *auth = VNC_AUTH_VENCRYPT; 3459 if (password) { 3460 if (is_x509) { 3461 VNC_DEBUG("Initializing VNC server with x509 password auth\n"); 3462 *subauth = VNC_AUTH_VENCRYPT_X509VNC; 3463 } else { 3464 VNC_DEBUG("Initializing VNC server with TLS password auth\n"); 3465 *subauth = VNC_AUTH_VENCRYPT_TLSVNC; 3466 } 3467 3468 } else if (sasl) { 3469 if (is_x509) { 3470 VNC_DEBUG("Initializing VNC server with x509 SASL auth\n"); 3471 *subauth = VNC_AUTH_VENCRYPT_X509SASL; 3472 } else { 3473 VNC_DEBUG("Initializing VNC server with TLS SASL auth\n"); 3474 *subauth = VNC_AUTH_VENCRYPT_TLSSASL; 3475 } 3476 } else { 3477 if (is_x509) { 3478 VNC_DEBUG("Initializing VNC server with x509 no auth\n"); 3479 *subauth = VNC_AUTH_VENCRYPT_X509NONE; 3480 } else { 3481 VNC_DEBUG("Initializing VNC server with TLS no auth\n"); 3482 *subauth = VNC_AUTH_VENCRYPT_TLSNONE; 3483 } 3484 } 3485 } 3486 return 0; 3487 } 3488 3489 3490 static int vnc_display_get_address(const char *addrstr, 3491 bool websocket, 3492 bool reverse, 3493 int displaynum, 3494 int to, 3495 bool has_ipv4, 3496 bool has_ipv6, 3497 bool ipv4, 3498 bool ipv6, 3499 SocketAddress **retaddr, 3500 Error **errp) 3501 { 3502 int ret = -1; 3503 SocketAddress *addr = NULL; 3504 3505 addr = g_new0(SocketAddress, 1); 3506 3507 if (strncmp(addrstr, "unix:", 5) == 0) { 3508 addr->type = SOCKET_ADDRESS_TYPE_UNIX; 3509 addr->u.q_unix.path = g_strdup(addrstr + 5); 3510 3511 if (websocket) { 3512 error_setg(errp, "UNIX sockets not supported with websock"); 3513 goto cleanup; 3514 } 3515 3516 if (to) { 3517 error_setg(errp, "Port range not support with UNIX socket"); 3518 goto cleanup; 3519 } 3520 ret = 0; 3521 } else { 3522 const char *port; 3523 size_t hostlen; 3524 unsigned long long baseport = 0; 3525 InetSocketAddress *inet; 3526 3527 port = strrchr(addrstr, ':'); 3528 if (!port) { 3529 if (websocket) { 3530 hostlen = 0; 3531 port = addrstr; 3532 } else { 3533 error_setg(errp, "no vnc port specified"); 3534 goto cleanup; 3535 } 3536 } else { 3537 hostlen = port - addrstr; 3538 port++; 3539 if (*port == '\0') { 3540 error_setg(errp, "vnc port cannot be empty"); 3541 goto cleanup; 3542 } 3543 } 3544 3545 addr->type = SOCKET_ADDRESS_TYPE_INET; 3546 inet = &addr->u.inet; 3547 if (addrstr[0] == '[' && addrstr[hostlen - 1] == ']') { 3548 inet->host = g_strndup(addrstr + 1, hostlen - 2); 3549 } else { 3550 inet->host = g_strndup(addrstr, hostlen); 3551 } 3552 /* plain VNC port is just an offset, for websocket 3553 * port is absolute */ 3554 if (websocket) { 3555 if (g_str_equal(addrstr, "") || 3556 g_str_equal(addrstr, "on")) { 3557 if (displaynum == -1) { 3558 error_setg(errp, "explicit websocket port is required"); 3559 goto cleanup; 3560 } 3561 inet->port = g_strdup_printf( 3562 "%d", displaynum + 5700); 3563 if (to) { 3564 inet->has_to = true; 3565 inet->to = to + 5700; 3566 } 3567 } else { 3568 inet->port = g_strdup(port); 3569 } 3570 } else { 3571 int offset = reverse ? 0 : 5900; 3572 if (parse_uint_full(port, &baseport, 10) < 0) { 3573 error_setg(errp, "can't convert to a number: %s", port); 3574 goto cleanup; 3575 } 3576 if (baseport > 65535 || 3577 baseport + offset > 65535) { 3578 error_setg(errp, "port %s out of range", port); 3579 goto cleanup; 3580 } 3581 inet->port = g_strdup_printf( 3582 "%d", (int)baseport + offset); 3583 3584 if (to) { 3585 inet->has_to = true; 3586 inet->to = to + offset; 3587 } 3588 } 3589 3590 inet->ipv4 = ipv4; 3591 inet->has_ipv4 = has_ipv4; 3592 inet->ipv6 = ipv6; 3593 inet->has_ipv6 = has_ipv6; 3594 3595 ret = baseport; 3596 } 3597 3598 *retaddr = addr; 3599 3600 cleanup: 3601 if (ret < 0) { 3602 qapi_free_SocketAddress(addr); 3603 } 3604 return ret; 3605 } 3606 3607 static void vnc_free_addresses(SocketAddress ***retsaddr, 3608 size_t *retnsaddr) 3609 { 3610 size_t i; 3611 3612 for (i = 0; i < *retnsaddr; i++) { 3613 qapi_free_SocketAddress((*retsaddr)[i]); 3614 } 3615 g_free(*retsaddr); 3616 3617 *retsaddr = NULL; 3618 *retnsaddr = 0; 3619 } 3620 3621 static int vnc_display_get_addresses(QemuOpts *opts, 3622 bool reverse, 3623 SocketAddress ***retsaddr, 3624 size_t *retnsaddr, 3625 SocketAddress ***retwsaddr, 3626 size_t *retnwsaddr, 3627 Error **errp) 3628 { 3629 SocketAddress *saddr = NULL; 3630 SocketAddress *wsaddr = NULL; 3631 QemuOptsIter addriter; 3632 const char *addr; 3633 int to = qemu_opt_get_number(opts, "to", 0); 3634 bool has_ipv4 = qemu_opt_get(opts, "ipv4"); 3635 bool has_ipv6 = qemu_opt_get(opts, "ipv6"); 3636 bool ipv4 = qemu_opt_get_bool(opts, "ipv4", false); 3637 bool ipv6 = qemu_opt_get_bool(opts, "ipv6", false); 3638 int displaynum = -1; 3639 int ret = -1; 3640 3641 *retsaddr = NULL; 3642 *retnsaddr = 0; 3643 *retwsaddr = NULL; 3644 *retnwsaddr = 0; 3645 3646 addr = qemu_opt_get(opts, "vnc"); 3647 if (addr == NULL || g_str_equal(addr, "none")) { 3648 ret = 0; 3649 goto cleanup; 3650 } 3651 if (qemu_opt_get(opts, "websocket") && 3652 !qcrypto_hash_supports(QCRYPTO_HASH_ALG_SHA1)) { 3653 error_setg(errp, 3654 "SHA1 hash support is required for websockets"); 3655 goto cleanup; 3656 } 3657 3658 qemu_opt_iter_init(&addriter, opts, "vnc"); 3659 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) { 3660 int rv; 3661 rv = vnc_display_get_address(addr, false, reverse, 0, to, 3662 has_ipv4, has_ipv6, 3663 ipv4, ipv6, 3664 &saddr, errp); 3665 if (rv < 0) { 3666 goto cleanup; 3667 } 3668 /* Historical compat - first listen address can be used 3669 * to set the default websocket port 3670 */ 3671 if (displaynum == -1) { 3672 displaynum = rv; 3673 } 3674 *retsaddr = g_renew(SocketAddress *, *retsaddr, *retnsaddr + 1); 3675 (*retsaddr)[(*retnsaddr)++] = saddr; 3676 } 3677 3678 /* If we had multiple primary displays, we don't do defaults 3679 * for websocket, and require explicit config instead. */ 3680 if (*retnsaddr > 1) { 3681 displaynum = -1; 3682 } 3683 3684 qemu_opt_iter_init(&addriter, opts, "websocket"); 3685 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) { 3686 if (vnc_display_get_address(addr, true, reverse, displaynum, to, 3687 has_ipv4, has_ipv6, 3688 ipv4, ipv6, 3689 &wsaddr, errp) < 0) { 3690 goto cleanup; 3691 } 3692 3693 /* Historical compat - if only a single listen address was 3694 * provided, then this is used to set the default listen 3695 * address for websocket too 3696 */ 3697 if (*retnsaddr == 1 && 3698 (*retsaddr)[0]->type == SOCKET_ADDRESS_TYPE_INET && 3699 wsaddr->type == SOCKET_ADDRESS_TYPE_INET && 3700 g_str_equal(wsaddr->u.inet.host, "") && 3701 !g_str_equal((*retsaddr)[0]->u.inet.host, "")) { 3702 g_free(wsaddr->u.inet.host); 3703 wsaddr->u.inet.host = g_strdup((*retsaddr)[0]->u.inet.host); 3704 } 3705 3706 *retwsaddr = g_renew(SocketAddress *, *retwsaddr, *retnwsaddr + 1); 3707 (*retwsaddr)[(*retnwsaddr)++] = wsaddr; 3708 } 3709 3710 ret = 0; 3711 cleanup: 3712 if (ret < 0) { 3713 vnc_free_addresses(retsaddr, retnsaddr); 3714 vnc_free_addresses(retwsaddr, retnwsaddr); 3715 } 3716 return ret; 3717 } 3718 3719 static int vnc_display_connect(VncDisplay *vd, 3720 SocketAddress **saddr, 3721 size_t nsaddr, 3722 SocketAddress **wsaddr, 3723 size_t nwsaddr, 3724 Error **errp) 3725 { 3726 /* connect to viewer */ 3727 QIOChannelSocket *sioc = NULL; 3728 if (nwsaddr != 0) { 3729 error_setg(errp, "Cannot use websockets in reverse mode"); 3730 return -1; 3731 } 3732 if (nsaddr != 1) { 3733 error_setg(errp, "Expected a single address in reverse mode"); 3734 return -1; 3735 } 3736 /* TODO SOCKET_ADDRESS_TYPE_FD when fd has AF_UNIX */ 3737 vd->is_unix = saddr[0]->type == SOCKET_ADDRESS_TYPE_UNIX; 3738 sioc = qio_channel_socket_new(); 3739 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-reverse"); 3740 if (qio_channel_socket_connect_sync(sioc, saddr[0], errp) < 0) { 3741 return -1; 3742 } 3743 vnc_connect(vd, sioc, false, false); 3744 object_unref(OBJECT(sioc)); 3745 return 0; 3746 } 3747 3748 3749 static int vnc_display_listen(VncDisplay *vd, 3750 SocketAddress **saddr, 3751 size_t nsaddr, 3752 SocketAddress **wsaddr, 3753 size_t nwsaddr, 3754 Error **errp) 3755 { 3756 size_t i; 3757 3758 if (nsaddr) { 3759 vd->listener = qio_net_listener_new(); 3760 qio_net_listener_set_name(vd->listener, "vnc-listen"); 3761 for (i = 0; i < nsaddr; i++) { 3762 if (qio_net_listener_open_sync(vd->listener, 3763 saddr[i], 3764 errp) < 0) { 3765 return -1; 3766 } 3767 } 3768 3769 qio_net_listener_set_client_func(vd->listener, 3770 vnc_listen_io, vd, NULL); 3771 } 3772 3773 if (nwsaddr) { 3774 vd->wslistener = qio_net_listener_new(); 3775 qio_net_listener_set_name(vd->wslistener, "vnc-ws-listen"); 3776 for (i = 0; i < nwsaddr; i++) { 3777 if (qio_net_listener_open_sync(vd->wslistener, 3778 wsaddr[i], 3779 errp) < 0) { 3780 return -1; 3781 } 3782 } 3783 3784 qio_net_listener_set_client_func(vd->wslistener, 3785 vnc_listen_io, vd, NULL); 3786 } 3787 3788 return 0; 3789 } 3790 3791 3792 void vnc_display_open(const char *id, Error **errp) 3793 { 3794 VncDisplay *vd = vnc_display_find(id); 3795 QemuOpts *opts = qemu_opts_find(&qemu_vnc_opts, id); 3796 SocketAddress **saddr = NULL, **wsaddr = NULL; 3797 size_t nsaddr, nwsaddr; 3798 const char *share, *device_id; 3799 QemuConsole *con; 3800 bool password = false; 3801 bool reverse = false; 3802 const char *credid; 3803 bool sasl = false; 3804 int acl = 0; 3805 const char *tlsauthz; 3806 const char *saslauthz; 3807 int lock_key_sync = 1; 3808 int key_delay_ms; 3809 3810 if (!vd) { 3811 error_setg(errp, "VNC display not active"); 3812 return; 3813 } 3814 vnc_display_close(vd); 3815 3816 if (!opts) { 3817 return; 3818 } 3819 3820 reverse = qemu_opt_get_bool(opts, "reverse", false); 3821 if (vnc_display_get_addresses(opts, reverse, &saddr, &nsaddr, 3822 &wsaddr, &nwsaddr, errp) < 0) { 3823 goto fail; 3824 } 3825 3826 password = qemu_opt_get_bool(opts, "password", false); 3827 if (password) { 3828 if (fips_get_state()) { 3829 error_setg(errp, 3830 "VNC password auth disabled due to FIPS mode, " 3831 "consider using the VeNCrypt or SASL authentication " 3832 "methods as an alternative"); 3833 goto fail; 3834 } 3835 if (!qcrypto_cipher_supports( 3836 QCRYPTO_CIPHER_ALG_DES_RFB, QCRYPTO_CIPHER_MODE_ECB)) { 3837 error_setg(errp, 3838 "Cipher backend does not support DES RFB algorithm"); 3839 goto fail; 3840 } 3841 } 3842 3843 lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true); 3844 key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 10); 3845 sasl = qemu_opt_get_bool(opts, "sasl", false); 3846 #ifndef CONFIG_VNC_SASL 3847 if (sasl) { 3848 error_setg(errp, "VNC SASL auth requires cyrus-sasl support"); 3849 goto fail; 3850 } 3851 #endif /* CONFIG_VNC_SASL */ 3852 credid = qemu_opt_get(opts, "tls-creds"); 3853 if (credid) { 3854 Object *creds; 3855 creds = object_resolve_path_component( 3856 object_get_objects_root(), credid); 3857 if (!creds) { 3858 error_setg(errp, "No TLS credentials with id '%s'", 3859 credid); 3860 goto fail; 3861 } 3862 vd->tlscreds = (QCryptoTLSCreds *) 3863 object_dynamic_cast(creds, 3864 TYPE_QCRYPTO_TLS_CREDS); 3865 if (!vd->tlscreds) { 3866 error_setg(errp, "Object with id '%s' is not TLS credentials", 3867 credid); 3868 goto fail; 3869 } 3870 object_ref(OBJECT(vd->tlscreds)); 3871 3872 if (vd->tlscreds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) { 3873 error_setg(errp, 3874 "Expecting TLS credentials with a server endpoint"); 3875 goto fail; 3876 } 3877 } 3878 if (qemu_opt_get(opts, "acl")) { 3879 error_report("The 'acl' option to -vnc is deprecated. " 3880 "Please use the 'tls-authz' and 'sasl-authz' " 3881 "options instead"); 3882 } 3883 acl = qemu_opt_get_bool(opts, "acl", false); 3884 tlsauthz = qemu_opt_get(opts, "tls-authz"); 3885 if (acl && tlsauthz) { 3886 error_setg(errp, "'acl' option is mutually exclusive with the " 3887 "'tls-authz' option"); 3888 goto fail; 3889 } 3890 if (tlsauthz && !vd->tlscreds) { 3891 error_setg(errp, "'tls-authz' provided but TLS is not enabled"); 3892 goto fail; 3893 } 3894 3895 saslauthz = qemu_opt_get(opts, "sasl-authz"); 3896 if (acl && saslauthz) { 3897 error_setg(errp, "'acl' option is mutually exclusive with the " 3898 "'sasl-authz' option"); 3899 goto fail; 3900 } 3901 if (saslauthz && !sasl) { 3902 error_setg(errp, "'sasl-authz' provided but SASL auth is not enabled"); 3903 goto fail; 3904 } 3905 3906 share = qemu_opt_get(opts, "share"); 3907 if (share) { 3908 if (strcmp(share, "ignore") == 0) { 3909 vd->share_policy = VNC_SHARE_POLICY_IGNORE; 3910 } else if (strcmp(share, "allow-exclusive") == 0) { 3911 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 3912 } else if (strcmp(share, "force-shared") == 0) { 3913 vd->share_policy = VNC_SHARE_POLICY_FORCE_SHARED; 3914 } else { 3915 error_setg(errp, "unknown vnc share= option"); 3916 goto fail; 3917 } 3918 } else { 3919 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 3920 } 3921 vd->connections_limit = qemu_opt_get_number(opts, "connections", 32); 3922 3923 #ifdef CONFIG_VNC_JPEG 3924 vd->lossy = qemu_opt_get_bool(opts, "lossy", false); 3925 #endif 3926 vd->non_adaptive = qemu_opt_get_bool(opts, "non-adaptive", false); 3927 /* adaptive updates are only used with tight encoding and 3928 * if lossy updates are enabled so we can disable all the 3929 * calculations otherwise */ 3930 if (!vd->lossy) { 3931 vd->non_adaptive = true; 3932 } 3933 3934 if (tlsauthz) { 3935 vd->tlsauthzid = g_strdup(tlsauthz); 3936 } else if (acl) { 3937 if (strcmp(vd->id, "default") == 0) { 3938 vd->tlsauthzid = g_strdup("vnc.x509dname"); 3939 } else { 3940 vd->tlsauthzid = g_strdup_printf("vnc.%s.x509dname", vd->id); 3941 } 3942 vd->tlsauthz = QAUTHZ(qauthz_list_new(vd->tlsauthzid, 3943 QAUTHZ_LIST_POLICY_DENY, 3944 &error_abort)); 3945 } 3946 #ifdef CONFIG_VNC_SASL 3947 if (sasl) { 3948 if (saslauthz) { 3949 vd->sasl.authzid = g_strdup(saslauthz); 3950 } else if (acl) { 3951 if (strcmp(vd->id, "default") == 0) { 3952 vd->sasl.authzid = g_strdup("vnc.username"); 3953 } else { 3954 vd->sasl.authzid = g_strdup_printf("vnc.%s.username", vd->id); 3955 } 3956 vd->sasl.authz = QAUTHZ(qauthz_list_new(vd->sasl.authzid, 3957 QAUTHZ_LIST_POLICY_DENY, 3958 &error_abort)); 3959 } 3960 } 3961 #endif 3962 3963 if (vnc_display_setup_auth(&vd->auth, &vd->subauth, 3964 vd->tlscreds, password, 3965 sasl, false, errp) < 0) { 3966 goto fail; 3967 } 3968 trace_vnc_auth_init(vd, 0, vd->auth, vd->subauth); 3969 3970 if (vnc_display_setup_auth(&vd->ws_auth, &vd->ws_subauth, 3971 vd->tlscreds, password, 3972 sasl, true, errp) < 0) { 3973 goto fail; 3974 } 3975 trace_vnc_auth_init(vd, 1, vd->ws_auth, vd->ws_subauth); 3976 3977 #ifdef CONFIG_VNC_SASL 3978 if (sasl) { 3979 int saslErr = sasl_server_init(NULL, "qemu"); 3980 3981 if (saslErr != SASL_OK) { 3982 error_setg(errp, "Failed to initialize SASL auth: %s", 3983 sasl_errstring(saslErr, NULL, NULL)); 3984 goto fail; 3985 } 3986 } 3987 #endif 3988 vd->lock_key_sync = lock_key_sync; 3989 if (lock_key_sync) { 3990 vd->led = qemu_add_led_event_handler(kbd_leds, vd); 3991 } 3992 vd->ledstate = 0; 3993 3994 device_id = qemu_opt_get(opts, "display"); 3995 if (device_id) { 3996 int head = qemu_opt_get_number(opts, "head", 0); 3997 Error *err = NULL; 3998 3999 con = qemu_console_lookup_by_device_name(device_id, head, &err); 4000 if (err) { 4001 error_propagate(errp, err); 4002 goto fail; 4003 } 4004 } else { 4005 con = NULL; 4006 } 4007 4008 if (con != vd->dcl.con) { 4009 qkbd_state_free(vd->kbd); 4010 unregister_displaychangelistener(&vd->dcl); 4011 vd->dcl.con = con; 4012 register_displaychangelistener(&vd->dcl); 4013 vd->kbd = qkbd_state_init(vd->dcl.con); 4014 } 4015 qkbd_state_set_delay(vd->kbd, key_delay_ms); 4016 4017 if (saddr == NULL) { 4018 goto cleanup; 4019 } 4020 4021 if (reverse) { 4022 if (vnc_display_connect(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) { 4023 goto fail; 4024 } 4025 } else { 4026 if (vnc_display_listen(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) { 4027 goto fail; 4028 } 4029 } 4030 4031 if (qemu_opt_get(opts, "to")) { 4032 vnc_display_print_local_addr(vd); 4033 } 4034 4035 cleanup: 4036 vnc_free_addresses(&saddr, &nsaddr); 4037 vnc_free_addresses(&wsaddr, &nwsaddr); 4038 return; 4039 4040 fail: 4041 vnc_display_close(vd); 4042 goto cleanup; 4043 } 4044 4045 void vnc_display_add_client(const char *id, int csock, bool skipauth) 4046 { 4047 VncDisplay *vd = vnc_display_find(id); 4048 QIOChannelSocket *sioc; 4049 4050 if (!vd) { 4051 return; 4052 } 4053 4054 sioc = qio_channel_socket_new_fd(csock, NULL); 4055 if (sioc) { 4056 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-server"); 4057 vnc_connect(vd, sioc, skipauth, false); 4058 object_unref(OBJECT(sioc)); 4059 } 4060 } 4061 4062 static void vnc_auto_assign_id(QemuOptsList *olist, QemuOpts *opts) 4063 { 4064 int i = 2; 4065 char *id; 4066 4067 id = g_strdup("default"); 4068 while (qemu_opts_find(olist, id)) { 4069 g_free(id); 4070 id = g_strdup_printf("vnc%d", i++); 4071 } 4072 qemu_opts_set_id(opts, id); 4073 } 4074 4075 QemuOpts *vnc_parse(const char *str, Error **errp) 4076 { 4077 QemuOptsList *olist = qemu_find_opts("vnc"); 4078 QemuOpts *opts = qemu_opts_parse(olist, str, true, errp); 4079 const char *id; 4080 4081 if (!opts) { 4082 return NULL; 4083 } 4084 4085 id = qemu_opts_id(opts); 4086 if (!id) { 4087 /* auto-assign id if not present */ 4088 vnc_auto_assign_id(olist, opts); 4089 } 4090 return opts; 4091 } 4092 4093 int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp) 4094 { 4095 Error *local_err = NULL; 4096 char *id = (char *)qemu_opts_id(opts); 4097 4098 assert(id); 4099 vnc_display_init(id, &local_err); 4100 if (local_err) { 4101 error_propagate(errp, local_err); 4102 return -1; 4103 } 4104 vnc_display_open(id, &local_err); 4105 if (local_err != NULL) { 4106 error_propagate(errp, local_err); 4107 return -1; 4108 } 4109 return 0; 4110 } 4111 4112 static void vnc_register_config(void) 4113 { 4114 qemu_add_opts(&qemu_vnc_opts); 4115 } 4116 opts_init(vnc_register_config); 4117