1 /* 2 * QEMU VNC display driver 3 * 4 * Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws> 5 * Copyright (C) 2006 Fabrice Bellard 6 * Copyright (C) 2009 Red Hat, Inc 7 * 8 * Permission is hereby granted, free of charge, to any person obtaining a copy 9 * of this software and associated documentation files (the "Software"), to deal 10 * in the Software without restriction, including without limitation the rights 11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 12 * copies of the Software, and to permit persons to whom the Software is 13 * furnished to do so, subject to the following conditions: 14 * 15 * The above copyright notice and this permission notice shall be included in 16 * all copies or substantial portions of the Software. 17 * 18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 21 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 24 * THE SOFTWARE. 25 */ 26 27 #include "qemu/osdep.h" 28 #include "vnc.h" 29 #include "vnc-jobs.h" 30 #include "trace.h" 31 #include "sysemu/sysemu.h" 32 #include "qemu/error-report.h" 33 #include "qemu/option.h" 34 #include "qemu/sockets.h" 35 #include "qemu/timer.h" 36 #include "authz/list.h" 37 #include "qemu/config-file.h" 38 #include "qapi/qapi-emit-events.h" 39 #include "qapi/qapi-events-ui.h" 40 #include "qapi/error.h" 41 #include "qapi/qapi-commands-ui.h" 42 #include "ui/input.h" 43 #include "crypto/hash.h" 44 #include "crypto/tlscredsanon.h" 45 #include "crypto/tlscredsx509.h" 46 #include "crypto/random.h" 47 #include "qom/object_interfaces.h" 48 #include "qemu/cutils.h" 49 #include "io/dns-resolver.h" 50 51 #define VNC_REFRESH_INTERVAL_BASE GUI_REFRESH_INTERVAL_DEFAULT 52 #define VNC_REFRESH_INTERVAL_INC 50 53 #define VNC_REFRESH_INTERVAL_MAX GUI_REFRESH_INTERVAL_IDLE 54 static const struct timeval VNC_REFRESH_STATS = { 0, 500000 }; 55 static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 }; 56 57 #include "vnc_keysym.h" 58 #include "crypto/cipher.h" 59 60 static QTAILQ_HEAD(, VncDisplay) vnc_displays = 61 QTAILQ_HEAD_INITIALIZER(vnc_displays); 62 63 static int vnc_cursor_define(VncState *vs); 64 static void vnc_update_throttle_offset(VncState *vs); 65 66 static void vnc_set_share_mode(VncState *vs, VncShareMode mode) 67 { 68 #ifdef _VNC_DEBUG 69 static const char *mn[] = { 70 [0] = "undefined", 71 [VNC_SHARE_MODE_CONNECTING] = "connecting", 72 [VNC_SHARE_MODE_SHARED] = "shared", 73 [VNC_SHARE_MODE_EXCLUSIVE] = "exclusive", 74 [VNC_SHARE_MODE_DISCONNECTED] = "disconnected", 75 }; 76 fprintf(stderr, "%s/%p: %s -> %s\n", __func__, 77 vs->ioc, mn[vs->share_mode], mn[mode]); 78 #endif 79 80 switch (vs->share_mode) { 81 case VNC_SHARE_MODE_CONNECTING: 82 vs->vd->num_connecting--; 83 break; 84 case VNC_SHARE_MODE_SHARED: 85 vs->vd->num_shared--; 86 break; 87 case VNC_SHARE_MODE_EXCLUSIVE: 88 vs->vd->num_exclusive--; 89 break; 90 default: 91 break; 92 } 93 94 vs->share_mode = mode; 95 96 switch (vs->share_mode) { 97 case VNC_SHARE_MODE_CONNECTING: 98 vs->vd->num_connecting++; 99 break; 100 case VNC_SHARE_MODE_SHARED: 101 vs->vd->num_shared++; 102 break; 103 case VNC_SHARE_MODE_EXCLUSIVE: 104 vs->vd->num_exclusive++; 105 break; 106 default: 107 break; 108 } 109 } 110 111 112 static void vnc_init_basic_info(SocketAddress *addr, 113 VncBasicInfo *info, 114 Error **errp) 115 { 116 switch (addr->type) { 117 case SOCKET_ADDRESS_TYPE_INET: 118 info->host = g_strdup(addr->u.inet.host); 119 info->service = g_strdup(addr->u.inet.port); 120 if (addr->u.inet.ipv6) { 121 info->family = NETWORK_ADDRESS_FAMILY_IPV6; 122 } else { 123 info->family = NETWORK_ADDRESS_FAMILY_IPV4; 124 } 125 break; 126 127 case SOCKET_ADDRESS_TYPE_UNIX: 128 info->host = g_strdup(""); 129 info->service = g_strdup(addr->u.q_unix.path); 130 info->family = NETWORK_ADDRESS_FAMILY_UNIX; 131 break; 132 133 case SOCKET_ADDRESS_TYPE_VSOCK: 134 case SOCKET_ADDRESS_TYPE_FD: 135 error_setg(errp, "Unsupported socket address type %s", 136 SocketAddressType_str(addr->type)); 137 break; 138 default: 139 abort(); 140 } 141 142 return; 143 } 144 145 static void vnc_init_basic_info_from_server_addr(QIOChannelSocket *ioc, 146 VncBasicInfo *info, 147 Error **errp) 148 { 149 SocketAddress *addr = NULL; 150 151 if (!ioc) { 152 error_setg(errp, "No listener socket available"); 153 return; 154 } 155 156 addr = qio_channel_socket_get_local_address(ioc, errp); 157 if (!addr) { 158 return; 159 } 160 161 vnc_init_basic_info(addr, info, errp); 162 qapi_free_SocketAddress(addr); 163 } 164 165 static void vnc_init_basic_info_from_remote_addr(QIOChannelSocket *ioc, 166 VncBasicInfo *info, 167 Error **errp) 168 { 169 SocketAddress *addr = NULL; 170 171 addr = qio_channel_socket_get_remote_address(ioc, errp); 172 if (!addr) { 173 return; 174 } 175 176 vnc_init_basic_info(addr, info, errp); 177 qapi_free_SocketAddress(addr); 178 } 179 180 static const char *vnc_auth_name(VncDisplay *vd) { 181 switch (vd->auth) { 182 case VNC_AUTH_INVALID: 183 return "invalid"; 184 case VNC_AUTH_NONE: 185 return "none"; 186 case VNC_AUTH_VNC: 187 return "vnc"; 188 case VNC_AUTH_RA2: 189 return "ra2"; 190 case VNC_AUTH_RA2NE: 191 return "ra2ne"; 192 case VNC_AUTH_TIGHT: 193 return "tight"; 194 case VNC_AUTH_ULTRA: 195 return "ultra"; 196 case VNC_AUTH_TLS: 197 return "tls"; 198 case VNC_AUTH_VENCRYPT: 199 switch (vd->subauth) { 200 case VNC_AUTH_VENCRYPT_PLAIN: 201 return "vencrypt+plain"; 202 case VNC_AUTH_VENCRYPT_TLSNONE: 203 return "vencrypt+tls+none"; 204 case VNC_AUTH_VENCRYPT_TLSVNC: 205 return "vencrypt+tls+vnc"; 206 case VNC_AUTH_VENCRYPT_TLSPLAIN: 207 return "vencrypt+tls+plain"; 208 case VNC_AUTH_VENCRYPT_X509NONE: 209 return "vencrypt+x509+none"; 210 case VNC_AUTH_VENCRYPT_X509VNC: 211 return "vencrypt+x509+vnc"; 212 case VNC_AUTH_VENCRYPT_X509PLAIN: 213 return "vencrypt+x509+plain"; 214 case VNC_AUTH_VENCRYPT_TLSSASL: 215 return "vencrypt+tls+sasl"; 216 case VNC_AUTH_VENCRYPT_X509SASL: 217 return "vencrypt+x509+sasl"; 218 default: 219 return "vencrypt"; 220 } 221 case VNC_AUTH_SASL: 222 return "sasl"; 223 } 224 return "unknown"; 225 } 226 227 static VncServerInfo *vnc_server_info_get(VncDisplay *vd) 228 { 229 VncServerInfo *info; 230 Error *err = NULL; 231 232 if (!vd->listener || !vd->listener->nsioc) { 233 return NULL; 234 } 235 236 info = g_malloc0(sizeof(*info)); 237 vnc_init_basic_info_from_server_addr(vd->listener->sioc[0], 238 qapi_VncServerInfo_base(info), &err); 239 info->has_auth = true; 240 info->auth = g_strdup(vnc_auth_name(vd)); 241 if (err) { 242 qapi_free_VncServerInfo(info); 243 info = NULL; 244 error_free(err); 245 } 246 return info; 247 } 248 249 static void vnc_client_cache_auth(VncState *client) 250 { 251 if (!client->info) { 252 return; 253 } 254 255 if (client->tls) { 256 client->info->x509_dname = 257 qcrypto_tls_session_get_peer_name(client->tls); 258 client->info->has_x509_dname = 259 client->info->x509_dname != NULL; 260 } 261 #ifdef CONFIG_VNC_SASL 262 if (client->sasl.conn && 263 client->sasl.username) { 264 client->info->has_sasl_username = true; 265 client->info->sasl_username = g_strdup(client->sasl.username); 266 } 267 #endif 268 } 269 270 static void vnc_client_cache_addr(VncState *client) 271 { 272 Error *err = NULL; 273 274 client->info = g_malloc0(sizeof(*client->info)); 275 vnc_init_basic_info_from_remote_addr(client->sioc, 276 qapi_VncClientInfo_base(client->info), 277 &err); 278 if (err) { 279 qapi_free_VncClientInfo(client->info); 280 client->info = NULL; 281 error_free(err); 282 } 283 } 284 285 static void vnc_qmp_event(VncState *vs, QAPIEvent event) 286 { 287 VncServerInfo *si; 288 289 if (!vs->info) { 290 return; 291 } 292 293 si = vnc_server_info_get(vs->vd); 294 if (!si) { 295 return; 296 } 297 298 switch (event) { 299 case QAPI_EVENT_VNC_CONNECTED: 300 qapi_event_send_vnc_connected(si, qapi_VncClientInfo_base(vs->info)); 301 break; 302 case QAPI_EVENT_VNC_INITIALIZED: 303 qapi_event_send_vnc_initialized(si, vs->info); 304 break; 305 case QAPI_EVENT_VNC_DISCONNECTED: 306 qapi_event_send_vnc_disconnected(si, vs->info); 307 break; 308 default: 309 break; 310 } 311 312 qapi_free_VncServerInfo(si); 313 } 314 315 static VncClientInfo *qmp_query_vnc_client(const VncState *client) 316 { 317 VncClientInfo *info; 318 Error *err = NULL; 319 320 info = g_malloc0(sizeof(*info)); 321 322 vnc_init_basic_info_from_remote_addr(client->sioc, 323 qapi_VncClientInfo_base(info), 324 &err); 325 if (err) { 326 error_free(err); 327 qapi_free_VncClientInfo(info); 328 return NULL; 329 } 330 331 info->websocket = client->websocket; 332 333 if (client->tls) { 334 info->x509_dname = qcrypto_tls_session_get_peer_name(client->tls); 335 info->has_x509_dname = info->x509_dname != NULL; 336 } 337 #ifdef CONFIG_VNC_SASL 338 if (client->sasl.conn && client->sasl.username) { 339 info->has_sasl_username = true; 340 info->sasl_username = g_strdup(client->sasl.username); 341 } 342 #endif 343 344 return info; 345 } 346 347 static VncDisplay *vnc_display_find(const char *id) 348 { 349 VncDisplay *vd; 350 351 if (id == NULL) { 352 return QTAILQ_FIRST(&vnc_displays); 353 } 354 QTAILQ_FOREACH(vd, &vnc_displays, next) { 355 if (strcmp(id, vd->id) == 0) { 356 return vd; 357 } 358 } 359 return NULL; 360 } 361 362 static VncClientInfoList *qmp_query_client_list(VncDisplay *vd) 363 { 364 VncClientInfoList *cinfo, *prev = NULL; 365 VncState *client; 366 367 QTAILQ_FOREACH(client, &vd->clients, next) { 368 cinfo = g_new0(VncClientInfoList, 1); 369 cinfo->value = qmp_query_vnc_client(client); 370 cinfo->next = prev; 371 prev = cinfo; 372 } 373 return prev; 374 } 375 376 VncInfo *qmp_query_vnc(Error **errp) 377 { 378 VncInfo *info = g_malloc0(sizeof(*info)); 379 VncDisplay *vd = vnc_display_find(NULL); 380 SocketAddress *addr = NULL; 381 382 if (vd == NULL || !vd->listener || !vd->listener->nsioc) { 383 info->enabled = false; 384 } else { 385 info->enabled = true; 386 387 /* for compatibility with the original command */ 388 info->has_clients = true; 389 info->clients = qmp_query_client_list(vd); 390 391 addr = qio_channel_socket_get_local_address(vd->listener->sioc[0], 392 errp); 393 if (!addr) { 394 goto out_error; 395 } 396 397 switch (addr->type) { 398 case SOCKET_ADDRESS_TYPE_INET: 399 info->host = g_strdup(addr->u.inet.host); 400 info->service = g_strdup(addr->u.inet.port); 401 if (addr->u.inet.ipv6) { 402 info->family = NETWORK_ADDRESS_FAMILY_IPV6; 403 } else { 404 info->family = NETWORK_ADDRESS_FAMILY_IPV4; 405 } 406 break; 407 408 case SOCKET_ADDRESS_TYPE_UNIX: 409 info->host = g_strdup(""); 410 info->service = g_strdup(addr->u.q_unix.path); 411 info->family = NETWORK_ADDRESS_FAMILY_UNIX; 412 break; 413 414 case SOCKET_ADDRESS_TYPE_VSOCK: 415 case SOCKET_ADDRESS_TYPE_FD: 416 error_setg(errp, "Unsupported socket address type %s", 417 SocketAddressType_str(addr->type)); 418 goto out_error; 419 default: 420 abort(); 421 } 422 423 info->has_host = true; 424 info->has_service = true; 425 info->has_family = true; 426 427 info->has_auth = true; 428 info->auth = g_strdup(vnc_auth_name(vd)); 429 } 430 431 qapi_free_SocketAddress(addr); 432 return info; 433 434 out_error: 435 qapi_free_SocketAddress(addr); 436 qapi_free_VncInfo(info); 437 return NULL; 438 } 439 440 441 static void qmp_query_auth(int auth, int subauth, 442 VncPrimaryAuth *qmp_auth, 443 VncVencryptSubAuth *qmp_vencrypt, 444 bool *qmp_has_vencrypt); 445 446 static VncServerInfo2List *qmp_query_server_entry(QIOChannelSocket *ioc, 447 bool websocket, 448 int auth, 449 int subauth, 450 VncServerInfo2List *prev) 451 { 452 VncServerInfo2List *list; 453 VncServerInfo2 *info; 454 Error *err = NULL; 455 SocketAddress *addr; 456 457 addr = qio_channel_socket_get_local_address(ioc, &err); 458 if (!addr) { 459 error_free(err); 460 return prev; 461 } 462 463 info = g_new0(VncServerInfo2, 1); 464 vnc_init_basic_info(addr, qapi_VncServerInfo2_base(info), &err); 465 qapi_free_SocketAddress(addr); 466 if (err) { 467 qapi_free_VncServerInfo2(info); 468 error_free(err); 469 return prev; 470 } 471 info->websocket = websocket; 472 473 qmp_query_auth(auth, subauth, &info->auth, 474 &info->vencrypt, &info->has_vencrypt); 475 476 list = g_new0(VncServerInfo2List, 1); 477 list->value = info; 478 list->next = prev; 479 return list; 480 } 481 482 static void qmp_query_auth(int auth, int subauth, 483 VncPrimaryAuth *qmp_auth, 484 VncVencryptSubAuth *qmp_vencrypt, 485 bool *qmp_has_vencrypt) 486 { 487 switch (auth) { 488 case VNC_AUTH_VNC: 489 *qmp_auth = VNC_PRIMARY_AUTH_VNC; 490 break; 491 case VNC_AUTH_RA2: 492 *qmp_auth = VNC_PRIMARY_AUTH_RA2; 493 break; 494 case VNC_AUTH_RA2NE: 495 *qmp_auth = VNC_PRIMARY_AUTH_RA2NE; 496 break; 497 case VNC_AUTH_TIGHT: 498 *qmp_auth = VNC_PRIMARY_AUTH_TIGHT; 499 break; 500 case VNC_AUTH_ULTRA: 501 *qmp_auth = VNC_PRIMARY_AUTH_ULTRA; 502 break; 503 case VNC_AUTH_TLS: 504 *qmp_auth = VNC_PRIMARY_AUTH_TLS; 505 break; 506 case VNC_AUTH_VENCRYPT: 507 *qmp_auth = VNC_PRIMARY_AUTH_VENCRYPT; 508 *qmp_has_vencrypt = true; 509 switch (subauth) { 510 case VNC_AUTH_VENCRYPT_PLAIN: 511 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_PLAIN; 512 break; 513 case VNC_AUTH_VENCRYPT_TLSNONE: 514 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_NONE; 515 break; 516 case VNC_AUTH_VENCRYPT_TLSVNC: 517 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_VNC; 518 break; 519 case VNC_AUTH_VENCRYPT_TLSPLAIN: 520 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_PLAIN; 521 break; 522 case VNC_AUTH_VENCRYPT_X509NONE: 523 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_NONE; 524 break; 525 case VNC_AUTH_VENCRYPT_X509VNC: 526 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_VNC; 527 break; 528 case VNC_AUTH_VENCRYPT_X509PLAIN: 529 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_PLAIN; 530 break; 531 case VNC_AUTH_VENCRYPT_TLSSASL: 532 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_SASL; 533 break; 534 case VNC_AUTH_VENCRYPT_X509SASL: 535 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_SASL; 536 break; 537 default: 538 *qmp_has_vencrypt = false; 539 break; 540 } 541 break; 542 case VNC_AUTH_SASL: 543 *qmp_auth = VNC_PRIMARY_AUTH_SASL; 544 break; 545 case VNC_AUTH_NONE: 546 default: 547 *qmp_auth = VNC_PRIMARY_AUTH_NONE; 548 break; 549 } 550 } 551 552 VncInfo2List *qmp_query_vnc_servers(Error **errp) 553 { 554 VncInfo2List *item, *prev = NULL; 555 VncInfo2 *info; 556 VncDisplay *vd; 557 DeviceState *dev; 558 size_t i; 559 560 QTAILQ_FOREACH(vd, &vnc_displays, next) { 561 info = g_new0(VncInfo2, 1); 562 info->id = g_strdup(vd->id); 563 info->clients = qmp_query_client_list(vd); 564 qmp_query_auth(vd->auth, vd->subauth, &info->auth, 565 &info->vencrypt, &info->has_vencrypt); 566 if (vd->dcl.con) { 567 dev = DEVICE(object_property_get_link(OBJECT(vd->dcl.con), 568 "device", NULL)); 569 info->has_display = true; 570 info->display = g_strdup(dev->id); 571 } 572 for (i = 0; vd->listener != NULL && i < vd->listener->nsioc; i++) { 573 info->server = qmp_query_server_entry( 574 vd->listener->sioc[i], false, vd->auth, vd->subauth, 575 info->server); 576 } 577 for (i = 0; vd->wslistener != NULL && i < vd->wslistener->nsioc; i++) { 578 info->server = qmp_query_server_entry( 579 vd->wslistener->sioc[i], true, vd->ws_auth, 580 vd->ws_subauth, info->server); 581 } 582 583 item = g_new0(VncInfo2List, 1); 584 item->value = info; 585 item->next = prev; 586 prev = item; 587 } 588 return prev; 589 } 590 591 /* TODO 592 1) Get the queue working for IO. 593 2) there is some weirdness when using the -S option (the screen is grey 594 and not totally invalidated 595 3) resolutions > 1024 596 */ 597 598 static int vnc_update_client(VncState *vs, int has_dirty); 599 static void vnc_disconnect_start(VncState *vs); 600 601 static void vnc_colordepth(VncState *vs); 602 static void framebuffer_update_request(VncState *vs, int incremental, 603 int x_position, int y_position, 604 int w, int h); 605 static void vnc_refresh(DisplayChangeListener *dcl); 606 static int vnc_refresh_server_surface(VncDisplay *vd); 607 608 static int vnc_width(VncDisplay *vd) 609 { 610 return MIN(VNC_MAX_WIDTH, ROUND_UP(surface_width(vd->ds), 611 VNC_DIRTY_PIXELS_PER_BIT)); 612 } 613 614 static int vnc_height(VncDisplay *vd) 615 { 616 return MIN(VNC_MAX_HEIGHT, surface_height(vd->ds)); 617 } 618 619 static void vnc_set_area_dirty(DECLARE_BITMAP(dirty[VNC_MAX_HEIGHT], 620 VNC_MAX_WIDTH / VNC_DIRTY_PIXELS_PER_BIT), 621 VncDisplay *vd, 622 int x, int y, int w, int h) 623 { 624 int width = vnc_width(vd); 625 int height = vnc_height(vd); 626 627 /* this is needed this to ensure we updated all affected 628 * blocks if x % VNC_DIRTY_PIXELS_PER_BIT != 0 */ 629 w += (x % VNC_DIRTY_PIXELS_PER_BIT); 630 x -= (x % VNC_DIRTY_PIXELS_PER_BIT); 631 632 x = MIN(x, width); 633 y = MIN(y, height); 634 w = MIN(x + w, width) - x; 635 h = MIN(y + h, height); 636 637 for (; y < h; y++) { 638 bitmap_set(dirty[y], x / VNC_DIRTY_PIXELS_PER_BIT, 639 DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT)); 640 } 641 } 642 643 static void vnc_dpy_update(DisplayChangeListener *dcl, 644 int x, int y, int w, int h) 645 { 646 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 647 struct VncSurface *s = &vd->guest; 648 649 vnc_set_area_dirty(s->dirty, vd, x, y, w, h); 650 } 651 652 void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h, 653 int32_t encoding) 654 { 655 vnc_write_u16(vs, x); 656 vnc_write_u16(vs, y); 657 vnc_write_u16(vs, w); 658 vnc_write_u16(vs, h); 659 660 vnc_write_s32(vs, encoding); 661 } 662 663 664 static void vnc_desktop_resize(VncState *vs) 665 { 666 if (vs->ioc == NULL || !vnc_has_feature(vs, VNC_FEATURE_RESIZE)) { 667 return; 668 } 669 if (vs->client_width == pixman_image_get_width(vs->vd->server) && 670 vs->client_height == pixman_image_get_height(vs->vd->server)) { 671 return; 672 } 673 674 assert(pixman_image_get_width(vs->vd->server) < 65536 && 675 pixman_image_get_width(vs->vd->server) >= 0); 676 assert(pixman_image_get_height(vs->vd->server) < 65536 && 677 pixman_image_get_height(vs->vd->server) >= 0); 678 vs->client_width = pixman_image_get_width(vs->vd->server); 679 vs->client_height = pixman_image_get_height(vs->vd->server); 680 vnc_lock_output(vs); 681 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 682 vnc_write_u8(vs, 0); 683 vnc_write_u16(vs, 1); /* number of rects */ 684 vnc_framebuffer_update(vs, 0, 0, vs->client_width, vs->client_height, 685 VNC_ENCODING_DESKTOPRESIZE); 686 vnc_unlock_output(vs); 687 vnc_flush(vs); 688 } 689 690 static void vnc_abort_display_jobs(VncDisplay *vd) 691 { 692 VncState *vs; 693 694 QTAILQ_FOREACH(vs, &vd->clients, next) { 695 vnc_lock_output(vs); 696 vs->abort = true; 697 vnc_unlock_output(vs); 698 } 699 QTAILQ_FOREACH(vs, &vd->clients, next) { 700 vnc_jobs_join(vs); 701 } 702 QTAILQ_FOREACH(vs, &vd->clients, next) { 703 vnc_lock_output(vs); 704 if (vs->update == VNC_STATE_UPDATE_NONE && 705 vs->job_update != VNC_STATE_UPDATE_NONE) { 706 /* job aborted before completion */ 707 vs->update = vs->job_update; 708 vs->job_update = VNC_STATE_UPDATE_NONE; 709 } 710 vs->abort = false; 711 vnc_unlock_output(vs); 712 } 713 } 714 715 int vnc_server_fb_stride(VncDisplay *vd) 716 { 717 return pixman_image_get_stride(vd->server); 718 } 719 720 void *vnc_server_fb_ptr(VncDisplay *vd, int x, int y) 721 { 722 uint8_t *ptr; 723 724 ptr = (uint8_t *)pixman_image_get_data(vd->server); 725 ptr += y * vnc_server_fb_stride(vd); 726 ptr += x * VNC_SERVER_FB_BYTES; 727 return ptr; 728 } 729 730 static void vnc_update_server_surface(VncDisplay *vd) 731 { 732 int width, height; 733 734 qemu_pixman_image_unref(vd->server); 735 vd->server = NULL; 736 737 if (QTAILQ_EMPTY(&vd->clients)) { 738 return; 739 } 740 741 width = vnc_width(vd); 742 height = vnc_height(vd); 743 vd->server = pixman_image_create_bits(VNC_SERVER_FB_FORMAT, 744 width, height, 745 NULL, 0); 746 747 memset(vd->guest.dirty, 0x00, sizeof(vd->guest.dirty)); 748 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0, 749 width, height); 750 } 751 752 static bool vnc_check_pageflip(DisplaySurface *s1, 753 DisplaySurface *s2) 754 { 755 return (s1 != NULL && 756 s2 != NULL && 757 surface_width(s1) == surface_width(s2) && 758 surface_height(s1) == surface_height(s2) && 759 surface_format(s1) == surface_format(s2)); 760 761 } 762 763 static void vnc_dpy_switch(DisplayChangeListener *dcl, 764 DisplaySurface *surface) 765 { 766 static const char placeholder_msg[] = 767 "Display output is not active."; 768 static DisplaySurface *placeholder; 769 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 770 bool pageflip = vnc_check_pageflip(vd->ds, surface); 771 VncState *vs; 772 773 if (surface == NULL) { 774 if (placeholder == NULL) { 775 placeholder = qemu_create_message_surface(640, 480, placeholder_msg); 776 } 777 surface = placeholder; 778 } 779 780 vnc_abort_display_jobs(vd); 781 vd->ds = surface; 782 783 /* guest surface */ 784 qemu_pixman_image_unref(vd->guest.fb); 785 vd->guest.fb = pixman_image_ref(surface->image); 786 vd->guest.format = surface->format; 787 788 if (pageflip) { 789 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0, 790 surface_width(surface), 791 surface_height(surface)); 792 return; 793 } 794 795 /* server surface */ 796 vnc_update_server_surface(vd); 797 798 QTAILQ_FOREACH(vs, &vd->clients, next) { 799 vnc_colordepth(vs); 800 vnc_desktop_resize(vs); 801 if (vs->vd->cursor) { 802 vnc_cursor_define(vs); 803 } 804 memset(vs->dirty, 0x00, sizeof(vs->dirty)); 805 vnc_set_area_dirty(vs->dirty, vd, 0, 0, 806 vnc_width(vd), 807 vnc_height(vd)); 808 vnc_update_throttle_offset(vs); 809 } 810 } 811 812 /* fastest code */ 813 static void vnc_write_pixels_copy(VncState *vs, 814 void *pixels, int size) 815 { 816 vnc_write(vs, pixels, size); 817 } 818 819 /* slowest but generic code. */ 820 void vnc_convert_pixel(VncState *vs, uint8_t *buf, uint32_t v) 821 { 822 uint8_t r, g, b; 823 824 #if VNC_SERVER_FB_FORMAT == PIXMAN_FORMAT(32, PIXMAN_TYPE_ARGB, 0, 8, 8, 8) 825 r = (((v & 0x00ff0000) >> 16) << vs->client_pf.rbits) >> 8; 826 g = (((v & 0x0000ff00) >> 8) << vs->client_pf.gbits) >> 8; 827 b = (((v & 0x000000ff) >> 0) << vs->client_pf.bbits) >> 8; 828 #else 829 # error need some bits here if you change VNC_SERVER_FB_FORMAT 830 #endif 831 v = (r << vs->client_pf.rshift) | 832 (g << vs->client_pf.gshift) | 833 (b << vs->client_pf.bshift); 834 switch (vs->client_pf.bytes_per_pixel) { 835 case 1: 836 buf[0] = v; 837 break; 838 case 2: 839 if (vs->client_be) { 840 buf[0] = v >> 8; 841 buf[1] = v; 842 } else { 843 buf[1] = v >> 8; 844 buf[0] = v; 845 } 846 break; 847 default: 848 case 4: 849 if (vs->client_be) { 850 buf[0] = v >> 24; 851 buf[1] = v >> 16; 852 buf[2] = v >> 8; 853 buf[3] = v; 854 } else { 855 buf[3] = v >> 24; 856 buf[2] = v >> 16; 857 buf[1] = v >> 8; 858 buf[0] = v; 859 } 860 break; 861 } 862 } 863 864 static void vnc_write_pixels_generic(VncState *vs, 865 void *pixels1, int size) 866 { 867 uint8_t buf[4]; 868 869 if (VNC_SERVER_FB_BYTES == 4) { 870 uint32_t *pixels = pixels1; 871 int n, i; 872 n = size >> 2; 873 for (i = 0; i < n; i++) { 874 vnc_convert_pixel(vs, buf, pixels[i]); 875 vnc_write(vs, buf, vs->client_pf.bytes_per_pixel); 876 } 877 } 878 } 879 880 int vnc_raw_send_framebuffer_update(VncState *vs, int x, int y, int w, int h) 881 { 882 int i; 883 uint8_t *row; 884 VncDisplay *vd = vs->vd; 885 886 row = vnc_server_fb_ptr(vd, x, y); 887 for (i = 0; i < h; i++) { 888 vs->write_pixels(vs, row, w * VNC_SERVER_FB_BYTES); 889 row += vnc_server_fb_stride(vd); 890 } 891 return 1; 892 } 893 894 int vnc_send_framebuffer_update(VncState *vs, int x, int y, int w, int h) 895 { 896 int n = 0; 897 bool encode_raw = false; 898 size_t saved_offs = vs->output.offset; 899 900 switch(vs->vnc_encoding) { 901 case VNC_ENCODING_ZLIB: 902 n = vnc_zlib_send_framebuffer_update(vs, x, y, w, h); 903 break; 904 case VNC_ENCODING_HEXTILE: 905 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_HEXTILE); 906 n = vnc_hextile_send_framebuffer_update(vs, x, y, w, h); 907 break; 908 case VNC_ENCODING_TIGHT: 909 n = vnc_tight_send_framebuffer_update(vs, x, y, w, h); 910 break; 911 case VNC_ENCODING_TIGHT_PNG: 912 n = vnc_tight_png_send_framebuffer_update(vs, x, y, w, h); 913 break; 914 case VNC_ENCODING_ZRLE: 915 n = vnc_zrle_send_framebuffer_update(vs, x, y, w, h); 916 break; 917 case VNC_ENCODING_ZYWRLE: 918 n = vnc_zywrle_send_framebuffer_update(vs, x, y, w, h); 919 break; 920 default: 921 encode_raw = true; 922 break; 923 } 924 925 /* If the client has the same pixel format as our internal buffer and 926 * a RAW encoding would need less space fall back to RAW encoding to 927 * save bandwidth and processing power in the client. */ 928 if (!encode_raw && vs->write_pixels == vnc_write_pixels_copy && 929 12 + h * w * VNC_SERVER_FB_BYTES <= (vs->output.offset - saved_offs)) { 930 vs->output.offset = saved_offs; 931 encode_raw = true; 932 } 933 934 if (encode_raw) { 935 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_RAW); 936 n = vnc_raw_send_framebuffer_update(vs, x, y, w, h); 937 } 938 939 return n; 940 } 941 942 static void vnc_mouse_set(DisplayChangeListener *dcl, 943 int x, int y, int visible) 944 { 945 /* can we ask the client(s) to move the pointer ??? */ 946 } 947 948 static int vnc_cursor_define(VncState *vs) 949 { 950 QEMUCursor *c = vs->vd->cursor; 951 int isize; 952 953 if (vnc_has_feature(vs, VNC_FEATURE_RICH_CURSOR)) { 954 vnc_lock_output(vs); 955 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 956 vnc_write_u8(vs, 0); /* padding */ 957 vnc_write_u16(vs, 1); /* # of rects */ 958 vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height, 959 VNC_ENCODING_RICH_CURSOR); 960 isize = c->width * c->height * vs->client_pf.bytes_per_pixel; 961 vnc_write_pixels_generic(vs, c->data, isize); 962 vnc_write(vs, vs->vd->cursor_mask, vs->vd->cursor_msize); 963 vnc_unlock_output(vs); 964 return 0; 965 } 966 return -1; 967 } 968 969 static void vnc_dpy_cursor_define(DisplayChangeListener *dcl, 970 QEMUCursor *c) 971 { 972 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 973 VncState *vs; 974 975 cursor_put(vd->cursor); 976 g_free(vd->cursor_mask); 977 978 vd->cursor = c; 979 cursor_get(vd->cursor); 980 vd->cursor_msize = cursor_get_mono_bpl(c) * c->height; 981 vd->cursor_mask = g_malloc0(vd->cursor_msize); 982 cursor_get_mono_mask(c, 0, vd->cursor_mask); 983 984 QTAILQ_FOREACH(vs, &vd->clients, next) { 985 vnc_cursor_define(vs); 986 } 987 } 988 989 static int find_and_clear_dirty_height(VncState *vs, 990 int y, int last_x, int x, int height) 991 { 992 int h; 993 994 for (h = 1; h < (height - y); h++) { 995 if (!test_bit(last_x, vs->dirty[y + h])) { 996 break; 997 } 998 bitmap_clear(vs->dirty[y + h], last_x, x - last_x); 999 } 1000 1001 return h; 1002 } 1003 1004 /* 1005 * Figure out how much pending data we should allow in the output 1006 * buffer before we throttle incremental display updates, and/or 1007 * drop audio samples. 1008 * 1009 * We allow for equiv of 1 full display's worth of FB updates, 1010 * and 1 second of audio samples. If audio backlog was larger 1011 * than that the client would already suffering awful audio 1012 * glitches, so dropping samples is no worse really). 1013 */ 1014 static void vnc_update_throttle_offset(VncState *vs) 1015 { 1016 size_t offset = 1017 vs->client_width * vs->client_height * vs->client_pf.bytes_per_pixel; 1018 1019 if (vs->audio_cap) { 1020 int bps; 1021 switch (vs->as.fmt) { 1022 default: 1023 case AUDIO_FORMAT_U8: 1024 case AUDIO_FORMAT_S8: 1025 bps = 1; 1026 break; 1027 case AUDIO_FORMAT_U16: 1028 case AUDIO_FORMAT_S16: 1029 bps = 2; 1030 break; 1031 case AUDIO_FORMAT_U32: 1032 case AUDIO_FORMAT_S32: 1033 bps = 4; 1034 break; 1035 } 1036 offset += vs->as.freq * bps * vs->as.nchannels; 1037 } 1038 1039 /* Put a floor of 1MB on offset, so that if we have a large pending 1040 * buffer and the display is resized to a small size & back again 1041 * we don't suddenly apply a tiny send limit 1042 */ 1043 offset = MAX(offset, 1024 * 1024); 1044 1045 if (vs->throttle_output_offset != offset) { 1046 trace_vnc_client_throttle_threshold( 1047 vs, vs->ioc, vs->throttle_output_offset, offset, vs->client_width, 1048 vs->client_height, vs->client_pf.bytes_per_pixel, vs->audio_cap); 1049 } 1050 1051 vs->throttle_output_offset = offset; 1052 } 1053 1054 static bool vnc_should_update(VncState *vs) 1055 { 1056 switch (vs->update) { 1057 case VNC_STATE_UPDATE_NONE: 1058 break; 1059 case VNC_STATE_UPDATE_INCREMENTAL: 1060 /* Only allow incremental updates if the pending send queue 1061 * is less than the permitted threshold, and the job worker 1062 * is completely idle. 1063 */ 1064 if (vs->output.offset < vs->throttle_output_offset && 1065 vs->job_update == VNC_STATE_UPDATE_NONE) { 1066 return true; 1067 } 1068 trace_vnc_client_throttle_incremental( 1069 vs, vs->ioc, vs->job_update, vs->output.offset); 1070 break; 1071 case VNC_STATE_UPDATE_FORCE: 1072 /* Only allow forced updates if the pending send queue 1073 * does not contain a previous forced update, and the 1074 * job worker is completely idle. 1075 * 1076 * Note this means we'll queue a forced update, even if 1077 * the output buffer size is otherwise over the throttle 1078 * output limit. 1079 */ 1080 if (vs->force_update_offset == 0 && 1081 vs->job_update == VNC_STATE_UPDATE_NONE) { 1082 return true; 1083 } 1084 trace_vnc_client_throttle_forced( 1085 vs, vs->ioc, vs->job_update, vs->force_update_offset); 1086 break; 1087 } 1088 return false; 1089 } 1090 1091 static int vnc_update_client(VncState *vs, int has_dirty) 1092 { 1093 VncDisplay *vd = vs->vd; 1094 VncJob *job; 1095 int y; 1096 int height, width; 1097 int n = 0; 1098 1099 if (vs->disconnecting) { 1100 vnc_disconnect_finish(vs); 1101 return 0; 1102 } 1103 1104 vs->has_dirty += has_dirty; 1105 if (!vnc_should_update(vs)) { 1106 return 0; 1107 } 1108 1109 if (!vs->has_dirty && vs->update != VNC_STATE_UPDATE_FORCE) { 1110 return 0; 1111 } 1112 1113 /* 1114 * Send screen updates to the vnc client using the server 1115 * surface and server dirty map. guest surface updates 1116 * happening in parallel don't disturb us, the next pass will 1117 * send them to the client. 1118 */ 1119 job = vnc_job_new(vs); 1120 1121 height = pixman_image_get_height(vd->server); 1122 width = pixman_image_get_width(vd->server); 1123 1124 y = 0; 1125 for (;;) { 1126 int x, h; 1127 unsigned long x2; 1128 unsigned long offset = find_next_bit((unsigned long *) &vs->dirty, 1129 height * VNC_DIRTY_BPL(vs), 1130 y * VNC_DIRTY_BPL(vs)); 1131 if (offset == height * VNC_DIRTY_BPL(vs)) { 1132 /* no more dirty bits */ 1133 break; 1134 } 1135 y = offset / VNC_DIRTY_BPL(vs); 1136 x = offset % VNC_DIRTY_BPL(vs); 1137 x2 = find_next_zero_bit((unsigned long *) &vs->dirty[y], 1138 VNC_DIRTY_BPL(vs), x); 1139 bitmap_clear(vs->dirty[y], x, x2 - x); 1140 h = find_and_clear_dirty_height(vs, y, x, x2, height); 1141 x2 = MIN(x2, width / VNC_DIRTY_PIXELS_PER_BIT); 1142 if (x2 > x) { 1143 n += vnc_job_add_rect(job, x * VNC_DIRTY_PIXELS_PER_BIT, y, 1144 (x2 - x) * VNC_DIRTY_PIXELS_PER_BIT, h); 1145 } 1146 if (!x && x2 == width / VNC_DIRTY_PIXELS_PER_BIT) { 1147 y += h; 1148 if (y == height) { 1149 break; 1150 } 1151 } 1152 } 1153 1154 vs->job_update = vs->update; 1155 vs->update = VNC_STATE_UPDATE_NONE; 1156 vnc_job_push(job); 1157 vs->has_dirty = 0; 1158 return n; 1159 } 1160 1161 /* audio */ 1162 static void audio_capture_notify(void *opaque, audcnotification_e cmd) 1163 { 1164 VncState *vs = opaque; 1165 1166 assert(vs->magic == VNC_MAGIC); 1167 switch (cmd) { 1168 case AUD_CNOTIFY_DISABLE: 1169 vnc_lock_output(vs); 1170 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1171 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1172 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_END); 1173 vnc_unlock_output(vs); 1174 vnc_flush(vs); 1175 break; 1176 1177 case AUD_CNOTIFY_ENABLE: 1178 vnc_lock_output(vs); 1179 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1180 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1181 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_BEGIN); 1182 vnc_unlock_output(vs); 1183 vnc_flush(vs); 1184 break; 1185 } 1186 } 1187 1188 static void audio_capture_destroy(void *opaque) 1189 { 1190 } 1191 1192 static void audio_capture(void *opaque, void *buf, int size) 1193 { 1194 VncState *vs = opaque; 1195 1196 assert(vs->magic == VNC_MAGIC); 1197 vnc_lock_output(vs); 1198 if (vs->output.offset < vs->throttle_output_offset) { 1199 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1200 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1201 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA); 1202 vnc_write_u32(vs, size); 1203 vnc_write(vs, buf, size); 1204 } else { 1205 trace_vnc_client_throttle_audio(vs, vs->ioc, vs->output.offset); 1206 } 1207 vnc_unlock_output(vs); 1208 vnc_flush(vs); 1209 } 1210 1211 static void audio_add(VncState *vs) 1212 { 1213 struct audio_capture_ops ops; 1214 1215 if (vs->audio_cap) { 1216 error_report("audio already running"); 1217 return; 1218 } 1219 1220 ops.notify = audio_capture_notify; 1221 ops.destroy = audio_capture_destroy; 1222 ops.capture = audio_capture; 1223 1224 vs->audio_cap = AUD_add_capture(&vs->as, &ops, vs); 1225 if (!vs->audio_cap) { 1226 error_report("Failed to add audio capture"); 1227 } 1228 } 1229 1230 static void audio_del(VncState *vs) 1231 { 1232 if (vs->audio_cap) { 1233 AUD_del_capture(vs->audio_cap, vs); 1234 vs->audio_cap = NULL; 1235 } 1236 } 1237 1238 static void vnc_disconnect_start(VncState *vs) 1239 { 1240 if (vs->disconnecting) { 1241 return; 1242 } 1243 trace_vnc_client_disconnect_start(vs, vs->ioc); 1244 vnc_set_share_mode(vs, VNC_SHARE_MODE_DISCONNECTED); 1245 if (vs->ioc_tag) { 1246 g_source_remove(vs->ioc_tag); 1247 vs->ioc_tag = 0; 1248 } 1249 qio_channel_close(vs->ioc, NULL); 1250 vs->disconnecting = TRUE; 1251 } 1252 1253 void vnc_disconnect_finish(VncState *vs) 1254 { 1255 int i; 1256 1257 trace_vnc_client_disconnect_finish(vs, vs->ioc); 1258 1259 vnc_jobs_join(vs); /* Wait encoding jobs */ 1260 1261 vnc_lock_output(vs); 1262 vnc_qmp_event(vs, QAPI_EVENT_VNC_DISCONNECTED); 1263 1264 buffer_free(&vs->input); 1265 buffer_free(&vs->output); 1266 1267 qapi_free_VncClientInfo(vs->info); 1268 1269 vnc_zlib_clear(vs); 1270 vnc_tight_clear(vs); 1271 vnc_zrle_clear(vs); 1272 1273 #ifdef CONFIG_VNC_SASL 1274 vnc_sasl_client_cleanup(vs); 1275 #endif /* CONFIG_VNC_SASL */ 1276 audio_del(vs); 1277 qkbd_state_lift_all_keys(vs->vd->kbd); 1278 1279 if (vs->mouse_mode_notifier.notify != NULL) { 1280 qemu_remove_mouse_mode_change_notifier(&vs->mouse_mode_notifier); 1281 } 1282 QTAILQ_REMOVE(&vs->vd->clients, vs, next); 1283 if (QTAILQ_EMPTY(&vs->vd->clients)) { 1284 /* last client gone */ 1285 vnc_update_server_surface(vs->vd); 1286 } 1287 1288 vnc_unlock_output(vs); 1289 1290 qemu_mutex_destroy(&vs->output_mutex); 1291 if (vs->bh != NULL) { 1292 qemu_bh_delete(vs->bh); 1293 } 1294 buffer_free(&vs->jobs_buffer); 1295 1296 for (i = 0; i < VNC_STAT_ROWS; ++i) { 1297 g_free(vs->lossy_rect[i]); 1298 } 1299 g_free(vs->lossy_rect); 1300 1301 object_unref(OBJECT(vs->ioc)); 1302 vs->ioc = NULL; 1303 object_unref(OBJECT(vs->sioc)); 1304 vs->sioc = NULL; 1305 vs->magic = 0; 1306 g_free(vs); 1307 } 1308 1309 size_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp) 1310 { 1311 if (ret <= 0) { 1312 if (ret == 0) { 1313 trace_vnc_client_eof(vs, vs->ioc); 1314 vnc_disconnect_start(vs); 1315 } else if (ret != QIO_CHANNEL_ERR_BLOCK) { 1316 trace_vnc_client_io_error(vs, vs->ioc, 1317 errp ? error_get_pretty(*errp) : 1318 "Unknown"); 1319 vnc_disconnect_start(vs); 1320 } 1321 1322 if (errp) { 1323 error_free(*errp); 1324 *errp = NULL; 1325 } 1326 return 0; 1327 } 1328 return ret; 1329 } 1330 1331 1332 void vnc_client_error(VncState *vs) 1333 { 1334 VNC_DEBUG("Closing down client sock: protocol error\n"); 1335 vnc_disconnect_start(vs); 1336 } 1337 1338 1339 /* 1340 * Called to write a chunk of data to the client socket. The data may 1341 * be the raw data, or may have already been encoded by SASL. 1342 * The data will be written either straight onto the socket, or 1343 * written via the GNUTLS wrappers, if TLS/SSL encryption is enabled 1344 * 1345 * NB, it is theoretically possible to have 2 layers of encryption, 1346 * both SASL, and this TLS layer. It is highly unlikely in practice 1347 * though, since SASL encryption will typically be a no-op if TLS 1348 * is active 1349 * 1350 * Returns the number of bytes written, which may be less than 1351 * the requested 'datalen' if the socket would block. Returns 1352 * 0 on I/O error, and disconnects the client socket. 1353 */ 1354 size_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen) 1355 { 1356 Error *err = NULL; 1357 ssize_t ret; 1358 ret = qio_channel_write( 1359 vs->ioc, (const char *)data, datalen, &err); 1360 VNC_DEBUG("Wrote wire %p %zd -> %ld\n", data, datalen, ret); 1361 return vnc_client_io_error(vs, ret, &err); 1362 } 1363 1364 1365 /* 1366 * Called to write buffered data to the client socket, when not 1367 * using any SASL SSF encryption layers. Will write as much data 1368 * as possible without blocking. If all buffered data is written, 1369 * will switch the FD poll() handler back to read monitoring. 1370 * 1371 * Returns the number of bytes written, which may be less than 1372 * the buffered output data if the socket would block. Returns 1373 * 0 on I/O error, and disconnects the client socket. 1374 */ 1375 static size_t vnc_client_write_plain(VncState *vs) 1376 { 1377 size_t offset; 1378 size_t ret; 1379 1380 #ifdef CONFIG_VNC_SASL 1381 VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SSF %d\n", 1382 vs->output.buffer, vs->output.capacity, vs->output.offset, 1383 vs->sasl.waitWriteSSF); 1384 1385 if (vs->sasl.conn && 1386 vs->sasl.runSSF && 1387 vs->sasl.waitWriteSSF) { 1388 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->sasl.waitWriteSSF); 1389 if (ret) 1390 vs->sasl.waitWriteSSF -= ret; 1391 } else 1392 #endif /* CONFIG_VNC_SASL */ 1393 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->output.offset); 1394 if (!ret) 1395 return 0; 1396 1397 if (ret >= vs->force_update_offset) { 1398 if (vs->force_update_offset != 0) { 1399 trace_vnc_client_unthrottle_forced(vs, vs->ioc); 1400 } 1401 vs->force_update_offset = 0; 1402 } else { 1403 vs->force_update_offset -= ret; 1404 } 1405 offset = vs->output.offset; 1406 buffer_advance(&vs->output, ret); 1407 if (offset >= vs->throttle_output_offset && 1408 vs->output.offset < vs->throttle_output_offset) { 1409 trace_vnc_client_unthrottle_incremental(vs, vs->ioc, vs->output.offset); 1410 } 1411 1412 if (vs->output.offset == 0) { 1413 if (vs->ioc_tag) { 1414 g_source_remove(vs->ioc_tag); 1415 } 1416 vs->ioc_tag = qio_channel_add_watch( 1417 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 1418 } 1419 1420 return ret; 1421 } 1422 1423 1424 /* 1425 * First function called whenever there is data to be written to 1426 * the client socket. Will delegate actual work according to whether 1427 * SASL SSF layers are enabled (thus requiring encryption calls) 1428 */ 1429 static void vnc_client_write_locked(VncState *vs) 1430 { 1431 #ifdef CONFIG_VNC_SASL 1432 if (vs->sasl.conn && 1433 vs->sasl.runSSF && 1434 !vs->sasl.waitWriteSSF) { 1435 vnc_client_write_sasl(vs); 1436 } else 1437 #endif /* CONFIG_VNC_SASL */ 1438 { 1439 vnc_client_write_plain(vs); 1440 } 1441 } 1442 1443 static void vnc_client_write(VncState *vs) 1444 { 1445 assert(vs->magic == VNC_MAGIC); 1446 vnc_lock_output(vs); 1447 if (vs->output.offset) { 1448 vnc_client_write_locked(vs); 1449 } else if (vs->ioc != NULL) { 1450 if (vs->ioc_tag) { 1451 g_source_remove(vs->ioc_tag); 1452 } 1453 vs->ioc_tag = qio_channel_add_watch( 1454 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 1455 } 1456 vnc_unlock_output(vs); 1457 } 1458 1459 void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting) 1460 { 1461 vs->read_handler = func; 1462 vs->read_handler_expect = expecting; 1463 } 1464 1465 1466 /* 1467 * Called to read a chunk of data from the client socket. The data may 1468 * be the raw data, or may need to be further decoded by SASL. 1469 * The data will be read either straight from to the socket, or 1470 * read via the GNUTLS wrappers, if TLS/SSL encryption is enabled 1471 * 1472 * NB, it is theoretically possible to have 2 layers of encryption, 1473 * both SASL, and this TLS layer. It is highly unlikely in practice 1474 * though, since SASL encryption will typically be a no-op if TLS 1475 * is active 1476 * 1477 * Returns the number of bytes read, which may be less than 1478 * the requested 'datalen' if the socket would block. Returns 1479 * 0 on I/O error or EOF, and disconnects the client socket. 1480 */ 1481 size_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen) 1482 { 1483 ssize_t ret; 1484 Error *err = NULL; 1485 ret = qio_channel_read( 1486 vs->ioc, (char *)data, datalen, &err); 1487 VNC_DEBUG("Read wire %p %zd -> %ld\n", data, datalen, ret); 1488 return vnc_client_io_error(vs, ret, &err); 1489 } 1490 1491 1492 /* 1493 * Called to read data from the client socket to the input buffer, 1494 * when not using any SASL SSF encryption layers. Will read as much 1495 * data as possible without blocking. 1496 * 1497 * Returns the number of bytes read, which may be less than 1498 * the requested 'datalen' if the socket would block. Returns 1499 * 0 on I/O error or EOF, and disconnects the client socket. 1500 */ 1501 static size_t vnc_client_read_plain(VncState *vs) 1502 { 1503 size_t ret; 1504 VNC_DEBUG("Read plain %p size %zd offset %zd\n", 1505 vs->input.buffer, vs->input.capacity, vs->input.offset); 1506 buffer_reserve(&vs->input, 4096); 1507 ret = vnc_client_read_buf(vs, buffer_end(&vs->input), 4096); 1508 if (!ret) 1509 return 0; 1510 vs->input.offset += ret; 1511 return ret; 1512 } 1513 1514 static void vnc_jobs_bh(void *opaque) 1515 { 1516 VncState *vs = opaque; 1517 1518 assert(vs->magic == VNC_MAGIC); 1519 vnc_jobs_consume_buffer(vs); 1520 } 1521 1522 /* 1523 * First function called whenever there is more data to be read from 1524 * the client socket. Will delegate actual work according to whether 1525 * SASL SSF layers are enabled (thus requiring decryption calls) 1526 * Returns 0 on success, -1 if client disconnected 1527 */ 1528 static int vnc_client_read(VncState *vs) 1529 { 1530 size_t ret; 1531 1532 #ifdef CONFIG_VNC_SASL 1533 if (vs->sasl.conn && vs->sasl.runSSF) 1534 ret = vnc_client_read_sasl(vs); 1535 else 1536 #endif /* CONFIG_VNC_SASL */ 1537 ret = vnc_client_read_plain(vs); 1538 if (!ret) { 1539 if (vs->disconnecting) { 1540 vnc_disconnect_finish(vs); 1541 return -1; 1542 } 1543 return 0; 1544 } 1545 1546 while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) { 1547 size_t len = vs->read_handler_expect; 1548 int ret; 1549 1550 ret = vs->read_handler(vs, vs->input.buffer, len); 1551 if (vs->disconnecting) { 1552 vnc_disconnect_finish(vs); 1553 return -1; 1554 } 1555 1556 if (!ret) { 1557 buffer_advance(&vs->input, len); 1558 } else { 1559 vs->read_handler_expect = ret; 1560 } 1561 } 1562 return 0; 1563 } 1564 1565 gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED, 1566 GIOCondition condition, void *opaque) 1567 { 1568 VncState *vs = opaque; 1569 1570 assert(vs->magic == VNC_MAGIC); 1571 if (condition & G_IO_IN) { 1572 if (vnc_client_read(vs) < 0) { 1573 /* vs is free()ed here */ 1574 return TRUE; 1575 } 1576 } 1577 if (condition & G_IO_OUT) { 1578 vnc_client_write(vs); 1579 } 1580 1581 if (vs->disconnecting) { 1582 if (vs->ioc_tag != 0) { 1583 g_source_remove(vs->ioc_tag); 1584 } 1585 vs->ioc_tag = 0; 1586 } 1587 return TRUE; 1588 } 1589 1590 1591 /* 1592 * Scale factor to apply to vs->throttle_output_offset when checking for 1593 * hard limit. Worst case normal usage could be x2, if we have a complete 1594 * incremental update and complete forced update in the output buffer. 1595 * So x3 should be good enough, but we pick x5 to be conservative and thus 1596 * (hopefully) never trigger incorrectly. 1597 */ 1598 #define VNC_THROTTLE_OUTPUT_LIMIT_SCALE 5 1599 1600 void vnc_write(VncState *vs, const void *data, size_t len) 1601 { 1602 assert(vs->magic == VNC_MAGIC); 1603 if (vs->disconnecting) { 1604 return; 1605 } 1606 /* Protection against malicious client/guest to prevent our output 1607 * buffer growing without bound if client stops reading data. This 1608 * should rarely trigger, because we have earlier throttling code 1609 * which stops issuing framebuffer updates and drops audio data 1610 * if the throttle_output_offset value is exceeded. So we only reach 1611 * this higher level if a huge number of pseudo-encodings get 1612 * triggered while data can't be sent on the socket. 1613 * 1614 * NB throttle_output_offset can be zero during early protocol 1615 * handshake, or from the job thread's VncState clone 1616 */ 1617 if (vs->throttle_output_offset != 0 && 1618 (vs->output.offset / VNC_THROTTLE_OUTPUT_LIMIT_SCALE) > 1619 vs->throttle_output_offset) { 1620 trace_vnc_client_output_limit(vs, vs->ioc, vs->output.offset, 1621 vs->throttle_output_offset); 1622 vnc_disconnect_start(vs); 1623 return; 1624 } 1625 buffer_reserve(&vs->output, len); 1626 1627 if (vs->ioc != NULL && buffer_empty(&vs->output)) { 1628 if (vs->ioc_tag) { 1629 g_source_remove(vs->ioc_tag); 1630 } 1631 vs->ioc_tag = qio_channel_add_watch( 1632 vs->ioc, G_IO_IN | G_IO_OUT, vnc_client_io, vs, NULL); 1633 } 1634 1635 buffer_append(&vs->output, data, len); 1636 } 1637 1638 void vnc_write_s32(VncState *vs, int32_t value) 1639 { 1640 vnc_write_u32(vs, *(uint32_t *)&value); 1641 } 1642 1643 void vnc_write_u32(VncState *vs, uint32_t value) 1644 { 1645 uint8_t buf[4]; 1646 1647 buf[0] = (value >> 24) & 0xFF; 1648 buf[1] = (value >> 16) & 0xFF; 1649 buf[2] = (value >> 8) & 0xFF; 1650 buf[3] = value & 0xFF; 1651 1652 vnc_write(vs, buf, 4); 1653 } 1654 1655 void vnc_write_u16(VncState *vs, uint16_t value) 1656 { 1657 uint8_t buf[2]; 1658 1659 buf[0] = (value >> 8) & 0xFF; 1660 buf[1] = value & 0xFF; 1661 1662 vnc_write(vs, buf, 2); 1663 } 1664 1665 void vnc_write_u8(VncState *vs, uint8_t value) 1666 { 1667 vnc_write(vs, (char *)&value, 1); 1668 } 1669 1670 void vnc_flush(VncState *vs) 1671 { 1672 vnc_lock_output(vs); 1673 if (vs->ioc != NULL && vs->output.offset) { 1674 vnc_client_write_locked(vs); 1675 } 1676 if (vs->disconnecting) { 1677 if (vs->ioc_tag != 0) { 1678 g_source_remove(vs->ioc_tag); 1679 } 1680 vs->ioc_tag = 0; 1681 } 1682 vnc_unlock_output(vs); 1683 } 1684 1685 static uint8_t read_u8(uint8_t *data, size_t offset) 1686 { 1687 return data[offset]; 1688 } 1689 1690 static uint16_t read_u16(uint8_t *data, size_t offset) 1691 { 1692 return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF); 1693 } 1694 1695 static int32_t read_s32(uint8_t *data, size_t offset) 1696 { 1697 return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) | 1698 (data[offset + 2] << 8) | data[offset + 3]); 1699 } 1700 1701 uint32_t read_u32(uint8_t *data, size_t offset) 1702 { 1703 return ((data[offset] << 24) | (data[offset + 1] << 16) | 1704 (data[offset + 2] << 8) | data[offset + 3]); 1705 } 1706 1707 static void client_cut_text(VncState *vs, size_t len, uint8_t *text) 1708 { 1709 } 1710 1711 static void check_pointer_type_change(Notifier *notifier, void *data) 1712 { 1713 VncState *vs = container_of(notifier, VncState, mouse_mode_notifier); 1714 int absolute = qemu_input_is_absolute(); 1715 1716 if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE) && vs->absolute != absolute) { 1717 vnc_lock_output(vs); 1718 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 1719 vnc_write_u8(vs, 0); 1720 vnc_write_u16(vs, 1); 1721 vnc_framebuffer_update(vs, absolute, 0, 1722 pixman_image_get_width(vs->vd->server), 1723 pixman_image_get_height(vs->vd->server), 1724 VNC_ENCODING_POINTER_TYPE_CHANGE); 1725 vnc_unlock_output(vs); 1726 vnc_flush(vs); 1727 } 1728 vs->absolute = absolute; 1729 } 1730 1731 static void pointer_event(VncState *vs, int button_mask, int x, int y) 1732 { 1733 static uint32_t bmap[INPUT_BUTTON__MAX] = { 1734 [INPUT_BUTTON_LEFT] = 0x01, 1735 [INPUT_BUTTON_MIDDLE] = 0x02, 1736 [INPUT_BUTTON_RIGHT] = 0x04, 1737 [INPUT_BUTTON_WHEEL_UP] = 0x08, 1738 [INPUT_BUTTON_WHEEL_DOWN] = 0x10, 1739 }; 1740 QemuConsole *con = vs->vd->dcl.con; 1741 int width = pixman_image_get_width(vs->vd->server); 1742 int height = pixman_image_get_height(vs->vd->server); 1743 1744 if (vs->last_bmask != button_mask) { 1745 qemu_input_update_buttons(con, bmap, vs->last_bmask, button_mask); 1746 vs->last_bmask = button_mask; 1747 } 1748 1749 if (vs->absolute) { 1750 qemu_input_queue_abs(con, INPUT_AXIS_X, x, 0, width); 1751 qemu_input_queue_abs(con, INPUT_AXIS_Y, y, 0, height); 1752 } else if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE)) { 1753 qemu_input_queue_rel(con, INPUT_AXIS_X, x - 0x7FFF); 1754 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - 0x7FFF); 1755 } else { 1756 if (vs->last_x != -1) { 1757 qemu_input_queue_rel(con, INPUT_AXIS_X, x - vs->last_x); 1758 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - vs->last_y); 1759 } 1760 vs->last_x = x; 1761 vs->last_y = y; 1762 } 1763 qemu_input_event_sync(); 1764 } 1765 1766 static void press_key(VncState *vs, QKeyCode qcode) 1767 { 1768 qkbd_state_key_event(vs->vd->kbd, qcode, true); 1769 qkbd_state_key_event(vs->vd->kbd, qcode, false); 1770 } 1771 1772 static void vnc_led_state_change(VncState *vs) 1773 { 1774 if (!vnc_has_feature(vs, VNC_FEATURE_LED_STATE)) { 1775 return; 1776 } 1777 1778 vnc_lock_output(vs); 1779 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 1780 vnc_write_u8(vs, 0); 1781 vnc_write_u16(vs, 1); 1782 vnc_framebuffer_update(vs, 0, 0, 1, 1, VNC_ENCODING_LED_STATE); 1783 vnc_write_u8(vs, vs->vd->ledstate); 1784 vnc_unlock_output(vs); 1785 vnc_flush(vs); 1786 } 1787 1788 static void kbd_leds(void *opaque, int ledstate) 1789 { 1790 VncDisplay *vd = opaque; 1791 VncState *client; 1792 1793 trace_vnc_key_guest_leds((ledstate & QEMU_CAPS_LOCK_LED), 1794 (ledstate & QEMU_NUM_LOCK_LED), 1795 (ledstate & QEMU_SCROLL_LOCK_LED)); 1796 1797 if (ledstate == vd->ledstate) { 1798 return; 1799 } 1800 1801 vd->ledstate = ledstate; 1802 1803 QTAILQ_FOREACH(client, &vd->clients, next) { 1804 vnc_led_state_change(client); 1805 } 1806 } 1807 1808 static void do_key_event(VncState *vs, int down, int keycode, int sym) 1809 { 1810 QKeyCode qcode = qemu_input_key_number_to_qcode(keycode); 1811 1812 /* QEMU console switch */ 1813 switch (qcode) { 1814 case Q_KEY_CODE_1 ... Q_KEY_CODE_9: /* '1' to '9' keys */ 1815 if (vs->vd->dcl.con == NULL && down && 1816 qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CTRL) && 1817 qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_ALT)) { 1818 /* Reset the modifiers sent to the current console */ 1819 qkbd_state_lift_all_keys(vs->vd->kbd); 1820 console_select(qcode - Q_KEY_CODE_1); 1821 return; 1822 } 1823 default: 1824 break; 1825 } 1826 1827 /* Turn off the lock state sync logic if the client support the led 1828 state extension. 1829 */ 1830 if (down && vs->vd->lock_key_sync && 1831 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) && 1832 keycode_is_keypad(vs->vd->kbd_layout, keycode)) { 1833 /* If the numlock state needs to change then simulate an additional 1834 keypress before sending this one. This will happen if the user 1835 toggles numlock away from the VNC window. 1836 */ 1837 if (keysym_is_numlock(vs->vd->kbd_layout, sym & 0xFFFF)) { 1838 if (!qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK)) { 1839 trace_vnc_key_sync_numlock(true); 1840 press_key(vs, Q_KEY_CODE_NUM_LOCK); 1841 } 1842 } else { 1843 if (qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK)) { 1844 trace_vnc_key_sync_numlock(false); 1845 press_key(vs, Q_KEY_CODE_NUM_LOCK); 1846 } 1847 } 1848 } 1849 1850 if (down && vs->vd->lock_key_sync && 1851 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) && 1852 ((sym >= 'A' && sym <= 'Z') || (sym >= 'a' && sym <= 'z'))) { 1853 /* If the capslock state needs to change then simulate an additional 1854 keypress before sending this one. This will happen if the user 1855 toggles capslock away from the VNC window. 1856 */ 1857 int uppercase = !!(sym >= 'A' && sym <= 'Z'); 1858 bool shift = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_SHIFT); 1859 bool capslock = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CAPSLOCK); 1860 if (capslock) { 1861 if (uppercase == shift) { 1862 trace_vnc_key_sync_capslock(false); 1863 press_key(vs, Q_KEY_CODE_CAPS_LOCK); 1864 } 1865 } else { 1866 if (uppercase != shift) { 1867 trace_vnc_key_sync_capslock(true); 1868 press_key(vs, Q_KEY_CODE_CAPS_LOCK); 1869 } 1870 } 1871 } 1872 1873 qkbd_state_key_event(vs->vd->kbd, qcode, down); 1874 if (!qemu_console_is_graphic(NULL)) { 1875 bool numlock = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK); 1876 bool control = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CTRL); 1877 /* QEMU console emulation */ 1878 if (down) { 1879 switch (keycode) { 1880 case 0x2a: /* Left Shift */ 1881 case 0x36: /* Right Shift */ 1882 case 0x1d: /* Left CTRL */ 1883 case 0x9d: /* Right CTRL */ 1884 case 0x38: /* Left ALT */ 1885 case 0xb8: /* Right ALT */ 1886 break; 1887 case 0xc8: 1888 kbd_put_keysym(QEMU_KEY_UP); 1889 break; 1890 case 0xd0: 1891 kbd_put_keysym(QEMU_KEY_DOWN); 1892 break; 1893 case 0xcb: 1894 kbd_put_keysym(QEMU_KEY_LEFT); 1895 break; 1896 case 0xcd: 1897 kbd_put_keysym(QEMU_KEY_RIGHT); 1898 break; 1899 case 0xd3: 1900 kbd_put_keysym(QEMU_KEY_DELETE); 1901 break; 1902 case 0xc7: 1903 kbd_put_keysym(QEMU_KEY_HOME); 1904 break; 1905 case 0xcf: 1906 kbd_put_keysym(QEMU_KEY_END); 1907 break; 1908 case 0xc9: 1909 kbd_put_keysym(QEMU_KEY_PAGEUP); 1910 break; 1911 case 0xd1: 1912 kbd_put_keysym(QEMU_KEY_PAGEDOWN); 1913 break; 1914 1915 case 0x47: 1916 kbd_put_keysym(numlock ? '7' : QEMU_KEY_HOME); 1917 break; 1918 case 0x48: 1919 kbd_put_keysym(numlock ? '8' : QEMU_KEY_UP); 1920 break; 1921 case 0x49: 1922 kbd_put_keysym(numlock ? '9' : QEMU_KEY_PAGEUP); 1923 break; 1924 case 0x4b: 1925 kbd_put_keysym(numlock ? '4' : QEMU_KEY_LEFT); 1926 break; 1927 case 0x4c: 1928 kbd_put_keysym('5'); 1929 break; 1930 case 0x4d: 1931 kbd_put_keysym(numlock ? '6' : QEMU_KEY_RIGHT); 1932 break; 1933 case 0x4f: 1934 kbd_put_keysym(numlock ? '1' : QEMU_KEY_END); 1935 break; 1936 case 0x50: 1937 kbd_put_keysym(numlock ? '2' : QEMU_KEY_DOWN); 1938 break; 1939 case 0x51: 1940 kbd_put_keysym(numlock ? '3' : QEMU_KEY_PAGEDOWN); 1941 break; 1942 case 0x52: 1943 kbd_put_keysym('0'); 1944 break; 1945 case 0x53: 1946 kbd_put_keysym(numlock ? '.' : QEMU_KEY_DELETE); 1947 break; 1948 1949 case 0xb5: 1950 kbd_put_keysym('/'); 1951 break; 1952 case 0x37: 1953 kbd_put_keysym('*'); 1954 break; 1955 case 0x4a: 1956 kbd_put_keysym('-'); 1957 break; 1958 case 0x4e: 1959 kbd_put_keysym('+'); 1960 break; 1961 case 0x9c: 1962 kbd_put_keysym('\n'); 1963 break; 1964 1965 default: 1966 if (control) { 1967 kbd_put_keysym(sym & 0x1f); 1968 } else { 1969 kbd_put_keysym(sym); 1970 } 1971 break; 1972 } 1973 } 1974 } 1975 } 1976 1977 static const char *code2name(int keycode) 1978 { 1979 return QKeyCode_str(qemu_input_key_number_to_qcode(keycode)); 1980 } 1981 1982 static void key_event(VncState *vs, int down, uint32_t sym) 1983 { 1984 int keycode; 1985 int lsym = sym; 1986 1987 if (lsym >= 'A' && lsym <= 'Z' && qemu_console_is_graphic(NULL)) { 1988 lsym = lsym - 'A' + 'a'; 1989 } 1990 1991 keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF, 1992 vs->vd->kbd, down) & SCANCODE_KEYMASK; 1993 trace_vnc_key_event_map(down, sym, keycode, code2name(keycode)); 1994 do_key_event(vs, down, keycode, sym); 1995 } 1996 1997 static void ext_key_event(VncState *vs, int down, 1998 uint32_t sym, uint16_t keycode) 1999 { 2000 /* if the user specifies a keyboard layout, always use it */ 2001 if (keyboard_layout) { 2002 key_event(vs, down, sym); 2003 } else { 2004 trace_vnc_key_event_ext(down, sym, keycode, code2name(keycode)); 2005 do_key_event(vs, down, keycode, sym); 2006 } 2007 } 2008 2009 static void framebuffer_update_request(VncState *vs, int incremental, 2010 int x, int y, int w, int h) 2011 { 2012 if (incremental) { 2013 if (vs->update != VNC_STATE_UPDATE_FORCE) { 2014 vs->update = VNC_STATE_UPDATE_INCREMENTAL; 2015 } 2016 } else { 2017 vs->update = VNC_STATE_UPDATE_FORCE; 2018 vnc_set_area_dirty(vs->dirty, vs->vd, x, y, w, h); 2019 } 2020 } 2021 2022 static void send_ext_key_event_ack(VncState *vs) 2023 { 2024 vnc_lock_output(vs); 2025 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2026 vnc_write_u8(vs, 0); 2027 vnc_write_u16(vs, 1); 2028 vnc_framebuffer_update(vs, 0, 0, 2029 pixman_image_get_width(vs->vd->server), 2030 pixman_image_get_height(vs->vd->server), 2031 VNC_ENCODING_EXT_KEY_EVENT); 2032 vnc_unlock_output(vs); 2033 vnc_flush(vs); 2034 } 2035 2036 static void send_ext_audio_ack(VncState *vs) 2037 { 2038 vnc_lock_output(vs); 2039 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2040 vnc_write_u8(vs, 0); 2041 vnc_write_u16(vs, 1); 2042 vnc_framebuffer_update(vs, 0, 0, 2043 pixman_image_get_width(vs->vd->server), 2044 pixman_image_get_height(vs->vd->server), 2045 VNC_ENCODING_AUDIO); 2046 vnc_unlock_output(vs); 2047 vnc_flush(vs); 2048 } 2049 2050 static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings) 2051 { 2052 int i; 2053 unsigned int enc = 0; 2054 2055 vs->features = 0; 2056 vs->vnc_encoding = 0; 2057 vs->tight.compression = 9; 2058 vs->tight.quality = -1; /* Lossless by default */ 2059 vs->absolute = -1; 2060 2061 /* 2062 * Start from the end because the encodings are sent in order of preference. 2063 * This way the preferred encoding (first encoding defined in the array) 2064 * will be set at the end of the loop. 2065 */ 2066 for (i = n_encodings - 1; i >= 0; i--) { 2067 enc = encodings[i]; 2068 switch (enc) { 2069 case VNC_ENCODING_RAW: 2070 vs->vnc_encoding = enc; 2071 break; 2072 case VNC_ENCODING_COPYRECT: 2073 vs->features |= VNC_FEATURE_COPYRECT_MASK; 2074 break; 2075 case VNC_ENCODING_HEXTILE: 2076 vs->features |= VNC_FEATURE_HEXTILE_MASK; 2077 vs->vnc_encoding = enc; 2078 break; 2079 case VNC_ENCODING_TIGHT: 2080 vs->features |= VNC_FEATURE_TIGHT_MASK; 2081 vs->vnc_encoding = enc; 2082 break; 2083 #ifdef CONFIG_VNC_PNG 2084 case VNC_ENCODING_TIGHT_PNG: 2085 vs->features |= VNC_FEATURE_TIGHT_PNG_MASK; 2086 vs->vnc_encoding = enc; 2087 break; 2088 #endif 2089 case VNC_ENCODING_ZLIB: 2090 vs->features |= VNC_FEATURE_ZLIB_MASK; 2091 vs->vnc_encoding = enc; 2092 break; 2093 case VNC_ENCODING_ZRLE: 2094 vs->features |= VNC_FEATURE_ZRLE_MASK; 2095 vs->vnc_encoding = enc; 2096 break; 2097 case VNC_ENCODING_ZYWRLE: 2098 vs->features |= VNC_FEATURE_ZYWRLE_MASK; 2099 vs->vnc_encoding = enc; 2100 break; 2101 case VNC_ENCODING_DESKTOPRESIZE: 2102 vs->features |= VNC_FEATURE_RESIZE_MASK; 2103 break; 2104 case VNC_ENCODING_POINTER_TYPE_CHANGE: 2105 vs->features |= VNC_FEATURE_POINTER_TYPE_CHANGE_MASK; 2106 break; 2107 case VNC_ENCODING_RICH_CURSOR: 2108 vs->features |= VNC_FEATURE_RICH_CURSOR_MASK; 2109 if (vs->vd->cursor) { 2110 vnc_cursor_define(vs); 2111 } 2112 break; 2113 case VNC_ENCODING_EXT_KEY_EVENT: 2114 send_ext_key_event_ack(vs); 2115 break; 2116 case VNC_ENCODING_AUDIO: 2117 send_ext_audio_ack(vs); 2118 break; 2119 case VNC_ENCODING_WMVi: 2120 vs->features |= VNC_FEATURE_WMVI_MASK; 2121 break; 2122 case VNC_ENCODING_LED_STATE: 2123 vs->features |= VNC_FEATURE_LED_STATE_MASK; 2124 break; 2125 case VNC_ENCODING_COMPRESSLEVEL0 ... VNC_ENCODING_COMPRESSLEVEL0 + 9: 2126 vs->tight.compression = (enc & 0x0F); 2127 break; 2128 case VNC_ENCODING_QUALITYLEVEL0 ... VNC_ENCODING_QUALITYLEVEL0 + 9: 2129 if (vs->vd->lossy) { 2130 vs->tight.quality = (enc & 0x0F); 2131 } 2132 break; 2133 default: 2134 VNC_DEBUG("Unknown encoding: %d (0x%.8x): %d\n", i, enc, enc); 2135 break; 2136 } 2137 } 2138 vnc_desktop_resize(vs); 2139 check_pointer_type_change(&vs->mouse_mode_notifier, NULL); 2140 vnc_led_state_change(vs); 2141 } 2142 2143 static void set_pixel_conversion(VncState *vs) 2144 { 2145 pixman_format_code_t fmt = qemu_pixman_get_format(&vs->client_pf); 2146 2147 if (fmt == VNC_SERVER_FB_FORMAT) { 2148 vs->write_pixels = vnc_write_pixels_copy; 2149 vnc_hextile_set_pixel_conversion(vs, 0); 2150 } else { 2151 vs->write_pixels = vnc_write_pixels_generic; 2152 vnc_hextile_set_pixel_conversion(vs, 1); 2153 } 2154 } 2155 2156 static void send_color_map(VncState *vs) 2157 { 2158 int i; 2159 2160 vnc_write_u8(vs, VNC_MSG_SERVER_SET_COLOUR_MAP_ENTRIES); 2161 vnc_write_u8(vs, 0); /* padding */ 2162 vnc_write_u16(vs, 0); /* first color */ 2163 vnc_write_u16(vs, 256); /* # of colors */ 2164 2165 for (i = 0; i < 256; i++) { 2166 PixelFormat *pf = &vs->client_pf; 2167 2168 vnc_write_u16(vs, (((i >> pf->rshift) & pf->rmax) << (16 - pf->rbits))); 2169 vnc_write_u16(vs, (((i >> pf->gshift) & pf->gmax) << (16 - pf->gbits))); 2170 vnc_write_u16(vs, (((i >> pf->bshift) & pf->bmax) << (16 - pf->bbits))); 2171 } 2172 } 2173 2174 static void set_pixel_format(VncState *vs, int bits_per_pixel, 2175 int big_endian_flag, int true_color_flag, 2176 int red_max, int green_max, int blue_max, 2177 int red_shift, int green_shift, int blue_shift) 2178 { 2179 if (!true_color_flag) { 2180 /* Expose a reasonable default 256 color map */ 2181 bits_per_pixel = 8; 2182 red_max = 7; 2183 green_max = 7; 2184 blue_max = 3; 2185 red_shift = 0; 2186 green_shift = 3; 2187 blue_shift = 6; 2188 } 2189 2190 switch (bits_per_pixel) { 2191 case 8: 2192 case 16: 2193 case 32: 2194 break; 2195 default: 2196 vnc_client_error(vs); 2197 return; 2198 } 2199 2200 vs->client_pf.rmax = red_max ? red_max : 0xFF; 2201 vs->client_pf.rbits = ctpopl(red_max); 2202 vs->client_pf.rshift = red_shift; 2203 vs->client_pf.rmask = red_max << red_shift; 2204 vs->client_pf.gmax = green_max ? green_max : 0xFF; 2205 vs->client_pf.gbits = ctpopl(green_max); 2206 vs->client_pf.gshift = green_shift; 2207 vs->client_pf.gmask = green_max << green_shift; 2208 vs->client_pf.bmax = blue_max ? blue_max : 0xFF; 2209 vs->client_pf.bbits = ctpopl(blue_max); 2210 vs->client_pf.bshift = blue_shift; 2211 vs->client_pf.bmask = blue_max << blue_shift; 2212 vs->client_pf.bits_per_pixel = bits_per_pixel; 2213 vs->client_pf.bytes_per_pixel = bits_per_pixel / 8; 2214 vs->client_pf.depth = bits_per_pixel == 32 ? 24 : bits_per_pixel; 2215 vs->client_be = big_endian_flag; 2216 2217 if (!true_color_flag) { 2218 send_color_map(vs); 2219 } 2220 2221 set_pixel_conversion(vs); 2222 2223 graphic_hw_invalidate(vs->vd->dcl.con); 2224 graphic_hw_update(vs->vd->dcl.con); 2225 } 2226 2227 static void pixel_format_message (VncState *vs) { 2228 char pad[3] = { 0, 0, 0 }; 2229 2230 vs->client_pf = qemu_default_pixelformat(32); 2231 2232 vnc_write_u8(vs, vs->client_pf.bits_per_pixel); /* bits-per-pixel */ 2233 vnc_write_u8(vs, vs->client_pf.depth); /* depth */ 2234 2235 #ifdef HOST_WORDS_BIGENDIAN 2236 vnc_write_u8(vs, 1); /* big-endian-flag */ 2237 #else 2238 vnc_write_u8(vs, 0); /* big-endian-flag */ 2239 #endif 2240 vnc_write_u8(vs, 1); /* true-color-flag */ 2241 vnc_write_u16(vs, vs->client_pf.rmax); /* red-max */ 2242 vnc_write_u16(vs, vs->client_pf.gmax); /* green-max */ 2243 vnc_write_u16(vs, vs->client_pf.bmax); /* blue-max */ 2244 vnc_write_u8(vs, vs->client_pf.rshift); /* red-shift */ 2245 vnc_write_u8(vs, vs->client_pf.gshift); /* green-shift */ 2246 vnc_write_u8(vs, vs->client_pf.bshift); /* blue-shift */ 2247 vnc_write(vs, pad, 3); /* padding */ 2248 2249 vnc_hextile_set_pixel_conversion(vs, 0); 2250 vs->write_pixels = vnc_write_pixels_copy; 2251 } 2252 2253 static void vnc_colordepth(VncState *vs) 2254 { 2255 if (vnc_has_feature(vs, VNC_FEATURE_WMVI)) { 2256 /* Sending a WMVi message to notify the client*/ 2257 vnc_lock_output(vs); 2258 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2259 vnc_write_u8(vs, 0); 2260 vnc_write_u16(vs, 1); /* number of rects */ 2261 vnc_framebuffer_update(vs, 0, 0, 2262 pixman_image_get_width(vs->vd->server), 2263 pixman_image_get_height(vs->vd->server), 2264 VNC_ENCODING_WMVi); 2265 pixel_format_message(vs); 2266 vnc_unlock_output(vs); 2267 vnc_flush(vs); 2268 } else { 2269 set_pixel_conversion(vs); 2270 } 2271 } 2272 2273 static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len) 2274 { 2275 int i; 2276 uint16_t limit; 2277 uint32_t freq; 2278 VncDisplay *vd = vs->vd; 2279 2280 if (data[0] > 3) { 2281 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 2282 } 2283 2284 switch (data[0]) { 2285 case VNC_MSG_CLIENT_SET_PIXEL_FORMAT: 2286 if (len == 1) 2287 return 20; 2288 2289 set_pixel_format(vs, read_u8(data, 4), 2290 read_u8(data, 6), read_u8(data, 7), 2291 read_u16(data, 8), read_u16(data, 10), 2292 read_u16(data, 12), read_u8(data, 14), 2293 read_u8(data, 15), read_u8(data, 16)); 2294 break; 2295 case VNC_MSG_CLIENT_SET_ENCODINGS: 2296 if (len == 1) 2297 return 4; 2298 2299 if (len == 4) { 2300 limit = read_u16(data, 2); 2301 if (limit > 0) 2302 return 4 + (limit * 4); 2303 } else 2304 limit = read_u16(data, 2); 2305 2306 for (i = 0; i < limit; i++) { 2307 int32_t val = read_s32(data, 4 + (i * 4)); 2308 memcpy(data + 4 + (i * 4), &val, sizeof(val)); 2309 } 2310 2311 set_encodings(vs, (int32_t *)(data + 4), limit); 2312 break; 2313 case VNC_MSG_CLIENT_FRAMEBUFFER_UPDATE_REQUEST: 2314 if (len == 1) 2315 return 10; 2316 2317 framebuffer_update_request(vs, 2318 read_u8(data, 1), read_u16(data, 2), read_u16(data, 4), 2319 read_u16(data, 6), read_u16(data, 8)); 2320 break; 2321 case VNC_MSG_CLIENT_KEY_EVENT: 2322 if (len == 1) 2323 return 8; 2324 2325 key_event(vs, read_u8(data, 1), read_u32(data, 4)); 2326 break; 2327 case VNC_MSG_CLIENT_POINTER_EVENT: 2328 if (len == 1) 2329 return 6; 2330 2331 pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4)); 2332 break; 2333 case VNC_MSG_CLIENT_CUT_TEXT: 2334 if (len == 1) { 2335 return 8; 2336 } 2337 if (len == 8) { 2338 uint32_t dlen = read_u32(data, 4); 2339 if (dlen > (1 << 20)) { 2340 error_report("vnc: client_cut_text msg payload has %u bytes" 2341 " which exceeds our limit of 1MB.", dlen); 2342 vnc_client_error(vs); 2343 break; 2344 } 2345 if (dlen > 0) { 2346 return 8 + dlen; 2347 } 2348 } 2349 2350 client_cut_text(vs, read_u32(data, 4), data + 8); 2351 break; 2352 case VNC_MSG_CLIENT_QEMU: 2353 if (len == 1) 2354 return 2; 2355 2356 switch (read_u8(data, 1)) { 2357 case VNC_MSG_CLIENT_QEMU_EXT_KEY_EVENT: 2358 if (len == 2) 2359 return 12; 2360 2361 ext_key_event(vs, read_u16(data, 2), 2362 read_u32(data, 4), read_u32(data, 8)); 2363 break; 2364 case VNC_MSG_CLIENT_QEMU_AUDIO: 2365 if (len == 2) 2366 return 4; 2367 2368 switch (read_u16 (data, 2)) { 2369 case VNC_MSG_CLIENT_QEMU_AUDIO_ENABLE: 2370 audio_add(vs); 2371 break; 2372 case VNC_MSG_CLIENT_QEMU_AUDIO_DISABLE: 2373 audio_del(vs); 2374 break; 2375 case VNC_MSG_CLIENT_QEMU_AUDIO_SET_FORMAT: 2376 if (len == 4) 2377 return 10; 2378 switch (read_u8(data, 4)) { 2379 case 0: vs->as.fmt = AUDIO_FORMAT_U8; break; 2380 case 1: vs->as.fmt = AUDIO_FORMAT_S8; break; 2381 case 2: vs->as.fmt = AUDIO_FORMAT_U16; break; 2382 case 3: vs->as.fmt = AUDIO_FORMAT_S16; break; 2383 case 4: vs->as.fmt = AUDIO_FORMAT_U32; break; 2384 case 5: vs->as.fmt = AUDIO_FORMAT_S32; break; 2385 default: 2386 VNC_DEBUG("Invalid audio format %d\n", read_u8(data, 4)); 2387 vnc_client_error(vs); 2388 break; 2389 } 2390 vs->as.nchannels = read_u8(data, 5); 2391 if (vs->as.nchannels != 1 && vs->as.nchannels != 2) { 2392 VNC_DEBUG("Invalid audio channel count %d\n", 2393 read_u8(data, 5)); 2394 vnc_client_error(vs); 2395 break; 2396 } 2397 freq = read_u32(data, 6); 2398 /* No official limit for protocol, but 48khz is a sensible 2399 * upper bound for trustworthy clients, and this limit 2400 * protects calculations involving 'vs->as.freq' later. 2401 */ 2402 if (freq > 48000) { 2403 VNC_DEBUG("Invalid audio frequency %u > 48000", freq); 2404 vnc_client_error(vs); 2405 break; 2406 } 2407 vs->as.freq = freq; 2408 break; 2409 default: 2410 VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 4)); 2411 vnc_client_error(vs); 2412 break; 2413 } 2414 break; 2415 2416 default: 2417 VNC_DEBUG("Msg: %d\n", read_u16(data, 0)); 2418 vnc_client_error(vs); 2419 break; 2420 } 2421 break; 2422 default: 2423 VNC_DEBUG("Msg: %d\n", data[0]); 2424 vnc_client_error(vs); 2425 break; 2426 } 2427 2428 vnc_update_throttle_offset(vs); 2429 vnc_read_when(vs, protocol_client_msg, 1); 2430 return 0; 2431 } 2432 2433 static int protocol_client_init(VncState *vs, uint8_t *data, size_t len) 2434 { 2435 char buf[1024]; 2436 VncShareMode mode; 2437 int size; 2438 2439 mode = data[0] ? VNC_SHARE_MODE_SHARED : VNC_SHARE_MODE_EXCLUSIVE; 2440 switch (vs->vd->share_policy) { 2441 case VNC_SHARE_POLICY_IGNORE: 2442 /* 2443 * Ignore the shared flag. Nothing to do here. 2444 * 2445 * Doesn't conform to the rfb spec but is traditional qemu 2446 * behavior, thus left here as option for compatibility 2447 * reasons. 2448 */ 2449 break; 2450 case VNC_SHARE_POLICY_ALLOW_EXCLUSIVE: 2451 /* 2452 * Policy: Allow clients ask for exclusive access. 2453 * 2454 * Implementation: When a client asks for exclusive access, 2455 * disconnect all others. Shared connects are allowed as long 2456 * as no exclusive connection exists. 2457 * 2458 * This is how the rfb spec suggests to handle the shared flag. 2459 */ 2460 if (mode == VNC_SHARE_MODE_EXCLUSIVE) { 2461 VncState *client; 2462 QTAILQ_FOREACH(client, &vs->vd->clients, next) { 2463 if (vs == client) { 2464 continue; 2465 } 2466 if (client->share_mode != VNC_SHARE_MODE_EXCLUSIVE && 2467 client->share_mode != VNC_SHARE_MODE_SHARED) { 2468 continue; 2469 } 2470 vnc_disconnect_start(client); 2471 } 2472 } 2473 if (mode == VNC_SHARE_MODE_SHARED) { 2474 if (vs->vd->num_exclusive > 0) { 2475 vnc_disconnect_start(vs); 2476 return 0; 2477 } 2478 } 2479 break; 2480 case VNC_SHARE_POLICY_FORCE_SHARED: 2481 /* 2482 * Policy: Shared connects only. 2483 * Implementation: Disallow clients asking for exclusive access. 2484 * 2485 * Useful for shared desktop sessions where you don't want 2486 * someone forgetting to say -shared when running the vnc 2487 * client disconnect everybody else. 2488 */ 2489 if (mode == VNC_SHARE_MODE_EXCLUSIVE) { 2490 vnc_disconnect_start(vs); 2491 return 0; 2492 } 2493 break; 2494 } 2495 vnc_set_share_mode(vs, mode); 2496 2497 if (vs->vd->num_shared > vs->vd->connections_limit) { 2498 vnc_disconnect_start(vs); 2499 return 0; 2500 } 2501 2502 assert(pixman_image_get_width(vs->vd->server) < 65536 && 2503 pixman_image_get_width(vs->vd->server) >= 0); 2504 assert(pixman_image_get_height(vs->vd->server) < 65536 && 2505 pixman_image_get_height(vs->vd->server) >= 0); 2506 vs->client_width = pixman_image_get_width(vs->vd->server); 2507 vs->client_height = pixman_image_get_height(vs->vd->server); 2508 vnc_write_u16(vs, vs->client_width); 2509 vnc_write_u16(vs, vs->client_height); 2510 2511 pixel_format_message(vs); 2512 2513 if (qemu_name) { 2514 size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name); 2515 if (size > sizeof(buf)) { 2516 size = sizeof(buf); 2517 } 2518 } else { 2519 size = snprintf(buf, sizeof(buf), "QEMU"); 2520 } 2521 2522 vnc_write_u32(vs, size); 2523 vnc_write(vs, buf, size); 2524 vnc_flush(vs); 2525 2526 vnc_client_cache_auth(vs); 2527 vnc_qmp_event(vs, QAPI_EVENT_VNC_INITIALIZED); 2528 2529 vnc_read_when(vs, protocol_client_msg, 1); 2530 2531 return 0; 2532 } 2533 2534 void start_client_init(VncState *vs) 2535 { 2536 vnc_read_when(vs, protocol_client_init, 1); 2537 } 2538 2539 static void authentication_failed(VncState *vs) 2540 { 2541 vnc_write_u32(vs, 1); /* Reject auth */ 2542 if (vs->minor >= 8) { 2543 static const char err[] = "Authentication failed"; 2544 vnc_write_u32(vs, sizeof(err)); 2545 vnc_write(vs, err, sizeof(err)); 2546 } 2547 vnc_flush(vs); 2548 vnc_client_error(vs); 2549 } 2550 2551 static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len) 2552 { 2553 unsigned char response[VNC_AUTH_CHALLENGE_SIZE]; 2554 size_t i, pwlen; 2555 unsigned char key[8]; 2556 time_t now = time(NULL); 2557 QCryptoCipher *cipher = NULL; 2558 Error *err = NULL; 2559 2560 if (!vs->vd->password) { 2561 trace_vnc_auth_fail(vs, vs->auth, "password is not set", ""); 2562 goto reject; 2563 } 2564 if (vs->vd->expires < now) { 2565 trace_vnc_auth_fail(vs, vs->auth, "password is expired", ""); 2566 goto reject; 2567 } 2568 2569 memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE); 2570 2571 /* Calculate the expected challenge response */ 2572 pwlen = strlen(vs->vd->password); 2573 for (i=0; i<sizeof(key); i++) 2574 key[i] = i<pwlen ? vs->vd->password[i] : 0; 2575 2576 cipher = qcrypto_cipher_new( 2577 QCRYPTO_CIPHER_ALG_DES_RFB, 2578 QCRYPTO_CIPHER_MODE_ECB, 2579 key, G_N_ELEMENTS(key), 2580 &err); 2581 if (!cipher) { 2582 trace_vnc_auth_fail(vs, vs->auth, "cannot create cipher", 2583 error_get_pretty(err)); 2584 error_free(err); 2585 goto reject; 2586 } 2587 2588 if (qcrypto_cipher_encrypt(cipher, 2589 vs->challenge, 2590 response, 2591 VNC_AUTH_CHALLENGE_SIZE, 2592 &err) < 0) { 2593 trace_vnc_auth_fail(vs, vs->auth, "cannot encrypt challenge response", 2594 error_get_pretty(err)); 2595 error_free(err); 2596 goto reject; 2597 } 2598 2599 /* Compare expected vs actual challenge response */ 2600 if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) { 2601 trace_vnc_auth_fail(vs, vs->auth, "mis-matched challenge response", ""); 2602 goto reject; 2603 } else { 2604 trace_vnc_auth_pass(vs, vs->auth); 2605 vnc_write_u32(vs, 0); /* Accept auth */ 2606 vnc_flush(vs); 2607 2608 start_client_init(vs); 2609 } 2610 2611 qcrypto_cipher_free(cipher); 2612 return 0; 2613 2614 reject: 2615 authentication_failed(vs); 2616 qcrypto_cipher_free(cipher); 2617 return 0; 2618 } 2619 2620 void start_auth_vnc(VncState *vs) 2621 { 2622 Error *err = NULL; 2623 2624 if (qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), &err)) { 2625 trace_vnc_auth_fail(vs, vs->auth, "cannot get random bytes", 2626 error_get_pretty(err)); 2627 error_free(err); 2628 authentication_failed(vs); 2629 return; 2630 } 2631 2632 /* Send client a 'random' challenge */ 2633 vnc_write(vs, vs->challenge, sizeof(vs->challenge)); 2634 vnc_flush(vs); 2635 2636 vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge)); 2637 } 2638 2639 2640 static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len) 2641 { 2642 /* We only advertise 1 auth scheme at a time, so client 2643 * must pick the one we sent. Verify this */ 2644 if (data[0] != vs->auth) { /* Reject auth */ 2645 trace_vnc_auth_reject(vs, vs->auth, (int)data[0]); 2646 authentication_failed(vs); 2647 } else { /* Accept requested auth */ 2648 trace_vnc_auth_start(vs, vs->auth); 2649 switch (vs->auth) { 2650 case VNC_AUTH_NONE: 2651 if (vs->minor >= 8) { 2652 vnc_write_u32(vs, 0); /* Accept auth completion */ 2653 vnc_flush(vs); 2654 } 2655 trace_vnc_auth_pass(vs, vs->auth); 2656 start_client_init(vs); 2657 break; 2658 2659 case VNC_AUTH_VNC: 2660 start_auth_vnc(vs); 2661 break; 2662 2663 case VNC_AUTH_VENCRYPT: 2664 start_auth_vencrypt(vs); 2665 break; 2666 2667 #ifdef CONFIG_VNC_SASL 2668 case VNC_AUTH_SASL: 2669 start_auth_sasl(vs); 2670 break; 2671 #endif /* CONFIG_VNC_SASL */ 2672 2673 default: /* Should not be possible, but just in case */ 2674 trace_vnc_auth_fail(vs, vs->auth, "Unhandled auth method", ""); 2675 authentication_failed(vs); 2676 } 2677 } 2678 return 0; 2679 } 2680 2681 static int protocol_version(VncState *vs, uint8_t *version, size_t len) 2682 { 2683 char local[13]; 2684 2685 memcpy(local, version, 12); 2686 local[12] = 0; 2687 2688 if (sscanf(local, "RFB %03d.%03d\n", &vs->major, &vs->minor) != 2) { 2689 VNC_DEBUG("Malformed protocol version %s\n", local); 2690 vnc_client_error(vs); 2691 return 0; 2692 } 2693 VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, vs->minor); 2694 if (vs->major != 3 || 2695 (vs->minor != 3 && 2696 vs->minor != 4 && 2697 vs->minor != 5 && 2698 vs->minor != 7 && 2699 vs->minor != 8)) { 2700 VNC_DEBUG("Unsupported client version\n"); 2701 vnc_write_u32(vs, VNC_AUTH_INVALID); 2702 vnc_flush(vs); 2703 vnc_client_error(vs); 2704 return 0; 2705 } 2706 /* Some broken clients report v3.4 or v3.5, which spec requires to be treated 2707 * as equivalent to v3.3 by servers 2708 */ 2709 if (vs->minor == 4 || vs->minor == 5) 2710 vs->minor = 3; 2711 2712 if (vs->minor == 3) { 2713 trace_vnc_auth_start(vs, vs->auth); 2714 if (vs->auth == VNC_AUTH_NONE) { 2715 vnc_write_u32(vs, vs->auth); 2716 vnc_flush(vs); 2717 trace_vnc_auth_pass(vs, vs->auth); 2718 start_client_init(vs); 2719 } else if (vs->auth == VNC_AUTH_VNC) { 2720 VNC_DEBUG("Tell client VNC auth\n"); 2721 vnc_write_u32(vs, vs->auth); 2722 vnc_flush(vs); 2723 start_auth_vnc(vs); 2724 } else { 2725 trace_vnc_auth_fail(vs, vs->auth, 2726 "Unsupported auth method for v3.3", ""); 2727 vnc_write_u32(vs, VNC_AUTH_INVALID); 2728 vnc_flush(vs); 2729 vnc_client_error(vs); 2730 } 2731 } else { 2732 vnc_write_u8(vs, 1); /* num auth */ 2733 vnc_write_u8(vs, vs->auth); 2734 vnc_read_when(vs, protocol_client_auth, 1); 2735 vnc_flush(vs); 2736 } 2737 2738 return 0; 2739 } 2740 2741 static VncRectStat *vnc_stat_rect(VncDisplay *vd, int x, int y) 2742 { 2743 struct VncSurface *vs = &vd->guest; 2744 2745 return &vs->stats[y / VNC_STAT_RECT][x / VNC_STAT_RECT]; 2746 } 2747 2748 void vnc_sent_lossy_rect(VncState *vs, int x, int y, int w, int h) 2749 { 2750 int i, j; 2751 2752 w = (x + w) / VNC_STAT_RECT; 2753 h = (y + h) / VNC_STAT_RECT; 2754 x /= VNC_STAT_RECT; 2755 y /= VNC_STAT_RECT; 2756 2757 for (j = y; j <= h; j++) { 2758 for (i = x; i <= w; i++) { 2759 vs->lossy_rect[j][i] = 1; 2760 } 2761 } 2762 } 2763 2764 static int vnc_refresh_lossy_rect(VncDisplay *vd, int x, int y) 2765 { 2766 VncState *vs; 2767 int sty = y / VNC_STAT_RECT; 2768 int stx = x / VNC_STAT_RECT; 2769 int has_dirty = 0; 2770 2771 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT); 2772 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT); 2773 2774 QTAILQ_FOREACH(vs, &vd->clients, next) { 2775 int j; 2776 2777 /* kernel send buffers are full -> refresh later */ 2778 if (vs->output.offset) { 2779 continue; 2780 } 2781 2782 if (!vs->lossy_rect[sty][stx]) { 2783 continue; 2784 } 2785 2786 vs->lossy_rect[sty][stx] = 0; 2787 for (j = 0; j < VNC_STAT_RECT; ++j) { 2788 bitmap_set(vs->dirty[y + j], 2789 x / VNC_DIRTY_PIXELS_PER_BIT, 2790 VNC_STAT_RECT / VNC_DIRTY_PIXELS_PER_BIT); 2791 } 2792 has_dirty++; 2793 } 2794 2795 return has_dirty; 2796 } 2797 2798 static int vnc_update_stats(VncDisplay *vd, struct timeval * tv) 2799 { 2800 int width = MIN(pixman_image_get_width(vd->guest.fb), 2801 pixman_image_get_width(vd->server)); 2802 int height = MIN(pixman_image_get_height(vd->guest.fb), 2803 pixman_image_get_height(vd->server)); 2804 int x, y; 2805 struct timeval res; 2806 int has_dirty = 0; 2807 2808 for (y = 0; y < height; y += VNC_STAT_RECT) { 2809 for (x = 0; x < width; x += VNC_STAT_RECT) { 2810 VncRectStat *rect = vnc_stat_rect(vd, x, y); 2811 2812 rect->updated = false; 2813 } 2814 } 2815 2816 qemu_timersub(tv, &VNC_REFRESH_STATS, &res); 2817 2818 if (timercmp(&vd->guest.last_freq_check, &res, >)) { 2819 return has_dirty; 2820 } 2821 vd->guest.last_freq_check = *tv; 2822 2823 for (y = 0; y < height; y += VNC_STAT_RECT) { 2824 for (x = 0; x < width; x += VNC_STAT_RECT) { 2825 VncRectStat *rect= vnc_stat_rect(vd, x, y); 2826 int count = ARRAY_SIZE(rect->times); 2827 struct timeval min, max; 2828 2829 if (!timerisset(&rect->times[count - 1])) { 2830 continue ; 2831 } 2832 2833 max = rect->times[(rect->idx + count - 1) % count]; 2834 qemu_timersub(tv, &max, &res); 2835 2836 if (timercmp(&res, &VNC_REFRESH_LOSSY, >)) { 2837 rect->freq = 0; 2838 has_dirty += vnc_refresh_lossy_rect(vd, x, y); 2839 memset(rect->times, 0, sizeof (rect->times)); 2840 continue ; 2841 } 2842 2843 min = rect->times[rect->idx]; 2844 max = rect->times[(rect->idx + count - 1) % count]; 2845 qemu_timersub(&max, &min, &res); 2846 2847 rect->freq = res.tv_sec + res.tv_usec / 1000000.; 2848 rect->freq /= count; 2849 rect->freq = 1. / rect->freq; 2850 } 2851 } 2852 return has_dirty; 2853 } 2854 2855 double vnc_update_freq(VncState *vs, int x, int y, int w, int h) 2856 { 2857 int i, j; 2858 double total = 0; 2859 int num = 0; 2860 2861 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT); 2862 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT); 2863 2864 for (j = y; j <= y + h; j += VNC_STAT_RECT) { 2865 for (i = x; i <= x + w; i += VNC_STAT_RECT) { 2866 total += vnc_stat_rect(vs->vd, i, j)->freq; 2867 num++; 2868 } 2869 } 2870 2871 if (num) { 2872 return total / num; 2873 } else { 2874 return 0; 2875 } 2876 } 2877 2878 static void vnc_rect_updated(VncDisplay *vd, int x, int y, struct timeval * tv) 2879 { 2880 VncRectStat *rect; 2881 2882 rect = vnc_stat_rect(vd, x, y); 2883 if (rect->updated) { 2884 return ; 2885 } 2886 rect->times[rect->idx] = *tv; 2887 rect->idx = (rect->idx + 1) % ARRAY_SIZE(rect->times); 2888 rect->updated = true; 2889 } 2890 2891 static int vnc_refresh_server_surface(VncDisplay *vd) 2892 { 2893 int width = MIN(pixman_image_get_width(vd->guest.fb), 2894 pixman_image_get_width(vd->server)); 2895 int height = MIN(pixman_image_get_height(vd->guest.fb), 2896 pixman_image_get_height(vd->server)); 2897 int cmp_bytes, server_stride, line_bytes, guest_ll, guest_stride, y = 0; 2898 uint8_t *guest_row0 = NULL, *server_row0; 2899 VncState *vs; 2900 int has_dirty = 0; 2901 pixman_image_t *tmpbuf = NULL; 2902 2903 struct timeval tv = { 0, 0 }; 2904 2905 if (!vd->non_adaptive) { 2906 gettimeofday(&tv, NULL); 2907 has_dirty = vnc_update_stats(vd, &tv); 2908 } 2909 2910 /* 2911 * Walk through the guest dirty map. 2912 * Check and copy modified bits from guest to server surface. 2913 * Update server dirty map. 2914 */ 2915 server_row0 = (uint8_t *)pixman_image_get_data(vd->server); 2916 server_stride = guest_stride = guest_ll = 2917 pixman_image_get_stride(vd->server); 2918 cmp_bytes = MIN(VNC_DIRTY_PIXELS_PER_BIT * VNC_SERVER_FB_BYTES, 2919 server_stride); 2920 if (vd->guest.format != VNC_SERVER_FB_FORMAT) { 2921 int width = pixman_image_get_width(vd->server); 2922 tmpbuf = qemu_pixman_linebuf_create(VNC_SERVER_FB_FORMAT, width); 2923 } else { 2924 int guest_bpp = 2925 PIXMAN_FORMAT_BPP(pixman_image_get_format(vd->guest.fb)); 2926 guest_row0 = (uint8_t *)pixman_image_get_data(vd->guest.fb); 2927 guest_stride = pixman_image_get_stride(vd->guest.fb); 2928 guest_ll = pixman_image_get_width(vd->guest.fb) 2929 * DIV_ROUND_UP(guest_bpp, 8); 2930 } 2931 line_bytes = MIN(server_stride, guest_ll); 2932 2933 for (;;) { 2934 int x; 2935 uint8_t *guest_ptr, *server_ptr; 2936 unsigned long offset = find_next_bit((unsigned long *) &vd->guest.dirty, 2937 height * VNC_DIRTY_BPL(&vd->guest), 2938 y * VNC_DIRTY_BPL(&vd->guest)); 2939 if (offset == height * VNC_DIRTY_BPL(&vd->guest)) { 2940 /* no more dirty bits */ 2941 break; 2942 } 2943 y = offset / VNC_DIRTY_BPL(&vd->guest); 2944 x = offset % VNC_DIRTY_BPL(&vd->guest); 2945 2946 server_ptr = server_row0 + y * server_stride + x * cmp_bytes; 2947 2948 if (vd->guest.format != VNC_SERVER_FB_FORMAT) { 2949 qemu_pixman_linebuf_fill(tmpbuf, vd->guest.fb, width, 0, y); 2950 guest_ptr = (uint8_t *)pixman_image_get_data(tmpbuf); 2951 } else { 2952 guest_ptr = guest_row0 + y * guest_stride; 2953 } 2954 guest_ptr += x * cmp_bytes; 2955 2956 for (; x < DIV_ROUND_UP(width, VNC_DIRTY_PIXELS_PER_BIT); 2957 x++, guest_ptr += cmp_bytes, server_ptr += cmp_bytes) { 2958 int _cmp_bytes = cmp_bytes; 2959 if (!test_and_clear_bit(x, vd->guest.dirty[y])) { 2960 continue; 2961 } 2962 if ((x + 1) * cmp_bytes > line_bytes) { 2963 _cmp_bytes = line_bytes - x * cmp_bytes; 2964 } 2965 assert(_cmp_bytes >= 0); 2966 if (memcmp(server_ptr, guest_ptr, _cmp_bytes) == 0) { 2967 continue; 2968 } 2969 memcpy(server_ptr, guest_ptr, _cmp_bytes); 2970 if (!vd->non_adaptive) { 2971 vnc_rect_updated(vd, x * VNC_DIRTY_PIXELS_PER_BIT, 2972 y, &tv); 2973 } 2974 QTAILQ_FOREACH(vs, &vd->clients, next) { 2975 set_bit(x, vs->dirty[y]); 2976 } 2977 has_dirty++; 2978 } 2979 2980 y++; 2981 } 2982 qemu_pixman_image_unref(tmpbuf); 2983 return has_dirty; 2984 } 2985 2986 static void vnc_refresh(DisplayChangeListener *dcl) 2987 { 2988 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 2989 VncState *vs, *vn; 2990 int has_dirty, rects = 0; 2991 2992 if (QTAILQ_EMPTY(&vd->clients)) { 2993 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_MAX); 2994 return; 2995 } 2996 2997 graphic_hw_update(vd->dcl.con); 2998 2999 if (vnc_trylock_display(vd)) { 3000 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 3001 return; 3002 } 3003 3004 has_dirty = vnc_refresh_server_surface(vd); 3005 vnc_unlock_display(vd); 3006 3007 QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) { 3008 rects += vnc_update_client(vs, has_dirty); 3009 /* vs might be free()ed here */ 3010 } 3011 3012 if (has_dirty && rects) { 3013 vd->dcl.update_interval /= 2; 3014 if (vd->dcl.update_interval < VNC_REFRESH_INTERVAL_BASE) { 3015 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_BASE; 3016 } 3017 } else { 3018 vd->dcl.update_interval += VNC_REFRESH_INTERVAL_INC; 3019 if (vd->dcl.update_interval > VNC_REFRESH_INTERVAL_MAX) { 3020 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_MAX; 3021 } 3022 } 3023 } 3024 3025 static void vnc_connect(VncDisplay *vd, QIOChannelSocket *sioc, 3026 bool skipauth, bool websocket) 3027 { 3028 VncState *vs = g_new0(VncState, 1); 3029 bool first_client = QTAILQ_EMPTY(&vd->clients); 3030 int i; 3031 3032 trace_vnc_client_connect(vs, sioc); 3033 vs->magic = VNC_MAGIC; 3034 vs->sioc = sioc; 3035 object_ref(OBJECT(vs->sioc)); 3036 vs->ioc = QIO_CHANNEL(sioc); 3037 object_ref(OBJECT(vs->ioc)); 3038 vs->vd = vd; 3039 3040 buffer_init(&vs->input, "vnc-input/%p", sioc); 3041 buffer_init(&vs->output, "vnc-output/%p", sioc); 3042 buffer_init(&vs->jobs_buffer, "vnc-jobs_buffer/%p", sioc); 3043 3044 buffer_init(&vs->tight.tight, "vnc-tight/%p", sioc); 3045 buffer_init(&vs->tight.zlib, "vnc-tight-zlib/%p", sioc); 3046 buffer_init(&vs->tight.gradient, "vnc-tight-gradient/%p", sioc); 3047 #ifdef CONFIG_VNC_JPEG 3048 buffer_init(&vs->tight.jpeg, "vnc-tight-jpeg/%p", sioc); 3049 #endif 3050 #ifdef CONFIG_VNC_PNG 3051 buffer_init(&vs->tight.png, "vnc-tight-png/%p", sioc); 3052 #endif 3053 buffer_init(&vs->zlib.zlib, "vnc-zlib/%p", sioc); 3054 buffer_init(&vs->zrle.zrle, "vnc-zrle/%p", sioc); 3055 buffer_init(&vs->zrle.fb, "vnc-zrle-fb/%p", sioc); 3056 buffer_init(&vs->zrle.zlib, "vnc-zrle-zlib/%p", sioc); 3057 3058 if (skipauth) { 3059 vs->auth = VNC_AUTH_NONE; 3060 vs->subauth = VNC_AUTH_INVALID; 3061 } else { 3062 if (websocket) { 3063 vs->auth = vd->ws_auth; 3064 vs->subauth = VNC_AUTH_INVALID; 3065 } else { 3066 vs->auth = vd->auth; 3067 vs->subauth = vd->subauth; 3068 } 3069 } 3070 VNC_DEBUG("Client sioc=%p ws=%d auth=%d subauth=%d\n", 3071 sioc, websocket, vs->auth, vs->subauth); 3072 3073 vs->lossy_rect = g_malloc0(VNC_STAT_ROWS * sizeof (*vs->lossy_rect)); 3074 for (i = 0; i < VNC_STAT_ROWS; ++i) { 3075 vs->lossy_rect[i] = g_new0(uint8_t, VNC_STAT_COLS); 3076 } 3077 3078 VNC_DEBUG("New client on socket %p\n", vs->sioc); 3079 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 3080 qio_channel_set_blocking(vs->ioc, false, NULL); 3081 if (vs->ioc_tag) { 3082 g_source_remove(vs->ioc_tag); 3083 } 3084 if (websocket) { 3085 vs->websocket = 1; 3086 if (vd->tlscreds) { 3087 vs->ioc_tag = qio_channel_add_watch( 3088 vs->ioc, G_IO_IN, vncws_tls_handshake_io, vs, NULL); 3089 } else { 3090 vs->ioc_tag = qio_channel_add_watch( 3091 vs->ioc, G_IO_IN, vncws_handshake_io, vs, NULL); 3092 } 3093 } else { 3094 vs->ioc_tag = qio_channel_add_watch( 3095 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 3096 } 3097 3098 vnc_client_cache_addr(vs); 3099 vnc_qmp_event(vs, QAPI_EVENT_VNC_CONNECTED); 3100 vnc_set_share_mode(vs, VNC_SHARE_MODE_CONNECTING); 3101 3102 vs->last_x = -1; 3103 vs->last_y = -1; 3104 3105 vs->as.freq = 44100; 3106 vs->as.nchannels = 2; 3107 vs->as.fmt = AUDIO_FORMAT_S16; 3108 vs->as.endianness = 0; 3109 3110 qemu_mutex_init(&vs->output_mutex); 3111 vs->bh = qemu_bh_new(vnc_jobs_bh, vs); 3112 3113 QTAILQ_INSERT_TAIL(&vd->clients, vs, next); 3114 if (first_client) { 3115 vnc_update_server_surface(vd); 3116 } 3117 3118 graphic_hw_update(vd->dcl.con); 3119 3120 if (!vs->websocket) { 3121 vnc_start_protocol(vs); 3122 } 3123 3124 if (vd->num_connecting > vd->connections_limit) { 3125 QTAILQ_FOREACH(vs, &vd->clients, next) { 3126 if (vs->share_mode == VNC_SHARE_MODE_CONNECTING) { 3127 vnc_disconnect_start(vs); 3128 return; 3129 } 3130 } 3131 } 3132 } 3133 3134 void vnc_start_protocol(VncState *vs) 3135 { 3136 vnc_write(vs, "RFB 003.008\n", 12); 3137 vnc_flush(vs); 3138 vnc_read_when(vs, protocol_version, 12); 3139 3140 vs->mouse_mode_notifier.notify = check_pointer_type_change; 3141 qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier); 3142 } 3143 3144 static void vnc_listen_io(QIONetListener *listener, 3145 QIOChannelSocket *cioc, 3146 void *opaque) 3147 { 3148 VncDisplay *vd = opaque; 3149 bool isWebsock = listener == vd->wslistener; 3150 3151 qio_channel_set_name(QIO_CHANNEL(cioc), 3152 isWebsock ? "vnc-ws-server" : "vnc-server"); 3153 qio_channel_set_delay(QIO_CHANNEL(cioc), false); 3154 vnc_connect(vd, cioc, false, isWebsock); 3155 } 3156 3157 static const DisplayChangeListenerOps dcl_ops = { 3158 .dpy_name = "vnc", 3159 .dpy_refresh = vnc_refresh, 3160 .dpy_gfx_update = vnc_dpy_update, 3161 .dpy_gfx_switch = vnc_dpy_switch, 3162 .dpy_gfx_check_format = qemu_pixman_check_format, 3163 .dpy_mouse_set = vnc_mouse_set, 3164 .dpy_cursor_define = vnc_dpy_cursor_define, 3165 }; 3166 3167 void vnc_display_init(const char *id, Error **errp) 3168 { 3169 VncDisplay *vd; 3170 3171 if (vnc_display_find(id) != NULL) { 3172 return; 3173 } 3174 vd = g_malloc0(sizeof(*vd)); 3175 3176 vd->id = strdup(id); 3177 QTAILQ_INSERT_TAIL(&vnc_displays, vd, next); 3178 3179 QTAILQ_INIT(&vd->clients); 3180 vd->expires = TIME_MAX; 3181 3182 if (keyboard_layout) { 3183 trace_vnc_key_map_init(keyboard_layout); 3184 vd->kbd_layout = init_keyboard_layout(name2keysym, 3185 keyboard_layout, errp); 3186 } else { 3187 vd->kbd_layout = init_keyboard_layout(name2keysym, "en-us", errp); 3188 } 3189 3190 if (!vd->kbd_layout) { 3191 return; 3192 } 3193 3194 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 3195 vd->connections_limit = 32; 3196 3197 qemu_mutex_init(&vd->mutex); 3198 vnc_start_worker_thread(); 3199 3200 vd->dcl.ops = &dcl_ops; 3201 register_displaychangelistener(&vd->dcl); 3202 vd->kbd = qkbd_state_init(vd->dcl.con); 3203 } 3204 3205 3206 static void vnc_display_close(VncDisplay *vd) 3207 { 3208 if (!vd) { 3209 return; 3210 } 3211 vd->is_unix = false; 3212 3213 if (vd->listener) { 3214 qio_net_listener_disconnect(vd->listener); 3215 object_unref(OBJECT(vd->listener)); 3216 } 3217 vd->listener = NULL; 3218 3219 if (vd->wslistener) { 3220 qio_net_listener_disconnect(vd->wslistener); 3221 object_unref(OBJECT(vd->wslistener)); 3222 } 3223 vd->wslistener = NULL; 3224 3225 vd->auth = VNC_AUTH_INVALID; 3226 vd->subauth = VNC_AUTH_INVALID; 3227 if (vd->tlscreds) { 3228 object_unparent(OBJECT(vd->tlscreds)); 3229 vd->tlscreds = NULL; 3230 } 3231 if (vd->tlsauthz) { 3232 object_unparent(OBJECT(vd->tlsauthz)); 3233 vd->tlsauthz = NULL; 3234 } 3235 g_free(vd->tlsauthzid); 3236 vd->tlsauthzid = NULL; 3237 if (vd->lock_key_sync) { 3238 qemu_remove_led_event_handler(vd->led); 3239 vd->led = NULL; 3240 } 3241 #ifdef CONFIG_VNC_SASL 3242 if (vd->sasl.authz) { 3243 object_unparent(OBJECT(vd->sasl.authz)); 3244 vd->sasl.authz = NULL; 3245 } 3246 g_free(vd->sasl.authzid); 3247 vd->sasl.authzid = NULL; 3248 #endif 3249 } 3250 3251 int vnc_display_password(const char *id, const char *password) 3252 { 3253 VncDisplay *vd = vnc_display_find(id); 3254 3255 if (!vd) { 3256 return -EINVAL; 3257 } 3258 if (vd->auth == VNC_AUTH_NONE) { 3259 error_printf_unless_qmp("If you want use passwords please enable " 3260 "password auth using '-vnc ${dpy},password'.\n"); 3261 return -EINVAL; 3262 } 3263 3264 g_free(vd->password); 3265 vd->password = g_strdup(password); 3266 3267 return 0; 3268 } 3269 3270 int vnc_display_pw_expire(const char *id, time_t expires) 3271 { 3272 VncDisplay *vd = vnc_display_find(id); 3273 3274 if (!vd) { 3275 return -EINVAL; 3276 } 3277 3278 vd->expires = expires; 3279 return 0; 3280 } 3281 3282 static void vnc_display_print_local_addr(VncDisplay *vd) 3283 { 3284 SocketAddress *addr; 3285 Error *err = NULL; 3286 3287 if (!vd->listener || !vd->listener->nsioc) { 3288 return; 3289 } 3290 3291 addr = qio_channel_socket_get_local_address(vd->listener->sioc[0], &err); 3292 if (!addr) { 3293 return; 3294 } 3295 3296 if (addr->type != SOCKET_ADDRESS_TYPE_INET) { 3297 qapi_free_SocketAddress(addr); 3298 return; 3299 } 3300 error_printf_unless_qmp("VNC server running on %s:%s\n", 3301 addr->u.inet.host, 3302 addr->u.inet.port); 3303 qapi_free_SocketAddress(addr); 3304 } 3305 3306 static QemuOptsList qemu_vnc_opts = { 3307 .name = "vnc", 3308 .head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head), 3309 .implied_opt_name = "vnc", 3310 .desc = { 3311 { 3312 .name = "vnc", 3313 .type = QEMU_OPT_STRING, 3314 },{ 3315 .name = "websocket", 3316 .type = QEMU_OPT_STRING, 3317 },{ 3318 .name = "tls-creds", 3319 .type = QEMU_OPT_STRING, 3320 },{ 3321 .name = "share", 3322 .type = QEMU_OPT_STRING, 3323 },{ 3324 .name = "display", 3325 .type = QEMU_OPT_STRING, 3326 },{ 3327 .name = "head", 3328 .type = QEMU_OPT_NUMBER, 3329 },{ 3330 .name = "connections", 3331 .type = QEMU_OPT_NUMBER, 3332 },{ 3333 .name = "to", 3334 .type = QEMU_OPT_NUMBER, 3335 },{ 3336 .name = "ipv4", 3337 .type = QEMU_OPT_BOOL, 3338 },{ 3339 .name = "ipv6", 3340 .type = QEMU_OPT_BOOL, 3341 },{ 3342 .name = "password", 3343 .type = QEMU_OPT_BOOL, 3344 },{ 3345 .name = "reverse", 3346 .type = QEMU_OPT_BOOL, 3347 },{ 3348 .name = "lock-key-sync", 3349 .type = QEMU_OPT_BOOL, 3350 },{ 3351 .name = "key-delay-ms", 3352 .type = QEMU_OPT_NUMBER, 3353 },{ 3354 .name = "sasl", 3355 .type = QEMU_OPT_BOOL, 3356 },{ 3357 .name = "acl", 3358 .type = QEMU_OPT_BOOL, 3359 },{ 3360 .name = "tls-authz", 3361 .type = QEMU_OPT_STRING, 3362 },{ 3363 .name = "sasl-authz", 3364 .type = QEMU_OPT_STRING, 3365 },{ 3366 .name = "lossy", 3367 .type = QEMU_OPT_BOOL, 3368 },{ 3369 .name = "non-adaptive", 3370 .type = QEMU_OPT_BOOL, 3371 }, 3372 { /* end of list */ } 3373 }, 3374 }; 3375 3376 3377 static int 3378 vnc_display_setup_auth(int *auth, 3379 int *subauth, 3380 QCryptoTLSCreds *tlscreds, 3381 bool password, 3382 bool sasl, 3383 bool websocket, 3384 Error **errp) 3385 { 3386 /* 3387 * We have a choice of 3 authentication options 3388 * 3389 * 1. none 3390 * 2. vnc 3391 * 3. sasl 3392 * 3393 * The channel can be run in 2 modes 3394 * 3395 * 1. clear 3396 * 2. tls 3397 * 3398 * And TLS can use 2 types of credentials 3399 * 3400 * 1. anon 3401 * 2. x509 3402 * 3403 * We thus have 9 possible logical combinations 3404 * 3405 * 1. clear + none 3406 * 2. clear + vnc 3407 * 3. clear + sasl 3408 * 4. tls + anon + none 3409 * 5. tls + anon + vnc 3410 * 6. tls + anon + sasl 3411 * 7. tls + x509 + none 3412 * 8. tls + x509 + vnc 3413 * 9. tls + x509 + sasl 3414 * 3415 * These need to be mapped into the VNC auth schemes 3416 * in an appropriate manner. In regular VNC, all the 3417 * TLS options get mapped into VNC_AUTH_VENCRYPT 3418 * sub-auth types. 3419 * 3420 * In websockets, the https:// protocol already provides 3421 * TLS support, so there is no need to make use of the 3422 * VeNCrypt extension. Furthermore, websockets browser 3423 * clients could not use VeNCrypt even if they wanted to, 3424 * as they cannot control when the TLS handshake takes 3425 * place. Thus there is no option but to rely on https://, 3426 * meaning combinations 4->6 and 7->9 will be mapped to 3427 * VNC auth schemes in the same way as combos 1->3. 3428 * 3429 * Regardless of fact that we have a different mapping to 3430 * VNC auth mechs for plain VNC vs websockets VNC, the end 3431 * result has the same security characteristics. 3432 */ 3433 if (websocket || !tlscreds) { 3434 if (password) { 3435 VNC_DEBUG("Initializing VNC server with password auth\n"); 3436 *auth = VNC_AUTH_VNC; 3437 } else if (sasl) { 3438 VNC_DEBUG("Initializing VNC server with SASL auth\n"); 3439 *auth = VNC_AUTH_SASL; 3440 } else { 3441 VNC_DEBUG("Initializing VNC server with no auth\n"); 3442 *auth = VNC_AUTH_NONE; 3443 } 3444 *subauth = VNC_AUTH_INVALID; 3445 } else { 3446 bool is_x509 = object_dynamic_cast(OBJECT(tlscreds), 3447 TYPE_QCRYPTO_TLS_CREDS_X509) != NULL; 3448 bool is_anon = object_dynamic_cast(OBJECT(tlscreds), 3449 TYPE_QCRYPTO_TLS_CREDS_ANON) != NULL; 3450 3451 if (!is_x509 && !is_anon) { 3452 error_setg(errp, 3453 "Unsupported TLS cred type %s", 3454 object_get_typename(OBJECT(tlscreds))); 3455 return -1; 3456 } 3457 *auth = VNC_AUTH_VENCRYPT; 3458 if (password) { 3459 if (is_x509) { 3460 VNC_DEBUG("Initializing VNC server with x509 password auth\n"); 3461 *subauth = VNC_AUTH_VENCRYPT_X509VNC; 3462 } else { 3463 VNC_DEBUG("Initializing VNC server with TLS password auth\n"); 3464 *subauth = VNC_AUTH_VENCRYPT_TLSVNC; 3465 } 3466 3467 } else if (sasl) { 3468 if (is_x509) { 3469 VNC_DEBUG("Initializing VNC server with x509 SASL auth\n"); 3470 *subauth = VNC_AUTH_VENCRYPT_X509SASL; 3471 } else { 3472 VNC_DEBUG("Initializing VNC server with TLS SASL auth\n"); 3473 *subauth = VNC_AUTH_VENCRYPT_TLSSASL; 3474 } 3475 } else { 3476 if (is_x509) { 3477 VNC_DEBUG("Initializing VNC server with x509 no auth\n"); 3478 *subauth = VNC_AUTH_VENCRYPT_X509NONE; 3479 } else { 3480 VNC_DEBUG("Initializing VNC server with TLS no auth\n"); 3481 *subauth = VNC_AUTH_VENCRYPT_TLSNONE; 3482 } 3483 } 3484 } 3485 return 0; 3486 } 3487 3488 3489 static int vnc_display_get_address(const char *addrstr, 3490 bool websocket, 3491 bool reverse, 3492 int displaynum, 3493 int to, 3494 bool has_ipv4, 3495 bool has_ipv6, 3496 bool ipv4, 3497 bool ipv6, 3498 SocketAddress **retaddr, 3499 Error **errp) 3500 { 3501 int ret = -1; 3502 SocketAddress *addr = NULL; 3503 3504 addr = g_new0(SocketAddress, 1); 3505 3506 if (strncmp(addrstr, "unix:", 5) == 0) { 3507 addr->type = SOCKET_ADDRESS_TYPE_UNIX; 3508 addr->u.q_unix.path = g_strdup(addrstr + 5); 3509 3510 if (websocket) { 3511 error_setg(errp, "UNIX sockets not supported with websock"); 3512 goto cleanup; 3513 } 3514 3515 if (to) { 3516 error_setg(errp, "Port range not support with UNIX socket"); 3517 goto cleanup; 3518 } 3519 ret = 0; 3520 } else { 3521 const char *port; 3522 size_t hostlen; 3523 unsigned long long baseport = 0; 3524 InetSocketAddress *inet; 3525 3526 port = strrchr(addrstr, ':'); 3527 if (!port) { 3528 if (websocket) { 3529 hostlen = 0; 3530 port = addrstr; 3531 } else { 3532 error_setg(errp, "no vnc port specified"); 3533 goto cleanup; 3534 } 3535 } else { 3536 hostlen = port - addrstr; 3537 port++; 3538 if (*port == '\0') { 3539 error_setg(errp, "vnc port cannot be empty"); 3540 goto cleanup; 3541 } 3542 } 3543 3544 addr->type = SOCKET_ADDRESS_TYPE_INET; 3545 inet = &addr->u.inet; 3546 if (addrstr[0] == '[' && addrstr[hostlen - 1] == ']') { 3547 inet->host = g_strndup(addrstr + 1, hostlen - 2); 3548 } else { 3549 inet->host = g_strndup(addrstr, hostlen); 3550 } 3551 /* plain VNC port is just an offset, for websocket 3552 * port is absolute */ 3553 if (websocket) { 3554 if (g_str_equal(addrstr, "") || 3555 g_str_equal(addrstr, "on")) { 3556 if (displaynum == -1) { 3557 error_setg(errp, "explicit websocket port is required"); 3558 goto cleanup; 3559 } 3560 inet->port = g_strdup_printf( 3561 "%d", displaynum + 5700); 3562 if (to) { 3563 inet->has_to = true; 3564 inet->to = to + 5700; 3565 } 3566 } else { 3567 inet->port = g_strdup(port); 3568 } 3569 } else { 3570 int offset = reverse ? 0 : 5900; 3571 if (parse_uint_full(port, &baseport, 10) < 0) { 3572 error_setg(errp, "can't convert to a number: %s", port); 3573 goto cleanup; 3574 } 3575 if (baseport > 65535 || 3576 baseport + offset > 65535) { 3577 error_setg(errp, "port %s out of range", port); 3578 goto cleanup; 3579 } 3580 inet->port = g_strdup_printf( 3581 "%d", (int)baseport + offset); 3582 3583 if (to) { 3584 inet->has_to = true; 3585 inet->to = to + offset; 3586 } 3587 } 3588 3589 inet->ipv4 = ipv4; 3590 inet->has_ipv4 = has_ipv4; 3591 inet->ipv6 = ipv6; 3592 inet->has_ipv6 = has_ipv6; 3593 3594 ret = baseport; 3595 } 3596 3597 *retaddr = addr; 3598 3599 cleanup: 3600 if (ret < 0) { 3601 qapi_free_SocketAddress(addr); 3602 } 3603 return ret; 3604 } 3605 3606 static void vnc_free_addresses(SocketAddress ***retsaddr, 3607 size_t *retnsaddr) 3608 { 3609 size_t i; 3610 3611 for (i = 0; i < *retnsaddr; i++) { 3612 qapi_free_SocketAddress((*retsaddr)[i]); 3613 } 3614 g_free(*retsaddr); 3615 3616 *retsaddr = NULL; 3617 *retnsaddr = 0; 3618 } 3619 3620 static int vnc_display_get_addresses(QemuOpts *opts, 3621 bool reverse, 3622 SocketAddress ***retsaddr, 3623 size_t *retnsaddr, 3624 SocketAddress ***retwsaddr, 3625 size_t *retnwsaddr, 3626 Error **errp) 3627 { 3628 SocketAddress *saddr = NULL; 3629 SocketAddress *wsaddr = NULL; 3630 QemuOptsIter addriter; 3631 const char *addr; 3632 int to = qemu_opt_get_number(opts, "to", 0); 3633 bool has_ipv4 = qemu_opt_get(opts, "ipv4"); 3634 bool has_ipv6 = qemu_opt_get(opts, "ipv6"); 3635 bool ipv4 = qemu_opt_get_bool(opts, "ipv4", false); 3636 bool ipv6 = qemu_opt_get_bool(opts, "ipv6", false); 3637 int displaynum = -1; 3638 int ret = -1; 3639 3640 *retsaddr = NULL; 3641 *retnsaddr = 0; 3642 *retwsaddr = NULL; 3643 *retnwsaddr = 0; 3644 3645 addr = qemu_opt_get(opts, "vnc"); 3646 if (addr == NULL || g_str_equal(addr, "none")) { 3647 ret = 0; 3648 goto cleanup; 3649 } 3650 if (qemu_opt_get(opts, "websocket") && 3651 !qcrypto_hash_supports(QCRYPTO_HASH_ALG_SHA1)) { 3652 error_setg(errp, 3653 "SHA1 hash support is required for websockets"); 3654 goto cleanup; 3655 } 3656 3657 qemu_opt_iter_init(&addriter, opts, "vnc"); 3658 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) { 3659 int rv; 3660 rv = vnc_display_get_address(addr, false, reverse, 0, to, 3661 has_ipv4, has_ipv6, 3662 ipv4, ipv6, 3663 &saddr, errp); 3664 if (rv < 0) { 3665 goto cleanup; 3666 } 3667 /* Historical compat - first listen address can be used 3668 * to set the default websocket port 3669 */ 3670 if (displaynum == -1) { 3671 displaynum = rv; 3672 } 3673 *retsaddr = g_renew(SocketAddress *, *retsaddr, *retnsaddr + 1); 3674 (*retsaddr)[(*retnsaddr)++] = saddr; 3675 } 3676 3677 /* If we had multiple primary displays, we don't do defaults 3678 * for websocket, and require explicit config instead. */ 3679 if (*retnsaddr > 1) { 3680 displaynum = -1; 3681 } 3682 3683 qemu_opt_iter_init(&addriter, opts, "websocket"); 3684 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) { 3685 if (vnc_display_get_address(addr, true, reverse, displaynum, to, 3686 has_ipv4, has_ipv6, 3687 ipv4, ipv6, 3688 &wsaddr, errp) < 0) { 3689 goto cleanup; 3690 } 3691 3692 /* Historical compat - if only a single listen address was 3693 * provided, then this is used to set the default listen 3694 * address for websocket too 3695 */ 3696 if (*retnsaddr == 1 && 3697 (*retsaddr)[0]->type == SOCKET_ADDRESS_TYPE_INET && 3698 wsaddr->type == SOCKET_ADDRESS_TYPE_INET && 3699 g_str_equal(wsaddr->u.inet.host, "") && 3700 !g_str_equal((*retsaddr)[0]->u.inet.host, "")) { 3701 g_free(wsaddr->u.inet.host); 3702 wsaddr->u.inet.host = g_strdup((*retsaddr)[0]->u.inet.host); 3703 } 3704 3705 *retwsaddr = g_renew(SocketAddress *, *retwsaddr, *retnwsaddr + 1); 3706 (*retwsaddr)[(*retnwsaddr)++] = wsaddr; 3707 } 3708 3709 ret = 0; 3710 cleanup: 3711 if (ret < 0) { 3712 vnc_free_addresses(retsaddr, retnsaddr); 3713 vnc_free_addresses(retwsaddr, retnwsaddr); 3714 } 3715 return ret; 3716 } 3717 3718 static int vnc_display_connect(VncDisplay *vd, 3719 SocketAddress **saddr, 3720 size_t nsaddr, 3721 SocketAddress **wsaddr, 3722 size_t nwsaddr, 3723 Error **errp) 3724 { 3725 /* connect to viewer */ 3726 QIOChannelSocket *sioc = NULL; 3727 if (nwsaddr != 0) { 3728 error_setg(errp, "Cannot use websockets in reverse mode"); 3729 return -1; 3730 } 3731 if (nsaddr != 1) { 3732 error_setg(errp, "Expected a single address in reverse mode"); 3733 return -1; 3734 } 3735 /* TODO SOCKET_ADDRESS_TYPE_FD when fd has AF_UNIX */ 3736 vd->is_unix = saddr[0]->type == SOCKET_ADDRESS_TYPE_UNIX; 3737 sioc = qio_channel_socket_new(); 3738 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-reverse"); 3739 if (qio_channel_socket_connect_sync(sioc, saddr[0], errp) < 0) { 3740 return -1; 3741 } 3742 vnc_connect(vd, sioc, false, false); 3743 object_unref(OBJECT(sioc)); 3744 return 0; 3745 } 3746 3747 3748 static int vnc_display_listen(VncDisplay *vd, 3749 SocketAddress **saddr, 3750 size_t nsaddr, 3751 SocketAddress **wsaddr, 3752 size_t nwsaddr, 3753 Error **errp) 3754 { 3755 size_t i; 3756 3757 if (nsaddr) { 3758 vd->listener = qio_net_listener_new(); 3759 qio_net_listener_set_name(vd->listener, "vnc-listen"); 3760 for (i = 0; i < nsaddr; i++) { 3761 if (qio_net_listener_open_sync(vd->listener, 3762 saddr[i], 3763 errp) < 0) { 3764 return -1; 3765 } 3766 } 3767 3768 qio_net_listener_set_client_func(vd->listener, 3769 vnc_listen_io, vd, NULL); 3770 } 3771 3772 if (nwsaddr) { 3773 vd->wslistener = qio_net_listener_new(); 3774 qio_net_listener_set_name(vd->wslistener, "vnc-ws-listen"); 3775 for (i = 0; i < nwsaddr; i++) { 3776 if (qio_net_listener_open_sync(vd->wslistener, 3777 wsaddr[i], 3778 errp) < 0) { 3779 return -1; 3780 } 3781 } 3782 3783 qio_net_listener_set_client_func(vd->wslistener, 3784 vnc_listen_io, vd, NULL); 3785 } 3786 3787 return 0; 3788 } 3789 3790 3791 void vnc_display_open(const char *id, Error **errp) 3792 { 3793 VncDisplay *vd = vnc_display_find(id); 3794 QemuOpts *opts = qemu_opts_find(&qemu_vnc_opts, id); 3795 SocketAddress **saddr = NULL, **wsaddr = NULL; 3796 size_t nsaddr, nwsaddr; 3797 const char *share, *device_id; 3798 QemuConsole *con; 3799 bool password = false; 3800 bool reverse = false; 3801 const char *credid; 3802 bool sasl = false; 3803 int acl = 0; 3804 const char *tlsauthz; 3805 const char *saslauthz; 3806 int lock_key_sync = 1; 3807 int key_delay_ms; 3808 3809 if (!vd) { 3810 error_setg(errp, "VNC display not active"); 3811 return; 3812 } 3813 vnc_display_close(vd); 3814 3815 if (!opts) { 3816 return; 3817 } 3818 3819 reverse = qemu_opt_get_bool(opts, "reverse", false); 3820 if (vnc_display_get_addresses(opts, reverse, &saddr, &nsaddr, 3821 &wsaddr, &nwsaddr, errp) < 0) { 3822 goto fail; 3823 } 3824 3825 password = qemu_opt_get_bool(opts, "password", false); 3826 if (password) { 3827 if (fips_get_state()) { 3828 error_setg(errp, 3829 "VNC password auth disabled due to FIPS mode, " 3830 "consider using the VeNCrypt or SASL authentication " 3831 "methods as an alternative"); 3832 goto fail; 3833 } 3834 if (!qcrypto_cipher_supports( 3835 QCRYPTO_CIPHER_ALG_DES_RFB, QCRYPTO_CIPHER_MODE_ECB)) { 3836 error_setg(errp, 3837 "Cipher backend does not support DES RFB algorithm"); 3838 goto fail; 3839 } 3840 } 3841 3842 lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true); 3843 key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 10); 3844 sasl = qemu_opt_get_bool(opts, "sasl", false); 3845 #ifndef CONFIG_VNC_SASL 3846 if (sasl) { 3847 error_setg(errp, "VNC SASL auth requires cyrus-sasl support"); 3848 goto fail; 3849 } 3850 #endif /* CONFIG_VNC_SASL */ 3851 credid = qemu_opt_get(opts, "tls-creds"); 3852 if (credid) { 3853 Object *creds; 3854 creds = object_resolve_path_component( 3855 object_get_objects_root(), credid); 3856 if (!creds) { 3857 error_setg(errp, "No TLS credentials with id '%s'", 3858 credid); 3859 goto fail; 3860 } 3861 vd->tlscreds = (QCryptoTLSCreds *) 3862 object_dynamic_cast(creds, 3863 TYPE_QCRYPTO_TLS_CREDS); 3864 if (!vd->tlscreds) { 3865 error_setg(errp, "Object with id '%s' is not TLS credentials", 3866 credid); 3867 goto fail; 3868 } 3869 object_ref(OBJECT(vd->tlscreds)); 3870 3871 if (vd->tlscreds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) { 3872 error_setg(errp, 3873 "Expecting TLS credentials with a server endpoint"); 3874 goto fail; 3875 } 3876 } 3877 if (qemu_opt_get(opts, "acl")) { 3878 error_report("The 'acl' option to -vnc is deprecated. " 3879 "Please use the 'tls-authz' and 'sasl-authz' " 3880 "options instead"); 3881 } 3882 acl = qemu_opt_get_bool(opts, "acl", false); 3883 tlsauthz = qemu_opt_get(opts, "tls-authz"); 3884 if (acl && tlsauthz) { 3885 error_setg(errp, "'acl' option is mutually exclusive with the " 3886 "'tls-authz' option"); 3887 goto fail; 3888 } 3889 if (tlsauthz && !vd->tlscreds) { 3890 error_setg(errp, "'tls-authz' provided but TLS is not enabled"); 3891 goto fail; 3892 } 3893 3894 saslauthz = qemu_opt_get(opts, "sasl-authz"); 3895 if (acl && saslauthz) { 3896 error_setg(errp, "'acl' option is mutually exclusive with the " 3897 "'sasl-authz' option"); 3898 goto fail; 3899 } 3900 if (saslauthz && !sasl) { 3901 error_setg(errp, "'sasl-authz' provided but SASL auth is not enabled"); 3902 goto fail; 3903 } 3904 3905 share = qemu_opt_get(opts, "share"); 3906 if (share) { 3907 if (strcmp(share, "ignore") == 0) { 3908 vd->share_policy = VNC_SHARE_POLICY_IGNORE; 3909 } else if (strcmp(share, "allow-exclusive") == 0) { 3910 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 3911 } else if (strcmp(share, "force-shared") == 0) { 3912 vd->share_policy = VNC_SHARE_POLICY_FORCE_SHARED; 3913 } else { 3914 error_setg(errp, "unknown vnc share= option"); 3915 goto fail; 3916 } 3917 } else { 3918 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 3919 } 3920 vd->connections_limit = qemu_opt_get_number(opts, "connections", 32); 3921 3922 #ifdef CONFIG_VNC_JPEG 3923 vd->lossy = qemu_opt_get_bool(opts, "lossy", false); 3924 #endif 3925 vd->non_adaptive = qemu_opt_get_bool(opts, "non-adaptive", false); 3926 /* adaptive updates are only used with tight encoding and 3927 * if lossy updates are enabled so we can disable all the 3928 * calculations otherwise */ 3929 if (!vd->lossy) { 3930 vd->non_adaptive = true; 3931 } 3932 3933 if (tlsauthz) { 3934 vd->tlsauthzid = g_strdup(tlsauthz); 3935 } else if (acl) { 3936 if (strcmp(vd->id, "default") == 0) { 3937 vd->tlsauthzid = g_strdup("vnc.x509dname"); 3938 } else { 3939 vd->tlsauthzid = g_strdup_printf("vnc.%s.x509dname", vd->id); 3940 } 3941 vd->tlsauthz = QAUTHZ(qauthz_list_new(vd->tlsauthzid, 3942 QAUTHZ_LIST_POLICY_DENY, 3943 &error_abort)); 3944 } 3945 #ifdef CONFIG_VNC_SASL 3946 if (sasl) { 3947 if (saslauthz) { 3948 vd->sasl.authzid = g_strdup(saslauthz); 3949 } else if (acl) { 3950 if (strcmp(vd->id, "default") == 0) { 3951 vd->sasl.authzid = g_strdup("vnc.username"); 3952 } else { 3953 vd->sasl.authzid = g_strdup_printf("vnc.%s.username", vd->id); 3954 } 3955 vd->sasl.authz = QAUTHZ(qauthz_list_new(vd->sasl.authzid, 3956 QAUTHZ_LIST_POLICY_DENY, 3957 &error_abort)); 3958 } 3959 } 3960 #endif 3961 3962 if (vnc_display_setup_auth(&vd->auth, &vd->subauth, 3963 vd->tlscreds, password, 3964 sasl, false, errp) < 0) { 3965 goto fail; 3966 } 3967 trace_vnc_auth_init(vd, 0, vd->auth, vd->subauth); 3968 3969 if (vnc_display_setup_auth(&vd->ws_auth, &vd->ws_subauth, 3970 vd->tlscreds, password, 3971 sasl, true, errp) < 0) { 3972 goto fail; 3973 } 3974 trace_vnc_auth_init(vd, 1, vd->ws_auth, vd->ws_subauth); 3975 3976 #ifdef CONFIG_VNC_SASL 3977 if (sasl) { 3978 int saslErr = sasl_server_init(NULL, "qemu"); 3979 3980 if (saslErr != SASL_OK) { 3981 error_setg(errp, "Failed to initialize SASL auth: %s", 3982 sasl_errstring(saslErr, NULL, NULL)); 3983 goto fail; 3984 } 3985 } 3986 #endif 3987 vd->lock_key_sync = lock_key_sync; 3988 if (lock_key_sync) { 3989 vd->led = qemu_add_led_event_handler(kbd_leds, vd); 3990 } 3991 vd->ledstate = 0; 3992 3993 device_id = qemu_opt_get(opts, "display"); 3994 if (device_id) { 3995 int head = qemu_opt_get_number(opts, "head", 0); 3996 Error *err = NULL; 3997 3998 con = qemu_console_lookup_by_device_name(device_id, head, &err); 3999 if (err) { 4000 error_propagate(errp, err); 4001 goto fail; 4002 } 4003 } else { 4004 con = NULL; 4005 } 4006 4007 if (con != vd->dcl.con) { 4008 qkbd_state_free(vd->kbd); 4009 unregister_displaychangelistener(&vd->dcl); 4010 vd->dcl.con = con; 4011 register_displaychangelistener(&vd->dcl); 4012 vd->kbd = qkbd_state_init(vd->dcl.con); 4013 } 4014 qkbd_state_set_delay(vd->kbd, key_delay_ms); 4015 4016 if (saddr == NULL) { 4017 goto cleanup; 4018 } 4019 4020 if (reverse) { 4021 if (vnc_display_connect(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) { 4022 goto fail; 4023 } 4024 } else { 4025 if (vnc_display_listen(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) { 4026 goto fail; 4027 } 4028 } 4029 4030 if (qemu_opt_get(opts, "to")) { 4031 vnc_display_print_local_addr(vd); 4032 } 4033 4034 cleanup: 4035 vnc_free_addresses(&saddr, &nsaddr); 4036 vnc_free_addresses(&wsaddr, &nwsaddr); 4037 return; 4038 4039 fail: 4040 vnc_display_close(vd); 4041 goto cleanup; 4042 } 4043 4044 void vnc_display_add_client(const char *id, int csock, bool skipauth) 4045 { 4046 VncDisplay *vd = vnc_display_find(id); 4047 QIOChannelSocket *sioc; 4048 4049 if (!vd) { 4050 return; 4051 } 4052 4053 sioc = qio_channel_socket_new_fd(csock, NULL); 4054 if (sioc) { 4055 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-server"); 4056 vnc_connect(vd, sioc, skipauth, false); 4057 object_unref(OBJECT(sioc)); 4058 } 4059 } 4060 4061 static void vnc_auto_assign_id(QemuOptsList *olist, QemuOpts *opts) 4062 { 4063 int i = 2; 4064 char *id; 4065 4066 id = g_strdup("default"); 4067 while (qemu_opts_find(olist, id)) { 4068 g_free(id); 4069 id = g_strdup_printf("vnc%d", i++); 4070 } 4071 qemu_opts_set_id(opts, id); 4072 } 4073 4074 QemuOpts *vnc_parse(const char *str, Error **errp) 4075 { 4076 QemuOptsList *olist = qemu_find_opts("vnc"); 4077 QemuOpts *opts = qemu_opts_parse(olist, str, true, errp); 4078 const char *id; 4079 4080 if (!opts) { 4081 return NULL; 4082 } 4083 4084 id = qemu_opts_id(opts); 4085 if (!id) { 4086 /* auto-assign id if not present */ 4087 vnc_auto_assign_id(olist, opts); 4088 } 4089 return opts; 4090 } 4091 4092 int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp) 4093 { 4094 Error *local_err = NULL; 4095 char *id = (char *)qemu_opts_id(opts); 4096 4097 assert(id); 4098 vnc_display_init(id, &local_err); 4099 if (local_err) { 4100 error_propagate(errp, local_err); 4101 return -1; 4102 } 4103 vnc_display_open(id, &local_err); 4104 if (local_err != NULL) { 4105 error_propagate(errp, local_err); 4106 return -1; 4107 } 4108 return 0; 4109 } 4110 4111 static void vnc_register_config(void) 4112 { 4113 qemu_add_opts(&qemu_vnc_opts); 4114 } 4115 opts_init(vnc_register_config); 4116