1 /* 2 * QEMU VNC display driver 3 * 4 * Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws> 5 * Copyright (C) 2006 Fabrice Bellard 6 * Copyright (C) 2009 Red Hat, Inc 7 * 8 * Permission is hereby granted, free of charge, to any person obtaining a copy 9 * of this software and associated documentation files (the "Software"), to deal 10 * in the Software without restriction, including without limitation the rights 11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 12 * copies of the Software, and to permit persons to whom the Software is 13 * furnished to do so, subject to the following conditions: 14 * 15 * The above copyright notice and this permission notice shall be included in 16 * all copies or substantial portions of the Software. 17 * 18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 21 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 24 * THE SOFTWARE. 25 */ 26 27 #include "qemu/osdep.h" 28 #include "vnc.h" 29 #include "vnc-jobs.h" 30 #include "trace.h" 31 #include "hw/qdev-core.h" 32 #include "sysemu/sysemu.h" 33 #include "sysemu/runstate.h" 34 #include "qemu/error-report.h" 35 #include "qemu/main-loop.h" 36 #include "qemu/module.h" 37 #include "qemu/option.h" 38 #include "qemu/sockets.h" 39 #include "qemu/timer.h" 40 #include "authz/list.h" 41 #include "qemu/config-file.h" 42 #include "qapi/qapi-emit-events.h" 43 #include "qapi/qapi-events-ui.h" 44 #include "qapi/error.h" 45 #include "qapi/qapi-commands-ui.h" 46 #include "ui/input.h" 47 #include "crypto/hash.h" 48 #include "crypto/tlscredsanon.h" 49 #include "crypto/tlscredsx509.h" 50 #include "crypto/random.h" 51 #include "qom/object_interfaces.h" 52 #include "qemu/cutils.h" 53 #include "io/dns-resolver.h" 54 55 #define VNC_REFRESH_INTERVAL_BASE GUI_REFRESH_INTERVAL_DEFAULT 56 #define VNC_REFRESH_INTERVAL_INC 50 57 #define VNC_REFRESH_INTERVAL_MAX GUI_REFRESH_INTERVAL_IDLE 58 static const struct timeval VNC_REFRESH_STATS = { 0, 500000 }; 59 static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 }; 60 61 #include "vnc_keysym.h" 62 #include "crypto/cipher.h" 63 64 static QTAILQ_HEAD(, VncDisplay) vnc_displays = 65 QTAILQ_HEAD_INITIALIZER(vnc_displays); 66 67 static int vnc_cursor_define(VncState *vs); 68 static void vnc_update_throttle_offset(VncState *vs); 69 70 static void vnc_set_share_mode(VncState *vs, VncShareMode mode) 71 { 72 #ifdef _VNC_DEBUG 73 static const char *mn[] = { 74 [0] = "undefined", 75 [VNC_SHARE_MODE_CONNECTING] = "connecting", 76 [VNC_SHARE_MODE_SHARED] = "shared", 77 [VNC_SHARE_MODE_EXCLUSIVE] = "exclusive", 78 [VNC_SHARE_MODE_DISCONNECTED] = "disconnected", 79 }; 80 fprintf(stderr, "%s/%p: %s -> %s\n", __func__, 81 vs->ioc, mn[vs->share_mode], mn[mode]); 82 #endif 83 84 switch (vs->share_mode) { 85 case VNC_SHARE_MODE_CONNECTING: 86 vs->vd->num_connecting--; 87 break; 88 case VNC_SHARE_MODE_SHARED: 89 vs->vd->num_shared--; 90 break; 91 case VNC_SHARE_MODE_EXCLUSIVE: 92 vs->vd->num_exclusive--; 93 break; 94 default: 95 break; 96 } 97 98 vs->share_mode = mode; 99 100 switch (vs->share_mode) { 101 case VNC_SHARE_MODE_CONNECTING: 102 vs->vd->num_connecting++; 103 break; 104 case VNC_SHARE_MODE_SHARED: 105 vs->vd->num_shared++; 106 break; 107 case VNC_SHARE_MODE_EXCLUSIVE: 108 vs->vd->num_exclusive++; 109 break; 110 default: 111 break; 112 } 113 } 114 115 116 static void vnc_init_basic_info(SocketAddress *addr, 117 VncBasicInfo *info, 118 Error **errp) 119 { 120 switch (addr->type) { 121 case SOCKET_ADDRESS_TYPE_INET: 122 info->host = g_strdup(addr->u.inet.host); 123 info->service = g_strdup(addr->u.inet.port); 124 if (addr->u.inet.ipv6) { 125 info->family = NETWORK_ADDRESS_FAMILY_IPV6; 126 } else { 127 info->family = NETWORK_ADDRESS_FAMILY_IPV4; 128 } 129 break; 130 131 case SOCKET_ADDRESS_TYPE_UNIX: 132 info->host = g_strdup(""); 133 info->service = g_strdup(addr->u.q_unix.path); 134 info->family = NETWORK_ADDRESS_FAMILY_UNIX; 135 break; 136 137 case SOCKET_ADDRESS_TYPE_VSOCK: 138 case SOCKET_ADDRESS_TYPE_FD: 139 error_setg(errp, "Unsupported socket address type %s", 140 SocketAddressType_str(addr->type)); 141 break; 142 default: 143 abort(); 144 } 145 146 return; 147 } 148 149 static void vnc_init_basic_info_from_server_addr(QIOChannelSocket *ioc, 150 VncBasicInfo *info, 151 Error **errp) 152 { 153 SocketAddress *addr = NULL; 154 155 if (!ioc) { 156 error_setg(errp, "No listener socket available"); 157 return; 158 } 159 160 addr = qio_channel_socket_get_local_address(ioc, errp); 161 if (!addr) { 162 return; 163 } 164 165 vnc_init_basic_info(addr, info, errp); 166 qapi_free_SocketAddress(addr); 167 } 168 169 static void vnc_init_basic_info_from_remote_addr(QIOChannelSocket *ioc, 170 VncBasicInfo *info, 171 Error **errp) 172 { 173 SocketAddress *addr = NULL; 174 175 addr = qio_channel_socket_get_remote_address(ioc, errp); 176 if (!addr) { 177 return; 178 } 179 180 vnc_init_basic_info(addr, info, errp); 181 qapi_free_SocketAddress(addr); 182 } 183 184 static const char *vnc_auth_name(VncDisplay *vd) { 185 switch (vd->auth) { 186 case VNC_AUTH_INVALID: 187 return "invalid"; 188 case VNC_AUTH_NONE: 189 return "none"; 190 case VNC_AUTH_VNC: 191 return "vnc"; 192 case VNC_AUTH_RA2: 193 return "ra2"; 194 case VNC_AUTH_RA2NE: 195 return "ra2ne"; 196 case VNC_AUTH_TIGHT: 197 return "tight"; 198 case VNC_AUTH_ULTRA: 199 return "ultra"; 200 case VNC_AUTH_TLS: 201 return "tls"; 202 case VNC_AUTH_VENCRYPT: 203 switch (vd->subauth) { 204 case VNC_AUTH_VENCRYPT_PLAIN: 205 return "vencrypt+plain"; 206 case VNC_AUTH_VENCRYPT_TLSNONE: 207 return "vencrypt+tls+none"; 208 case VNC_AUTH_VENCRYPT_TLSVNC: 209 return "vencrypt+tls+vnc"; 210 case VNC_AUTH_VENCRYPT_TLSPLAIN: 211 return "vencrypt+tls+plain"; 212 case VNC_AUTH_VENCRYPT_X509NONE: 213 return "vencrypt+x509+none"; 214 case VNC_AUTH_VENCRYPT_X509VNC: 215 return "vencrypt+x509+vnc"; 216 case VNC_AUTH_VENCRYPT_X509PLAIN: 217 return "vencrypt+x509+plain"; 218 case VNC_AUTH_VENCRYPT_TLSSASL: 219 return "vencrypt+tls+sasl"; 220 case VNC_AUTH_VENCRYPT_X509SASL: 221 return "vencrypt+x509+sasl"; 222 default: 223 return "vencrypt"; 224 } 225 case VNC_AUTH_SASL: 226 return "sasl"; 227 } 228 return "unknown"; 229 } 230 231 static VncServerInfo *vnc_server_info_get(VncDisplay *vd) 232 { 233 VncServerInfo *info; 234 Error *err = NULL; 235 236 if (!vd->listener || !vd->listener->nsioc) { 237 return NULL; 238 } 239 240 info = g_malloc0(sizeof(*info)); 241 vnc_init_basic_info_from_server_addr(vd->listener->sioc[0], 242 qapi_VncServerInfo_base(info), &err); 243 info->has_auth = true; 244 info->auth = g_strdup(vnc_auth_name(vd)); 245 if (err) { 246 qapi_free_VncServerInfo(info); 247 info = NULL; 248 error_free(err); 249 } 250 return info; 251 } 252 253 static void vnc_client_cache_auth(VncState *client) 254 { 255 if (!client->info) { 256 return; 257 } 258 259 if (client->tls) { 260 client->info->x509_dname = 261 qcrypto_tls_session_get_peer_name(client->tls); 262 client->info->has_x509_dname = 263 client->info->x509_dname != NULL; 264 } 265 #ifdef CONFIG_VNC_SASL 266 if (client->sasl.conn && 267 client->sasl.username) { 268 client->info->has_sasl_username = true; 269 client->info->sasl_username = g_strdup(client->sasl.username); 270 } 271 #endif 272 } 273 274 static void vnc_client_cache_addr(VncState *client) 275 { 276 Error *err = NULL; 277 278 client->info = g_malloc0(sizeof(*client->info)); 279 vnc_init_basic_info_from_remote_addr(client->sioc, 280 qapi_VncClientInfo_base(client->info), 281 &err); 282 client->info->websocket = client->websocket; 283 if (err) { 284 qapi_free_VncClientInfo(client->info); 285 client->info = NULL; 286 error_free(err); 287 } 288 } 289 290 static void vnc_qmp_event(VncState *vs, QAPIEvent event) 291 { 292 VncServerInfo *si; 293 294 if (!vs->info) { 295 return; 296 } 297 298 si = vnc_server_info_get(vs->vd); 299 if (!si) { 300 return; 301 } 302 303 switch (event) { 304 case QAPI_EVENT_VNC_CONNECTED: 305 qapi_event_send_vnc_connected(si, qapi_VncClientInfo_base(vs->info)); 306 break; 307 case QAPI_EVENT_VNC_INITIALIZED: 308 qapi_event_send_vnc_initialized(si, vs->info); 309 break; 310 case QAPI_EVENT_VNC_DISCONNECTED: 311 qapi_event_send_vnc_disconnected(si, vs->info); 312 break; 313 default: 314 break; 315 } 316 317 qapi_free_VncServerInfo(si); 318 } 319 320 static VncClientInfo *qmp_query_vnc_client(const VncState *client) 321 { 322 VncClientInfo *info; 323 Error *err = NULL; 324 325 info = g_malloc0(sizeof(*info)); 326 327 vnc_init_basic_info_from_remote_addr(client->sioc, 328 qapi_VncClientInfo_base(info), 329 &err); 330 if (err) { 331 error_free(err); 332 qapi_free_VncClientInfo(info); 333 return NULL; 334 } 335 336 info->websocket = client->websocket; 337 338 if (client->tls) { 339 info->x509_dname = qcrypto_tls_session_get_peer_name(client->tls); 340 info->has_x509_dname = info->x509_dname != NULL; 341 } 342 #ifdef CONFIG_VNC_SASL 343 if (client->sasl.conn && client->sasl.username) { 344 info->has_sasl_username = true; 345 info->sasl_username = g_strdup(client->sasl.username); 346 } 347 #endif 348 349 return info; 350 } 351 352 static VncDisplay *vnc_display_find(const char *id) 353 { 354 VncDisplay *vd; 355 356 if (id == NULL) { 357 return QTAILQ_FIRST(&vnc_displays); 358 } 359 QTAILQ_FOREACH(vd, &vnc_displays, next) { 360 if (strcmp(id, vd->id) == 0) { 361 return vd; 362 } 363 } 364 return NULL; 365 } 366 367 static VncClientInfoList *qmp_query_client_list(VncDisplay *vd) 368 { 369 VncClientInfoList *prev = NULL; 370 VncState *client; 371 372 QTAILQ_FOREACH(client, &vd->clients, next) { 373 QAPI_LIST_PREPEND(prev, qmp_query_vnc_client(client)); 374 } 375 return prev; 376 } 377 378 VncInfo *qmp_query_vnc(Error **errp) 379 { 380 VncInfo *info = g_malloc0(sizeof(*info)); 381 VncDisplay *vd = vnc_display_find(NULL); 382 SocketAddress *addr = NULL; 383 384 if (vd == NULL || !vd->listener || !vd->listener->nsioc) { 385 info->enabled = false; 386 } else { 387 info->enabled = true; 388 389 /* for compatibility with the original command */ 390 info->has_clients = true; 391 info->clients = qmp_query_client_list(vd); 392 393 addr = qio_channel_socket_get_local_address(vd->listener->sioc[0], 394 errp); 395 if (!addr) { 396 goto out_error; 397 } 398 399 switch (addr->type) { 400 case SOCKET_ADDRESS_TYPE_INET: 401 info->host = g_strdup(addr->u.inet.host); 402 info->service = g_strdup(addr->u.inet.port); 403 if (addr->u.inet.ipv6) { 404 info->family = NETWORK_ADDRESS_FAMILY_IPV6; 405 } else { 406 info->family = NETWORK_ADDRESS_FAMILY_IPV4; 407 } 408 break; 409 410 case SOCKET_ADDRESS_TYPE_UNIX: 411 info->host = g_strdup(""); 412 info->service = g_strdup(addr->u.q_unix.path); 413 info->family = NETWORK_ADDRESS_FAMILY_UNIX; 414 break; 415 416 case SOCKET_ADDRESS_TYPE_VSOCK: 417 case SOCKET_ADDRESS_TYPE_FD: 418 error_setg(errp, "Unsupported socket address type %s", 419 SocketAddressType_str(addr->type)); 420 goto out_error; 421 default: 422 abort(); 423 } 424 425 info->has_host = true; 426 info->has_service = true; 427 info->has_family = true; 428 429 info->has_auth = true; 430 info->auth = g_strdup(vnc_auth_name(vd)); 431 } 432 433 qapi_free_SocketAddress(addr); 434 return info; 435 436 out_error: 437 qapi_free_SocketAddress(addr); 438 qapi_free_VncInfo(info); 439 return NULL; 440 } 441 442 443 static void qmp_query_auth(int auth, int subauth, 444 VncPrimaryAuth *qmp_auth, 445 VncVencryptSubAuth *qmp_vencrypt, 446 bool *qmp_has_vencrypt); 447 448 static VncServerInfo2List *qmp_query_server_entry(QIOChannelSocket *ioc, 449 bool websocket, 450 int auth, 451 int subauth, 452 VncServerInfo2List *prev) 453 { 454 VncServerInfo2 *info; 455 Error *err = NULL; 456 SocketAddress *addr; 457 458 addr = qio_channel_socket_get_local_address(ioc, NULL); 459 if (!addr) { 460 return prev; 461 } 462 463 info = g_new0(VncServerInfo2, 1); 464 vnc_init_basic_info(addr, qapi_VncServerInfo2_base(info), &err); 465 qapi_free_SocketAddress(addr); 466 if (err) { 467 qapi_free_VncServerInfo2(info); 468 error_free(err); 469 return prev; 470 } 471 info->websocket = websocket; 472 473 qmp_query_auth(auth, subauth, &info->auth, 474 &info->vencrypt, &info->has_vencrypt); 475 476 QAPI_LIST_PREPEND(prev, info); 477 return prev; 478 } 479 480 static void qmp_query_auth(int auth, int subauth, 481 VncPrimaryAuth *qmp_auth, 482 VncVencryptSubAuth *qmp_vencrypt, 483 bool *qmp_has_vencrypt) 484 { 485 switch (auth) { 486 case VNC_AUTH_VNC: 487 *qmp_auth = VNC_PRIMARY_AUTH_VNC; 488 break; 489 case VNC_AUTH_RA2: 490 *qmp_auth = VNC_PRIMARY_AUTH_RA2; 491 break; 492 case VNC_AUTH_RA2NE: 493 *qmp_auth = VNC_PRIMARY_AUTH_RA2NE; 494 break; 495 case VNC_AUTH_TIGHT: 496 *qmp_auth = VNC_PRIMARY_AUTH_TIGHT; 497 break; 498 case VNC_AUTH_ULTRA: 499 *qmp_auth = VNC_PRIMARY_AUTH_ULTRA; 500 break; 501 case VNC_AUTH_TLS: 502 *qmp_auth = VNC_PRIMARY_AUTH_TLS; 503 break; 504 case VNC_AUTH_VENCRYPT: 505 *qmp_auth = VNC_PRIMARY_AUTH_VENCRYPT; 506 *qmp_has_vencrypt = true; 507 switch (subauth) { 508 case VNC_AUTH_VENCRYPT_PLAIN: 509 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_PLAIN; 510 break; 511 case VNC_AUTH_VENCRYPT_TLSNONE: 512 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_NONE; 513 break; 514 case VNC_AUTH_VENCRYPT_TLSVNC: 515 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_VNC; 516 break; 517 case VNC_AUTH_VENCRYPT_TLSPLAIN: 518 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_PLAIN; 519 break; 520 case VNC_AUTH_VENCRYPT_X509NONE: 521 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_NONE; 522 break; 523 case VNC_AUTH_VENCRYPT_X509VNC: 524 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_VNC; 525 break; 526 case VNC_AUTH_VENCRYPT_X509PLAIN: 527 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_PLAIN; 528 break; 529 case VNC_AUTH_VENCRYPT_TLSSASL: 530 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_SASL; 531 break; 532 case VNC_AUTH_VENCRYPT_X509SASL: 533 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_SASL; 534 break; 535 default: 536 *qmp_has_vencrypt = false; 537 break; 538 } 539 break; 540 case VNC_AUTH_SASL: 541 *qmp_auth = VNC_PRIMARY_AUTH_SASL; 542 break; 543 case VNC_AUTH_NONE: 544 default: 545 *qmp_auth = VNC_PRIMARY_AUTH_NONE; 546 break; 547 } 548 } 549 550 VncInfo2List *qmp_query_vnc_servers(Error **errp) 551 { 552 VncInfo2List *prev = NULL; 553 VncInfo2 *info; 554 VncDisplay *vd; 555 DeviceState *dev; 556 size_t i; 557 558 QTAILQ_FOREACH(vd, &vnc_displays, next) { 559 info = g_new0(VncInfo2, 1); 560 info->id = g_strdup(vd->id); 561 info->clients = qmp_query_client_list(vd); 562 qmp_query_auth(vd->auth, vd->subauth, &info->auth, 563 &info->vencrypt, &info->has_vencrypt); 564 if (vd->dcl.con) { 565 dev = DEVICE(object_property_get_link(OBJECT(vd->dcl.con), 566 "device", &error_abort)); 567 info->has_display = true; 568 info->display = g_strdup(dev->id); 569 } 570 for (i = 0; vd->listener != NULL && i < vd->listener->nsioc; i++) { 571 info->server = qmp_query_server_entry( 572 vd->listener->sioc[i], false, vd->auth, vd->subauth, 573 info->server); 574 } 575 for (i = 0; vd->wslistener != NULL && i < vd->wslistener->nsioc; i++) { 576 info->server = qmp_query_server_entry( 577 vd->wslistener->sioc[i], true, vd->ws_auth, 578 vd->ws_subauth, info->server); 579 } 580 581 QAPI_LIST_PREPEND(prev, info); 582 } 583 return prev; 584 } 585 586 /* TODO 587 1) Get the queue working for IO. 588 2) there is some weirdness when using the -S option (the screen is grey 589 and not totally invalidated 590 3) resolutions > 1024 591 */ 592 593 static int vnc_update_client(VncState *vs, int has_dirty); 594 static void vnc_disconnect_start(VncState *vs); 595 596 static void vnc_colordepth(VncState *vs); 597 static void framebuffer_update_request(VncState *vs, int incremental, 598 int x_position, int y_position, 599 int w, int h); 600 static void vnc_refresh(DisplayChangeListener *dcl); 601 static int vnc_refresh_server_surface(VncDisplay *vd); 602 603 static int vnc_width(VncDisplay *vd) 604 { 605 return MIN(VNC_MAX_WIDTH, ROUND_UP(surface_width(vd->ds), 606 VNC_DIRTY_PIXELS_PER_BIT)); 607 } 608 609 static int vnc_height(VncDisplay *vd) 610 { 611 return MIN(VNC_MAX_HEIGHT, surface_height(vd->ds)); 612 } 613 614 static void vnc_set_area_dirty(DECLARE_BITMAP(dirty[VNC_MAX_HEIGHT], 615 VNC_MAX_WIDTH / VNC_DIRTY_PIXELS_PER_BIT), 616 VncDisplay *vd, 617 int x, int y, int w, int h) 618 { 619 int width = vnc_width(vd); 620 int height = vnc_height(vd); 621 622 /* this is needed this to ensure we updated all affected 623 * blocks if x % VNC_DIRTY_PIXELS_PER_BIT != 0 */ 624 w += (x % VNC_DIRTY_PIXELS_PER_BIT); 625 x -= (x % VNC_DIRTY_PIXELS_PER_BIT); 626 627 x = MIN(x, width); 628 y = MIN(y, height); 629 w = MIN(x + w, width) - x; 630 h = MIN(y + h, height); 631 632 for (; y < h; y++) { 633 bitmap_set(dirty[y], x / VNC_DIRTY_PIXELS_PER_BIT, 634 DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT)); 635 } 636 } 637 638 static void vnc_dpy_update(DisplayChangeListener *dcl, 639 int x, int y, int w, int h) 640 { 641 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 642 struct VncSurface *s = &vd->guest; 643 644 vnc_set_area_dirty(s->dirty, vd, x, y, w, h); 645 } 646 647 void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h, 648 int32_t encoding) 649 { 650 vnc_write_u16(vs, x); 651 vnc_write_u16(vs, y); 652 vnc_write_u16(vs, w); 653 vnc_write_u16(vs, h); 654 655 vnc_write_s32(vs, encoding); 656 } 657 658 static void vnc_desktop_resize_ext(VncState *vs, int reject_reason) 659 { 660 vnc_lock_output(vs); 661 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 662 vnc_write_u8(vs, 0); 663 vnc_write_u16(vs, 1); /* number of rects */ 664 vnc_framebuffer_update(vs, 665 reject_reason ? 1 : 0, 666 reject_reason, 667 vs->client_width, vs->client_height, 668 VNC_ENCODING_DESKTOP_RESIZE_EXT); 669 vnc_write_u8(vs, 1); /* number of screens */ 670 vnc_write_u8(vs, 0); /* padding */ 671 vnc_write_u8(vs, 0); /* padding */ 672 vnc_write_u8(vs, 0); /* padding */ 673 vnc_write_u32(vs, 0); /* screen id */ 674 vnc_write_u16(vs, 0); /* screen x-pos */ 675 vnc_write_u16(vs, 0); /* screen y-pos */ 676 vnc_write_u16(vs, vs->client_width); 677 vnc_write_u16(vs, vs->client_height); 678 vnc_write_u32(vs, 0); /* screen flags */ 679 vnc_unlock_output(vs); 680 vnc_flush(vs); 681 } 682 683 static void vnc_desktop_resize(VncState *vs) 684 { 685 if (vs->ioc == NULL || (!vnc_has_feature(vs, VNC_FEATURE_RESIZE) && 686 !vnc_has_feature(vs, VNC_FEATURE_RESIZE_EXT))) { 687 return; 688 } 689 690 assert(pixman_image_get_width(vs->vd->server) < 65536 && 691 pixman_image_get_width(vs->vd->server) >= 0); 692 assert(pixman_image_get_height(vs->vd->server) < 65536 && 693 pixman_image_get_height(vs->vd->server) >= 0); 694 vs->client_width = pixman_image_get_width(vs->vd->server); 695 vs->client_height = pixman_image_get_height(vs->vd->server); 696 697 if (vnc_has_feature(vs, VNC_FEATURE_RESIZE_EXT)) { 698 vnc_desktop_resize_ext(vs, 0); 699 return; 700 } 701 702 vnc_lock_output(vs); 703 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 704 vnc_write_u8(vs, 0); 705 vnc_write_u16(vs, 1); /* number of rects */ 706 vnc_framebuffer_update(vs, 0, 0, vs->client_width, vs->client_height, 707 VNC_ENCODING_DESKTOPRESIZE); 708 vnc_unlock_output(vs); 709 vnc_flush(vs); 710 } 711 712 static void vnc_abort_display_jobs(VncDisplay *vd) 713 { 714 VncState *vs; 715 716 QTAILQ_FOREACH(vs, &vd->clients, next) { 717 vnc_lock_output(vs); 718 vs->abort = true; 719 vnc_unlock_output(vs); 720 } 721 QTAILQ_FOREACH(vs, &vd->clients, next) { 722 vnc_jobs_join(vs); 723 } 724 QTAILQ_FOREACH(vs, &vd->clients, next) { 725 vnc_lock_output(vs); 726 if (vs->update == VNC_STATE_UPDATE_NONE && 727 vs->job_update != VNC_STATE_UPDATE_NONE) { 728 /* job aborted before completion */ 729 vs->update = vs->job_update; 730 vs->job_update = VNC_STATE_UPDATE_NONE; 731 } 732 vs->abort = false; 733 vnc_unlock_output(vs); 734 } 735 } 736 737 int vnc_server_fb_stride(VncDisplay *vd) 738 { 739 return pixman_image_get_stride(vd->server); 740 } 741 742 void *vnc_server_fb_ptr(VncDisplay *vd, int x, int y) 743 { 744 uint8_t *ptr; 745 746 ptr = (uint8_t *)pixman_image_get_data(vd->server); 747 ptr += y * vnc_server_fb_stride(vd); 748 ptr += x * VNC_SERVER_FB_BYTES; 749 return ptr; 750 } 751 752 static void vnc_update_server_surface(VncDisplay *vd) 753 { 754 int width, height; 755 756 qemu_pixman_image_unref(vd->server); 757 vd->server = NULL; 758 759 if (QTAILQ_EMPTY(&vd->clients)) { 760 return; 761 } 762 763 width = vnc_width(vd); 764 height = vnc_height(vd); 765 vd->server = pixman_image_create_bits(VNC_SERVER_FB_FORMAT, 766 width, height, 767 NULL, 0); 768 769 memset(vd->guest.dirty, 0x00, sizeof(vd->guest.dirty)); 770 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0, 771 width, height); 772 } 773 774 static bool vnc_check_pageflip(DisplaySurface *s1, 775 DisplaySurface *s2) 776 { 777 return (s1 != NULL && 778 s2 != NULL && 779 surface_width(s1) == surface_width(s2) && 780 surface_height(s1) == surface_height(s2) && 781 surface_format(s1) == surface_format(s2)); 782 783 } 784 785 static void vnc_dpy_switch(DisplayChangeListener *dcl, 786 DisplaySurface *surface) 787 { 788 static const char placeholder_msg[] = 789 "Display output is not active."; 790 static DisplaySurface *placeholder; 791 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 792 bool pageflip = vnc_check_pageflip(vd->ds, surface); 793 VncState *vs; 794 795 if (surface == NULL) { 796 if (placeholder == NULL) { 797 placeholder = qemu_create_message_surface(640, 480, placeholder_msg); 798 } 799 surface = placeholder; 800 } 801 802 vnc_abort_display_jobs(vd); 803 vd->ds = surface; 804 805 /* guest surface */ 806 qemu_pixman_image_unref(vd->guest.fb); 807 vd->guest.fb = pixman_image_ref(surface->image); 808 vd->guest.format = surface->format; 809 810 if (pageflip) { 811 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0, 812 surface_width(surface), 813 surface_height(surface)); 814 return; 815 } 816 817 /* server surface */ 818 vnc_update_server_surface(vd); 819 820 QTAILQ_FOREACH(vs, &vd->clients, next) { 821 vnc_colordepth(vs); 822 vnc_desktop_resize(vs); 823 vnc_cursor_define(vs); 824 memset(vs->dirty, 0x00, sizeof(vs->dirty)); 825 vnc_set_area_dirty(vs->dirty, vd, 0, 0, 826 vnc_width(vd), 827 vnc_height(vd)); 828 vnc_update_throttle_offset(vs); 829 } 830 } 831 832 /* fastest code */ 833 static void vnc_write_pixels_copy(VncState *vs, 834 void *pixels, int size) 835 { 836 vnc_write(vs, pixels, size); 837 } 838 839 /* slowest but generic code. */ 840 void vnc_convert_pixel(VncState *vs, uint8_t *buf, uint32_t v) 841 { 842 uint8_t r, g, b; 843 844 #if VNC_SERVER_FB_FORMAT == PIXMAN_FORMAT(32, PIXMAN_TYPE_ARGB, 0, 8, 8, 8) 845 r = (((v & 0x00ff0000) >> 16) << vs->client_pf.rbits) >> 8; 846 g = (((v & 0x0000ff00) >> 8) << vs->client_pf.gbits) >> 8; 847 b = (((v & 0x000000ff) >> 0) << vs->client_pf.bbits) >> 8; 848 #else 849 # error need some bits here if you change VNC_SERVER_FB_FORMAT 850 #endif 851 v = (r << vs->client_pf.rshift) | 852 (g << vs->client_pf.gshift) | 853 (b << vs->client_pf.bshift); 854 switch (vs->client_pf.bytes_per_pixel) { 855 case 1: 856 buf[0] = v; 857 break; 858 case 2: 859 if (vs->client_be) { 860 buf[0] = v >> 8; 861 buf[1] = v; 862 } else { 863 buf[1] = v >> 8; 864 buf[0] = v; 865 } 866 break; 867 default: 868 case 4: 869 if (vs->client_be) { 870 buf[0] = v >> 24; 871 buf[1] = v >> 16; 872 buf[2] = v >> 8; 873 buf[3] = v; 874 } else { 875 buf[3] = v >> 24; 876 buf[2] = v >> 16; 877 buf[1] = v >> 8; 878 buf[0] = v; 879 } 880 break; 881 } 882 } 883 884 static void vnc_write_pixels_generic(VncState *vs, 885 void *pixels1, int size) 886 { 887 uint8_t buf[4]; 888 889 if (VNC_SERVER_FB_BYTES == 4) { 890 uint32_t *pixels = pixels1; 891 int n, i; 892 n = size >> 2; 893 for (i = 0; i < n; i++) { 894 vnc_convert_pixel(vs, buf, pixels[i]); 895 vnc_write(vs, buf, vs->client_pf.bytes_per_pixel); 896 } 897 } 898 } 899 900 int vnc_raw_send_framebuffer_update(VncState *vs, int x, int y, int w, int h) 901 { 902 int i; 903 uint8_t *row; 904 VncDisplay *vd = vs->vd; 905 906 row = vnc_server_fb_ptr(vd, x, y); 907 for (i = 0; i < h; i++) { 908 vs->write_pixels(vs, row, w * VNC_SERVER_FB_BYTES); 909 row += vnc_server_fb_stride(vd); 910 } 911 return 1; 912 } 913 914 int vnc_send_framebuffer_update(VncState *vs, int x, int y, int w, int h) 915 { 916 int n = 0; 917 918 switch(vs->vnc_encoding) { 919 case VNC_ENCODING_ZLIB: 920 n = vnc_zlib_send_framebuffer_update(vs, x, y, w, h); 921 break; 922 case VNC_ENCODING_HEXTILE: 923 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_HEXTILE); 924 n = vnc_hextile_send_framebuffer_update(vs, x, y, w, h); 925 break; 926 case VNC_ENCODING_TIGHT: 927 n = vnc_tight_send_framebuffer_update(vs, x, y, w, h); 928 break; 929 case VNC_ENCODING_TIGHT_PNG: 930 n = vnc_tight_png_send_framebuffer_update(vs, x, y, w, h); 931 break; 932 case VNC_ENCODING_ZRLE: 933 n = vnc_zrle_send_framebuffer_update(vs, x, y, w, h); 934 break; 935 case VNC_ENCODING_ZYWRLE: 936 n = vnc_zywrle_send_framebuffer_update(vs, x, y, w, h); 937 break; 938 default: 939 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_RAW); 940 n = vnc_raw_send_framebuffer_update(vs, x, y, w, h); 941 break; 942 } 943 return n; 944 } 945 946 static void vnc_mouse_set(DisplayChangeListener *dcl, 947 int x, int y, int visible) 948 { 949 /* can we ask the client(s) to move the pointer ??? */ 950 } 951 952 static int vnc_cursor_define(VncState *vs) 953 { 954 QEMUCursor *c = vs->vd->cursor; 955 int isize; 956 957 if (!vs->vd->cursor) { 958 return -1; 959 } 960 961 if (vnc_has_feature(vs, VNC_FEATURE_ALPHA_CURSOR)) { 962 vnc_lock_output(vs); 963 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 964 vnc_write_u8(vs, 0); /* padding */ 965 vnc_write_u16(vs, 1); /* # of rects */ 966 vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height, 967 VNC_ENCODING_ALPHA_CURSOR); 968 vnc_write_s32(vs, VNC_ENCODING_RAW); 969 vnc_write(vs, c->data, c->width * c->height * 4); 970 vnc_unlock_output(vs); 971 return 0; 972 } 973 if (vnc_has_feature(vs, VNC_FEATURE_RICH_CURSOR)) { 974 vnc_lock_output(vs); 975 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 976 vnc_write_u8(vs, 0); /* padding */ 977 vnc_write_u16(vs, 1); /* # of rects */ 978 vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height, 979 VNC_ENCODING_RICH_CURSOR); 980 isize = c->width * c->height * vs->client_pf.bytes_per_pixel; 981 vnc_write_pixels_generic(vs, c->data, isize); 982 vnc_write(vs, vs->vd->cursor_mask, vs->vd->cursor_msize); 983 vnc_unlock_output(vs); 984 return 0; 985 } 986 return -1; 987 } 988 989 static void vnc_dpy_cursor_define(DisplayChangeListener *dcl, 990 QEMUCursor *c) 991 { 992 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 993 VncState *vs; 994 995 cursor_put(vd->cursor); 996 g_free(vd->cursor_mask); 997 998 vd->cursor = c; 999 cursor_get(vd->cursor); 1000 vd->cursor_msize = cursor_get_mono_bpl(c) * c->height; 1001 vd->cursor_mask = g_malloc0(vd->cursor_msize); 1002 cursor_get_mono_mask(c, 0, vd->cursor_mask); 1003 1004 QTAILQ_FOREACH(vs, &vd->clients, next) { 1005 vnc_cursor_define(vs); 1006 } 1007 } 1008 1009 static int find_and_clear_dirty_height(VncState *vs, 1010 int y, int last_x, int x, int height) 1011 { 1012 int h; 1013 1014 for (h = 1; h < (height - y); h++) { 1015 if (!test_bit(last_x, vs->dirty[y + h])) { 1016 break; 1017 } 1018 bitmap_clear(vs->dirty[y + h], last_x, x - last_x); 1019 } 1020 1021 return h; 1022 } 1023 1024 /* 1025 * Figure out how much pending data we should allow in the output 1026 * buffer before we throttle incremental display updates, and/or 1027 * drop audio samples. 1028 * 1029 * We allow for equiv of 1 full display's worth of FB updates, 1030 * and 1 second of audio samples. If audio backlog was larger 1031 * than that the client would already suffering awful audio 1032 * glitches, so dropping samples is no worse really). 1033 */ 1034 static void vnc_update_throttle_offset(VncState *vs) 1035 { 1036 size_t offset = 1037 vs->client_width * vs->client_height * vs->client_pf.bytes_per_pixel; 1038 1039 if (vs->audio_cap) { 1040 int bps; 1041 switch (vs->as.fmt) { 1042 default: 1043 case AUDIO_FORMAT_U8: 1044 case AUDIO_FORMAT_S8: 1045 bps = 1; 1046 break; 1047 case AUDIO_FORMAT_U16: 1048 case AUDIO_FORMAT_S16: 1049 bps = 2; 1050 break; 1051 case AUDIO_FORMAT_U32: 1052 case AUDIO_FORMAT_S32: 1053 bps = 4; 1054 break; 1055 } 1056 offset += vs->as.freq * bps * vs->as.nchannels; 1057 } 1058 1059 /* Put a floor of 1MB on offset, so that if we have a large pending 1060 * buffer and the display is resized to a small size & back again 1061 * we don't suddenly apply a tiny send limit 1062 */ 1063 offset = MAX(offset, 1024 * 1024); 1064 1065 if (vs->throttle_output_offset != offset) { 1066 trace_vnc_client_throttle_threshold( 1067 vs, vs->ioc, vs->throttle_output_offset, offset, vs->client_width, 1068 vs->client_height, vs->client_pf.bytes_per_pixel, vs->audio_cap); 1069 } 1070 1071 vs->throttle_output_offset = offset; 1072 } 1073 1074 static bool vnc_should_update(VncState *vs) 1075 { 1076 switch (vs->update) { 1077 case VNC_STATE_UPDATE_NONE: 1078 break; 1079 case VNC_STATE_UPDATE_INCREMENTAL: 1080 /* Only allow incremental updates if the pending send queue 1081 * is less than the permitted threshold, and the job worker 1082 * is completely idle. 1083 */ 1084 if (vs->output.offset < vs->throttle_output_offset && 1085 vs->job_update == VNC_STATE_UPDATE_NONE) { 1086 return true; 1087 } 1088 trace_vnc_client_throttle_incremental( 1089 vs, vs->ioc, vs->job_update, vs->output.offset); 1090 break; 1091 case VNC_STATE_UPDATE_FORCE: 1092 /* Only allow forced updates if the pending send queue 1093 * does not contain a previous forced update, and the 1094 * job worker is completely idle. 1095 * 1096 * Note this means we'll queue a forced update, even if 1097 * the output buffer size is otherwise over the throttle 1098 * output limit. 1099 */ 1100 if (vs->force_update_offset == 0 && 1101 vs->job_update == VNC_STATE_UPDATE_NONE) { 1102 return true; 1103 } 1104 trace_vnc_client_throttle_forced( 1105 vs, vs->ioc, vs->job_update, vs->force_update_offset); 1106 break; 1107 } 1108 return false; 1109 } 1110 1111 static int vnc_update_client(VncState *vs, int has_dirty) 1112 { 1113 VncDisplay *vd = vs->vd; 1114 VncJob *job; 1115 int y; 1116 int height, width; 1117 int n = 0; 1118 1119 if (vs->disconnecting) { 1120 vnc_disconnect_finish(vs); 1121 return 0; 1122 } 1123 1124 vs->has_dirty += has_dirty; 1125 if (!vnc_should_update(vs)) { 1126 return 0; 1127 } 1128 1129 if (!vs->has_dirty && vs->update != VNC_STATE_UPDATE_FORCE) { 1130 return 0; 1131 } 1132 1133 /* 1134 * Send screen updates to the vnc client using the server 1135 * surface and server dirty map. guest surface updates 1136 * happening in parallel don't disturb us, the next pass will 1137 * send them to the client. 1138 */ 1139 job = vnc_job_new(vs); 1140 1141 height = pixman_image_get_height(vd->server); 1142 width = pixman_image_get_width(vd->server); 1143 1144 y = 0; 1145 for (;;) { 1146 int x, h; 1147 unsigned long x2; 1148 unsigned long offset = find_next_bit((unsigned long *) &vs->dirty, 1149 height * VNC_DIRTY_BPL(vs), 1150 y * VNC_DIRTY_BPL(vs)); 1151 if (offset == height * VNC_DIRTY_BPL(vs)) { 1152 /* no more dirty bits */ 1153 break; 1154 } 1155 y = offset / VNC_DIRTY_BPL(vs); 1156 x = offset % VNC_DIRTY_BPL(vs); 1157 x2 = find_next_zero_bit((unsigned long *) &vs->dirty[y], 1158 VNC_DIRTY_BPL(vs), x); 1159 bitmap_clear(vs->dirty[y], x, x2 - x); 1160 h = find_and_clear_dirty_height(vs, y, x, x2, height); 1161 x2 = MIN(x2, width / VNC_DIRTY_PIXELS_PER_BIT); 1162 if (x2 > x) { 1163 n += vnc_job_add_rect(job, x * VNC_DIRTY_PIXELS_PER_BIT, y, 1164 (x2 - x) * VNC_DIRTY_PIXELS_PER_BIT, h); 1165 } 1166 if (!x && x2 == width / VNC_DIRTY_PIXELS_PER_BIT) { 1167 y += h; 1168 if (y == height) { 1169 break; 1170 } 1171 } 1172 } 1173 1174 vs->job_update = vs->update; 1175 vs->update = VNC_STATE_UPDATE_NONE; 1176 vnc_job_push(job); 1177 vs->has_dirty = 0; 1178 return n; 1179 } 1180 1181 /* audio */ 1182 static void audio_capture_notify(void *opaque, audcnotification_e cmd) 1183 { 1184 VncState *vs = opaque; 1185 1186 assert(vs->magic == VNC_MAGIC); 1187 switch (cmd) { 1188 case AUD_CNOTIFY_DISABLE: 1189 vnc_lock_output(vs); 1190 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1191 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1192 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_END); 1193 vnc_unlock_output(vs); 1194 vnc_flush(vs); 1195 break; 1196 1197 case AUD_CNOTIFY_ENABLE: 1198 vnc_lock_output(vs); 1199 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1200 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1201 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_BEGIN); 1202 vnc_unlock_output(vs); 1203 vnc_flush(vs); 1204 break; 1205 } 1206 } 1207 1208 static void audio_capture_destroy(void *opaque) 1209 { 1210 } 1211 1212 static void audio_capture(void *opaque, const void *buf, int size) 1213 { 1214 VncState *vs = opaque; 1215 1216 assert(vs->magic == VNC_MAGIC); 1217 vnc_lock_output(vs); 1218 if (vs->output.offset < vs->throttle_output_offset) { 1219 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1220 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1221 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA); 1222 vnc_write_u32(vs, size); 1223 vnc_write(vs, buf, size); 1224 } else { 1225 trace_vnc_client_throttle_audio(vs, vs->ioc, vs->output.offset); 1226 } 1227 vnc_unlock_output(vs); 1228 vnc_flush(vs); 1229 } 1230 1231 static void audio_add(VncState *vs) 1232 { 1233 struct audio_capture_ops ops; 1234 1235 if (vs->audio_cap) { 1236 error_report("audio already running"); 1237 return; 1238 } 1239 1240 ops.notify = audio_capture_notify; 1241 ops.destroy = audio_capture_destroy; 1242 ops.capture = audio_capture; 1243 1244 vs->audio_cap = AUD_add_capture(vs->vd->audio_state, &vs->as, &ops, vs); 1245 if (!vs->audio_cap) { 1246 error_report("Failed to add audio capture"); 1247 } 1248 } 1249 1250 static void audio_del(VncState *vs) 1251 { 1252 if (vs->audio_cap) { 1253 AUD_del_capture(vs->audio_cap, vs); 1254 vs->audio_cap = NULL; 1255 } 1256 } 1257 1258 static void vnc_disconnect_start(VncState *vs) 1259 { 1260 if (vs->disconnecting) { 1261 return; 1262 } 1263 trace_vnc_client_disconnect_start(vs, vs->ioc); 1264 vnc_set_share_mode(vs, VNC_SHARE_MODE_DISCONNECTED); 1265 if (vs->ioc_tag) { 1266 g_source_remove(vs->ioc_tag); 1267 vs->ioc_tag = 0; 1268 } 1269 qio_channel_close(vs->ioc, NULL); 1270 vs->disconnecting = TRUE; 1271 } 1272 1273 void vnc_disconnect_finish(VncState *vs) 1274 { 1275 int i; 1276 1277 trace_vnc_client_disconnect_finish(vs, vs->ioc); 1278 1279 vnc_jobs_join(vs); /* Wait encoding jobs */ 1280 1281 vnc_lock_output(vs); 1282 vnc_qmp_event(vs, QAPI_EVENT_VNC_DISCONNECTED); 1283 1284 buffer_free(&vs->input); 1285 buffer_free(&vs->output); 1286 1287 qapi_free_VncClientInfo(vs->info); 1288 1289 vnc_zlib_clear(vs); 1290 vnc_tight_clear(vs); 1291 vnc_zrle_clear(vs); 1292 1293 #ifdef CONFIG_VNC_SASL 1294 vnc_sasl_client_cleanup(vs); 1295 #endif /* CONFIG_VNC_SASL */ 1296 audio_del(vs); 1297 qkbd_state_lift_all_keys(vs->vd->kbd); 1298 1299 if (vs->mouse_mode_notifier.notify != NULL) { 1300 qemu_remove_mouse_mode_change_notifier(&vs->mouse_mode_notifier); 1301 } 1302 QTAILQ_REMOVE(&vs->vd->clients, vs, next); 1303 if (QTAILQ_EMPTY(&vs->vd->clients)) { 1304 /* last client gone */ 1305 vnc_update_server_surface(vs->vd); 1306 } 1307 1308 vnc_unlock_output(vs); 1309 1310 qemu_mutex_destroy(&vs->output_mutex); 1311 if (vs->bh != NULL) { 1312 qemu_bh_delete(vs->bh); 1313 } 1314 buffer_free(&vs->jobs_buffer); 1315 1316 for (i = 0; i < VNC_STAT_ROWS; ++i) { 1317 g_free(vs->lossy_rect[i]); 1318 } 1319 g_free(vs->lossy_rect); 1320 1321 object_unref(OBJECT(vs->ioc)); 1322 vs->ioc = NULL; 1323 object_unref(OBJECT(vs->sioc)); 1324 vs->sioc = NULL; 1325 vs->magic = 0; 1326 g_free(vs->zrle); 1327 g_free(vs->tight); 1328 g_free(vs); 1329 } 1330 1331 size_t vnc_client_io_error(VncState *vs, ssize_t ret, Error *err) 1332 { 1333 if (ret <= 0) { 1334 if (ret == 0) { 1335 trace_vnc_client_eof(vs, vs->ioc); 1336 vnc_disconnect_start(vs); 1337 } else if (ret != QIO_CHANNEL_ERR_BLOCK) { 1338 trace_vnc_client_io_error(vs, vs->ioc, 1339 err ? error_get_pretty(err) : "Unknown"); 1340 vnc_disconnect_start(vs); 1341 } 1342 1343 error_free(err); 1344 return 0; 1345 } 1346 return ret; 1347 } 1348 1349 1350 void vnc_client_error(VncState *vs) 1351 { 1352 VNC_DEBUG("Closing down client sock: protocol error\n"); 1353 vnc_disconnect_start(vs); 1354 } 1355 1356 1357 /* 1358 * Called to write a chunk of data to the client socket. The data may 1359 * be the raw data, or may have already been encoded by SASL. 1360 * The data will be written either straight onto the socket, or 1361 * written via the GNUTLS wrappers, if TLS/SSL encryption is enabled 1362 * 1363 * NB, it is theoretically possible to have 2 layers of encryption, 1364 * both SASL, and this TLS layer. It is highly unlikely in practice 1365 * though, since SASL encryption will typically be a no-op if TLS 1366 * is active 1367 * 1368 * Returns the number of bytes written, which may be less than 1369 * the requested 'datalen' if the socket would block. Returns 1370 * 0 on I/O error, and disconnects the client socket. 1371 */ 1372 size_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen) 1373 { 1374 Error *err = NULL; 1375 ssize_t ret; 1376 ret = qio_channel_write(vs->ioc, (const char *)data, datalen, &err); 1377 VNC_DEBUG("Wrote wire %p %zd -> %ld\n", data, datalen, ret); 1378 return vnc_client_io_error(vs, ret, err); 1379 } 1380 1381 1382 /* 1383 * Called to write buffered data to the client socket, when not 1384 * using any SASL SSF encryption layers. Will write as much data 1385 * as possible without blocking. If all buffered data is written, 1386 * will switch the FD poll() handler back to read monitoring. 1387 * 1388 * Returns the number of bytes written, which may be less than 1389 * the buffered output data if the socket would block. Returns 1390 * 0 on I/O error, and disconnects the client socket. 1391 */ 1392 static size_t vnc_client_write_plain(VncState *vs) 1393 { 1394 size_t offset; 1395 size_t ret; 1396 1397 #ifdef CONFIG_VNC_SASL 1398 VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SSF %d\n", 1399 vs->output.buffer, vs->output.capacity, vs->output.offset, 1400 vs->sasl.waitWriteSSF); 1401 1402 if (vs->sasl.conn && 1403 vs->sasl.runSSF && 1404 vs->sasl.waitWriteSSF) { 1405 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->sasl.waitWriteSSF); 1406 if (ret) 1407 vs->sasl.waitWriteSSF -= ret; 1408 } else 1409 #endif /* CONFIG_VNC_SASL */ 1410 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->output.offset); 1411 if (!ret) 1412 return 0; 1413 1414 if (ret >= vs->force_update_offset) { 1415 if (vs->force_update_offset != 0) { 1416 trace_vnc_client_unthrottle_forced(vs, vs->ioc); 1417 } 1418 vs->force_update_offset = 0; 1419 } else { 1420 vs->force_update_offset -= ret; 1421 } 1422 offset = vs->output.offset; 1423 buffer_advance(&vs->output, ret); 1424 if (offset >= vs->throttle_output_offset && 1425 vs->output.offset < vs->throttle_output_offset) { 1426 trace_vnc_client_unthrottle_incremental(vs, vs->ioc, vs->output.offset); 1427 } 1428 1429 if (vs->output.offset == 0) { 1430 if (vs->ioc_tag) { 1431 g_source_remove(vs->ioc_tag); 1432 } 1433 vs->ioc_tag = qio_channel_add_watch( 1434 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR, 1435 vnc_client_io, vs, NULL); 1436 } 1437 1438 return ret; 1439 } 1440 1441 1442 /* 1443 * First function called whenever there is data to be written to 1444 * the client socket. Will delegate actual work according to whether 1445 * SASL SSF layers are enabled (thus requiring encryption calls) 1446 */ 1447 static void vnc_client_write_locked(VncState *vs) 1448 { 1449 #ifdef CONFIG_VNC_SASL 1450 if (vs->sasl.conn && 1451 vs->sasl.runSSF && 1452 !vs->sasl.waitWriteSSF) { 1453 vnc_client_write_sasl(vs); 1454 } else 1455 #endif /* CONFIG_VNC_SASL */ 1456 { 1457 vnc_client_write_plain(vs); 1458 } 1459 } 1460 1461 static void vnc_client_write(VncState *vs) 1462 { 1463 assert(vs->magic == VNC_MAGIC); 1464 vnc_lock_output(vs); 1465 if (vs->output.offset) { 1466 vnc_client_write_locked(vs); 1467 } else if (vs->ioc != NULL) { 1468 if (vs->ioc_tag) { 1469 g_source_remove(vs->ioc_tag); 1470 } 1471 vs->ioc_tag = qio_channel_add_watch( 1472 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR, 1473 vnc_client_io, vs, NULL); 1474 } 1475 vnc_unlock_output(vs); 1476 } 1477 1478 void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting) 1479 { 1480 vs->read_handler = func; 1481 vs->read_handler_expect = expecting; 1482 } 1483 1484 1485 /* 1486 * Called to read a chunk of data from the client socket. The data may 1487 * be the raw data, or may need to be further decoded by SASL. 1488 * The data will be read either straight from to the socket, or 1489 * read via the GNUTLS wrappers, if TLS/SSL encryption is enabled 1490 * 1491 * NB, it is theoretically possible to have 2 layers of encryption, 1492 * both SASL, and this TLS layer. It is highly unlikely in practice 1493 * though, since SASL encryption will typically be a no-op if TLS 1494 * is active 1495 * 1496 * Returns the number of bytes read, which may be less than 1497 * the requested 'datalen' if the socket would block. Returns 1498 * 0 on I/O error or EOF, and disconnects the client socket. 1499 */ 1500 size_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen) 1501 { 1502 ssize_t ret; 1503 Error *err = NULL; 1504 ret = qio_channel_read(vs->ioc, (char *)data, datalen, &err); 1505 VNC_DEBUG("Read wire %p %zd -> %ld\n", data, datalen, ret); 1506 return vnc_client_io_error(vs, ret, err); 1507 } 1508 1509 1510 /* 1511 * Called to read data from the client socket to the input buffer, 1512 * when not using any SASL SSF encryption layers. Will read as much 1513 * data as possible without blocking. 1514 * 1515 * Returns the number of bytes read, which may be less than 1516 * the requested 'datalen' if the socket would block. Returns 1517 * 0 on I/O error or EOF, and disconnects the client socket. 1518 */ 1519 static size_t vnc_client_read_plain(VncState *vs) 1520 { 1521 size_t ret; 1522 VNC_DEBUG("Read plain %p size %zd offset %zd\n", 1523 vs->input.buffer, vs->input.capacity, vs->input.offset); 1524 buffer_reserve(&vs->input, 4096); 1525 ret = vnc_client_read_buf(vs, buffer_end(&vs->input), 4096); 1526 if (!ret) 1527 return 0; 1528 vs->input.offset += ret; 1529 return ret; 1530 } 1531 1532 static void vnc_jobs_bh(void *opaque) 1533 { 1534 VncState *vs = opaque; 1535 1536 assert(vs->magic == VNC_MAGIC); 1537 vnc_jobs_consume_buffer(vs); 1538 } 1539 1540 /* 1541 * First function called whenever there is more data to be read from 1542 * the client socket. Will delegate actual work according to whether 1543 * SASL SSF layers are enabled (thus requiring decryption calls) 1544 * Returns 0 on success, -1 if client disconnected 1545 */ 1546 static int vnc_client_read(VncState *vs) 1547 { 1548 size_t ret; 1549 1550 #ifdef CONFIG_VNC_SASL 1551 if (vs->sasl.conn && vs->sasl.runSSF) 1552 ret = vnc_client_read_sasl(vs); 1553 else 1554 #endif /* CONFIG_VNC_SASL */ 1555 ret = vnc_client_read_plain(vs); 1556 if (!ret) { 1557 if (vs->disconnecting) { 1558 vnc_disconnect_finish(vs); 1559 return -1; 1560 } 1561 return 0; 1562 } 1563 1564 while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) { 1565 size_t len = vs->read_handler_expect; 1566 int ret; 1567 1568 ret = vs->read_handler(vs, vs->input.buffer, len); 1569 if (vs->disconnecting) { 1570 vnc_disconnect_finish(vs); 1571 return -1; 1572 } 1573 1574 if (!ret) { 1575 buffer_advance(&vs->input, len); 1576 } else { 1577 vs->read_handler_expect = ret; 1578 } 1579 } 1580 return 0; 1581 } 1582 1583 gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED, 1584 GIOCondition condition, void *opaque) 1585 { 1586 VncState *vs = opaque; 1587 1588 assert(vs->magic == VNC_MAGIC); 1589 1590 if (condition & (G_IO_HUP | G_IO_ERR)) { 1591 vnc_disconnect_start(vs); 1592 return TRUE; 1593 } 1594 1595 if (condition & G_IO_IN) { 1596 if (vnc_client_read(vs) < 0) { 1597 /* vs is free()ed here */ 1598 return TRUE; 1599 } 1600 } 1601 if (condition & G_IO_OUT) { 1602 vnc_client_write(vs); 1603 } 1604 1605 if (vs->disconnecting) { 1606 if (vs->ioc_tag != 0) { 1607 g_source_remove(vs->ioc_tag); 1608 } 1609 vs->ioc_tag = 0; 1610 } 1611 return TRUE; 1612 } 1613 1614 1615 /* 1616 * Scale factor to apply to vs->throttle_output_offset when checking for 1617 * hard limit. Worst case normal usage could be x2, if we have a complete 1618 * incremental update and complete forced update in the output buffer. 1619 * So x3 should be good enough, but we pick x5 to be conservative and thus 1620 * (hopefully) never trigger incorrectly. 1621 */ 1622 #define VNC_THROTTLE_OUTPUT_LIMIT_SCALE 5 1623 1624 void vnc_write(VncState *vs, const void *data, size_t len) 1625 { 1626 assert(vs->magic == VNC_MAGIC); 1627 if (vs->disconnecting) { 1628 return; 1629 } 1630 /* Protection against malicious client/guest to prevent our output 1631 * buffer growing without bound if client stops reading data. This 1632 * should rarely trigger, because we have earlier throttling code 1633 * which stops issuing framebuffer updates and drops audio data 1634 * if the throttle_output_offset value is exceeded. So we only reach 1635 * this higher level if a huge number of pseudo-encodings get 1636 * triggered while data can't be sent on the socket. 1637 * 1638 * NB throttle_output_offset can be zero during early protocol 1639 * handshake, or from the job thread's VncState clone 1640 */ 1641 if (vs->throttle_output_offset != 0 && 1642 (vs->output.offset / VNC_THROTTLE_OUTPUT_LIMIT_SCALE) > 1643 vs->throttle_output_offset) { 1644 trace_vnc_client_output_limit(vs, vs->ioc, vs->output.offset, 1645 vs->throttle_output_offset); 1646 vnc_disconnect_start(vs); 1647 return; 1648 } 1649 buffer_reserve(&vs->output, len); 1650 1651 if (vs->ioc != NULL && buffer_empty(&vs->output)) { 1652 if (vs->ioc_tag) { 1653 g_source_remove(vs->ioc_tag); 1654 } 1655 vs->ioc_tag = qio_channel_add_watch( 1656 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR | G_IO_OUT, 1657 vnc_client_io, vs, NULL); 1658 } 1659 1660 buffer_append(&vs->output, data, len); 1661 } 1662 1663 void vnc_write_s32(VncState *vs, int32_t value) 1664 { 1665 vnc_write_u32(vs, *(uint32_t *)&value); 1666 } 1667 1668 void vnc_write_u32(VncState *vs, uint32_t value) 1669 { 1670 uint8_t buf[4]; 1671 1672 buf[0] = (value >> 24) & 0xFF; 1673 buf[1] = (value >> 16) & 0xFF; 1674 buf[2] = (value >> 8) & 0xFF; 1675 buf[3] = value & 0xFF; 1676 1677 vnc_write(vs, buf, 4); 1678 } 1679 1680 void vnc_write_u16(VncState *vs, uint16_t value) 1681 { 1682 uint8_t buf[2]; 1683 1684 buf[0] = (value >> 8) & 0xFF; 1685 buf[1] = value & 0xFF; 1686 1687 vnc_write(vs, buf, 2); 1688 } 1689 1690 void vnc_write_u8(VncState *vs, uint8_t value) 1691 { 1692 vnc_write(vs, (char *)&value, 1); 1693 } 1694 1695 void vnc_flush(VncState *vs) 1696 { 1697 vnc_lock_output(vs); 1698 if (vs->ioc != NULL && vs->output.offset) { 1699 vnc_client_write_locked(vs); 1700 } 1701 if (vs->disconnecting) { 1702 if (vs->ioc_tag != 0) { 1703 g_source_remove(vs->ioc_tag); 1704 } 1705 vs->ioc_tag = 0; 1706 } 1707 vnc_unlock_output(vs); 1708 } 1709 1710 static uint8_t read_u8(uint8_t *data, size_t offset) 1711 { 1712 return data[offset]; 1713 } 1714 1715 static uint16_t read_u16(uint8_t *data, size_t offset) 1716 { 1717 return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF); 1718 } 1719 1720 static int32_t read_s32(uint8_t *data, size_t offset) 1721 { 1722 return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) | 1723 (data[offset + 2] << 8) | data[offset + 3]); 1724 } 1725 1726 uint32_t read_u32(uint8_t *data, size_t offset) 1727 { 1728 return ((data[offset] << 24) | (data[offset + 1] << 16) | 1729 (data[offset + 2] << 8) | data[offset + 3]); 1730 } 1731 1732 static void client_cut_text(VncState *vs, size_t len, uint8_t *text) 1733 { 1734 } 1735 1736 static void check_pointer_type_change(Notifier *notifier, void *data) 1737 { 1738 VncState *vs = container_of(notifier, VncState, mouse_mode_notifier); 1739 int absolute = qemu_input_is_absolute(); 1740 1741 if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE) && vs->absolute != absolute) { 1742 vnc_lock_output(vs); 1743 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 1744 vnc_write_u8(vs, 0); 1745 vnc_write_u16(vs, 1); 1746 vnc_framebuffer_update(vs, absolute, 0, 1747 pixman_image_get_width(vs->vd->server), 1748 pixman_image_get_height(vs->vd->server), 1749 VNC_ENCODING_POINTER_TYPE_CHANGE); 1750 vnc_unlock_output(vs); 1751 vnc_flush(vs); 1752 } 1753 vs->absolute = absolute; 1754 } 1755 1756 static void pointer_event(VncState *vs, int button_mask, int x, int y) 1757 { 1758 static uint32_t bmap[INPUT_BUTTON__MAX] = { 1759 [INPUT_BUTTON_LEFT] = 0x01, 1760 [INPUT_BUTTON_MIDDLE] = 0x02, 1761 [INPUT_BUTTON_RIGHT] = 0x04, 1762 [INPUT_BUTTON_WHEEL_UP] = 0x08, 1763 [INPUT_BUTTON_WHEEL_DOWN] = 0x10, 1764 }; 1765 QemuConsole *con = vs->vd->dcl.con; 1766 int width = pixman_image_get_width(vs->vd->server); 1767 int height = pixman_image_get_height(vs->vd->server); 1768 1769 if (vs->last_bmask != button_mask) { 1770 qemu_input_update_buttons(con, bmap, vs->last_bmask, button_mask); 1771 vs->last_bmask = button_mask; 1772 } 1773 1774 if (vs->absolute) { 1775 qemu_input_queue_abs(con, INPUT_AXIS_X, x, 0, width); 1776 qemu_input_queue_abs(con, INPUT_AXIS_Y, y, 0, height); 1777 } else if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE)) { 1778 qemu_input_queue_rel(con, INPUT_AXIS_X, x - 0x7FFF); 1779 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - 0x7FFF); 1780 } else { 1781 if (vs->last_x != -1) { 1782 qemu_input_queue_rel(con, INPUT_AXIS_X, x - vs->last_x); 1783 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - vs->last_y); 1784 } 1785 vs->last_x = x; 1786 vs->last_y = y; 1787 } 1788 qemu_input_event_sync(); 1789 } 1790 1791 static void press_key(VncState *vs, QKeyCode qcode) 1792 { 1793 qkbd_state_key_event(vs->vd->kbd, qcode, true); 1794 qkbd_state_key_event(vs->vd->kbd, qcode, false); 1795 } 1796 1797 static void vnc_led_state_change(VncState *vs) 1798 { 1799 if (!vnc_has_feature(vs, VNC_FEATURE_LED_STATE)) { 1800 return; 1801 } 1802 1803 vnc_lock_output(vs); 1804 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 1805 vnc_write_u8(vs, 0); 1806 vnc_write_u16(vs, 1); 1807 vnc_framebuffer_update(vs, 0, 0, 1, 1, VNC_ENCODING_LED_STATE); 1808 vnc_write_u8(vs, vs->vd->ledstate); 1809 vnc_unlock_output(vs); 1810 vnc_flush(vs); 1811 } 1812 1813 static void kbd_leds(void *opaque, int ledstate) 1814 { 1815 VncDisplay *vd = opaque; 1816 VncState *client; 1817 1818 trace_vnc_key_guest_leds((ledstate & QEMU_CAPS_LOCK_LED), 1819 (ledstate & QEMU_NUM_LOCK_LED), 1820 (ledstate & QEMU_SCROLL_LOCK_LED)); 1821 1822 if (ledstate == vd->ledstate) { 1823 return; 1824 } 1825 1826 vd->ledstate = ledstate; 1827 1828 QTAILQ_FOREACH(client, &vd->clients, next) { 1829 vnc_led_state_change(client); 1830 } 1831 } 1832 1833 static void do_key_event(VncState *vs, int down, int keycode, int sym) 1834 { 1835 QKeyCode qcode = qemu_input_key_number_to_qcode(keycode); 1836 1837 /* QEMU console switch */ 1838 switch (qcode) { 1839 case Q_KEY_CODE_1 ... Q_KEY_CODE_9: /* '1' to '9' keys */ 1840 if (vs->vd->dcl.con == NULL && down && 1841 qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CTRL) && 1842 qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_ALT)) { 1843 /* Reset the modifiers sent to the current console */ 1844 qkbd_state_lift_all_keys(vs->vd->kbd); 1845 console_select(qcode - Q_KEY_CODE_1); 1846 return; 1847 } 1848 default: 1849 break; 1850 } 1851 1852 /* Turn off the lock state sync logic if the client support the led 1853 state extension. 1854 */ 1855 if (down && vs->vd->lock_key_sync && 1856 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) && 1857 keycode_is_keypad(vs->vd->kbd_layout, keycode)) { 1858 /* If the numlock state needs to change then simulate an additional 1859 keypress before sending this one. This will happen if the user 1860 toggles numlock away from the VNC window. 1861 */ 1862 if (keysym_is_numlock(vs->vd->kbd_layout, sym & 0xFFFF)) { 1863 if (!qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK)) { 1864 trace_vnc_key_sync_numlock(true); 1865 press_key(vs, Q_KEY_CODE_NUM_LOCK); 1866 } 1867 } else { 1868 if (qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK)) { 1869 trace_vnc_key_sync_numlock(false); 1870 press_key(vs, Q_KEY_CODE_NUM_LOCK); 1871 } 1872 } 1873 } 1874 1875 if (down && vs->vd->lock_key_sync && 1876 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) && 1877 ((sym >= 'A' && sym <= 'Z') || (sym >= 'a' && sym <= 'z'))) { 1878 /* If the capslock state needs to change then simulate an additional 1879 keypress before sending this one. This will happen if the user 1880 toggles capslock away from the VNC window. 1881 */ 1882 int uppercase = !!(sym >= 'A' && sym <= 'Z'); 1883 bool shift = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_SHIFT); 1884 bool capslock = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CAPSLOCK); 1885 if (capslock) { 1886 if (uppercase == shift) { 1887 trace_vnc_key_sync_capslock(false); 1888 press_key(vs, Q_KEY_CODE_CAPS_LOCK); 1889 } 1890 } else { 1891 if (uppercase != shift) { 1892 trace_vnc_key_sync_capslock(true); 1893 press_key(vs, Q_KEY_CODE_CAPS_LOCK); 1894 } 1895 } 1896 } 1897 1898 qkbd_state_key_event(vs->vd->kbd, qcode, down); 1899 if (!qemu_console_is_graphic(NULL)) { 1900 bool numlock = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK); 1901 bool control = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CTRL); 1902 /* QEMU console emulation */ 1903 if (down) { 1904 switch (keycode) { 1905 case 0x2a: /* Left Shift */ 1906 case 0x36: /* Right Shift */ 1907 case 0x1d: /* Left CTRL */ 1908 case 0x9d: /* Right CTRL */ 1909 case 0x38: /* Left ALT */ 1910 case 0xb8: /* Right ALT */ 1911 break; 1912 case 0xc8: 1913 kbd_put_keysym(QEMU_KEY_UP); 1914 break; 1915 case 0xd0: 1916 kbd_put_keysym(QEMU_KEY_DOWN); 1917 break; 1918 case 0xcb: 1919 kbd_put_keysym(QEMU_KEY_LEFT); 1920 break; 1921 case 0xcd: 1922 kbd_put_keysym(QEMU_KEY_RIGHT); 1923 break; 1924 case 0xd3: 1925 kbd_put_keysym(QEMU_KEY_DELETE); 1926 break; 1927 case 0xc7: 1928 kbd_put_keysym(QEMU_KEY_HOME); 1929 break; 1930 case 0xcf: 1931 kbd_put_keysym(QEMU_KEY_END); 1932 break; 1933 case 0xc9: 1934 kbd_put_keysym(QEMU_KEY_PAGEUP); 1935 break; 1936 case 0xd1: 1937 kbd_put_keysym(QEMU_KEY_PAGEDOWN); 1938 break; 1939 1940 case 0x47: 1941 kbd_put_keysym(numlock ? '7' : QEMU_KEY_HOME); 1942 break; 1943 case 0x48: 1944 kbd_put_keysym(numlock ? '8' : QEMU_KEY_UP); 1945 break; 1946 case 0x49: 1947 kbd_put_keysym(numlock ? '9' : QEMU_KEY_PAGEUP); 1948 break; 1949 case 0x4b: 1950 kbd_put_keysym(numlock ? '4' : QEMU_KEY_LEFT); 1951 break; 1952 case 0x4c: 1953 kbd_put_keysym('5'); 1954 break; 1955 case 0x4d: 1956 kbd_put_keysym(numlock ? '6' : QEMU_KEY_RIGHT); 1957 break; 1958 case 0x4f: 1959 kbd_put_keysym(numlock ? '1' : QEMU_KEY_END); 1960 break; 1961 case 0x50: 1962 kbd_put_keysym(numlock ? '2' : QEMU_KEY_DOWN); 1963 break; 1964 case 0x51: 1965 kbd_put_keysym(numlock ? '3' : QEMU_KEY_PAGEDOWN); 1966 break; 1967 case 0x52: 1968 kbd_put_keysym('0'); 1969 break; 1970 case 0x53: 1971 kbd_put_keysym(numlock ? '.' : QEMU_KEY_DELETE); 1972 break; 1973 1974 case 0xb5: 1975 kbd_put_keysym('/'); 1976 break; 1977 case 0x37: 1978 kbd_put_keysym('*'); 1979 break; 1980 case 0x4a: 1981 kbd_put_keysym('-'); 1982 break; 1983 case 0x4e: 1984 kbd_put_keysym('+'); 1985 break; 1986 case 0x9c: 1987 kbd_put_keysym('\n'); 1988 break; 1989 1990 default: 1991 if (control) { 1992 kbd_put_keysym(sym & 0x1f); 1993 } else { 1994 kbd_put_keysym(sym); 1995 } 1996 break; 1997 } 1998 } 1999 } 2000 } 2001 2002 static const char *code2name(int keycode) 2003 { 2004 return QKeyCode_str(qemu_input_key_number_to_qcode(keycode)); 2005 } 2006 2007 static void key_event(VncState *vs, int down, uint32_t sym) 2008 { 2009 int keycode; 2010 int lsym = sym; 2011 2012 if (lsym >= 'A' && lsym <= 'Z' && qemu_console_is_graphic(NULL)) { 2013 lsym = lsym - 'A' + 'a'; 2014 } 2015 2016 keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF, 2017 vs->vd->kbd, down) & SCANCODE_KEYMASK; 2018 trace_vnc_key_event_map(down, sym, keycode, code2name(keycode)); 2019 do_key_event(vs, down, keycode, sym); 2020 } 2021 2022 static void ext_key_event(VncState *vs, int down, 2023 uint32_t sym, uint16_t keycode) 2024 { 2025 /* if the user specifies a keyboard layout, always use it */ 2026 if (keyboard_layout) { 2027 key_event(vs, down, sym); 2028 } else { 2029 trace_vnc_key_event_ext(down, sym, keycode, code2name(keycode)); 2030 do_key_event(vs, down, keycode, sym); 2031 } 2032 } 2033 2034 static void framebuffer_update_request(VncState *vs, int incremental, 2035 int x, int y, int w, int h) 2036 { 2037 if (incremental) { 2038 if (vs->update != VNC_STATE_UPDATE_FORCE) { 2039 vs->update = VNC_STATE_UPDATE_INCREMENTAL; 2040 } 2041 } else { 2042 vs->update = VNC_STATE_UPDATE_FORCE; 2043 vnc_set_area_dirty(vs->dirty, vs->vd, x, y, w, h); 2044 vnc_colordepth(vs); 2045 vnc_desktop_resize(vs); 2046 vnc_led_state_change(vs); 2047 vnc_cursor_define(vs); 2048 } 2049 } 2050 2051 static void send_ext_key_event_ack(VncState *vs) 2052 { 2053 vnc_lock_output(vs); 2054 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2055 vnc_write_u8(vs, 0); 2056 vnc_write_u16(vs, 1); 2057 vnc_framebuffer_update(vs, 0, 0, 2058 pixman_image_get_width(vs->vd->server), 2059 pixman_image_get_height(vs->vd->server), 2060 VNC_ENCODING_EXT_KEY_EVENT); 2061 vnc_unlock_output(vs); 2062 vnc_flush(vs); 2063 } 2064 2065 static void send_ext_audio_ack(VncState *vs) 2066 { 2067 vnc_lock_output(vs); 2068 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2069 vnc_write_u8(vs, 0); 2070 vnc_write_u16(vs, 1); 2071 vnc_framebuffer_update(vs, 0, 0, 2072 pixman_image_get_width(vs->vd->server), 2073 pixman_image_get_height(vs->vd->server), 2074 VNC_ENCODING_AUDIO); 2075 vnc_unlock_output(vs); 2076 vnc_flush(vs); 2077 } 2078 2079 static void send_xvp_message(VncState *vs, int code) 2080 { 2081 vnc_lock_output(vs); 2082 vnc_write_u8(vs, VNC_MSG_SERVER_XVP); 2083 vnc_write_u8(vs, 0); /* pad */ 2084 vnc_write_u8(vs, 1); /* version */ 2085 vnc_write_u8(vs, code); 2086 vnc_unlock_output(vs); 2087 vnc_flush(vs); 2088 } 2089 2090 static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings) 2091 { 2092 int i; 2093 unsigned int enc = 0; 2094 2095 vs->features = 0; 2096 vs->vnc_encoding = 0; 2097 vs->tight->compression = 9; 2098 vs->tight->quality = -1; /* Lossless by default */ 2099 vs->absolute = -1; 2100 2101 /* 2102 * Start from the end because the encodings are sent in order of preference. 2103 * This way the preferred encoding (first encoding defined in the array) 2104 * will be set at the end of the loop. 2105 */ 2106 for (i = n_encodings - 1; i >= 0; i--) { 2107 enc = encodings[i]; 2108 switch (enc) { 2109 case VNC_ENCODING_RAW: 2110 vs->vnc_encoding = enc; 2111 break; 2112 case VNC_ENCODING_HEXTILE: 2113 vs->features |= VNC_FEATURE_HEXTILE_MASK; 2114 vs->vnc_encoding = enc; 2115 break; 2116 case VNC_ENCODING_TIGHT: 2117 vs->features |= VNC_FEATURE_TIGHT_MASK; 2118 vs->vnc_encoding = enc; 2119 break; 2120 #ifdef CONFIG_VNC_PNG 2121 case VNC_ENCODING_TIGHT_PNG: 2122 vs->features |= VNC_FEATURE_TIGHT_PNG_MASK; 2123 vs->vnc_encoding = enc; 2124 break; 2125 #endif 2126 case VNC_ENCODING_ZLIB: 2127 /* 2128 * VNC_ENCODING_ZRLE compresses better than VNC_ENCODING_ZLIB. 2129 * So prioritize ZRLE, even if the client hints that it prefers 2130 * ZLIB. 2131 */ 2132 if ((vs->features & VNC_FEATURE_ZRLE_MASK) == 0) { 2133 vs->features |= VNC_FEATURE_ZLIB_MASK; 2134 vs->vnc_encoding = enc; 2135 } 2136 break; 2137 case VNC_ENCODING_ZRLE: 2138 vs->features |= VNC_FEATURE_ZRLE_MASK; 2139 vs->vnc_encoding = enc; 2140 break; 2141 case VNC_ENCODING_ZYWRLE: 2142 vs->features |= VNC_FEATURE_ZYWRLE_MASK; 2143 vs->vnc_encoding = enc; 2144 break; 2145 case VNC_ENCODING_DESKTOPRESIZE: 2146 vs->features |= VNC_FEATURE_RESIZE_MASK; 2147 break; 2148 case VNC_ENCODING_DESKTOP_RESIZE_EXT: 2149 vs->features |= VNC_FEATURE_RESIZE_EXT_MASK; 2150 break; 2151 case VNC_ENCODING_POINTER_TYPE_CHANGE: 2152 vs->features |= VNC_FEATURE_POINTER_TYPE_CHANGE_MASK; 2153 break; 2154 case VNC_ENCODING_RICH_CURSOR: 2155 vs->features |= VNC_FEATURE_RICH_CURSOR_MASK; 2156 break; 2157 case VNC_ENCODING_ALPHA_CURSOR: 2158 vs->features |= VNC_FEATURE_ALPHA_CURSOR_MASK; 2159 break; 2160 case VNC_ENCODING_EXT_KEY_EVENT: 2161 send_ext_key_event_ack(vs); 2162 break; 2163 case VNC_ENCODING_AUDIO: 2164 send_ext_audio_ack(vs); 2165 break; 2166 case VNC_ENCODING_WMVi: 2167 vs->features |= VNC_FEATURE_WMVI_MASK; 2168 break; 2169 case VNC_ENCODING_LED_STATE: 2170 vs->features |= VNC_FEATURE_LED_STATE_MASK; 2171 break; 2172 case VNC_ENCODING_XVP: 2173 if (vs->vd->power_control) { 2174 vs->features |= VNC_FEATURE_XVP; 2175 send_xvp_message(vs, VNC_XVP_CODE_INIT); 2176 } 2177 break; 2178 case VNC_ENCODING_COMPRESSLEVEL0 ... VNC_ENCODING_COMPRESSLEVEL0 + 9: 2179 vs->tight->compression = (enc & 0x0F); 2180 break; 2181 case VNC_ENCODING_QUALITYLEVEL0 ... VNC_ENCODING_QUALITYLEVEL0 + 9: 2182 if (vs->vd->lossy) { 2183 vs->tight->quality = (enc & 0x0F); 2184 } 2185 break; 2186 default: 2187 VNC_DEBUG("Unknown encoding: %d (0x%.8x): %d\n", i, enc, enc); 2188 break; 2189 } 2190 } 2191 check_pointer_type_change(&vs->mouse_mode_notifier, NULL); 2192 } 2193 2194 static void set_pixel_conversion(VncState *vs) 2195 { 2196 pixman_format_code_t fmt = qemu_pixman_get_format(&vs->client_pf); 2197 2198 if (fmt == VNC_SERVER_FB_FORMAT) { 2199 vs->write_pixels = vnc_write_pixels_copy; 2200 vnc_hextile_set_pixel_conversion(vs, 0); 2201 } else { 2202 vs->write_pixels = vnc_write_pixels_generic; 2203 vnc_hextile_set_pixel_conversion(vs, 1); 2204 } 2205 } 2206 2207 static void send_color_map(VncState *vs) 2208 { 2209 int i; 2210 2211 vnc_lock_output(vs); 2212 vnc_write_u8(vs, VNC_MSG_SERVER_SET_COLOUR_MAP_ENTRIES); 2213 vnc_write_u8(vs, 0); /* padding */ 2214 vnc_write_u16(vs, 0); /* first color */ 2215 vnc_write_u16(vs, 256); /* # of colors */ 2216 2217 for (i = 0; i < 256; i++) { 2218 PixelFormat *pf = &vs->client_pf; 2219 2220 vnc_write_u16(vs, (((i >> pf->rshift) & pf->rmax) << (16 - pf->rbits))); 2221 vnc_write_u16(vs, (((i >> pf->gshift) & pf->gmax) << (16 - pf->gbits))); 2222 vnc_write_u16(vs, (((i >> pf->bshift) & pf->bmax) << (16 - pf->bbits))); 2223 } 2224 vnc_unlock_output(vs); 2225 } 2226 2227 static void set_pixel_format(VncState *vs, int bits_per_pixel, 2228 int big_endian_flag, int true_color_flag, 2229 int red_max, int green_max, int blue_max, 2230 int red_shift, int green_shift, int blue_shift) 2231 { 2232 if (!true_color_flag) { 2233 /* Expose a reasonable default 256 color map */ 2234 bits_per_pixel = 8; 2235 red_max = 7; 2236 green_max = 7; 2237 blue_max = 3; 2238 red_shift = 0; 2239 green_shift = 3; 2240 blue_shift = 6; 2241 } 2242 2243 switch (bits_per_pixel) { 2244 case 8: 2245 case 16: 2246 case 32: 2247 break; 2248 default: 2249 vnc_client_error(vs); 2250 return; 2251 } 2252 2253 vs->client_pf.rmax = red_max ? red_max : 0xFF; 2254 vs->client_pf.rbits = ctpopl(red_max); 2255 vs->client_pf.rshift = red_shift; 2256 vs->client_pf.rmask = red_max << red_shift; 2257 vs->client_pf.gmax = green_max ? green_max : 0xFF; 2258 vs->client_pf.gbits = ctpopl(green_max); 2259 vs->client_pf.gshift = green_shift; 2260 vs->client_pf.gmask = green_max << green_shift; 2261 vs->client_pf.bmax = blue_max ? blue_max : 0xFF; 2262 vs->client_pf.bbits = ctpopl(blue_max); 2263 vs->client_pf.bshift = blue_shift; 2264 vs->client_pf.bmask = blue_max << blue_shift; 2265 vs->client_pf.bits_per_pixel = bits_per_pixel; 2266 vs->client_pf.bytes_per_pixel = bits_per_pixel / 8; 2267 vs->client_pf.depth = bits_per_pixel == 32 ? 24 : bits_per_pixel; 2268 vs->client_be = big_endian_flag; 2269 2270 if (!true_color_flag) { 2271 send_color_map(vs); 2272 } 2273 2274 set_pixel_conversion(vs); 2275 2276 graphic_hw_invalidate(vs->vd->dcl.con); 2277 graphic_hw_update(vs->vd->dcl.con); 2278 } 2279 2280 static void pixel_format_message (VncState *vs) { 2281 char pad[3] = { 0, 0, 0 }; 2282 2283 vs->client_pf = qemu_default_pixelformat(32); 2284 2285 vnc_write_u8(vs, vs->client_pf.bits_per_pixel); /* bits-per-pixel */ 2286 vnc_write_u8(vs, vs->client_pf.depth); /* depth */ 2287 2288 #ifdef HOST_WORDS_BIGENDIAN 2289 vnc_write_u8(vs, 1); /* big-endian-flag */ 2290 #else 2291 vnc_write_u8(vs, 0); /* big-endian-flag */ 2292 #endif 2293 vnc_write_u8(vs, 1); /* true-color-flag */ 2294 vnc_write_u16(vs, vs->client_pf.rmax); /* red-max */ 2295 vnc_write_u16(vs, vs->client_pf.gmax); /* green-max */ 2296 vnc_write_u16(vs, vs->client_pf.bmax); /* blue-max */ 2297 vnc_write_u8(vs, vs->client_pf.rshift); /* red-shift */ 2298 vnc_write_u8(vs, vs->client_pf.gshift); /* green-shift */ 2299 vnc_write_u8(vs, vs->client_pf.bshift); /* blue-shift */ 2300 vnc_write(vs, pad, 3); /* padding */ 2301 2302 vnc_hextile_set_pixel_conversion(vs, 0); 2303 vs->write_pixels = vnc_write_pixels_copy; 2304 } 2305 2306 static void vnc_colordepth(VncState *vs) 2307 { 2308 if (vnc_has_feature(vs, VNC_FEATURE_WMVI)) { 2309 /* Sending a WMVi message to notify the client*/ 2310 vnc_lock_output(vs); 2311 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2312 vnc_write_u8(vs, 0); 2313 vnc_write_u16(vs, 1); /* number of rects */ 2314 vnc_framebuffer_update(vs, 0, 0, 2315 pixman_image_get_width(vs->vd->server), 2316 pixman_image_get_height(vs->vd->server), 2317 VNC_ENCODING_WMVi); 2318 pixel_format_message(vs); 2319 vnc_unlock_output(vs); 2320 vnc_flush(vs); 2321 } else { 2322 set_pixel_conversion(vs); 2323 } 2324 } 2325 2326 static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len) 2327 { 2328 int i; 2329 uint16_t limit; 2330 uint32_t freq; 2331 VncDisplay *vd = vs->vd; 2332 2333 if (data[0] > 3) { 2334 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 2335 } 2336 2337 switch (data[0]) { 2338 case VNC_MSG_CLIENT_SET_PIXEL_FORMAT: 2339 if (len == 1) 2340 return 20; 2341 2342 set_pixel_format(vs, read_u8(data, 4), 2343 read_u8(data, 6), read_u8(data, 7), 2344 read_u16(data, 8), read_u16(data, 10), 2345 read_u16(data, 12), read_u8(data, 14), 2346 read_u8(data, 15), read_u8(data, 16)); 2347 break; 2348 case VNC_MSG_CLIENT_SET_ENCODINGS: 2349 if (len == 1) 2350 return 4; 2351 2352 if (len == 4) { 2353 limit = read_u16(data, 2); 2354 if (limit > 0) 2355 return 4 + (limit * 4); 2356 } else 2357 limit = read_u16(data, 2); 2358 2359 for (i = 0; i < limit; i++) { 2360 int32_t val = read_s32(data, 4 + (i * 4)); 2361 memcpy(data + 4 + (i * 4), &val, sizeof(val)); 2362 } 2363 2364 set_encodings(vs, (int32_t *)(data + 4), limit); 2365 break; 2366 case VNC_MSG_CLIENT_FRAMEBUFFER_UPDATE_REQUEST: 2367 if (len == 1) 2368 return 10; 2369 2370 framebuffer_update_request(vs, 2371 read_u8(data, 1), read_u16(data, 2), read_u16(data, 4), 2372 read_u16(data, 6), read_u16(data, 8)); 2373 break; 2374 case VNC_MSG_CLIENT_KEY_EVENT: 2375 if (len == 1) 2376 return 8; 2377 2378 key_event(vs, read_u8(data, 1), read_u32(data, 4)); 2379 break; 2380 case VNC_MSG_CLIENT_POINTER_EVENT: 2381 if (len == 1) 2382 return 6; 2383 2384 pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4)); 2385 break; 2386 case VNC_MSG_CLIENT_CUT_TEXT: 2387 if (len == 1) { 2388 return 8; 2389 } 2390 if (len == 8) { 2391 uint32_t dlen = read_u32(data, 4); 2392 if (dlen > (1 << 20)) { 2393 error_report("vnc: client_cut_text msg payload has %u bytes" 2394 " which exceeds our limit of 1MB.", dlen); 2395 vnc_client_error(vs); 2396 break; 2397 } 2398 if (dlen > 0) { 2399 return 8 + dlen; 2400 } 2401 } 2402 2403 client_cut_text(vs, read_u32(data, 4), data + 8); 2404 break; 2405 case VNC_MSG_CLIENT_XVP: 2406 if (!(vs->features & VNC_FEATURE_XVP)) { 2407 error_report("vnc: xvp client message while disabled"); 2408 vnc_client_error(vs); 2409 break; 2410 } 2411 if (len == 1) { 2412 return 4; 2413 } 2414 if (len == 4) { 2415 uint8_t version = read_u8(data, 2); 2416 uint8_t action = read_u8(data, 3); 2417 2418 if (version != 1) { 2419 error_report("vnc: xvp client message version %d != 1", 2420 version); 2421 vnc_client_error(vs); 2422 break; 2423 } 2424 2425 switch (action) { 2426 case VNC_XVP_ACTION_SHUTDOWN: 2427 qemu_system_powerdown_request(); 2428 break; 2429 case VNC_XVP_ACTION_REBOOT: 2430 send_xvp_message(vs, VNC_XVP_CODE_FAIL); 2431 break; 2432 case VNC_XVP_ACTION_RESET: 2433 qemu_system_reset_request(SHUTDOWN_CAUSE_HOST_QMP_SYSTEM_RESET); 2434 break; 2435 default: 2436 send_xvp_message(vs, VNC_XVP_CODE_FAIL); 2437 break; 2438 } 2439 } 2440 break; 2441 case VNC_MSG_CLIENT_QEMU: 2442 if (len == 1) 2443 return 2; 2444 2445 switch (read_u8(data, 1)) { 2446 case VNC_MSG_CLIENT_QEMU_EXT_KEY_EVENT: 2447 if (len == 2) 2448 return 12; 2449 2450 ext_key_event(vs, read_u16(data, 2), 2451 read_u32(data, 4), read_u32(data, 8)); 2452 break; 2453 case VNC_MSG_CLIENT_QEMU_AUDIO: 2454 if (len == 2) 2455 return 4; 2456 2457 switch (read_u16 (data, 2)) { 2458 case VNC_MSG_CLIENT_QEMU_AUDIO_ENABLE: 2459 audio_add(vs); 2460 break; 2461 case VNC_MSG_CLIENT_QEMU_AUDIO_DISABLE: 2462 audio_del(vs); 2463 break; 2464 case VNC_MSG_CLIENT_QEMU_AUDIO_SET_FORMAT: 2465 if (len == 4) 2466 return 10; 2467 switch (read_u8(data, 4)) { 2468 case 0: vs->as.fmt = AUDIO_FORMAT_U8; break; 2469 case 1: vs->as.fmt = AUDIO_FORMAT_S8; break; 2470 case 2: vs->as.fmt = AUDIO_FORMAT_U16; break; 2471 case 3: vs->as.fmt = AUDIO_FORMAT_S16; break; 2472 case 4: vs->as.fmt = AUDIO_FORMAT_U32; break; 2473 case 5: vs->as.fmt = AUDIO_FORMAT_S32; break; 2474 default: 2475 VNC_DEBUG("Invalid audio format %d\n", read_u8(data, 4)); 2476 vnc_client_error(vs); 2477 break; 2478 } 2479 vs->as.nchannels = read_u8(data, 5); 2480 if (vs->as.nchannels != 1 && vs->as.nchannels != 2) { 2481 VNC_DEBUG("Invalid audio channel count %d\n", 2482 read_u8(data, 5)); 2483 vnc_client_error(vs); 2484 break; 2485 } 2486 freq = read_u32(data, 6); 2487 /* No official limit for protocol, but 48khz is a sensible 2488 * upper bound for trustworthy clients, and this limit 2489 * protects calculations involving 'vs->as.freq' later. 2490 */ 2491 if (freq > 48000) { 2492 VNC_DEBUG("Invalid audio frequency %u > 48000", freq); 2493 vnc_client_error(vs); 2494 break; 2495 } 2496 vs->as.freq = freq; 2497 break; 2498 default: 2499 VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 4)); 2500 vnc_client_error(vs); 2501 break; 2502 } 2503 break; 2504 2505 default: 2506 VNC_DEBUG("Msg: %d\n", read_u16(data, 0)); 2507 vnc_client_error(vs); 2508 break; 2509 } 2510 break; 2511 case VNC_MSG_CLIENT_SET_DESKTOP_SIZE: 2512 { 2513 size_t size; 2514 uint8_t screens; 2515 2516 if (len < 8) { 2517 return 8; 2518 } 2519 2520 screens = read_u8(data, 6); 2521 size = 8 + screens * 16; 2522 if (len < size) { 2523 return size; 2524 } 2525 2526 if (dpy_ui_info_supported(vs->vd->dcl.con)) { 2527 QemuUIInfo info; 2528 memset(&info, 0, sizeof(info)); 2529 info.width = read_u16(data, 2); 2530 info.height = read_u16(data, 4); 2531 dpy_set_ui_info(vs->vd->dcl.con, &info); 2532 vnc_desktop_resize_ext(vs, 4 /* Request forwarded */); 2533 } else { 2534 vnc_desktop_resize_ext(vs, 3 /* Invalid screen layout */); 2535 } 2536 2537 break; 2538 } 2539 default: 2540 VNC_DEBUG("Msg: %d\n", data[0]); 2541 vnc_client_error(vs); 2542 break; 2543 } 2544 2545 vnc_update_throttle_offset(vs); 2546 vnc_read_when(vs, protocol_client_msg, 1); 2547 return 0; 2548 } 2549 2550 static int protocol_client_init(VncState *vs, uint8_t *data, size_t len) 2551 { 2552 char buf[1024]; 2553 VncShareMode mode; 2554 int size; 2555 2556 mode = data[0] ? VNC_SHARE_MODE_SHARED : VNC_SHARE_MODE_EXCLUSIVE; 2557 switch (vs->vd->share_policy) { 2558 case VNC_SHARE_POLICY_IGNORE: 2559 /* 2560 * Ignore the shared flag. Nothing to do here. 2561 * 2562 * Doesn't conform to the rfb spec but is traditional qemu 2563 * behavior, thus left here as option for compatibility 2564 * reasons. 2565 */ 2566 break; 2567 case VNC_SHARE_POLICY_ALLOW_EXCLUSIVE: 2568 /* 2569 * Policy: Allow clients ask for exclusive access. 2570 * 2571 * Implementation: When a client asks for exclusive access, 2572 * disconnect all others. Shared connects are allowed as long 2573 * as no exclusive connection exists. 2574 * 2575 * This is how the rfb spec suggests to handle the shared flag. 2576 */ 2577 if (mode == VNC_SHARE_MODE_EXCLUSIVE) { 2578 VncState *client; 2579 QTAILQ_FOREACH(client, &vs->vd->clients, next) { 2580 if (vs == client) { 2581 continue; 2582 } 2583 if (client->share_mode != VNC_SHARE_MODE_EXCLUSIVE && 2584 client->share_mode != VNC_SHARE_MODE_SHARED) { 2585 continue; 2586 } 2587 vnc_disconnect_start(client); 2588 } 2589 } 2590 if (mode == VNC_SHARE_MODE_SHARED) { 2591 if (vs->vd->num_exclusive > 0) { 2592 vnc_disconnect_start(vs); 2593 return 0; 2594 } 2595 } 2596 break; 2597 case VNC_SHARE_POLICY_FORCE_SHARED: 2598 /* 2599 * Policy: Shared connects only. 2600 * Implementation: Disallow clients asking for exclusive access. 2601 * 2602 * Useful for shared desktop sessions where you don't want 2603 * someone forgetting to say -shared when running the vnc 2604 * client disconnect everybody else. 2605 */ 2606 if (mode == VNC_SHARE_MODE_EXCLUSIVE) { 2607 vnc_disconnect_start(vs); 2608 return 0; 2609 } 2610 break; 2611 } 2612 vnc_set_share_mode(vs, mode); 2613 2614 if (vs->vd->num_shared > vs->vd->connections_limit) { 2615 vnc_disconnect_start(vs); 2616 return 0; 2617 } 2618 2619 assert(pixman_image_get_width(vs->vd->server) < 65536 && 2620 pixman_image_get_width(vs->vd->server) >= 0); 2621 assert(pixman_image_get_height(vs->vd->server) < 65536 && 2622 pixman_image_get_height(vs->vd->server) >= 0); 2623 vs->client_width = pixman_image_get_width(vs->vd->server); 2624 vs->client_height = pixman_image_get_height(vs->vd->server); 2625 vnc_write_u16(vs, vs->client_width); 2626 vnc_write_u16(vs, vs->client_height); 2627 2628 pixel_format_message(vs); 2629 2630 if (qemu_name) { 2631 size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name); 2632 if (size > sizeof(buf)) { 2633 size = sizeof(buf); 2634 } 2635 } else { 2636 size = snprintf(buf, sizeof(buf), "QEMU"); 2637 } 2638 2639 vnc_write_u32(vs, size); 2640 vnc_write(vs, buf, size); 2641 vnc_flush(vs); 2642 2643 vnc_client_cache_auth(vs); 2644 vnc_qmp_event(vs, QAPI_EVENT_VNC_INITIALIZED); 2645 2646 vnc_read_when(vs, protocol_client_msg, 1); 2647 2648 return 0; 2649 } 2650 2651 void start_client_init(VncState *vs) 2652 { 2653 vnc_read_when(vs, protocol_client_init, 1); 2654 } 2655 2656 static void authentication_failed(VncState *vs) 2657 { 2658 vnc_write_u32(vs, 1); /* Reject auth */ 2659 if (vs->minor >= 8) { 2660 static const char err[] = "Authentication failed"; 2661 vnc_write_u32(vs, sizeof(err)); 2662 vnc_write(vs, err, sizeof(err)); 2663 } 2664 vnc_flush(vs); 2665 vnc_client_error(vs); 2666 } 2667 2668 static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len) 2669 { 2670 unsigned char response[VNC_AUTH_CHALLENGE_SIZE]; 2671 size_t i, pwlen; 2672 unsigned char key[8]; 2673 time_t now = time(NULL); 2674 QCryptoCipher *cipher = NULL; 2675 Error *err = NULL; 2676 2677 if (!vs->vd->password) { 2678 trace_vnc_auth_fail(vs, vs->auth, "password is not set", ""); 2679 goto reject; 2680 } 2681 if (vs->vd->expires < now) { 2682 trace_vnc_auth_fail(vs, vs->auth, "password is expired", ""); 2683 goto reject; 2684 } 2685 2686 memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE); 2687 2688 /* Calculate the expected challenge response */ 2689 pwlen = strlen(vs->vd->password); 2690 for (i=0; i<sizeof(key); i++) 2691 key[i] = i<pwlen ? vs->vd->password[i] : 0; 2692 2693 cipher = qcrypto_cipher_new( 2694 QCRYPTO_CIPHER_ALG_DES_RFB, 2695 QCRYPTO_CIPHER_MODE_ECB, 2696 key, G_N_ELEMENTS(key), 2697 &err); 2698 if (!cipher) { 2699 trace_vnc_auth_fail(vs, vs->auth, "cannot create cipher", 2700 error_get_pretty(err)); 2701 error_free(err); 2702 goto reject; 2703 } 2704 2705 if (qcrypto_cipher_encrypt(cipher, 2706 vs->challenge, 2707 response, 2708 VNC_AUTH_CHALLENGE_SIZE, 2709 &err) < 0) { 2710 trace_vnc_auth_fail(vs, vs->auth, "cannot encrypt challenge response", 2711 error_get_pretty(err)); 2712 error_free(err); 2713 goto reject; 2714 } 2715 2716 /* Compare expected vs actual challenge response */ 2717 if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) { 2718 trace_vnc_auth_fail(vs, vs->auth, "mis-matched challenge response", ""); 2719 goto reject; 2720 } else { 2721 trace_vnc_auth_pass(vs, vs->auth); 2722 vnc_write_u32(vs, 0); /* Accept auth */ 2723 vnc_flush(vs); 2724 2725 start_client_init(vs); 2726 } 2727 2728 qcrypto_cipher_free(cipher); 2729 return 0; 2730 2731 reject: 2732 authentication_failed(vs); 2733 qcrypto_cipher_free(cipher); 2734 return 0; 2735 } 2736 2737 void start_auth_vnc(VncState *vs) 2738 { 2739 Error *err = NULL; 2740 2741 if (qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), &err)) { 2742 trace_vnc_auth_fail(vs, vs->auth, "cannot get random bytes", 2743 error_get_pretty(err)); 2744 error_free(err); 2745 authentication_failed(vs); 2746 return; 2747 } 2748 2749 /* Send client a 'random' challenge */ 2750 vnc_write(vs, vs->challenge, sizeof(vs->challenge)); 2751 vnc_flush(vs); 2752 2753 vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge)); 2754 } 2755 2756 2757 static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len) 2758 { 2759 /* We only advertise 1 auth scheme at a time, so client 2760 * must pick the one we sent. Verify this */ 2761 if (data[0] != vs->auth) { /* Reject auth */ 2762 trace_vnc_auth_reject(vs, vs->auth, (int)data[0]); 2763 authentication_failed(vs); 2764 } else { /* Accept requested auth */ 2765 trace_vnc_auth_start(vs, vs->auth); 2766 switch (vs->auth) { 2767 case VNC_AUTH_NONE: 2768 if (vs->minor >= 8) { 2769 vnc_write_u32(vs, 0); /* Accept auth completion */ 2770 vnc_flush(vs); 2771 } 2772 trace_vnc_auth_pass(vs, vs->auth); 2773 start_client_init(vs); 2774 break; 2775 2776 case VNC_AUTH_VNC: 2777 start_auth_vnc(vs); 2778 break; 2779 2780 case VNC_AUTH_VENCRYPT: 2781 start_auth_vencrypt(vs); 2782 break; 2783 2784 #ifdef CONFIG_VNC_SASL 2785 case VNC_AUTH_SASL: 2786 start_auth_sasl(vs); 2787 break; 2788 #endif /* CONFIG_VNC_SASL */ 2789 2790 default: /* Should not be possible, but just in case */ 2791 trace_vnc_auth_fail(vs, vs->auth, "Unhandled auth method", ""); 2792 authentication_failed(vs); 2793 } 2794 } 2795 return 0; 2796 } 2797 2798 static int protocol_version(VncState *vs, uint8_t *version, size_t len) 2799 { 2800 char local[13]; 2801 2802 memcpy(local, version, 12); 2803 local[12] = 0; 2804 2805 if (sscanf(local, "RFB %03d.%03d\n", &vs->major, &vs->minor) != 2) { 2806 VNC_DEBUG("Malformed protocol version %s\n", local); 2807 vnc_client_error(vs); 2808 return 0; 2809 } 2810 VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, vs->minor); 2811 if (vs->major != 3 || 2812 (vs->minor != 3 && 2813 vs->minor != 4 && 2814 vs->minor != 5 && 2815 vs->minor != 7 && 2816 vs->minor != 8)) { 2817 VNC_DEBUG("Unsupported client version\n"); 2818 vnc_write_u32(vs, VNC_AUTH_INVALID); 2819 vnc_flush(vs); 2820 vnc_client_error(vs); 2821 return 0; 2822 } 2823 /* Some broken clients report v3.4 or v3.5, which spec requires to be treated 2824 * as equivalent to v3.3 by servers 2825 */ 2826 if (vs->minor == 4 || vs->minor == 5) 2827 vs->minor = 3; 2828 2829 if (vs->minor == 3) { 2830 trace_vnc_auth_start(vs, vs->auth); 2831 if (vs->auth == VNC_AUTH_NONE) { 2832 vnc_write_u32(vs, vs->auth); 2833 vnc_flush(vs); 2834 trace_vnc_auth_pass(vs, vs->auth); 2835 start_client_init(vs); 2836 } else if (vs->auth == VNC_AUTH_VNC) { 2837 VNC_DEBUG("Tell client VNC auth\n"); 2838 vnc_write_u32(vs, vs->auth); 2839 vnc_flush(vs); 2840 start_auth_vnc(vs); 2841 } else { 2842 trace_vnc_auth_fail(vs, vs->auth, 2843 "Unsupported auth method for v3.3", ""); 2844 vnc_write_u32(vs, VNC_AUTH_INVALID); 2845 vnc_flush(vs); 2846 vnc_client_error(vs); 2847 } 2848 } else { 2849 vnc_write_u8(vs, 1); /* num auth */ 2850 vnc_write_u8(vs, vs->auth); 2851 vnc_read_when(vs, protocol_client_auth, 1); 2852 vnc_flush(vs); 2853 } 2854 2855 return 0; 2856 } 2857 2858 static VncRectStat *vnc_stat_rect(VncDisplay *vd, int x, int y) 2859 { 2860 struct VncSurface *vs = &vd->guest; 2861 2862 return &vs->stats[y / VNC_STAT_RECT][x / VNC_STAT_RECT]; 2863 } 2864 2865 void vnc_sent_lossy_rect(VncState *vs, int x, int y, int w, int h) 2866 { 2867 int i, j; 2868 2869 w = (x + w) / VNC_STAT_RECT; 2870 h = (y + h) / VNC_STAT_RECT; 2871 x /= VNC_STAT_RECT; 2872 y /= VNC_STAT_RECT; 2873 2874 for (j = y; j <= h; j++) { 2875 for (i = x; i <= w; i++) { 2876 vs->lossy_rect[j][i] = 1; 2877 } 2878 } 2879 } 2880 2881 static int vnc_refresh_lossy_rect(VncDisplay *vd, int x, int y) 2882 { 2883 VncState *vs; 2884 int sty = y / VNC_STAT_RECT; 2885 int stx = x / VNC_STAT_RECT; 2886 int has_dirty = 0; 2887 2888 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT); 2889 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT); 2890 2891 QTAILQ_FOREACH(vs, &vd->clients, next) { 2892 int j; 2893 2894 /* kernel send buffers are full -> refresh later */ 2895 if (vs->output.offset) { 2896 continue; 2897 } 2898 2899 if (!vs->lossy_rect[sty][stx]) { 2900 continue; 2901 } 2902 2903 vs->lossy_rect[sty][stx] = 0; 2904 for (j = 0; j < VNC_STAT_RECT; ++j) { 2905 bitmap_set(vs->dirty[y + j], 2906 x / VNC_DIRTY_PIXELS_PER_BIT, 2907 VNC_STAT_RECT / VNC_DIRTY_PIXELS_PER_BIT); 2908 } 2909 has_dirty++; 2910 } 2911 2912 return has_dirty; 2913 } 2914 2915 static int vnc_update_stats(VncDisplay *vd, struct timeval * tv) 2916 { 2917 int width = MIN(pixman_image_get_width(vd->guest.fb), 2918 pixman_image_get_width(vd->server)); 2919 int height = MIN(pixman_image_get_height(vd->guest.fb), 2920 pixman_image_get_height(vd->server)); 2921 int x, y; 2922 struct timeval res; 2923 int has_dirty = 0; 2924 2925 for (y = 0; y < height; y += VNC_STAT_RECT) { 2926 for (x = 0; x < width; x += VNC_STAT_RECT) { 2927 VncRectStat *rect = vnc_stat_rect(vd, x, y); 2928 2929 rect->updated = false; 2930 } 2931 } 2932 2933 qemu_timersub(tv, &VNC_REFRESH_STATS, &res); 2934 2935 if (timercmp(&vd->guest.last_freq_check, &res, >)) { 2936 return has_dirty; 2937 } 2938 vd->guest.last_freq_check = *tv; 2939 2940 for (y = 0; y < height; y += VNC_STAT_RECT) { 2941 for (x = 0; x < width; x += VNC_STAT_RECT) { 2942 VncRectStat *rect= vnc_stat_rect(vd, x, y); 2943 int count = ARRAY_SIZE(rect->times); 2944 struct timeval min, max; 2945 2946 if (!timerisset(&rect->times[count - 1])) { 2947 continue ; 2948 } 2949 2950 max = rect->times[(rect->idx + count - 1) % count]; 2951 qemu_timersub(tv, &max, &res); 2952 2953 if (timercmp(&res, &VNC_REFRESH_LOSSY, >)) { 2954 rect->freq = 0; 2955 has_dirty += vnc_refresh_lossy_rect(vd, x, y); 2956 memset(rect->times, 0, sizeof (rect->times)); 2957 continue ; 2958 } 2959 2960 min = rect->times[rect->idx]; 2961 max = rect->times[(rect->idx + count - 1) % count]; 2962 qemu_timersub(&max, &min, &res); 2963 2964 rect->freq = res.tv_sec + res.tv_usec / 1000000.; 2965 rect->freq /= count; 2966 rect->freq = 1. / rect->freq; 2967 } 2968 } 2969 return has_dirty; 2970 } 2971 2972 double vnc_update_freq(VncState *vs, int x, int y, int w, int h) 2973 { 2974 int i, j; 2975 double total = 0; 2976 int num = 0; 2977 2978 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT); 2979 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT); 2980 2981 for (j = y; j <= y + h; j += VNC_STAT_RECT) { 2982 for (i = x; i <= x + w; i += VNC_STAT_RECT) { 2983 total += vnc_stat_rect(vs->vd, i, j)->freq; 2984 num++; 2985 } 2986 } 2987 2988 if (num) { 2989 return total / num; 2990 } else { 2991 return 0; 2992 } 2993 } 2994 2995 static void vnc_rect_updated(VncDisplay *vd, int x, int y, struct timeval * tv) 2996 { 2997 VncRectStat *rect; 2998 2999 rect = vnc_stat_rect(vd, x, y); 3000 if (rect->updated) { 3001 return ; 3002 } 3003 rect->times[rect->idx] = *tv; 3004 rect->idx = (rect->idx + 1) % ARRAY_SIZE(rect->times); 3005 rect->updated = true; 3006 } 3007 3008 static int vnc_refresh_server_surface(VncDisplay *vd) 3009 { 3010 int width = MIN(pixman_image_get_width(vd->guest.fb), 3011 pixman_image_get_width(vd->server)); 3012 int height = MIN(pixman_image_get_height(vd->guest.fb), 3013 pixman_image_get_height(vd->server)); 3014 int cmp_bytes, server_stride, line_bytes, guest_ll, guest_stride, y = 0; 3015 uint8_t *guest_row0 = NULL, *server_row0; 3016 VncState *vs; 3017 int has_dirty = 0; 3018 pixman_image_t *tmpbuf = NULL; 3019 3020 struct timeval tv = { 0, 0 }; 3021 3022 if (!vd->non_adaptive) { 3023 gettimeofday(&tv, NULL); 3024 has_dirty = vnc_update_stats(vd, &tv); 3025 } 3026 3027 /* 3028 * Walk through the guest dirty map. 3029 * Check and copy modified bits from guest to server surface. 3030 * Update server dirty map. 3031 */ 3032 server_row0 = (uint8_t *)pixman_image_get_data(vd->server); 3033 server_stride = guest_stride = guest_ll = 3034 pixman_image_get_stride(vd->server); 3035 cmp_bytes = MIN(VNC_DIRTY_PIXELS_PER_BIT * VNC_SERVER_FB_BYTES, 3036 server_stride); 3037 if (vd->guest.format != VNC_SERVER_FB_FORMAT) { 3038 int width = pixman_image_get_width(vd->server); 3039 tmpbuf = qemu_pixman_linebuf_create(VNC_SERVER_FB_FORMAT, width); 3040 } else { 3041 int guest_bpp = 3042 PIXMAN_FORMAT_BPP(pixman_image_get_format(vd->guest.fb)); 3043 guest_row0 = (uint8_t *)pixman_image_get_data(vd->guest.fb); 3044 guest_stride = pixman_image_get_stride(vd->guest.fb); 3045 guest_ll = pixman_image_get_width(vd->guest.fb) 3046 * DIV_ROUND_UP(guest_bpp, 8); 3047 } 3048 line_bytes = MIN(server_stride, guest_ll); 3049 3050 for (;;) { 3051 int x; 3052 uint8_t *guest_ptr, *server_ptr; 3053 unsigned long offset = find_next_bit((unsigned long *) &vd->guest.dirty, 3054 height * VNC_DIRTY_BPL(&vd->guest), 3055 y * VNC_DIRTY_BPL(&vd->guest)); 3056 if (offset == height * VNC_DIRTY_BPL(&vd->guest)) { 3057 /* no more dirty bits */ 3058 break; 3059 } 3060 y = offset / VNC_DIRTY_BPL(&vd->guest); 3061 x = offset % VNC_DIRTY_BPL(&vd->guest); 3062 3063 server_ptr = server_row0 + y * server_stride + x * cmp_bytes; 3064 3065 if (vd->guest.format != VNC_SERVER_FB_FORMAT) { 3066 qemu_pixman_linebuf_fill(tmpbuf, vd->guest.fb, width, 0, y); 3067 guest_ptr = (uint8_t *)pixman_image_get_data(tmpbuf); 3068 } else { 3069 guest_ptr = guest_row0 + y * guest_stride; 3070 } 3071 guest_ptr += x * cmp_bytes; 3072 3073 for (; x < DIV_ROUND_UP(width, VNC_DIRTY_PIXELS_PER_BIT); 3074 x++, guest_ptr += cmp_bytes, server_ptr += cmp_bytes) { 3075 int _cmp_bytes = cmp_bytes; 3076 if (!test_and_clear_bit(x, vd->guest.dirty[y])) { 3077 continue; 3078 } 3079 if ((x + 1) * cmp_bytes > line_bytes) { 3080 _cmp_bytes = line_bytes - x * cmp_bytes; 3081 } 3082 assert(_cmp_bytes >= 0); 3083 if (memcmp(server_ptr, guest_ptr, _cmp_bytes) == 0) { 3084 continue; 3085 } 3086 memcpy(server_ptr, guest_ptr, _cmp_bytes); 3087 if (!vd->non_adaptive) { 3088 vnc_rect_updated(vd, x * VNC_DIRTY_PIXELS_PER_BIT, 3089 y, &tv); 3090 } 3091 QTAILQ_FOREACH(vs, &vd->clients, next) { 3092 set_bit(x, vs->dirty[y]); 3093 } 3094 has_dirty++; 3095 } 3096 3097 y++; 3098 } 3099 qemu_pixman_image_unref(tmpbuf); 3100 return has_dirty; 3101 } 3102 3103 static void vnc_refresh(DisplayChangeListener *dcl) 3104 { 3105 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 3106 VncState *vs, *vn; 3107 int has_dirty, rects = 0; 3108 3109 if (QTAILQ_EMPTY(&vd->clients)) { 3110 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_MAX); 3111 return; 3112 } 3113 3114 graphic_hw_update(vd->dcl.con); 3115 3116 if (vnc_trylock_display(vd)) { 3117 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 3118 return; 3119 } 3120 3121 has_dirty = vnc_refresh_server_surface(vd); 3122 vnc_unlock_display(vd); 3123 3124 QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) { 3125 rects += vnc_update_client(vs, has_dirty); 3126 /* vs might be free()ed here */ 3127 } 3128 3129 if (has_dirty && rects) { 3130 vd->dcl.update_interval /= 2; 3131 if (vd->dcl.update_interval < VNC_REFRESH_INTERVAL_BASE) { 3132 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_BASE; 3133 } 3134 } else { 3135 vd->dcl.update_interval += VNC_REFRESH_INTERVAL_INC; 3136 if (vd->dcl.update_interval > VNC_REFRESH_INTERVAL_MAX) { 3137 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_MAX; 3138 } 3139 } 3140 } 3141 3142 static void vnc_connect(VncDisplay *vd, QIOChannelSocket *sioc, 3143 bool skipauth, bool websocket) 3144 { 3145 VncState *vs = g_new0(VncState, 1); 3146 bool first_client = QTAILQ_EMPTY(&vd->clients); 3147 int i; 3148 3149 trace_vnc_client_connect(vs, sioc); 3150 vs->zrle = g_new0(VncZrle, 1); 3151 vs->tight = g_new0(VncTight, 1); 3152 vs->magic = VNC_MAGIC; 3153 vs->sioc = sioc; 3154 object_ref(OBJECT(vs->sioc)); 3155 vs->ioc = QIO_CHANNEL(sioc); 3156 object_ref(OBJECT(vs->ioc)); 3157 vs->vd = vd; 3158 3159 buffer_init(&vs->input, "vnc-input/%p", sioc); 3160 buffer_init(&vs->output, "vnc-output/%p", sioc); 3161 buffer_init(&vs->jobs_buffer, "vnc-jobs_buffer/%p", sioc); 3162 3163 buffer_init(&vs->tight->tight, "vnc-tight/%p", sioc); 3164 buffer_init(&vs->tight->zlib, "vnc-tight-zlib/%p", sioc); 3165 buffer_init(&vs->tight->gradient, "vnc-tight-gradient/%p", sioc); 3166 #ifdef CONFIG_VNC_JPEG 3167 buffer_init(&vs->tight->jpeg, "vnc-tight-jpeg/%p", sioc); 3168 #endif 3169 #ifdef CONFIG_VNC_PNG 3170 buffer_init(&vs->tight->png, "vnc-tight-png/%p", sioc); 3171 #endif 3172 buffer_init(&vs->zlib.zlib, "vnc-zlib/%p", sioc); 3173 buffer_init(&vs->zrle->zrle, "vnc-zrle/%p", sioc); 3174 buffer_init(&vs->zrle->fb, "vnc-zrle-fb/%p", sioc); 3175 buffer_init(&vs->zrle->zlib, "vnc-zrle-zlib/%p", sioc); 3176 3177 if (skipauth) { 3178 vs->auth = VNC_AUTH_NONE; 3179 vs->subauth = VNC_AUTH_INVALID; 3180 } else { 3181 if (websocket) { 3182 vs->auth = vd->ws_auth; 3183 vs->subauth = VNC_AUTH_INVALID; 3184 } else { 3185 vs->auth = vd->auth; 3186 vs->subauth = vd->subauth; 3187 } 3188 } 3189 VNC_DEBUG("Client sioc=%p ws=%d auth=%d subauth=%d\n", 3190 sioc, websocket, vs->auth, vs->subauth); 3191 3192 vs->lossy_rect = g_malloc0(VNC_STAT_ROWS * sizeof (*vs->lossy_rect)); 3193 for (i = 0; i < VNC_STAT_ROWS; ++i) { 3194 vs->lossy_rect[i] = g_new0(uint8_t, VNC_STAT_COLS); 3195 } 3196 3197 VNC_DEBUG("New client on socket %p\n", vs->sioc); 3198 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 3199 qio_channel_set_blocking(vs->ioc, false, NULL); 3200 if (vs->ioc_tag) { 3201 g_source_remove(vs->ioc_tag); 3202 } 3203 if (websocket) { 3204 vs->websocket = 1; 3205 if (vd->tlscreds) { 3206 vs->ioc_tag = qio_channel_add_watch( 3207 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR, 3208 vncws_tls_handshake_io, vs, NULL); 3209 } else { 3210 vs->ioc_tag = qio_channel_add_watch( 3211 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR, 3212 vncws_handshake_io, vs, NULL); 3213 } 3214 } else { 3215 vs->ioc_tag = qio_channel_add_watch( 3216 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR, 3217 vnc_client_io, vs, NULL); 3218 } 3219 3220 vnc_client_cache_addr(vs); 3221 vnc_qmp_event(vs, QAPI_EVENT_VNC_CONNECTED); 3222 vnc_set_share_mode(vs, VNC_SHARE_MODE_CONNECTING); 3223 3224 vs->last_x = -1; 3225 vs->last_y = -1; 3226 3227 vs->as.freq = 44100; 3228 vs->as.nchannels = 2; 3229 vs->as.fmt = AUDIO_FORMAT_S16; 3230 vs->as.endianness = 0; 3231 3232 qemu_mutex_init(&vs->output_mutex); 3233 vs->bh = qemu_bh_new(vnc_jobs_bh, vs); 3234 3235 QTAILQ_INSERT_TAIL(&vd->clients, vs, next); 3236 if (first_client) { 3237 vnc_update_server_surface(vd); 3238 } 3239 3240 graphic_hw_update(vd->dcl.con); 3241 3242 if (!vs->websocket) { 3243 vnc_start_protocol(vs); 3244 } 3245 3246 if (vd->num_connecting > vd->connections_limit) { 3247 QTAILQ_FOREACH(vs, &vd->clients, next) { 3248 if (vs->share_mode == VNC_SHARE_MODE_CONNECTING) { 3249 vnc_disconnect_start(vs); 3250 return; 3251 } 3252 } 3253 } 3254 } 3255 3256 void vnc_start_protocol(VncState *vs) 3257 { 3258 vnc_write(vs, "RFB 003.008\n", 12); 3259 vnc_flush(vs); 3260 vnc_read_when(vs, protocol_version, 12); 3261 3262 vs->mouse_mode_notifier.notify = check_pointer_type_change; 3263 qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier); 3264 } 3265 3266 static void vnc_listen_io(QIONetListener *listener, 3267 QIOChannelSocket *cioc, 3268 void *opaque) 3269 { 3270 VncDisplay *vd = opaque; 3271 bool isWebsock = listener == vd->wslistener; 3272 3273 qio_channel_set_name(QIO_CHANNEL(cioc), 3274 isWebsock ? "vnc-ws-server" : "vnc-server"); 3275 qio_channel_set_delay(QIO_CHANNEL(cioc), false); 3276 vnc_connect(vd, cioc, false, isWebsock); 3277 } 3278 3279 static const DisplayChangeListenerOps dcl_ops = { 3280 .dpy_name = "vnc", 3281 .dpy_refresh = vnc_refresh, 3282 .dpy_gfx_update = vnc_dpy_update, 3283 .dpy_gfx_switch = vnc_dpy_switch, 3284 .dpy_gfx_check_format = qemu_pixman_check_format, 3285 .dpy_mouse_set = vnc_mouse_set, 3286 .dpy_cursor_define = vnc_dpy_cursor_define, 3287 }; 3288 3289 void vnc_display_init(const char *id, Error **errp) 3290 { 3291 VncDisplay *vd; 3292 3293 if (vnc_display_find(id) != NULL) { 3294 return; 3295 } 3296 vd = g_malloc0(sizeof(*vd)); 3297 3298 vd->id = strdup(id); 3299 QTAILQ_INSERT_TAIL(&vnc_displays, vd, next); 3300 3301 QTAILQ_INIT(&vd->clients); 3302 vd->expires = TIME_MAX; 3303 3304 if (keyboard_layout) { 3305 trace_vnc_key_map_init(keyboard_layout); 3306 vd->kbd_layout = init_keyboard_layout(name2keysym, 3307 keyboard_layout, errp); 3308 } else { 3309 vd->kbd_layout = init_keyboard_layout(name2keysym, "en-us", errp); 3310 } 3311 3312 if (!vd->kbd_layout) { 3313 return; 3314 } 3315 3316 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 3317 vd->connections_limit = 32; 3318 3319 qemu_mutex_init(&vd->mutex); 3320 vnc_start_worker_thread(); 3321 3322 vd->dcl.ops = &dcl_ops; 3323 register_displaychangelistener(&vd->dcl); 3324 vd->kbd = qkbd_state_init(vd->dcl.con); 3325 } 3326 3327 3328 static void vnc_display_close(VncDisplay *vd) 3329 { 3330 if (!vd) { 3331 return; 3332 } 3333 vd->is_unix = false; 3334 3335 if (vd->listener) { 3336 qio_net_listener_disconnect(vd->listener); 3337 object_unref(OBJECT(vd->listener)); 3338 } 3339 vd->listener = NULL; 3340 3341 if (vd->wslistener) { 3342 qio_net_listener_disconnect(vd->wslistener); 3343 object_unref(OBJECT(vd->wslistener)); 3344 } 3345 vd->wslistener = NULL; 3346 3347 vd->auth = VNC_AUTH_INVALID; 3348 vd->subauth = VNC_AUTH_INVALID; 3349 if (vd->tlscreds) { 3350 object_unref(OBJECT(vd->tlscreds)); 3351 vd->tlscreds = NULL; 3352 } 3353 if (vd->tlsauthz) { 3354 object_unparent(OBJECT(vd->tlsauthz)); 3355 vd->tlsauthz = NULL; 3356 } 3357 g_free(vd->tlsauthzid); 3358 vd->tlsauthzid = NULL; 3359 if (vd->lock_key_sync) { 3360 qemu_remove_led_event_handler(vd->led); 3361 vd->led = NULL; 3362 } 3363 #ifdef CONFIG_VNC_SASL 3364 if (vd->sasl.authz) { 3365 object_unparent(OBJECT(vd->sasl.authz)); 3366 vd->sasl.authz = NULL; 3367 } 3368 g_free(vd->sasl.authzid); 3369 vd->sasl.authzid = NULL; 3370 #endif 3371 } 3372 3373 int vnc_display_password(const char *id, const char *password) 3374 { 3375 VncDisplay *vd = vnc_display_find(id); 3376 3377 if (!vd) { 3378 return -EINVAL; 3379 } 3380 if (vd->auth == VNC_AUTH_NONE) { 3381 error_printf_unless_qmp("If you want use passwords please enable " 3382 "password auth using '-vnc ${dpy},password'.\n"); 3383 return -EINVAL; 3384 } 3385 3386 g_free(vd->password); 3387 vd->password = g_strdup(password); 3388 3389 return 0; 3390 } 3391 3392 int vnc_display_pw_expire(const char *id, time_t expires) 3393 { 3394 VncDisplay *vd = vnc_display_find(id); 3395 3396 if (!vd) { 3397 return -EINVAL; 3398 } 3399 3400 vd->expires = expires; 3401 return 0; 3402 } 3403 3404 static void vnc_display_print_local_addr(VncDisplay *vd) 3405 { 3406 SocketAddress *addr; 3407 3408 if (!vd->listener || !vd->listener->nsioc) { 3409 return; 3410 } 3411 3412 addr = qio_channel_socket_get_local_address(vd->listener->sioc[0], NULL); 3413 if (!addr) { 3414 return; 3415 } 3416 3417 if (addr->type != SOCKET_ADDRESS_TYPE_INET) { 3418 qapi_free_SocketAddress(addr); 3419 return; 3420 } 3421 error_printf_unless_qmp("VNC server running on %s:%s\n", 3422 addr->u.inet.host, 3423 addr->u.inet.port); 3424 qapi_free_SocketAddress(addr); 3425 } 3426 3427 static QemuOptsList qemu_vnc_opts = { 3428 .name = "vnc", 3429 .head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head), 3430 .implied_opt_name = "vnc", 3431 .desc = { 3432 { 3433 .name = "vnc", 3434 .type = QEMU_OPT_STRING, 3435 },{ 3436 .name = "websocket", 3437 .type = QEMU_OPT_STRING, 3438 },{ 3439 .name = "tls-creds", 3440 .type = QEMU_OPT_STRING, 3441 },{ 3442 .name = "share", 3443 .type = QEMU_OPT_STRING, 3444 },{ 3445 .name = "display", 3446 .type = QEMU_OPT_STRING, 3447 },{ 3448 .name = "head", 3449 .type = QEMU_OPT_NUMBER, 3450 },{ 3451 .name = "connections", 3452 .type = QEMU_OPT_NUMBER, 3453 },{ 3454 .name = "to", 3455 .type = QEMU_OPT_NUMBER, 3456 },{ 3457 .name = "ipv4", 3458 .type = QEMU_OPT_BOOL, 3459 },{ 3460 .name = "ipv6", 3461 .type = QEMU_OPT_BOOL, 3462 },{ 3463 .name = "password", 3464 .type = QEMU_OPT_BOOL, 3465 },{ 3466 .name = "reverse", 3467 .type = QEMU_OPT_BOOL, 3468 },{ 3469 .name = "lock-key-sync", 3470 .type = QEMU_OPT_BOOL, 3471 },{ 3472 .name = "key-delay-ms", 3473 .type = QEMU_OPT_NUMBER, 3474 },{ 3475 .name = "sasl", 3476 .type = QEMU_OPT_BOOL, 3477 },{ 3478 .name = "acl", 3479 .type = QEMU_OPT_BOOL, 3480 },{ 3481 .name = "tls-authz", 3482 .type = QEMU_OPT_STRING, 3483 },{ 3484 .name = "sasl-authz", 3485 .type = QEMU_OPT_STRING, 3486 },{ 3487 .name = "lossy", 3488 .type = QEMU_OPT_BOOL, 3489 },{ 3490 .name = "non-adaptive", 3491 .type = QEMU_OPT_BOOL, 3492 },{ 3493 .name = "audiodev", 3494 .type = QEMU_OPT_STRING, 3495 },{ 3496 .name = "power-control", 3497 .type = QEMU_OPT_BOOL, 3498 }, 3499 { /* end of list */ } 3500 }, 3501 }; 3502 3503 3504 static int 3505 vnc_display_setup_auth(int *auth, 3506 int *subauth, 3507 QCryptoTLSCreds *tlscreds, 3508 bool password, 3509 bool sasl, 3510 bool websocket, 3511 Error **errp) 3512 { 3513 /* 3514 * We have a choice of 3 authentication options 3515 * 3516 * 1. none 3517 * 2. vnc 3518 * 3. sasl 3519 * 3520 * The channel can be run in 2 modes 3521 * 3522 * 1. clear 3523 * 2. tls 3524 * 3525 * And TLS can use 2 types of credentials 3526 * 3527 * 1. anon 3528 * 2. x509 3529 * 3530 * We thus have 9 possible logical combinations 3531 * 3532 * 1. clear + none 3533 * 2. clear + vnc 3534 * 3. clear + sasl 3535 * 4. tls + anon + none 3536 * 5. tls + anon + vnc 3537 * 6. tls + anon + sasl 3538 * 7. tls + x509 + none 3539 * 8. tls + x509 + vnc 3540 * 9. tls + x509 + sasl 3541 * 3542 * These need to be mapped into the VNC auth schemes 3543 * in an appropriate manner. In regular VNC, all the 3544 * TLS options get mapped into VNC_AUTH_VENCRYPT 3545 * sub-auth types. 3546 * 3547 * In websockets, the https:// protocol already provides 3548 * TLS support, so there is no need to make use of the 3549 * VeNCrypt extension. Furthermore, websockets browser 3550 * clients could not use VeNCrypt even if they wanted to, 3551 * as they cannot control when the TLS handshake takes 3552 * place. Thus there is no option but to rely on https://, 3553 * meaning combinations 4->6 and 7->9 will be mapped to 3554 * VNC auth schemes in the same way as combos 1->3. 3555 * 3556 * Regardless of fact that we have a different mapping to 3557 * VNC auth mechs for plain VNC vs websockets VNC, the end 3558 * result has the same security characteristics. 3559 */ 3560 if (websocket || !tlscreds) { 3561 if (password) { 3562 VNC_DEBUG("Initializing VNC server with password auth\n"); 3563 *auth = VNC_AUTH_VNC; 3564 } else if (sasl) { 3565 VNC_DEBUG("Initializing VNC server with SASL auth\n"); 3566 *auth = VNC_AUTH_SASL; 3567 } else { 3568 VNC_DEBUG("Initializing VNC server with no auth\n"); 3569 *auth = VNC_AUTH_NONE; 3570 } 3571 *subauth = VNC_AUTH_INVALID; 3572 } else { 3573 bool is_x509 = object_dynamic_cast(OBJECT(tlscreds), 3574 TYPE_QCRYPTO_TLS_CREDS_X509) != NULL; 3575 bool is_anon = object_dynamic_cast(OBJECT(tlscreds), 3576 TYPE_QCRYPTO_TLS_CREDS_ANON) != NULL; 3577 3578 if (!is_x509 && !is_anon) { 3579 error_setg(errp, 3580 "Unsupported TLS cred type %s", 3581 object_get_typename(OBJECT(tlscreds))); 3582 return -1; 3583 } 3584 *auth = VNC_AUTH_VENCRYPT; 3585 if (password) { 3586 if (is_x509) { 3587 VNC_DEBUG("Initializing VNC server with x509 password auth\n"); 3588 *subauth = VNC_AUTH_VENCRYPT_X509VNC; 3589 } else { 3590 VNC_DEBUG("Initializing VNC server with TLS password auth\n"); 3591 *subauth = VNC_AUTH_VENCRYPT_TLSVNC; 3592 } 3593 3594 } else if (sasl) { 3595 if (is_x509) { 3596 VNC_DEBUG("Initializing VNC server with x509 SASL auth\n"); 3597 *subauth = VNC_AUTH_VENCRYPT_X509SASL; 3598 } else { 3599 VNC_DEBUG("Initializing VNC server with TLS SASL auth\n"); 3600 *subauth = VNC_AUTH_VENCRYPT_TLSSASL; 3601 } 3602 } else { 3603 if (is_x509) { 3604 VNC_DEBUG("Initializing VNC server with x509 no auth\n"); 3605 *subauth = VNC_AUTH_VENCRYPT_X509NONE; 3606 } else { 3607 VNC_DEBUG("Initializing VNC server with TLS no auth\n"); 3608 *subauth = VNC_AUTH_VENCRYPT_TLSNONE; 3609 } 3610 } 3611 } 3612 return 0; 3613 } 3614 3615 3616 static int vnc_display_get_address(const char *addrstr, 3617 bool websocket, 3618 bool reverse, 3619 int displaynum, 3620 int to, 3621 bool has_ipv4, 3622 bool has_ipv6, 3623 bool ipv4, 3624 bool ipv6, 3625 SocketAddress **retaddr, 3626 Error **errp) 3627 { 3628 int ret = -1; 3629 SocketAddress *addr = NULL; 3630 3631 addr = g_new0(SocketAddress, 1); 3632 3633 if (strncmp(addrstr, "unix:", 5) == 0) { 3634 addr->type = SOCKET_ADDRESS_TYPE_UNIX; 3635 addr->u.q_unix.path = g_strdup(addrstr + 5); 3636 3637 if (websocket) { 3638 error_setg(errp, "UNIX sockets not supported with websock"); 3639 goto cleanup; 3640 } 3641 3642 if (to) { 3643 error_setg(errp, "Port range not support with UNIX socket"); 3644 goto cleanup; 3645 } 3646 ret = 0; 3647 } else { 3648 const char *port; 3649 size_t hostlen; 3650 unsigned long long baseport = 0; 3651 InetSocketAddress *inet; 3652 3653 port = strrchr(addrstr, ':'); 3654 if (!port) { 3655 if (websocket) { 3656 hostlen = 0; 3657 port = addrstr; 3658 } else { 3659 error_setg(errp, "no vnc port specified"); 3660 goto cleanup; 3661 } 3662 } else { 3663 hostlen = port - addrstr; 3664 port++; 3665 if (*port == '\0') { 3666 error_setg(errp, "vnc port cannot be empty"); 3667 goto cleanup; 3668 } 3669 } 3670 3671 addr->type = SOCKET_ADDRESS_TYPE_INET; 3672 inet = &addr->u.inet; 3673 if (addrstr[0] == '[' && addrstr[hostlen - 1] == ']') { 3674 inet->host = g_strndup(addrstr + 1, hostlen - 2); 3675 } else { 3676 inet->host = g_strndup(addrstr, hostlen); 3677 } 3678 /* plain VNC port is just an offset, for websocket 3679 * port is absolute */ 3680 if (websocket) { 3681 if (g_str_equal(addrstr, "") || 3682 g_str_equal(addrstr, "on")) { 3683 if (displaynum == -1) { 3684 error_setg(errp, "explicit websocket port is required"); 3685 goto cleanup; 3686 } 3687 inet->port = g_strdup_printf( 3688 "%d", displaynum + 5700); 3689 if (to) { 3690 inet->has_to = true; 3691 inet->to = to + 5700; 3692 } 3693 } else { 3694 inet->port = g_strdup(port); 3695 } 3696 } else { 3697 int offset = reverse ? 0 : 5900; 3698 if (parse_uint_full(port, &baseport, 10) < 0) { 3699 error_setg(errp, "can't convert to a number: %s", port); 3700 goto cleanup; 3701 } 3702 if (baseport > 65535 || 3703 baseport + offset > 65535) { 3704 error_setg(errp, "port %s out of range", port); 3705 goto cleanup; 3706 } 3707 inet->port = g_strdup_printf( 3708 "%d", (int)baseport + offset); 3709 3710 if (to) { 3711 inet->has_to = true; 3712 inet->to = to + offset; 3713 } 3714 } 3715 3716 inet->ipv4 = ipv4; 3717 inet->has_ipv4 = has_ipv4; 3718 inet->ipv6 = ipv6; 3719 inet->has_ipv6 = has_ipv6; 3720 3721 ret = baseport; 3722 } 3723 3724 *retaddr = addr; 3725 3726 cleanup: 3727 if (ret < 0) { 3728 qapi_free_SocketAddress(addr); 3729 } 3730 return ret; 3731 } 3732 3733 static void vnc_free_addresses(SocketAddress ***retsaddr, 3734 size_t *retnsaddr) 3735 { 3736 size_t i; 3737 3738 for (i = 0; i < *retnsaddr; i++) { 3739 qapi_free_SocketAddress((*retsaddr)[i]); 3740 } 3741 g_free(*retsaddr); 3742 3743 *retsaddr = NULL; 3744 *retnsaddr = 0; 3745 } 3746 3747 static int vnc_display_get_addresses(QemuOpts *opts, 3748 bool reverse, 3749 SocketAddress ***retsaddr, 3750 size_t *retnsaddr, 3751 SocketAddress ***retwsaddr, 3752 size_t *retnwsaddr, 3753 Error **errp) 3754 { 3755 SocketAddress *saddr = NULL; 3756 SocketAddress *wsaddr = NULL; 3757 QemuOptsIter addriter; 3758 const char *addr; 3759 int to = qemu_opt_get_number(opts, "to", 0); 3760 bool has_ipv4 = qemu_opt_get(opts, "ipv4"); 3761 bool has_ipv6 = qemu_opt_get(opts, "ipv6"); 3762 bool ipv4 = qemu_opt_get_bool(opts, "ipv4", false); 3763 bool ipv6 = qemu_opt_get_bool(opts, "ipv6", false); 3764 int displaynum = -1; 3765 int ret = -1; 3766 3767 *retsaddr = NULL; 3768 *retnsaddr = 0; 3769 *retwsaddr = NULL; 3770 *retnwsaddr = 0; 3771 3772 addr = qemu_opt_get(opts, "vnc"); 3773 if (addr == NULL || g_str_equal(addr, "none")) { 3774 ret = 0; 3775 goto cleanup; 3776 } 3777 if (qemu_opt_get(opts, "websocket") && 3778 !qcrypto_hash_supports(QCRYPTO_HASH_ALG_SHA1)) { 3779 error_setg(errp, 3780 "SHA1 hash support is required for websockets"); 3781 goto cleanup; 3782 } 3783 3784 qemu_opt_iter_init(&addriter, opts, "vnc"); 3785 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) { 3786 int rv; 3787 rv = vnc_display_get_address(addr, false, reverse, 0, to, 3788 has_ipv4, has_ipv6, 3789 ipv4, ipv6, 3790 &saddr, errp); 3791 if (rv < 0) { 3792 goto cleanup; 3793 } 3794 /* Historical compat - first listen address can be used 3795 * to set the default websocket port 3796 */ 3797 if (displaynum == -1) { 3798 displaynum = rv; 3799 } 3800 *retsaddr = g_renew(SocketAddress *, *retsaddr, *retnsaddr + 1); 3801 (*retsaddr)[(*retnsaddr)++] = saddr; 3802 } 3803 3804 /* If we had multiple primary displays, we don't do defaults 3805 * for websocket, and require explicit config instead. */ 3806 if (*retnsaddr > 1) { 3807 displaynum = -1; 3808 } 3809 3810 qemu_opt_iter_init(&addriter, opts, "websocket"); 3811 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) { 3812 if (vnc_display_get_address(addr, true, reverse, displaynum, to, 3813 has_ipv4, has_ipv6, 3814 ipv4, ipv6, 3815 &wsaddr, errp) < 0) { 3816 goto cleanup; 3817 } 3818 3819 /* Historical compat - if only a single listen address was 3820 * provided, then this is used to set the default listen 3821 * address for websocket too 3822 */ 3823 if (*retnsaddr == 1 && 3824 (*retsaddr)[0]->type == SOCKET_ADDRESS_TYPE_INET && 3825 wsaddr->type == SOCKET_ADDRESS_TYPE_INET && 3826 g_str_equal(wsaddr->u.inet.host, "") && 3827 !g_str_equal((*retsaddr)[0]->u.inet.host, "")) { 3828 g_free(wsaddr->u.inet.host); 3829 wsaddr->u.inet.host = g_strdup((*retsaddr)[0]->u.inet.host); 3830 } 3831 3832 *retwsaddr = g_renew(SocketAddress *, *retwsaddr, *retnwsaddr + 1); 3833 (*retwsaddr)[(*retnwsaddr)++] = wsaddr; 3834 } 3835 3836 ret = 0; 3837 cleanup: 3838 if (ret < 0) { 3839 vnc_free_addresses(retsaddr, retnsaddr); 3840 vnc_free_addresses(retwsaddr, retnwsaddr); 3841 } 3842 return ret; 3843 } 3844 3845 static int vnc_display_connect(VncDisplay *vd, 3846 SocketAddress **saddr, 3847 size_t nsaddr, 3848 SocketAddress **wsaddr, 3849 size_t nwsaddr, 3850 Error **errp) 3851 { 3852 /* connect to viewer */ 3853 QIOChannelSocket *sioc = NULL; 3854 if (nwsaddr != 0) { 3855 error_setg(errp, "Cannot use websockets in reverse mode"); 3856 return -1; 3857 } 3858 if (nsaddr != 1) { 3859 error_setg(errp, "Expected a single address in reverse mode"); 3860 return -1; 3861 } 3862 /* TODO SOCKET_ADDRESS_TYPE_FD when fd has AF_UNIX */ 3863 vd->is_unix = saddr[0]->type == SOCKET_ADDRESS_TYPE_UNIX; 3864 sioc = qio_channel_socket_new(); 3865 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-reverse"); 3866 if (qio_channel_socket_connect_sync(sioc, saddr[0], errp) < 0) { 3867 object_unref(OBJECT(sioc)); 3868 return -1; 3869 } 3870 vnc_connect(vd, sioc, false, false); 3871 object_unref(OBJECT(sioc)); 3872 return 0; 3873 } 3874 3875 3876 static int vnc_display_listen(VncDisplay *vd, 3877 SocketAddress **saddr, 3878 size_t nsaddr, 3879 SocketAddress **wsaddr, 3880 size_t nwsaddr, 3881 Error **errp) 3882 { 3883 size_t i; 3884 3885 if (nsaddr) { 3886 vd->listener = qio_net_listener_new(); 3887 qio_net_listener_set_name(vd->listener, "vnc-listen"); 3888 for (i = 0; i < nsaddr; i++) { 3889 if (qio_net_listener_open_sync(vd->listener, 3890 saddr[i], 1, 3891 errp) < 0) { 3892 return -1; 3893 } 3894 } 3895 3896 qio_net_listener_set_client_func(vd->listener, 3897 vnc_listen_io, vd, NULL); 3898 } 3899 3900 if (nwsaddr) { 3901 vd->wslistener = qio_net_listener_new(); 3902 qio_net_listener_set_name(vd->wslistener, "vnc-ws-listen"); 3903 for (i = 0; i < nwsaddr; i++) { 3904 if (qio_net_listener_open_sync(vd->wslistener, 3905 wsaddr[i], 1, 3906 errp) < 0) { 3907 return -1; 3908 } 3909 } 3910 3911 qio_net_listener_set_client_func(vd->wslistener, 3912 vnc_listen_io, vd, NULL); 3913 } 3914 3915 return 0; 3916 } 3917 3918 3919 void vnc_display_open(const char *id, Error **errp) 3920 { 3921 VncDisplay *vd = vnc_display_find(id); 3922 QemuOpts *opts = qemu_opts_find(&qemu_vnc_opts, id); 3923 SocketAddress **saddr = NULL, **wsaddr = NULL; 3924 size_t nsaddr, nwsaddr; 3925 const char *share, *device_id; 3926 QemuConsole *con; 3927 bool password = false; 3928 bool reverse = false; 3929 const char *credid; 3930 bool sasl = false; 3931 int acl = 0; 3932 const char *tlsauthz; 3933 const char *saslauthz; 3934 int lock_key_sync = 1; 3935 int key_delay_ms; 3936 const char *audiodev; 3937 3938 if (!vd) { 3939 error_setg(errp, "VNC display not active"); 3940 return; 3941 } 3942 vnc_display_close(vd); 3943 3944 if (!opts) { 3945 return; 3946 } 3947 3948 reverse = qemu_opt_get_bool(opts, "reverse", false); 3949 if (vnc_display_get_addresses(opts, reverse, &saddr, &nsaddr, 3950 &wsaddr, &nwsaddr, errp) < 0) { 3951 goto fail; 3952 } 3953 3954 password = qemu_opt_get_bool(opts, "password", false); 3955 if (password) { 3956 if (fips_get_state()) { 3957 error_setg(errp, 3958 "VNC password auth disabled due to FIPS mode, " 3959 "consider using the VeNCrypt or SASL authentication " 3960 "methods as an alternative"); 3961 goto fail; 3962 } 3963 if (!qcrypto_cipher_supports( 3964 QCRYPTO_CIPHER_ALG_DES_RFB, QCRYPTO_CIPHER_MODE_ECB)) { 3965 error_setg(errp, 3966 "Cipher backend does not support DES RFB algorithm"); 3967 goto fail; 3968 } 3969 } 3970 3971 lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true); 3972 key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 10); 3973 sasl = qemu_opt_get_bool(opts, "sasl", false); 3974 #ifndef CONFIG_VNC_SASL 3975 if (sasl) { 3976 error_setg(errp, "VNC SASL auth requires cyrus-sasl support"); 3977 goto fail; 3978 } 3979 #endif /* CONFIG_VNC_SASL */ 3980 credid = qemu_opt_get(opts, "tls-creds"); 3981 if (credid) { 3982 Object *creds; 3983 creds = object_resolve_path_component( 3984 object_get_objects_root(), credid); 3985 if (!creds) { 3986 error_setg(errp, "No TLS credentials with id '%s'", 3987 credid); 3988 goto fail; 3989 } 3990 vd->tlscreds = (QCryptoTLSCreds *) 3991 object_dynamic_cast(creds, 3992 TYPE_QCRYPTO_TLS_CREDS); 3993 if (!vd->tlscreds) { 3994 error_setg(errp, "Object with id '%s' is not TLS credentials", 3995 credid); 3996 goto fail; 3997 } 3998 object_ref(OBJECT(vd->tlscreds)); 3999 4000 if (vd->tlscreds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) { 4001 error_setg(errp, 4002 "Expecting TLS credentials with a server endpoint"); 4003 goto fail; 4004 } 4005 } 4006 if (qemu_opt_get(opts, "acl")) { 4007 error_report("The 'acl' option to -vnc is deprecated. " 4008 "Please use the 'tls-authz' and 'sasl-authz' " 4009 "options instead"); 4010 } 4011 acl = qemu_opt_get_bool(opts, "acl", false); 4012 tlsauthz = qemu_opt_get(opts, "tls-authz"); 4013 if (acl && tlsauthz) { 4014 error_setg(errp, "'acl' option is mutually exclusive with the " 4015 "'tls-authz' option"); 4016 goto fail; 4017 } 4018 if (tlsauthz && !vd->tlscreds) { 4019 error_setg(errp, "'tls-authz' provided but TLS is not enabled"); 4020 goto fail; 4021 } 4022 4023 saslauthz = qemu_opt_get(opts, "sasl-authz"); 4024 if (acl && saslauthz) { 4025 error_setg(errp, "'acl' option is mutually exclusive with the " 4026 "'sasl-authz' option"); 4027 goto fail; 4028 } 4029 if (saslauthz && !sasl) { 4030 error_setg(errp, "'sasl-authz' provided but SASL auth is not enabled"); 4031 goto fail; 4032 } 4033 4034 share = qemu_opt_get(opts, "share"); 4035 if (share) { 4036 if (strcmp(share, "ignore") == 0) { 4037 vd->share_policy = VNC_SHARE_POLICY_IGNORE; 4038 } else if (strcmp(share, "allow-exclusive") == 0) { 4039 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 4040 } else if (strcmp(share, "force-shared") == 0) { 4041 vd->share_policy = VNC_SHARE_POLICY_FORCE_SHARED; 4042 } else { 4043 error_setg(errp, "unknown vnc share= option"); 4044 goto fail; 4045 } 4046 } else { 4047 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 4048 } 4049 vd->connections_limit = qemu_opt_get_number(opts, "connections", 32); 4050 4051 #ifdef CONFIG_VNC_JPEG 4052 vd->lossy = qemu_opt_get_bool(opts, "lossy", false); 4053 #endif 4054 vd->non_adaptive = qemu_opt_get_bool(opts, "non-adaptive", false); 4055 /* adaptive updates are only used with tight encoding and 4056 * if lossy updates are enabled so we can disable all the 4057 * calculations otherwise */ 4058 if (!vd->lossy) { 4059 vd->non_adaptive = true; 4060 } 4061 4062 vd->power_control = qemu_opt_get_bool(opts, "power-control", false); 4063 4064 if (tlsauthz) { 4065 vd->tlsauthzid = g_strdup(tlsauthz); 4066 } else if (acl) { 4067 if (strcmp(vd->id, "default") == 0) { 4068 vd->tlsauthzid = g_strdup("vnc.x509dname"); 4069 } else { 4070 vd->tlsauthzid = g_strdup_printf("vnc.%s.x509dname", vd->id); 4071 } 4072 vd->tlsauthz = QAUTHZ(qauthz_list_new(vd->tlsauthzid, 4073 QAUTHZ_LIST_POLICY_DENY, 4074 &error_abort)); 4075 } 4076 #ifdef CONFIG_VNC_SASL 4077 if (sasl) { 4078 if (saslauthz) { 4079 vd->sasl.authzid = g_strdup(saslauthz); 4080 } else if (acl) { 4081 if (strcmp(vd->id, "default") == 0) { 4082 vd->sasl.authzid = g_strdup("vnc.username"); 4083 } else { 4084 vd->sasl.authzid = g_strdup_printf("vnc.%s.username", vd->id); 4085 } 4086 vd->sasl.authz = QAUTHZ(qauthz_list_new(vd->sasl.authzid, 4087 QAUTHZ_LIST_POLICY_DENY, 4088 &error_abort)); 4089 } 4090 } 4091 #endif 4092 4093 if (vnc_display_setup_auth(&vd->auth, &vd->subauth, 4094 vd->tlscreds, password, 4095 sasl, false, errp) < 0) { 4096 goto fail; 4097 } 4098 trace_vnc_auth_init(vd, 0, vd->auth, vd->subauth); 4099 4100 if (vnc_display_setup_auth(&vd->ws_auth, &vd->ws_subauth, 4101 vd->tlscreds, password, 4102 sasl, true, errp) < 0) { 4103 goto fail; 4104 } 4105 trace_vnc_auth_init(vd, 1, vd->ws_auth, vd->ws_subauth); 4106 4107 #ifdef CONFIG_VNC_SASL 4108 if (sasl) { 4109 int saslErr = sasl_server_init(NULL, "qemu"); 4110 4111 if (saslErr != SASL_OK) { 4112 error_setg(errp, "Failed to initialize SASL auth: %s", 4113 sasl_errstring(saslErr, NULL, NULL)); 4114 goto fail; 4115 } 4116 } 4117 #endif 4118 vd->lock_key_sync = lock_key_sync; 4119 if (lock_key_sync) { 4120 vd->led = qemu_add_led_event_handler(kbd_leds, vd); 4121 } 4122 vd->ledstate = 0; 4123 4124 audiodev = qemu_opt_get(opts, "audiodev"); 4125 if (audiodev) { 4126 vd->audio_state = audio_state_by_name(audiodev); 4127 if (!vd->audio_state) { 4128 error_setg(errp, "Audiodev '%s' not found", audiodev); 4129 goto fail; 4130 } 4131 } 4132 4133 device_id = qemu_opt_get(opts, "display"); 4134 if (device_id) { 4135 int head = qemu_opt_get_number(opts, "head", 0); 4136 Error *err = NULL; 4137 4138 con = qemu_console_lookup_by_device_name(device_id, head, &err); 4139 if (err) { 4140 error_propagate(errp, err); 4141 goto fail; 4142 } 4143 } else { 4144 con = NULL; 4145 } 4146 4147 if (con != vd->dcl.con) { 4148 qkbd_state_free(vd->kbd); 4149 unregister_displaychangelistener(&vd->dcl); 4150 vd->dcl.con = con; 4151 register_displaychangelistener(&vd->dcl); 4152 vd->kbd = qkbd_state_init(vd->dcl.con); 4153 } 4154 qkbd_state_set_delay(vd->kbd, key_delay_ms); 4155 4156 if (saddr == NULL) { 4157 goto cleanup; 4158 } 4159 4160 if (reverse) { 4161 if (vnc_display_connect(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) { 4162 goto fail; 4163 } 4164 } else { 4165 if (vnc_display_listen(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) { 4166 goto fail; 4167 } 4168 } 4169 4170 if (qemu_opt_get(opts, "to")) { 4171 vnc_display_print_local_addr(vd); 4172 } 4173 4174 cleanup: 4175 vnc_free_addresses(&saddr, &nsaddr); 4176 vnc_free_addresses(&wsaddr, &nwsaddr); 4177 return; 4178 4179 fail: 4180 vnc_display_close(vd); 4181 goto cleanup; 4182 } 4183 4184 void vnc_display_add_client(const char *id, int csock, bool skipauth) 4185 { 4186 VncDisplay *vd = vnc_display_find(id); 4187 QIOChannelSocket *sioc; 4188 4189 if (!vd) { 4190 return; 4191 } 4192 4193 sioc = qio_channel_socket_new_fd(csock, NULL); 4194 if (sioc) { 4195 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-server"); 4196 vnc_connect(vd, sioc, skipauth, false); 4197 object_unref(OBJECT(sioc)); 4198 } 4199 } 4200 4201 static void vnc_auto_assign_id(QemuOptsList *olist, QemuOpts *opts) 4202 { 4203 int i = 2; 4204 char *id; 4205 4206 id = g_strdup("default"); 4207 while (qemu_opts_find(olist, id)) { 4208 g_free(id); 4209 id = g_strdup_printf("vnc%d", i++); 4210 } 4211 qemu_opts_set_id(opts, id); 4212 } 4213 4214 QemuOpts *vnc_parse(const char *str, Error **errp) 4215 { 4216 QemuOptsList *olist = qemu_find_opts("vnc"); 4217 QemuOpts *opts = qemu_opts_parse(olist, str, true, errp); 4218 const char *id; 4219 4220 if (!opts) { 4221 return NULL; 4222 } 4223 4224 id = qemu_opts_id(opts); 4225 if (!id) { 4226 /* auto-assign id if not present */ 4227 vnc_auto_assign_id(olist, opts); 4228 } 4229 return opts; 4230 } 4231 4232 int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp) 4233 { 4234 Error *local_err = NULL; 4235 char *id = (char *)qemu_opts_id(opts); 4236 4237 assert(id); 4238 vnc_display_init(id, &local_err); 4239 if (local_err) { 4240 error_propagate(errp, local_err); 4241 return -1; 4242 } 4243 vnc_display_open(id, &local_err); 4244 if (local_err != NULL) { 4245 error_propagate(errp, local_err); 4246 return -1; 4247 } 4248 return 0; 4249 } 4250 4251 static void vnc_register_config(void) 4252 { 4253 qemu_add_opts(&qemu_vnc_opts); 4254 } 4255 opts_init(vnc_register_config); 4256