1 /* 2 * QEMU VNC display driver 3 * 4 * Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws> 5 * Copyright (C) 2006 Fabrice Bellard 6 * Copyright (C) 2009 Red Hat, Inc 7 * 8 * Permission is hereby granted, free of charge, to any person obtaining a copy 9 * of this software and associated documentation files (the "Software"), to deal 10 * in the Software without restriction, including without limitation the rights 11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 12 * copies of the Software, and to permit persons to whom the Software is 13 * furnished to do so, subject to the following conditions: 14 * 15 * The above copyright notice and this permission notice shall be included in 16 * all copies or substantial portions of the Software. 17 * 18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 21 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 24 * THE SOFTWARE. 25 */ 26 27 #include "qemu/osdep.h" 28 #include "vnc.h" 29 #include "vnc-jobs.h" 30 #include "trace.h" 31 #include "sysemu/sysemu.h" 32 #include "qemu/error-report.h" 33 #include "qemu/option.h" 34 #include "qemu/sockets.h" 35 #include "qemu/timer.h" 36 #include "authz/list.h" 37 #include "qemu/config-file.h" 38 #include "qapi/qapi-emit-events.h" 39 #include "qapi/qapi-events-ui.h" 40 #include "qapi/error.h" 41 #include "qapi/qapi-commands-ui.h" 42 #include "ui/input.h" 43 #include "crypto/hash.h" 44 #include "crypto/tlscredsanon.h" 45 #include "crypto/tlscredsx509.h" 46 #include "qom/object_interfaces.h" 47 #include "qemu/cutils.h" 48 #include "io/dns-resolver.h" 49 50 #define VNC_REFRESH_INTERVAL_BASE GUI_REFRESH_INTERVAL_DEFAULT 51 #define VNC_REFRESH_INTERVAL_INC 50 52 #define VNC_REFRESH_INTERVAL_MAX GUI_REFRESH_INTERVAL_IDLE 53 static const struct timeval VNC_REFRESH_STATS = { 0, 500000 }; 54 static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 }; 55 56 #include "vnc_keysym.h" 57 #include "crypto/cipher.h" 58 59 static QTAILQ_HEAD(, VncDisplay) vnc_displays = 60 QTAILQ_HEAD_INITIALIZER(vnc_displays); 61 62 static int vnc_cursor_define(VncState *vs); 63 static void vnc_update_throttle_offset(VncState *vs); 64 65 static void vnc_set_share_mode(VncState *vs, VncShareMode mode) 66 { 67 #ifdef _VNC_DEBUG 68 static const char *mn[] = { 69 [0] = "undefined", 70 [VNC_SHARE_MODE_CONNECTING] = "connecting", 71 [VNC_SHARE_MODE_SHARED] = "shared", 72 [VNC_SHARE_MODE_EXCLUSIVE] = "exclusive", 73 [VNC_SHARE_MODE_DISCONNECTED] = "disconnected", 74 }; 75 fprintf(stderr, "%s/%p: %s -> %s\n", __func__, 76 vs->ioc, mn[vs->share_mode], mn[mode]); 77 #endif 78 79 switch (vs->share_mode) { 80 case VNC_SHARE_MODE_CONNECTING: 81 vs->vd->num_connecting--; 82 break; 83 case VNC_SHARE_MODE_SHARED: 84 vs->vd->num_shared--; 85 break; 86 case VNC_SHARE_MODE_EXCLUSIVE: 87 vs->vd->num_exclusive--; 88 break; 89 default: 90 break; 91 } 92 93 vs->share_mode = mode; 94 95 switch (vs->share_mode) { 96 case VNC_SHARE_MODE_CONNECTING: 97 vs->vd->num_connecting++; 98 break; 99 case VNC_SHARE_MODE_SHARED: 100 vs->vd->num_shared++; 101 break; 102 case VNC_SHARE_MODE_EXCLUSIVE: 103 vs->vd->num_exclusive++; 104 break; 105 default: 106 break; 107 } 108 } 109 110 111 static void vnc_init_basic_info(SocketAddress *addr, 112 VncBasicInfo *info, 113 Error **errp) 114 { 115 switch (addr->type) { 116 case SOCKET_ADDRESS_TYPE_INET: 117 info->host = g_strdup(addr->u.inet.host); 118 info->service = g_strdup(addr->u.inet.port); 119 if (addr->u.inet.ipv6) { 120 info->family = NETWORK_ADDRESS_FAMILY_IPV6; 121 } else { 122 info->family = NETWORK_ADDRESS_FAMILY_IPV4; 123 } 124 break; 125 126 case SOCKET_ADDRESS_TYPE_UNIX: 127 info->host = g_strdup(""); 128 info->service = g_strdup(addr->u.q_unix.path); 129 info->family = NETWORK_ADDRESS_FAMILY_UNIX; 130 break; 131 132 case SOCKET_ADDRESS_TYPE_VSOCK: 133 case SOCKET_ADDRESS_TYPE_FD: 134 error_setg(errp, "Unsupported socket address type %s", 135 SocketAddressType_str(addr->type)); 136 break; 137 default: 138 abort(); 139 } 140 141 return; 142 } 143 144 static void vnc_init_basic_info_from_server_addr(QIOChannelSocket *ioc, 145 VncBasicInfo *info, 146 Error **errp) 147 { 148 SocketAddress *addr = NULL; 149 150 if (!ioc) { 151 error_setg(errp, "No listener socket available"); 152 return; 153 } 154 155 addr = qio_channel_socket_get_local_address(ioc, errp); 156 if (!addr) { 157 return; 158 } 159 160 vnc_init_basic_info(addr, info, errp); 161 qapi_free_SocketAddress(addr); 162 } 163 164 static void vnc_init_basic_info_from_remote_addr(QIOChannelSocket *ioc, 165 VncBasicInfo *info, 166 Error **errp) 167 { 168 SocketAddress *addr = NULL; 169 170 addr = qio_channel_socket_get_remote_address(ioc, errp); 171 if (!addr) { 172 return; 173 } 174 175 vnc_init_basic_info(addr, info, errp); 176 qapi_free_SocketAddress(addr); 177 } 178 179 static const char *vnc_auth_name(VncDisplay *vd) { 180 switch (vd->auth) { 181 case VNC_AUTH_INVALID: 182 return "invalid"; 183 case VNC_AUTH_NONE: 184 return "none"; 185 case VNC_AUTH_VNC: 186 return "vnc"; 187 case VNC_AUTH_RA2: 188 return "ra2"; 189 case VNC_AUTH_RA2NE: 190 return "ra2ne"; 191 case VNC_AUTH_TIGHT: 192 return "tight"; 193 case VNC_AUTH_ULTRA: 194 return "ultra"; 195 case VNC_AUTH_TLS: 196 return "tls"; 197 case VNC_AUTH_VENCRYPT: 198 switch (vd->subauth) { 199 case VNC_AUTH_VENCRYPT_PLAIN: 200 return "vencrypt+plain"; 201 case VNC_AUTH_VENCRYPT_TLSNONE: 202 return "vencrypt+tls+none"; 203 case VNC_AUTH_VENCRYPT_TLSVNC: 204 return "vencrypt+tls+vnc"; 205 case VNC_AUTH_VENCRYPT_TLSPLAIN: 206 return "vencrypt+tls+plain"; 207 case VNC_AUTH_VENCRYPT_X509NONE: 208 return "vencrypt+x509+none"; 209 case VNC_AUTH_VENCRYPT_X509VNC: 210 return "vencrypt+x509+vnc"; 211 case VNC_AUTH_VENCRYPT_X509PLAIN: 212 return "vencrypt+x509+plain"; 213 case VNC_AUTH_VENCRYPT_TLSSASL: 214 return "vencrypt+tls+sasl"; 215 case VNC_AUTH_VENCRYPT_X509SASL: 216 return "vencrypt+x509+sasl"; 217 default: 218 return "vencrypt"; 219 } 220 case VNC_AUTH_SASL: 221 return "sasl"; 222 } 223 return "unknown"; 224 } 225 226 static VncServerInfo *vnc_server_info_get(VncDisplay *vd) 227 { 228 VncServerInfo *info; 229 Error *err = NULL; 230 231 if (!vd->listener || !vd->listener->nsioc) { 232 return NULL; 233 } 234 235 info = g_malloc0(sizeof(*info)); 236 vnc_init_basic_info_from_server_addr(vd->listener->sioc[0], 237 qapi_VncServerInfo_base(info), &err); 238 info->has_auth = true; 239 info->auth = g_strdup(vnc_auth_name(vd)); 240 if (err) { 241 qapi_free_VncServerInfo(info); 242 info = NULL; 243 error_free(err); 244 } 245 return info; 246 } 247 248 static void vnc_client_cache_auth(VncState *client) 249 { 250 if (!client->info) { 251 return; 252 } 253 254 if (client->tls) { 255 client->info->x509_dname = 256 qcrypto_tls_session_get_peer_name(client->tls); 257 client->info->has_x509_dname = 258 client->info->x509_dname != NULL; 259 } 260 #ifdef CONFIG_VNC_SASL 261 if (client->sasl.conn && 262 client->sasl.username) { 263 client->info->has_sasl_username = true; 264 client->info->sasl_username = g_strdup(client->sasl.username); 265 } 266 #endif 267 } 268 269 static void vnc_client_cache_addr(VncState *client) 270 { 271 Error *err = NULL; 272 273 client->info = g_malloc0(sizeof(*client->info)); 274 vnc_init_basic_info_from_remote_addr(client->sioc, 275 qapi_VncClientInfo_base(client->info), 276 &err); 277 if (err) { 278 qapi_free_VncClientInfo(client->info); 279 client->info = NULL; 280 error_free(err); 281 } 282 } 283 284 static void vnc_qmp_event(VncState *vs, QAPIEvent event) 285 { 286 VncServerInfo *si; 287 288 if (!vs->info) { 289 return; 290 } 291 292 si = vnc_server_info_get(vs->vd); 293 if (!si) { 294 return; 295 } 296 297 switch (event) { 298 case QAPI_EVENT_VNC_CONNECTED: 299 qapi_event_send_vnc_connected(si, qapi_VncClientInfo_base(vs->info)); 300 break; 301 case QAPI_EVENT_VNC_INITIALIZED: 302 qapi_event_send_vnc_initialized(si, vs->info); 303 break; 304 case QAPI_EVENT_VNC_DISCONNECTED: 305 qapi_event_send_vnc_disconnected(si, vs->info); 306 break; 307 default: 308 break; 309 } 310 311 qapi_free_VncServerInfo(si); 312 } 313 314 static VncClientInfo *qmp_query_vnc_client(const VncState *client) 315 { 316 VncClientInfo *info; 317 Error *err = NULL; 318 319 info = g_malloc0(sizeof(*info)); 320 321 vnc_init_basic_info_from_remote_addr(client->sioc, 322 qapi_VncClientInfo_base(info), 323 &err); 324 if (err) { 325 error_free(err); 326 qapi_free_VncClientInfo(info); 327 return NULL; 328 } 329 330 info->websocket = client->websocket; 331 332 if (client->tls) { 333 info->x509_dname = qcrypto_tls_session_get_peer_name(client->tls); 334 info->has_x509_dname = info->x509_dname != NULL; 335 } 336 #ifdef CONFIG_VNC_SASL 337 if (client->sasl.conn && client->sasl.username) { 338 info->has_sasl_username = true; 339 info->sasl_username = g_strdup(client->sasl.username); 340 } 341 #endif 342 343 return info; 344 } 345 346 static VncDisplay *vnc_display_find(const char *id) 347 { 348 VncDisplay *vd; 349 350 if (id == NULL) { 351 return QTAILQ_FIRST(&vnc_displays); 352 } 353 QTAILQ_FOREACH(vd, &vnc_displays, next) { 354 if (strcmp(id, vd->id) == 0) { 355 return vd; 356 } 357 } 358 return NULL; 359 } 360 361 static VncClientInfoList *qmp_query_client_list(VncDisplay *vd) 362 { 363 VncClientInfoList *cinfo, *prev = NULL; 364 VncState *client; 365 366 QTAILQ_FOREACH(client, &vd->clients, next) { 367 cinfo = g_new0(VncClientInfoList, 1); 368 cinfo->value = qmp_query_vnc_client(client); 369 cinfo->next = prev; 370 prev = cinfo; 371 } 372 return prev; 373 } 374 375 VncInfo *qmp_query_vnc(Error **errp) 376 { 377 VncInfo *info = g_malloc0(sizeof(*info)); 378 VncDisplay *vd = vnc_display_find(NULL); 379 SocketAddress *addr = NULL; 380 381 if (vd == NULL || !vd->listener || !vd->listener->nsioc) { 382 info->enabled = false; 383 } else { 384 info->enabled = true; 385 386 /* for compatibility with the original command */ 387 info->has_clients = true; 388 info->clients = qmp_query_client_list(vd); 389 390 addr = qio_channel_socket_get_local_address(vd->listener->sioc[0], 391 errp); 392 if (!addr) { 393 goto out_error; 394 } 395 396 switch (addr->type) { 397 case SOCKET_ADDRESS_TYPE_INET: 398 info->host = g_strdup(addr->u.inet.host); 399 info->service = g_strdup(addr->u.inet.port); 400 if (addr->u.inet.ipv6) { 401 info->family = NETWORK_ADDRESS_FAMILY_IPV6; 402 } else { 403 info->family = NETWORK_ADDRESS_FAMILY_IPV4; 404 } 405 break; 406 407 case SOCKET_ADDRESS_TYPE_UNIX: 408 info->host = g_strdup(""); 409 info->service = g_strdup(addr->u.q_unix.path); 410 info->family = NETWORK_ADDRESS_FAMILY_UNIX; 411 break; 412 413 case SOCKET_ADDRESS_TYPE_VSOCK: 414 case SOCKET_ADDRESS_TYPE_FD: 415 error_setg(errp, "Unsupported socket address type %s", 416 SocketAddressType_str(addr->type)); 417 goto out_error; 418 default: 419 abort(); 420 } 421 422 info->has_host = true; 423 info->has_service = true; 424 info->has_family = true; 425 426 info->has_auth = true; 427 info->auth = g_strdup(vnc_auth_name(vd)); 428 } 429 430 qapi_free_SocketAddress(addr); 431 return info; 432 433 out_error: 434 qapi_free_SocketAddress(addr); 435 qapi_free_VncInfo(info); 436 return NULL; 437 } 438 439 440 static void qmp_query_auth(int auth, int subauth, 441 VncPrimaryAuth *qmp_auth, 442 VncVencryptSubAuth *qmp_vencrypt, 443 bool *qmp_has_vencrypt); 444 445 static VncServerInfo2List *qmp_query_server_entry(QIOChannelSocket *ioc, 446 bool websocket, 447 int auth, 448 int subauth, 449 VncServerInfo2List *prev) 450 { 451 VncServerInfo2List *list; 452 VncServerInfo2 *info; 453 Error *err = NULL; 454 SocketAddress *addr; 455 456 addr = qio_channel_socket_get_local_address(ioc, &err); 457 if (!addr) { 458 error_free(err); 459 return prev; 460 } 461 462 info = g_new0(VncServerInfo2, 1); 463 vnc_init_basic_info(addr, qapi_VncServerInfo2_base(info), &err); 464 qapi_free_SocketAddress(addr); 465 if (err) { 466 qapi_free_VncServerInfo2(info); 467 error_free(err); 468 return prev; 469 } 470 info->websocket = websocket; 471 472 qmp_query_auth(auth, subauth, &info->auth, 473 &info->vencrypt, &info->has_vencrypt); 474 475 list = g_new0(VncServerInfo2List, 1); 476 list->value = info; 477 list->next = prev; 478 return list; 479 } 480 481 static void qmp_query_auth(int auth, int subauth, 482 VncPrimaryAuth *qmp_auth, 483 VncVencryptSubAuth *qmp_vencrypt, 484 bool *qmp_has_vencrypt) 485 { 486 switch (auth) { 487 case VNC_AUTH_VNC: 488 *qmp_auth = VNC_PRIMARY_AUTH_VNC; 489 break; 490 case VNC_AUTH_RA2: 491 *qmp_auth = VNC_PRIMARY_AUTH_RA2; 492 break; 493 case VNC_AUTH_RA2NE: 494 *qmp_auth = VNC_PRIMARY_AUTH_RA2NE; 495 break; 496 case VNC_AUTH_TIGHT: 497 *qmp_auth = VNC_PRIMARY_AUTH_TIGHT; 498 break; 499 case VNC_AUTH_ULTRA: 500 *qmp_auth = VNC_PRIMARY_AUTH_ULTRA; 501 break; 502 case VNC_AUTH_TLS: 503 *qmp_auth = VNC_PRIMARY_AUTH_TLS; 504 break; 505 case VNC_AUTH_VENCRYPT: 506 *qmp_auth = VNC_PRIMARY_AUTH_VENCRYPT; 507 *qmp_has_vencrypt = true; 508 switch (subauth) { 509 case VNC_AUTH_VENCRYPT_PLAIN: 510 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_PLAIN; 511 break; 512 case VNC_AUTH_VENCRYPT_TLSNONE: 513 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_NONE; 514 break; 515 case VNC_AUTH_VENCRYPT_TLSVNC: 516 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_VNC; 517 break; 518 case VNC_AUTH_VENCRYPT_TLSPLAIN: 519 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_PLAIN; 520 break; 521 case VNC_AUTH_VENCRYPT_X509NONE: 522 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_NONE; 523 break; 524 case VNC_AUTH_VENCRYPT_X509VNC: 525 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_VNC; 526 break; 527 case VNC_AUTH_VENCRYPT_X509PLAIN: 528 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_PLAIN; 529 break; 530 case VNC_AUTH_VENCRYPT_TLSSASL: 531 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_SASL; 532 break; 533 case VNC_AUTH_VENCRYPT_X509SASL: 534 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_SASL; 535 break; 536 default: 537 *qmp_has_vencrypt = false; 538 break; 539 } 540 break; 541 case VNC_AUTH_SASL: 542 *qmp_auth = VNC_PRIMARY_AUTH_SASL; 543 break; 544 case VNC_AUTH_NONE: 545 default: 546 *qmp_auth = VNC_PRIMARY_AUTH_NONE; 547 break; 548 } 549 } 550 551 VncInfo2List *qmp_query_vnc_servers(Error **errp) 552 { 553 VncInfo2List *item, *prev = NULL; 554 VncInfo2 *info; 555 VncDisplay *vd; 556 DeviceState *dev; 557 size_t i; 558 559 QTAILQ_FOREACH(vd, &vnc_displays, next) { 560 info = g_new0(VncInfo2, 1); 561 info->id = g_strdup(vd->id); 562 info->clients = qmp_query_client_list(vd); 563 qmp_query_auth(vd->auth, vd->subauth, &info->auth, 564 &info->vencrypt, &info->has_vencrypt); 565 if (vd->dcl.con) { 566 dev = DEVICE(object_property_get_link(OBJECT(vd->dcl.con), 567 "device", NULL)); 568 info->has_display = true; 569 info->display = g_strdup(dev->id); 570 } 571 for (i = 0; vd->listener != NULL && i < vd->listener->nsioc; i++) { 572 info->server = qmp_query_server_entry( 573 vd->listener->sioc[i], false, vd->auth, vd->subauth, 574 info->server); 575 } 576 for (i = 0; vd->wslistener != NULL && i < vd->wslistener->nsioc; i++) { 577 info->server = qmp_query_server_entry( 578 vd->wslistener->sioc[i], true, vd->ws_auth, 579 vd->ws_subauth, info->server); 580 } 581 582 item = g_new0(VncInfo2List, 1); 583 item->value = info; 584 item->next = prev; 585 prev = item; 586 } 587 return prev; 588 } 589 590 /* TODO 591 1) Get the queue working for IO. 592 2) there is some weirdness when using the -S option (the screen is grey 593 and not totally invalidated 594 3) resolutions > 1024 595 */ 596 597 static int vnc_update_client(VncState *vs, int has_dirty); 598 static void vnc_disconnect_start(VncState *vs); 599 600 static void vnc_colordepth(VncState *vs); 601 static void framebuffer_update_request(VncState *vs, int incremental, 602 int x_position, int y_position, 603 int w, int h); 604 static void vnc_refresh(DisplayChangeListener *dcl); 605 static int vnc_refresh_server_surface(VncDisplay *vd); 606 607 static int vnc_width(VncDisplay *vd) 608 { 609 return MIN(VNC_MAX_WIDTH, ROUND_UP(surface_width(vd->ds), 610 VNC_DIRTY_PIXELS_PER_BIT)); 611 } 612 613 static int vnc_height(VncDisplay *vd) 614 { 615 return MIN(VNC_MAX_HEIGHT, surface_height(vd->ds)); 616 } 617 618 static void vnc_set_area_dirty(DECLARE_BITMAP(dirty[VNC_MAX_HEIGHT], 619 VNC_MAX_WIDTH / VNC_DIRTY_PIXELS_PER_BIT), 620 VncDisplay *vd, 621 int x, int y, int w, int h) 622 { 623 int width = vnc_width(vd); 624 int height = vnc_height(vd); 625 626 /* this is needed this to ensure we updated all affected 627 * blocks if x % VNC_DIRTY_PIXELS_PER_BIT != 0 */ 628 w += (x % VNC_DIRTY_PIXELS_PER_BIT); 629 x -= (x % VNC_DIRTY_PIXELS_PER_BIT); 630 631 x = MIN(x, width); 632 y = MIN(y, height); 633 w = MIN(x + w, width) - x; 634 h = MIN(y + h, height); 635 636 for (; y < h; y++) { 637 bitmap_set(dirty[y], x / VNC_DIRTY_PIXELS_PER_BIT, 638 DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT)); 639 } 640 } 641 642 static void vnc_dpy_update(DisplayChangeListener *dcl, 643 int x, int y, int w, int h) 644 { 645 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 646 struct VncSurface *s = &vd->guest; 647 648 vnc_set_area_dirty(s->dirty, vd, x, y, w, h); 649 } 650 651 void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h, 652 int32_t encoding) 653 { 654 vnc_write_u16(vs, x); 655 vnc_write_u16(vs, y); 656 vnc_write_u16(vs, w); 657 vnc_write_u16(vs, h); 658 659 vnc_write_s32(vs, encoding); 660 } 661 662 663 static void vnc_desktop_resize(VncState *vs) 664 { 665 if (vs->ioc == NULL || !vnc_has_feature(vs, VNC_FEATURE_RESIZE)) { 666 return; 667 } 668 if (vs->client_width == pixman_image_get_width(vs->vd->server) && 669 vs->client_height == pixman_image_get_height(vs->vd->server)) { 670 return; 671 } 672 673 assert(pixman_image_get_width(vs->vd->server) < 65536 && 674 pixman_image_get_width(vs->vd->server) >= 0); 675 assert(pixman_image_get_height(vs->vd->server) < 65536 && 676 pixman_image_get_height(vs->vd->server) >= 0); 677 vs->client_width = pixman_image_get_width(vs->vd->server); 678 vs->client_height = pixman_image_get_height(vs->vd->server); 679 vnc_lock_output(vs); 680 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 681 vnc_write_u8(vs, 0); 682 vnc_write_u16(vs, 1); /* number of rects */ 683 vnc_framebuffer_update(vs, 0, 0, vs->client_width, vs->client_height, 684 VNC_ENCODING_DESKTOPRESIZE); 685 vnc_unlock_output(vs); 686 vnc_flush(vs); 687 } 688 689 static void vnc_abort_display_jobs(VncDisplay *vd) 690 { 691 VncState *vs; 692 693 QTAILQ_FOREACH(vs, &vd->clients, next) { 694 vnc_lock_output(vs); 695 vs->abort = true; 696 vnc_unlock_output(vs); 697 } 698 QTAILQ_FOREACH(vs, &vd->clients, next) { 699 vnc_jobs_join(vs); 700 } 701 QTAILQ_FOREACH(vs, &vd->clients, next) { 702 vnc_lock_output(vs); 703 vs->abort = false; 704 vnc_unlock_output(vs); 705 } 706 } 707 708 int vnc_server_fb_stride(VncDisplay *vd) 709 { 710 return pixman_image_get_stride(vd->server); 711 } 712 713 void *vnc_server_fb_ptr(VncDisplay *vd, int x, int y) 714 { 715 uint8_t *ptr; 716 717 ptr = (uint8_t *)pixman_image_get_data(vd->server); 718 ptr += y * vnc_server_fb_stride(vd); 719 ptr += x * VNC_SERVER_FB_BYTES; 720 return ptr; 721 } 722 723 static void vnc_update_server_surface(VncDisplay *vd) 724 { 725 int width, height; 726 727 qemu_pixman_image_unref(vd->server); 728 vd->server = NULL; 729 730 if (QTAILQ_EMPTY(&vd->clients)) { 731 return; 732 } 733 734 width = vnc_width(vd); 735 height = vnc_height(vd); 736 vd->server = pixman_image_create_bits(VNC_SERVER_FB_FORMAT, 737 width, height, 738 NULL, 0); 739 740 memset(vd->guest.dirty, 0x00, sizeof(vd->guest.dirty)); 741 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0, 742 width, height); 743 } 744 745 static bool vnc_check_pageflip(DisplaySurface *s1, 746 DisplaySurface *s2) 747 { 748 return (s1 != NULL && 749 s2 != NULL && 750 surface_width(s1) == surface_width(s2) && 751 surface_height(s1) == surface_height(s2) && 752 surface_format(s1) == surface_format(s2)); 753 754 } 755 756 static void vnc_dpy_switch(DisplayChangeListener *dcl, 757 DisplaySurface *surface) 758 { 759 static const char placeholder_msg[] = 760 "Display output is not active."; 761 static DisplaySurface *placeholder; 762 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 763 bool pageflip = vnc_check_pageflip(vd->ds, surface); 764 VncState *vs; 765 766 if (surface == NULL) { 767 if (placeholder == NULL) { 768 placeholder = qemu_create_message_surface(640, 480, placeholder_msg); 769 } 770 surface = placeholder; 771 } 772 773 vnc_abort_display_jobs(vd); 774 vd->ds = surface; 775 776 /* guest surface */ 777 qemu_pixman_image_unref(vd->guest.fb); 778 vd->guest.fb = pixman_image_ref(surface->image); 779 vd->guest.format = surface->format; 780 781 if (pageflip) { 782 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0, 783 surface_width(surface), 784 surface_height(surface)); 785 return; 786 } 787 788 /* server surface */ 789 vnc_update_server_surface(vd); 790 791 QTAILQ_FOREACH(vs, &vd->clients, next) { 792 vnc_colordepth(vs); 793 vnc_desktop_resize(vs); 794 if (vs->vd->cursor) { 795 vnc_cursor_define(vs); 796 } 797 memset(vs->dirty, 0x00, sizeof(vs->dirty)); 798 vnc_set_area_dirty(vs->dirty, vd, 0, 0, 799 vnc_width(vd), 800 vnc_height(vd)); 801 vnc_update_throttle_offset(vs); 802 } 803 } 804 805 /* fastest code */ 806 static void vnc_write_pixels_copy(VncState *vs, 807 void *pixels, int size) 808 { 809 vnc_write(vs, pixels, size); 810 } 811 812 /* slowest but generic code. */ 813 void vnc_convert_pixel(VncState *vs, uint8_t *buf, uint32_t v) 814 { 815 uint8_t r, g, b; 816 817 #if VNC_SERVER_FB_FORMAT == PIXMAN_FORMAT(32, PIXMAN_TYPE_ARGB, 0, 8, 8, 8) 818 r = (((v & 0x00ff0000) >> 16) << vs->client_pf.rbits) >> 8; 819 g = (((v & 0x0000ff00) >> 8) << vs->client_pf.gbits) >> 8; 820 b = (((v & 0x000000ff) >> 0) << vs->client_pf.bbits) >> 8; 821 #else 822 # error need some bits here if you change VNC_SERVER_FB_FORMAT 823 #endif 824 v = (r << vs->client_pf.rshift) | 825 (g << vs->client_pf.gshift) | 826 (b << vs->client_pf.bshift); 827 switch (vs->client_pf.bytes_per_pixel) { 828 case 1: 829 buf[0] = v; 830 break; 831 case 2: 832 if (vs->client_be) { 833 buf[0] = v >> 8; 834 buf[1] = v; 835 } else { 836 buf[1] = v >> 8; 837 buf[0] = v; 838 } 839 break; 840 default: 841 case 4: 842 if (vs->client_be) { 843 buf[0] = v >> 24; 844 buf[1] = v >> 16; 845 buf[2] = v >> 8; 846 buf[3] = v; 847 } else { 848 buf[3] = v >> 24; 849 buf[2] = v >> 16; 850 buf[1] = v >> 8; 851 buf[0] = v; 852 } 853 break; 854 } 855 } 856 857 static void vnc_write_pixels_generic(VncState *vs, 858 void *pixels1, int size) 859 { 860 uint8_t buf[4]; 861 862 if (VNC_SERVER_FB_BYTES == 4) { 863 uint32_t *pixels = pixels1; 864 int n, i; 865 n = size >> 2; 866 for (i = 0; i < n; i++) { 867 vnc_convert_pixel(vs, buf, pixels[i]); 868 vnc_write(vs, buf, vs->client_pf.bytes_per_pixel); 869 } 870 } 871 } 872 873 int vnc_raw_send_framebuffer_update(VncState *vs, int x, int y, int w, int h) 874 { 875 int i; 876 uint8_t *row; 877 VncDisplay *vd = vs->vd; 878 879 row = vnc_server_fb_ptr(vd, x, y); 880 for (i = 0; i < h; i++) { 881 vs->write_pixels(vs, row, w * VNC_SERVER_FB_BYTES); 882 row += vnc_server_fb_stride(vd); 883 } 884 return 1; 885 } 886 887 int vnc_send_framebuffer_update(VncState *vs, int x, int y, int w, int h) 888 { 889 int n = 0; 890 bool encode_raw = false; 891 size_t saved_offs = vs->output.offset; 892 893 switch(vs->vnc_encoding) { 894 case VNC_ENCODING_ZLIB: 895 n = vnc_zlib_send_framebuffer_update(vs, x, y, w, h); 896 break; 897 case VNC_ENCODING_HEXTILE: 898 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_HEXTILE); 899 n = vnc_hextile_send_framebuffer_update(vs, x, y, w, h); 900 break; 901 case VNC_ENCODING_TIGHT: 902 n = vnc_tight_send_framebuffer_update(vs, x, y, w, h); 903 break; 904 case VNC_ENCODING_TIGHT_PNG: 905 n = vnc_tight_png_send_framebuffer_update(vs, x, y, w, h); 906 break; 907 case VNC_ENCODING_ZRLE: 908 n = vnc_zrle_send_framebuffer_update(vs, x, y, w, h); 909 break; 910 case VNC_ENCODING_ZYWRLE: 911 n = vnc_zywrle_send_framebuffer_update(vs, x, y, w, h); 912 break; 913 default: 914 encode_raw = true; 915 break; 916 } 917 918 /* If the client has the same pixel format as our internal buffer and 919 * a RAW encoding would need less space fall back to RAW encoding to 920 * save bandwidth and processing power in the client. */ 921 if (!encode_raw && vs->write_pixels == vnc_write_pixels_copy && 922 12 + h * w * VNC_SERVER_FB_BYTES <= (vs->output.offset - saved_offs)) { 923 vs->output.offset = saved_offs; 924 encode_raw = true; 925 } 926 927 if (encode_raw) { 928 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_RAW); 929 n = vnc_raw_send_framebuffer_update(vs, x, y, w, h); 930 } 931 932 return n; 933 } 934 935 static void vnc_mouse_set(DisplayChangeListener *dcl, 936 int x, int y, int visible) 937 { 938 /* can we ask the client(s) to move the pointer ??? */ 939 } 940 941 static int vnc_cursor_define(VncState *vs) 942 { 943 QEMUCursor *c = vs->vd->cursor; 944 int isize; 945 946 if (vnc_has_feature(vs, VNC_FEATURE_RICH_CURSOR)) { 947 vnc_lock_output(vs); 948 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 949 vnc_write_u8(vs, 0); /* padding */ 950 vnc_write_u16(vs, 1); /* # of rects */ 951 vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height, 952 VNC_ENCODING_RICH_CURSOR); 953 isize = c->width * c->height * vs->client_pf.bytes_per_pixel; 954 vnc_write_pixels_generic(vs, c->data, isize); 955 vnc_write(vs, vs->vd->cursor_mask, vs->vd->cursor_msize); 956 vnc_unlock_output(vs); 957 return 0; 958 } 959 return -1; 960 } 961 962 static void vnc_dpy_cursor_define(DisplayChangeListener *dcl, 963 QEMUCursor *c) 964 { 965 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 966 VncState *vs; 967 968 cursor_put(vd->cursor); 969 g_free(vd->cursor_mask); 970 971 vd->cursor = c; 972 cursor_get(vd->cursor); 973 vd->cursor_msize = cursor_get_mono_bpl(c) * c->height; 974 vd->cursor_mask = g_malloc0(vd->cursor_msize); 975 cursor_get_mono_mask(c, 0, vd->cursor_mask); 976 977 QTAILQ_FOREACH(vs, &vd->clients, next) { 978 vnc_cursor_define(vs); 979 } 980 } 981 982 static int find_and_clear_dirty_height(VncState *vs, 983 int y, int last_x, int x, int height) 984 { 985 int h; 986 987 for (h = 1; h < (height - y); h++) { 988 if (!test_bit(last_x, vs->dirty[y + h])) { 989 break; 990 } 991 bitmap_clear(vs->dirty[y + h], last_x, x - last_x); 992 } 993 994 return h; 995 } 996 997 /* 998 * Figure out how much pending data we should allow in the output 999 * buffer before we throttle incremental display updates, and/or 1000 * drop audio samples. 1001 * 1002 * We allow for equiv of 1 full display's worth of FB updates, 1003 * and 1 second of audio samples. If audio backlog was larger 1004 * than that the client would already suffering awful audio 1005 * glitches, so dropping samples is no worse really). 1006 */ 1007 static void vnc_update_throttle_offset(VncState *vs) 1008 { 1009 size_t offset = 1010 vs->client_width * vs->client_height * vs->client_pf.bytes_per_pixel; 1011 1012 if (vs->audio_cap) { 1013 int bps; 1014 switch (vs->as.fmt) { 1015 default: 1016 case AUD_FMT_U8: 1017 case AUD_FMT_S8: 1018 bps = 1; 1019 break; 1020 case AUD_FMT_U16: 1021 case AUD_FMT_S16: 1022 bps = 2; 1023 break; 1024 case AUD_FMT_U32: 1025 case AUD_FMT_S32: 1026 bps = 4; 1027 break; 1028 } 1029 offset += vs->as.freq * bps * vs->as.nchannels; 1030 } 1031 1032 /* Put a floor of 1MB on offset, so that if we have a large pending 1033 * buffer and the display is resized to a small size & back again 1034 * we don't suddenly apply a tiny send limit 1035 */ 1036 offset = MAX(offset, 1024 * 1024); 1037 1038 if (vs->throttle_output_offset != offset) { 1039 trace_vnc_client_throttle_threshold( 1040 vs, vs->ioc, vs->throttle_output_offset, offset, vs->client_width, 1041 vs->client_height, vs->client_pf.bytes_per_pixel, vs->audio_cap); 1042 } 1043 1044 vs->throttle_output_offset = offset; 1045 } 1046 1047 static bool vnc_should_update(VncState *vs) 1048 { 1049 switch (vs->update) { 1050 case VNC_STATE_UPDATE_NONE: 1051 break; 1052 case VNC_STATE_UPDATE_INCREMENTAL: 1053 /* Only allow incremental updates if the pending send queue 1054 * is less than the permitted threshold, and the job worker 1055 * is completely idle. 1056 */ 1057 if (vs->output.offset < vs->throttle_output_offset && 1058 vs->job_update == VNC_STATE_UPDATE_NONE) { 1059 return true; 1060 } 1061 trace_vnc_client_throttle_incremental( 1062 vs, vs->ioc, vs->job_update, vs->output.offset); 1063 break; 1064 case VNC_STATE_UPDATE_FORCE: 1065 /* Only allow forced updates if the pending send queue 1066 * does not contain a previous forced update, and the 1067 * job worker is completely idle. 1068 * 1069 * Note this means we'll queue a forced update, even if 1070 * the output buffer size is otherwise over the throttle 1071 * output limit. 1072 */ 1073 if (vs->force_update_offset == 0 && 1074 vs->job_update == VNC_STATE_UPDATE_NONE) { 1075 return true; 1076 } 1077 trace_vnc_client_throttle_forced( 1078 vs, vs->ioc, vs->job_update, vs->force_update_offset); 1079 break; 1080 } 1081 return false; 1082 } 1083 1084 static int vnc_update_client(VncState *vs, int has_dirty) 1085 { 1086 VncDisplay *vd = vs->vd; 1087 VncJob *job; 1088 int y; 1089 int height, width; 1090 int n = 0; 1091 1092 if (vs->disconnecting) { 1093 vnc_disconnect_finish(vs); 1094 return 0; 1095 } 1096 1097 vs->has_dirty += has_dirty; 1098 if (!vnc_should_update(vs)) { 1099 return 0; 1100 } 1101 1102 if (!vs->has_dirty && vs->update != VNC_STATE_UPDATE_FORCE) { 1103 return 0; 1104 } 1105 1106 /* 1107 * Send screen updates to the vnc client using the server 1108 * surface and server dirty map. guest surface updates 1109 * happening in parallel don't disturb us, the next pass will 1110 * send them to the client. 1111 */ 1112 job = vnc_job_new(vs); 1113 1114 height = pixman_image_get_height(vd->server); 1115 width = pixman_image_get_width(vd->server); 1116 1117 y = 0; 1118 for (;;) { 1119 int x, h; 1120 unsigned long x2; 1121 unsigned long offset = find_next_bit((unsigned long *) &vs->dirty, 1122 height * VNC_DIRTY_BPL(vs), 1123 y * VNC_DIRTY_BPL(vs)); 1124 if (offset == height * VNC_DIRTY_BPL(vs)) { 1125 /* no more dirty bits */ 1126 break; 1127 } 1128 y = offset / VNC_DIRTY_BPL(vs); 1129 x = offset % VNC_DIRTY_BPL(vs); 1130 x2 = find_next_zero_bit((unsigned long *) &vs->dirty[y], 1131 VNC_DIRTY_BPL(vs), x); 1132 bitmap_clear(vs->dirty[y], x, x2 - x); 1133 h = find_and_clear_dirty_height(vs, y, x, x2, height); 1134 x2 = MIN(x2, width / VNC_DIRTY_PIXELS_PER_BIT); 1135 if (x2 > x) { 1136 n += vnc_job_add_rect(job, x * VNC_DIRTY_PIXELS_PER_BIT, y, 1137 (x2 - x) * VNC_DIRTY_PIXELS_PER_BIT, h); 1138 } 1139 if (!x && x2 == width / VNC_DIRTY_PIXELS_PER_BIT) { 1140 y += h; 1141 if (y == height) { 1142 break; 1143 } 1144 } 1145 } 1146 1147 vs->job_update = vs->update; 1148 vs->update = VNC_STATE_UPDATE_NONE; 1149 vnc_job_push(job); 1150 vs->has_dirty = 0; 1151 return n; 1152 } 1153 1154 /* audio */ 1155 static void audio_capture_notify(void *opaque, audcnotification_e cmd) 1156 { 1157 VncState *vs = opaque; 1158 1159 assert(vs->magic == VNC_MAGIC); 1160 switch (cmd) { 1161 case AUD_CNOTIFY_DISABLE: 1162 vnc_lock_output(vs); 1163 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1164 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1165 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_END); 1166 vnc_unlock_output(vs); 1167 vnc_flush(vs); 1168 break; 1169 1170 case AUD_CNOTIFY_ENABLE: 1171 vnc_lock_output(vs); 1172 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1173 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1174 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_BEGIN); 1175 vnc_unlock_output(vs); 1176 vnc_flush(vs); 1177 break; 1178 } 1179 } 1180 1181 static void audio_capture_destroy(void *opaque) 1182 { 1183 } 1184 1185 static void audio_capture(void *opaque, void *buf, int size) 1186 { 1187 VncState *vs = opaque; 1188 1189 assert(vs->magic == VNC_MAGIC); 1190 vnc_lock_output(vs); 1191 if (vs->output.offset < vs->throttle_output_offset) { 1192 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1193 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1194 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA); 1195 vnc_write_u32(vs, size); 1196 vnc_write(vs, buf, size); 1197 } else { 1198 trace_vnc_client_throttle_audio(vs, vs->ioc, vs->output.offset); 1199 } 1200 vnc_unlock_output(vs); 1201 vnc_flush(vs); 1202 } 1203 1204 static void audio_add(VncState *vs) 1205 { 1206 struct audio_capture_ops ops; 1207 1208 if (vs->audio_cap) { 1209 error_report("audio already running"); 1210 return; 1211 } 1212 1213 ops.notify = audio_capture_notify; 1214 ops.destroy = audio_capture_destroy; 1215 ops.capture = audio_capture; 1216 1217 vs->audio_cap = AUD_add_capture(&vs->as, &ops, vs); 1218 if (!vs->audio_cap) { 1219 error_report("Failed to add audio capture"); 1220 } 1221 } 1222 1223 static void audio_del(VncState *vs) 1224 { 1225 if (vs->audio_cap) { 1226 AUD_del_capture(vs->audio_cap, vs); 1227 vs->audio_cap = NULL; 1228 } 1229 } 1230 1231 static void vnc_disconnect_start(VncState *vs) 1232 { 1233 if (vs->disconnecting) { 1234 return; 1235 } 1236 trace_vnc_client_disconnect_start(vs, vs->ioc); 1237 vnc_set_share_mode(vs, VNC_SHARE_MODE_DISCONNECTED); 1238 if (vs->ioc_tag) { 1239 g_source_remove(vs->ioc_tag); 1240 vs->ioc_tag = 0; 1241 } 1242 qio_channel_close(vs->ioc, NULL); 1243 vs->disconnecting = TRUE; 1244 } 1245 1246 void vnc_disconnect_finish(VncState *vs) 1247 { 1248 int i; 1249 1250 trace_vnc_client_disconnect_finish(vs, vs->ioc); 1251 1252 vnc_jobs_join(vs); /* Wait encoding jobs */ 1253 1254 vnc_lock_output(vs); 1255 vnc_qmp_event(vs, QAPI_EVENT_VNC_DISCONNECTED); 1256 1257 buffer_free(&vs->input); 1258 buffer_free(&vs->output); 1259 1260 qapi_free_VncClientInfo(vs->info); 1261 1262 vnc_zlib_clear(vs); 1263 vnc_tight_clear(vs); 1264 vnc_zrle_clear(vs); 1265 1266 #ifdef CONFIG_VNC_SASL 1267 vnc_sasl_client_cleanup(vs); 1268 #endif /* CONFIG_VNC_SASL */ 1269 audio_del(vs); 1270 qkbd_state_lift_all_keys(vs->vd->kbd); 1271 1272 if (vs->mouse_mode_notifier.notify != NULL) { 1273 qemu_remove_mouse_mode_change_notifier(&vs->mouse_mode_notifier); 1274 } 1275 QTAILQ_REMOVE(&vs->vd->clients, vs, next); 1276 if (QTAILQ_EMPTY(&vs->vd->clients)) { 1277 /* last client gone */ 1278 vnc_update_server_surface(vs->vd); 1279 } 1280 1281 vnc_unlock_output(vs); 1282 1283 qemu_mutex_destroy(&vs->output_mutex); 1284 if (vs->bh != NULL) { 1285 qemu_bh_delete(vs->bh); 1286 } 1287 buffer_free(&vs->jobs_buffer); 1288 1289 for (i = 0; i < VNC_STAT_ROWS; ++i) { 1290 g_free(vs->lossy_rect[i]); 1291 } 1292 g_free(vs->lossy_rect); 1293 1294 object_unref(OBJECT(vs->ioc)); 1295 vs->ioc = NULL; 1296 object_unref(OBJECT(vs->sioc)); 1297 vs->sioc = NULL; 1298 vs->magic = 0; 1299 g_free(vs); 1300 } 1301 1302 size_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp) 1303 { 1304 if (ret <= 0) { 1305 if (ret == 0) { 1306 trace_vnc_client_eof(vs, vs->ioc); 1307 vnc_disconnect_start(vs); 1308 } else if (ret != QIO_CHANNEL_ERR_BLOCK) { 1309 trace_vnc_client_io_error(vs, vs->ioc, 1310 errp ? error_get_pretty(*errp) : 1311 "Unknown"); 1312 vnc_disconnect_start(vs); 1313 } 1314 1315 if (errp) { 1316 error_free(*errp); 1317 *errp = NULL; 1318 } 1319 return 0; 1320 } 1321 return ret; 1322 } 1323 1324 1325 void vnc_client_error(VncState *vs) 1326 { 1327 VNC_DEBUG("Closing down client sock: protocol error\n"); 1328 vnc_disconnect_start(vs); 1329 } 1330 1331 1332 /* 1333 * Called to write a chunk of data to the client socket. The data may 1334 * be the raw data, or may have already been encoded by SASL. 1335 * The data will be written either straight onto the socket, or 1336 * written via the GNUTLS wrappers, if TLS/SSL encryption is enabled 1337 * 1338 * NB, it is theoretically possible to have 2 layers of encryption, 1339 * both SASL, and this TLS layer. It is highly unlikely in practice 1340 * though, since SASL encryption will typically be a no-op if TLS 1341 * is active 1342 * 1343 * Returns the number of bytes written, which may be less than 1344 * the requested 'datalen' if the socket would block. Returns 1345 * 0 on I/O error, and disconnects the client socket. 1346 */ 1347 size_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen) 1348 { 1349 Error *err = NULL; 1350 ssize_t ret; 1351 ret = qio_channel_write( 1352 vs->ioc, (const char *)data, datalen, &err); 1353 VNC_DEBUG("Wrote wire %p %zd -> %ld\n", data, datalen, ret); 1354 return vnc_client_io_error(vs, ret, &err); 1355 } 1356 1357 1358 /* 1359 * Called to write buffered data to the client socket, when not 1360 * using any SASL SSF encryption layers. Will write as much data 1361 * as possible without blocking. If all buffered data is written, 1362 * will switch the FD poll() handler back to read monitoring. 1363 * 1364 * Returns the number of bytes written, which may be less than 1365 * the buffered output data if the socket would block. Returns 1366 * 0 on I/O error, and disconnects the client socket. 1367 */ 1368 static size_t vnc_client_write_plain(VncState *vs) 1369 { 1370 size_t offset; 1371 size_t ret; 1372 1373 #ifdef CONFIG_VNC_SASL 1374 VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SSF %d\n", 1375 vs->output.buffer, vs->output.capacity, vs->output.offset, 1376 vs->sasl.waitWriteSSF); 1377 1378 if (vs->sasl.conn && 1379 vs->sasl.runSSF && 1380 vs->sasl.waitWriteSSF) { 1381 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->sasl.waitWriteSSF); 1382 if (ret) 1383 vs->sasl.waitWriteSSF -= ret; 1384 } else 1385 #endif /* CONFIG_VNC_SASL */ 1386 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->output.offset); 1387 if (!ret) 1388 return 0; 1389 1390 if (ret >= vs->force_update_offset) { 1391 if (vs->force_update_offset != 0) { 1392 trace_vnc_client_unthrottle_forced(vs, vs->ioc); 1393 } 1394 vs->force_update_offset = 0; 1395 } else { 1396 vs->force_update_offset -= ret; 1397 } 1398 offset = vs->output.offset; 1399 buffer_advance(&vs->output, ret); 1400 if (offset >= vs->throttle_output_offset && 1401 vs->output.offset < vs->throttle_output_offset) { 1402 trace_vnc_client_unthrottle_incremental(vs, vs->ioc, vs->output.offset); 1403 } 1404 1405 if (vs->output.offset == 0) { 1406 if (vs->ioc_tag) { 1407 g_source_remove(vs->ioc_tag); 1408 } 1409 vs->ioc_tag = qio_channel_add_watch( 1410 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 1411 } 1412 1413 return ret; 1414 } 1415 1416 1417 /* 1418 * First function called whenever there is data to be written to 1419 * the client socket. Will delegate actual work according to whether 1420 * SASL SSF layers are enabled (thus requiring encryption calls) 1421 */ 1422 static void vnc_client_write_locked(VncState *vs) 1423 { 1424 #ifdef CONFIG_VNC_SASL 1425 if (vs->sasl.conn && 1426 vs->sasl.runSSF && 1427 !vs->sasl.waitWriteSSF) { 1428 vnc_client_write_sasl(vs); 1429 } else 1430 #endif /* CONFIG_VNC_SASL */ 1431 { 1432 vnc_client_write_plain(vs); 1433 } 1434 } 1435 1436 static void vnc_client_write(VncState *vs) 1437 { 1438 assert(vs->magic == VNC_MAGIC); 1439 vnc_lock_output(vs); 1440 if (vs->output.offset) { 1441 vnc_client_write_locked(vs); 1442 } else if (vs->ioc != NULL) { 1443 if (vs->ioc_tag) { 1444 g_source_remove(vs->ioc_tag); 1445 } 1446 vs->ioc_tag = qio_channel_add_watch( 1447 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 1448 } 1449 vnc_unlock_output(vs); 1450 } 1451 1452 void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting) 1453 { 1454 vs->read_handler = func; 1455 vs->read_handler_expect = expecting; 1456 } 1457 1458 1459 /* 1460 * Called to read a chunk of data from the client socket. The data may 1461 * be the raw data, or may need to be further decoded by SASL. 1462 * The data will be read either straight from to the socket, or 1463 * read via the GNUTLS wrappers, if TLS/SSL encryption is enabled 1464 * 1465 * NB, it is theoretically possible to have 2 layers of encryption, 1466 * both SASL, and this TLS layer. It is highly unlikely in practice 1467 * though, since SASL encryption will typically be a no-op if TLS 1468 * is active 1469 * 1470 * Returns the number of bytes read, which may be less than 1471 * the requested 'datalen' if the socket would block. Returns 1472 * 0 on I/O error or EOF, and disconnects the client socket. 1473 */ 1474 size_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen) 1475 { 1476 ssize_t ret; 1477 Error *err = NULL; 1478 ret = qio_channel_read( 1479 vs->ioc, (char *)data, datalen, &err); 1480 VNC_DEBUG("Read wire %p %zd -> %ld\n", data, datalen, ret); 1481 return vnc_client_io_error(vs, ret, &err); 1482 } 1483 1484 1485 /* 1486 * Called to read data from the client socket to the input buffer, 1487 * when not using any SASL SSF encryption layers. Will read as much 1488 * data as possible without blocking. 1489 * 1490 * Returns the number of bytes read, which may be less than 1491 * the requested 'datalen' if the socket would block. Returns 1492 * 0 on I/O error or EOF, and disconnects the client socket. 1493 */ 1494 static size_t vnc_client_read_plain(VncState *vs) 1495 { 1496 size_t ret; 1497 VNC_DEBUG("Read plain %p size %zd offset %zd\n", 1498 vs->input.buffer, vs->input.capacity, vs->input.offset); 1499 buffer_reserve(&vs->input, 4096); 1500 ret = vnc_client_read_buf(vs, buffer_end(&vs->input), 4096); 1501 if (!ret) 1502 return 0; 1503 vs->input.offset += ret; 1504 return ret; 1505 } 1506 1507 static void vnc_jobs_bh(void *opaque) 1508 { 1509 VncState *vs = opaque; 1510 1511 assert(vs->magic == VNC_MAGIC); 1512 vnc_jobs_consume_buffer(vs); 1513 } 1514 1515 /* 1516 * First function called whenever there is more data to be read from 1517 * the client socket. Will delegate actual work according to whether 1518 * SASL SSF layers are enabled (thus requiring decryption calls) 1519 * Returns 0 on success, -1 if client disconnected 1520 */ 1521 static int vnc_client_read(VncState *vs) 1522 { 1523 size_t ret; 1524 1525 #ifdef CONFIG_VNC_SASL 1526 if (vs->sasl.conn && vs->sasl.runSSF) 1527 ret = vnc_client_read_sasl(vs); 1528 else 1529 #endif /* CONFIG_VNC_SASL */ 1530 ret = vnc_client_read_plain(vs); 1531 if (!ret) { 1532 if (vs->disconnecting) { 1533 vnc_disconnect_finish(vs); 1534 return -1; 1535 } 1536 return 0; 1537 } 1538 1539 while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) { 1540 size_t len = vs->read_handler_expect; 1541 int ret; 1542 1543 ret = vs->read_handler(vs, vs->input.buffer, len); 1544 if (vs->disconnecting) { 1545 vnc_disconnect_finish(vs); 1546 return -1; 1547 } 1548 1549 if (!ret) { 1550 buffer_advance(&vs->input, len); 1551 } else { 1552 vs->read_handler_expect = ret; 1553 } 1554 } 1555 return 0; 1556 } 1557 1558 gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED, 1559 GIOCondition condition, void *opaque) 1560 { 1561 VncState *vs = opaque; 1562 1563 assert(vs->magic == VNC_MAGIC); 1564 if (condition & G_IO_IN) { 1565 if (vnc_client_read(vs) < 0) { 1566 /* vs is free()ed here */ 1567 return TRUE; 1568 } 1569 } 1570 if (condition & G_IO_OUT) { 1571 vnc_client_write(vs); 1572 } 1573 1574 if (vs->disconnecting) { 1575 if (vs->ioc_tag != 0) { 1576 g_source_remove(vs->ioc_tag); 1577 } 1578 vs->ioc_tag = 0; 1579 } 1580 return TRUE; 1581 } 1582 1583 1584 /* 1585 * Scale factor to apply to vs->throttle_output_offset when checking for 1586 * hard limit. Worst case normal usage could be x2, if we have a complete 1587 * incremental update and complete forced update in the output buffer. 1588 * So x3 should be good enough, but we pick x5 to be conservative and thus 1589 * (hopefully) never trigger incorrectly. 1590 */ 1591 #define VNC_THROTTLE_OUTPUT_LIMIT_SCALE 5 1592 1593 void vnc_write(VncState *vs, const void *data, size_t len) 1594 { 1595 assert(vs->magic == VNC_MAGIC); 1596 if (vs->disconnecting) { 1597 return; 1598 } 1599 /* Protection against malicious client/guest to prevent our output 1600 * buffer growing without bound if client stops reading data. This 1601 * should rarely trigger, because we have earlier throttling code 1602 * which stops issuing framebuffer updates and drops audio data 1603 * if the throttle_output_offset value is exceeded. So we only reach 1604 * this higher level if a huge number of pseudo-encodings get 1605 * triggered while data can't be sent on the socket. 1606 * 1607 * NB throttle_output_offset can be zero during early protocol 1608 * handshake, or from the job thread's VncState clone 1609 */ 1610 if (vs->throttle_output_offset != 0 && 1611 (vs->output.offset / VNC_THROTTLE_OUTPUT_LIMIT_SCALE) > 1612 vs->throttle_output_offset) { 1613 trace_vnc_client_output_limit(vs, vs->ioc, vs->output.offset, 1614 vs->throttle_output_offset); 1615 vnc_disconnect_start(vs); 1616 return; 1617 } 1618 buffer_reserve(&vs->output, len); 1619 1620 if (vs->ioc != NULL && buffer_empty(&vs->output)) { 1621 if (vs->ioc_tag) { 1622 g_source_remove(vs->ioc_tag); 1623 } 1624 vs->ioc_tag = qio_channel_add_watch( 1625 vs->ioc, G_IO_IN | G_IO_OUT, vnc_client_io, vs, NULL); 1626 } 1627 1628 buffer_append(&vs->output, data, len); 1629 } 1630 1631 void vnc_write_s32(VncState *vs, int32_t value) 1632 { 1633 vnc_write_u32(vs, *(uint32_t *)&value); 1634 } 1635 1636 void vnc_write_u32(VncState *vs, uint32_t value) 1637 { 1638 uint8_t buf[4]; 1639 1640 buf[0] = (value >> 24) & 0xFF; 1641 buf[1] = (value >> 16) & 0xFF; 1642 buf[2] = (value >> 8) & 0xFF; 1643 buf[3] = value & 0xFF; 1644 1645 vnc_write(vs, buf, 4); 1646 } 1647 1648 void vnc_write_u16(VncState *vs, uint16_t value) 1649 { 1650 uint8_t buf[2]; 1651 1652 buf[0] = (value >> 8) & 0xFF; 1653 buf[1] = value & 0xFF; 1654 1655 vnc_write(vs, buf, 2); 1656 } 1657 1658 void vnc_write_u8(VncState *vs, uint8_t value) 1659 { 1660 vnc_write(vs, (char *)&value, 1); 1661 } 1662 1663 void vnc_flush(VncState *vs) 1664 { 1665 vnc_lock_output(vs); 1666 if (vs->ioc != NULL && vs->output.offset) { 1667 vnc_client_write_locked(vs); 1668 } 1669 if (vs->disconnecting) { 1670 if (vs->ioc_tag != 0) { 1671 g_source_remove(vs->ioc_tag); 1672 } 1673 vs->ioc_tag = 0; 1674 } 1675 vnc_unlock_output(vs); 1676 } 1677 1678 static uint8_t read_u8(uint8_t *data, size_t offset) 1679 { 1680 return data[offset]; 1681 } 1682 1683 static uint16_t read_u16(uint8_t *data, size_t offset) 1684 { 1685 return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF); 1686 } 1687 1688 static int32_t read_s32(uint8_t *data, size_t offset) 1689 { 1690 return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) | 1691 (data[offset + 2] << 8) | data[offset + 3]); 1692 } 1693 1694 uint32_t read_u32(uint8_t *data, size_t offset) 1695 { 1696 return ((data[offset] << 24) | (data[offset + 1] << 16) | 1697 (data[offset + 2] << 8) | data[offset + 3]); 1698 } 1699 1700 static void client_cut_text(VncState *vs, size_t len, uint8_t *text) 1701 { 1702 } 1703 1704 static void check_pointer_type_change(Notifier *notifier, void *data) 1705 { 1706 VncState *vs = container_of(notifier, VncState, mouse_mode_notifier); 1707 int absolute = qemu_input_is_absolute(); 1708 1709 if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE) && vs->absolute != absolute) { 1710 vnc_lock_output(vs); 1711 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 1712 vnc_write_u8(vs, 0); 1713 vnc_write_u16(vs, 1); 1714 vnc_framebuffer_update(vs, absolute, 0, 1715 pixman_image_get_width(vs->vd->server), 1716 pixman_image_get_height(vs->vd->server), 1717 VNC_ENCODING_POINTER_TYPE_CHANGE); 1718 vnc_unlock_output(vs); 1719 vnc_flush(vs); 1720 } 1721 vs->absolute = absolute; 1722 } 1723 1724 static void pointer_event(VncState *vs, int button_mask, int x, int y) 1725 { 1726 static uint32_t bmap[INPUT_BUTTON__MAX] = { 1727 [INPUT_BUTTON_LEFT] = 0x01, 1728 [INPUT_BUTTON_MIDDLE] = 0x02, 1729 [INPUT_BUTTON_RIGHT] = 0x04, 1730 [INPUT_BUTTON_WHEEL_UP] = 0x08, 1731 [INPUT_BUTTON_WHEEL_DOWN] = 0x10, 1732 }; 1733 QemuConsole *con = vs->vd->dcl.con; 1734 int width = pixman_image_get_width(vs->vd->server); 1735 int height = pixman_image_get_height(vs->vd->server); 1736 1737 if (vs->last_bmask != button_mask) { 1738 qemu_input_update_buttons(con, bmap, vs->last_bmask, button_mask); 1739 vs->last_bmask = button_mask; 1740 } 1741 1742 if (vs->absolute) { 1743 qemu_input_queue_abs(con, INPUT_AXIS_X, x, 0, width); 1744 qemu_input_queue_abs(con, INPUT_AXIS_Y, y, 0, height); 1745 } else if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE)) { 1746 qemu_input_queue_rel(con, INPUT_AXIS_X, x - 0x7FFF); 1747 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - 0x7FFF); 1748 } else { 1749 if (vs->last_x != -1) { 1750 qemu_input_queue_rel(con, INPUT_AXIS_X, x - vs->last_x); 1751 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - vs->last_y); 1752 } 1753 vs->last_x = x; 1754 vs->last_y = y; 1755 } 1756 qemu_input_event_sync(); 1757 } 1758 1759 static void press_key(VncState *vs, QKeyCode qcode) 1760 { 1761 qkbd_state_key_event(vs->vd->kbd, qcode, true); 1762 qkbd_state_key_event(vs->vd->kbd, qcode, false); 1763 } 1764 1765 static void vnc_led_state_change(VncState *vs) 1766 { 1767 if (!vnc_has_feature(vs, VNC_FEATURE_LED_STATE)) { 1768 return; 1769 } 1770 1771 vnc_lock_output(vs); 1772 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 1773 vnc_write_u8(vs, 0); 1774 vnc_write_u16(vs, 1); 1775 vnc_framebuffer_update(vs, 0, 0, 1, 1, VNC_ENCODING_LED_STATE); 1776 vnc_write_u8(vs, vs->vd->ledstate); 1777 vnc_unlock_output(vs); 1778 vnc_flush(vs); 1779 } 1780 1781 static void kbd_leds(void *opaque, int ledstate) 1782 { 1783 VncDisplay *vd = opaque; 1784 VncState *client; 1785 1786 trace_vnc_key_guest_leds((ledstate & QEMU_CAPS_LOCK_LED), 1787 (ledstate & QEMU_NUM_LOCK_LED), 1788 (ledstate & QEMU_SCROLL_LOCK_LED)); 1789 1790 if (ledstate == vd->ledstate) { 1791 return; 1792 } 1793 1794 vd->ledstate = ledstate; 1795 1796 QTAILQ_FOREACH(client, &vd->clients, next) { 1797 vnc_led_state_change(client); 1798 } 1799 } 1800 1801 static void do_key_event(VncState *vs, int down, int keycode, int sym) 1802 { 1803 QKeyCode qcode = qemu_input_key_number_to_qcode(keycode); 1804 1805 /* QEMU console switch */ 1806 switch (qcode) { 1807 case Q_KEY_CODE_1 ... Q_KEY_CODE_9: /* '1' to '9' keys */ 1808 if (vs->vd->dcl.con == NULL && down && 1809 qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CTRL) && 1810 qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_ALT)) { 1811 /* Reset the modifiers sent to the current console */ 1812 qkbd_state_lift_all_keys(vs->vd->kbd); 1813 console_select(qcode - Q_KEY_CODE_1); 1814 return; 1815 } 1816 default: 1817 break; 1818 } 1819 1820 /* Turn off the lock state sync logic if the client support the led 1821 state extension. 1822 */ 1823 if (down && vs->vd->lock_key_sync && 1824 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) && 1825 keycode_is_keypad(vs->vd->kbd_layout, keycode)) { 1826 /* If the numlock state needs to change then simulate an additional 1827 keypress before sending this one. This will happen if the user 1828 toggles numlock away from the VNC window. 1829 */ 1830 if (keysym_is_numlock(vs->vd->kbd_layout, sym & 0xFFFF)) { 1831 if (!qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK)) { 1832 trace_vnc_key_sync_numlock(true); 1833 press_key(vs, Q_KEY_CODE_NUM_LOCK); 1834 } 1835 } else { 1836 if (qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK)) { 1837 trace_vnc_key_sync_numlock(false); 1838 press_key(vs, Q_KEY_CODE_NUM_LOCK); 1839 } 1840 } 1841 } 1842 1843 if (down && vs->vd->lock_key_sync && 1844 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) && 1845 ((sym >= 'A' && sym <= 'Z') || (sym >= 'a' && sym <= 'z'))) { 1846 /* If the capslock state needs to change then simulate an additional 1847 keypress before sending this one. This will happen if the user 1848 toggles capslock away from the VNC window. 1849 */ 1850 int uppercase = !!(sym >= 'A' && sym <= 'Z'); 1851 bool shift = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_SHIFT); 1852 bool capslock = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CAPSLOCK); 1853 if (capslock) { 1854 if (uppercase == shift) { 1855 trace_vnc_key_sync_capslock(false); 1856 press_key(vs, Q_KEY_CODE_CAPS_LOCK); 1857 } 1858 } else { 1859 if (uppercase != shift) { 1860 trace_vnc_key_sync_capslock(true); 1861 press_key(vs, Q_KEY_CODE_CAPS_LOCK); 1862 } 1863 } 1864 } 1865 1866 qkbd_state_key_event(vs->vd->kbd, qcode, down); 1867 if (!qemu_console_is_graphic(NULL)) { 1868 bool numlock = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK); 1869 bool control = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CTRL); 1870 /* QEMU console emulation */ 1871 if (down) { 1872 switch (keycode) { 1873 case 0x2a: /* Left Shift */ 1874 case 0x36: /* Right Shift */ 1875 case 0x1d: /* Left CTRL */ 1876 case 0x9d: /* Right CTRL */ 1877 case 0x38: /* Left ALT */ 1878 case 0xb8: /* Right ALT */ 1879 break; 1880 case 0xc8: 1881 kbd_put_keysym(QEMU_KEY_UP); 1882 break; 1883 case 0xd0: 1884 kbd_put_keysym(QEMU_KEY_DOWN); 1885 break; 1886 case 0xcb: 1887 kbd_put_keysym(QEMU_KEY_LEFT); 1888 break; 1889 case 0xcd: 1890 kbd_put_keysym(QEMU_KEY_RIGHT); 1891 break; 1892 case 0xd3: 1893 kbd_put_keysym(QEMU_KEY_DELETE); 1894 break; 1895 case 0xc7: 1896 kbd_put_keysym(QEMU_KEY_HOME); 1897 break; 1898 case 0xcf: 1899 kbd_put_keysym(QEMU_KEY_END); 1900 break; 1901 case 0xc9: 1902 kbd_put_keysym(QEMU_KEY_PAGEUP); 1903 break; 1904 case 0xd1: 1905 kbd_put_keysym(QEMU_KEY_PAGEDOWN); 1906 break; 1907 1908 case 0x47: 1909 kbd_put_keysym(numlock ? '7' : QEMU_KEY_HOME); 1910 break; 1911 case 0x48: 1912 kbd_put_keysym(numlock ? '8' : QEMU_KEY_UP); 1913 break; 1914 case 0x49: 1915 kbd_put_keysym(numlock ? '9' : QEMU_KEY_PAGEUP); 1916 break; 1917 case 0x4b: 1918 kbd_put_keysym(numlock ? '4' : QEMU_KEY_LEFT); 1919 break; 1920 case 0x4c: 1921 kbd_put_keysym('5'); 1922 break; 1923 case 0x4d: 1924 kbd_put_keysym(numlock ? '6' : QEMU_KEY_RIGHT); 1925 break; 1926 case 0x4f: 1927 kbd_put_keysym(numlock ? '1' : QEMU_KEY_END); 1928 break; 1929 case 0x50: 1930 kbd_put_keysym(numlock ? '2' : QEMU_KEY_DOWN); 1931 break; 1932 case 0x51: 1933 kbd_put_keysym(numlock ? '3' : QEMU_KEY_PAGEDOWN); 1934 break; 1935 case 0x52: 1936 kbd_put_keysym('0'); 1937 break; 1938 case 0x53: 1939 kbd_put_keysym(numlock ? '.' : QEMU_KEY_DELETE); 1940 break; 1941 1942 case 0xb5: 1943 kbd_put_keysym('/'); 1944 break; 1945 case 0x37: 1946 kbd_put_keysym('*'); 1947 break; 1948 case 0x4a: 1949 kbd_put_keysym('-'); 1950 break; 1951 case 0x4e: 1952 kbd_put_keysym('+'); 1953 break; 1954 case 0x9c: 1955 kbd_put_keysym('\n'); 1956 break; 1957 1958 default: 1959 if (control) { 1960 kbd_put_keysym(sym & 0x1f); 1961 } else { 1962 kbd_put_keysym(sym); 1963 } 1964 break; 1965 } 1966 } 1967 } 1968 } 1969 1970 static const char *code2name(int keycode) 1971 { 1972 return QKeyCode_str(qemu_input_key_number_to_qcode(keycode)); 1973 } 1974 1975 static void key_event(VncState *vs, int down, uint32_t sym) 1976 { 1977 int keycode; 1978 int lsym = sym; 1979 1980 if (lsym >= 'A' && lsym <= 'Z' && qemu_console_is_graphic(NULL)) { 1981 lsym = lsym - 'A' + 'a'; 1982 } 1983 1984 keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF, 1985 vs->vd->kbd, down) & SCANCODE_KEYMASK; 1986 trace_vnc_key_event_map(down, sym, keycode, code2name(keycode)); 1987 do_key_event(vs, down, keycode, sym); 1988 } 1989 1990 static void ext_key_event(VncState *vs, int down, 1991 uint32_t sym, uint16_t keycode) 1992 { 1993 /* if the user specifies a keyboard layout, always use it */ 1994 if (keyboard_layout) { 1995 key_event(vs, down, sym); 1996 } else { 1997 trace_vnc_key_event_ext(down, sym, keycode, code2name(keycode)); 1998 do_key_event(vs, down, keycode, sym); 1999 } 2000 } 2001 2002 static void framebuffer_update_request(VncState *vs, int incremental, 2003 int x, int y, int w, int h) 2004 { 2005 if (incremental) { 2006 if (vs->update != VNC_STATE_UPDATE_FORCE) { 2007 vs->update = VNC_STATE_UPDATE_INCREMENTAL; 2008 } 2009 } else { 2010 vs->update = VNC_STATE_UPDATE_FORCE; 2011 vnc_set_area_dirty(vs->dirty, vs->vd, x, y, w, h); 2012 } 2013 } 2014 2015 static void send_ext_key_event_ack(VncState *vs) 2016 { 2017 vnc_lock_output(vs); 2018 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2019 vnc_write_u8(vs, 0); 2020 vnc_write_u16(vs, 1); 2021 vnc_framebuffer_update(vs, 0, 0, 2022 pixman_image_get_width(vs->vd->server), 2023 pixman_image_get_height(vs->vd->server), 2024 VNC_ENCODING_EXT_KEY_EVENT); 2025 vnc_unlock_output(vs); 2026 vnc_flush(vs); 2027 } 2028 2029 static void send_ext_audio_ack(VncState *vs) 2030 { 2031 vnc_lock_output(vs); 2032 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2033 vnc_write_u8(vs, 0); 2034 vnc_write_u16(vs, 1); 2035 vnc_framebuffer_update(vs, 0, 0, 2036 pixman_image_get_width(vs->vd->server), 2037 pixman_image_get_height(vs->vd->server), 2038 VNC_ENCODING_AUDIO); 2039 vnc_unlock_output(vs); 2040 vnc_flush(vs); 2041 } 2042 2043 static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings) 2044 { 2045 int i; 2046 unsigned int enc = 0; 2047 2048 vs->features = 0; 2049 vs->vnc_encoding = 0; 2050 vs->tight.compression = 9; 2051 vs->tight.quality = -1; /* Lossless by default */ 2052 vs->absolute = -1; 2053 2054 /* 2055 * Start from the end because the encodings are sent in order of preference. 2056 * This way the preferred encoding (first encoding defined in the array) 2057 * will be set at the end of the loop. 2058 */ 2059 for (i = n_encodings - 1; i >= 0; i--) { 2060 enc = encodings[i]; 2061 switch (enc) { 2062 case VNC_ENCODING_RAW: 2063 vs->vnc_encoding = enc; 2064 break; 2065 case VNC_ENCODING_COPYRECT: 2066 vs->features |= VNC_FEATURE_COPYRECT_MASK; 2067 break; 2068 case VNC_ENCODING_HEXTILE: 2069 vs->features |= VNC_FEATURE_HEXTILE_MASK; 2070 vs->vnc_encoding = enc; 2071 break; 2072 case VNC_ENCODING_TIGHT: 2073 vs->features |= VNC_FEATURE_TIGHT_MASK; 2074 vs->vnc_encoding = enc; 2075 break; 2076 #ifdef CONFIG_VNC_PNG 2077 case VNC_ENCODING_TIGHT_PNG: 2078 vs->features |= VNC_FEATURE_TIGHT_PNG_MASK; 2079 vs->vnc_encoding = enc; 2080 break; 2081 #endif 2082 case VNC_ENCODING_ZLIB: 2083 vs->features |= VNC_FEATURE_ZLIB_MASK; 2084 vs->vnc_encoding = enc; 2085 break; 2086 case VNC_ENCODING_ZRLE: 2087 vs->features |= VNC_FEATURE_ZRLE_MASK; 2088 vs->vnc_encoding = enc; 2089 break; 2090 case VNC_ENCODING_ZYWRLE: 2091 vs->features |= VNC_FEATURE_ZYWRLE_MASK; 2092 vs->vnc_encoding = enc; 2093 break; 2094 case VNC_ENCODING_DESKTOPRESIZE: 2095 vs->features |= VNC_FEATURE_RESIZE_MASK; 2096 break; 2097 case VNC_ENCODING_POINTER_TYPE_CHANGE: 2098 vs->features |= VNC_FEATURE_POINTER_TYPE_CHANGE_MASK; 2099 break; 2100 case VNC_ENCODING_RICH_CURSOR: 2101 vs->features |= VNC_FEATURE_RICH_CURSOR_MASK; 2102 if (vs->vd->cursor) { 2103 vnc_cursor_define(vs); 2104 } 2105 break; 2106 case VNC_ENCODING_EXT_KEY_EVENT: 2107 send_ext_key_event_ack(vs); 2108 break; 2109 case VNC_ENCODING_AUDIO: 2110 send_ext_audio_ack(vs); 2111 break; 2112 case VNC_ENCODING_WMVi: 2113 vs->features |= VNC_FEATURE_WMVI_MASK; 2114 break; 2115 case VNC_ENCODING_LED_STATE: 2116 vs->features |= VNC_FEATURE_LED_STATE_MASK; 2117 break; 2118 case VNC_ENCODING_COMPRESSLEVEL0 ... VNC_ENCODING_COMPRESSLEVEL0 + 9: 2119 vs->tight.compression = (enc & 0x0F); 2120 break; 2121 case VNC_ENCODING_QUALITYLEVEL0 ... VNC_ENCODING_QUALITYLEVEL0 + 9: 2122 if (vs->vd->lossy) { 2123 vs->tight.quality = (enc & 0x0F); 2124 } 2125 break; 2126 default: 2127 VNC_DEBUG("Unknown encoding: %d (0x%.8x): %d\n", i, enc, enc); 2128 break; 2129 } 2130 } 2131 vnc_desktop_resize(vs); 2132 check_pointer_type_change(&vs->mouse_mode_notifier, NULL); 2133 vnc_led_state_change(vs); 2134 } 2135 2136 static void set_pixel_conversion(VncState *vs) 2137 { 2138 pixman_format_code_t fmt = qemu_pixman_get_format(&vs->client_pf); 2139 2140 if (fmt == VNC_SERVER_FB_FORMAT) { 2141 vs->write_pixels = vnc_write_pixels_copy; 2142 vnc_hextile_set_pixel_conversion(vs, 0); 2143 } else { 2144 vs->write_pixels = vnc_write_pixels_generic; 2145 vnc_hextile_set_pixel_conversion(vs, 1); 2146 } 2147 } 2148 2149 static void send_color_map(VncState *vs) 2150 { 2151 int i; 2152 2153 vnc_write_u8(vs, VNC_MSG_SERVER_SET_COLOUR_MAP_ENTRIES); 2154 vnc_write_u8(vs, 0); /* padding */ 2155 vnc_write_u16(vs, 0); /* first color */ 2156 vnc_write_u16(vs, 256); /* # of colors */ 2157 2158 for (i = 0; i < 256; i++) { 2159 PixelFormat *pf = &vs->client_pf; 2160 2161 vnc_write_u16(vs, (((i >> pf->rshift) & pf->rmax) << (16 - pf->rbits))); 2162 vnc_write_u16(vs, (((i >> pf->gshift) & pf->gmax) << (16 - pf->gbits))); 2163 vnc_write_u16(vs, (((i >> pf->bshift) & pf->bmax) << (16 - pf->bbits))); 2164 } 2165 } 2166 2167 static void set_pixel_format(VncState *vs, int bits_per_pixel, 2168 int big_endian_flag, int true_color_flag, 2169 int red_max, int green_max, int blue_max, 2170 int red_shift, int green_shift, int blue_shift) 2171 { 2172 if (!true_color_flag) { 2173 /* Expose a reasonable default 256 color map */ 2174 bits_per_pixel = 8; 2175 red_max = 7; 2176 green_max = 7; 2177 blue_max = 3; 2178 red_shift = 0; 2179 green_shift = 3; 2180 blue_shift = 6; 2181 } 2182 2183 switch (bits_per_pixel) { 2184 case 8: 2185 case 16: 2186 case 32: 2187 break; 2188 default: 2189 vnc_client_error(vs); 2190 return; 2191 } 2192 2193 vs->client_pf.rmax = red_max ? red_max : 0xFF; 2194 vs->client_pf.rbits = ctpopl(red_max); 2195 vs->client_pf.rshift = red_shift; 2196 vs->client_pf.rmask = red_max << red_shift; 2197 vs->client_pf.gmax = green_max ? green_max : 0xFF; 2198 vs->client_pf.gbits = ctpopl(green_max); 2199 vs->client_pf.gshift = green_shift; 2200 vs->client_pf.gmask = green_max << green_shift; 2201 vs->client_pf.bmax = blue_max ? blue_max : 0xFF; 2202 vs->client_pf.bbits = ctpopl(blue_max); 2203 vs->client_pf.bshift = blue_shift; 2204 vs->client_pf.bmask = blue_max << blue_shift; 2205 vs->client_pf.bits_per_pixel = bits_per_pixel; 2206 vs->client_pf.bytes_per_pixel = bits_per_pixel / 8; 2207 vs->client_pf.depth = bits_per_pixel == 32 ? 24 : bits_per_pixel; 2208 vs->client_be = big_endian_flag; 2209 2210 if (!true_color_flag) { 2211 send_color_map(vs); 2212 } 2213 2214 set_pixel_conversion(vs); 2215 2216 graphic_hw_invalidate(vs->vd->dcl.con); 2217 graphic_hw_update(vs->vd->dcl.con); 2218 } 2219 2220 static void pixel_format_message (VncState *vs) { 2221 char pad[3] = { 0, 0, 0 }; 2222 2223 vs->client_pf = qemu_default_pixelformat(32); 2224 2225 vnc_write_u8(vs, vs->client_pf.bits_per_pixel); /* bits-per-pixel */ 2226 vnc_write_u8(vs, vs->client_pf.depth); /* depth */ 2227 2228 #ifdef HOST_WORDS_BIGENDIAN 2229 vnc_write_u8(vs, 1); /* big-endian-flag */ 2230 #else 2231 vnc_write_u8(vs, 0); /* big-endian-flag */ 2232 #endif 2233 vnc_write_u8(vs, 1); /* true-color-flag */ 2234 vnc_write_u16(vs, vs->client_pf.rmax); /* red-max */ 2235 vnc_write_u16(vs, vs->client_pf.gmax); /* green-max */ 2236 vnc_write_u16(vs, vs->client_pf.bmax); /* blue-max */ 2237 vnc_write_u8(vs, vs->client_pf.rshift); /* red-shift */ 2238 vnc_write_u8(vs, vs->client_pf.gshift); /* green-shift */ 2239 vnc_write_u8(vs, vs->client_pf.bshift); /* blue-shift */ 2240 vnc_write(vs, pad, 3); /* padding */ 2241 2242 vnc_hextile_set_pixel_conversion(vs, 0); 2243 vs->write_pixels = vnc_write_pixels_copy; 2244 } 2245 2246 static void vnc_colordepth(VncState *vs) 2247 { 2248 if (vnc_has_feature(vs, VNC_FEATURE_WMVI)) { 2249 /* Sending a WMVi message to notify the client*/ 2250 vnc_lock_output(vs); 2251 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2252 vnc_write_u8(vs, 0); 2253 vnc_write_u16(vs, 1); /* number of rects */ 2254 vnc_framebuffer_update(vs, 0, 0, 2255 pixman_image_get_width(vs->vd->server), 2256 pixman_image_get_height(vs->vd->server), 2257 VNC_ENCODING_WMVi); 2258 pixel_format_message(vs); 2259 vnc_unlock_output(vs); 2260 vnc_flush(vs); 2261 } else { 2262 set_pixel_conversion(vs); 2263 } 2264 } 2265 2266 static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len) 2267 { 2268 int i; 2269 uint16_t limit; 2270 uint32_t freq; 2271 VncDisplay *vd = vs->vd; 2272 2273 if (data[0] > 3) { 2274 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 2275 } 2276 2277 switch (data[0]) { 2278 case VNC_MSG_CLIENT_SET_PIXEL_FORMAT: 2279 if (len == 1) 2280 return 20; 2281 2282 set_pixel_format(vs, read_u8(data, 4), 2283 read_u8(data, 6), read_u8(data, 7), 2284 read_u16(data, 8), read_u16(data, 10), 2285 read_u16(data, 12), read_u8(data, 14), 2286 read_u8(data, 15), read_u8(data, 16)); 2287 break; 2288 case VNC_MSG_CLIENT_SET_ENCODINGS: 2289 if (len == 1) 2290 return 4; 2291 2292 if (len == 4) { 2293 limit = read_u16(data, 2); 2294 if (limit > 0) 2295 return 4 + (limit * 4); 2296 } else 2297 limit = read_u16(data, 2); 2298 2299 for (i = 0; i < limit; i++) { 2300 int32_t val = read_s32(data, 4 + (i * 4)); 2301 memcpy(data + 4 + (i * 4), &val, sizeof(val)); 2302 } 2303 2304 set_encodings(vs, (int32_t *)(data + 4), limit); 2305 break; 2306 case VNC_MSG_CLIENT_FRAMEBUFFER_UPDATE_REQUEST: 2307 if (len == 1) 2308 return 10; 2309 2310 framebuffer_update_request(vs, 2311 read_u8(data, 1), read_u16(data, 2), read_u16(data, 4), 2312 read_u16(data, 6), read_u16(data, 8)); 2313 break; 2314 case VNC_MSG_CLIENT_KEY_EVENT: 2315 if (len == 1) 2316 return 8; 2317 2318 key_event(vs, read_u8(data, 1), read_u32(data, 4)); 2319 break; 2320 case VNC_MSG_CLIENT_POINTER_EVENT: 2321 if (len == 1) 2322 return 6; 2323 2324 pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4)); 2325 break; 2326 case VNC_MSG_CLIENT_CUT_TEXT: 2327 if (len == 1) { 2328 return 8; 2329 } 2330 if (len == 8) { 2331 uint32_t dlen = read_u32(data, 4); 2332 if (dlen > (1 << 20)) { 2333 error_report("vnc: client_cut_text msg payload has %u bytes" 2334 " which exceeds our limit of 1MB.", dlen); 2335 vnc_client_error(vs); 2336 break; 2337 } 2338 if (dlen > 0) { 2339 return 8 + dlen; 2340 } 2341 } 2342 2343 client_cut_text(vs, read_u32(data, 4), data + 8); 2344 break; 2345 case VNC_MSG_CLIENT_QEMU: 2346 if (len == 1) 2347 return 2; 2348 2349 switch (read_u8(data, 1)) { 2350 case VNC_MSG_CLIENT_QEMU_EXT_KEY_EVENT: 2351 if (len == 2) 2352 return 12; 2353 2354 ext_key_event(vs, read_u16(data, 2), 2355 read_u32(data, 4), read_u32(data, 8)); 2356 break; 2357 case VNC_MSG_CLIENT_QEMU_AUDIO: 2358 if (len == 2) 2359 return 4; 2360 2361 switch (read_u16 (data, 2)) { 2362 case VNC_MSG_CLIENT_QEMU_AUDIO_ENABLE: 2363 audio_add(vs); 2364 break; 2365 case VNC_MSG_CLIENT_QEMU_AUDIO_DISABLE: 2366 audio_del(vs); 2367 break; 2368 case VNC_MSG_CLIENT_QEMU_AUDIO_SET_FORMAT: 2369 if (len == 4) 2370 return 10; 2371 switch (read_u8(data, 4)) { 2372 case 0: vs->as.fmt = AUD_FMT_U8; break; 2373 case 1: vs->as.fmt = AUD_FMT_S8; break; 2374 case 2: vs->as.fmt = AUD_FMT_U16; break; 2375 case 3: vs->as.fmt = AUD_FMT_S16; break; 2376 case 4: vs->as.fmt = AUD_FMT_U32; break; 2377 case 5: vs->as.fmt = AUD_FMT_S32; break; 2378 default: 2379 VNC_DEBUG("Invalid audio format %d\n", read_u8(data, 4)); 2380 vnc_client_error(vs); 2381 break; 2382 } 2383 vs->as.nchannels = read_u8(data, 5); 2384 if (vs->as.nchannels != 1 && vs->as.nchannels != 2) { 2385 VNC_DEBUG("Invalid audio channel count %d\n", 2386 read_u8(data, 5)); 2387 vnc_client_error(vs); 2388 break; 2389 } 2390 freq = read_u32(data, 6); 2391 /* No official limit for protocol, but 48khz is a sensible 2392 * upper bound for trustworthy clients, and this limit 2393 * protects calculations involving 'vs->as.freq' later. 2394 */ 2395 if (freq > 48000) { 2396 VNC_DEBUG("Invalid audio frequency %u > 48000", freq); 2397 vnc_client_error(vs); 2398 break; 2399 } 2400 vs->as.freq = freq; 2401 break; 2402 default: 2403 VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 4)); 2404 vnc_client_error(vs); 2405 break; 2406 } 2407 break; 2408 2409 default: 2410 VNC_DEBUG("Msg: %d\n", read_u16(data, 0)); 2411 vnc_client_error(vs); 2412 break; 2413 } 2414 break; 2415 default: 2416 VNC_DEBUG("Msg: %d\n", data[0]); 2417 vnc_client_error(vs); 2418 break; 2419 } 2420 2421 vnc_update_throttle_offset(vs); 2422 vnc_read_when(vs, protocol_client_msg, 1); 2423 return 0; 2424 } 2425 2426 static int protocol_client_init(VncState *vs, uint8_t *data, size_t len) 2427 { 2428 char buf[1024]; 2429 VncShareMode mode; 2430 int size; 2431 2432 mode = data[0] ? VNC_SHARE_MODE_SHARED : VNC_SHARE_MODE_EXCLUSIVE; 2433 switch (vs->vd->share_policy) { 2434 case VNC_SHARE_POLICY_IGNORE: 2435 /* 2436 * Ignore the shared flag. Nothing to do here. 2437 * 2438 * Doesn't conform to the rfb spec but is traditional qemu 2439 * behavior, thus left here as option for compatibility 2440 * reasons. 2441 */ 2442 break; 2443 case VNC_SHARE_POLICY_ALLOW_EXCLUSIVE: 2444 /* 2445 * Policy: Allow clients ask for exclusive access. 2446 * 2447 * Implementation: When a client asks for exclusive access, 2448 * disconnect all others. Shared connects are allowed as long 2449 * as no exclusive connection exists. 2450 * 2451 * This is how the rfb spec suggests to handle the shared flag. 2452 */ 2453 if (mode == VNC_SHARE_MODE_EXCLUSIVE) { 2454 VncState *client; 2455 QTAILQ_FOREACH(client, &vs->vd->clients, next) { 2456 if (vs == client) { 2457 continue; 2458 } 2459 if (client->share_mode != VNC_SHARE_MODE_EXCLUSIVE && 2460 client->share_mode != VNC_SHARE_MODE_SHARED) { 2461 continue; 2462 } 2463 vnc_disconnect_start(client); 2464 } 2465 } 2466 if (mode == VNC_SHARE_MODE_SHARED) { 2467 if (vs->vd->num_exclusive > 0) { 2468 vnc_disconnect_start(vs); 2469 return 0; 2470 } 2471 } 2472 break; 2473 case VNC_SHARE_POLICY_FORCE_SHARED: 2474 /* 2475 * Policy: Shared connects only. 2476 * Implementation: Disallow clients asking for exclusive access. 2477 * 2478 * Useful for shared desktop sessions where you don't want 2479 * someone forgetting to say -shared when running the vnc 2480 * client disconnect everybody else. 2481 */ 2482 if (mode == VNC_SHARE_MODE_EXCLUSIVE) { 2483 vnc_disconnect_start(vs); 2484 return 0; 2485 } 2486 break; 2487 } 2488 vnc_set_share_mode(vs, mode); 2489 2490 if (vs->vd->num_shared > vs->vd->connections_limit) { 2491 vnc_disconnect_start(vs); 2492 return 0; 2493 } 2494 2495 assert(pixman_image_get_width(vs->vd->server) < 65536 && 2496 pixman_image_get_width(vs->vd->server) >= 0); 2497 assert(pixman_image_get_height(vs->vd->server) < 65536 && 2498 pixman_image_get_height(vs->vd->server) >= 0); 2499 vs->client_width = pixman_image_get_width(vs->vd->server); 2500 vs->client_height = pixman_image_get_height(vs->vd->server); 2501 vnc_write_u16(vs, vs->client_width); 2502 vnc_write_u16(vs, vs->client_height); 2503 2504 pixel_format_message(vs); 2505 2506 if (qemu_name) { 2507 size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name); 2508 if (size > sizeof(buf)) { 2509 size = sizeof(buf); 2510 } 2511 } else { 2512 size = snprintf(buf, sizeof(buf), "QEMU"); 2513 } 2514 2515 vnc_write_u32(vs, size); 2516 vnc_write(vs, buf, size); 2517 vnc_flush(vs); 2518 2519 vnc_client_cache_auth(vs); 2520 vnc_qmp_event(vs, QAPI_EVENT_VNC_INITIALIZED); 2521 2522 vnc_read_when(vs, protocol_client_msg, 1); 2523 2524 return 0; 2525 } 2526 2527 void start_client_init(VncState *vs) 2528 { 2529 vnc_read_when(vs, protocol_client_init, 1); 2530 } 2531 2532 static void make_challenge(VncState *vs) 2533 { 2534 int i; 2535 2536 srand(time(NULL)+getpid()+getpid()*987654+rand()); 2537 2538 for (i = 0 ; i < sizeof(vs->challenge) ; i++) 2539 vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0)); 2540 } 2541 2542 static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len) 2543 { 2544 unsigned char response[VNC_AUTH_CHALLENGE_SIZE]; 2545 size_t i, pwlen; 2546 unsigned char key[8]; 2547 time_t now = time(NULL); 2548 QCryptoCipher *cipher = NULL; 2549 Error *err = NULL; 2550 2551 if (!vs->vd->password) { 2552 trace_vnc_auth_fail(vs, vs->auth, "password is not set", ""); 2553 goto reject; 2554 } 2555 if (vs->vd->expires < now) { 2556 trace_vnc_auth_fail(vs, vs->auth, "password is expired", ""); 2557 goto reject; 2558 } 2559 2560 memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE); 2561 2562 /* Calculate the expected challenge response */ 2563 pwlen = strlen(vs->vd->password); 2564 for (i=0; i<sizeof(key); i++) 2565 key[i] = i<pwlen ? vs->vd->password[i] : 0; 2566 2567 cipher = qcrypto_cipher_new( 2568 QCRYPTO_CIPHER_ALG_DES_RFB, 2569 QCRYPTO_CIPHER_MODE_ECB, 2570 key, G_N_ELEMENTS(key), 2571 &err); 2572 if (!cipher) { 2573 trace_vnc_auth_fail(vs, vs->auth, "cannot create cipher", 2574 error_get_pretty(err)); 2575 error_free(err); 2576 goto reject; 2577 } 2578 2579 if (qcrypto_cipher_encrypt(cipher, 2580 vs->challenge, 2581 response, 2582 VNC_AUTH_CHALLENGE_SIZE, 2583 &err) < 0) { 2584 trace_vnc_auth_fail(vs, vs->auth, "cannot encrypt challenge response", 2585 error_get_pretty(err)); 2586 error_free(err); 2587 goto reject; 2588 } 2589 2590 /* Compare expected vs actual challenge response */ 2591 if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) { 2592 trace_vnc_auth_fail(vs, vs->auth, "mis-matched challenge response", ""); 2593 goto reject; 2594 } else { 2595 trace_vnc_auth_pass(vs, vs->auth); 2596 vnc_write_u32(vs, 0); /* Accept auth */ 2597 vnc_flush(vs); 2598 2599 start_client_init(vs); 2600 } 2601 2602 qcrypto_cipher_free(cipher); 2603 return 0; 2604 2605 reject: 2606 vnc_write_u32(vs, 1); /* Reject auth */ 2607 if (vs->minor >= 8) { 2608 static const char err[] = "Authentication failed"; 2609 vnc_write_u32(vs, sizeof(err)); 2610 vnc_write(vs, err, sizeof(err)); 2611 } 2612 vnc_flush(vs); 2613 vnc_client_error(vs); 2614 qcrypto_cipher_free(cipher); 2615 return 0; 2616 } 2617 2618 void start_auth_vnc(VncState *vs) 2619 { 2620 make_challenge(vs); 2621 /* Send client a 'random' challenge */ 2622 vnc_write(vs, vs->challenge, sizeof(vs->challenge)); 2623 vnc_flush(vs); 2624 2625 vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge)); 2626 } 2627 2628 2629 static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len) 2630 { 2631 /* We only advertise 1 auth scheme at a time, so client 2632 * must pick the one we sent. Verify this */ 2633 if (data[0] != vs->auth) { /* Reject auth */ 2634 trace_vnc_auth_reject(vs, vs->auth, (int)data[0]); 2635 vnc_write_u32(vs, 1); 2636 if (vs->minor >= 8) { 2637 static const char err[] = "Authentication failed"; 2638 vnc_write_u32(vs, sizeof(err)); 2639 vnc_write(vs, err, sizeof(err)); 2640 } 2641 vnc_client_error(vs); 2642 } else { /* Accept requested auth */ 2643 trace_vnc_auth_start(vs, vs->auth); 2644 switch (vs->auth) { 2645 case VNC_AUTH_NONE: 2646 if (vs->minor >= 8) { 2647 vnc_write_u32(vs, 0); /* Accept auth completion */ 2648 vnc_flush(vs); 2649 } 2650 trace_vnc_auth_pass(vs, vs->auth); 2651 start_client_init(vs); 2652 break; 2653 2654 case VNC_AUTH_VNC: 2655 start_auth_vnc(vs); 2656 break; 2657 2658 case VNC_AUTH_VENCRYPT: 2659 start_auth_vencrypt(vs); 2660 break; 2661 2662 #ifdef CONFIG_VNC_SASL 2663 case VNC_AUTH_SASL: 2664 start_auth_sasl(vs); 2665 break; 2666 #endif /* CONFIG_VNC_SASL */ 2667 2668 default: /* Should not be possible, but just in case */ 2669 trace_vnc_auth_fail(vs, vs->auth, "Unhandled auth method", ""); 2670 vnc_write_u8(vs, 1); 2671 if (vs->minor >= 8) { 2672 static const char err[] = "Authentication failed"; 2673 vnc_write_u32(vs, sizeof(err)); 2674 vnc_write(vs, err, sizeof(err)); 2675 } 2676 vnc_client_error(vs); 2677 } 2678 } 2679 return 0; 2680 } 2681 2682 static int protocol_version(VncState *vs, uint8_t *version, size_t len) 2683 { 2684 char local[13]; 2685 2686 memcpy(local, version, 12); 2687 local[12] = 0; 2688 2689 if (sscanf(local, "RFB %03d.%03d\n", &vs->major, &vs->minor) != 2) { 2690 VNC_DEBUG("Malformed protocol version %s\n", local); 2691 vnc_client_error(vs); 2692 return 0; 2693 } 2694 VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, vs->minor); 2695 if (vs->major != 3 || 2696 (vs->minor != 3 && 2697 vs->minor != 4 && 2698 vs->minor != 5 && 2699 vs->minor != 7 && 2700 vs->minor != 8)) { 2701 VNC_DEBUG("Unsupported client version\n"); 2702 vnc_write_u32(vs, VNC_AUTH_INVALID); 2703 vnc_flush(vs); 2704 vnc_client_error(vs); 2705 return 0; 2706 } 2707 /* Some broken clients report v3.4 or v3.5, which spec requires to be treated 2708 * as equivalent to v3.3 by servers 2709 */ 2710 if (vs->minor == 4 || vs->minor == 5) 2711 vs->minor = 3; 2712 2713 if (vs->minor == 3) { 2714 trace_vnc_auth_start(vs, vs->auth); 2715 if (vs->auth == VNC_AUTH_NONE) { 2716 vnc_write_u32(vs, vs->auth); 2717 vnc_flush(vs); 2718 trace_vnc_auth_pass(vs, vs->auth); 2719 start_client_init(vs); 2720 } else if (vs->auth == VNC_AUTH_VNC) { 2721 VNC_DEBUG("Tell client VNC auth\n"); 2722 vnc_write_u32(vs, vs->auth); 2723 vnc_flush(vs); 2724 start_auth_vnc(vs); 2725 } else { 2726 trace_vnc_auth_fail(vs, vs->auth, 2727 "Unsupported auth method for v3.3", ""); 2728 vnc_write_u32(vs, VNC_AUTH_INVALID); 2729 vnc_flush(vs); 2730 vnc_client_error(vs); 2731 } 2732 } else { 2733 vnc_write_u8(vs, 1); /* num auth */ 2734 vnc_write_u8(vs, vs->auth); 2735 vnc_read_when(vs, protocol_client_auth, 1); 2736 vnc_flush(vs); 2737 } 2738 2739 return 0; 2740 } 2741 2742 static VncRectStat *vnc_stat_rect(VncDisplay *vd, int x, int y) 2743 { 2744 struct VncSurface *vs = &vd->guest; 2745 2746 return &vs->stats[y / VNC_STAT_RECT][x / VNC_STAT_RECT]; 2747 } 2748 2749 void vnc_sent_lossy_rect(VncState *vs, int x, int y, int w, int h) 2750 { 2751 int i, j; 2752 2753 w = (x + w) / VNC_STAT_RECT; 2754 h = (y + h) / VNC_STAT_RECT; 2755 x /= VNC_STAT_RECT; 2756 y /= VNC_STAT_RECT; 2757 2758 for (j = y; j <= h; j++) { 2759 for (i = x; i <= w; i++) { 2760 vs->lossy_rect[j][i] = 1; 2761 } 2762 } 2763 } 2764 2765 static int vnc_refresh_lossy_rect(VncDisplay *vd, int x, int y) 2766 { 2767 VncState *vs; 2768 int sty = y / VNC_STAT_RECT; 2769 int stx = x / VNC_STAT_RECT; 2770 int has_dirty = 0; 2771 2772 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT); 2773 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT); 2774 2775 QTAILQ_FOREACH(vs, &vd->clients, next) { 2776 int j; 2777 2778 /* kernel send buffers are full -> refresh later */ 2779 if (vs->output.offset) { 2780 continue; 2781 } 2782 2783 if (!vs->lossy_rect[sty][stx]) { 2784 continue; 2785 } 2786 2787 vs->lossy_rect[sty][stx] = 0; 2788 for (j = 0; j < VNC_STAT_RECT; ++j) { 2789 bitmap_set(vs->dirty[y + j], 2790 x / VNC_DIRTY_PIXELS_PER_BIT, 2791 VNC_STAT_RECT / VNC_DIRTY_PIXELS_PER_BIT); 2792 } 2793 has_dirty++; 2794 } 2795 2796 return has_dirty; 2797 } 2798 2799 static int vnc_update_stats(VncDisplay *vd, struct timeval * tv) 2800 { 2801 int width = MIN(pixman_image_get_width(vd->guest.fb), 2802 pixman_image_get_width(vd->server)); 2803 int height = MIN(pixman_image_get_height(vd->guest.fb), 2804 pixman_image_get_height(vd->server)); 2805 int x, y; 2806 struct timeval res; 2807 int has_dirty = 0; 2808 2809 for (y = 0; y < height; y += VNC_STAT_RECT) { 2810 for (x = 0; x < width; x += VNC_STAT_RECT) { 2811 VncRectStat *rect = vnc_stat_rect(vd, x, y); 2812 2813 rect->updated = false; 2814 } 2815 } 2816 2817 qemu_timersub(tv, &VNC_REFRESH_STATS, &res); 2818 2819 if (timercmp(&vd->guest.last_freq_check, &res, >)) { 2820 return has_dirty; 2821 } 2822 vd->guest.last_freq_check = *tv; 2823 2824 for (y = 0; y < height; y += VNC_STAT_RECT) { 2825 for (x = 0; x < width; x += VNC_STAT_RECT) { 2826 VncRectStat *rect= vnc_stat_rect(vd, x, y); 2827 int count = ARRAY_SIZE(rect->times); 2828 struct timeval min, max; 2829 2830 if (!timerisset(&rect->times[count - 1])) { 2831 continue ; 2832 } 2833 2834 max = rect->times[(rect->idx + count - 1) % count]; 2835 qemu_timersub(tv, &max, &res); 2836 2837 if (timercmp(&res, &VNC_REFRESH_LOSSY, >)) { 2838 rect->freq = 0; 2839 has_dirty += vnc_refresh_lossy_rect(vd, x, y); 2840 memset(rect->times, 0, sizeof (rect->times)); 2841 continue ; 2842 } 2843 2844 min = rect->times[rect->idx]; 2845 max = rect->times[(rect->idx + count - 1) % count]; 2846 qemu_timersub(&max, &min, &res); 2847 2848 rect->freq = res.tv_sec + res.tv_usec / 1000000.; 2849 rect->freq /= count; 2850 rect->freq = 1. / rect->freq; 2851 } 2852 } 2853 return has_dirty; 2854 } 2855 2856 double vnc_update_freq(VncState *vs, int x, int y, int w, int h) 2857 { 2858 int i, j; 2859 double total = 0; 2860 int num = 0; 2861 2862 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT); 2863 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT); 2864 2865 for (j = y; j <= y + h; j += VNC_STAT_RECT) { 2866 for (i = x; i <= x + w; i += VNC_STAT_RECT) { 2867 total += vnc_stat_rect(vs->vd, i, j)->freq; 2868 num++; 2869 } 2870 } 2871 2872 if (num) { 2873 return total / num; 2874 } else { 2875 return 0; 2876 } 2877 } 2878 2879 static void vnc_rect_updated(VncDisplay *vd, int x, int y, struct timeval * tv) 2880 { 2881 VncRectStat *rect; 2882 2883 rect = vnc_stat_rect(vd, x, y); 2884 if (rect->updated) { 2885 return ; 2886 } 2887 rect->times[rect->idx] = *tv; 2888 rect->idx = (rect->idx + 1) % ARRAY_SIZE(rect->times); 2889 rect->updated = true; 2890 } 2891 2892 static int vnc_refresh_server_surface(VncDisplay *vd) 2893 { 2894 int width = MIN(pixman_image_get_width(vd->guest.fb), 2895 pixman_image_get_width(vd->server)); 2896 int height = MIN(pixman_image_get_height(vd->guest.fb), 2897 pixman_image_get_height(vd->server)); 2898 int cmp_bytes, server_stride, line_bytes, guest_ll, guest_stride, y = 0; 2899 uint8_t *guest_row0 = NULL, *server_row0; 2900 VncState *vs; 2901 int has_dirty = 0; 2902 pixman_image_t *tmpbuf = NULL; 2903 2904 struct timeval tv = { 0, 0 }; 2905 2906 if (!vd->non_adaptive) { 2907 gettimeofday(&tv, NULL); 2908 has_dirty = vnc_update_stats(vd, &tv); 2909 } 2910 2911 /* 2912 * Walk through the guest dirty map. 2913 * Check and copy modified bits from guest to server surface. 2914 * Update server dirty map. 2915 */ 2916 server_row0 = (uint8_t *)pixman_image_get_data(vd->server); 2917 server_stride = guest_stride = guest_ll = 2918 pixman_image_get_stride(vd->server); 2919 cmp_bytes = MIN(VNC_DIRTY_PIXELS_PER_BIT * VNC_SERVER_FB_BYTES, 2920 server_stride); 2921 if (vd->guest.format != VNC_SERVER_FB_FORMAT) { 2922 int width = pixman_image_get_width(vd->server); 2923 tmpbuf = qemu_pixman_linebuf_create(VNC_SERVER_FB_FORMAT, width); 2924 } else { 2925 int guest_bpp = 2926 PIXMAN_FORMAT_BPP(pixman_image_get_format(vd->guest.fb)); 2927 guest_row0 = (uint8_t *)pixman_image_get_data(vd->guest.fb); 2928 guest_stride = pixman_image_get_stride(vd->guest.fb); 2929 guest_ll = pixman_image_get_width(vd->guest.fb) 2930 * DIV_ROUND_UP(guest_bpp, 8); 2931 } 2932 line_bytes = MIN(server_stride, guest_ll); 2933 2934 for (;;) { 2935 int x; 2936 uint8_t *guest_ptr, *server_ptr; 2937 unsigned long offset = find_next_bit((unsigned long *) &vd->guest.dirty, 2938 height * VNC_DIRTY_BPL(&vd->guest), 2939 y * VNC_DIRTY_BPL(&vd->guest)); 2940 if (offset == height * VNC_DIRTY_BPL(&vd->guest)) { 2941 /* no more dirty bits */ 2942 break; 2943 } 2944 y = offset / VNC_DIRTY_BPL(&vd->guest); 2945 x = offset % VNC_DIRTY_BPL(&vd->guest); 2946 2947 server_ptr = server_row0 + y * server_stride + x * cmp_bytes; 2948 2949 if (vd->guest.format != VNC_SERVER_FB_FORMAT) { 2950 qemu_pixman_linebuf_fill(tmpbuf, vd->guest.fb, width, 0, y); 2951 guest_ptr = (uint8_t *)pixman_image_get_data(tmpbuf); 2952 } else { 2953 guest_ptr = guest_row0 + y * guest_stride; 2954 } 2955 guest_ptr += x * cmp_bytes; 2956 2957 for (; x < DIV_ROUND_UP(width, VNC_DIRTY_PIXELS_PER_BIT); 2958 x++, guest_ptr += cmp_bytes, server_ptr += cmp_bytes) { 2959 int _cmp_bytes = cmp_bytes; 2960 if (!test_and_clear_bit(x, vd->guest.dirty[y])) { 2961 continue; 2962 } 2963 if ((x + 1) * cmp_bytes > line_bytes) { 2964 _cmp_bytes = line_bytes - x * cmp_bytes; 2965 } 2966 assert(_cmp_bytes >= 0); 2967 if (memcmp(server_ptr, guest_ptr, _cmp_bytes) == 0) { 2968 continue; 2969 } 2970 memcpy(server_ptr, guest_ptr, _cmp_bytes); 2971 if (!vd->non_adaptive) { 2972 vnc_rect_updated(vd, x * VNC_DIRTY_PIXELS_PER_BIT, 2973 y, &tv); 2974 } 2975 QTAILQ_FOREACH(vs, &vd->clients, next) { 2976 set_bit(x, vs->dirty[y]); 2977 } 2978 has_dirty++; 2979 } 2980 2981 y++; 2982 } 2983 qemu_pixman_image_unref(tmpbuf); 2984 return has_dirty; 2985 } 2986 2987 static void vnc_refresh(DisplayChangeListener *dcl) 2988 { 2989 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 2990 VncState *vs, *vn; 2991 int has_dirty, rects = 0; 2992 2993 if (QTAILQ_EMPTY(&vd->clients)) { 2994 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_MAX); 2995 return; 2996 } 2997 2998 graphic_hw_update(vd->dcl.con); 2999 3000 if (vnc_trylock_display(vd)) { 3001 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 3002 return; 3003 } 3004 3005 has_dirty = vnc_refresh_server_surface(vd); 3006 vnc_unlock_display(vd); 3007 3008 QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) { 3009 rects += vnc_update_client(vs, has_dirty); 3010 /* vs might be free()ed here */ 3011 } 3012 3013 if (has_dirty && rects) { 3014 vd->dcl.update_interval /= 2; 3015 if (vd->dcl.update_interval < VNC_REFRESH_INTERVAL_BASE) { 3016 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_BASE; 3017 } 3018 } else { 3019 vd->dcl.update_interval += VNC_REFRESH_INTERVAL_INC; 3020 if (vd->dcl.update_interval > VNC_REFRESH_INTERVAL_MAX) { 3021 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_MAX; 3022 } 3023 } 3024 } 3025 3026 static void vnc_connect(VncDisplay *vd, QIOChannelSocket *sioc, 3027 bool skipauth, bool websocket) 3028 { 3029 VncState *vs = g_new0(VncState, 1); 3030 bool first_client = QTAILQ_EMPTY(&vd->clients); 3031 int i; 3032 3033 trace_vnc_client_connect(vs, sioc); 3034 vs->magic = VNC_MAGIC; 3035 vs->sioc = sioc; 3036 object_ref(OBJECT(vs->sioc)); 3037 vs->ioc = QIO_CHANNEL(sioc); 3038 object_ref(OBJECT(vs->ioc)); 3039 vs->vd = vd; 3040 3041 buffer_init(&vs->input, "vnc-input/%p", sioc); 3042 buffer_init(&vs->output, "vnc-output/%p", sioc); 3043 buffer_init(&vs->jobs_buffer, "vnc-jobs_buffer/%p", sioc); 3044 3045 buffer_init(&vs->tight.tight, "vnc-tight/%p", sioc); 3046 buffer_init(&vs->tight.zlib, "vnc-tight-zlib/%p", sioc); 3047 buffer_init(&vs->tight.gradient, "vnc-tight-gradient/%p", sioc); 3048 #ifdef CONFIG_VNC_JPEG 3049 buffer_init(&vs->tight.jpeg, "vnc-tight-jpeg/%p", sioc); 3050 #endif 3051 #ifdef CONFIG_VNC_PNG 3052 buffer_init(&vs->tight.png, "vnc-tight-png/%p", sioc); 3053 #endif 3054 buffer_init(&vs->zlib.zlib, "vnc-zlib/%p", sioc); 3055 buffer_init(&vs->zrle.zrle, "vnc-zrle/%p", sioc); 3056 buffer_init(&vs->zrle.fb, "vnc-zrle-fb/%p", sioc); 3057 buffer_init(&vs->zrle.zlib, "vnc-zrle-zlib/%p", sioc); 3058 3059 if (skipauth) { 3060 vs->auth = VNC_AUTH_NONE; 3061 vs->subauth = VNC_AUTH_INVALID; 3062 } else { 3063 if (websocket) { 3064 vs->auth = vd->ws_auth; 3065 vs->subauth = VNC_AUTH_INVALID; 3066 } else { 3067 vs->auth = vd->auth; 3068 vs->subauth = vd->subauth; 3069 } 3070 } 3071 VNC_DEBUG("Client sioc=%p ws=%d auth=%d subauth=%d\n", 3072 sioc, websocket, vs->auth, vs->subauth); 3073 3074 vs->lossy_rect = g_malloc0(VNC_STAT_ROWS * sizeof (*vs->lossy_rect)); 3075 for (i = 0; i < VNC_STAT_ROWS; ++i) { 3076 vs->lossy_rect[i] = g_new0(uint8_t, VNC_STAT_COLS); 3077 } 3078 3079 VNC_DEBUG("New client on socket %p\n", vs->sioc); 3080 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 3081 qio_channel_set_blocking(vs->ioc, false, NULL); 3082 if (vs->ioc_tag) { 3083 g_source_remove(vs->ioc_tag); 3084 } 3085 if (websocket) { 3086 vs->websocket = 1; 3087 if (vd->tlscreds) { 3088 vs->ioc_tag = qio_channel_add_watch( 3089 vs->ioc, G_IO_IN, vncws_tls_handshake_io, vs, NULL); 3090 } else { 3091 vs->ioc_tag = qio_channel_add_watch( 3092 vs->ioc, G_IO_IN, vncws_handshake_io, vs, NULL); 3093 } 3094 } else { 3095 vs->ioc_tag = qio_channel_add_watch( 3096 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 3097 } 3098 3099 vnc_client_cache_addr(vs); 3100 vnc_qmp_event(vs, QAPI_EVENT_VNC_CONNECTED); 3101 vnc_set_share_mode(vs, VNC_SHARE_MODE_CONNECTING); 3102 3103 vs->last_x = -1; 3104 vs->last_y = -1; 3105 3106 vs->as.freq = 44100; 3107 vs->as.nchannels = 2; 3108 vs->as.fmt = AUD_FMT_S16; 3109 vs->as.endianness = 0; 3110 3111 qemu_mutex_init(&vs->output_mutex); 3112 vs->bh = qemu_bh_new(vnc_jobs_bh, vs); 3113 3114 QTAILQ_INSERT_TAIL(&vd->clients, vs, next); 3115 if (first_client) { 3116 vnc_update_server_surface(vd); 3117 } 3118 3119 graphic_hw_update(vd->dcl.con); 3120 3121 if (!vs->websocket) { 3122 vnc_start_protocol(vs); 3123 } 3124 3125 if (vd->num_connecting > vd->connections_limit) { 3126 QTAILQ_FOREACH(vs, &vd->clients, next) { 3127 if (vs->share_mode == VNC_SHARE_MODE_CONNECTING) { 3128 vnc_disconnect_start(vs); 3129 return; 3130 } 3131 } 3132 } 3133 } 3134 3135 void vnc_start_protocol(VncState *vs) 3136 { 3137 vnc_write(vs, "RFB 003.008\n", 12); 3138 vnc_flush(vs); 3139 vnc_read_when(vs, protocol_version, 12); 3140 3141 vs->mouse_mode_notifier.notify = check_pointer_type_change; 3142 qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier); 3143 } 3144 3145 static void vnc_listen_io(QIONetListener *listener, 3146 QIOChannelSocket *cioc, 3147 void *opaque) 3148 { 3149 VncDisplay *vd = opaque; 3150 bool isWebsock = listener == vd->wslistener; 3151 3152 qio_channel_set_name(QIO_CHANNEL(cioc), 3153 isWebsock ? "vnc-ws-server" : "vnc-server"); 3154 qio_channel_set_delay(QIO_CHANNEL(cioc), false); 3155 vnc_connect(vd, cioc, false, isWebsock); 3156 } 3157 3158 static const DisplayChangeListenerOps dcl_ops = { 3159 .dpy_name = "vnc", 3160 .dpy_refresh = vnc_refresh, 3161 .dpy_gfx_update = vnc_dpy_update, 3162 .dpy_gfx_switch = vnc_dpy_switch, 3163 .dpy_gfx_check_format = qemu_pixman_check_format, 3164 .dpy_mouse_set = vnc_mouse_set, 3165 .dpy_cursor_define = vnc_dpy_cursor_define, 3166 }; 3167 3168 void vnc_display_init(const char *id, Error **errp) 3169 { 3170 VncDisplay *vd; 3171 3172 if (vnc_display_find(id) != NULL) { 3173 return; 3174 } 3175 vd = g_malloc0(sizeof(*vd)); 3176 3177 vd->id = strdup(id); 3178 QTAILQ_INSERT_TAIL(&vnc_displays, vd, next); 3179 3180 QTAILQ_INIT(&vd->clients); 3181 vd->expires = TIME_MAX; 3182 3183 if (keyboard_layout) { 3184 trace_vnc_key_map_init(keyboard_layout); 3185 vd->kbd_layout = init_keyboard_layout(name2keysym, 3186 keyboard_layout, errp); 3187 } else { 3188 vd->kbd_layout = init_keyboard_layout(name2keysym, "en-us", errp); 3189 } 3190 3191 if (!vd->kbd_layout) { 3192 return; 3193 } 3194 3195 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 3196 vd->connections_limit = 32; 3197 3198 qemu_mutex_init(&vd->mutex); 3199 vnc_start_worker_thread(); 3200 3201 vd->dcl.ops = &dcl_ops; 3202 register_displaychangelistener(&vd->dcl); 3203 vd->kbd = qkbd_state_init(vd->dcl.con); 3204 } 3205 3206 3207 static void vnc_display_close(VncDisplay *vd) 3208 { 3209 if (!vd) { 3210 return; 3211 } 3212 vd->is_unix = false; 3213 3214 if (vd->listener) { 3215 qio_net_listener_disconnect(vd->listener); 3216 object_unref(OBJECT(vd->listener)); 3217 } 3218 vd->listener = NULL; 3219 3220 if (vd->wslistener) { 3221 qio_net_listener_disconnect(vd->wslistener); 3222 object_unref(OBJECT(vd->wslistener)); 3223 } 3224 vd->wslistener = NULL; 3225 3226 vd->auth = VNC_AUTH_INVALID; 3227 vd->subauth = VNC_AUTH_INVALID; 3228 if (vd->tlscreds) { 3229 object_unparent(OBJECT(vd->tlscreds)); 3230 vd->tlscreds = NULL; 3231 } 3232 if (vd->tlsauthz) { 3233 object_unparent(OBJECT(vd->tlsauthz)); 3234 vd->tlsauthz = NULL; 3235 } 3236 g_free(vd->tlsauthzid); 3237 vd->tlsauthzid = NULL; 3238 if (vd->lock_key_sync) { 3239 qemu_remove_led_event_handler(vd->led); 3240 vd->led = NULL; 3241 } 3242 #ifdef CONFIG_VNC_SASL 3243 if (vd->sasl.authz) { 3244 object_unparent(OBJECT(vd->sasl.authz)); 3245 vd->sasl.authz = NULL; 3246 } 3247 g_free(vd->sasl.authzid); 3248 vd->sasl.authzid = NULL; 3249 #endif 3250 } 3251 3252 int vnc_display_password(const char *id, const char *password) 3253 { 3254 VncDisplay *vd = vnc_display_find(id); 3255 3256 if (!vd) { 3257 return -EINVAL; 3258 } 3259 if (vd->auth == VNC_AUTH_NONE) { 3260 error_printf_unless_qmp("If you want use passwords please enable " 3261 "password auth using '-vnc ${dpy},password'.\n"); 3262 return -EINVAL; 3263 } 3264 3265 g_free(vd->password); 3266 vd->password = g_strdup(password); 3267 3268 return 0; 3269 } 3270 3271 int vnc_display_pw_expire(const char *id, time_t expires) 3272 { 3273 VncDisplay *vd = vnc_display_find(id); 3274 3275 if (!vd) { 3276 return -EINVAL; 3277 } 3278 3279 vd->expires = expires; 3280 return 0; 3281 } 3282 3283 static void vnc_display_print_local_addr(VncDisplay *vd) 3284 { 3285 SocketAddress *addr; 3286 Error *err = NULL; 3287 3288 if (!vd->listener || !vd->listener->nsioc) { 3289 return; 3290 } 3291 3292 addr = qio_channel_socket_get_local_address(vd->listener->sioc[0], &err); 3293 if (!addr) { 3294 return; 3295 } 3296 3297 if (addr->type != SOCKET_ADDRESS_TYPE_INET) { 3298 qapi_free_SocketAddress(addr); 3299 return; 3300 } 3301 error_printf_unless_qmp("VNC server running on %s:%s\n", 3302 addr->u.inet.host, 3303 addr->u.inet.port); 3304 qapi_free_SocketAddress(addr); 3305 } 3306 3307 static QemuOptsList qemu_vnc_opts = { 3308 .name = "vnc", 3309 .head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head), 3310 .implied_opt_name = "vnc", 3311 .desc = { 3312 { 3313 .name = "vnc", 3314 .type = QEMU_OPT_STRING, 3315 },{ 3316 .name = "websocket", 3317 .type = QEMU_OPT_STRING, 3318 },{ 3319 .name = "tls-creds", 3320 .type = QEMU_OPT_STRING, 3321 },{ 3322 .name = "share", 3323 .type = QEMU_OPT_STRING, 3324 },{ 3325 .name = "display", 3326 .type = QEMU_OPT_STRING, 3327 },{ 3328 .name = "head", 3329 .type = QEMU_OPT_NUMBER, 3330 },{ 3331 .name = "connections", 3332 .type = QEMU_OPT_NUMBER, 3333 },{ 3334 .name = "to", 3335 .type = QEMU_OPT_NUMBER, 3336 },{ 3337 .name = "ipv4", 3338 .type = QEMU_OPT_BOOL, 3339 },{ 3340 .name = "ipv6", 3341 .type = QEMU_OPT_BOOL, 3342 },{ 3343 .name = "password", 3344 .type = QEMU_OPT_BOOL, 3345 },{ 3346 .name = "reverse", 3347 .type = QEMU_OPT_BOOL, 3348 },{ 3349 .name = "lock-key-sync", 3350 .type = QEMU_OPT_BOOL, 3351 },{ 3352 .name = "key-delay-ms", 3353 .type = QEMU_OPT_NUMBER, 3354 },{ 3355 .name = "sasl", 3356 .type = QEMU_OPT_BOOL, 3357 },{ 3358 .name = "acl", 3359 .type = QEMU_OPT_BOOL, 3360 },{ 3361 .name = "lossy", 3362 .type = QEMU_OPT_BOOL, 3363 },{ 3364 .name = "non-adaptive", 3365 .type = QEMU_OPT_BOOL, 3366 }, 3367 { /* end of list */ } 3368 }, 3369 }; 3370 3371 3372 static int 3373 vnc_display_setup_auth(int *auth, 3374 int *subauth, 3375 QCryptoTLSCreds *tlscreds, 3376 bool password, 3377 bool sasl, 3378 bool websocket, 3379 Error **errp) 3380 { 3381 /* 3382 * We have a choice of 3 authentication options 3383 * 3384 * 1. none 3385 * 2. vnc 3386 * 3. sasl 3387 * 3388 * The channel can be run in 2 modes 3389 * 3390 * 1. clear 3391 * 2. tls 3392 * 3393 * And TLS can use 2 types of credentials 3394 * 3395 * 1. anon 3396 * 2. x509 3397 * 3398 * We thus have 9 possible logical combinations 3399 * 3400 * 1. clear + none 3401 * 2. clear + vnc 3402 * 3. clear + sasl 3403 * 4. tls + anon + none 3404 * 5. tls + anon + vnc 3405 * 6. tls + anon + sasl 3406 * 7. tls + x509 + none 3407 * 8. tls + x509 + vnc 3408 * 9. tls + x509 + sasl 3409 * 3410 * These need to be mapped into the VNC auth schemes 3411 * in an appropriate manner. In regular VNC, all the 3412 * TLS options get mapped into VNC_AUTH_VENCRYPT 3413 * sub-auth types. 3414 * 3415 * In websockets, the https:// protocol already provides 3416 * TLS support, so there is no need to make use of the 3417 * VeNCrypt extension. Furthermore, websockets browser 3418 * clients could not use VeNCrypt even if they wanted to, 3419 * as they cannot control when the TLS handshake takes 3420 * place. Thus there is no option but to rely on https://, 3421 * meaning combinations 4->6 and 7->9 will be mapped to 3422 * VNC auth schemes in the same way as combos 1->3. 3423 * 3424 * Regardless of fact that we have a different mapping to 3425 * VNC auth mechs for plain VNC vs websockets VNC, the end 3426 * result has the same security characteristics. 3427 */ 3428 if (websocket || !tlscreds) { 3429 if (password) { 3430 VNC_DEBUG("Initializing VNC server with password auth\n"); 3431 *auth = VNC_AUTH_VNC; 3432 } else if (sasl) { 3433 VNC_DEBUG("Initializing VNC server with SASL auth\n"); 3434 *auth = VNC_AUTH_SASL; 3435 } else { 3436 VNC_DEBUG("Initializing VNC server with no auth\n"); 3437 *auth = VNC_AUTH_NONE; 3438 } 3439 *subauth = VNC_AUTH_INVALID; 3440 } else { 3441 bool is_x509 = object_dynamic_cast(OBJECT(tlscreds), 3442 TYPE_QCRYPTO_TLS_CREDS_X509) != NULL; 3443 bool is_anon = object_dynamic_cast(OBJECT(tlscreds), 3444 TYPE_QCRYPTO_TLS_CREDS_ANON) != NULL; 3445 3446 if (!is_x509 && !is_anon) { 3447 error_setg(errp, 3448 "Unsupported TLS cred type %s", 3449 object_get_typename(OBJECT(tlscreds))); 3450 return -1; 3451 } 3452 *auth = VNC_AUTH_VENCRYPT; 3453 if (password) { 3454 if (is_x509) { 3455 VNC_DEBUG("Initializing VNC server with x509 password auth\n"); 3456 *subauth = VNC_AUTH_VENCRYPT_X509VNC; 3457 } else { 3458 VNC_DEBUG("Initializing VNC server with TLS password auth\n"); 3459 *subauth = VNC_AUTH_VENCRYPT_TLSVNC; 3460 } 3461 3462 } else if (sasl) { 3463 if (is_x509) { 3464 VNC_DEBUG("Initializing VNC server with x509 SASL auth\n"); 3465 *subauth = VNC_AUTH_VENCRYPT_X509SASL; 3466 } else { 3467 VNC_DEBUG("Initializing VNC server with TLS SASL auth\n"); 3468 *subauth = VNC_AUTH_VENCRYPT_TLSSASL; 3469 } 3470 } else { 3471 if (is_x509) { 3472 VNC_DEBUG("Initializing VNC server with x509 no auth\n"); 3473 *subauth = VNC_AUTH_VENCRYPT_X509NONE; 3474 } else { 3475 VNC_DEBUG("Initializing VNC server with TLS no auth\n"); 3476 *subauth = VNC_AUTH_VENCRYPT_TLSNONE; 3477 } 3478 } 3479 } 3480 return 0; 3481 } 3482 3483 3484 static int vnc_display_get_address(const char *addrstr, 3485 bool websocket, 3486 bool reverse, 3487 int displaynum, 3488 int to, 3489 bool has_ipv4, 3490 bool has_ipv6, 3491 bool ipv4, 3492 bool ipv6, 3493 SocketAddress **retaddr, 3494 Error **errp) 3495 { 3496 int ret = -1; 3497 SocketAddress *addr = NULL; 3498 3499 addr = g_new0(SocketAddress, 1); 3500 3501 if (strncmp(addrstr, "unix:", 5) == 0) { 3502 addr->type = SOCKET_ADDRESS_TYPE_UNIX; 3503 addr->u.q_unix.path = g_strdup(addrstr + 5); 3504 3505 if (websocket) { 3506 error_setg(errp, "UNIX sockets not supported with websock"); 3507 goto cleanup; 3508 } 3509 3510 if (to) { 3511 error_setg(errp, "Port range not support with UNIX socket"); 3512 goto cleanup; 3513 } 3514 ret = 0; 3515 } else { 3516 const char *port; 3517 size_t hostlen; 3518 unsigned long long baseport = 0; 3519 InetSocketAddress *inet; 3520 3521 port = strrchr(addrstr, ':'); 3522 if (!port) { 3523 if (websocket) { 3524 hostlen = 0; 3525 port = addrstr; 3526 } else { 3527 error_setg(errp, "no vnc port specified"); 3528 goto cleanup; 3529 } 3530 } else { 3531 hostlen = port - addrstr; 3532 port++; 3533 if (*port == '\0') { 3534 error_setg(errp, "vnc port cannot be empty"); 3535 goto cleanup; 3536 } 3537 } 3538 3539 addr->type = SOCKET_ADDRESS_TYPE_INET; 3540 inet = &addr->u.inet; 3541 if (addrstr[0] == '[' && addrstr[hostlen - 1] == ']') { 3542 inet->host = g_strndup(addrstr + 1, hostlen - 2); 3543 } else { 3544 inet->host = g_strndup(addrstr, hostlen); 3545 } 3546 /* plain VNC port is just an offset, for websocket 3547 * port is absolute */ 3548 if (websocket) { 3549 if (g_str_equal(addrstr, "") || 3550 g_str_equal(addrstr, "on")) { 3551 if (displaynum == -1) { 3552 error_setg(errp, "explicit websocket port is required"); 3553 goto cleanup; 3554 } 3555 inet->port = g_strdup_printf( 3556 "%d", displaynum + 5700); 3557 if (to) { 3558 inet->has_to = true; 3559 inet->to = to + 5700; 3560 } 3561 } else { 3562 inet->port = g_strdup(port); 3563 } 3564 } else { 3565 int offset = reverse ? 0 : 5900; 3566 if (parse_uint_full(port, &baseport, 10) < 0) { 3567 error_setg(errp, "can't convert to a number: %s", port); 3568 goto cleanup; 3569 } 3570 if (baseport > 65535 || 3571 baseport + offset > 65535) { 3572 error_setg(errp, "port %s out of range", port); 3573 goto cleanup; 3574 } 3575 inet->port = g_strdup_printf( 3576 "%d", (int)baseport + offset); 3577 3578 if (to) { 3579 inet->has_to = true; 3580 inet->to = to + offset; 3581 } 3582 } 3583 3584 inet->ipv4 = ipv4; 3585 inet->has_ipv4 = has_ipv4; 3586 inet->ipv6 = ipv6; 3587 inet->has_ipv6 = has_ipv6; 3588 3589 ret = baseport; 3590 } 3591 3592 *retaddr = addr; 3593 3594 cleanup: 3595 if (ret < 0) { 3596 qapi_free_SocketAddress(addr); 3597 } 3598 return ret; 3599 } 3600 3601 static void vnc_free_addresses(SocketAddress ***retsaddr, 3602 size_t *retnsaddr) 3603 { 3604 size_t i; 3605 3606 for (i = 0; i < *retnsaddr; i++) { 3607 qapi_free_SocketAddress((*retsaddr)[i]); 3608 } 3609 g_free(*retsaddr); 3610 3611 *retsaddr = NULL; 3612 *retnsaddr = 0; 3613 } 3614 3615 static int vnc_display_get_addresses(QemuOpts *opts, 3616 bool reverse, 3617 SocketAddress ***retsaddr, 3618 size_t *retnsaddr, 3619 SocketAddress ***retwsaddr, 3620 size_t *retnwsaddr, 3621 Error **errp) 3622 { 3623 SocketAddress *saddr = NULL; 3624 SocketAddress *wsaddr = NULL; 3625 QemuOptsIter addriter; 3626 const char *addr; 3627 int to = qemu_opt_get_number(opts, "to", 0); 3628 bool has_ipv4 = qemu_opt_get(opts, "ipv4"); 3629 bool has_ipv6 = qemu_opt_get(opts, "ipv6"); 3630 bool ipv4 = qemu_opt_get_bool(opts, "ipv4", false); 3631 bool ipv6 = qemu_opt_get_bool(opts, "ipv6", false); 3632 int displaynum = -1; 3633 int ret = -1; 3634 3635 *retsaddr = NULL; 3636 *retnsaddr = 0; 3637 *retwsaddr = NULL; 3638 *retnwsaddr = 0; 3639 3640 addr = qemu_opt_get(opts, "vnc"); 3641 if (addr == NULL || g_str_equal(addr, "none")) { 3642 ret = 0; 3643 goto cleanup; 3644 } 3645 if (qemu_opt_get(opts, "websocket") && 3646 !qcrypto_hash_supports(QCRYPTO_HASH_ALG_SHA1)) { 3647 error_setg(errp, 3648 "SHA1 hash support is required for websockets"); 3649 goto cleanup; 3650 } 3651 3652 qemu_opt_iter_init(&addriter, opts, "vnc"); 3653 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) { 3654 int rv; 3655 rv = vnc_display_get_address(addr, false, reverse, 0, to, 3656 has_ipv4, has_ipv6, 3657 ipv4, ipv6, 3658 &saddr, errp); 3659 if (rv < 0) { 3660 goto cleanup; 3661 } 3662 /* Historical compat - first listen address can be used 3663 * to set the default websocket port 3664 */ 3665 if (displaynum == -1) { 3666 displaynum = rv; 3667 } 3668 *retsaddr = g_renew(SocketAddress *, *retsaddr, *retnsaddr + 1); 3669 (*retsaddr)[(*retnsaddr)++] = saddr; 3670 } 3671 3672 /* If we had multiple primary displays, we don't do defaults 3673 * for websocket, and require explicit config instead. */ 3674 if (*retnsaddr > 1) { 3675 displaynum = -1; 3676 } 3677 3678 qemu_opt_iter_init(&addriter, opts, "websocket"); 3679 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) { 3680 if (vnc_display_get_address(addr, true, reverse, displaynum, to, 3681 has_ipv4, has_ipv6, 3682 ipv4, ipv6, 3683 &wsaddr, errp) < 0) { 3684 goto cleanup; 3685 } 3686 3687 /* Historical compat - if only a single listen address was 3688 * provided, then this is used to set the default listen 3689 * address for websocket too 3690 */ 3691 if (*retnsaddr == 1 && 3692 (*retsaddr)[0]->type == SOCKET_ADDRESS_TYPE_INET && 3693 wsaddr->type == SOCKET_ADDRESS_TYPE_INET && 3694 g_str_equal(wsaddr->u.inet.host, "") && 3695 !g_str_equal((*retsaddr)[0]->u.inet.host, "")) { 3696 g_free(wsaddr->u.inet.host); 3697 wsaddr->u.inet.host = g_strdup((*retsaddr)[0]->u.inet.host); 3698 } 3699 3700 *retwsaddr = g_renew(SocketAddress *, *retwsaddr, *retnwsaddr + 1); 3701 (*retwsaddr)[(*retnwsaddr)++] = wsaddr; 3702 } 3703 3704 ret = 0; 3705 cleanup: 3706 if (ret < 0) { 3707 vnc_free_addresses(retsaddr, retnsaddr); 3708 vnc_free_addresses(retwsaddr, retnwsaddr); 3709 } 3710 return ret; 3711 } 3712 3713 static int vnc_display_connect(VncDisplay *vd, 3714 SocketAddress **saddr, 3715 size_t nsaddr, 3716 SocketAddress **wsaddr, 3717 size_t nwsaddr, 3718 Error **errp) 3719 { 3720 /* connect to viewer */ 3721 QIOChannelSocket *sioc = NULL; 3722 if (nwsaddr != 0) { 3723 error_setg(errp, "Cannot use websockets in reverse mode"); 3724 return -1; 3725 } 3726 if (nsaddr != 1) { 3727 error_setg(errp, "Expected a single address in reverse mode"); 3728 return -1; 3729 } 3730 /* TODO SOCKET_ADDRESS_TYPE_FD when fd has AF_UNIX */ 3731 vd->is_unix = saddr[0]->type == SOCKET_ADDRESS_TYPE_UNIX; 3732 sioc = qio_channel_socket_new(); 3733 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-reverse"); 3734 if (qio_channel_socket_connect_sync(sioc, saddr[0], errp) < 0) { 3735 return -1; 3736 } 3737 vnc_connect(vd, sioc, false, false); 3738 object_unref(OBJECT(sioc)); 3739 return 0; 3740 } 3741 3742 3743 static int vnc_display_listen(VncDisplay *vd, 3744 SocketAddress **saddr, 3745 size_t nsaddr, 3746 SocketAddress **wsaddr, 3747 size_t nwsaddr, 3748 Error **errp) 3749 { 3750 size_t i; 3751 3752 if (nsaddr) { 3753 vd->listener = qio_net_listener_new(); 3754 qio_net_listener_set_name(vd->listener, "vnc-listen"); 3755 for (i = 0; i < nsaddr; i++) { 3756 if (qio_net_listener_open_sync(vd->listener, 3757 saddr[i], 3758 errp) < 0) { 3759 return -1; 3760 } 3761 } 3762 3763 qio_net_listener_set_client_func(vd->listener, 3764 vnc_listen_io, vd, NULL); 3765 } 3766 3767 if (nwsaddr) { 3768 vd->wslistener = qio_net_listener_new(); 3769 qio_net_listener_set_name(vd->wslistener, "vnc-ws-listen"); 3770 for (i = 0; i < nwsaddr; i++) { 3771 if (qio_net_listener_open_sync(vd->wslistener, 3772 wsaddr[i], 3773 errp) < 0) { 3774 return -1; 3775 } 3776 } 3777 3778 qio_net_listener_set_client_func(vd->wslistener, 3779 vnc_listen_io, vd, NULL); 3780 } 3781 3782 return 0; 3783 } 3784 3785 3786 void vnc_display_open(const char *id, Error **errp) 3787 { 3788 VncDisplay *vd = vnc_display_find(id); 3789 QemuOpts *opts = qemu_opts_find(&qemu_vnc_opts, id); 3790 SocketAddress **saddr = NULL, **wsaddr = NULL; 3791 size_t nsaddr, nwsaddr; 3792 const char *share, *device_id; 3793 QemuConsole *con; 3794 bool password = false; 3795 bool reverse = false; 3796 const char *credid; 3797 bool sasl = false; 3798 int acl = 0; 3799 int lock_key_sync = 1; 3800 int key_delay_ms; 3801 3802 if (!vd) { 3803 error_setg(errp, "VNC display not active"); 3804 return; 3805 } 3806 vnc_display_close(vd); 3807 3808 if (!opts) { 3809 return; 3810 } 3811 3812 reverse = qemu_opt_get_bool(opts, "reverse", false); 3813 if (vnc_display_get_addresses(opts, reverse, &saddr, &nsaddr, 3814 &wsaddr, &nwsaddr, errp) < 0) { 3815 goto fail; 3816 } 3817 3818 password = qemu_opt_get_bool(opts, "password", false); 3819 if (password) { 3820 if (fips_get_state()) { 3821 error_setg(errp, 3822 "VNC password auth disabled due to FIPS mode, " 3823 "consider using the VeNCrypt or SASL authentication " 3824 "methods as an alternative"); 3825 goto fail; 3826 } 3827 if (!qcrypto_cipher_supports( 3828 QCRYPTO_CIPHER_ALG_DES_RFB, QCRYPTO_CIPHER_MODE_ECB)) { 3829 error_setg(errp, 3830 "Cipher backend does not support DES RFB algorithm"); 3831 goto fail; 3832 } 3833 } 3834 3835 lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true); 3836 key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 10); 3837 sasl = qemu_opt_get_bool(opts, "sasl", false); 3838 #ifndef CONFIG_VNC_SASL 3839 if (sasl) { 3840 error_setg(errp, "VNC SASL auth requires cyrus-sasl support"); 3841 goto fail; 3842 } 3843 #endif /* CONFIG_VNC_SASL */ 3844 credid = qemu_opt_get(opts, "tls-creds"); 3845 if (credid) { 3846 Object *creds; 3847 creds = object_resolve_path_component( 3848 object_get_objects_root(), credid); 3849 if (!creds) { 3850 error_setg(errp, "No TLS credentials with id '%s'", 3851 credid); 3852 goto fail; 3853 } 3854 vd->tlscreds = (QCryptoTLSCreds *) 3855 object_dynamic_cast(creds, 3856 TYPE_QCRYPTO_TLS_CREDS); 3857 if (!vd->tlscreds) { 3858 error_setg(errp, "Object with id '%s' is not TLS credentials", 3859 credid); 3860 goto fail; 3861 } 3862 object_ref(OBJECT(vd->tlscreds)); 3863 3864 if (vd->tlscreds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) { 3865 error_setg(errp, 3866 "Expecting TLS credentials with a server endpoint"); 3867 goto fail; 3868 } 3869 } 3870 acl = qemu_opt_get_bool(opts, "acl", false); 3871 3872 share = qemu_opt_get(opts, "share"); 3873 if (share) { 3874 if (strcmp(share, "ignore") == 0) { 3875 vd->share_policy = VNC_SHARE_POLICY_IGNORE; 3876 } else if (strcmp(share, "allow-exclusive") == 0) { 3877 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 3878 } else if (strcmp(share, "force-shared") == 0) { 3879 vd->share_policy = VNC_SHARE_POLICY_FORCE_SHARED; 3880 } else { 3881 error_setg(errp, "unknown vnc share= option"); 3882 goto fail; 3883 } 3884 } else { 3885 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 3886 } 3887 vd->connections_limit = qemu_opt_get_number(opts, "connections", 32); 3888 3889 #ifdef CONFIG_VNC_JPEG 3890 vd->lossy = qemu_opt_get_bool(opts, "lossy", false); 3891 #endif 3892 vd->non_adaptive = qemu_opt_get_bool(opts, "non-adaptive", false); 3893 /* adaptive updates are only used with tight encoding and 3894 * if lossy updates are enabled so we can disable all the 3895 * calculations otherwise */ 3896 if (!vd->lossy) { 3897 vd->non_adaptive = true; 3898 } 3899 3900 if (acl) { 3901 if (strcmp(vd->id, "default") == 0) { 3902 vd->tlsauthzid = g_strdup("vnc.x509dname"); 3903 } else { 3904 vd->tlsauthzid = g_strdup_printf("vnc.%s.x509dname", vd->id); 3905 } 3906 vd->tlsauthz = QAUTHZ(qauthz_list_new(vd->tlsauthzid, 3907 QAUTHZ_LIST_POLICY_DENY, 3908 &error_abort)); 3909 } 3910 #ifdef CONFIG_VNC_SASL 3911 if (acl && sasl) { 3912 if (strcmp(vd->id, "default") == 0) { 3913 vd->sasl.authzid = g_strdup("vnc.username"); 3914 } else { 3915 vd->sasl.authzid = g_strdup_printf("vnc.%s.username", vd->id); 3916 } 3917 vd->sasl.authz = QAUTHZ(qauthz_list_new(vd->sasl.authzid, 3918 QAUTHZ_LIST_POLICY_DENY, 3919 &error_abort)); 3920 } 3921 #endif 3922 3923 if (vnc_display_setup_auth(&vd->auth, &vd->subauth, 3924 vd->tlscreds, password, 3925 sasl, false, errp) < 0) { 3926 goto fail; 3927 } 3928 trace_vnc_auth_init(vd, 0, vd->auth, vd->subauth); 3929 3930 if (vnc_display_setup_auth(&vd->ws_auth, &vd->ws_subauth, 3931 vd->tlscreds, password, 3932 sasl, true, errp) < 0) { 3933 goto fail; 3934 } 3935 trace_vnc_auth_init(vd, 1, vd->ws_auth, vd->ws_subauth); 3936 3937 #ifdef CONFIG_VNC_SASL 3938 if (sasl) { 3939 int saslErr = sasl_server_init(NULL, "qemu"); 3940 3941 if (saslErr != SASL_OK) { 3942 error_setg(errp, "Failed to initialize SASL auth: %s", 3943 sasl_errstring(saslErr, NULL, NULL)); 3944 goto fail; 3945 } 3946 } 3947 #endif 3948 vd->lock_key_sync = lock_key_sync; 3949 if (lock_key_sync) { 3950 vd->led = qemu_add_led_event_handler(kbd_leds, vd); 3951 } 3952 vd->ledstate = 0; 3953 3954 device_id = qemu_opt_get(opts, "display"); 3955 if (device_id) { 3956 int head = qemu_opt_get_number(opts, "head", 0); 3957 Error *err = NULL; 3958 3959 con = qemu_console_lookup_by_device_name(device_id, head, &err); 3960 if (err) { 3961 error_propagate(errp, err); 3962 goto fail; 3963 } 3964 } else { 3965 con = NULL; 3966 } 3967 3968 if (con != vd->dcl.con) { 3969 qkbd_state_free(vd->kbd); 3970 unregister_displaychangelistener(&vd->dcl); 3971 vd->dcl.con = con; 3972 register_displaychangelistener(&vd->dcl); 3973 vd->kbd = qkbd_state_init(vd->dcl.con); 3974 } 3975 qkbd_state_set_delay(vd->kbd, key_delay_ms); 3976 3977 if (saddr == NULL) { 3978 goto cleanup; 3979 } 3980 3981 if (reverse) { 3982 if (vnc_display_connect(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) { 3983 goto fail; 3984 } 3985 } else { 3986 if (vnc_display_listen(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) { 3987 goto fail; 3988 } 3989 } 3990 3991 if (qemu_opt_get(opts, "to")) { 3992 vnc_display_print_local_addr(vd); 3993 } 3994 3995 cleanup: 3996 vnc_free_addresses(&saddr, &nsaddr); 3997 vnc_free_addresses(&wsaddr, &nwsaddr); 3998 return; 3999 4000 fail: 4001 vnc_display_close(vd); 4002 goto cleanup; 4003 } 4004 4005 void vnc_display_add_client(const char *id, int csock, bool skipauth) 4006 { 4007 VncDisplay *vd = vnc_display_find(id); 4008 QIOChannelSocket *sioc; 4009 4010 if (!vd) { 4011 return; 4012 } 4013 4014 sioc = qio_channel_socket_new_fd(csock, NULL); 4015 if (sioc) { 4016 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-server"); 4017 vnc_connect(vd, sioc, skipauth, false); 4018 object_unref(OBJECT(sioc)); 4019 } 4020 } 4021 4022 static void vnc_auto_assign_id(QemuOptsList *olist, QemuOpts *opts) 4023 { 4024 int i = 2; 4025 char *id; 4026 4027 id = g_strdup("default"); 4028 while (qemu_opts_find(olist, id)) { 4029 g_free(id); 4030 id = g_strdup_printf("vnc%d", i++); 4031 } 4032 qemu_opts_set_id(opts, id); 4033 } 4034 4035 QemuOpts *vnc_parse(const char *str, Error **errp) 4036 { 4037 QemuOptsList *olist = qemu_find_opts("vnc"); 4038 QemuOpts *opts = qemu_opts_parse(olist, str, true, errp); 4039 const char *id; 4040 4041 if (!opts) { 4042 return NULL; 4043 } 4044 4045 id = qemu_opts_id(opts); 4046 if (!id) { 4047 /* auto-assign id if not present */ 4048 vnc_auto_assign_id(olist, opts); 4049 } 4050 return opts; 4051 } 4052 4053 int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp) 4054 { 4055 Error *local_err = NULL; 4056 char *id = (char *)qemu_opts_id(opts); 4057 4058 assert(id); 4059 vnc_display_init(id, &local_err); 4060 if (local_err) { 4061 error_propagate(errp, local_err); 4062 return -1; 4063 } 4064 vnc_display_open(id, &local_err); 4065 if (local_err != NULL) { 4066 error_propagate(errp, local_err); 4067 return -1; 4068 } 4069 return 0; 4070 } 4071 4072 static void vnc_register_config(void) 4073 { 4074 qemu_add_opts(&qemu_vnc_opts); 4075 } 4076 opts_init(vnc_register_config); 4077