Commit Graph

79 Commits

Author SHA1 Message Date
Stefan Weil
23bfe28fff vnc: Fix stack corruption and other bitmap related bugs
Commit bc2429b917 introduced
a severe bug (stack corruption).

bitmap_clear was called with a wrong argument
which caused out-of-bound writes to the local variable width_mask.

This bug was detected with QEMU running on windows.
It also occurs with wine:

*** stack smashing detected ***:  terminated
wine: Unhandled illegal instruction at address 0x6115c7 (thread 0009), starting debugger...

The bug is not windows specific!

Instead of fixing the wrong parameter value, bitmap_clear(), bitmap_set
and width_mask were removed, and bitmap_intersect() was replaced by
!bitmap_empty(). The new operation is much shorter and equivalent to
the old operations.

The declarations of the dirty bitmaps in vnc.h were also wrong for 64 bit
hosts because of a rounding effect: for these hosts, VNC_MAX_WIDTH is no
longer a multiple of (16 * BITS_PER_LONG), so the rounded value of
VNC_DIRTY_WORDS was too small.

Fix both declarations by using the macro which is designed for this
purpose.

Cc: Corentin Chary <corentincj@iksaif.net>
Cc: Wen Congyang <wency@cn.fujitsu.com>
Cc: Gerhard Wiesinger <lists@wiesinger.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-03-10 16:12:25 -06:00
Corentin Chary
c53af37f37 vnc: fix a memory leak in threaded vnc server
VncJobQueue's buffer is intended to be used for
as the output buffer for all operations in this queue,
but unfortunatly.

vnc_async_encoding_start() is in charge of setting this
buffer as the current output buffer, but
vnc_async_encoding_end() was not writting the changes back
to VncJobQueue, resulting in a big and ugly memleak.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-25 16:04:43 -06:00
Peter Maydell
cf76a1ce8b ui/vnc-enc-tight.c: Fix compile failure if CONFIG_VNC_JPEG not defined
Add some missing #ifdefs to fix compilation failures in the !CONFIG_VNC_JPEG
case introduced by commit ce702e93.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-24 11:25:38 -06:00
Stefan Weil
5db8378a77 vnc: Fix fatal crash with vnc reverse mode
Reverse mode is unusable:

	qemu -vnc localhost:5500,reverse

crashes in vnc_refresh_server_surface because some pointers are NULL.

Fix this by calling vnc_dpy_resize (which initializes these pointers)
before calling vnc_refresh.

Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:29 -06:00
Corentin Chary
80e0c8c39b vnc: add a non-adaptive option
This option allow to disable adaptive behaviors in some encodings.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:29 -06:00
Corentin Chary
8cb4a6b755 vnc: tight: tweak adaptive tight settings
The force_jpeg threshold was too low.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:29 -06:00
Corentin Chary
6c71a539c3 vnc: don't try to send bigger updates that client height
Respect client size if it doesn't not support desktop resizing.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:29 -06:00
Corentin Chary
bc2429b917 vnc: use the new generic bitmap functions
Switch to bitmap.h and bitops.h instead of redefining our own bitmap
helpers.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:29 -06:00
Corentin Chary
207f328afc vnc: fix lossy rect refreshing
The for loop in send_lossy_rect was totally wrong, and we can't
call vnc_set_bits() because it does not really do what it should.
Use vnc_set_bit() directly instead.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:29 -06:00
Corentin Chary
368d25881c vnc: fix uint8_t comparisons with negative values
Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:28 -06:00
Corentin Chary
148954faca vnc: Add ZRLE and ZYWRLE encodings.
Add ZRLE [1] and ZYWRLE [2] encodings. The code is inspire^W stolen
from libvncserver (again), but have been rewriten to match QEMU coding
style.

[1] http://www.realvnc.com/docs/rfbproto.pdf
[2] http://micro-vnc.jp/research/remote_desktop_ng/ZYWRLE/publications/

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:28 -06:00
Corentin Chary
f8562e326b vnc: palette: and fill and color calls.
These two helpers are needed for zrle and zywrle.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:28 -06:00
Corentin Chary
72aefb76f9 vnc: palette: add palette_init calls
This allow to use palette on the stack instead of always
allocating them.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:28 -06:00
Corentin Chary
e31e3694af vnc: palette: use a pool to reduce memory allocations
We now that the palette will never have more than 256
elements. Let's use a pool to reduce malloc calls.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:28 -06:00
Corentin Chary
ce702e93b0 vnc: tight: use the update frequency to choose between lossy and lossless
Use the new update frequency infrastructure to use jpeg for regions with
high update frequency.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:28 -06:00
Corentin Chary
7d964c9d2f vnc: refresh lossy rect after a given timeout
If an adaptive encoding has choosen to send a lossy update
based on the result of vnc_update_freq(), then it should advertise
it with vnc_sent_lossy_rect(). This will allow to automatically refresh
this rect once it's static again.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:28 -06:00
Corentin Chary
999342a0fe vnc: add a way to get the update frequency for a given region
This patch compute the update frequency (in Hz) for each 64x64 rects.
Any adaptive encoding can get this value using vnc_update_freq(), and
switch to a lossy encoding if the value is too high.

The frequency is pre-calculated every 500ms, based on the last 10
updates per 64x64 rect.

If a 64x64 rect was not updated in the last 2 second, then the frequency
became 0, and all the stored timestamp are reseted.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:28 -06:00
Corentin Chary
b31f519e27 vnc: don't set the quality if lossy encoding are disabled
This should not change the current behavior, but if any new
encoding try to use the tight quality, it will always be set
to -1 when lossy encodings are disabled.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:28 -06:00
Corentin Chary
73eb4c04e9 vnc: qemu can die if the client is disconnected while updating screen
agraf reported that qemu_mutex_destroy(vs->output_mutex) while failing
in vnc_disconnect_finish().

It's because vnc_worker_thread_loop() tries to unlock the mutex while
not locked. The unlocking call doesn't fail (pthread bug ?), but
the destroy call does.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-04 06:33:26 -06:00
Stefan Weil
4e79bcbb96 ui/sdl: Fix handling of caps lock and num lock keys
Starting with SDL version 1.2.14, caps lock and num lock keys
will send a SDL_KEYUP when SDL_DISABLE_LOCK_KEYS=1 is set in
the environment.

The new code sets the environment unconditionally
(it won't harm old versions which do not know it).

The workaround for SDL_KEYUP is only compiled with old SDL versions.

A similar patch without handling of old SDL versions was already
published by Benjamin Drung for Ubuntu.

Cc: Anthony Liguori <aliguori@us.ibm.com>
Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Benjamin Drung <benjamin.drung@gmail.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-04 06:33:26 -06:00
Anthony Liguori
9363ee31ab Merge remote branch 'spice/spice.v29.pull' into staging
Conflicts:
	trace-events
2011-02-01 15:22:48 -06:00
Anthony Liguori
cfb41c82ab Merge remote branch 'spice/usb.5' into staging 2011-02-01 15:21:23 -06:00
Anthony Liguori
1cd20f8bf0 vnc: Fix password expiration through 'change vnc ""' (v2)
commit 52c18be9e9 introduced a regression in the
change vnc password command that changed the behavior of setting the VNC
password to an empty string from disabling login to disabling authentication.

This commit refactors the code to eliminate this overloaded semantics in
vnc_display_password and instead introduces the vnc_display_disable_login.   The
monitor implementation then determines the behavior of an empty or missing
string.

Recently, a set_password command was added that allows both the Spice and VNC
password to be set.  This command has not shown up in a release yet so the
behavior is not yet defined.

This patch proposes that an empty password be treated as an empty password with
no special handling.  For specifically disabling login, I believe a new command
should be introduced instead of overloading semantics.

I'm not sure how Spice handles this but I would recommend that we have Spice
and VNC have consistent semantics here for the 0.14.0 release.

Reported-by: Neil Wilson <neil@aldur.co.uk>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
v1 -> v2
 - Add a proper return to make sure that login is really disabled instead of
   relying on the VNC server to treat empty passwords specially
2011-02-01 15:16:48 -06:00
Blue Swirl
1b958498ac sdl: remove unused variable
Variable rec is not used, remove it. Spotted by GCC 4.6.0:
  CC    ui/sdl.o
/src/qemu/ui/sdl.c: In function 'sdl_setdata':
/src/qemu/ui/sdl.c:90:14: error: variable 'rec' set but not used [-Werror=unused-but-set-variable]

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-01-29 22:52:33 +00:00
Gerd Hoffmann
9892088b52 vnc: fix numlock+capslock tracking
This patch makes the numlock+capslock tracking logic only look at
keydown events.  Without this patch the vnc server will insert
bogous capslock keypress in case it sees the following key sequence:

  shift down --- 'A' down --- shift up  --- 'A' up
                                         ^ here

It doesn't hurt with a PS/2 keyboard, but it disturbs the USB Keyboard.
And with the key event queue just added to the usb keyboard the guest
will actually notice.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-01-24 17:21:34 +01:00
Alon Levy
cbcc6336ce spice: add chardev (v5)
Adding a chardev backend for spice, where spice determines what
to do with it based on the name attribute given during chardev creation.
For usage by spice vdagent in conjunction with a properly named
virtio-serial device, and future smartcard channel usage.

Example usage:
 qemu -device virtio-serial -chardev spicevmc,name=vdagent,id=vdagent \
 -device virtserialport,chardev=vdagent,name=com.redhat.spice.0

v4->v5:
 * add tracing events
 * fix missing comma
 * fix help string to show debug is optional

v3->v4:
 * updated commit message

v1->v3 changes: (v2 had a wrong commit message)
 * removed spice-qemu-char.h, folded into ui/qemu-spice.h
 * removed dead IOCTL code
 * removed comment
 * removed ifdef CONFIG_SPICE from qemu-config.c and qemu-options.hx help.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-01-24 15:41:40 +01:00
Gerd Hoffmann
e866e23959 spice/vnc: client migration.
Handle spice client migration, i.e. inform a spice client connected
about the new host and connection parameters, so it can move over the
connection automatically.

The monitor command has a not-yet used protocol argument simliar to
set_password and expire_password commands.  This allows to add a simliar
feature to vnc in the future.  Daniel Berrange plans to work on this.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-01-24 15:13:54 +01:00
Blue Swirl
64b85a8f23 Delete useless 'extern' qualifiers for functions
'extern' qualifier is useless for function declarations. Delete
them.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-01-23 16:21:20 +00:00
Blue Swirl
8ce7d35273 vnc-auth-sasl: fix a memory leak
Fix a memory leak reported by cppcheck:
[/src/qemu/ui/vnc-auth-sasl.c:448]: (error) Memory leak: mechname

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-01-12 19:48:56 +00:00
Gerd Hoffmann
7572150c18 vnc/spice: add set_passwd monitor command.
This patch adds new set_password and expire_password monitor commands
which allows to change and expire the password for spice and vnc
connections.  See the doc update patch chunk for details.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-12-09 14:23:25 +01:00
Gerd Hoffmann
3c9405a0f7 vnc: support password expire
This patch adds support for expiring passwords to vnc.  It adds a new
vnc_display_pw_expire() function which specifies the time when the
password will expire.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-12-09 14:23:24 +01:00
Gerd Hoffmann
6bffdf0f83 vnc: auth reject cleanup
protocol_client_auth_vnc() has two places where the auth can fail,
with identical code sending the reject message to the client.
Move the common code to the end of the function and make both
error paths jump there.  No functional change.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-12-09 14:23:24 +01:00
Gerd Hoffmann
cb42a870c3 spice: add qmp 'query-spice' and hmp 'info spice' commands.
The patch adds a 'query-spice' monitor command which returns
informations about the spice server configuration and also a list of
channel connections.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-12-09 14:23:24 +01:00
Gerd Hoffmann
6f8c63fbd7 spice: connection events.
This patch adds support for connection events to spice.  The events are
quite simliar to the vnc events.  Unlike vnc spice uses multiple tcp
channels though.  qemu will report every single tcp connection (aka
spice channel).  If you want track spice sessions only you can filter
for the main channel (channel-type == 1).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-12-09 14:23:24 +01:00
Gerd Hoffmann
a19cbfb346 spice: add qxl device
qxl is a paravirtual graphics card.  The qxl device is the bridge
between the guest and the spice server (aka libspice-server).  The
spice server will send the rendering commands to the spice client, which
will actually render them.

The spice server is also able to render locally, which is done in case
the guest wants read something from video memory.  Local rendering is
also used to support display over vnc and sdl.

qxl is activated using "-vga qxl".  qxl supports multihead, additional
cards can be added via '-device qxl".

[ v2: add copyright to files                     ]
[ v2: use qemu-common.h for standard includes    ]
[ v2: create separate qxl-vga device for primary ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-12-09 14:23:24 +01:00
Anthony Liguori
43ae691e77 Merge remote branch 'spice/bugfix.2' into staging 2010-11-16 14:11:05 -06:00
Gerd Hoffmann
3e31375378 spice: add audio
Add support for the spice audio interface.  With this patch applied
audio can be forwarded over the network from/to the spice client.  Both
recording and playback is supported.

The driver is first in the driver list, but the can_be_default flag is
set only in case spice is active.  So if you have the spice protocol
enabled the spice audio driver is the default one, otherwise whatever
comes first after spice in the list.  Overriding the default using
QEMU_AUDIO_DRV works in any case.

[ v2: audio codestyle: add spaces before open parenthesis ]
[ v2: add const to silence array ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Cc: malc <av1474@comtv.ru>
Signed-off-by: malc <av1474@comtv.ru>
2010-11-09 23:39:30 +03:00
Gerd Hoffmann
7466bc4910 spice-display: replace private lock with qemu mutex.
qemu_spice_create_update() must aquire the global qemu mutex to
make sure DisplayState doesn't change while we are accessing it.

Once this is in place the private lock is pretty pointless as
everything it protects is covered by the global qemu mutex now.
Drop it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-11-02 12:43:04 +01:00
Gerd Hoffmann
f61d69607d spice-core: fix warning when building with spice < 0.6.0
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-11-02 12:42:54 +01:00
Hans de Goede
3d6d306c10 spice-core: fix watching for write events
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-11-02 12:42:45 +01:00
Anthony Liguori
2d8418ba8a Merge remote branch 'spice/config.2' into staging 2010-11-01 13:02:56 -05:00
Stefan Weil
2c80e42395 Replace remaining gcc format attributes by macro GCC_FMT_ATTR (format checking)
Replace the remaining format attribute printf by macro
GCC_FMT_ATTR which uses gnu_printf (if supported).

v2
* Removal of dyngen specific code is now done in a separate patch.
* Handle attribute in new ui/spice-display.c, too.

Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-10-22 17:11:33 +00:00
Samuel Thibault
d03703c81a curses: Fix control-{@[\]^_} and ESC
control-{@[\]^_} shouldn't get the 'a' - 'A' offset for correct
translation. ESC is better simulated as escape key.

Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Signed-off-by: Andrew Zaborowski <balrogg@gmail.com>
2010-10-21 18:31:28 +02:00
Blue Swirl
2ded6ad761 vnc: avoid write only variables
Compiling with GCC 4.6.0 20100925 produced warnings:
/src/qemu/ui/vnc.c: In function 'vnc_client_cache_auth':
/src/qemu/ui/vnc.c:217:12: error: variable 'qdict' set but not used [-Werror=unused-but-set-variable]
/src/qemu/ui/vnc.c: In function 'vnc_display_open':
/src/qemu/ui/vnc.c:2526:9: error: variable 'acl' set but not used [-Werror=unused-but-set-variable]

Fix by making the variable declarations and their uses also conditional
to debug definition.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-10-13 18:43:17 +00:00
Gerd Hoffmann
84a23f251f spice: add misc config options
This patch adds a few more options to tweak spice server behavior.
The documentation update chunk has the details ;)
2010-10-08 12:49:51 +02:00
Gerd Hoffmann
333b0eebcc spice: add config options for the listening address
Make listening address configurable.  Also add options to
force using IPv4 or IPv6.
2010-10-08 12:49:51 +02:00
Gerd Hoffmann
17b6dea08b spice: add config options for channel security.
This allows to enforce tls or plaintext usage for certain spice
channels.

[ v2: code style fixup ]
2010-10-08 12:49:51 +02:00
Yonit Halperin
9f04e09e36 spice: make compression configurable.
This patch adds options to the -spice command line switch to
configure image compression.

[ v2: speling fix in the documentation ]
2010-10-08 12:49:51 +02:00
Gerd Hoffmann
c448e8552b spice: tls support
Add options to the -spice command line switch to setup tls.
2010-10-08 12:49:51 +02:00
Anthony Liguori
4447d60968 Merge remote branch 'spice/submit.6' into staging
Conflicts:
	configure

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-10-05 14:14:19 -05:00