Commit Graph

967 Commits

Author SHA1 Message Date
John Arbuckle
a1dbc05a6f ui/cocoa.m: eliminate normalWindow warning
Eliminate this warning associated with the setting of the normalWindow's title:

ui/cocoa.m: In function '-[QemuCocoaAppController init]':
ui/cocoa.m:888:9: warning: format not a string literal and no format arguments
 [-Wformat-security]
         [normalWindow setTitle:[NSString stringWithFormat:@"QEMU"]];

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Message-id: 57057D6E-C108-4AE1-8370-E7E6855B2F2C@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-13 21:51:18 +01:00
Gerd Hoffmann
925a040002 gtk/opengl: add opengl context and scanout support (GtkGLArea)
This allows virtio-gpu to render in 3d mode.
Uses native opengl support which is present
in gtk versions 3.16 and newer.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-10-08 10:34:53 +02:00
Gerd Hoffmann
4782aeb79f gtk/opengl: add opengl context and scanout support (egl)
This allows virtio-gpu to render in 3d mode.
Uses egl, for gtk versions 3.14 and older.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2015-10-08 10:34:53 +02:00
Gerd Hoffmann
6c18744d0f opengl: add egl-context.[ch] helpers
Add helper functions to manage opengl contexts using egl.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2015-10-08 10:34:53 +02:00
Gerd Hoffmann
06020b950c ui/console: add opengl context and scanout support interfaces.
Add callbacks for opengl context management and scanout texture
configuration to DisplayChangeListenerOps.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2015-10-08 10:31:35 +02:00
Gerd Hoffmann
136a8d9d44 sdl2: stop flickering
Optimizing updates by copying the dirty rectangle
only do not work because of double-buffering.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2015-10-08 10:31:35 +02:00
Gerd Hoffmann
c046d82844 shaders: initialize vertexes once
Create a buffer for the vertex data and place vertexes
there at initialization time.  Then just use the buffer
for each texture blit.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2015-10-08 10:31:35 +02:00
John Arbuckle
365d7f3c7a ui/cocoa.m: remove open dialog code
Removes the open dialog code that runs when no arguments are supplied with QEMU.
Not everyone needs a hard drive or cdrom to boot their target. A user might only
need to use their target's bios to do work. With that said, this patch removes
the unneeded open dialog code.

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Message-id: 33856864-321C-4367-9170-FB0BF81E789B@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-25 23:14:00 +01:00
John Arbuckle
3b178b7130 ui/cocoa.m: prevent stuck key situation
When the user puts QEMU in the background while holding
down a key, QEMU will not receive the keyup event when
the user lets go of the key. When the user goes back to
QEMU, QEMU will think the key is still down causing
stuck key symptoms. This patch fixes this problem by
releasing all down keys when QEMU goes into the
background.

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Message-id: 7A3FA6EE-84C8-4422-A786-C899B7229D32@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-25 23:14:00 +01:00
John Arbuckle
d9bc14f63e ui/cocoa.m: verify with user before quitting QEMU
This patch prevents the user from accidentally quitting QEMU by pushing
Command-Q or by pushing the close button on the main window. When
the user does one of these two things, a dialog box appears verifying
with the user if he or she wants to quit QEMU.

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Message-id: 29169A74-0347-47F5-934F-A5AD24C225CA@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-25 23:13:59 +01:00
Daniel P. Berrange
c8f3f17cf1 gtk: avoid redefining _WIN32_WINNT macro
When building for Mingw64 target on Fedora 22 a warning
is issued about _WIN32_WINNT being redefined.

In file included from ui/gtk.c:40:0:
include/ui/gtk.h:5:0: warning: "_WIN32_WINNT" redefined
 # define _WIN32_WINNT 0x0601 /* needed to get definition of MAPVK_VK_TO_VSC */
  ^
In file included from /usr/i686-w64-mingw32/sys-root/mingw/include/crtdefs.h:10:0,
                 from /usr/i686-w64-mingw32/sys-root/mingw/include/stdio.h:9,
                 from /home/berrange/src/virt/qemu/include/qemu/fprintf-fn.h:12,
                 from /home/berrange/src/virt/qemu/include/qemu-common.h:18,
                 from ui/gtk.c:37:
/usr/i686-w64-mingw32/sys-root/mingw/include/_mingw.h:225:0: note: this is the location of the previous definition
 #define _WIN32_WINNT 0x502
 ^

Rather than try to get MAPVK_VK_TO_VSC defined indirectly
by defining _WIN32_WINNT, instead just define it explicitly
if missing.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-24 20:52:28 +02:00
Gerd Hoffmann
b2af43cc37 spice: surface switch fast path requires same format too.
Commit "555e72f spice: rework mirror allocation, add no-resize fast path"
adds a fast path for surface switches which does't go through the full
primary surface destroy and re-recreation in case the new surface is
identical to the old one (page-flip).  It checks the size only though,
but the format must be identical too.  This patch adds the format check.

Commit "0002a51 ui/spice: Support shared surface for most pixman
formats" increases the chance to actually trigger this.

https://bugzilla.redhat.com/show_bug.cgi?id=1247479

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-09-21 09:52:07 +02:00
Rainer Müller
b12a84ce3c cocoa: Suppress Cocoa window with -display
Do not open a Cocoa window when another display is selected that will be
initialized later. The Cocoa display cannot be selected with -display,
so there is no need to check its argument.

Signed-off-by: Rainer Müller <raimue@codingfarm.de>
Reviewed-by: Andreas Färber <andreas.faerber@web.de>
Message-id: 1441807710-25431-1-git-send-email-raimue@codingfarm.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-18 18:33:02 +01:00
Peter Maydell
619622424d Merge vnc-crypto-v9
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJV+CwGAAoJEL6G67QVEE/fResQAKiHbjRRPjtCNjAvVixd2ewa
 O39TXlgQol4EiMKgsrIJf33yaEJQIj5ElNfKOUysgcLdGfL69+XWGQ5WgoHZx40d
 0Iiy8rGOTmCAQMgQYkRmJyayPTkK96jt8rl9psE0ab7JhS4CA2NbgnPWLLzVFwEx
 0BJ0SgHvzIGYy0N+9aQ7lVVUUja/Ksg64/6AAPpBHMkBZkOruk132E9B0D0mL7kL
 rka3OMgLpKqginKD4t3MKII1CnR5iSS2NNB/fJxVzrWK84Wv1/SbD1QnSlHPFWl6
 ffeD9j3F8ihFVdi0nssxK6kHYZW+dAeC8VPxpLcnFffHiNa7yU4XGQxmMuR3F/W/
 Su/R6W9JSP1dY6MCvCPjJNa2t9AW5iG0pGm4MckoZp4H6F46OPuxb0/GWoz/9prU
 S7BPLoB3h7h3otmokIL2MvqlU/5lfqUhlhW7w7ZS6fTNXUT2amFlq2UJZpFuEt0b
 3kAsAaGAq4wk5QB04lSbxW+u/F669L0dobu2FtOHiHECe3bihrCxk0OckzdA0fOP
 kZ14jIsvagXgWG2NAMQFKKXL3OCpfbObEm+mQp6JR6y108TwdXR3XYCudVHAHyK7
 GS+rhTdOtUgtQgpJG97RgdBd1nvil2dZ+NizX9DXu5EhT6le3PKijIOkq/6TLw5H
 5qAYBZCGQXl1bNrmifcH
 =6TWk
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/vnc-crypto-v9-for-upstream' into staging

Merge vnc-crypto-v9

# gpg: Signature made Tue 15 Sep 2015 15:32:38 BST using RSA key ID 15104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"

* remotes/berrange/tags/vnc-crypto-v9-for-upstream:
  ui: convert VNC server to use QCryptoTLSSession
  ui: fix return type for VNC I/O functions to be ssize_t
  crypto: introduce new module for handling TLS sessions
  crypto: add sanity checking of TLS x509 credentials
  crypto: introduce new module for TLS x509 credentials
  crypto: introduce new module for TLS anonymous credentials
  crypto: introduce new base module for TLS credentials
  qom: allow QOM to be linked into tools binaries
  crypto: move crypto objects out of libqemuutil.la
  tests: remove repetition in unit test object deps
  qapi: allow override of default enum prefix naming

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-09-15 15:42:58 +01:00
Daniel P. Berrange
3e305e4a47 ui: convert VNC server to use QCryptoTLSSession
Switch VNC server over to using the QCryptoTLSSession object
for the TLS session. This removes the direct use of gnutls
from the VNC server code. It also removes most knowledge
about TLS certificate handling from the VNC server code.
This has the nice effect that all the CONFIG_VNC_TLS
conditionals go away and the user gets an actual error
message when requesting TLS instead of it being silently
ignored.

With this change, the existing configuration options for
enabling TLS with -vnc are deprecated.

Old syntax for anon-DH credentials:

  -vnc hostname:0,tls

New syntax:

  -object tls-creds-anon,id=tls0,endpoint=server \
  -vnc hostname:0,tls-creds=tls0

Old syntax for x509 credentials, no client certs:

  -vnc hostname:0,tls,x509=/path/to/certs

New syntax:

  -object tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=no \
  -vnc hostname:0,tls-creds=tls0

Old syntax for x509 credentials, requiring client certs:

  -vnc hostname:0,tls,x509verify=/path/to/certs

New syntax:

  -object tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=yes \
  -vnc hostname:0,tls-creds=tls0

This aligns VNC with the way TLS credentials are to be
configured in the future for chardev, nbd and migration
backends. It also has the benefit that the same TLS
credentials can be shared across multiple VNC server
instances, if desired.

If someone uses the deprecated syntax, it will internally
result in the creation of a 'tls-creds' object with an ID
based on the VNC server ID. This allows backwards compat
with the CLI syntax, while still deleting all the original
TLS code from the VNC server.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-09-15 15:20:55 +01:00
Daniel P. Berrange
fdd1ab6ad5 ui: fix return type for VNC I/O functions to be ssize_t
Various VNC server I/O functions return 'long' and then
also pass this to a method accepting 'int'. All these
should be ssize_t to match the signature of read/write
APIs and thus avoid potential for integer truncation /
wraparound.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2015-09-15 15:07:44 +01:00
Alberto Garcia
2cb5d2a47c gtk: use setlocale() for LC_MESSAGES only
The QEMU code is not internationalized and assumes that it runs under
the C locale, but if we use the GTK+ UI we'll end up importing the
locale settings from the environment. This can break things, such as
the JSON generator and iotest 120 in locales that use a decimal comma.

We do however have translations for a few simple strings for the GTK+
menu items, so in order to run QEMU using the C locale, and yet have a
translated UI let's use setlocale() for LC_MESSAGES only.

Cc: qemu-stable@nongnu.org
Signed-off-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-09-15 12:27:41 +02:00
Gerd Hoffmann
78aee08112 gtk: don't grab input when entering fullscreen.
Kick off all grabbing logic from fullscreen mode.  In the current state
it seems to create more problems than it solves.  Try running qemu/gtk
fullscreen on one head of a multihead host for example ...

There probably was a reason the grab-on-fullscreen logic was added in
the first place.  So please test and report any issues so we can try to
find a sane way to handle it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2015-09-15 12:27:40 +02:00
Gerd Hoffmann
1d73cd782f gtk: set free_scale when setting zoom_fit
free_scale field tracks zoom-fit menu toggle state,
so we should keep them in sync ...

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2015-09-15 12:27:40 +02:00
Gerd Hoffmann
d531deef11 gtk: trace input grab reason
Add a reason to grab calls and trace points,
so it is easier to debug grab related ui issues.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2015-09-15 12:27:39 +02:00
Gerd Hoffmann
695cc59d42 gtk: move gd_update_caption calls to gd_{grab,ungrab}_{pointer,keyboard}
Then we don't have to pair the grab/ungrab calls with update_caption
calls any more because things happen automatically ;)

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2015-09-15 12:27:39 +02:00
Gerd Hoffmann
aa4f4058ba gtk: check for existing grabs in gd_grab_{pointer,keyboard}
If a grab is already active for our window, do nothing.
If a grab is already active for another window, release it.

Cleanup some checks and ungrab calls in the code which are
not needed any more.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2015-09-15 12:27:39 +02:00
Daniel P. Berrange
ef1e1e0782 maint: avoid useless "if (foo) free(foo)" pattern
The free() and g_free() functions both happily accept
NULL on any platform QEMU builds on. As such putting a
conditional 'if (foo)' check before calls to 'free(foo)'
merely serves to bloat the lines of code.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-09-11 10:21:38 +03:00
Gerd Hoffmann
eb8934b041 vnc: fix memory corruption (CVE-2015-5225)
The _cmp_bytes variable added by commit "bea60dd ui/vnc: fix potential
memory corruption issues" can become negative.  Result is (possibly
exploitable) memory corruption.  Reason for that is it uses the stride
instead of bytes per scanline to apply limits.

For the server surface is is actually fine.  vnc creates that itself,
there is never any padding and thus scanline length always equals stride.

For the guest surface scanline length and stride are typically identical
too, but it doesn't has to be that way.  So add and use a new variable
(guest_ll) for the guest scanline length.  Also rename min_stride to
line_bytes to make more clear what it actually is.  Finally sprinkle
in an assert() to make sure we never use a negative _cmp_bytes again.

Reported-by: 范祚至(库特) <zuozhi.fzz@alibaba-inc.com>
Reviewed-by: P J P <ppandit@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-08-26 17:54:33 +02:00
Gonglei
60928458e5 vnc: fix memory leak
If vnc's password is configured, it will leak memory
which cipher variable pointed on every vnc connection.

Cc: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Message-Id: <1437556133-11268-1-git-send-email-arei.gonglei@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-24 13:57:44 +02:00
Wolfgang Bumiller
a16951375f vnc: fix vnc client authentication
Commit 800567a61 updated the code to the generic crypto API
and mixed up encrypt and decrypt functions in
procotol_client_auth_vnc.
(Used to be: deskey(key, EN0) which encrypts, and was
changed to qcrypto_cipher_decrypt in 800567a61.)
Changed it to qcrypto_cipher_encrypt now.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-07-14 15:33:48 +02:00
Daniel P. Berrange
800567a613 ui: convert VNC to use generic cipher API
Switch the VNC server over to use the generic cipher API, this
allows it to use the pluggable DES implementations, instead of
being hardcoded to use QEMU's built-in impl.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1435770638-25715-11-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-08 13:11:01 +02:00
Daniel P. Berrange
8e9b0d24fb ui: convert VNC websockets to use crypto APIs
Remove the direct use of gnutls for hash processing in the
websockets code, in favour of using the crypto APIs. This
allows the websockets code to be built unconditionally
removing countless conditional checks from the VNC code.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1435770638-25715-9-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-08 13:11:01 +02:00
Daniel P. Berrange
9fd72468df crypto: move built-in D3DES implementation into crypto/
To prepare for a generic internal cipher API, move the
built-in D3DES implementation into the crypto/ directory.

This is not in fact a normal D3DES implementation, it is
D3DES with double & triple length modes removed, and the
key bytes in reversed bit order. IOW it is crippled
specifically for the "benefit" of RFB, so call the new
files desrfb.c instead of d3des.c to make it clear that
it isn't a generally useful impl.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1435770638-25715-4-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-07 12:04:31 +02:00
Markus Armbruster
a0b1a66ea3 Include monitor/monitor.h exactly where needed
In particular, don't include it into headers.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
2015-06-22 18:20:41 +02:00
Markus Armbruster
cc7a8ea740 Include qapi/qmp/qerror.h exactly where needed
In particular, don't include it into headers.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
2015-06-22 18:20:41 +02:00
Markus Armbruster
d49b683644 qerror: Move #include out of qerror.h
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
2015-06-22 18:20:40 +02:00
Markus Armbruster
c6bd8c706a qerror: Clean up QERR_ macros to expand into a single string
These macros expand into error class enumeration constant, comma,
string.  Unclean.  Has been that way since commit 13f59ae.

The error class is always ERROR_CLASS_GENERIC_ERROR since the previous
commit.

Clean up as follows:

* Prepend every use of a QERR_ macro by ERROR_CLASS_GENERIC_ERROR, and
  delete it from the QERR_ macro.  No change after preprocessing.

* Rewrite error_set(ERROR_CLASS_GENERIC_ERROR, ...) into
  error_setg(...).  Again, no change after preprocessing.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
2015-06-22 18:20:40 +02:00
Markus Armbruster
75158ebbe2 qerror: Eliminate QERR_DEVICE_NOT_FOUND
Error classes other than ERROR_CLASS_GENERIC_ERROR should not be used
in new code.  Hiding them in QERR_ macros makes new uses hard to spot.
Fortunately, there's just one such macro left.  Eliminate it with this
coccinelle semantic patch:

    @@
    expression EP, E;
    @@
    -error_set(EP, QERR_DEVICE_NOT_FOUND, E)
    +error_set(EP, ERROR_CLASS_DEVICE_NOT_FOUND, "Device '%s' not found", E)

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
2015-06-22 18:20:39 +02:00
Markus Armbruster
70b9433109 QemuOpts: Wean off qerror_report_err()
qerror_report_err() is a transitional interface to help with
converting existing monitor commands to QMP.  It should not be used
elsewhere.

The only remaining user in qemu-option.c is qemu_opts_parse().  Is it
used in QMP context?  If not, we can simply replace
qerror_report_err() by error_report_err().

The uses in qemu-img.c, qemu-io.c, qemu-nbd.c and under tests/ are
clearly not in QMP context.

The uses in vl.c aren't either, because the only QMP command handlers
there are qmp_query_status() and qmp_query_machines(), and they don't
call it.

Remaining uses:

* drive_def(): Command line -drive and such, HMP drive_add and pci_add

* hmp_chardev_add(): HMP chardev-add

* monitor_parse_command(): HMP core

* tmp_config_parse(): Command line -tpmdev

* net_host_device_add(): HMP host_net_add

* net_client_parse(): Command line -net and -netdev

* qemu_global_option(): Command line -global

* vnc_parse_func(): Command line -display, -vnc, default display, HMP
  change, QMP change.  Bummer.

* qemu_pci_hot_add_nic(): HMP pci_add

* usb_net_init(): Command line -usbdevice, HMP usb_add

Propagate errors through qemu_opts_parse().  Create a convenience
function qemu_opts_parse_noisily() that passes errors to
error_report_err().  Switch all non-QMP users outside tests to it.

That leaves vnc_parse_func().  Propagate errors through it.  Since I'm
touching it anyway, rename it to vnc_parse().

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
2015-06-22 18:20:39 +02:00
John Arbuckle
693a3e01af ui/cocoa.m: Add machine menu items to change and eject removable drive media
Adds all removable devices to the Machine menu as a Change and Eject menu
item pair. ide-cd0 would have a "Change ide-cd0..." and "Eject ide-cd0"
menu items.

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-19 11:22:31 +01:00
John Arbuckle
270746142c ui/cocoa.m: Add Reset and Power Down menu items to Machine menu
Add "Reset" and "Power Down" menu items to Machine menu.

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-19 11:22:17 +01:00
John Arbuckle
8524f1c79e ui/cocoa.m: Add Machine menu with pause and resume menu items
Add Machine menu to the Macintosh interface with pause
and resume menu items. These items can either pause or
resume execution of the guest operating system.

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Message-id: 6D7AE6AA-0595-4FAD-AACF-9DFAB87248F0@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-19 10:53:27 +01:00
Fam Zheng
82e1cc4bf9 Change qemu_set_fd_handler2(..., NULL, ...) to qemu_set_fd_handler
Done with following Coccinelle semantic patch, plus manual cosmetic changes in
net/*.c.

    @@
    expression E1, E2, E3, E4;
    @@
    -   qemu_set_fd_handler2(E1, NULL, E2, E3, E4);
    +   qemu_set_fd_handler(E1, E2, E3, E4);

Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1433400324-7358-8-git-send-email-famz@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-06-12 13:26:21 +01:00
Peter Maydell
afa25c4bb5 sdl2: fix crash in handle_windowevent() when restoring the screen size
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJVeT9yAAoJEEy22O7T6HE4180P/itdfXhzoOv/6AdXos4X13WH
 bmwlLBkw/0saRzVBTIJ5zAKxNZ2nkpee6ORMf42asjYSgXcQTgRzZwUw+FdClmd6
 igcm1+eWzo7W1GjWoqK2TMKpm0bywHP13JKchLp6AShRiim6ymXybgOzzDNd3g08
 W7pvJDL1chIt5jqtu0KC/bkQuJhh0Mz0rVzB+LYNSgKGWyOndQZZD51eZIY7X7qW
 pxHWRZyYWbXx2obrYHgcfaxsXcemlishzdhxG9Sm6qIt2B/zi3lGeSg9SKCwX6Ft
 TVlazv+2Dl8J2Tx+aAkQHGdOcSbV/GWCa5vQo89MOY20SpZd+PbdJkM+mbnW5QuL
 qMyMPdW/lYi+a2wtZifzY+eiEwnExL5sKHaFlQ3a94akPRZujCuMi5Xk3heJBVvF
 jjKNNrO2VfcdOFjOQSFMrh/KIEuzxdpy6HoP3iekhhmB86KrwL1qRO5gLcvoP7wK
 aYnNevKmWBwIVGHRQxNQaCSpz7VLLK9MrF/h8YJbCDhKdNde4fOhogUER35EJ1Vx
 mxJufEn2jd9r7ylEDrvedEkCH+m92eCQ23JHCwustlW+Yfx2xUSrRb4P/JRJE3e1
 TLgh7azBXh0Tct8/guV1TVJf2dJ8VZDmVuYaGpv6PidWFhfIBIkPVnKRKDU/k3wS
 1RtEewSb7jJk2B/Ovm+4
 =t2/C
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-sdl-20150611-1' into staging

sdl2: fix crash in handle_windowevent() when restoring the screen size

# gpg: Signature made Thu Jun 11 08:57:38 2015 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-sdl-20150611-1:
  sdl2: fix crash in handle_windowevent() when restoring the screen size

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-11 14:40:25 +01:00
Peter Maydell
169b71331e spice: fix segfault in qemu_spice_create_update, ui_info tweaks.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJVeT1hAAoJEEy22O7T6HE4siIQAIEWEANlJYJb/aoGWnFk0c/n
 TtNDxPdXo1g1LEAZ8jCQh9uUv1/UK26ybcvpkJDfmPrZ86tTqJx10qPs9z+cWt+3
 J2ZAYhhQC78TTgb8GZGEW7F968jhcfQg8mX9WZZGHEEUIXXryOyFYaFLZFyA4d5O
 DLIVWl5r5f6HBjJlydflO9cATOW3IZ86EZYQFfKohevkQhPBUcDh8VYrMaHfDwS4
 mioylHs3dhch2PbeOX6uEQNRttLw8i2LhCrs6iss367eajZ3/GStiD4HFrQRI5Rv
 7TEabhoxyoVbg37hMde54AIhYCtj82sG9AD6hDPcHWb7vKuzh+pwZs1gCiepBSxX
 fGmC33ylwLCQSMoL1hqUY8I+TZ6yzjNxKd+ZTn0z3MZPGvqFBa3Ec2Sw46OWXiLi
 snOxepY4oBVUomEyhwfLRLp6cxpIux5WVnDvxeE/ZA/pHMmaJoT00HM32O0kXuRK
 lfOqZvlWKO7MT9pjcMlK9s/fg2mI1gd7c6srA62BPj1yClXpPdsCVaGwLnd63oQJ
 85S5y4MQf+B/cR8zM87BdRL2cLl6Js/VmhiMAiT4nt34/fHx8cyITvIh0K1md/5N
 IcpY0lAbvcQV4QkX11A5X+hF1lkzfhCpQ4Xh09Z9aoTICPC3l7uwFx+yL1Jq62I6
 LnIA2K42B6oerTBdBq+U
 =N2d9
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20150611-1' into staging

spice: fix segfault in qemu_spice_create_update, ui_info tweaks.

# gpg: Signature made Thu Jun 11 08:48:49 2015 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/spice/tags/pull-spice-20150611-1:
  spice: ui_info tweaks
  spice-display: fix segfault in qemu_spice_create_update

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-11 12:12:58 +01:00
Gerd Hoffmann
060ab76356 gtk: don't exit early in case gtk init fails
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
2015-06-11 11:37:56 +02:00
Gerd Hoffmann
5a9259a0b5 spice: ui_info tweaks
Use the new dpy_ui_info_supported function.
Clarifies the control flow.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-06-11 09:06:14 +02:00
Gerd Hoffmann
c6e484707f spice-display: fix segfault in qemu_spice_create_update
Although it is pretty unusual the stride for the guest image and the
mirror image maintained by spice-display can be different.  So use
separate variables for them.

https://bugzilla.redhat.com/show_bug.cgi?id=1163047

Cc: qemu-stable@nongnu.org
Reported-by: perrier vincent <clownix@clownix.net>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-06-11 09:06:14 +02:00
Alberto Garcia
08d49df0db sdl2: fix crash in handle_windowevent() when restoring the screen size
The Ctrl-Alt-u keyboard shortcut restores the screen to its original
size. In the SDL2 UI this is done by destroying the window and
creating a new one. The old window emits SDL_WINDOWEVENT_HIDDEN when
it's destroyed, but trying to call SDL_GetWindowFromID() from that
event's window ID returns a null pointer. handle_windowevent() assumes
that the pointer is never null so it results in a crash.

Cc: qemu-stable@nongnu.org
Signed-off-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-06-09 10:25:21 +02:00
Markus Armbruster
71df1d8337 QemuOpts: Convert qemu_opt_foreach() to Error
Retain the function value for now, to permit selective conversion of
its callers.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2015-06-09 07:40:23 +02:00
Markus Armbruster
1640b200d5 QemuOpts: Drop qemu_opt_foreach() parameter abort_on_failure
When the argument is non-zero, qemu_opt_foreach() stops on callback
returning non-zero, and returns that value.

When the argument is zero, it doesn't stop, and returns the callback's
value from the last iteration.

The two callers that pass zero could just as well pass one:

* qemu_spice_init()'s callback add_channel() either returns zero or
  exit()s.

* config_write_opts()'s callback config_write_opt() always returns
  zero.

Drop the parameter, and always stop.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2015-06-09 07:40:23 +02:00
Markus Armbruster
28d0de7a4f QemuOpts: Convert qemu_opts_foreach() to Error
Retain the function value for now, to permit selective conversion of
its callers.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Acked-by: Kevin Wolf <kwolf@redhat.com>
2015-06-09 07:37:37 +02:00
Paolo Bonzini
42af3e3a02 ui/console: remove dpy_gfx_update_dirty
dpy_gfx_update_dirty expects DIRTY_MEMORY_VGA logging to be always on,
but that will not be the case soon.  Because it computes the memory
region on the fly for every update (with memory_region_find), it cannot
enable/disable logging by itself.

We could always treat updates as invalidations if dirty logging is
not enabled, assuming that the board will enable logging on the
RAM region that includes the framebuffer.

However, the function is unused, so just drop it.

Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-06-05 17:09:59 +02:00
Peter Maydell
2a90c454a1 gtk: add opengl rendering support.
small bugfixes for gtk and opengl ui code.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJVaDUWAAoJEEy22O7T6HE4efQQAMnUoWwYLT882zI5DF07Viji
 +ZJ7QdEi+uj+/S9GKKpVmWRGsuiStgPVcIP4jop2IaoMjp8TWVIjkINS6mxlps3Z
 PMFjm/XIoWMpyQlU7kGWWoE2wU0JszAakwcOFaOcOOxxS7QpCzafRHkHUMEQc0TS
 trBgsY69VD9DxpEuC3tt9OAbmOmuMhpZxe5eYS2lyMGawYQRydxui0HNN3fsOIwY
 KuWKpOj4u2/oMlVHTNso1SzSZp0dsmLNR1z/RDQ8Q+5E4sRKL6XQUMZdSz+/CQVI
 lyi0Oll8H8v54tQB7PrpIw4HjqDbySxV9418SQQqOIoFliLMMdquSFEbAIEktQJz
 mfyEChQHevu1zUQlBRE+bbY6voDZ4Dmib/Az8OwRAe7LdG+gYDTScxt67Fr+jLLg
 rrq9zk329+91UofqUf5Bnfl199i2KqvV6buw85g/QhbXuPOFFHZj30qem0virodL
 X++EoHi1lfuwbAKrFfLLruCLp3dHw/arMxVQXPQ/6iFJSP0vbgSjGkFYJvjciO6L
 vQKMJsWkn/LJ9M2r/AOs6WvRXoDZ68pa5jp6tuAB3UTWEo7x7/mYsixiFwKV74HK
 on08TCqQaVQ9h2L9OdUgNMl/4nTbF402OPSFBAFCzzSAIVfvldw5PVAqrJZxMmEk
 ro0vR8KDvWOKy9L7VfiL
 =rTz0
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-gtk-20150529-1' into staging

gtk: add opengl rendering support.
small bugfixes for gtk and opengl ui code.

# gpg: Signature made Fri May 29 10:44:54 2015 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-gtk-20150529-1:
  gtk: Replace gdk_cursor_new()
  gtk: add opengl support, using egl
  ui: add egl-helpers
  ui: shader.h protect against double inclusion
  ui: use libexpoxy

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-29 14:24:35 +01:00
Peter Maydell
9441aa282b kbd: add support for brazilian keyboard (two extra keys).
input: add virtio-input devices.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJVaCyuAAoJEEy22O7T6HE4TDUQALmOVcaNBJTN6K4iVV5DM2TY
 vsrJ7GmhDpXbEuax1o2qKaWoO1oZy52UrLYlnC9/1Qv7OzE/RQlu6++8ZsZxNIvc
 ZjzZlEbDfViaaAb0ta/UCIB282zpuq6gpxczHVeuhtxgN+RzL6tHuIc8397zOVRr
 HRadFcC4r8FwuFd6b0UTBUK9ALG0i9wM5VdGqNeENDeIExAAlvQKEMOxJ43qIhL2
 Ib1LdEwyux/GhSSVYoNrzYv07PG9/kbEAp3bWt5IRn+k+M9RGxCEWZICQPkxQhPc
 85l//uu8Y9TuEVHDBRHdH/IUNdMmU/2rcgjnM9PATAMmGyC8YuE6KZ1hd4WCyunL
 Qdv3wN3o/yT1x9ci/iqwLlWEkllNLkBf+bETOf/hx3X3GzQftVnv1XYgtoV9/Ila
 MS/XrnmZ6KXy+fs7KANIo6ahO2HaH+bFyZt/N3W6B+gS/u15BNAeKDinkSbdFU6w
 eXMV731I8wiN5fjpa2ckka25mfJGPc5W9FCLrFVzyZK2inIEShBzrO0JtYX7fw9X
 v99UhVA+bjrTwsREPb5B+4n+G43Vd50/07vH019jFW0FqtILWs+PhTSkQk+vLQdG
 uOkpSn9S7T1IeUx9JaeuUXdNvEAdv7oYf3DvmzrUmYXaGOpr7z0CTu+xvMh3ZbPJ
 1/ZnUvvWn+GLixM49fO8
 =0GG+
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20150529-1' into staging

kbd: add support for brazilian keyboard (two extra keys).
input: add virtio-input devices.

# gpg: Signature made Fri May 29 10:09:02 2015 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-input-20150529-1:
  virtio-input: emulated devices [device]
  virtio-input: core code & base class [device]
  virtio-input: add linux/input.h
  kbd: add brazil kbd keys to x11 evdev map
  kbd: add brazil kbd keys to qemu

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-29 11:23:07 +01:00
Max Reitz
63c67b6d44 gtk: Replace gdk_cursor_new()
gdk_cursor_new() has been deprecated in GTK 3.16, it is recommended to
use gdk_cursor_new_for_display() instead, so do that.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-29 11:43:29 +02:00
Gerd Hoffmann
97edf3bd5e gtk: add opengl support, using egl
This adds opengl rendering support to the gtk ui, using egl.
It's off by default for now, use 'qemu -display gtk,gl=on'
to play with this.

Note that gtk got native opengl support with release 3.16.
There most likely will be a separate implementation for 3.16+,
using the native gtk opengl support.  This patch covers older
versions (and for the time being 3.16 too, hopefully without
rendering quirks).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-29 11:43:29 +02:00
Gerd Hoffmann
7ced9e9f6d ui: add egl-helpers
Add helper functions to initialize OpenGL using egl.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2015-05-29 11:11:38 +02:00
Gerd Hoffmann
33aa30cafc kbd: add brazil kbd keys to x11 evdev map
This patch adds the two extra brazilian keys to the evdev keymap for
X11.  This patch gets the two keys going with the vnc, gtk and sdl1
UIs.

The SDL2 library complains it doesn't know these keys, so the SDL2
library must be fixed before we can update ui/sdl2-keymap.h

Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
2015-05-29 10:30:06 +02:00
Gerd Hoffmann
b771f470f3 kbd: add brazil kbd keys to qemu
The brazilian computer keyboard layout has two extra keys (compared to
the usual 105-key intl ps/2 keyboard).  This patch makes these two keys
known to qemu.

For historic reasons qemu has two ways to specify a key:  A QKeyCode
(name-based) or a number (ps/2 scancode based).  Therefore we have to
update multiple places to make new keys known to qemu:

  (1) The QKeyCode definition in qapi-schema.json
  (2) The QKeyCode <-> number mapping table in ui/input-keymap.c

This patch does just that.  With this patch applied you can send those
two keys to the guest using the send-key monitor command.

Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
2015-05-29 10:30:06 +02:00
Gerd Hoffmann
641381c1fc spice: don't update mm_time when spice-server is stopped.
Skip mm_time updates (in qxl device memory) in case the guest is stopped.
Guest isn't able to look anyway, and it causes problems with migration.

Also make sure the initial state for spice server is stopped.

Reported-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-29 09:56:01 +02:00
Cole Robinson
bc119048d7 vnc: Tweak error when init fails
Before:
qemu-system-x86_64: -display vnc=unix:/root/foo.sock: Failed to start VNC server on `(null)': Failed to bind socket to /root/foo.sock: Permission denied

After:
qemu-system-x86_64: -display vnc=unix:/root/foo.sock: Failed to start VNC server: Failed to bind socket to /root/foo.sock: Permission denied

Rather than tweak the string possibly show unix: value as well,
just drop the explicit display reporting. We already get the cli
string in the error message, that should be sufficient.

Signed-off-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-20 10:23:08 +02:00
Cole Robinson
3d00ac1a2e vnc: Don't assert if opening unix socket fails
Reproducer:

$ qemu-system-x86_64 -display vnc=unix:/root/i-cant-access-you.sock
qemu-system-x86_64: iohandler.c:60: qemu_set_fd_handler2: Assertion `fd >= 0' failed.
Aborted (core dumped)

Signed-off-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-20 10:23:08 +02:00
Daniel P. Berrange
2b2c1a38ee ui: remove check for failure of qemu_acl_init()
The qemu_acl_init() function has long since stopped being able
to return NULL, since g_malloc will abort on OOM. As such the
checks for NULL were unreachable code.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-20 10:23:08 +02:00
Ján Tomko
274c3b52e1 Strip brackets from vnc host
Commit v2.2.0-1530-ge556032 vnc: switch to inet_listen_opts
bypassed the use of inet_parse in inet_listen, making literal
IPv6 addresses enclosed in brackets fail:

qemu-kvm: -vnc [::1]:0: Failed to start VNC server on `(null)': address
resolution failed for [::1]:5900: Name or service not known

Strip the brackets to make it work again.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-20 10:23:08 +02:00
Programmingkid
b4c6a112dc ui/cocoa: Add console items to the View menu
Add any console that is available to the current emulator as a
menu item under the View menu.

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
[PMM: Adjusted to apply after zoom-to-fit menu item was added;
 create the View menu at the same time as all the others, and only
 add the dynamically-determined items to it later]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-19 09:11:18 +01:00
Peter Maydell
8617989eae ui/cocoa: Avoid deprecated NSOKButton/NSCancelButton constants
In OSX 10.10, the NSOKButton and NSCancelButton constants are deprecated
and provoke compiler warnings. Avoid them by using the
NSFileHandlingPanelCancelButton and NSFileHandlingPanelOKButton constants
instead. These are the documented correct constants for the 10.6-and-up
beginSheetModalForWindow API we use. We also use the same method for
the pre-10.6 compatibility code path, but conveniently the constant
values are the same and the constant names have been present since 10.0.
Preferring the constant names that match the non-legacy API makes more
sense anyway.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1431296361-16981-7-git-send-email-peter.maydell@linaro.org
2015-05-19 09:11:18 +01:00
Peter Maydell
81801ae213 ui/cocoa: Don't use NSWindow useOptimizedDrawing on OSX 10.10 and up
Starting in OSX 10.10, NSWindow useOptimizedDrawing is deprecated, so
don't use it there.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1431296361-16981-6-git-send-email-peter.maydell@linaro.org
2015-05-19 09:11:18 +01:00
Peter Maydell
2a4c8c53da ui/cocoa: Declare that QemuCocoaAppController implements NSApplicationDelegate
Our class QemuCocoaAppController implements the NSApplicationDelegate
interface, and we pass an object of this class to [NSApp setDelegate].
However, we weren't declaring in the class definition that we implemented
this interface; in OSX 10.10 this provokes the following (slighly
misleading) warning:
ui/cocoa.m:1031:24: warning: sending 'QemuCocoaAppController *' to parameter of
      incompatible type 'id<NSFileManagerDelegate>'
    [NSApp setDelegate:appController];
                       ^~~~~~~~~~~~~
/System/Library/Frameworks/Foundation.framework/Headers/NSFileManager.h:109:47:
note: passing argument to parameter 'delegate' here
@property (assign) id <NSFileManagerDelegate> delegate NS_AVAILABLE(10_5,
2_0);
                                              ^

Annoyingly, this interface wasn't formally defined until OSX 10.6, so we
have to surround the relevant part of the @interface line with an ifdef.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1431296361-16981-5-git-send-email-peter.maydell@linaro.org
2015-05-19 09:11:18 +01:00
Peter Maydell
de1aadee28 ui/cocoa: openPanelDidEnd returnCode should be NSInteger, not int
The type for openPanelDidEnd's returnCode argument should be NSInteger,
not int. This only matters for the OSX 10.5 code path where we pass
the method directly to an OSX function to call.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1431296361-16981-4-git-send-email-peter.maydell@linaro.org
2015-05-19 09:11:18 +01:00
Peter Maydell
89424ff32f ui/cocoa: Remove compatibility ifdefs for OSX 10.4
Remove compatibility ifdefs that work around OSX 10.4 not providing
various typedefs and functions.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1431296361-16981-3-git-send-email-peter.maydell@linaro.org
2015-05-19 09:11:17 +01:00
Peter Maydell
b63901d84c ui/cocoa: Drop tests for CGImageCreateWithImageInRect support
The code that tries to test at both compiletime and runtime
for whether CGImageCreateWithImageInRect is supported provokes
a compile warning on OSX 10.3:

ui/cocoa.m:378:13: warning: comparison of function 'CGImageCreateWithImageInRect'
      equal to a null pointer is always false[-Wtautological-pointer-compare]
        if (CGImageCreateWithImageInRect == NULL) { // test if "CGImageCreateWithImageInRect" is
supported on host at runtime
            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~    ~~~~

The simplest way to deal with this is just to drop this code,
since we don't in practice support OSX 10.4 anyway. (10.5 was
released in 2007 and is the last PPC version, so is the earliest
we really need to continue to support at all.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1431296361-16981-2-git-send-email-peter.maydell@linaro.org
2015-05-19 09:11:17 +01:00
Programmingkid
43227af88a ui/cocoa: Make -full-screen option work on Mac OS X
This patch makes the -full-screen option actually instruct QEMU to
enter fullscreen at startup, on Mac OS X.

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-19 09:11:17 +01:00
Programmingkid
5d1b2eef58 ui/cocoa: Fix several full screen issues on Mac OS X
This patch makes several changes:
- Minimizes distorted full screen display by respecting aspect
ratios.
- Makes full screen mode available on Mac OS 10.7 and higher.
- Allows user to decide if video should be stretched to fill the
screen, using a menu item called "Zoom To Fit".
- Hides the normalWindow so it won't show up in full screen mode.
- Allows user to exit full screen mode.

Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
[PMM: minor whitespace tweaks, remove incorrectly duplicated
 use of 'f' menu accelerator key]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-19 09:11:17 +01:00
Gerd Hoffmann
1271f7f7c6 gtk: update mouse position in mouse_set()
Without that the next mouse motion event uses the old position
as base for relative move calculation, giving wrong results and
making your mouse pointer jump around.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-06 08:38:05 +02:00
Gerd Hoffmann
dc7ff34418 gtk: create gtk.h
Move various gtk bits (includes, data structures) to a header file.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-06 08:38:05 +02:00
Gerd Hoffmann
1301e515ef gtk: add ui_info support
Pass new display size to the guest after window resizes.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-06 08:38:05 +02:00
Gerd Hoffmann
b7fb49f0c7 console: add dpy_ui_info_supported
Allow ui code to check whenever the emulated
display supports display change notifications.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-06 08:38:05 +02:00
Gerd Hoffmann
cf1ecc82ab console: delayed ui_info guest notification
So we don't flood the guest with display change notifications
while the user resizes the window.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-06 08:38:05 +02:00
Max Reitz
e444ea34f8 sdl2: Fix RGB555
Reproducable with:

$ x86_64-softmmu/qemu-system-x86_64 \
    -kernel $vmlinuz_of_your_choice \
    -append vga=0x313 -sdl

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-05 10:48:26 +02:00
Gerd Hoffmann
0b71a5d5ca sdl2: add support for display rendering using opengl.
Add new sdl2-gl.c file, with display
rendering functions using opengl.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2015-05-05 10:48:26 +02:00
Gerd Hoffmann
19dadfccd0 sdl2: move SDL_* includes to sdl2.h
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2015-05-05 10:48:26 +02:00
Gerd Hoffmann
cd2bc889e5 console-gl: add opengl rendering helper functions
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2015-05-05 10:48:22 +02:00
Gerd Hoffmann
985e1c9b00 opengl: add shader helper functions.
Helper functions to compile, link and run opengl shader programs.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-05-05 10:43:03 +02:00
Emilio G. Cota
dfbf272b77 input: remove unused mouse_handlers list
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-04-30 16:05:48 +03:00
Chih-Min Chao
c9f88ce330 hw/display : remove 'struct' from 'typedef QXL struct'
Signed-off-by: Chih-Min Chao <cmchao@gmail.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-04-30 16:05:48 +03:00
Chih-Min Chao
9425c004fe ui/console : remove 'struct' from 'typedef struct' type
Signed-off-by: Chih-Min Chao <cmchao@gmail.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-04-30 16:05:48 +03:00
Chih-Min Chao
4769a881cb ui/vnc : remove 'struct' of 'typedef struct'
Signed-off-by: Chih-Min Chao <cmchao@gmail.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-04-30 16:05:48 +03:00
Chih-Min Chao
494cb81741 ui/vnc : fix coding style
reported by checkpatch.pl

Signed-off-by: Chih-Min Chao <cmchao@gmail.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-04-30 16:05:48 +03:00
Peter Maydell
3d27b09cf6 spice: misc fixes.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJVPhd0AAoJEEy22O7T6HE4sMkQAK9TcUjMKvKf7k20WsFBDgkc
 RS/NHEHNrrscnWz+n845NDueFvYAa7DfAKok0ayzD5XSK2RC3AkcGsQ/PF21kg5t
 +9B0y7YIdJoAt+9w+SulwF6hcK9wWBx0NOUWJomoZWntZcawAv5pTOTvcLR2TJhN
 eGHuI1lw/Hnsqr0vYXqkFdNNB66zA24oZiaryxsy/TMpd6vlGX3JIvDaLcTden1W
 u0Fmta5JEDlPCiPIBVxau88U21pDeg6PHEHmWhkeLo45Tsr+R+dB72Ugbguihr1x
 LRpzQtZoq8gqyqY2+r1lOS5cHNvCkqZhtDK80Aeo2UPxlg88YPMFvonTuvY8Y8Jm
 6Mq1gepyI48LdoKwoL8S2ja5W8++unS6kd1oP1fxqalWqFI8mwIB1v4W75a4ejxq
 drbVWY4jnJDkNiz8BKmg9GLE4mEConei0Ip/lbgflESbjJ9g0Y7IGoc91cjsCXCv
 1MuAphNrkwLSckJpNxooKzO7MMhYFw9PGNX26RWE64iRnwMFCsqOxE1KC7rzdnZY
 Y09fVV+GC1h5XyH25M5cyMCV5r/S/eM1Y6GEhq/OS8xmunGp2WKB7rmaoLMlioMs
 SiPExlwTaqiZldBHfB71h2E41C7awcmcmY+NsORSxIEg6eTyT4/jljQQXGiwm0JA
 IcfrFHJHvmmWPL6CLwS0
 =Vi97
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20150427-1' into staging

spice: misc fixes.

# gpg: Signature made Mon Apr 27 12:03:16 2015 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/spice/tags/pull-spice-20150427-1:
  spice: learn to hide cursor
  spice: set pointer position on hotspot
  spice: fix mouse cursor position
  spice: fix simple display on bigendian hosts
  monitor: Make client_migrate_info synchronous

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-27 20:00:57 +01:00
Marc-André Lureau
700cd855de spice: learn to hide cursor
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-04-27 12:47:04 +02:00
Marc-André Lureau
dc8dceee64 spice: set pointer position on hotspot
The Spice protocol uses cursor position on hotspot: the client is
applying hotspot offset when drawing the cursor.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-04-27 12:47:04 +02:00
Marc-André Lureau
d0df04a156 spice: fix mouse cursor position
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-04-27 12:47:04 +02:00
Gerd Hoffmann
c1d37cd353 spice: fix simple display on bigendian hosts
Denis Kirjanov is busy getting spice run on ppc64 and trapped into this
one.  Spice wire format is little endian, so we have to explicitly say
we want little endian when letting pixman convert the data for us.

Reported-by: Denis Kirjanov <kirjanov@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-04-27 12:47:03 +02:00
Markus Armbruster
3b5704b2f8 monitor: Make client_migrate_info synchronous
Live migration with spice works like this today:

  (1) client_migrate_info monitor cmd
  (2) spice server notifies client, client connects to target host.
  (3) qemu waits until spice client connect is finished.
  (4) send over vmstate (i.e. main part of live migration).
  (5) spice handover to target host.

(3) is implemented by making client_migrate_info a async monitor
command.  This is the only async monitor command we have.

The original reason to implement this dance was that qemu did not accept
new tcp connections while the incoming migration was running, so (2) and
(4) could not be done in parallel.  That issue was fixed long ago though.
Qemu version 1.3.0 (released Dec 2012) and newer happily accept tcp
connects while the incoming migration runs.

Time to drop step (3).  This patch does exactly that, by making the
monitor command synchronous and removing the code needed to handle the
async monitor command in ui/spice-core.c

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-04-27 12:46:57 +02:00
Jan Kiszka
1a01716a30 gtk: Avoid accel key leakage into guest on console switch
GTK2 sends the accel key to the guest when switching to the graphic
console via that shortcut. Resolve this by ignoring any keys until the
next key-release event. However, do not ignore keys when switching via
the menu or when on GTK3.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-04-27 11:00:43 +02:00
Jan Kiszka
9d677e1c2f gtk: Fix VTE focus grabbing
At least on GTK2, the VTE terminal has to be specified as target of
gtk_widget_grab_focus. Otherwise, switching from one VTE terminal to
another causes the focus to get lost.

CC: John Snow <jsnow@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>

[ kraxel: fixed build with CONFIG_VTE=n ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-04-27 11:00:07 +02:00
Gerd Hoffmann
779ce88fbd console/gtk: add qemu_console_get_label
Add a new function to get a nice label for a given QemuConsole.
Drop the labeling code in gtk.c and use the new function instead.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-04-22 13:21:16 +02:00
Gerd Hoffmann
f8c223f69a gtk: bind to text terminal consoles too
This way gtk has text terminal consoles even when building without vte.
Most notably you'll get a monitor tab on windows now.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-04-22 13:21:16 +02:00
Gerd Hoffmann
f98f43eab0 gtk: handle switch_surface(NULL) properly
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-04-22 13:21:16 +02:00
Daniel P. Berrange
2cdb5e142f CVE-2015-1779: limit size of HTTP headers from websockets clients
The VNC server websockets decoder will read and buffer data from
websockets clients until it sees the end of the HTTP headers,
as indicated by \r\n\r\n. In theory this allows a malicious to
trick QEMU into consuming an arbitrary amount of RAM. In practice,
because QEMU runs g_strstr_len() across the buffered header data,
it will spend increasingly long burning CPU time searching for
the substring match and less & less time reading data. So while
this does cause arbitrary memory growth, the bigger problem is
that QEMU will be burning 100% of available CPU time.

A novnc websockets client typically sends headers of around
512 bytes in length. As such it is reasonable to place a 4096
byte limit on the amount of data buffered while searching for
the end of HTTP headers.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-04-01 17:12:55 +02:00
Daniel P. Berrange
a2bebfd6e0 CVE-2015-1779: incrementally decode websocket frames
The logic for decoding websocket frames wants to fully
decode the frame header and payload, before allowing the
VNC server to see any of the payload data. There is no
size limit on websocket payloads, so this allows a
malicious network client to consume 2^64 bytes in memory
in QEMU. It can trigger this denial of service before
the VNC server even performs any authentication.

The fix is to decode the header, and then incrementally
decode the payload data as it is needed. With this fix
the websocket decoder will allow at most 4k of data to
be buffered before decoding and processing payload.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

[ kraxel: fix frequent spurious disconnects, suggested by Peter Maydell ]

  @@ -361,7 +361,7 @@ int vncws_decode_frame_payload(Buffer *input,
  -        *payload_size = input->offset;
  +        *payload_size = *payload_remain;

[ kraxel: fix 32bit build ]

  @@ -306,7 +306,7 @@ struct VncState
  -    uint64_t ws_payload_remain;
  +    size_t ws_payload_remain;

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-04-01 17:11:34 +02:00
Hervé Poussineau
4cdfc93526 gtk: do not call gtk_widget_get_window if drawing area is not initialized
This prevents gtk_widget_get_window to return a NULL pointer.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-26 17:58:12 +01:00
Daniel P. Berrange
4a48aaa9f5 ui: ensure VNC websockets server checks the ACL if requested
If the x509verify option is requested, the VNC websockets server
was failing to validate that the websockets client provided an
x509 certificate matching the ACL rules.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:14 +01:00
Daniel P. Berrange
7b45a00d05 ui: remove separate gnutls_session for websockets server
The previous change to the auth scheme handling guarantees we
can never have nested TLS sessions in the VNC websockets server.
Thus we can remove the separate gnutls_session instance.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:14 +01:00
Daniel P. Berrange
51941e4695 ui: enforce TLS when using websockets server
When TLS is required, the primary VNC server considers it to be
mandatory. ie the server admin decides whether or not TLS is used,
and the client has to comply with this decision. The websockets
server, however, treated it as optional, allowing non-TLS clients
to connect to a server which had setup TLS. Thus enabling websockets
lowers the security of the VNC server leaving the admin no way to
enforce use of TLS.

This removes the code that allows non-TLS fallback in the websockets
server, so that if TLS is requested for VNC it is now mandatory for
both the primary VNC server and the websockets VNC server.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:13 +01:00
Daniel P. Berrange
f9148c8ae7 ui: fix setup of VNC websockets auth scheme with TLS
The way the websockets TLS code was integrated into the VNC server
made it essentially useless. The only time that the websockets TLS
support could be used is if the primary VNC server had its existing
TLS support disabled. ie QEMU had to be launched with:

  # qemu -vnc localhost:1,websockets=5902,x509=/path/to/certs

Note the absence of the 'tls' flag. This is already a bug, because
the docs indicate that 'x509' is ignored unless 'tls' is given.

If the primary VNC server had TLS turned on via the 'tls' flag,
then this prevented the websockets TLS support from being used,
because it activates the VeNCrypt auth which would have resulted
in TLS being run over a TLS session. Of course no websockets VNC
client supported VeNCrypt so in practice, since the browser clients
cannot setup a nested TLS session over the main HTTPS connection,
so it would not even get past auth.

This patch causes us to decide our auth scheme separately for the
main VNC server vs the websockets VNC server. We take account of
the fact that if TLS is enabled, then the websockets client will
use https, so setting up VeNCrypt is thus redundant as it would
lead to nested TLS sessions.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:13 +01:00
Daniel P. Berrange
0dd72e1531 ui: split setup of VNC auth scheme into separate method
The vnc_display_open method is quite long and complex, so
move the VNC auth scheme decision logic into a separate
method for clarity.

Also update the comment to better describe what we are
trying to achieve.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:13 +01:00
Daniel P. Berrange
d169f04b8b ui: report error if user requests VNC option that is unsupported
If the VNC server is built without tls, sasl or websocket support
and the user requests one of these features, they are just silently
ignored. This is bad because it means the VNC server ends up running
in a configuration that is less secure than the user asked for.
It also leads to an tangled mass of preprocessor conditionals when
configuring the VNC server.

This ensures that the tls, sasl & websocket options are always
processed and an error is reported back to the user if any of
them were disabled at build time.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:13 +01:00
Daniel P. Berrange
153130cd4f ui: replace printf() calls with VNC_DEBUG
Handling of VNC audio messages results in printfs to the console.
This is of no use to anyone in production, so should be using the
normal VNC_DEBUG macro instead.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:13 +01:00
Daniel P. Berrange
a2f45bc02a ui: remove unused 'wiremode' variable in VncState struct
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-18 09:25:13 +01:00
Markus Armbruster
f3cf80e805 vnc: Fix QMP change not to use funky error class
Error classes are a leftover from the days of "rich" error objects.
New code should always use ERROR_CLASS_GENERIC_ERROR.  Commit 1d0d59f
added a use of ERROR_CLASS_DEVICE_NOT_FOUND.  Replace it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-17 14:24:26 +01:00
Peter Maydell
dea4635998 misc ui patches, mostly sdl related.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJVAafbAAoJEEy22O7T6HE4t4kP/0uizYcn7yoSt2JREKmn6/lh
 dc3cAxuwcxEZ8KXUxWSGCSheQDDdYAaKyK06pl8GUncnRSUOpSvcRvjN6IE7GVZP
 6VQu5cdE69rPKPOIxvGApLbXvwqkngYCiDyKdFiJ/pjn4E7zA5yjv4YOa8LkQsMU
 L9iqPF5NogQ9yZiTepeWULJU/6kqhOAb4gfueGEC5SrePoa8E7chaBF8EjYt+IBB
 E1BJjZ12mtXHgG5mDVL7ysWrPTXMqDJSGKdFfV8uICFK21E0pN4uG6U4mq6+t3rY
 g2KJ3X//3KSSg9vJnNGpFSTSuXqRmf6cgpK0I+r+v99mKpuNRPNPSYBT0GWEfZUX
 TYxL3fTw03PqSHsL/Ep+ppmWOwwNPsryahoCBtPUHNnd48HluTlV62ONyQah8XTk
 TzAaeuGcbAwMwrLjzn92Qz4Dx/8Bdnj67tqGSYVqv+dOKlko41sgY0Q0n9TU1t6P
 oEOEfQvrnfot8Wey4tZ3jAfdxrf1Jr3bc1zehzVWCRusBTt7iCFpWi8kMA6PEfGX
 aivQXBbBJBzJ6B91asKLizjvVBiNvavy+BDWIBNYH++lou9htrdWg23qpH7etWOE
 S9IIFIR57P1+gSdr9k4Bed4B0A9qz5GQA6I1CHHyQSz6S8PU2s8YKC2viljr+hyn
 riFN11We9O20RVL1k7PX
 =OoVt
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-sdl-20150312-2' into staging

misc ui patches, mostly sdl related.

# gpg: Signature made Thu Mar 12 14:51:07 2015 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-sdl-20150312-2:
  pixman: add a bunch of PIXMAN_BE_* defines for 32bpp
  Allow the use of X11 from a non standard location.
  configure: opengl overhaul
  sdl: Fix crash when calling sdl_switch() with NULL surface
  sdl: Refresh debug statements

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-13 14:03:31 +00:00
Benjamin Herrenschmidt
d28d6505bd sdl: Fix crash when calling sdl_switch() with NULL surface
This happens for example when doing ctrl-alt-u and segfaults

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-12 12:54:23 +01:00
Benjamin Herrenschmidt
5f5d82ddf1 sdl: Refresh debug statements
Put them under a #define similar to the VGA model and make them
actually compile. Add a couple too.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-12 12:54:23 +01:00
Gonglei
81607cbfa4 vnc: fix segmentation fault when invalid vnc parameters are specified
Reproducer:
 #./qemu-system-x86_64 -vnc :0,ip
qemu-system-x86_64: -vnc :1,ip: Invalid parameter 'ip'
Segmentation fault (core dumped)

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-12 09:09:10 +01:00
Gonglei
b3c33f9173 vnc: avoid possible file handler leak
vs->lsock may equal to 0, modify the check condition,
avoid possible vs->lsock leak.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-12 08:22:12 +01:00
Gonglei
f76b84a04b ui/console: fix OVERFLOW_BEFORE_WIDEN
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-12 08:22:12 +01:00
Daniel P. Berrange
8c7d064573 ui: fix regression in x509verify parameter for VNC server
The 'x509verify' parameter is documented as taking a path to the
x509 certificates, ie the same syntax as the 'x509' parameter.

  commit 4db14629c3
  Author: Gerd Hoffmann <kraxel@redhat.com>
  Date:   Tue Sep 16 12:33:03 2014 +0200

    vnc: switch to QemuOpts, allow multiple servers

caused a regression by turning 'x509verify' into a boolean
parameter instead. This breaks setup from libvirt and is not
consistent with the docs.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-12 08:22:12 +01:00
Gerd Hoffmann
e556032960 vnc: switch to inet_listen_opts
Use inet_listen_opts instead of inet_listen.  Allows us to drop some
pointless indirection:  Format strings just to parse them again later on.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
2015-03-12 08:22:07 +01:00
Gerd Hoffmann
fc5c3ff751 vnc: remove dead code
If vs->ws_enabled is set ws_display is non-NULL.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
2015-03-12 08:22:07 +01:00
Gerd Hoffmann
bf7aa45e7b vnc: drop display+ws_display from VncDisplay
Nobody cares about those strings, they are only used to check whenever
the vnc server / websocket support is enabled or not.  Add bools for
this and drop the strings.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
2015-03-12 08:22:07 +01:00
Peter Maydell
21025c29f5 vnc bugfixes.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJU/sl/AAoJEEy22O7T6HE4LukP/07iHj+f3/9kZZzzE92urNJx
 NwXfdWvx+cr6bRHmkuoab6W14HZnsuwPOP8k6sHJnA5Jxl0IhFF9UsZZwrNXC9GB
 S1za5jd63C6ZsSP1FaItFTsd4ENAfjoeu1+92qNqnxJzQqttaMnTPPeNZXmyD+1n
 WZJwEMIffY9qukgZhaZwhPY0igjZHMrrkB4xoIUbCOUwL/t2tadXwQmdZzROwNsB
 Uslr34Tl7bC0vuNo6ZAed8OTI4cCqA/3N0W3xKOYrsFNjhRN+F4MDGtuAFlSzNJj
 tZFF4a73KKcWvFnTNMN1CUNSJd9+CGTc5gEmqie6yRHdNiEgCQTwGg69j3mODd/J
 3OBHdqK26hyzgvtFVEatcOA93YKDlFNJGidqVUpsGBS9mD3s/ddBZAsx0lv9evHC
 ejGhR22z6P7MeOIv3nig1lE9rDWw/It07wWTtQMK4XzZexYZNPbiB/0wdYqcgRVk
 YuVMcStl8EGB2S/CeWoILVWGy7PsJMV2OLZHzw5IrWwrRClQP4N0aA2t09aIPvMQ
 u0imH6fsj4Nv/pCys+nONvRgIRZDLBV5/amTJzMB2kUcUWohGAQ6Cj3dgdMec0xA
 PlpEZM8PaxC9wxRp6nZ0bMV3xN5oZTR6dWTDvP7NcrrvaZw30Sp7t7/SlDmx/oIG
 /yDiLcNWiCzhmQD2fWjg
 =mH6B
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20150310-1' into staging

vnc bugfixes.

# gpg: Signature made Tue Mar 10 10:37:51 2015 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-vnc-20150310-1:
  Fix crash when connecting to VNC through websocket
  vnc: -readconfig fix
  vnc: set id at parse time not init time

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-10 19:28:09 +00:00
Jorge Acereda Maciá
b57489cfe4 Fix crash when connecting to VNC through websocket
Connecting to VNC through websocket crashes in vnc_flush() when trying
to acquire a mutex that hasn't been initialized (vnc_init_state(vs)
hasn't been called at this point).

Signed-off-by: Jorge Acereda Macia <jacereda@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-10 11:33:42 +01:00
Gerd Hoffmann
9634f4e3b7 vnc: set id at parse time not init time
This way the generated id will be stored in -writeconfig cfg files.
Also we can make vnc_auto_assign_id() local to vnc.c.

Tested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-03-10 11:33:35 +01:00
Wang Xin
09f4fbe473 qemu-char: add cyrillic characters 'numerosign' to VNC keysyms
This patch adds missing cyrillic character 'numerosign' to the VNC
keysym table, it's needed by Russian keyboard. And I get the keysym from
'<X11/keysymdef.h>', the current keysym table in Qemu was generated from
it.

Signed-off-by: Wang xin <wangxinxin.wang@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-10 08:15:34 +03:00
Thomas Huth
09526058d0 ui/vnc: Remove vnc_stop_worker_thread()
This function is not used anymore, let's remove it.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-10 08:15:33 +03:00
Thomas Huth
b67072f0ab ui: Removed unused functions
Remove qemu_console_displaystate(), qemu_remove_kbd_event_handler(),
qemu_different_endianness_pixelformat() and cpkey(), since they are
completely unused.

Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-03-10 08:15:33 +03:00
Peter Maydell
68b459eaa6 hmp: Normalize HMP command handler names
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJU5HCgAAoJEDhwtADrkYZT0gcP/ijfMUqLlOPMagm5ggDCx/HK
 IFFgcrynQNS6FwTNSIEW04So4q2EMbqwuTEpZ5pe330brGy0U/UgkVmz76BkyoXT
 9LcgKwtVytfc/niF4k5nIKXrasNG1DHPrhd+zx/oTvwmC/8r+NqHZoPOjNaOPLCX
 18SWJMy57l47XAzVOUoFHEW3mEO5YjF8qo3eRcbUWEWXkRp6wg/d2f9nkiHIAfcB
 0XVso0PUJ3jID/WkNqb9JoexTnH5rQSkbeJVZWed8iSAt2cCi+pnE/RjL75M9VF8
 3mPh2Zhi1lEV4qsYQH1OY7909RtKIj7EBDd7kuUWBi1oSIEaIn5GjNWBGCmBbPbY
 0ZVhGFXFvvtI+tPEK3aqRSlyENReT29oKfEv0LAKoUQFBl+jb7qqBns4cfOF+i26
 Tb4cnzqN1rdnlCNemTQATOrr01JAZEkdp3NHq+Bx967ocP3zxfL+pX2Q/3S8aFDs
 j9Ynq+3FvweeDKeYbHKKscELII1DZcNs1CYJOtJIl+XgzowfgpoTRP7P/e2qFM+z
 ey5qF8nc3mW8tVSkotMeeseFe9tj1xxIV+CslTRiYqnxHnmq4HgsN3DoDtnyy9De
 g3U0d9rgBKFPEkAWXg939GXbH2HVUqLkOSy50WGRruP4dzco7BhLyhQimqPchBFj
 b7P40f6NyWCYDhzJu6+N
 =Kleh
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-monitor-2015-02-18' into staging

hmp: Normalize HMP command handler names

# gpg: Signature made Wed Feb 18 10:59:44 2015 GMT using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>"
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>"

* remotes/armbru/tags/pull-monitor-2015-02-18:
  hmp: Name HMP info handler functions hmp_info_SUBCOMMAND()
  hmp: Name HMP command handler functions hmp_COMMAND()
  hmp: Clean up declarations for long-gone info handlers

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-02-25 13:14:37 +00:00
Markus Armbruster
3e5a50d64c hmp: Name HMP command handler functions hmp_COMMAND()
Some are called do_COMMAND() (old ones, usually), some hmp_COMMAND(),
and sometimes COMMAND pointlessly differs in spelling.

Normalize to hmp_COMMAND(), where COMMAND is exactly the command name
with '-' replaced by '_'.

Exceptions:

* do_device_add() and client_migrate_info() *not* renamed to
  hmp_device_add(), hmp_client_migrate_info(), because they're also
  QMP handlers.  They still need to be converted to QAPI.

* do_memory_dump(), do_physical_memory_dump(), do_ioport_read(),
  do_ioport_write() renamed do hmp_* instead of hmp_x(), hmp_xp(),
  hmp_i(), hmp_o(), because those names are too cryptic for my taste.

* do_info_help() renamed to hmp_info_help() instead of hmp_info(),
  because it only covers help.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
2015-02-18 11:58:30 +01:00
Gerd Hoffmann
9e0ff75e51 vnc: fix coverity warning
vnc_display_local_addr will not be called with an invalid display id.
Add assert() to silence coverity warning about a null pointer dereference.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-02-16 08:48:00 +01:00
Peter Lieven
0e7d6f6083 ui/vnc: optimize full scanline updates
in case we send and update for a complete scanline increment
the y offset to avoid running to find_next_bit for that lines
twice.

Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-02-16 08:48:00 +01:00
Gonglei
2779672fa3 vnc: introduce an wrapper for auto assign vnc id
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-02-16 08:47:59 +01:00
Gonglei
a2c72de096 vnc: using bool type instead of int for QEMU_OPT_BOOL
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-02-16 08:47:59 +01:00
Gonglei
e2a11d9d5a vnc: correct missing property about vnc_display
Missing three property for vnc socket connection,
revalue display variable with correct way.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-02-16 08:47:59 +01:00
Gonglei
88428b7a93 vnc: fix qemu crash when not configure vnc option
Add missing vnc options: to, ipv4, ipv6 and fix
qemu crash.

Reproducer:
$ x86_64-softmmu/qemu-system-x86_64
qemu-system-x86_64: Invalid parameter 'to'
Segmentation fault (core dumped)

BTW the patch fix the below bug:
https://bugs.launchpad.net/qemu/+bug/1414222

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Don Slutz <dslutz@verizon.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-02-16 08:47:59 +01:00
Markus Armbruster
4b3be73006 vnc: g_realloc() can't fail, bury dead error handling
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-02-10 09:27:20 +03:00
Peter Maydell
adeecf14d6 spice: fix coverity defect, add unix address support
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJUwNxEAAoJEEy22O7T6HE4srMQAIBKASUv8434NMAtnRKmMtUk
 auQrl+ZZjjluymrULtGjXaCHpw0o8taMjRhFi21ODuQFEbHm8oo2NThSY2gxmg91
 sQIR5WNb9O4a6S3jAH/XVf/iTBDaPIcFVSeuML7+YhXp3rhIfBMIj6trsK/iWSGD
 qCDWKMORZAdGrGPh6wzskmfR2fRm/sXeXm7oqmEP0jawd0oIX+Chno5BbfXz4/WB
 18SV/b2nqiV4vGOZF7Lzyi0a5IcrJV9vl+kQRf446TbJbyoVZPZQp6qLOCL3UT4c
 P5MtON2XqFjJb2BvXN6Jg3sMSGYGixHtenHXLXCTRUCUD+CWMIwN+AeA9q17wiWJ
 bXjYROx6oQ1YmhXLaJI0N7dXTohBEYC54SoDjinjdIKKrf2rCjAr6B6eaqyidc4q
 GHCrOdL4jTkbcAiBJ/MgUBgay9OFbKkje7tK8BP1j7cWpDaz7lG8qErmwkzWW3DX
 PvZxumMYnQe5gVPI6nIT2dNTwRTofyavkb/1KnthJTeFqJa1ecFCjew8c9TLo0WO
 29WHTeuwtblUmRFarapaB2zRyt6LR+f75mRQHog3h1qFaBiaWYuMrtxoqrCq1RL2
 J0LRLnmVxKK2+nuAHM4xMvzLl7dLHKIHHMClhAj3E8rIHOnk8ssy9/lunDiq/VHt
 CENvqA32bzkZyW2fmT3H
 =BEw6
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/spice/tags/pull-spice-20150122-1' into staging

spice: fix coverity defect, add unix address support

# gpg: Signature made Thu 22 Jan 2015 11:17:24 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/spice/tags/pull-spice-20150122-1:
  spice: fix coverity reported defect in display code
  spice: add unix address support

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-01-22 13:56:11 +00:00
Gerd Hoffmann
4478aa768c monitor: add vnc websockets
Add websockets bool to VncBasicInfo, report websocket server sockets,
flag websocket client connections.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-22 11:18:47 +01:00
Gerd Hoffmann
df88768460 monitor: add query-vnc-servers command
Add new query vnc qmp command, for the lack of better ideas just name it
"query-vnc-servers".  Changes over query-vnc:

 * It returns a list of vnc servers, so multiple vnc server instances
   are covered.
 * Each vnc server returns a list of server sockets.  Followup patch
   will use that to also report websockets.  In case we add support for
   multiple server sockets server sockets (to better support ipv4+ipv6
   dualstack) we can add them to the list too.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-22 11:18:47 +01:00
Gerd Hoffmann
2d29a4368c vnc: factor out qmp_query_client_list
so we can reuse it for the new vnc query command.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-22 11:18:47 +01:00
Gerd Hoffmann
e5f34cdd2d vnc: track & limit connections
Also track the number of connections in "connecting" and "shared" state
(in addition to the "exclusive" state).  Apply a configurable limit to
these connections.

The logic to apply the limit to connections in "shared" state is pretty
simple:  When the limit is reached no new connections are allowed.

The logic to apply the limit to connections in "connecting" state (this
is the state you are in *before* successful authentication) is
slightly different:  A new connect kicks out the oldest client which is
still in "connecting" state.  This avoids a easy DoS by unauthenticated
users by simply opening connections until the limit is reached.

Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-22 11:18:47 +01:00
Gerd Hoffmann
1d0d59fe29 vnc: allow binding servers to qemu consoles
This patch adds a display= parameter to the vnc options.  This allows to
bind a vnc server instance to a specific display, allowing to create a
multiseat setup with a vnc server for each seat.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-22 11:18:46 +01:00
Gerd Hoffmann
4db14629c3 vnc: switch to QemuOpts, allow multiple servers
This patch switches vnc over to QemuOpts, and it (more or less
as side effect) allows multiple vnc server instances.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-22 11:18:46 +01:00
Gerd Hoffmann
c8496408b4 vnc: add display id to acl names
In case the display id is "default" (which is the one you get if you
don't explicitly assign one) we keep the old name scheme, without
display, for backward compatibility reasons.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
2015-01-22 11:18:46 +01:00
Gerd Hoffmann
14f7143ede vnc: remove unused DisplayState parameter, add id instead.
DisplayState isn't used anywhere, drop it.  Add the vnc server ID as
parameter instead, so it is possible to specify the server instance.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
2015-01-22 11:18:46 +01:00
Gerd Hoffmann
d616ccc5dd vnc: remove vnc_display global
Replace with a vnc_displays list, so we can have multiple vnc server
instances.  Add vnc_server_find function to lookup a display by id.
With no id supplied return the first vnc server, for backward
compatibility reasons.

It is not possible (yet) to actually create multiple vnc server
instances.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
2015-01-22 11:18:46 +01:00
Gerd Hoffmann
51a0909914 spice: fix coverity reported defect in display code
Report:

1. Condition surface, taking false branch
406    if (surface && ssd->surface &&
407        surface_width(surface) == pixman_image_get_width(ssd->surface) &&
408        surface_height(surface) == pixman_image_get_height(ssd->surface)) {
409        /* no-resize fast path: just swap backing store */
...

10. alias_transfer: Assigning: ssd->ds = surface.
440    ssd->ds = surface;

11. var_deref_op: Dereferencing null pointer ssd->ds.
CID 1264334 (#1 of 1): Dereference after null check (FORWARD_NULL)
441    ssd->surface = pixman_image_ref(ssd->ds->image);

Fix:

Move code block dereferencing ssd->ds into the already existing
if (ssd->ds) { ... } block.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-22 11:18:41 +01:00
Marc-André Lureau
fe4831b1e7 spice: add unix address support
Teach qemu to set up a Spice server with a UNIX socket using the
following arguments -spice unix,addr=path.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-22 11:18:41 +01:00
Gerd Hoffmann
877417d9ae ui/sdl2: Support shared surface for more pixman formats
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-19 13:33:26 +01:00
Benjamin Herrenschmidt
7dd93291ca ui/sdl: Support shared surface for more pixman formats
At least all the ones I've tested. We make the assumption that
SDL is going to be better at conversion than we are.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>

[ kraxel: minor format tweaks ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-19 13:33:26 +01:00
Benjamin Herrenschmidt
fcf73af68e ui/gtk: Support shared surface for most pixman formats
At least all the ones I've tested. We make the assumption that
pixman is going to be better at conversion than we are.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>

[ kraxel: just hook up qemu_pixman_check_format ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-19 13:33:26 +01:00
Gerd Hoffmann
0002a51889 ui/spice: Support shared surface for most pixman formats
Just hook up qemu_pixman_check_format.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-19 13:33:26 +01:00
Benjamin Herrenschmidt
34da30afa4 ui/vnc: Support shared surface for most pixman formats
At least all the ones I've tested. We make the assumption that
pixman is going to be better at conversion than we are.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>

[ kraxel: just hook up qemu_pixman_check_format ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-19 13:33:26 +01:00
Gerd Hoffmann
8cd996f493 ui/pixman: add qemu_pixman_check_format
Convinience check_format function for UIs using pixman.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-19 13:33:26 +01:00
Benjamin Herrenschmidt
49743df399 ui: Add dpy_gfx_check_format() to check backend shared surface support
This allows VGA to decide whether to use a shared surface based on
whether the UI backend supports the format or not. Backends that
don't provide the new callback fallback to native 32 bpp which
is equivalent to what was supported before.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>

[ kraxel: fix console check, allow only 32 bpp as fallback ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-01-19 13:33:26 +01:00
Benjamin Herrenschmidt
aca7aaf628 ui: Make qemu_default_pixman_format() return 0 on unsupported formats
In order to remove the logic for detecting supported shared
pixmap formats from device models, make qemu_default_pixman_format()
capable for failing by returning 0 which is not a possible format
value rather than asserting.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
2015-01-19 13:33:26 +01:00
Peter Maydell
c95f3901b4 sdl2: fixes, cleanups and opengl preparation.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIbBAABAgAGBQJUk+p/AAoJEEy22O7T6HE4IRwP92ngsJ3qN4ZLk13KyEZGkMWR
 /JYZE6x3Mr5KMOyZkWsajcqMYCmpO7fVRRpDHGyLPu80M2bvI0djkU3TF7AaiD35
 ZhutT17R7KWl2eOpewncpEiyf+UWqqnkcX01XyUQ7HzmZEqO5Ypdd0cOtVxv5lBW
 RfaIewvL1m7ZNV/ZYaLLNbug7B9tw9rzI34HRFfh7yUI9pOrpa2tf3lZADSeYMnz
 NAfqBB/tYUR9Rgl8DWu3d0O7SNev4qUPFY+sVsMwt8Z/M6URooAk2fQ7shMgES4o
 BHAUuSOnC/AwnKCqo7h6AtTTigCmbWFIKJJbSPGrE8x8+NG5YrR+wdKSOctsMxgY
 vPgeTFFQEIuQeMb4grzTDZoTsIhh8uSXIVpgn0Wb4evaYpLGuhv0YsjsG0NKZ1aR
 q8VlY81fyNND4kvjZdv82bOoAlOXvojm7gsctprlnbar7ggFsrgvXmrvZ9s9EXAL
 VPTb+EQwQ0Zjt2psl/jCaaOPZ1Bd0ytPK2DIM8aCkEcqYbSLp1Evc+dhZcoFbqJA
 CdfbIBj+BI1trOBRsgd5KZPOnQbTYyYYhJlTbSFMGhj3Dg82xL6UwVBIaVMJpCMa
 +ZP8zs5qBY/ipQKtQGx+AeVuL4j2VHPXmiJ7/MV3ORIF1zNWcC26BHBinLL+P+mY
 byu8Y7OFAmcMbHInFQw=
 =SxmF
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-sdl-20141219-1' into staging

sdl2: fixes, cleanups and opengl preparation.

# gpg: Signature made Fri 19 Dec 2014 09:06:07 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-sdl-20141219-1:
  sdl2: Work around SDL2 SDL_ShowWindow() bug
  sdl2: Use correct sdl2_console for window events
  sdl2: move sdl2_2d_refresh to sdl2-2d.c
  sdl2: factor out sdl2_poll_events
  sdl2: add+use sdl2_2d_redraw function.
  sdl2: move sdl_switch to sdl2-2d.c
  sdl2: overhaul window size handling
  sdl2: move sdl_update to new sdl2-2d.c
  sdl2: turn on keyboard grabs
  sdl2: move keyboard input code to new sdl2-input.c
  sdl2: rename sdl2_state to sdl2_console, move to header file
  sdl: move version logic from source code to makefile

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-21 23:17:00 +00:00
Max Reitz
d3f3a0f453 sdl2: Work around SDL2 SDL_ShowWindow() bug
Apparently it is possible for X to send an event to a hidden SDL2
window, leading to SDL2 believing it is now shown. SDL2 will pass the
SDL_WINDOWEVENT_SHOWN message to the application without actually
showing the window; the problem is that the next SDL_ShowWindow() will
be a no-op because SDL2 assumes the window is already shown.

The correct way to react to SDL_WINDOWEVENT_SHOWN would be to clear
scon->hidden (analogous for SDL_WINDOWEVENT_HIDDEN). However, due to the
window not actually being shown, this will somehow not be correct after
all.

Therefore, just hide the window on SDL_WINDOWEVENT_SHOWN if it is
supposed to be hidden (and analogous for SDL_WINDOWEVENT_HIDDEN).

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-12-17 12:44:01 +01:00
Max Reitz
1dfc5c8808 sdl2: Use correct sdl2_console for window events
SDL_PollEvent() polls events for all windows; therefore,
sdl2_poll_events() will poll the events for all windows and not only for
the one identified by the given sdl2_console.

This should be considered in handle_windowevent(): The window affected
by the event is not necessarily the one identified by the sdl2_console
object given to sdl2_poll_events(), but the one identified by
ev->window.windowID.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-12-17 12:44:01 +01:00
Gerd Hoffmann
62959ffe45 sdl2: move sdl2_2d_refresh to sdl2-2d.c
Now that common event handling code is split off, we can move
over sdl_refresh to sdl2-2d.c, and rename it to sdl2_2d_refresh.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2014-12-17 12:44:01 +01:00
Gerd Hoffmann
63ed4907cb sdl2: factor out sdl2_poll_events
Create a new function to poll and handle sdl2 events,
which is then just called from the refresh timer.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2014-12-17 12:44:01 +01:00
Gerd Hoffmann
0d01b7ce61 sdl2: add+use sdl2_2d_redraw function.
Add a new sdl2_2d_redraw function for a complete screen refresh,
so we can stop using graphic_hw_invalidate for that.  There is
no need to bother console / gfx emulation code if we are just
going to re-blit the screen after window resizes.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2014-12-17 12:44:01 +01:00
Gerd Hoffmann
2c3056f182 sdl2: move sdl_switch to sdl2-2d.c
Move sdl_switch to sdl2-2d.c file, rename to sdl2_2d_switch.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2014-12-17 12:44:01 +01:00
Gerd Hoffmann
46522a8223 sdl2: overhaul window size handling
Split do_sdl_resize function (which does alot more than just resizing)
into three: sdl2_window_{create,destroy,resize}.

Fix SDL_Renderer handling: must be guest display size not host window
size, and SDL2 will magically handle all scaling for us.

Make fullscreen actually enter fullscreen mode and simplify the code.
There is no need to store the original window size, the window manager
will do that for us.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2014-12-17 12:44:01 +01:00
Gerd Hoffmann
f1ddebd865 sdl2: move sdl_update to new sdl2-2d.c
Create new sdl2-2d file for 2d display rendering.
Move over sdl_update code, and rename to sdl2_2d_update.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2014-12-17 12:44:01 +01:00
Gerd Hoffmann
44f017d03e sdl2: turn on keyboard grabs
Makes quite some keys actually go to the guest instead of
being captured by the host window manager.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2014-12-17 12:43:55 +01:00
Gerd Hoffmann
8fc1a3f58f sdl2: move keyboard input code to new sdl2-input.c
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2014-12-17 12:43:27 +01:00
Gerd Hoffmann
5d0fe65078 sdl2: rename sdl2_state to sdl2_console, move to header file
Create sdl2.h header file, in preparation for sdl2 code splitup.
Populate it with sdl2_console struct (renamed from sdl2_state).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2014-12-17 12:43:00 +01:00
Gonglei
a41642708a spice: fix memory leak
If errors happen for middle items of channel_list,
qmp_query_spice_channels() returns NULL, and the variable
cur_item going out of scope leaks the storage it points to.

The flag is a compatibility thing for older spice-server
versions. Meanwhile our minimum spice version requirement is
new enough that we should never ever see this error, and if we
do something went very seriously wrong. Let's using assert()
instead of returning NULL to avoid a memory leak.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-12-16 14:15:29 +01:00
Marc-André Lureau
e0883e2de0 spice: remove spice-experimental.h include
Nothing seems to be using functions from spice-experimental.h (better
that way). Let's remove its inclusion.

Signed-off-by: Marc-André Lureau <marcandre.lureau@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-12-16 14:15:29 +01:00
Marc-André Lureau
cf7856adef spice: do not require TCP ports
It is possible to use Spice server without TCP port.  On local VM,
qemu (and libvirt) can add new clients thanks to QMP add_client command.

Signed-off-by: Marc-André Lureau <marcandre.lureau@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-12-16 14:15:29 +01:00
Gerd Hoffmann
555e72f2d0 spice: rework mirror allocation, add no-resize fast path
Add fast path to qemu_spice_display_switch in case old and new
displaysurface have identical size (happens with display panning
and page flipping).  We just swap the backing store then and don't
go through the whole process of deleting and creating the primary
surface.

To simplify the code a bit move mirror surface allocation to
qemu_spice_display_switch().

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-12-16 14:15:29 +01:00
Gerd Hoffmann
0b2824e5e4 spice: use bottom half instead of refresh timer for cursor updates
Calling directly doesn't work due to the qxl-render code running in
spice server thread context.  Meanwhile bottom half scheduling is
thread-safe though, so we can use that to kick a cursor update in
main i/o thread context.

Cc: Marc-André Lureau <marcandre.lureau@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-12-16 14:15:29 +01:00
Gerd Hoffmann
d29c431edc sdl: move version logic from source code to makefile
Compile sdl.c / sdl2.c depending on CONFIG_SDLABI instead of
compiling both and have version #ifdefs in the source code.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2014-12-16 14:15:27 +01:00
Gonglei
43948386bb keymaps: correct keymaps.c following Qemu coding style
It's hard to read because of the confused coding
style in this file. Let's correct it following Qemu
coding style.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-12-10 10:08:12 +01:00
Gonglei
525965b85d vnc-enc-tight: fix Arguments in wrong order
Arguments in wrong order (SWAPPED_ARGUMENTS)
The positions of arguments in the call to
tight_fill_palette do not match the ordering of the parameters:
 &fg is passed to bg
 &bg is passed to fg

Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-12-10 10:08:12 +01:00
Gerd Hoffmann
df5b2adb73 input: move input-send-event into experimental namespace
Ongoing discussions on how we are going to specify the console,
so tag the command as experiental so we can refine things in
the 2.3 development cycle.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1416923657-10614-1-git-send-email-armbru@redhat.com
[Spell out "not a stable API", and x- the QAPI schema, too]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Amos Kong <akong@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-11-25 17:03:31 +00:00
Fam Zheng
b310a2a609 gtk: Don't crash if -nodefaults
This fixes a crash by just skipping the vte resize hack if cur is NULL.

Reproducer:

qemu-system-x86_64 -nodefaults

Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-21 08:37:59 +01:00
zhanghailiang
8a0f9b5263 gtk: fix possible memory leak about local_err
local_err in gd_vc_gfx_init() is not freed, and we don't use it,
so remove it.

Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-21 08:37:59 +01:00
Amos Kong
51fc44768a QMP/input-send-event: make console parameter optional
The 'QemuConsole' is the input source for handler, we share some
input handlers to process the input events from different QemuConsole.

Normally we only have one set of keyboard, mouse, usbtablet, etc.
The devices have different mask, it's fine to just checking mask to
insure that the handler has the ability to process the event.

I saw we try to bind console to handler in usb/dev-hid.c, but display
always isn't available at that time.

If we have multiseat setup (as Gerd said), we only have 'problem' in
this case. Actually event from different devices have the same effect
for system, it's fine to always use the first available handler
without caring about the console.

For send-key command, we just pass a NULL for console parameter in
calling qemu_input_event_send_key(NULL, ..), but 'input-send-event'
needs to care more devices.

Conclusion:
Generally assigning the special console is meanless, and we can't
directly remove the QMP parameter for compatibility.

So we can make the parameter optional. The parameter might be useful
for some special condition: we have multiple devices without binding
console and they all have the ability(mask) to process events, and
we don't want to use the first one.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-13 11:06:40 +01:00
Gerd Hoffmann
dc52017146 gtk: add GDK_KEY_pause #define
Add pause key to the list of compatibility defines.
Fixes the build with older gtk versions.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-04 14:40:20 +01:00
Cole Robinson
b0f3182064 gtk: Hide the menubar when in fullscreen mode (lp 1294898)
In fullscreen mode, we attempt to shrink the menubar to 1 pixel in height,
so it takes up as little room as possible while still allowing us to use
the keyboard shortcuts for its various operations.

However this shrinking is disregarded on gtk3, so the entire menu bar is
visible, which isn't very pleasant. This patch hides the menu bar instead.

The side effect is that the only keyboard shortcuts that will work in this
mode are the ones that we explicitly register on the top level window and
not the menu bar. The previous patches changed the fullscreen and vc
shortcuts to work like that, which I think are the only ones that really
matter in for the fullscreen case.

https://bugs.launchpad.net/qemu/+bug/1294898
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-04 08:15:21 +01:00
Cole Robinson
277836c82b gtk: Install vc accelerators on parent window
So they are usable when we hide the menubar in upcoming patches. This
has the accelerator text caveat as the fullscreen bit in the previous
patch.

Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-04 08:15:21 +01:00
Cole Robinson
9541491461 gtk: Install fullscreen accelerator on toplevel window
Instead of installing it on the menu. This will be needed to keep the
fullscreen keyboard shortcut working when we hide the menu (in future
patches).

On gtk < 3.8, this has the unfortunate side effect of no longer listing
the key combo in the UI. We could manually change the label in that case,
but it will look visually out of place, and I'm not sure if anyone really
cares.

Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-04 08:15:21 +01:00
Cole Robinson
400519d24a gtk: Grab accel_group from GtkDisplayState
Rather than needlessly pass it around

Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-11-04 08:15:21 +01:00
Fam Zheng
98001e7b08 ui: Use the new ".mo-cflags" rule syntax for SDL_CFLAGS
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-10-31 11:26:25 +01:00
Peter Maydell
fecd54ccd7 vnc: return directly if no vnc client connected
vnc: sanitize bits_per_pixel from the client (CVE-2014-7815)
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJUT3VvAAoJEEy22O7T6HE4P8YP/ietMLSUkbt0UYOaFs4cyb4P
 Eb/omvVgA2nxgpJErovNq3nNHeRsHzo479Vm04CaNBavVZgT+4YiYhcMN2SsepqT
 SnzZ4YiuQ9VMIma4CeAvizjXCutQ9BDQAu6RkVv50TqqMgfzaxE7tcxKQgocYxDd
 CJdBB81/9g2IybHYhwyQUeh6Lra2Wh7N1JfKUt9bfRnGqVTgKeshrdZkwArsjUEa
 MwvVt7u6beGGOCAdVJRJMUzi8WzX0bQRpS9SoFYoLvRwsf+HIJQh16aJ9tDnqJpu
 Vv7xTnkmIFi13NhbPReVhS7f4qgAcDO718/A2KbHcml7EF3E78/zwVFQfAd4yqXc
 YyySdh8k2zsQ+F0YfX2N7soDM9eRtFdWj/Df6z+VqPDn/X0t8HmVZk7GAxHVg7cG
 4UT44v1g0RBIN381PnckPhQCX/1s0U8wRQTstuKJO9x7WpI5rKIAS/WDdFJkwm9V
 LDqBYlk44VAwSgAt5gas5b7efrhUPAECAA8HaX1Xjs0WIb5vzB3le/WEjbWc7XFn
 sORIJCE5+jBi0G0NQ21KaO7RocE21cFOGCgwJuAGcgboSzXAJc1z5+4RozerUaMK
 jjkIEk826AcFR1kL3xjPAeJ4qo4pJO3OhcWqQrRGpCL88s9eFe3pp+2FlZDNj01R
 SjQN3h4g9js4nYFF2o7v
 =Y163
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20141028-1' into staging

vnc: return directly if no vnc client connected
vnc: sanitize bits_per_pixel from the client (CVE-2014-7815)

# gpg: Signature made Tue 28 Oct 2014 10:52:31 GMT using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-vnc-20141028-1:
  vnc: return directly if no vnc client connected
  vnc: sanitize bits_per_pixel from the client

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-30 18:21:25 +00:00
ChenLiang
9d6b207047 vnc: return directly if no vnc client connected
graphic_hw_update and vnc_refresh_server_surface aren't
need to do when no vnc client connected. It can reduce
lock contention, because vnc_refresh will hold global big
lock two millisecond every three seconds.

Signed-off-by: ChenLiang <chenliang88@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-28 11:51:04 +01:00
Petr Matousek
e6908bfe8e vnc: sanitize bits_per_pixel from the client
bits_per_pixel that are less than 8 could result in accessing
non-initialized buffers later in the code due to the expectation
that bytes_per_pixel value that is used to initialize these buffers is
never zero.

To fix this check that bits_per_pixel from the client is one of the
values that the rfb protocol specification allows.

This is CVE-2014-7815.

Signed-off-by: Petr Matousek <pmatouse@redhat.com>

[ kraxel: apply codestyle fix ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-28 11:51:04 +01:00
Gerd Hoffmann
316cb068bd gtk: avoid gd_widget_reparent with gtk 3.14+
gtk_widget_reparent is depricated in gtk 3.14, stop using it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-28 11:25:14 +01:00
Gerd Hoffmann
987fec54e1 gtk: drop gtk_widget_set_double_buffered call
Dunno why it is here.  Removing it seems to have no ill side effects.
It is depricated in 3.14+.  In some cases it has no effect since 3.10
according to the docs:

https://developer.gnome.org/gtk3/stable/GtkWidget.html#gtk-widget-set-double-buffered

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-28 11:25:14 +01:00
Martin Decky
5c960521b8 gtk: add support for the Pause key
Special handing of the Pause key. Implemented in a similar way as in
ui/sdl.c.

Signed-off-by: Martin Decky <martin@decky.cz>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15 11:08:32 +02:00
Chen Fan
84961407a5 gtk.c: Fix memory leak in gd_set_keycode_type()
this memory leak is introduced by the original
 commit 3158a3482b

 valgrind out showing:
 ==14553== 21,459 (72 direct, 21,387 indirect) bytes in 1 blocks are definitely
 lost in loss record 8,055 of 8,082
 ==14553==    at 0x4A06BC3: calloc (vg_replace_malloc.c:618)
 ==14553==    by 0x80DBFBC: XkbGetKeyboardByName (in /usr/lib64/libX11.so.6.3.0)
 ==14553==    by 0x40C704: gtk_display_init (gtk.c:1798)
 ==14553==    by 0x1AEDC1: main (vl.c:4480)

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-15 11:08:32 +02:00
Peter Maydell
b00a0ddb31 input monitor patches: fix send-key release ordering
and new input-send-event command
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJULQiEAAoJEEy22O7T6HE4WLQQAKCdMIwxO07onZhv/6UkOJpM
 Hr04tmMpurGdZfi6nzKzwqKBmvnYV5CN9WmebVkox200o38vbG+QQ0utd/ezdTxS
 BcbiOnZReEBKHHQCdKsOiYX42F0oVoVMYEdFGzf2oNXf7Jf0n4xFBtjb2umCP0Qy
 qXNMQtFg+LIgHUO4o/WZvidHdRSobOfuFANGbwNGGx/CXtFWX0GJV+4EM4tzq/qw
 tAvk3vGIDhP26/BxWnjWqe5B3OZKdO4El4UM+dXUR+o8tEvSzMcL+6LSqP/ZB2Ku
 xMoKaIpd0wklXjZEJ/DIuaQ42iScwqU6KUaIDIDKKdpJWlDoC16LgpdrhVlH0ATP
 /NmFsgG1K8iRbHSu2yol4qx7MO0LW2sMSdk2sDMdH0aR5y2ZXMQnJd5D2CIV/Dws
 nGLNrG/O3OMptmbaceuRpgC+syYU3oEDy5TsGHmDwSE0mQXqH5CKbRgFaMUU1RmN
 b0MN5t49TS2KRPDkc/OEqUzKQvk+aUo48Bq+Nkwq1YMlXtakfqHM57B9HDmozg+L
 1KGnGcSBrpDolRUKe1uYhwRI0asd6kBgGm6C/0WZM64bUvW42VYejPdXpwkB1tri
 PWcSpVKA49GPdpWuysrvCZMrIYst2+Mx0SK/MLc0MZsUPb1gBk8j0xELxbxe+Bqf
 KOuTbcFxAOizSAJGI4J8
 =KkIF
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-input-20141002-1' into staging

input monitor patches: fix send-key release ordering
and new input-send-event command

# gpg: Signature made Thu 02 Oct 2014 09:10:44 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-input-20141002-1:
  add input-send-event command
  input: fix send-key monitor command release event ordering

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-02 15:01:48 +01:00
Marcelo Tosatti
50c6617fcb add input-send-event command
Which allows specification of absolute/relative,
up/down and console parameters.

Suggested by Gerd Hoffman.

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-02 09:58:14 +02:00
Gerd Hoffmann
e37f202450 input: fix send-key monitor command release event ordering
commit 2e377f1730 changed the ordering
of the release events as side effect.  Some guests are not happy with
that and don't recognise ctrl-alt-del any more.  This patch restores
the old last-pressed first-released behavior.

Cc: Amos Kong <akong@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-10-02 09:58:14 +02:00
Gerd Hoffmann
89ec031b09 pixman: fix qemu_default_pixman_format (32bpp non-native endian)
Bug breaks SDL display of bigendian guests on little endian hosts.

Reported-by: BALATON Zoltan <balaton@eik.bme.hu>
Reported-by: Valentin Manea <valentin.manea@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-30 13:34:04 +02:00
Gerd Hoffmann
1c1f949844 console: add graphic_console_set_hwops
Add a function to allow display emulations to switch the hwops
function pointers.  This is useful for devices which have two
completely different operation modes.  Typical case is the vga
compatibility mode vs. native mode in qxl and the upcoming
virtio-vga device.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-29 10:20:09 +02:00
Stefan Hajnoczi
550830f935 block: delete cow block driver
This patch removes support for the cow file format.

Normally we do not break backwards compatibility but in this case there
is no impact and it is the most logical option.  Extraordinary claims
require extraordinary evidence so I will show why removing the cow block
driver is the right thing to do.

The cow file format is the disk image format for Usermode Linux, a way
of running a Linux system in userspace.  The performance of UML was
never great and it was hacky, but it enjoyed some popularity before
hardware virtualization support became mainstream.

QEMU's block/cow.c is supposed to read this image file format.
Unfortunately the file format was underspecified:

1. Earlier Linux versions used the MAXPATHLEN constant for the backing
   filename field.  The value of MAXPATHLEN can change, so Linux
   switched to a 4096 literal but QEMU has a 1024 literal.

2. Padding was not used on the header struct (both in the Linux kernel
   and in QEMU) so the struct layout varied across architectures.  In
   particular, i386 and x86_64 were different due to int64_t alignment
   differences.  Linux now uses __attribute__((packed)), QEMU does not.

Therefore:

1. QEMU cow images do not conform to the Linux cow image file format.

2. cow images cannot be shared between different host architectures.

This means QEMU cow images are useless and QEMU has not had bug reports
from users actually hitting these issues.

Let's get rid of this thing, it serves no purpose and no one will be
affected.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1410877464-20481-1-git-send-email-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-09-22 11:39:45 +01:00
Markus Armbruster
9d64fab422 vnc-tls: Clean up dead store in vnc_set_x509_credential()
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-18 08:01:53 +02:00
Peter Lieven
86152436eb ui/vnc: set TCP_NODELAY
we currently have the Nagle algorithm enabled for all outgoing VNC updates.
This may delay sensitive updates as mouse movements or typing in the console.
As we currently prepare all data in a buffer and then send as much as we can
disabling the Nagle algorithm should not cause big trouble. Well established
VNC servers like TightVNC set TCP_NODELAY as well.
A regular framebuffer update request generates exactly one framebuffer update
which should be pushed out as fast as possible.

Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2014-09-17 15:14:41 +02:00
Peter Maydell
e4d50d47a9 qemu-char: Rename register_char_driver_qapi() to register_char_driver()
Now we have removed the legacy register_char_driver() we can
rename register_char_driver_qapi() to the more obvious and
shorter name.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1409653457-27863-6-git-send-email-peter.maydell@linaro.org
2014-09-16 23:36:32 +01:00
Peter Maydell
8af47027eb Two minor sdl2 fixes.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJUF9a1AAoJEEy22O7T6HE4ym4QANpfpvCt09K76x0rFqlzYN6j
 /6dBiIs3oCXKlOdJgMnm6/NlVlS9dXH7nc33h/wQl8HMC4yEvx/K7r2W9TtFM9Jy
 5BUswx0rySfdgD0zF2pMatnGI/4jFXixyP4Jkrjd4L0kUjD94f5Io9hjfF8+XxLQ
 2WJr9Yt6c2S9RDb3ry5WRhLIghG2xw7/JYGbRy1gOe1Yg/OriLFrtuC5pukB8qyU
 TkC825JdSwgn/eUf5788aIWGIBWYuuvDTYKV355q5ih7uhqjESFgXUOgQCvFjoda
 EjEDVFk6SSv9ODA7D2Z9cDf7V3k5jlg8Ga2k/JBAHp6LcAS6tG7XT/yR5K/PZLqg
 KJ0HbpsqzUwvQ/SFxo91oMhGpb6LFDBjwp6NE884Rj9TZTq6QR7J3HaGgM/Fy9RP
 GDXXVUVWKtqh0UdReIsTElJoVGoDUu61Z4DBKvnXkoMoPmIYuxR8JUOS5QcoxF6T
 bKaglAz8xFGN3+4Hj9VnHKzDlJ4NaKnJ9kDVIR9Auo0YzKILZ1sRO9VvUBeKaXQX
 NJ7pj37Li3lh8ArTqpuqO93s+dglbNMwhqkWOOYkCJlCMJtZhVyIF1ok8mtwooxH
 4VBQlev+r2jVkj4Aj5gk0PtF3+/qLuG1iUAxoD66k7W8Kja68i5U/HwZQq7b6KsB
 TtBafd+ArR/aIT6LXs9+
 =ZTrX
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kraxel/tags/pull-sdl-20140916-1' into staging

Two minor sdl2 fixes.

# gpg: Signature made Tue 16 Sep 2014 07:20:37 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>"
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>"
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>"

* remotes/kraxel/tags/pull-sdl-20140916-1:
  sdl2: keymap fixups
  sdl2: drop sdl_zoom.h

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-16 18:29:40 +01:00