Added TLS support to the VNC QEMU Websockets implementation.
VNC-TLS needs to be enabled for this feature to be used.
The required certificates are specified as in case of VNC-TLS
with the VNC parameter "x509=<path>".
If the server certificate isn't signed by a rooth authority it needs to
be manually imported in the browser because at least in case of Firefox
and Chrome there is no user dialog, the connection just gets canceled.
As a side note VEncrypt over Websocket doesn't work atm because TLS can't
be stacked in the current implementation. (It also didn't work before)
Nevertheless to my knowledge there is no HTML 5 VNC client which supports
it and the Websocket connection can be encrypted with regular TLS now so
it should be fine for most use cases.
Signed-off-by: Tim Hardeck <thardeck@suse.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1366727581-5772-1-git-send-email-thardeck@suse.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Add a linked list of keyboard handlers. Added handlers will go
to the head of the list. Removed handlers will be zapped from
the list. The head of the list will be used for events.
This fixes the keyboard-dead-after-usb-kbd-unplug issue, key events
will be re-routed to the ps/2 kbd instead of being discarded.
[ v2: fix cut+paste bug found my Markus ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1366798118-3248-3-git-send-email-kraxel@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
There is no need for anybody outside ui/input.c to access the
struct elements. Move the definitions, leaving only the typedefs
in the header files.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1366798118-3248-2-git-send-email-kraxel@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
# By Amos Kong (1) and Luiz Capitulino (1)
# Via Luiz Capitulino
* luiz/queue/qmp:
virtio-balloon: fix integer overflow in BALLOON_CHANGE QMP event
monitor: fix the wrong order of releasing keys
Message-id: 1366375833-995-1-git-send-email-lcapitulino@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Fix failures to compile introduced by recent console commits
1dbfa00503, 81c0d5a6) which removed is_graphic_console() and
vga_hw_update() without updating the cocoa UI backend to match.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
(qemu) sendkey ctrl_r-scroll_lock-scroll_lock
Executing this command could not let Windows guest panic, it caused by
the wrong order of releasing keys. This problem was introduced by
commit e4c8f004c5.
The right release order should be starting from last item.
Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
DisplayChangeListener gets a new QemuConsole field, which can be set to
non-NULL before registering. This will pin the QemuConsole, so that
particular DisplayChangeListener will not follow console switches.
spice+gtk (which don't support text console input anyway) are switched
over to be pinned to console 0, which usually is the graphical display.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
xenfb informs the guest about the gui refresh interval so it can avoid
pointless work. That logic was temporarely disabled for the
DisplayState reorganization. Restore it now, with a proper interface
for it.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Make gui update rate adaption code in gui_update() actually work.
Sprinkle in a tracepoint so you can see the code at work. Remove
the update rate adaption code in vnc and make vnc simply use the
generic bits instead.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Pass a single GraphicHwOps struct pointer to graphic_console_init,
instead of a bunch of function pointers.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
With gui_* being moved to console.c nobody outside console.c needs
access to DisplayState fields any more. Make the struct private.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
We have a surface per QemuConsole now, so there is no need to keep
track of the QemuConsole size any more as we can query the surface
size directly at any time.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Screendumps are alot simpler as we can update non-active
QemuConsoles now. So we only need to update the QemuConsole
we want write out, then dump the DisplaySurface content into
a ppm file. Done.
No console switching needed. No special support code in the
gfx card emulation needed. Zap it all. Also move ppm_save
out of the vga code and next to the qmp_screendump function.
For now screen dumping is limited to console #0 (like it used
to be), even though it is dead simple to extend it to other
consoles. I wanna finish the console cleanup before setting
new qapi interfaces into stone.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Tested-by: Igor Mitsyanko <i.mitsyanko@gmail.com>
Go away from the global DisplaySurface, give one to each QemuConsole
instead. With this patch applied it is possible to call
graphics_hw_* functions with qemu consoles which are not the current
foreground console.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add QemuConsole parameter to vga_hw_*, so the interface allows to update
non-active consoles (the actual code can't handle this yet, see next
patch). Passing NULL is allowed and updates the active console, like
the functions do today.
While touching all vga_hw_* calls anyway rename that to the functions to
hardware-neutral graphics_hw_*
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
We have only one DisplayState, so there is no need for the "next"
linking, rip it. Also consolidate all displaystate initialization
into init_displaystate(). This function is called by vl.c after
creating the devices (and thus all QemuConsoles) and before
initializing DisplayChangeListensers (aka gtk/sdl/vnc/spice ui).
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Now that all text console rendering uses pixman we can easily
switch the color tables to use pixman_color_t directly.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add helper functions to create pixman mask images for glyphs
and to render these glyphs into a pixman image.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The fcntl(fd, F_SETFL, O_NONBLOCK) flag is not specific to sockets.
Rename to qemu_set_nonblock() just like qemu_set_cloexec().
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The QEMU icon which is already used for SDL
is now also loaded by GTK.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-id: 1364653300-26813-1-git-send-email-sw@weilnetz.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
To better reflect that it is for handling a backend being opened.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Message-id: 1364292483-16564-3-git-send-email-hdegoede@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This solves, e.g., sticky ALT when selecting a GTK menu, switching to a
different window or selecting a different virtual console.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Message-id: 514F417A.6010908@web.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Fix various compilation failures introduced by the recent console
changes.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1363638501-29603-1-git-send-email-peter.maydell@linaro.org
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Switch the few remaining ds_get_* uses in console.c over to the new
surface_* accessors.
While doing so tripped over a few leftovers from commit
a93a4a226a (code using depth == 0
as indicator for textmode rendering). Fixed them up.
Finally dropped ds_get_* helper helpers.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Now that nobody depends on DisplayState in DisplayChangeListener
callbacks any more we can remove the parameter from all callbacks.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Rework DisplayStateListener callbacks to not use the DisplayState
any more. Factor out the window size handling to a separate function,
so the zoom callbacks can call that directly instead of abusing the
gd_switch DisplayStateListener callback for that.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Replace the dpy_gfx_resize and dpy_gfx_setdata DisplayChangeListener
callbacks with a dpy_gfx_switch callback which notifies the ui code
when the framebuffer backing storage changes.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Decouple DisplaySurface allocation & deallocation from DisplayState.
Replace dpy_gfx_resize + dpy_gfx_setdata with a dpy_gfx_replace_surface
function.
This handles the graphic hardware emulation.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
DisplayChangeListener is passed now to all DisplayChangeListenerOps
callbacks, so we can use that to access the spice display state and
kill the sdpy global variable.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
It's broken by design. There can be multiple DisplayChangeListener
instances, so they simply can't store state in the (single) DisplayState
struct. Try 'qemu -display gtk -vnc :0', watch it crash & burn.
With DisplayChangeListenerOps having a more sane interface now we can
simply use the DisplayChangeListener pointer to get access to our
private data instead.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Split callbacks into separate Ops struct. Pass DisplayChangeListener
pointer as first argument to all callbacks. Uninline a bunch of
display functions and move them from console.h to console.c
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch adds 'vc' support to qapi and also switches over the
vc chardev initialization to the new qapi code path.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The GDK_KEY_XXX symbols are new in GTK3 and only the most
recent GTK2 releases. Most versions of GTK2 have simply
used GDK_XXX
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1361805646-6425-14-git-send-email-berrange@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The gtk_widget_get_realized method only arrived in GTK 2.20,
so defined a compat macro for earlier GTK
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1361805646-6425-13-git-send-email-berrange@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The x_keymap.o file is required by both GTK and SDL builds,
so it must be explicitly listed as a GTK dep to ensure the
linker works when SDL is disabled
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1361805646-6425-11-git-send-email-berrange@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
In GTK3 the 'expose-event' signal has been replaced by a new
'draw' signal. The only difference is that the latter will
pre-create the cairo drawing context & set the clip mask.
Since the drawing code is already structured in a nice way,
we can just wire up the 'gd_draw_event' method to the 'draw'
signal in GTK3
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1361805646-6425-10-git-send-email-berrange@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The gtk_widget_size_request method has been replaced by
the gtk_widget_get_preferred_size method in GTK3. Conditionally
call the new method in GTK3
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1361805646-6425-9-git-send-email-berrange@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
In GTK3 the gdk_display_warp_pointer method is deprecated.
Instead we should use gdk_device_warp on the GdkDevice
instead associated with the event being processed.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1361805646-6425-8-git-send-email-berrange@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The gtk_menu_append method has long been deprecated in favour
of the gtk_menu_shell_append method. The former is now entirely
gone in GTK3, so switch all code to the latter which works on
both GTK2 and GTK3
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1361805646-6425-7-git-send-email-berrange@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The GtkVBox class is deprecated, in favour of just using the
GtkBox class directly. Eventually even GtkBox will be
deprecated in favour of GtkGrid, but that is a bigger fix
which can wait.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1361805646-6425-6-git-send-email-berrange@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
On GTK3 there is support for multiple pointer devices, so
rather than using gdk_pointer_grab / gdk_pointer_ungrab
we should iterate over all devices, grabbing each one in
turn
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1361805646-6425-5-git-send-email-berrange@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
On GTK3 there is support for multiple keyboard devices, so
rather than using gdk_keyboard_grab / gdk_keyboard_ungrab
we should iterate over all devices, grabbing each one in
turn
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1361805646-6425-4-git-send-email-berrange@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The gdk_drawable_get_screen and gdk_drawable_get_display
methods don't exist in GDK3. Fortunately, even on GTK2
they are not required - we can call the equivalent
gtk_widget_get_screen/gtk_widget_get_display methods
which have existed since GTK 2.2
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1361805646-6425-3-git-send-email-berrange@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
GTK3 lacks the gdk_drawable_get_size method, so we create a
stub impl which gets the get_width/get_height mehtods instead
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 1361805646-6425-2-git-send-email-berrange@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This adds basic guest control commands to the "Machine" menu - a nice
added-value for the GTK UI.
We use "pause" as the term for stopping the machine here. So reword also
the related caption tag.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This reduces the required translations and gives a nicer menu
with an icon.
The full screen menu item is no longer a check menu item.
A checked item is not visible in full screen mode,
so it is not needed for this special menu item.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-id: 1361561614-11180-1-git-send-email-sw@weilnetz.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This is needed for current Debian stable (Squeeze).
VTE versions before 0.26 did not support VtePty.
Lower the version requirement and use alternate code which works for Debian.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-id: 1361560199-28906-1-git-send-email-sw@weilnetz.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
One part of this patch reverts commit 22bc9a46, which disabled the
warning. The rest of it deals with the warning by adding a #pragma for
newer gcc and by disabling -Werror for compilers that can't deal with
the #pragma.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 1361563731-13307-1-git-send-email-kwolf@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
At least for Ubuntu Linux locale.h is needed.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-id: 1361514481-26164-1-git-send-email-sw@weilnetz.de
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
If you're full screen, you probably expect Ctrl-Q to go to the guest,
not the host. I think restricting certain menus is the right way to
handle this generally speaking.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1361367806-4599-10-git-send-email-aliguori@us.ibm.com
This includes a de_DE translation from Kevin Wolf and an it translation from
Paolo Bonzini.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1361367806-4599-8-git-send-email-aliguori@us.ibm.com
Basic menu items to enter full screen mode and zoom in/out. Unlike SDL, we
don't allow arbitrary scaling based on window resizing. The current behavior
with SDL causes a lot of problems for me.
Sometimes I accidentally resize the window a tiny bit while trying to move it
(Ubuntu's 1-pixel window decorations don't help here). After that, scaling is
now active and if the screen changes size again, badness ensues since the
aspect ratio is skewed.
Allowing zooming by 25% in and out should cover most use cases. We can add a
more flexible scaling later but for now, I think this is a more friendly
behavior.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1361367806-4599-7-git-send-email-aliguori@us.ibm.com
There is a small deviation from SDL's behavior here. Instead of Ctrl+Alt
triggering grab, we now use Ctrl-Alt-g to trigger grab.
GTK will not accept Ctrl+Alt as an accelerator since it just consists of
modifiers. Having grab as a proper accelerator is important as it allows a user
to override the accelerator for accessibility purposes.
We also are not automatically grabbing on left-click. Besides the inability to
tie mouse clicks to an accelerator, I think this behavior is hard to discover
and since it only happens depending on the guest state, it can lead to confusing
behavior.
This can be changed in the future if there's a strong resistence to dropping
left-click-to-grab, but I think we're better off dropping it.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1361367806-4599-6-git-send-email-aliguori@us.ibm.com
This enables VteTerminal to be used to render the text consoles. VteTerminal is
the same widget used by gnome-terminal which means it's VT100 emulation is as
good as they come.
It's also screen reader accessible, supports copy/paste, proper scrolling and
most of the other features you would expect from a terminal widget.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1361367806-4599-5-git-send-email-aliguori@us.ibm.com
This is minimalistic and just contains the basic widget infrastructure. The GUI
consists of a menu and a GtkNotebook. To start with, the notebook has its tabs
hidden which provides a UI that looks very similar to SDL with the exception of
the menu bar.
The menu bar allows a user to toggle the visibility of the tabs. Cairo is used
for rendering.
I used gtk-vnc as a reference. gtk-vnc solves the same basic problems as QEMU
since it was originally written as a remote display for QEMU. So for the most
part, the approach to rendering and keyboard handling should be pretty solid for
GTK.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1361367806-4599-4-git-send-email-aliguori@us.ibm.com
We want to expose VCs using a VteTerminal widget. We need access to provide our
own CharDriverState in order to do this.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1361367806-4599-3-git-send-email-aliguori@us.ibm.com
In case host and guest endianness differ the vga code first creates
a shared surface (using qemu_create_displaysurface_from), then goes
patch the surface format to indicate that the bytes must be swapped.
The switch to pixman broke that hack as the format patching isn't
propagated into the pixman image, so ui code using the pixman image
directly (such as vnc) uses the wrong format.
Fix that by adding a byteswap parameter to
qemu_create_displaysurface_from, so we'll use the correct format
when creating the surface (and the pixman image) and don't have
to patch the format afterwards.
[ v2: unbreak xen build ]
Cc: qemu-stable@nongnu.org
Cc: mark.cave-ayland@ilande.co.uk
Cc: agraf@suse.de
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1361349432-23884-1-git-send-email-kraxel@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
In my installation of GNU-TLS (v3.0.23) the type
gnutls_anon_server_credentials is marked deprecated, so -Werror
breaks compilation.
Simply replacing it with the newer ..._t version fixed the compilation
on my machine (Slackware 14.0). I cannot tell how far back this "new"
type goes, at least the header file in RHEL 5.0 (v1.4.1) seems to have
it already. If someone finds a broken distribution, tell me and I
insert some compat code.
Signed-off-by: Andre Przywara <andre.przywara@amd.com>
Message-id: 1350551818-14717-1-git-send-email-andre.przywara@amd.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
As reported in http://bugs.debian.org/697641 , some Hungarian keys
does not work with qemu when using vnc display.
This is because while the Hungarian keymap mentions these symbols,
qemu know nothing about them. So add them.
This patch is applicable to -stable for all previous releases.
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Register a dpy_gfx_setdata callback so that the Cocoa code
is notified whenever the screen start address changes.
Commit 1d3323d has a similar fix for the VNC UI.
Signed-off-by: Henry Harrington <henry.harrington@gmail.com>
Cc: qemu-stable@nongnu.org (1.3.x)
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Remove an unnecessary mutual inclusion loop between qemu-pixman.h and
console.h, since the former was only including the latter for
'PixelFormat*', which can be provided by typedefs.h. This requires a
minor adjustment to the files which included qemu-pixman.h, since
they were relying on it implicitly dragging in all of console.h.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Use appropriate types, drop superfluous casts, use sizeof, don't
exploit that this particular call of gnutls_fingerprint() doesn't
change its last argument.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Some VncState values are not initialized before the Websocket handshake.
If it fails QEMU segfaults during the cleanup. To prevent this behavior
intialization checks are added.
Signed-off-by: Tim Hardeck <thardeck@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch adds basic Websocket Protocol version 13 - RFC 6455 - support
to QEMU VNC. Binary encoding support on the client side is mandatory.
Because of the GnuTLS requirement the Websockets implementation is
optional (--enable-vnc-ws).
To activate Websocket support the VNC option "websocket"is used, for
example "-vnc :0,websocket".
The listen port for Websocket connections is (5700 + display) so if
QEMU VNC is started with :0 the Websocket port would be 5700.
As an alternative the Websocket port could be manually specified by
using ",websocket=<port>" instead.
Parts of the implementation base on Anthony Liguori's QEMU Websocket
patch from 2010 and on Joel Martin's LibVNC Websocket implementation.
Signed-off-by: Tim Hardeck <thardeck@suse.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Following Anthony Liguori's Websocket implementation I have added the
buffer_advance function to VNC and replaced all related buffer memmove
operations with it.
Signed-off-by: Tim Hardeck <thardeck@suse.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Careless use of malloc(): allocate Uint32[N], assign to int *, use
int[N].
Fix by converting to g_new().
Functions can't fail anymore, so make them return void. Caller
ignored the value anyway.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The spice_server pointer is a global variable and
vm_change_state_handler() therefore does not use its opaque parameter.
The vm change state handler is added with a pointer to the spice_server
pointer. This is useless and we probably would not want 2 levels of
pointers.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Uri Lublin <uril@redhat.com>
vnc-tls.h is included by vnc.h, and it includes gnutls/gnutls.h.
Hence, GnuTLS header files are needed by all files that include
vnc.h, most notably qmp.c. Move these flags to QEMU_CFLAGS for
simplicity.
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* bonzini/header-dirs: (45 commits)
janitor: move remaining public headers to include/
hw: move executable format header files to hw/
fpu: move public header file to include/fpu
softmmu: move remaining include files to include/ subdirectories
softmmu: move include files to include/sysemu/
misc: move include files to include/qemu/
qom: move include files to include/qom/
migration: move include files to include/migration/
monitor: move include files to include/monitor/
exec: move include files to include/exec/
block: move include files to include/block/
qapi: move include files to include/qobject/
janitor: add guards to headers
qapi: make struct Visitor opaque
qapi: remove qapi/qapi-types-core.h
qapi: move inclusions of qemu-common.h from headers to .c files
ui: move files to ui/ and include/ui/
qemu-ga: move qemu-ga files to qga/
net: reorganize headers
net: move net.c to net/
...
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Touching char/char.h basically causes the whole of QEMU to
be rebuilt. Avoid this, it is usually unnecessary.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Add a new spice chardev to allow arbitrary communication between the
host and the Spice client via the spice server.
Examples:
This allows the Spice client to have a special port for the qemu
monitor:
... -chardev spiceport,name=org.qemu.monitor,id=monitorport
-mon chardev=monitorport
v2:
- remove support for chardev to chardev linking
- conditionnaly compile with SPICE_SERVER_VERSION
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
When qxl + vnc are used, a dummy spice_server is initialized.
The spice_server has to be told when the VM runstate changes,
which is what this patch does.
Without it, from qxl_send_events(), the following error message is shown:
qxl_send_events: spice-server bug: guest stopped, ignoring
Cc: qemu-stable@nongnu.org
Signed-off-by: Uri Lublin <uril@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch adds an x argument to qemu_pixman_linebuf_fill so it can
also be used to convert a partial scanline. Then fix tight + png/jpeg
encoding by passing in the x+y offset, so the data is read from the
correct screen location instead of the upper left corner.
Cc: 1087974@bugs.launchpad.net
Cc: qemu-stable@nongnu.org
Reported-by: Tim Hardeneck <thardeck@suse.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* afaerber/qom-cpu:
target-i386: Postpone cpuid_level update to realize time
target-i386: Use define for cpuid vendor string size
target-i386: Separate feature string parsing from CPU model lookup
target-i386/cpu.c: Coding style fixes
qdev: qdev_create(): use error_report() instead of hw_error()
sysemu.h: Include qemu-types.h instead of qemu-common.h
Create qemu-types.h for struct typedefs
qlist.h: Do not include qemu-common.h
qga/channel-posix.c: Include headers it needs
qapi/qmp-registry.c: Include headers it needs
ui/vnc-palette.c: Include headers it needs
user: Rename qemu-types.h to qemu-user-types.h
user: Move *-user/qemu-types.h to main directory
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
I removed the same sort of workaround for OpenBSD within the
configure script with commit 4dcc3f5876
but didn't bother to grep further to come across this same chunk
of code in the curses code itself. So the following diff removes
the same workaround chunk within the curses code.
Signed-off-by: Brad Smith <brad@comstyle.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Include:
- <glib.h> for g_malloc0()
- <string.h> for memset()
Some of those headers were probably being included by accident because
some other headers were including qemu-common.h, but those headers
should eventually stop including qemu-common.h.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
* spice/spice.v64:
spice: add new spice-server callbacks to ui/spice-display.c
Fix the inconsistency in x509-dh-key-file parameter
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Commit c448e8552b (spice: tls
support) added options to the -spice command line. But there
is an inconsistency between the declaration of the option
'x509-dh-key-file' to -spice command line and its parameter
parsing 'x509-dh-file' in function qemu_spice_init.
https://bugs.launchpad.net/qemu/+bug/1035042
Reported-by: Alon Bar-Lev <alon.barlev@gmail.com>
Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
<stdbool.h> is needed for the 'bool' type, used in the header.
The header is probably being included by accident because some other
headers are including qemu-common.h, but those headers should eventually
stop including qemu-common.h.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Register displaychangelistener last, after spice is fully initialized,
otherwise we may hit NULL pointer dereferences when qemu starts calling
our callbacks.
Commit e250d949fe triggers this bug.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
* 'trivial-patches' of git://github.com/stefanha/qemu:
pc: Drop redundant test for ROM memory region
exec: make some functions static
target-ppc: make some functions static
ppc: add missing static
vnc: add missing static
vl.c: add missing static
target-sparc: make do_unaligned_access static
m68k: Return semihosting errno values correctly
cadence_uart: More debug information
Conflicts:
target-m68k/m68k-semi.c
Commit a93a4a2 changed the names of some fields in DisplayChangeListener
and broke compilation of the cocoa UI. Update to the new names.
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Switching the vnc server framebuffer to use 32bpp unconditionally
turns the code bits which handle 8 and 16 bpp into dead code.
Remove them.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The vnc code uses *three* DisplaySurfaces:
First is the surface of the actual QemuConsole, usually the guest
screen, but could also be a text console (monitor/serial reachable via
Ctrl-Alt-<nr> keys). This is left as-is.
Second is the current server's view of the screen content. The vnc code
uses this to figure which parts of the guest screen did _really_ change
to reduce the amount of updates sent to the vnc clients. It is also
used as data source when sending out the updates to the clients. This
surface gets replaced by a pixman image. The format changes too,
instead of using the guest screen format we'll use fixed 32bit rgb
framebuffer and convert the pixels on the fly when comparing and
updating the server framebuffer.
Third surface carries the format expected by the vnc client. That isn't
used to store image data. This surface is switched to PixelFormat and a
boolean for bigendian byte order.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Stop abusing displaysurface fields for text mode displays.
(bpp = 0, width = cols, height = lines).
Add flags to displaystate indicating whenever text mode display
(curses) or gfx mode displays (sdl, vnc, ...) are present.
Add separate displaychangelistener callbacks for text / gfx mode
resize & updates.
This allows to enable gfx and txt diplays at the same time and also
paves the way for more cleanups in the future.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
When adding DisplayChangeListeners the set_mouse and cursor_define
callbacks have been left in DisplayState for some reason. Fix it.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
We now always return "nice" error messages in errp when we goto fail.
Drop the default error message.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Before:
$ qemu-system-x86_64 -vnc foo.bar:12345
getaddrinfo(foo.bar,18245): Name or service not known
Failed to start VNC server on `foo.bar:12345'
$ qemu-system-x86_64 -vnc localhost:12345,reverse=on
inet_connect_opts: connect(ipv4,yakj.usersys.redhat.com,127.0.0.1,12345): Connection refused
Failed to start VNC server on `localhost:12345,reverse=on'
After:
$ x86_64-softmmu/qemu-system-x86_64 -vnc foo.bar:12345
Failed to start VNC server on `foo.bar:12345': address resolution failed for foo.bar:18245: Name or service not known
$ x86_64-softmmu/qemu-system-x86_64 -vnc localhost:12345,reverse=on
Failed to start VNC server on `localhost:12345,reverse=on': Failed to connect to socket: Connection refused
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This lets me adjust the clients to do proper error propagation first,
thus avoiding temporary regressions in the quality of the error messages.
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Fix some minor typos/grammar errors in comments.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
If TIGHT_PNG is not enabled by the --enable-vnc-png configure flag
then do not report to the client that it is supported.
Also, since TIGHT_PNG is the same as the TIGHT encoding but with the
filter/copy replaced with PNG data, adding it to the supported
encodings list when it is disabled will cause the TIGHT encoding to be
used even though the client requested TIGHT_PNG.
Signed-off-by: Joel Martin <github@martintribe.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
* stefanha/trivial-patches:
vnc: fix "info vnc" with "-vnc ..., reverse=on"
sheepdog: use bool for boolean variables
configure: Tidy up remnants of non-64-bit physaddrs
When reverse connection is in use, there is no active VNC server
socket. Because of this, getsockopt(-1, ...) is attempted and
the following error is emitted:
$ socat TCP-LISTEN:5900,reuseaddr TCP-LISTEN:5901,reuseaddr &
$ x86_64-softmmu/qemu-system-x86_64 -vnc localhost:5900,reverse -monitor stdio
QEMU 1.2.50 monitor - type 'help' for more information
(qemu) info vnc
An undefined error has occurred
Because however the host, family, service and auth fields are
optional, we can just exit if there is no active server socket.
$ x86_64-softmmu/qemu-system-x86_64 -vnc localhost:5900,reverse -monitor stdio
QEMU 1.2.50 monitor - type 'help' for more information
(qemu) info vnc
Server:
Client:
address: 127.0.0.1:5900
x509_dname: none
username: none
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
With the next qemu version (1.3) we are going to bump the qxl device
revision to 4. The new features available require a recent spice-server
version, so raise up the bar. Otherwise we would end up with different
qxl revisions depending on the spice-server version installed, which
would be a major PITA when it comes to compat properties.
Clear out a big bunch of #ifdefs which are not needed any more.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
* 'trivial-patches' of git://github.com/stefanha/qemu:
versatilepb: Use symbolic indices for ARM PIC
qdev: kill bogus comment
qemu-barrier: Fix compiler version check for future gcc versions
hw: Add missing 'static' attribute for QEMUMachine
cleanup useless return sentence
qemu-sockets: Fix compiler warning (regression for MinGW)
vnc: Fix spelling (hellmen -> hellman) in comment
slirp: Fix spelling in comment (enought -> enough, insure -> ensure)
tcg/arm: Use tcg_out_mov_reg rather than inline equivalent code
cpu: Add missing 'static' attribute to qemu_global_mutex
configure: Support empty target list (--target-list=)
hw: Fix return value check for bdrv_read, bdrv_write
This patch cleans up return sentences in the end of void functions.
Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Amos Kong <akong@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@gmail.com>
Don't bother with strncpy. There's no need for its zero-fill.
Use g_strndup in place of g_malloc+strncpy+NUL-terminate.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
No need to add non blocking parameters to the blocking inet_connect
add block parameter for inet_connect_opts instead of using QemuOpt "block".
Signed-off-by: Orit Wasserman <owasserm@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* stefanha/trivial-patches:
configure: fix seccomp check
arch_init.c: add missing '%' symbols before PRIu64 in debug printfs
kvm: Fix warning from static code analysis
qapi: Fix enumeration typo error
console: Clean up bytes per pixel calculation
Fix copy&paste typos in documentation comments
linux-user: Remove #if 0'd cpu_get_real_ticks() definition
ui: Fix spelling in comment (ressource -> resource)
Spelling fixes in comments and macro names (ressource -> resource)
Fix spelling (licenced -> licensed) in GPL
Spelling fixes in comments and documentation
srp: Don't use QEMU_PACKED for single elements of a structured type
The function is called interface_release_resource.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
when creating screen updates go compare the current guest screen
against the mirror (which holds the most recent update sent), then
only create updates for the screen areas which did actually change.
[ v2: drop redundant qemu_spice_create_one_update call ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Creating one function which creates a single update for a given
rectangle. And one (for now) pretty simple wrapper around it to
queue up screen updates for the dirty region.
[ v2: also update bounding box ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Revision bumped to 4 for new IO support, enabled for spice-server >=
0.11.1. New io enabled if revision is 4. Revision can be set to 4.
[ kraxel: 3 continues to be the default revision. Once we have a new
stable spice-server release and the qemu patches to enable
the new bits merged we'll go flip the switch and make rev4
the default ]
This io calls the corresponding new spice api
spice_qxl_monitors_config_async to let spice-server read a new guest set
monitors config and notify the client.
On migration reissue spice_qxl_monitors_config_async.
RHBZ: 770842
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
fixup
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The seamless-migration flag is required in order to identify
whether libvirt supports the new QEVENT_SPICE_MIGRATE_COMPLETED or not
(by default the flag is off).
New libvirt versions that wait for QEVENT_SPICE_MIGRATE_COMPLETED should turn on this flag.
When this flag is off, spice fallbacks to its old migration method, which
can result in data loss.
Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The flag is 'true' when spice migration has completed on the src side.
It is needed for a case where libvirt dies before migration completes
and it misses the event QEVENT_SPICE_MIGRATE_COMPLETED.
When libvirt is restored and queries the migration status, it also needs
to query spice and check if its migration has completed.
Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
When migrating, libvirt queries the migration status, and upon migration
completions, it closes the migration src. On the other hand, when
migration is completed, spice transfers data from the src to destination
via the client. This data is required for keeping the spice session
after migration, without suffering from data loss and inconsistencies.
In order to allow this data transfer, we add QEVENT for signaling
libvirt that spice migration has completed, and libvirt needs to wait
for this event before quitting the src process.
Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Spice server needs to know about the vm state in order to prevent
attempts to write to devices when they are stopped, mainly during
the non-live stage of migration.
Instead, spice will take care of restoring this writes, on the migration
target side, after migration completes.
Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
When parsing its command line parameters, spice aborts when it
finds unexpected values, except for the 'streaming-video' option.
This happens because the parsing of the parameters for this option
is done using the 'name2enum' helper, which does not error out
on unknown values. Using the 'parse_name' helper makes sure we
error out in this case. Looking at git history, the use of
'name2enum' instead of 'parse_name' seems to have been an oversight,
so let's change to that now.
Fixes rhbz#831708
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
It's used to indicate the special case where a valid file-descriptor
is returned (ie. success) but the connection can't be completed
w/o blocking.
This is needed because QERR_SOCKET_CONNECT_IN_PROGRESS is not
treated like an error and a future commit will drop it.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
FIPS 140-2 requires disabling certain ciphers, including DES, which is used
by VNC to obscure passwords when they are sent over the network. The
solution for FIPS users is to disable the use of VNC password auth when the
host system is operating in FIPS compliance mode and the user has specified
'-enable-fips' on the QEMU command line.
This patch causes QEMU to emit a message to stderr when the host system is
running in FIPS mode and a VNC password was specified on the commend line.
If the system is not running in FIPS mode, or is running in FIPS mode but
VNC password authentication was not requested, QEMU operates normally.
Signed-off-by: Paul Moore <pmoore@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
QEMU now has a fundamental requirement for pthreads, so there
is no compelling reason to retain support for the non-threaded
VNC server. Remove the --{enable,disable}-vnc-thread configure
arguments, and all CONFIG_VNC_THREAD conditionals
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
We can't initialize QXLDevSurfaceCreate field by field because it has a
pa hole, and so 4 bytes remain uninitialized when building on x86-64, so
just memset.
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
NULL pointer dereference in case no vnc server is configured.
Catch this and return -EINVAL like vnc_display_password() does.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Add a new argument in inet_listen()/inet_listen_opts()
to pass back listen error.
Change nbd, qemu-char, vnc to use new interface.
Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Orit Wasserman <owasserm@redhat.com>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Add a bool argument to inet_connect() to assign if set socket
to block/nonblock, and delete original argument 'socktype'
that is unused.
Add a new argument to inet_connect()/inet_connect_opts(),
to pass back connect error by error class.
Retry to connect when -EINTR is got. Connect's successful
for nonblock socket when following errors are got, user
should wait for connecting by select():
-EINPROGRESS
-EWOULDBLOCK (win32)
-WSAEALREADY (win32)
Change nbd, vnc to use new interface.
Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Orit Wasserman <owasserm@redhat.com>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Add mouse_mode, either server or mouse, to qmp and hmp commands, based
on spice_server_is_server_mouse added in spice-server 0.10.3.
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The official spelling is QEMU.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
[blauwirbel@gmail.com: fixed comment style in hw/sun4m.c]
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The current intptr_t casts are a problem when the address's highest
bit is 1, and it is cast to a intptr_t and then to uint64_t, such
as at:
surface.mem = (intptr_t)ssd->buf;
This causes the sign bit to be extended which causes a wrong address to
be passed on to spice, which then complains when it gets the wrong
slot_id number, since the slot_id is taken from the higher bits.
The assertion happens early - during the first primary surface creation.
This fixes running "-vga qxl -spice" with 32 bit compiled
qemu-system-i386.
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Fix compilation failures ("cast from pointer to integer of
different size [-Werror=pointer-to-int-cast]") by using
uintptr_t instead.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
* stefanha/trivial-patches:
qemu-ga: for w32, fix leaked handle ov.hEvent in ga_channel_write()
ioapic: fix build with DEBUG_IOAPIC
.gitignore: add qemu-bridge-helper and option rom build products
cleanup obsolete typedef
monitor: Remove unused bool field 'qapi' in mon_cmd_t struct
ds1338: Add missing break statement
vnc: Fix packed boolean struct members
Remove type field in ModuleEntry as it's not used
Commit 1b71f7c14f moved MODULE_INIT_QOM to
way before MODULE_INIT_MACHINE, thereby breaking assumptions made in
spice-core.c which registered both a type initializer and a machine
intializer.
This fix removes the type registration, and replaces it with calling
qemu_spice_init in vl.c after command line parsing (second pass) is
done, and after timers are armed, required by spice server.
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
dprint is still used for qxl_init_common one time prints.
also switched parts of spice-display.c over, mainly all the callbacks to
spice server.
All qxl device trace events start with the qxl device id.
Signed-off-by: Alon Levy <alevy@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch fixes warnings reported by splint:
For variables which are packed in a single bit, a signed data type
like 'int' does not make much sense.
There is no obvious reason why the two values should be packed,
so I removed the packing and changed the data type to bool
because both are used as boolean values.
v2:
Some versions of gcc complain after this modification,
for example gcc (Debian 4.4.5-8) 4.4.5):
ui/vnc-auth-sasl.c: In function ‘vnc_sasl_client_cleanup’:
ui/vnc-auth-sasl.c:34: error: suggest parentheses around assignment used as truth value
Obviously, the compiler does not like code which does
bool = unsigned = bool = 0
Splitting that code in three statements works.
Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
This fixes memory reads and writes which exceeded the upper limit
of allocated memory vd->guest.ds->data and vd->server->data.
Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The threaded VNC servers messed up with QEMU fd handlers without
any kind of locking, and that can cause some nasty race conditions.
Using qemu_mutex_lock_iothread() won't work because vnc_dpy_cpy(),
which will wait for the current job queue to finish, can be called with
the iothread lock held.
Instead, we now store the data in a temporary buffer, and use a bottom
half to notify the main thread that new data is available.
vnc_[un]lock_ouput() is still needed to access VncState members like
abort, csock or jobs_buffer.
Signed-off-by: Corentin Chary <corentin.chary@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The comment is wrong, we have to do something in the setdata callback.
Changing the framebuffer backing storage (happens when the guest pans
the display) renders the whole screen content invalid.
Trigger #1: cirrus vga + 32bit linux guest + vesafb with ypan enabled.
Trigger #2: std vga + http://patchwork.ozlabs.org/patch/145479/
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This was not a bug, but it is not common practice to omit the break statement
from the last case statement before an empty default case.
Any change of the default case would introduce a bug.
This was reported as a warning by splint.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
It's currently possible to setup spice channels using TLS when
no TLS port has been specified (ie TLS is disabled). This cannot
work, so better to error out in such a situation.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Error message reporting during spice startup wasn't consistent, it was done
with fprintf(stderr, "") but sometimes the message didn't have a trailing
\n. Using error_report make the intent of the message clearer and deal
with the final \n for us.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
RHBZ# 747011
Removes the last user of QXL_SYNC when using update drivers that use the
_ASYNC io ports.
The last user is qxl_render_update, it is called both by qxl_hw_update
which is the vga_hw_update_ptr passed to graphic_console_init, and by
qxl_hw_screen_dump.
At the same time the QXLRect area being passed to the red_worker thread
is passed as a copy, as part of the QXLCookie.
The implementation uses interface_update_area_complete with a bh to make
sure dpy_update and qxl_flip are called from the io thread, otherwise
the vga->ds->surface.data can change under our feet.
With this patch sdl+spice works fine. But spice by itself doesn't
produce the expected screendumps unless repeated a few times, due to
ppm_save being called before update_area (rendering done in spice server
thread) having a chance to complete. Fixed by next patch, but see commit
message for problem introduced by it.
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
drop all ifdefs on SPICE_INTERFACE_QXL_MINOR >= 1 as a result,
any check for SPICE_SERVER_VERSION that is now always satisfied,
and SPICE_INTERFACE_CORE_MINOR >= 3 tests, because
0.8.2 has SPICE_INTERFACE_QXL_MINOR == 1 and
SPICE_INTERFACE_CORE_MINOR == 3.
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The commit's purpose is laudable:
The only way for chardev drivers to communicate an error was to
return a NULL pointer, which resulted in an error message that
said _that_ something went wrong, but not _why_.
It attempts to achieve it by changing the interface to return 0/-errno
and update qemu_chr_open_opts() to use strerror() to display a more
helpful error message. Unfortunately, it has serious flaws:
1. Backends "socket" and "udp" return bogus error codes, because
qemu_chr_open_socket() and qemu_chr_open_udp() assume that
unix_listen_opts(), unix_connect_opts(), inet_listen_opts(),
inet_connect_opts() and inet_dgram_opts() fail with errno set
appropriately. That assumption is wrong, and the commit turns
unspecific error messages into misleading error messages. For
instance:
$ qemu-system-x86_64 -nodefaults -vnc :0 -chardev socket,id=bar,host=xxx
inet_connect: host and/or port not specified
chardev: opening backend "socket" failed: No such file or directory
ENOENT is what happens to be in my errno when the backend returns
-errno. Let's put ERANGE there just for giggles:
$ qemu-system-x86_64 -nodefaults -vnc :0 -chardev socket,id=bar,host=xxx -drive if=none,iops=99999999999999999999
inet_connect: host and/or port not specified
chardev: opening backend "socket" failed: Numerical result out of range
Worse: when errno happens to be zero, return -errno erroneously
signals success, and qemu_chr_new_from_opts() dies dereferencing
uninitialized chr. I observe this with "-serial unix:".
2. All qemu_chr_open_opts() knows about the error is an errno error
code. That's simply not enough for a decent message. For instance,
when inet_dgram() can't resolve the parameter host, which errno code
should it use? What if it can't resolve parameter localaddr?
Clue: many backends already report errors in their open methods.
Let's revert the flawed commit along with its dependencies, and fix up
the silent error paths instead.
This reverts commit 6e1db57b2a.
Conflicts:
console.c
hw/baum.c
qemu-char.c
This reverts commit aad04cd024.
The parts of commit db418a0a "Add stdio char device on windows" that
depend on the reverted change fixed up.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
With the acceptance of some new APIs to libspice-server.so it
is possible to add support for SPICE to the 'add_client'
monitor command, bringing parity with VNC. Since SPICE can
use TLS or plain connections, the command also gains a new
'tls' parameter to specify whether TLS should be attempted
on the injected client sockets.
This new feature is only enabled if building against a
libspice-server >= 0.10.1
* qmp-commands.hx: Add 'tls' parameter & missing doc for
'skipauth' parameter
* monitor.c: Wire up SPICE for 'add_client' command
* ui/qemu-spice.h, ui/spice-core.c: Add qemu_spice_display_add_client
API to wire up from monitor
[1] http://cgit.freedesktop.org/spice/spice/commit/server/spice.h?id=d55b68b6b44f2499278fa860fb47ff22f5011faahttp://cgit.freedesktop.org/spice/spice/commit/server/spice.h?id=bd07dde530d9504e1cfe7ed5837fc00c26f36716
Changes in v3:
- Added 'optional' flag to new parameters documented
- Added no-op impl of qemu_spice_display_add_client when
SPICE is disabled during build
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Currently when disabling login in VNC, the password is cleared out and the
authentication protocol is forced to AUTH_VNC. If you're using a stronger
authentication protocol, this has the effect of downgrading your security
protocol.
Fix this by only changing the authentication protocol if the current
authentication protocol is AUTH_NONE. That ensures we're never downgrading.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
--
NB. This patch is derived from one posted by Anthony last year, which got
accidentally lost after Luiz took over the QMP series work
https://lists.gnu.org/archive/html/qemu-devel/2011-09/msg00392.html
v1 -> v2
- Make sure to not demote when changing password (Daniel)
v2 -> v3
- Rebase to latest GIT master wrt QMP changes
Replace device_init() with generalized type_init().
While at it, unify naming convention: type_init([$prefix_]register_types)
Also, type_init() is a function, so add preceding blank line where
necessary and don't put a semicolon after the closing brace.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Cc: Anthony Liguori <anthony@codemonkey.ws>
Cc: malc <av1474@comtv.ru>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
For any modifier key (shift, ctrl, alt) still pressed on disconnect
inject a key-up event into the guest. The vnc client is gone, it will
not do that, so qemu has to do it instead.
Without this keys will get stuck, making the guest act in weird ways
after reconnecting. Reproducer: exit vnc client via Alt-F4, guest
continues to see the pressed alt key and will not react to key events
in any useful way until you tap the alt key once to unstuck it.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
VNC clients send a shared flag in the client init message. Up to now
qemu completely ignores this. This patch implements shared flag
handling. It comes with three policies: By default qemu behaves as one
would expect: Asking for a exclusive access grants exclusive access to
the client connecting. There is also a desktop sharing mode which
disallows exclusive connects (so one forgetting -shared wouldn't drop
everybody else) and a compatibility mode which mimics the traditional
(but non-conforming) qemu behavior.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Make the control keys for terminals on the vnc display
(i.e. qemu -vnc :0 -serial vc) work. Makes the terminals
alot more usable as typing Ctrl-C in your serial console
actually has the desired effect ;)
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
vnc assumes that the screen width is a multiple of 16 in several places.
If this is not the case vnc will overrun buffers, corrupt memory, make
qemu crash.
This is the minimum fix for this bug. It makes sure we don't overrun the
scanline, thereby fixing the segfault. The rendering is *not* correct
though, there is a black border at the right side of the screen, 8
pixels wide because 1400 % 16 == 8.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
There are scenarios on Linux with some SDL versions where
handle_activation is continuous invoked with state = SDL_APPINPUTFOCUS
and gain = 0 while we grabbed the input. This causes a ping-pong when we
grab the input after an absolute mouse entered the window.
As this sdl_grab_end was once introduced to work around a Windows-only
issue (0294ffb9c8), limit it to that platform.
CC: Erik Rull <erik.rull@rdsoftware.de>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
By grabbing the input already on button down, we leave the button in
that state for the host GUI. Thus it takes another click after releasing
the input again to synchronize the mouse button state.
Avoid this by grabbing on button up.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This reverts commit 6bb816031f.
SDL_WM_GrabInput does not reliably bail out if grabbing is impossible.
So if we get here, we already lost and will block. But this can no
longer happen due to the check in sdl_grab_start. So this patch became
obsolete.
Conflicts:
sdl.c
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Consistently check for SDL_APPINPUTFOCUS before trying to grab the input
focus. Just checking for SDL_APPACTIVE doesn't work. Moving the check to
sdl_grab_start allows for some consolidation.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When the mouse mode changes to absolute while the SDL windows is not in
focus, refrain from grabbing the input. It would steal from some other
window.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Drop the qerror_report() call from it and let its callers set the error
themselves. This also allows for dropping the 'ret' variable.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The no-lock-key-sync option is being parsed incorrectly because of an
outdated strcmp() length value. Use the correct length so that invalid
option names do not match.
Reported-by: Dr David Alan Gilbert <davidagilbert@uk.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
accidently->accidentally
annother->another
choosen->chosen
consideres->considers
decriptor->descriptor
developement->development
paramter->parameter
preceed->precede
preceeding->preceding
priviledge->privilege
propogation->propagation
substraction->subtraction
throught->through
upto->up to
usefull->useful
Fix also grammar in posix-aio-compat.c
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Split from Jan's original qemu-thread-posix.c patch. No semantic change,
just introduce the new API that POSIX and Win32 implementations will
conform to.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Double semicolons should be single.
Signed-off-by: Dong Xu Wang <wdongxu@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Dong Xu Wang <wdongxu@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Fixes protocol_client_auth_sasl_mechname() not to crash when malloc()
fails. Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Please note that mechlist still uses malloc / strdup / free.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
If no disk image is specified, the Cocoa frontend displays a modal sheet
to let the user select an image file to boot from.
This sheet is never closed and it permanently obscures the emulator window.
Close it after obtaining the file name in case the user did select a file.
Otherwise we exit immediately, so no need to close then.
Signed-off-by: Juan Pineda <juan@logician.com>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
There are three important remarks in relation to the non-qapi command:
1. This commit also fixes the behavior of the 'query-vnc' and 'info vnc'
commands to return an error when qemu is built without VNC support
(ie. --disable-vnc). The non-qapi command would return the OK
response in QMP and no response in HMP
2. The qapi version explicitly marks the fields 'host', 'family',
'service' and 'auth' as optional. Their are not documented as optional
in the non-qapi command doc, but they would not be returned if
vnc support is disabled. The qapi version maintains the same
semantics, but documents those fields correctly
3. The 'clients' field, which is a list, is marked as optional but is
always returned. If there are no clients connected an empty list
is returned. This is not the Right Way to this in the qapi but it's
how the non-qapi command used to work
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Setting both read and write handlers to NULL in qemu_set_fd_handler
is not enougth to make qemu purge the file handle from the list.
We must set opaque to NULL too.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
No need to use pthread directly, we have proper abstractions for
identity checking.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
RHBZ 737921
Spice client is required to connect to the migration target before/as migration
starts. Since after migration starts, the target qemu is blocked and cannot accept new spice client
we trigger the connection to the target upon client_migrate_info command.
client_migrate_info completion cb will be called after spice client has been
connected to the target (or a timeout). See following patches and spice patches.
Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Fix "warning: array subscript has type 'char'" on NetBSD.
Signed-off-by: Christoph Egger <Christoph.Egger@amd.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Today, when notifying a VM state change with vm_state_notify(),
we pass a VMSTOP macro as the 'reason' argument. This is not ideal
because the VMSTOP macros tell why qemu stopped and not exactly
what the current VM state is.
One example to demonstrate this problem is that vm_start() calls
vm_state_notify() with reason=0, which turns out to be VMSTOP_USER.
This commit fixes that by replacing the VMSTOP macros with a proper
state type called RunState.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Avoid using deprecated gnutls functions with recent gnutls versions.
Fixes build failure on Fedora 16. Keep the old way for compatibility
with old installations such as RHEL-5 (gnutls 1.4.x).
Based on a patch from Raghavendra D Prabhu <raghu.prabhu13@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
If qxl->ssd.running=true is set after telling spice to start, the spice server
thread can call qxl_send_events while qxl->ssd.running is still false. This leads to
assert(d->ssd.running).
Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
While in full-screen mode, the input focus naturally belongs to the SDL
window. Avoid dropping it when switching from absolute to relative
mouse mode.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Replace width/height globals with the identical values from real_screen,
refactor the function according to our coding style.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Allow to enlarge or shrink the screen via CTRL-ALT-+/-. In contrast to
scaling the window, these controls always preserve the aspect ratio of
the current console.
CC: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Not grabbing the input means that special keys like ALT+TAB are still
handled by the host. Improve the usability by grabbing input once the
mouse is inside the guest screen, provided the SDL window has the input
focus. Release it again when the mouse is moved to any border. Also grab
the input when we gain the input focus and the mouse is within the
screen limits.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Restore the cursor when switching from graphic to text console while the
mouse is in absolute mode. Disable it again when returning.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
It's confusing to suddenly find two mice in full screen mode when
switching consoles or accidentally hitting the grab hot keys.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
There were some preexisting bits that released the input when switching
to text console. This patch spreads this logic consistently and also
avoids grabbing the input while a text console is active.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This ensures that we actually enter full screen on startup when e.g.
'-vga none -full-screen' was specified.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
There must be no difference between initial -full-screen and switching
to this mode via the hot key.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Save the scaling mode and its geometry when going full screen, restore
it when returning to windowed mode.
CC: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When switching to full screen mode from a scaled window, we need to
resize to DisplayState's dimension, not the scaled "real" screen size.
Moreover, scaling mode may have manipulated the bpp. So we need to
restore it from the DisplayState as well.
CC: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This prevents continuous resizing events and improper screen setups when
going full screen.
CC: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Just like the monitor does, we need to clear no_shutdown before calling
qemu_system_shutdown_request on quit requests. Otherwise, QEMU just
stops the VM.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Some of the QXL port i/o commands are waiting for the spice server to
complete certain actions. Add async versions for these commands, so we
don't block the vcpu while the spice server processses the command.
Instead the qxl device will raise an IRQ when done.
The async command processing relies on an added QXLInterface::async_complete
and added QXLWorker::*_async additions, in spice server qxl >= 3.1
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Alon Levy <alevy@redhat.com>
Move the wrapper functions which are used by qxl only to qxl.c.
Rename them from qemu_spice_* to qxl_spice_*. Also pass in a
qxl state pointer instead of a SimpleSpiceDisplay pointer.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Factor out SimpleSpiceDisplay initialization into
qemu_spice_display_init_common() and call it from
both qxl.c (for vga mode) and spice-display.c
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Avoid warnings like these by wrapping recv():
CC slirp/ip_icmp.o
/src/qemu/slirp/ip_icmp.c: In function 'icmp_receive':
/src/qemu/slirp/ip_icmp.c:418:5: error: passing argument 2 of 'recv' from incompatible pointer type [-Werror]
/usr/local/lib/gcc/i686-mingw32msvc/4.6.0/../../../../i686-mingw32msvc/include/winsock2.h:547:32: note: expected 'char *' but argument is of type 'struct icmp *'
Remove also casts used to avoid warnings.
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This allows to pass additional information to the notifier callback
which is useful if sender and receiver do not share any other distinct
data structure.
Will be used first for the clock reset notifier.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The USES_X509_AUTH macro is defined in several VNC files,
but not used in all of them. Remove the unused definition.
* ui/vnc-auth-sasl.c: Remove USES_X509_AUTH macro
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Allow client connections for VNC and socket based character
devices to be passed in over the monitor using SCM_RIGHTS.
One intended usage scenario is to start QEMU with VNC on a
UNIX domain socket. An unprivileged user which cannot access
the UNIX domain socket, can then connect to QEMU's VNC server
by passing an open FD to libvirt, which passes it onto QEMU.
{ "execute": "get_fd", "arguments": { "fdname": "myclient" } }
{ "return": {} }
{ "execute": "add_client", "arguments": { "protocol": "vnc",
"fdname": "myclient",
"skipauth": true } }
{ "return": {} }
In this case 'protocol' can be 'vnc' or 'spice', or the name
of a character device (eg from -chardev id=XXXX)
The 'skipauth' parameter can be used to skip any configured
VNC authentication scheme, which is useful if the mgmt layer
talking to the monitor has already authenticated the client
in another way.
* console.h: Define 'vnc_display_add_client' method
* monitor.c: Implement 'client_add' command
* qemu-char.c, qemu-char.h: Add 'qemu_char_add_client' method
* qerror.c, qerror.h: Add QERR_ADD_CLIENT_FAILED
* qmp-commands.hx: Declare 'client_add' command
* ui/vnc.c: Implement 'vnc_display_add_client' method
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
A future patch will introduce a situation where different
clients may have different authentication schemes set.
When a new client arrives, copy the 'auth' and 'subauth'
fields from VncDisplay into the client's VncState, and
use the latter in all authentication functions.
* ui/vnc.h: Add 'auth' and 'subauth' to VncState
* ui/vnc-auth-sasl.c, ui/vnc-auth-vencrypt.c,
ui/vnc.c: Make auth functions pull auth scheme
from VncState instead of VncDisplay
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The only way for chardev drivers to communicate an error was to return a NULL
pointer, which resulted in an error message that said _that_ something went
wrong, but not _why_.
This patch changes the interface to return 0/-errno and updates
qemu_chr_open_opts to use strerror to display a more helpful error message.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Make sure at least one port (port=.. or tls-port=...)
is specified. Also apply range checks to the port numbers.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This fixes a problem where on windows 7 startup phase, before the qxl driver
is loaded, the drawables are sufficiently large and video like to trigger a
stream, but the lack of a filled mm time field triggers a warning in spice-gtk.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Commit f26e428da5 fixed compilation
with --enable-vnc-png, but broke it with --enable-vnc-png.
The breakage is caused by pngconfig.h which checks whether
setjmp.h was already included and fails because qemu-common.h
includes setjmp.h.
The check is disabled by defining PNG_SKIP_SETJMP_CHECK.
Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Fix conflicting types for 'INT32' in basetsd.h and jmorecfg.h by
including qemu-common.h first.
Signed-off-by: Roy Tam <roytam@gmail.com>
Acked-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Avoid compiler confusion as to which method signature to use for the
handleEvent: selector on OSX >= 10.6 by making the variable type-safe
as opposed to generic 'id' type.
Requires moving the variable definition to after the class definition.
----8<----
ui/cocoa.m: In function ‘cocoa_refresh’:
ui/cocoa.m:997: warning: multiple methods named ‘-handleEvent:’ found
/System/Library/Frameworks/AppKit.framework/Headers/NSTextInputContext.h:84: warning: using ‘-(BOOL)handleEvent:(NSEvent *)theEvent’
ui/cocoa.m:272: warning: also found ‘-(void)handleEvent:(NSEvent *)event’
----8<---
Reported-by: Alexandre Raymond <cerbere@gmail.com>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Tested-by: Alexandre Raymond <cerbere@gmail.com>
This fixes a missing prototype warning in vl.c and obsoletes
the prototype in cocoa.m. Adjust callers in cocoa.m to supply
third argument, which is currently only used on Linux/ppc.
The prototype is designed so that it could be shared with SDL
and other frontends, if desired.
Cc: Alexandre Raymond <cerbere@gmail.com>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
There was already a check in place to avoid displaying a window
in certain modes such as vnc, nographic or curses.
Add a check for '-h' and '-help' to avoid displaying a window for a split-
second before showing the usage information.
Signed-off-by: Alexandre Raymond <cerbere@gmail.com>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
When invoked with -version, qemu will exit just after displaying the version,
so there is no need to create a window.
Also handles --XXX options.
Signed-off-by: Tristan Gingold <gingold@adacore.com>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
This patch removes all references to signal.h when qemu-common.h is included
as they become redundant.
Signed-off-by: Alexandre Raymond <cerbere@gmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
This patch raises the minimum required spice version to 0.6.0 and drops
a few ifdefs.
0.6.0 is the first stable release with the current libspice-server API,
there shouldn't be any 0.5.x development versions deployed any more.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Turn on SASL support by appending "sasl" to the spice arguments, which
requires that the client use SASL to authenticate with the spice. The
exact choice of authentication method used is controlled from the
system / user's SASL configuration file for the 'qemu' service. This
is typically found in /etc/sasl2/qemu.conf. If running QEMU as an
unprivileged user, an environment variable SASL_CONF_PATH can be used
to make it search alternate locations for the service config. While
some SASL auth methods can also provide data encryption (eg GSSAPI),
it is recommended that SASL always be combined with the 'tls' and
'x509' settings to enable use of SSL and server certificates. This
ensures a data encryption preventing compromise of authentication
credentials.
It requires support from spice 0.8.1.
[ kraxel: moved spell fix to separate commit ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Some people want to be able disable spice's guest <-> client copy paste support
because of security considerations.
[ kraxel: drop old-version error message ]
We don't use qemu internals from spice server context any more.
Thus we don't also need to grab the iothread mutex from spice
server context. And we don't have to temporarely release the
lock to avoid deadlocks. Drop all the calls.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch moves the displaystate callback calls for setting the cursor
and the mouse pointer from spice server to qemu (iothread) context.
This allows us to simplify locking.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch moves the creation of spice screen updates from the spice
server context to qemu iothread context (display refresh timer to be
exact). This way we avoid accessing qemu internals (display surface)
from spice thread context which in turn allows us to simplify locking.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
qemu_spice_set_passwd() and qemu_spice_set_pw_expire() dummy functions
needs to be inline, in order to handle the case where they are called
without checking the return value.
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
fix 2Gb integer overflow in in VNC tight and zlib encodings
As found by Roland Dreier <roland@purestorage.com> (excellent
catch!), when amount of VNC compressed data produced by zlib
and sent to client exceeds 2Gb, integer overflow occurs because
currently, we calculate amount of data produced at each step by
comparing saved total_out with new total_out, and total_out is
something which grows without bounds. Compare it with previous
avail_out instead of total_out, and leave total_out alone.
The same code is used in vnc-enc-tight.c and vnc-enc-zlib.c,
so fix both cases.
There, there's no actual need to save previous_out value, since
capacity-offset (which is how that value is calculated) stays
the same so it can be recalculated again after call to deflate(),
but whole thing becomes less readable this way.
Reported-by: Roland Dreier <roland@purestorage.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Corentin Chary <corentin.chary@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
There are no { name, keysym } values in name2keysym[] array for Polish
national characters so "-k pl" option has no effect.
Signed-off-by: Leszek Grzegorek <leszek.grzegorek@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Load an optional QEMU icon file. If there is no icon file named
qemu.bmp in QEMU's default search path, QEMU will run with
the usual system default icon.
A matching icon file will be loaded and used by X Windows managers
or MS Windows while a QEMU instance is running.
SDL requires icon files in 32x32x4 bmp format.
Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The following commit breaks the code of the function palette_destroy().
http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=e31e3694afef58ba191cbcc6875ec243e5971268
The broken code causes a severe memory leak of 'VncPalette' structures
because it never frees anything:
70 void palette_destroy(VncPalette *palette)
71 {
72 if (palette == NULL) {
73 qemu_free(palette);
74 }
75 }
Version 2 of the patch calls qemu_free() unconditionally.
Signed-off-by: Ulrich Obergfell <uobergfe@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch fix the following regression:
1. we should use bitmap_set() and bitmap_clear() to replace vnc_set_bits().
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This removes various code duplication from console.e and sdl.c
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This was done with:
sed -i '/get_clock\>.*rt_clock/s/get_clock\>/get_clock_ms/' \
$(git grep -l 'get_clock\>.*rt_clock' )
sed -i '/new_timer\>.*rt_clock/s/new_timer\>/new_timer_ms/' \
$(git grep -l 'new_timer\>.*rt_clock' )
after checking that get_clock and new_timer never occur twice
on the same line. There were no missed occurrences; however, even
if there had been, they would have been caught by the compiler.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
We have qemu_cpu_self and qemu_thread_self. The latter is retrieving the
current thread, the former is checking for equality (using CPUState). We
also have qemu_thread_equal which is only used like qemu_cpu_self.
This refactors the interfaces, creating qemu_cpu_is_self and
qemu_thread_is_self as well ass qemu_thread_get_self.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>