Commit Graph

22 Commits

Author SHA1 Message Date
Stefan Weil
23bfe28fff vnc: Fix stack corruption and other bitmap related bugs
Commit bc2429b917 introduced
a severe bug (stack corruption).

bitmap_clear was called with a wrong argument
which caused out-of-bound writes to the local variable width_mask.

This bug was detected with QEMU running on windows.
It also occurs with wine:

*** stack smashing detected ***:  terminated
wine: Unhandled illegal instruction at address 0x6115c7 (thread 0009), starting debugger...

The bug is not windows specific!

Instead of fixing the wrong parameter value, bitmap_clear(), bitmap_set
and width_mask were removed, and bitmap_intersect() was replaced by
!bitmap_empty(). The new operation is much shorter and equivalent to
the old operations.

The declarations of the dirty bitmaps in vnc.h were also wrong for 64 bit
hosts because of a rounding effect: for these hosts, VNC_MAX_WIDTH is no
longer a multiple of (16 * BITS_PER_LONG), so the rounded value of
VNC_DIRTY_WORDS was too small.

Fix both declarations by using the macro which is designed for this
purpose.

Cc: Corentin Chary <corentincj@iksaif.net>
Cc: Wen Congyang <wency@cn.fujitsu.com>
Cc: Gerhard Wiesinger <lists@wiesinger.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-03-10 16:12:25 -06:00
Stefan Weil
5db8378a77 vnc: Fix fatal crash with vnc reverse mode
Reverse mode is unusable:

	qemu -vnc localhost:5500,reverse

crashes in vnc_refresh_server_surface because some pointers are NULL.

Fix this by calling vnc_dpy_resize (which initializes these pointers)
before calling vnc_refresh.

Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:29 -06:00
Corentin Chary
80e0c8c39b vnc: add a non-adaptive option
This option allow to disable adaptive behaviors in some encodings.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:29 -06:00
Corentin Chary
6c71a539c3 vnc: don't try to send bigger updates that client height
Respect client size if it doesn't not support desktop resizing.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:29 -06:00
Corentin Chary
bc2429b917 vnc: use the new generic bitmap functions
Switch to bitmap.h and bitops.h instead of redefining our own bitmap
helpers.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:29 -06:00
Corentin Chary
207f328afc vnc: fix lossy rect refreshing
The for loop in send_lossy_rect was totally wrong, and we can't
call vnc_set_bits() because it does not really do what it should.
Use vnc_set_bit() directly instead.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:29 -06:00
Corentin Chary
148954faca vnc: Add ZRLE and ZYWRLE encodings.
Add ZRLE [1] and ZYWRLE [2] encodings. The code is inspire^W stolen
from libvncserver (again), but have been rewriten to match QEMU coding
style.

[1] http://www.realvnc.com/docs/rfbproto.pdf
[2] http://micro-vnc.jp/research/remote_desktop_ng/ZYWRLE/publications/

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:28 -06:00
Corentin Chary
7d964c9d2f vnc: refresh lossy rect after a given timeout
If an adaptive encoding has choosen to send a lossy update
based on the result of vnc_update_freq(), then it should advertise
it with vnc_sent_lossy_rect(). This will allow to automatically refresh
this rect once it's static again.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:28 -06:00
Corentin Chary
999342a0fe vnc: add a way to get the update frequency for a given region
This patch compute the update frequency (in Hz) for each 64x64 rects.
Any adaptive encoding can get this value using vnc_update_freq(), and
switch to a lossy encoding if the value is too high.

The frequency is pre-calculated every 500ms, based on the last 10
updates per 64x64 rect.

If a 64x64 rect was not updated in the last 2 second, then the frequency
became 0, and all the stored timestamp are reseted.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:28 -06:00
Corentin Chary
b31f519e27 vnc: don't set the quality if lossy encoding are disabled
This should not change the current behavior, but if any new
encoding try to use the tight quality, it will always be set
to -1 when lossy encodings are disabled.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-02-23 16:28:28 -06:00
Anthony Liguori
cfb41c82ab Merge remote branch 'spice/usb.5' into staging 2011-02-01 15:21:23 -06:00
Anthony Liguori
1cd20f8bf0 vnc: Fix password expiration through 'change vnc ""' (v2)
commit 52c18be9e9 introduced a regression in the
change vnc password command that changed the behavior of setting the VNC
password to an empty string from disabling login to disabling authentication.

This commit refactors the code to eliminate this overloaded semantics in
vnc_display_password and instead introduces the vnc_display_disable_login.   The
monitor implementation then determines the behavior of an empty or missing
string.

Recently, a set_password command was added that allows both the Spice and VNC
password to be set.  This command has not shown up in a release yet so the
behavior is not yet defined.

This patch proposes that an empty password be treated as an empty password with
no special handling.  For specifically disabling login, I believe a new command
should be introduced instead of overloading semantics.

I'm not sure how Spice handles this but I would recommend that we have Spice
and VNC have consistent semantics here for the 0.14.0 release.

Reported-by: Neil Wilson <neil@aldur.co.uk>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
v1 -> v2
 - Add a proper return to make sure that login is really disabled instead of
   relying on the VNC server to treat empty passwords specially
2011-02-01 15:16:48 -06:00
Gerd Hoffmann
9892088b52 vnc: fix numlock+capslock tracking
This patch makes the numlock+capslock tracking logic only look at
keydown events.  Without this patch the vnc server will insert
bogous capslock keypress in case it sees the following key sequence:

  shift down --- 'A' down --- shift up  --- 'A' up
                                         ^ here

It doesn't hurt with a PS/2 keyboard, but it disturbs the USB Keyboard.
And with the key event queue just added to the usb keyboard the guest
will actually notice.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-01-24 17:21:34 +01:00
Gerd Hoffmann
3c9405a0f7 vnc: support password expire
This patch adds support for expiring passwords to vnc.  It adds a new
vnc_display_pw_expire() function which specifies the time when the
password will expire.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-12-09 14:23:24 +01:00
Gerd Hoffmann
6bffdf0f83 vnc: auth reject cleanup
protocol_client_auth_vnc() has two places where the auth can fail,
with identical code sending the reject message to the client.
Move the common code to the end of the function and make both
error paths jump there.  No functional change.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-12-09 14:23:24 +01:00
Blue Swirl
2ded6ad761 vnc: avoid write only variables
Compiling with GCC 4.6.0 20100925 produced warnings:
/src/qemu/ui/vnc.c: In function 'vnc_client_cache_auth':
/src/qemu/ui/vnc.c:217:12: error: variable 'qdict' set but not used [-Werror=unused-but-set-variable]
/src/qemu/ui/vnc.c: In function 'vnc_display_open':
/src/qemu/ui/vnc.c:2526:9: error: variable 'acl' set but not used [-Werror=unused-but-set-variable]

Fix by making the variable declarations and their uses also conditional
to debug definition.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-10-13 18:43:17 +00:00
Yoshiaki Tamura
ac71103dc6 vnc: check fd before calling qemu_set_fd_handler2() in vnc_client_write()
Setting fd = -1 to qemu_set_fd_handler2() causes bus error at FD_SET
in main_loop_wait().

Signed-off-by: Yoshiaki Tamura <tamura.yoshiaki@lab.ntt.co.jp>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-08-22 16:48:23 -05:00
Corentin Chary
d01f959540 vnc: add missing lock for vnc_cursor_define()
All vnc_write() calls must be locked (except the ones present before
the protocol initialization).

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-07-26 17:36:14 -05:00
Corentin Chary
bd023f953e vnc: threaded VNC server
Implement a threaded VNC server using the producer-consumer model.
The main thread will push encoding jobs (a list a rectangles to update)
in a queue, and the VNC worker thread will consume that queue and send
framebuffer updates to the output buffer.

The threaded VNC server can be enabled with ./configure --enable-vnc-thread.

If you don't want it, just use ./configure --disable-vnc-thread and a syncrhonous
queue of job will be used (which as exactly the same behavior as the old queue).
If you disable the VNC thread, all thread related code will not be built and there will
be no overhead.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-07-26 17:36:14 -05:00
Corentin Chary
d1af0e056a vnc: encapsulate encoding members
This will allow to implement the threaded VNC server in a
more cleaner way.

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-07-26 17:36:14 -05:00
Corentin Chary
efe556adb7 vnc: tight add PNG encoding
Introduce a new encoding: VNC_ENCODING_TIGHT_PNG [1] (-269) with a new
tight filter VNC_TIGHT_PNG (0x0A). When the client tells it supports the Tight PNG
encoding, the server will use tight, but will always send encoding pixels using
PNG instead of zlib. If the client also told it support JPEG, then the server can
send JPEG, because PNG will only be used in the cases zlib was used in normal tight.

This encoding was introduced to speed up HTML5 based VNC clients like noVNC [2], but
can also be used on devices like iPhone where PNG can be rendered in hardware.

[1] http://wiki.qemu.org/VNC_Tight_PNG
[2] http://github.com/kanaka/noVNC/

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-07-26 17:36:14 -05:00
Corentin Chary
3e230dd23b ui: move all ui components in ui/
Move sdl, vnc, curses and cocoa UI into ui/ to cleanup
the root directory. Also remove some unnecessary explicit
targets from Makefile.

aliguori: fix build when srcdir != objdir

Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-07-26 17:35:54 -05:00