Commit Graph

151 Commits

Author SHA1 Message Date
Lei Li
9995c0b706 Fix the inconsistency in x509-dh-key-file parameter
Commit c448e8552b (spice: tls
support) added options to the -spice command line. But there
is an inconsistency between the declaration of the option
'x509-dh-key-file' to -spice command line and its parameter
parsing 'x509-dh-file' in function qemu_spice_init.

https://bugs.launchpad.net/qemu/+bug/1035042

Reported-by: Alon Bar-Lev <alon.barlev@gmail.com>
Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-11-21 14:46:11 +01:00
Gerd Hoffmann
67be6726b6 spice: raise requirement to 0.12
With the next qemu version (1.3) we are going to bump the qxl device
revision to 4.  The new features available require a recent spice-server
version, so raise up the bar.  Otherwise we would end up with different
qxl revisions depending on the spice-server version installed, which
would be a major PITA when it comes to compat properties.

Clear out a big bunch of #ifdefs which are not needed any more.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-10-08 12:15:17 +02:00
Yonit Halperin
8c9570530c spice: adding seamless-migration option to the command line
The seamless-migration flag is required in order to identify
whether libvirt supports the new QEVENT_SPICE_MIGRATE_COMPLETED or not
(by default the flag is off).
New libvirt versions that wait for QEVENT_SPICE_MIGRATE_COMPLETED should turn on this flag.
When this flag is off, spice fallbacks to its old migration method, which
can result in data loss.

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-05 17:11:55 +02:00
Yonit Halperin
61c4efe2cb spice: add 'migrated' flag to spice info
The flag is 'true' when spice migration has completed on the src side.
It is needed for a case where libvirt dies before migration completes
and it misses the event QEVENT_SPICE_MIGRATE_COMPLETED.
When libvirt is restored and queries the migration status, it also needs
to query spice and check if its migration has completed.

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-05 17:11:55 +02:00
Yonit Halperin
2fdd16e239 spice migration: add QEVENT_SPICE_MIGRATE_COMPLETED
When migrating, libvirt queries the migration status, and upon migration
completions, it closes the migration src. On the other hand, when
migration is completed, spice transfers data from the src to destination
via the client. This data is required for keeping the spice session
after migration, without suffering from data loss and inconsistencies.
In order to allow this data transfer, we add QEVENT for signaling
libvirt that spice migration has completed, and libvirt needs to wait
for this event before quitting the src process.

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-05 17:11:55 +02:00
Yonit Halperin
71d388d420 spice: notify on vm state change only via spice_server_vm_start/stop
QXLWorker->start/stop are deprecated since spice-server 0.11.2

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-05 17:11:55 +02:00
Yonit Halperin
f5bb039c6d spice: notify spice server on vm start/stop
Spice server needs to know about the vm state in order to prevent
attempts to write to devices when they are stopped, mainly during
the non-live stage of migration.
Instead, spice will take care of restoring this writes, on the migration
target side, after migration completes.

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-05 17:11:55 +02:00
Christophe Fergeau
835cab85ad spice: abort on invalid streaming cmdline params
When parsing its command line parameters, spice aborts when it
finds unexpected values, except for the 'streaming-video' option.
This happens because the parsing of the parameters for this option
is done using the 'name2enum' helper, which does not error out
on unknown values. Using the 'parse_name' helper makes sure we
error out in this case. Looking at git history, the use of
'name2enum' instead of 'parse_name' seems to have been an oversight,
so let's change to that now.

Fixes rhbz#831708

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-05 17:11:55 +02:00
Alon Levy
4efee029cb spice_info: add mouse_mode
Add mouse_mode, either server or mouse, to qmp and hmp commands, based
on spice_server_is_server_mouse added in spice-server 0.10.3.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-05-03 10:45:04 +02:00
Alon Levy
ad1be89948 spice: fix broken initialization
Commit 1b71f7c14f moved MODULE_INIT_QOM to
way before MODULE_INIT_MACHINE, thereby breaking assumptions made in
spice-core.c which registered both a type initializer and a machine
intializer.

This fix removes the type registration, and replaces it with calling
qemu_spice_init in vl.c after command line parsing (second pass) is
done, and after timers are armed, required by spice server.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-19 13:12:19 +01:00
Marc-André Lureau
d0638b185c spice: set spice uuid and name
This allows a Spice client to identify a VM

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-19 13:12:19 +01:00
Christophe Fergeau
35c6332914 Error out when tls-channel option is used without TLS
It's currently possible to setup spice channels using TLS when
no TLS port has been specified (ie TLS is disabled). This cannot
work, so better to error out in such a situation.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-28 17:22:30 +01:00
Christophe Fergeau
339a475f50 spice: use error_report to report errors
Error message reporting during spice startup wasn't consistent, it was done
with fprintf(stderr, "") but sometimes the message didn't have a trailing
\n. Using error_report make the intent of the message clearer and deal
with the final \n for us.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-28 17:22:30 +01:00
Alon Levy
4295e15aa7 qxl: require spice >= 0.8.2
drop all ifdefs on SPICE_INTERFACE_QXL_MINOR >= 1 as a result,
any check for SPICE_SERVER_VERSION that is now always satisfied,
and SPICE_INTERFACE_CORE_MINOR >= 3 tests, because
0.8.2 has SPICE_INTERFACE_QXL_MINOR == 1 and
SPICE_INTERFACE_CORE_MINOR == 3.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 09:46:51 +01:00
Yonit Halperin
faa9822321 spice: support ipv6 channel address in monitor events and in spice info
RHBZ #788444

CC: Gerd Hoffmann <kraxel@redhat.com>

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-21 10:36:05 +01:00
Daniel P. Berrange
f1f5f4070c Add SPICE support to add_client monitor command
With the acceptance of some new APIs to libspice-server.so it
is possible to add support for SPICE to the 'add_client'
monitor command, bringing parity with VNC. Since SPICE can
use TLS or plain connections, the command also gains a new
'tls' parameter to specify whether TLS should be attempted
on the injected client sockets.

This new feature is only enabled if building against a
libspice-server >= 0.10.1

* qmp-commands.hx: Add 'tls' parameter & missing doc for
  'skipauth' parameter
* monitor.c: Wire up SPICE for 'add_client' command
* ui/qemu-spice.h, ui/spice-core.c: Add qemu_spice_display_add_client
  API to wire up from monitor

[1] http://cgit.freedesktop.org/spice/spice/commit/server/spice.h?id=d55b68b6b44f2499278fa860fb47ff22f5011faa
    http://cgit.freedesktop.org/spice/spice/commit/server/spice.h?id=bd07dde530d9504e1cfe7ed5837fc00c26f36716

Changes in v3:
 - Added 'optional' flag to new parameters documented
 - Added no-op impl of qemu_spice_display_add_client when
   SPICE is disabled during build

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-21 10:36:05 +01:00
Andreas Färber
83f7d43a9e qom: Unify type registration
Replace device_init() with generalized type_init().

While at it, unify naming convention: type_init([$prefix_]register_types)
Also, type_init() is a function, so add preceding blank line where
necessary and don't put a semicolon after the closing brace.

Signed-off-by: Andreas Färber <afaerber@suse.de>
Cc: Anthony Liguori <anthony@codemonkey.ws>
Cc: malc <av1474@comtv.ru>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-15 09:39:21 -06:00
Anthony Liguori
96b3d73f5a Merge remote-tracking branch 'qmp/queue/qmp' into staging
Conflicts:
	ui/spice-core.c
2011-10-31 11:02:29 -05:00
Luiz Capitulino
d1f29646f2 qapi: Convert query-spice
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2011-10-27 11:48:47 -02:00
Gerd Hoffmann
08cc67f32e spice: fix file handle cleanup
Setting both read and write handlers to NULL in qemu_set_fd_handler
is not enougth to make qemu purge the file handle from the list.
We must set opaque to NULL too.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-10-25 14:00:54 +02:00
Alon Levy
3bb781f3ed ui/spice-core: fix segfault in monitor
Fix segfault if a qxl device is present but no spice command line
argument is given.

RHBZ 743251.

Signed-off-by: Alon Levy <alevy@redhat.com>
2011-10-25 14:00:54 +02:00
Jan Kiszka
f9ab6091b0 spice: Convert core to QEMU thread API
No need to use pthread directly, we have proper abstractions for
identity checking.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-10-25 14:00:53 +02:00
Yonit Halperin
026f773f56 spice: support the new migration interface (spice 0.8.3)
- call spice_server_migrate_(start|end|connect).
- register spice_migrate_connect completion callback

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-10-25 14:00:53 +02:00
Yonit Halperin
edc5cb1a52 spice: turn client_migrate_info to async
RHBZ 737921
Spice client is required to connect to the migration target before/as migration
starts. Since after migration starts, the target qemu is blocked and cannot accept new spice client
we trigger the connection to the target upon client_migrate_info command.
client_migrate_info completion cb will be called after spice client has been
connected to the target (or a timeout). See following patches and spice patches.

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-10-25 14:00:53 +02:00
Juan Quintela
7073693bfb migration: Export a function that tells if the migration has finished correctly
This will allow us to hide the state values.

Signed-off-by: Juan Quintela <quintela@redhat.com>
2011-10-20 13:23:54 +02:00
Gerd Hoffmann
22b626e28e spice: workaround a spice server bug.
spice server might call the channel_event callback from spice server
thread context.  Detect that and aquire iothread lock if needed,
2011-09-07 09:20:09 +02:00
Anthony Liguori
7267c0947d Use glib memory allocation and free functions
qemu_malloc/qemu_free no longer exist after this commit.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-08-20 23:01:08 -05:00
Alon Levy
8df0c7e8fc ui/spice-core: report compiled-version in info spice/query-spice
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-08-10 18:52:06 +02:00
Jan Kiszka
9e8dd45164 notifier: Pass data argument to callback
This allows to pass additional information to the notifier callback
which is useful if sender and receiver do not share any other distinct
data structure.

Will be used first for the clock reset notifier.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-07-23 11:26:06 -05:00
Gerd Hoffmann
df9cb66942 spice: add sanity check for spice ports
Make sure at least one port (port=.. or tls-port=...)
is specified.  Also apply range checks to the port numbers.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-07-20 10:08:53 +02:00
Gerd Hoffmann
fba810f1f6 spice: catch spice server initialization failures.
When the spice server initialization fails report this and exit instead
of ignoring the error.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-07-04 15:35:12 +02:00
Gerd Hoffmann
012b80d3f9 spice: require spice 0.6.0 or newer.
This patch raises the minimum required spice version to 0.6.0 and drops
a few ifdefs.

0.6.0 is the first stable release with the current libspice-server API,
there shouldn't be any 0.5.x development versions deployed any more.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-06-06 09:14:42 +02:00
Marc-André Lureau
48b3ed0a68 spice: add SASL support
Turn on SASL support by appending "sasl" to the spice arguments, which
requires that the client use SASL to authenticate with the spice.  The
exact choice of authentication method used is controlled from the
system / user's SASL configuration file for the 'qemu' service. This
is typically found in /etc/sasl2/qemu.conf. If running QEMU as an
unprivileged user, an environment variable SASL_CONF_PATH can be used
to make it search alternate locations for the service config.  While
some SASL auth methods can also provide data encryption (eg GSSAPI),
it is recommended that SASL always be combined with the 'tls' and
'x509' settings to enable use of SSL and server certificates. This
ensures a data encryption preventing compromise of authentication
credentials.

It requires support from spice 0.8.1.

[ kraxel: moved spell fix to separate commit ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-06-06 09:14:42 +02:00
Hans de Goede
d4970b071f spice: add option for disabling copy paste support
Some people want to be able disable spice's guest <-> client copy paste support
because of security considerations.

[ kraxel: drop old-version error message ]
2011-06-06 09:14:42 +02:00
Paolo Bonzini
7bd427d801 change all rt_clock references to use millisecond resolution accessors
This was done with:

    sed -i '/get_clock\>.*rt_clock/s/get_clock\>/get_clock_ms/' \
        $(git grep -l 'get_clock\>.*rt_clock' )
    sed -i '/new_timer\>.*rt_clock/s/new_timer\>/new_timer_ms/' \
        $(git grep -l 'new_timer\>.*rt_clock' )

after checking that get_clock and new_timer never occur twice
on the same line.  There were no missed occurrences; however, even
if there had been, they would have been caught by the compiler.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2011-03-21 09:23:23 +01:00
Gerd Hoffmann
e866e23959 spice/vnc: client migration.
Handle spice client migration, i.e. inform a spice client connected
about the new host and connection parameters, so it can move over the
connection automatically.

The monitor command has a not-yet used protocol argument simliar to
set_password and expire_password commands.  This allows to add a simliar
feature to vnc in the future.  Daniel Berrange plans to work on this.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2011-01-24 15:13:54 +01:00
Gerd Hoffmann
7572150c18 vnc/spice: add set_passwd monitor command.
This patch adds new set_password and expire_password monitor commands
which allows to change and expire the password for spice and vnc
connections.  See the doc update patch chunk for details.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-12-09 14:23:25 +01:00
Gerd Hoffmann
cb42a870c3 spice: add qmp 'query-spice' and hmp 'info spice' commands.
The patch adds a 'query-spice' monitor command which returns
informations about the spice server configuration and also a list of
channel connections.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-12-09 14:23:24 +01:00
Gerd Hoffmann
6f8c63fbd7 spice: connection events.
This patch adds support for connection events to spice.  The events are
quite simliar to the vnc events.  Unlike vnc spice uses multiple tcp
channels though.  qemu will report every single tcp connection (aka
spice channel).  If you want track spice sessions only you can filter
for the main channel (channel-type == 1).

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-12-09 14:23:24 +01:00
Gerd Hoffmann
a19cbfb346 spice: add qxl device
qxl is a paravirtual graphics card.  The qxl device is the bridge
between the guest and the spice server (aka libspice-server).  The
spice server will send the rendering commands to the spice client, which
will actually render them.

The spice server is also able to render locally, which is done in case
the guest wants read something from video memory.  Local rendering is
also used to support display over vnc and sdl.

qxl is activated using "-vga qxl".  qxl supports multihead, additional
cards can be added via '-device qxl".

[ v2: add copyright to files                     ]
[ v2: use qemu-common.h for standard includes    ]
[ v2: create separate qxl-vga device for primary ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-12-09 14:23:24 +01:00
Anthony Liguori
43ae691e77 Merge remote branch 'spice/bugfix.2' into staging 2010-11-16 14:11:05 -06:00
Gerd Hoffmann
3e31375378 spice: add audio
Add support for the spice audio interface.  With this patch applied
audio can be forwarded over the network from/to the spice client.  Both
recording and playback is supported.

The driver is first in the driver list, but the can_be_default flag is
set only in case spice is active.  So if you have the spice protocol
enabled the spice audio driver is the default one, otherwise whatever
comes first after spice in the list.  Overriding the default using
QEMU_AUDIO_DRV works in any case.

[ v2: audio codestyle: add spaces before open parenthesis ]
[ v2: add const to silence array ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Cc: malc <av1474@comtv.ru>
Signed-off-by: malc <av1474@comtv.ru>
2010-11-09 23:39:30 +03:00
Gerd Hoffmann
f61d69607d spice-core: fix warning when building with spice < 0.6.0
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-11-02 12:42:54 +01:00
Hans de Goede
3d6d306c10 spice-core: fix watching for write events
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2010-11-02 12:42:45 +01:00
Gerd Hoffmann
84a23f251f spice: add misc config options
This patch adds a few more options to tweak spice server behavior.
The documentation update chunk has the details ;)
2010-10-08 12:49:51 +02:00
Gerd Hoffmann
333b0eebcc spice: add config options for the listening address
Make listening address configurable.  Also add options to
force using IPv4 or IPv6.
2010-10-08 12:49:51 +02:00
Gerd Hoffmann
17b6dea08b spice: add config options for channel security.
This allows to enforce tls or plaintext usage for certain spice
channels.

[ v2: code style fixup ]
2010-10-08 12:49:51 +02:00
Yonit Halperin
9f04e09e36 spice: make compression configurable.
This patch adds options to the -spice command line switch to
configure image compression.

[ v2: speling fix in the documentation ]
2010-10-08 12:49:51 +02:00
Gerd Hoffmann
c448e8552b spice: tls support
Add options to the -spice command line switch to setup tls.
2010-10-08 12:49:51 +02:00
Gerd Hoffmann
864401c2a7 spice: add keyboard
Open keyboard channel.  Now you can type into the spice client and the
keyboard events are sent to your guest.  You'll need some other display
like vnc to actually see the guest responding to them though.
2010-09-21 18:36:42 +02:00
Gerd Hoffmann
29b0040be6 spice: core bits
Add -spice command line switch.  Has support setting passwd and port for
now.  With this patch applied the spice client can successfully connect
to qemu.  You can't do anything useful yet though.
2010-09-21 18:36:42 +02:00