2 * QEMU VNC display driver
5 * Copyright (C) 2006 Fabrice Bellard
6 * Copyright (C) 2009 Red Hat, Inc
8 * Permission is hereby granted, free of charge, to any person obtaining a copy
9 * of this software and associated documentation files (the "Software"), to deal
10 * in the Software without restriction, including without limitation the rights
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
12 * copies of the Software, and to permit persons to whom the Software is
13 * furnished to do so, subject to the following conditions:
15 * The above copyright notice and this permission notice shall be included in
16 * all copies or substantial portions of the Software.
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
21 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27 #include "qemu/osdep.h"
31 #include "hw/qdev-core.h"
32 #include "sysemu/sysemu.h"
33 #include "qemu/error-report.h"
34 #include "qemu/main-loop.h"
35 #include "qemu/module.h"
36 #include "qemu/option.h"
37 #include "qemu/sockets.h"
38 #include "qemu/timer.h"
39 #include "authz/list.h"
40 #include "qemu/config-file.h"
41 #include "qapi/qapi-emit-events.h"
42 #include "qapi/qapi-events-ui.h"
43 #include "qapi/error.h"
44 #include "qapi/qapi-commands-ui.h"
46 #include "crypto/hash.h"
47 #include "crypto/tlscredsanon.h"
48 #include "crypto/tlscredsx509.h"
49 #include "crypto/random.h"
50 #include "qom/object_interfaces.h"
51 #include "qemu/cutils.h"
52 #include "io/dns-resolver.h"
54 #define VNC_REFRESH_INTERVAL_BASE GUI_REFRESH_INTERVAL_DEFAULT
55 #define VNC_REFRESH_INTERVAL_INC 50
56 #define VNC_REFRESH_INTERVAL_MAX GUI_REFRESH_INTERVAL_IDLE
57 static const struct timeval VNC_REFRESH_STATS = { 0, 500000 };
58 static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
60 #include "vnc_keysym.h"
61 #include "crypto/cipher.h"
63 static QTAILQ_HEAD(, VncDisplay) vnc_displays =
64 QTAILQ_HEAD_INITIALIZER(vnc_displays);
66 static int vnc_cursor_define(VncState *vs);
67 static void vnc_update_throttle_offset(VncState *vs);
69 static void vnc_set_share_mode(VncState *vs, VncShareMode mode)
72 static const char *mn[] = {
74 [VNC_SHARE_MODE_CONNECTING] = "connecting",
75 [VNC_SHARE_MODE_SHARED] = "shared",
76 [VNC_SHARE_MODE_EXCLUSIVE] = "exclusive",
77 [VNC_SHARE_MODE_DISCONNECTED] = "disconnected",
79 fprintf(stderr, "%s/%p: %s -> %s\n", __func__,
80 vs->ioc, mn[vs->share_mode], mn[mode]);
83 switch (vs->share_mode) {
84 case VNC_SHARE_MODE_CONNECTING:
85 vs->vd->num_connecting--;
87 case VNC_SHARE_MODE_SHARED:
90 case VNC_SHARE_MODE_EXCLUSIVE:
91 vs->vd->num_exclusive--;
97 vs->share_mode = mode;
99 switch (vs->share_mode) {
100 case VNC_SHARE_MODE_CONNECTING:
101 vs->vd->num_connecting++;
103 case VNC_SHARE_MODE_SHARED:
104 vs->vd->num_shared++;
106 case VNC_SHARE_MODE_EXCLUSIVE:
107 vs->vd->num_exclusive++;
115 static void vnc_init_basic_info(SocketAddress *addr,
119 switch (addr->type) {
120 case SOCKET_ADDRESS_TYPE_INET:
121 info->host = g_strdup(addr->u.inet.host);
122 info->service = g_strdup(addr->u.inet.port);
123 if (addr->u.inet.ipv6) {
124 info->family = NETWORK_ADDRESS_FAMILY_IPV6;
126 info->family = NETWORK_ADDRESS_FAMILY_IPV4;
130 case SOCKET_ADDRESS_TYPE_UNIX:
131 info->host = g_strdup("");
132 info->service = g_strdup(addr->u.q_unix.path);
133 info->family = NETWORK_ADDRESS_FAMILY_UNIX;
136 case SOCKET_ADDRESS_TYPE_VSOCK:
137 case SOCKET_ADDRESS_TYPE_FD:
138 error_setg(errp, "Unsupported socket address type %s",
139 SocketAddressType_str(addr->type));
148 static void vnc_init_basic_info_from_server_addr(QIOChannelSocket *ioc,
152 SocketAddress *addr = NULL;
155 error_setg(errp, "No listener socket available");
159 addr = qio_channel_socket_get_local_address(ioc, errp);
164 vnc_init_basic_info(addr, info, errp);
165 qapi_free_SocketAddress(addr);
168 static void vnc_init_basic_info_from_remote_addr(QIOChannelSocket *ioc,
172 SocketAddress *addr = NULL;
174 addr = qio_channel_socket_get_remote_address(ioc, errp);
179 vnc_init_basic_info(addr, info, errp);
180 qapi_free_SocketAddress(addr);
183 static const char *vnc_auth_name(VncDisplay *vd) {
185 case VNC_AUTH_INVALID:
201 case VNC_AUTH_VENCRYPT:
202 switch (vd->subauth) {
203 case VNC_AUTH_VENCRYPT_PLAIN:
204 return "vencrypt+plain";
205 case VNC_AUTH_VENCRYPT_TLSNONE:
206 return "vencrypt+tls+none";
207 case VNC_AUTH_VENCRYPT_TLSVNC:
208 return "vencrypt+tls+vnc";
209 case VNC_AUTH_VENCRYPT_TLSPLAIN:
210 return "vencrypt+tls+plain";
211 case VNC_AUTH_VENCRYPT_X509NONE:
212 return "vencrypt+x509+none";
213 case VNC_AUTH_VENCRYPT_X509VNC:
214 return "vencrypt+x509+vnc";
215 case VNC_AUTH_VENCRYPT_X509PLAIN:
216 return "vencrypt+x509+plain";
217 case VNC_AUTH_VENCRYPT_TLSSASL:
218 return "vencrypt+tls+sasl";
219 case VNC_AUTH_VENCRYPT_X509SASL:
220 return "vencrypt+x509+sasl";
230 static VncServerInfo *vnc_server_info_get(VncDisplay *vd)
235 if (!vd->listener || !vd->listener->nsioc) {
239 info = g_malloc0(sizeof(*info));
240 vnc_init_basic_info_from_server_addr(vd->listener->sioc[0],
241 qapi_VncServerInfo_base(info), &err);
242 info->has_auth = true;
243 info->auth = g_strdup(vnc_auth_name(vd));
245 qapi_free_VncServerInfo(info);
252 static void vnc_client_cache_auth(VncState *client)
259 client->info->x509_dname =
260 qcrypto_tls_session_get_peer_name(client->tls);
261 client->info->has_x509_dname =
262 client->info->x509_dname != NULL;
264 #ifdef CONFIG_VNC_SASL
265 if (client->sasl.conn &&
266 client->sasl.username) {
267 client->info->has_sasl_username = true;
268 client->info->sasl_username = g_strdup(client->sasl.username);
273 static void vnc_client_cache_addr(VncState *client)
277 client->info = g_malloc0(sizeof(*client->info));
278 vnc_init_basic_info_from_remote_addr(client->sioc,
279 qapi_VncClientInfo_base(client->info),
281 client->info->websocket = client->websocket;
283 qapi_free_VncClientInfo(client->info);
289 static void vnc_qmp_event(VncState *vs, QAPIEvent event)
297 si = vnc_server_info_get(vs->vd);
303 case QAPI_EVENT_VNC_CONNECTED:
304 qapi_event_send_vnc_connected(si, qapi_VncClientInfo_base(vs->info));
306 case QAPI_EVENT_VNC_INITIALIZED:
307 qapi_event_send_vnc_initialized(si, vs->info);
309 case QAPI_EVENT_VNC_DISCONNECTED:
310 qapi_event_send_vnc_disconnected(si, vs->info);
316 qapi_free_VncServerInfo(si);
319 static VncClientInfo *qmp_query_vnc_client(const VncState *client)
324 info = g_malloc0(sizeof(*info));
326 vnc_init_basic_info_from_remote_addr(client->sioc,
327 qapi_VncClientInfo_base(info),
331 qapi_free_VncClientInfo(info);
335 info->websocket = client->websocket;
338 info->x509_dname = qcrypto_tls_session_get_peer_name(client->tls);
339 info->has_x509_dname = info->x509_dname != NULL;
341 #ifdef CONFIG_VNC_SASL
342 if (client->sasl.conn && client->sasl.username) {
343 info->has_sasl_username = true;
344 info->sasl_username = g_strdup(client->sasl.username);
351 static VncDisplay *vnc_display_find(const char *id)
356 return QTAILQ_FIRST(&vnc_displays);
358 QTAILQ_FOREACH(vd, &vnc_displays, next) {
359 if (strcmp(id, vd->id) == 0) {
366 static VncClientInfoList *qmp_query_client_list(VncDisplay *vd)
368 VncClientInfoList *cinfo, *prev = NULL;
371 QTAILQ_FOREACH(client, &vd->clients, next) {
372 cinfo = g_new0(VncClientInfoList, 1);
373 cinfo->value = qmp_query_vnc_client(client);
380 VncInfo *qmp_query_vnc(Error **errp)
382 VncInfo *info = g_malloc0(sizeof(*info));
383 VncDisplay *vd = vnc_display_find(NULL);
384 SocketAddress *addr = NULL;
386 if (vd == NULL || !vd->listener || !vd->listener->nsioc) {
387 info->enabled = false;
389 info->enabled = true;
391 /* for compatibility with the original command */
392 info->has_clients = true;
393 info->clients = qmp_query_client_list(vd);
395 addr = qio_channel_socket_get_local_address(vd->listener->sioc[0],
401 switch (addr->type) {
402 case SOCKET_ADDRESS_TYPE_INET:
403 info->host = g_strdup(addr->u.inet.host);
404 info->service = g_strdup(addr->u.inet.port);
405 if (addr->u.inet.ipv6) {
406 info->family = NETWORK_ADDRESS_FAMILY_IPV6;
408 info->family = NETWORK_ADDRESS_FAMILY_IPV4;
412 case SOCKET_ADDRESS_TYPE_UNIX:
413 info->host = g_strdup("");
414 info->service = g_strdup(addr->u.q_unix.path);
415 info->family = NETWORK_ADDRESS_FAMILY_UNIX;
418 case SOCKET_ADDRESS_TYPE_VSOCK:
419 case SOCKET_ADDRESS_TYPE_FD:
420 error_setg(errp, "Unsupported socket address type %s",
421 SocketAddressType_str(addr->type));
427 info->has_host = true;
428 info->has_service = true;
429 info->has_family = true;
431 info->has_auth = true;
432 info->auth = g_strdup(vnc_auth_name(vd));
435 qapi_free_SocketAddress(addr);
439 qapi_free_SocketAddress(addr);
440 qapi_free_VncInfo(info);
445 static void qmp_query_auth(int auth, int subauth,
446 VncPrimaryAuth *qmp_auth,
447 VncVencryptSubAuth *qmp_vencrypt,
448 bool *qmp_has_vencrypt);
450 static VncServerInfo2List *qmp_query_server_entry(QIOChannelSocket *ioc,
454 VncServerInfo2List *prev)
456 VncServerInfo2List *list;
457 VncServerInfo2 *info;
461 addr = qio_channel_socket_get_local_address(ioc, NULL);
466 info = g_new0(VncServerInfo2, 1);
467 vnc_init_basic_info(addr, qapi_VncServerInfo2_base(info), &err);
468 qapi_free_SocketAddress(addr);
470 qapi_free_VncServerInfo2(info);
474 info->websocket = websocket;
476 qmp_query_auth(auth, subauth, &info->auth,
477 &info->vencrypt, &info->has_vencrypt);
479 list = g_new0(VncServerInfo2List, 1);
485 static void qmp_query_auth(int auth, int subauth,
486 VncPrimaryAuth *qmp_auth,
487 VncVencryptSubAuth *qmp_vencrypt,
488 bool *qmp_has_vencrypt)
492 *qmp_auth = VNC_PRIMARY_AUTH_VNC;
495 *qmp_auth = VNC_PRIMARY_AUTH_RA2;
498 *qmp_auth = VNC_PRIMARY_AUTH_RA2NE;
501 *qmp_auth = VNC_PRIMARY_AUTH_TIGHT;
504 *qmp_auth = VNC_PRIMARY_AUTH_ULTRA;
507 *qmp_auth = VNC_PRIMARY_AUTH_TLS;
509 case VNC_AUTH_VENCRYPT:
510 *qmp_auth = VNC_PRIMARY_AUTH_VENCRYPT;
511 *qmp_has_vencrypt = true;
513 case VNC_AUTH_VENCRYPT_PLAIN:
514 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_PLAIN;
516 case VNC_AUTH_VENCRYPT_TLSNONE:
517 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_NONE;
519 case VNC_AUTH_VENCRYPT_TLSVNC:
520 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_VNC;
522 case VNC_AUTH_VENCRYPT_TLSPLAIN:
523 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_PLAIN;
525 case VNC_AUTH_VENCRYPT_X509NONE:
526 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_NONE;
528 case VNC_AUTH_VENCRYPT_X509VNC:
529 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_VNC;
531 case VNC_AUTH_VENCRYPT_X509PLAIN:
532 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_PLAIN;
534 case VNC_AUTH_VENCRYPT_TLSSASL:
535 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_SASL;
537 case VNC_AUTH_VENCRYPT_X509SASL:
538 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_SASL;
541 *qmp_has_vencrypt = false;
546 *qmp_auth = VNC_PRIMARY_AUTH_SASL;
550 *qmp_auth = VNC_PRIMARY_AUTH_NONE;
555 VncInfo2List *qmp_query_vnc_servers(Error **errp)
557 VncInfo2List *item, *prev = NULL;
563 QTAILQ_FOREACH(vd, &vnc_displays, next) {
564 info = g_new0(VncInfo2, 1);
565 info->id = g_strdup(vd->id);
566 info->clients = qmp_query_client_list(vd);
567 qmp_query_auth(vd->auth, vd->subauth, &info->auth,
568 &info->vencrypt, &info->has_vencrypt);
570 dev = DEVICE(object_property_get_link(OBJECT(vd->dcl.con),
571 "device", &error_abort));
572 info->has_display = true;
573 info->display = g_strdup(dev->id);
575 for (i = 0; vd->listener != NULL && i < vd->listener->nsioc; i++) {
576 info->server = qmp_query_server_entry(
577 vd->listener->sioc[i], false, vd->auth, vd->subauth,
580 for (i = 0; vd->wslistener != NULL && i < vd->wslistener->nsioc; i++) {
581 info->server = qmp_query_server_entry(
582 vd->wslistener->sioc[i], true, vd->ws_auth,
583 vd->ws_subauth, info->server);
586 item = g_new0(VncInfo2List, 1);
595 1) Get the queue working for IO.
596 2) there is some weirdness when using the -S option (the screen is grey
597 and not totally invalidated
598 3) resolutions > 1024
601 static int vnc_update_client(VncState *vs, int has_dirty);
602 static void vnc_disconnect_start(VncState *vs);
604 static void vnc_colordepth(VncState *vs);
605 static void framebuffer_update_request(VncState *vs, int incremental,
606 int x_position, int y_position,
608 static void vnc_refresh(DisplayChangeListener *dcl);
609 static int vnc_refresh_server_surface(VncDisplay *vd);
611 static int vnc_width(VncDisplay *vd)
613 return MIN(VNC_MAX_WIDTH, ROUND_UP(surface_width(vd->ds),
614 VNC_DIRTY_PIXELS_PER_BIT));
617 static int vnc_height(VncDisplay *vd)
619 return MIN(VNC_MAX_HEIGHT, surface_height(vd->ds));
622 static void vnc_set_area_dirty(DECLARE_BITMAP(dirty[VNC_MAX_HEIGHT],
623 VNC_MAX_WIDTH / VNC_DIRTY_PIXELS_PER_BIT),
625 int x, int y, int w, int h)
627 int width = vnc_width(vd);
628 int height = vnc_height(vd);
630 /* this is needed this to ensure we updated all affected
631 * blocks if x % VNC_DIRTY_PIXELS_PER_BIT != 0 */
632 w += (x % VNC_DIRTY_PIXELS_PER_BIT);
633 x -= (x % VNC_DIRTY_PIXELS_PER_BIT);
637 w = MIN(x + w, width) - x;
638 h = MIN(y + h, height);
641 bitmap_set(dirty[y], x / VNC_DIRTY_PIXELS_PER_BIT,
642 DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT));
646 static void vnc_dpy_update(DisplayChangeListener *dcl,
647 int x, int y, int w, int h)
649 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
650 struct VncSurface *s = &vd->guest;
652 vnc_set_area_dirty(s->dirty, vd, x, y, w, h);
655 void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h,
658 vnc_write_u16(vs, x);
659 vnc_write_u16(vs, y);
660 vnc_write_u16(vs, w);
661 vnc_write_u16(vs, h);
663 vnc_write_s32(vs, encoding);
667 static void vnc_desktop_resize(VncState *vs)
669 if (vs->ioc == NULL || !vnc_has_feature(vs, VNC_FEATURE_RESIZE)) {
672 if (vs->client_width == pixman_image_get_width(vs->vd->server) &&
673 vs->client_height == pixman_image_get_height(vs->vd->server)) {
677 assert(pixman_image_get_width(vs->vd->server) < 65536 &&
678 pixman_image_get_width(vs->vd->server) >= 0);
679 assert(pixman_image_get_height(vs->vd->server) < 65536 &&
680 pixman_image_get_height(vs->vd->server) >= 0);
681 vs->client_width = pixman_image_get_width(vs->vd->server);
682 vs->client_height = pixman_image_get_height(vs->vd->server);
684 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
686 vnc_write_u16(vs, 1); /* number of rects */
687 vnc_framebuffer_update(vs, 0, 0, vs->client_width, vs->client_height,
688 VNC_ENCODING_DESKTOPRESIZE);
689 vnc_unlock_output(vs);
693 static void vnc_abort_display_jobs(VncDisplay *vd)
697 QTAILQ_FOREACH(vs, &vd->clients, next) {
700 vnc_unlock_output(vs);
702 QTAILQ_FOREACH(vs, &vd->clients, next) {
705 QTAILQ_FOREACH(vs, &vd->clients, next) {
707 if (vs->update == VNC_STATE_UPDATE_NONE &&
708 vs->job_update != VNC_STATE_UPDATE_NONE) {
709 /* job aborted before completion */
710 vs->update = vs->job_update;
711 vs->job_update = VNC_STATE_UPDATE_NONE;
714 vnc_unlock_output(vs);
718 int vnc_server_fb_stride(VncDisplay *vd)
720 return pixman_image_get_stride(vd->server);
723 void *vnc_server_fb_ptr(VncDisplay *vd, int x, int y)
727 ptr = (uint8_t *)pixman_image_get_data(vd->server);
728 ptr += y * vnc_server_fb_stride(vd);
729 ptr += x * VNC_SERVER_FB_BYTES;
733 static void vnc_update_server_surface(VncDisplay *vd)
737 qemu_pixman_image_unref(vd->server);
740 if (QTAILQ_EMPTY(&vd->clients)) {
744 width = vnc_width(vd);
745 height = vnc_height(vd);
746 vd->server = pixman_image_create_bits(VNC_SERVER_FB_FORMAT,
750 memset(vd->guest.dirty, 0x00, sizeof(vd->guest.dirty));
751 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0,
755 static bool vnc_check_pageflip(DisplaySurface *s1,
758 return (s1 != NULL &&
760 surface_width(s1) == surface_width(s2) &&
761 surface_height(s1) == surface_height(s2) &&
762 surface_format(s1) == surface_format(s2));
766 static void vnc_dpy_switch(DisplayChangeListener *dcl,
767 DisplaySurface *surface)
769 static const char placeholder_msg[] =
770 "Display output is not active.";
771 static DisplaySurface *placeholder;
772 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
773 bool pageflip = vnc_check_pageflip(vd->ds, surface);
776 if (surface == NULL) {
777 if (placeholder == NULL) {
778 placeholder = qemu_create_message_surface(640, 480, placeholder_msg);
780 surface = placeholder;
783 vnc_abort_display_jobs(vd);
787 qemu_pixman_image_unref(vd->guest.fb);
788 vd->guest.fb = pixman_image_ref(surface->image);
789 vd->guest.format = surface->format;
792 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0,
793 surface_width(surface),
794 surface_height(surface));
799 vnc_update_server_surface(vd);
801 QTAILQ_FOREACH(vs, &vd->clients, next) {
803 vnc_desktop_resize(vs);
804 if (vs->vd->cursor) {
805 vnc_cursor_define(vs);
807 memset(vs->dirty, 0x00, sizeof(vs->dirty));
808 vnc_set_area_dirty(vs->dirty, vd, 0, 0,
811 vnc_update_throttle_offset(vs);
816 static void vnc_write_pixels_copy(VncState *vs,
817 void *pixels, int size)
819 vnc_write(vs, pixels, size);
822 /* slowest but generic code. */
823 void vnc_convert_pixel(VncState *vs, uint8_t *buf, uint32_t v)
827 #if VNC_SERVER_FB_FORMAT == PIXMAN_FORMAT(32, PIXMAN_TYPE_ARGB, 0, 8, 8, 8)
828 r = (((v & 0x00ff0000) >> 16) << vs->client_pf.rbits) >> 8;
829 g = (((v & 0x0000ff00) >> 8) << vs->client_pf.gbits) >> 8;
830 b = (((v & 0x000000ff) >> 0) << vs->client_pf.bbits) >> 8;
832 # error need some bits here if you change VNC_SERVER_FB_FORMAT
834 v = (r << vs->client_pf.rshift) |
835 (g << vs->client_pf.gshift) |
836 (b << vs->client_pf.bshift);
837 switch (vs->client_pf.bytes_per_pixel) {
867 static void vnc_write_pixels_generic(VncState *vs,
868 void *pixels1, int size)
872 if (VNC_SERVER_FB_BYTES == 4) {
873 uint32_t *pixels = pixels1;
876 for (i = 0; i < n; i++) {
877 vnc_convert_pixel(vs, buf, pixels[i]);
878 vnc_write(vs, buf, vs->client_pf.bytes_per_pixel);
883 int vnc_raw_send_framebuffer_update(VncState *vs, int x, int y, int w, int h)
887 VncDisplay *vd = vs->vd;
889 row = vnc_server_fb_ptr(vd, x, y);
890 for (i = 0; i < h; i++) {
891 vs->write_pixels(vs, row, w * VNC_SERVER_FB_BYTES);
892 row += vnc_server_fb_stride(vd);
897 int vnc_send_framebuffer_update(VncState *vs, int x, int y, int w, int h)
901 switch(vs->vnc_encoding) {
902 case VNC_ENCODING_ZLIB:
903 n = vnc_zlib_send_framebuffer_update(vs, x, y, w, h);
905 case VNC_ENCODING_HEXTILE:
906 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_HEXTILE);
907 n = vnc_hextile_send_framebuffer_update(vs, x, y, w, h);
909 case VNC_ENCODING_TIGHT:
910 n = vnc_tight_send_framebuffer_update(vs, x, y, w, h);
912 case VNC_ENCODING_TIGHT_PNG:
913 n = vnc_tight_png_send_framebuffer_update(vs, x, y, w, h);
915 case VNC_ENCODING_ZRLE:
916 n = vnc_zrle_send_framebuffer_update(vs, x, y, w, h);
918 case VNC_ENCODING_ZYWRLE:
919 n = vnc_zywrle_send_framebuffer_update(vs, x, y, w, h);
922 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_RAW);
923 n = vnc_raw_send_framebuffer_update(vs, x, y, w, h);
929 static void vnc_mouse_set(DisplayChangeListener *dcl,
930 int x, int y, int visible)
932 /* can we ask the client(s) to move the pointer ??? */
935 static int vnc_cursor_define(VncState *vs)
937 QEMUCursor *c = vs->vd->cursor;
940 if (vnc_has_feature(vs, VNC_FEATURE_RICH_CURSOR)) {
942 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
943 vnc_write_u8(vs, 0); /* padding */
944 vnc_write_u16(vs, 1); /* # of rects */
945 vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height,
946 VNC_ENCODING_RICH_CURSOR);
947 isize = c->width * c->height * vs->client_pf.bytes_per_pixel;
948 vnc_write_pixels_generic(vs, c->data, isize);
949 vnc_write(vs, vs->vd->cursor_mask, vs->vd->cursor_msize);
950 vnc_unlock_output(vs);
956 static void vnc_dpy_cursor_define(DisplayChangeListener *dcl,
959 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
962 cursor_put(vd->cursor);
963 g_free(vd->cursor_mask);
966 cursor_get(vd->cursor);
967 vd->cursor_msize = cursor_get_mono_bpl(c) * c->height;
968 vd->cursor_mask = g_malloc0(vd->cursor_msize);
969 cursor_get_mono_mask(c, 0, vd->cursor_mask);
971 QTAILQ_FOREACH(vs, &vd->clients, next) {
972 vnc_cursor_define(vs);
976 static int find_and_clear_dirty_height(VncState *vs,
977 int y, int last_x, int x, int height)
981 for (h = 1; h < (height - y); h++) {
982 if (!test_bit(last_x, vs->dirty[y + h])) {
985 bitmap_clear(vs->dirty[y + h], last_x, x - last_x);
992 * Figure out how much pending data we should allow in the output
993 * buffer before we throttle incremental display updates, and/or
994 * drop audio samples.
996 * We allow for equiv of 1 full display's worth of FB updates,
997 * and 1 second of audio samples. If audio backlog was larger
998 * than that the client would already suffering awful audio
999 * glitches, so dropping samples is no worse really).
1001 static void vnc_update_throttle_offset(VncState *vs)
1004 vs->client_width * vs->client_height * vs->client_pf.bytes_per_pixel;
1006 if (vs->audio_cap) {
1008 switch (vs->as.fmt) {
1010 case AUDIO_FORMAT_U8:
1011 case AUDIO_FORMAT_S8:
1014 case AUDIO_FORMAT_U16:
1015 case AUDIO_FORMAT_S16:
1018 case AUDIO_FORMAT_U32:
1019 case AUDIO_FORMAT_S32:
1023 offset += vs->as.freq * bps * vs->as.nchannels;
1026 /* Put a floor of 1MB on offset, so that if we have a large pending
1027 * buffer and the display is resized to a small size & back again
1028 * we don't suddenly apply a tiny send limit
1030 offset = MAX(offset, 1024 * 1024);
1032 if (vs->throttle_output_offset != offset) {
1033 trace_vnc_client_throttle_threshold(
1034 vs, vs->ioc, vs->throttle_output_offset, offset, vs->client_width,
1035 vs->client_height, vs->client_pf.bytes_per_pixel, vs->audio_cap);
1038 vs->throttle_output_offset = offset;
1041 static bool vnc_should_update(VncState *vs)
1043 switch (vs->update) {
1044 case VNC_STATE_UPDATE_NONE:
1046 case VNC_STATE_UPDATE_INCREMENTAL:
1047 /* Only allow incremental updates if the pending send queue
1048 * is less than the permitted threshold, and the job worker
1049 * is completely idle.
1051 if (vs->output.offset < vs->throttle_output_offset &&
1052 vs->job_update == VNC_STATE_UPDATE_NONE) {
1055 trace_vnc_client_throttle_incremental(
1056 vs, vs->ioc, vs->job_update, vs->output.offset);
1058 case VNC_STATE_UPDATE_FORCE:
1059 /* Only allow forced updates if the pending send queue
1060 * does not contain a previous forced update, and the
1061 * job worker is completely idle.
1063 * Note this means we'll queue a forced update, even if
1064 * the output buffer size is otherwise over the throttle
1067 if (vs->force_update_offset == 0 &&
1068 vs->job_update == VNC_STATE_UPDATE_NONE) {
1071 trace_vnc_client_throttle_forced(
1072 vs, vs->ioc, vs->job_update, vs->force_update_offset);
1078 static int vnc_update_client(VncState *vs, int has_dirty)
1080 VncDisplay *vd = vs->vd;
1086 if (vs->disconnecting) {
1087 vnc_disconnect_finish(vs);
1091 vs->has_dirty += has_dirty;
1092 if (!vnc_should_update(vs)) {
1096 if (!vs->has_dirty && vs->update != VNC_STATE_UPDATE_FORCE) {
1101 * Send screen updates to the vnc client using the server
1102 * surface and server dirty map. guest surface updates
1103 * happening in parallel don't disturb us, the next pass will
1104 * send them to the client.
1106 job = vnc_job_new(vs);
1108 height = pixman_image_get_height(vd->server);
1109 width = pixman_image_get_width(vd->server);
1115 unsigned long offset = find_next_bit((unsigned long *) &vs->dirty,
1116 height * VNC_DIRTY_BPL(vs),
1117 y * VNC_DIRTY_BPL(vs));
1118 if (offset == height * VNC_DIRTY_BPL(vs)) {
1119 /* no more dirty bits */
1122 y = offset / VNC_DIRTY_BPL(vs);
1123 x = offset % VNC_DIRTY_BPL(vs);
1124 x2 = find_next_zero_bit((unsigned long *) &vs->dirty[y],
1125 VNC_DIRTY_BPL(vs), x);
1126 bitmap_clear(vs->dirty[y], x, x2 - x);
1127 h = find_and_clear_dirty_height(vs, y, x, x2, height);
1128 x2 = MIN(x2, width / VNC_DIRTY_PIXELS_PER_BIT);
1130 n += vnc_job_add_rect(job, x * VNC_DIRTY_PIXELS_PER_BIT, y,
1131 (x2 - x) * VNC_DIRTY_PIXELS_PER_BIT, h);
1133 if (!x && x2 == width / VNC_DIRTY_PIXELS_PER_BIT) {
1141 vs->job_update = vs->update;
1142 vs->update = VNC_STATE_UPDATE_NONE;
1149 static void audio_capture_notify(void *opaque, audcnotification_e cmd)
1151 VncState *vs = opaque;
1153 assert(vs->magic == VNC_MAGIC);
1155 case AUD_CNOTIFY_DISABLE:
1156 vnc_lock_output(vs);
1157 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
1158 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
1159 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_END);
1160 vnc_unlock_output(vs);
1164 case AUD_CNOTIFY_ENABLE:
1165 vnc_lock_output(vs);
1166 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
1167 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
1168 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_BEGIN);
1169 vnc_unlock_output(vs);
1175 static void audio_capture_destroy(void *opaque)
1179 static void audio_capture(void *opaque, const void *buf, int size)
1181 VncState *vs = opaque;
1183 assert(vs->magic == VNC_MAGIC);
1184 vnc_lock_output(vs);
1185 if (vs->output.offset < vs->throttle_output_offset) {
1186 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
1187 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
1188 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA);
1189 vnc_write_u32(vs, size);
1190 vnc_write(vs, buf, size);
1192 trace_vnc_client_throttle_audio(vs, vs->ioc, vs->output.offset);
1194 vnc_unlock_output(vs);
1198 static void audio_add(VncState *vs)
1200 struct audio_capture_ops ops;
1202 if (vs->audio_cap) {
1203 error_report("audio already running");
1207 ops.notify = audio_capture_notify;
1208 ops.destroy = audio_capture_destroy;
1209 ops.capture = audio_capture;
1211 vs->audio_cap = AUD_add_capture(vs->vd->audio_state, &vs->as, &ops, vs);
1212 if (!vs->audio_cap) {
1213 error_report("Failed to add audio capture");
1217 static void audio_del(VncState *vs)
1219 if (vs->audio_cap) {
1220 AUD_del_capture(vs->audio_cap, vs);
1221 vs->audio_cap = NULL;
1225 static void vnc_disconnect_start(VncState *vs)
1227 if (vs->disconnecting) {
1230 trace_vnc_client_disconnect_start(vs, vs->ioc);
1231 vnc_set_share_mode(vs, VNC_SHARE_MODE_DISCONNECTED);
1233 g_source_remove(vs->ioc_tag);
1236 qio_channel_close(vs->ioc, NULL);
1237 vs->disconnecting = TRUE;
1240 void vnc_disconnect_finish(VncState *vs)
1244 trace_vnc_client_disconnect_finish(vs, vs->ioc);
1246 vnc_jobs_join(vs); /* Wait encoding jobs */
1248 vnc_lock_output(vs);
1249 vnc_qmp_event(vs, QAPI_EVENT_VNC_DISCONNECTED);
1251 buffer_free(&vs->input);
1252 buffer_free(&vs->output);
1254 qapi_free_VncClientInfo(vs->info);
1257 vnc_tight_clear(vs);
1260 #ifdef CONFIG_VNC_SASL
1261 vnc_sasl_client_cleanup(vs);
1262 #endif /* CONFIG_VNC_SASL */
1264 qkbd_state_lift_all_keys(vs->vd->kbd);
1266 if (vs->mouse_mode_notifier.notify != NULL) {
1267 qemu_remove_mouse_mode_change_notifier(&vs->mouse_mode_notifier);
1269 QTAILQ_REMOVE(&vs->vd->clients, vs, next);
1270 if (QTAILQ_EMPTY(&vs->vd->clients)) {
1271 /* last client gone */
1272 vnc_update_server_surface(vs->vd);
1275 vnc_unlock_output(vs);
1277 qemu_mutex_destroy(&vs->output_mutex);
1278 if (vs->bh != NULL) {
1279 qemu_bh_delete(vs->bh);
1281 buffer_free(&vs->jobs_buffer);
1283 for (i = 0; i < VNC_STAT_ROWS; ++i) {
1284 g_free(vs->lossy_rect[i]);
1286 g_free(vs->lossy_rect);
1288 object_unref(OBJECT(vs->ioc));
1290 object_unref(OBJECT(vs->sioc));
1298 size_t vnc_client_io_error(VncState *vs, ssize_t ret, Error *err)
1302 trace_vnc_client_eof(vs, vs->ioc);
1303 vnc_disconnect_start(vs);
1304 } else if (ret != QIO_CHANNEL_ERR_BLOCK) {
1305 trace_vnc_client_io_error(vs, vs->ioc,
1306 err ? error_get_pretty(err) : "Unknown");
1307 vnc_disconnect_start(vs);
1317 void vnc_client_error(VncState *vs)
1319 VNC_DEBUG("Closing down client sock: protocol error\n");
1320 vnc_disconnect_start(vs);
1325 * Called to write a chunk of data to the client socket. The data may
1326 * be the raw data, or may have already been encoded by SASL.
1327 * The data will be written either straight onto the socket, or
1328 * written via the GNUTLS wrappers, if TLS/SSL encryption is enabled
1330 * NB, it is theoretically possible to have 2 layers of encryption,
1331 * both SASL, and this TLS layer. It is highly unlikely in practice
1332 * though, since SASL encryption will typically be a no-op if TLS
1335 * Returns the number of bytes written, which may be less than
1336 * the requested 'datalen' if the socket would block. Returns
1337 * 0 on I/O error, and disconnects the client socket.
1339 size_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen)
1343 ret = qio_channel_write(vs->ioc, (const char *)data, datalen, &err);
1344 VNC_DEBUG("Wrote wire %p %zd -> %ld\n", data, datalen, ret);
1345 return vnc_client_io_error(vs, ret, err);
1350 * Called to write buffered data to the client socket, when not
1351 * using any SASL SSF encryption layers. Will write as much data
1352 * as possible without blocking. If all buffered data is written,
1353 * will switch the FD poll() handler back to read monitoring.
1355 * Returns the number of bytes written, which may be less than
1356 * the buffered output data if the socket would block. Returns
1357 * 0 on I/O error, and disconnects the client socket.
1359 static size_t vnc_client_write_plain(VncState *vs)
1364 #ifdef CONFIG_VNC_SASL
1365 VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SSF %d\n",
1366 vs->output.buffer, vs->output.capacity, vs->output.offset,
1367 vs->sasl.waitWriteSSF);
1369 if (vs->sasl.conn &&
1371 vs->sasl.waitWriteSSF) {
1372 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->sasl.waitWriteSSF);
1374 vs->sasl.waitWriteSSF -= ret;
1376 #endif /* CONFIG_VNC_SASL */
1377 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->output.offset);
1381 if (ret >= vs->force_update_offset) {
1382 if (vs->force_update_offset != 0) {
1383 trace_vnc_client_unthrottle_forced(vs, vs->ioc);
1385 vs->force_update_offset = 0;
1387 vs->force_update_offset -= ret;
1389 offset = vs->output.offset;
1390 buffer_advance(&vs->output, ret);
1391 if (offset >= vs->throttle_output_offset &&
1392 vs->output.offset < vs->throttle_output_offset) {
1393 trace_vnc_client_unthrottle_incremental(vs, vs->ioc, vs->output.offset);
1396 if (vs->output.offset == 0) {
1398 g_source_remove(vs->ioc_tag);
1400 vs->ioc_tag = qio_channel_add_watch(
1401 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR,
1402 vnc_client_io, vs, NULL);
1410 * First function called whenever there is data to be written to
1411 * the client socket. Will delegate actual work according to whether
1412 * SASL SSF layers are enabled (thus requiring encryption calls)
1414 static void vnc_client_write_locked(VncState *vs)
1416 #ifdef CONFIG_VNC_SASL
1417 if (vs->sasl.conn &&
1419 !vs->sasl.waitWriteSSF) {
1420 vnc_client_write_sasl(vs);
1422 #endif /* CONFIG_VNC_SASL */
1424 vnc_client_write_plain(vs);
1428 static void vnc_client_write(VncState *vs)
1430 assert(vs->magic == VNC_MAGIC);
1431 vnc_lock_output(vs);
1432 if (vs->output.offset) {
1433 vnc_client_write_locked(vs);
1434 } else if (vs->ioc != NULL) {
1436 g_source_remove(vs->ioc_tag);
1438 vs->ioc_tag = qio_channel_add_watch(
1439 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR,
1440 vnc_client_io, vs, NULL);
1442 vnc_unlock_output(vs);
1445 void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting)
1447 vs->read_handler = func;
1448 vs->read_handler_expect = expecting;
1453 * Called to read a chunk of data from the client socket. The data may
1454 * be the raw data, or may need to be further decoded by SASL.
1455 * The data will be read either straight from to the socket, or
1456 * read via the GNUTLS wrappers, if TLS/SSL encryption is enabled
1458 * NB, it is theoretically possible to have 2 layers of encryption,
1459 * both SASL, and this TLS layer. It is highly unlikely in practice
1460 * though, since SASL encryption will typically be a no-op if TLS
1463 * Returns the number of bytes read, which may be less than
1464 * the requested 'datalen' if the socket would block. Returns
1465 * 0 on I/O error or EOF, and disconnects the client socket.
1467 size_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen)
1471 ret = qio_channel_read(vs->ioc, (char *)data, datalen, &err);
1472 VNC_DEBUG("Read wire %p %zd -> %ld\n", data, datalen, ret);
1473 return vnc_client_io_error(vs, ret, err);
1478 * Called to read data from the client socket to the input buffer,
1479 * when not using any SASL SSF encryption layers. Will read as much
1480 * data as possible without blocking.
1482 * Returns the number of bytes read, which may be less than
1483 * the requested 'datalen' if the socket would block. Returns
1484 * 0 on I/O error or EOF, and disconnects the client socket.
1486 static size_t vnc_client_read_plain(VncState *vs)
1489 VNC_DEBUG("Read plain %p size %zd offset %zd\n",
1490 vs->input.buffer, vs->input.capacity, vs->input.offset);
1491 buffer_reserve(&vs->input, 4096);
1492 ret = vnc_client_read_buf(vs, buffer_end(&vs->input), 4096);
1495 vs->input.offset += ret;
1499 static void vnc_jobs_bh(void *opaque)
1501 VncState *vs = opaque;
1503 assert(vs->magic == VNC_MAGIC);
1504 vnc_jobs_consume_buffer(vs);
1508 * First function called whenever there is more data to be read from
1509 * the client socket. Will delegate actual work according to whether
1510 * SASL SSF layers are enabled (thus requiring decryption calls)
1511 * Returns 0 on success, -1 if client disconnected
1513 static int vnc_client_read(VncState *vs)
1517 #ifdef CONFIG_VNC_SASL
1518 if (vs->sasl.conn && vs->sasl.runSSF)
1519 ret = vnc_client_read_sasl(vs);
1521 #endif /* CONFIG_VNC_SASL */
1522 ret = vnc_client_read_plain(vs);
1524 if (vs->disconnecting) {
1525 vnc_disconnect_finish(vs);
1531 while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) {
1532 size_t len = vs->read_handler_expect;
1535 ret = vs->read_handler(vs, vs->input.buffer, len);
1536 if (vs->disconnecting) {
1537 vnc_disconnect_finish(vs);
1542 buffer_advance(&vs->input, len);
1544 vs->read_handler_expect = ret;
1550 gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED,
1551 GIOCondition condition, void *opaque)
1553 VncState *vs = opaque;
1555 assert(vs->magic == VNC_MAGIC);
1557 if (condition & (G_IO_HUP | G_IO_ERR)) {
1558 vnc_disconnect_start(vs);
1562 if (condition & G_IO_IN) {
1563 if (vnc_client_read(vs) < 0) {
1564 /* vs is free()ed here */
1568 if (condition & G_IO_OUT) {
1569 vnc_client_write(vs);
1572 if (vs->disconnecting) {
1573 if (vs->ioc_tag != 0) {
1574 g_source_remove(vs->ioc_tag);
1583 * Scale factor to apply to vs->throttle_output_offset when checking for
1584 * hard limit. Worst case normal usage could be x2, if we have a complete
1585 * incremental update and complete forced update in the output buffer.
1586 * So x3 should be good enough, but we pick x5 to be conservative and thus
1587 * (hopefully) never trigger incorrectly.
1589 #define VNC_THROTTLE_OUTPUT_LIMIT_SCALE 5
1591 void vnc_write(VncState *vs, const void *data, size_t len)
1593 assert(vs->magic == VNC_MAGIC);
1594 if (vs->disconnecting) {
1597 /* Protection against malicious client/guest to prevent our output
1598 * buffer growing without bound if client stops reading data. This
1599 * should rarely trigger, because we have earlier throttling code
1600 * which stops issuing framebuffer updates and drops audio data
1601 * if the throttle_output_offset value is exceeded. So we only reach
1602 * this higher level if a huge number of pseudo-encodings get
1603 * triggered while data can't be sent on the socket.
1605 * NB throttle_output_offset can be zero during early protocol
1606 * handshake, or from the job thread's VncState clone
1608 if (vs->throttle_output_offset != 0 &&
1609 (vs->output.offset / VNC_THROTTLE_OUTPUT_LIMIT_SCALE) >
1610 vs->throttle_output_offset) {
1611 trace_vnc_client_output_limit(vs, vs->ioc, vs->output.offset,
1612 vs->throttle_output_offset);
1613 vnc_disconnect_start(vs);
1616 buffer_reserve(&vs->output, len);
1618 if (vs->ioc != NULL && buffer_empty(&vs->output)) {
1620 g_source_remove(vs->ioc_tag);
1622 vs->ioc_tag = qio_channel_add_watch(
1623 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR | G_IO_OUT,
1624 vnc_client_io, vs, NULL);
1627 buffer_append(&vs->output, data, len);
1630 void vnc_write_s32(VncState *vs, int32_t value)
1632 vnc_write_u32(vs, *(uint32_t *)&value);
1635 void vnc_write_u32(VncState *vs, uint32_t value)
1639 buf[0] = (value >> 24) & 0xFF;
1640 buf[1] = (value >> 16) & 0xFF;
1641 buf[2] = (value >> 8) & 0xFF;
1642 buf[3] = value & 0xFF;
1644 vnc_write(vs, buf, 4);
1647 void vnc_write_u16(VncState *vs, uint16_t value)
1651 buf[0] = (value >> 8) & 0xFF;
1652 buf[1] = value & 0xFF;
1654 vnc_write(vs, buf, 2);
1657 void vnc_write_u8(VncState *vs, uint8_t value)
1659 vnc_write(vs, (char *)&value, 1);
1662 void vnc_flush(VncState *vs)
1664 vnc_lock_output(vs);
1665 if (vs->ioc != NULL && vs->output.offset) {
1666 vnc_client_write_locked(vs);
1668 if (vs->disconnecting) {
1669 if (vs->ioc_tag != 0) {
1670 g_source_remove(vs->ioc_tag);
1674 vnc_unlock_output(vs);
1677 static uint8_t read_u8(uint8_t *data, size_t offset)
1679 return data[offset];
1682 static uint16_t read_u16(uint8_t *data, size_t offset)
1684 return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF);
1687 static int32_t read_s32(uint8_t *data, size_t offset)
1689 return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) |
1690 (data[offset + 2] << 8) | data[offset + 3]);
1693 uint32_t read_u32(uint8_t *data, size_t offset)
1695 return ((data[offset] << 24) | (data[offset + 1] << 16) |
1696 (data[offset + 2] << 8) | data[offset + 3]);
1699 static void client_cut_text(VncState *vs, size_t len, uint8_t *text)
1703 static void check_pointer_type_change(Notifier *notifier, void *data)
1705 VncState *vs = container_of(notifier, VncState, mouse_mode_notifier);
1706 int absolute = qemu_input_is_absolute();
1708 if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE) && vs->absolute != absolute) {
1709 vnc_lock_output(vs);
1710 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
1711 vnc_write_u8(vs, 0);
1712 vnc_write_u16(vs, 1);
1713 vnc_framebuffer_update(vs, absolute, 0,
1714 pixman_image_get_width(vs->vd->server),
1715 pixman_image_get_height(vs->vd->server),
1716 VNC_ENCODING_POINTER_TYPE_CHANGE);
1717 vnc_unlock_output(vs);
1720 vs->absolute = absolute;
1723 static void pointer_event(VncState *vs, int button_mask, int x, int y)
1725 static uint32_t bmap[INPUT_BUTTON__MAX] = {
1726 [INPUT_BUTTON_LEFT] = 0x01,
1727 [INPUT_BUTTON_MIDDLE] = 0x02,
1728 [INPUT_BUTTON_RIGHT] = 0x04,
1729 [INPUT_BUTTON_WHEEL_UP] = 0x08,
1730 [INPUT_BUTTON_WHEEL_DOWN] = 0x10,
1732 QemuConsole *con = vs->vd->dcl.con;
1733 int width = pixman_image_get_width(vs->vd->server);
1734 int height = pixman_image_get_height(vs->vd->server);
1736 if (vs->last_bmask != button_mask) {
1737 qemu_input_update_buttons(con, bmap, vs->last_bmask, button_mask);
1738 vs->last_bmask = button_mask;
1742 qemu_input_queue_abs(con, INPUT_AXIS_X, x, 0, width);
1743 qemu_input_queue_abs(con, INPUT_AXIS_Y, y, 0, height);
1744 } else if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE)) {
1745 qemu_input_queue_rel(con, INPUT_AXIS_X, x - 0x7FFF);
1746 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - 0x7FFF);
1748 if (vs->last_x != -1) {
1749 qemu_input_queue_rel(con, INPUT_AXIS_X, x - vs->last_x);
1750 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - vs->last_y);
1755 qemu_input_event_sync();
1758 static void press_key(VncState *vs, QKeyCode qcode)
1760 qkbd_state_key_event(vs->vd->kbd, qcode, true);
1761 qkbd_state_key_event(vs->vd->kbd, qcode, false);
1764 static void vnc_led_state_change(VncState *vs)
1766 if (!vnc_has_feature(vs, VNC_FEATURE_LED_STATE)) {
1770 vnc_lock_output(vs);
1771 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
1772 vnc_write_u8(vs, 0);
1773 vnc_write_u16(vs, 1);
1774 vnc_framebuffer_update(vs, 0, 0, 1, 1, VNC_ENCODING_LED_STATE);
1775 vnc_write_u8(vs, vs->vd->ledstate);
1776 vnc_unlock_output(vs);
1780 static void kbd_leds(void *opaque, int ledstate)
1782 VncDisplay *vd = opaque;
1785 trace_vnc_key_guest_leds((ledstate & QEMU_CAPS_LOCK_LED),
1786 (ledstate & QEMU_NUM_LOCK_LED),
1787 (ledstate & QEMU_SCROLL_LOCK_LED));
1789 if (ledstate == vd->ledstate) {
1793 vd->ledstate = ledstate;
1795 QTAILQ_FOREACH(client, &vd->clients, next) {
1796 vnc_led_state_change(client);
1800 static void do_key_event(VncState *vs, int down, int keycode, int sym)
1802 QKeyCode qcode = qemu_input_key_number_to_qcode(keycode);
1804 /* QEMU console switch */
1806 case Q_KEY_CODE_1 ... Q_KEY_CODE_9: /* '1' to '9' keys */
1807 if (vs->vd->dcl.con == NULL && down &&
1808 qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CTRL) &&
1809 qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_ALT)) {
1810 /* Reset the modifiers sent to the current console */
1811 qkbd_state_lift_all_keys(vs->vd->kbd);
1812 console_select(qcode - Q_KEY_CODE_1);
1819 /* Turn off the lock state sync logic if the client support the led
1822 if (down && vs->vd->lock_key_sync &&
1823 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) &&
1824 keycode_is_keypad(vs->vd->kbd_layout, keycode)) {
1825 /* If the numlock state needs to change then simulate an additional
1826 keypress before sending this one. This will happen if the user
1827 toggles numlock away from the VNC window.
1829 if (keysym_is_numlock(vs->vd->kbd_layout, sym & 0xFFFF)) {
1830 if (!qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK)) {
1831 trace_vnc_key_sync_numlock(true);
1832 press_key(vs, Q_KEY_CODE_NUM_LOCK);
1835 if (qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK)) {
1836 trace_vnc_key_sync_numlock(false);
1837 press_key(vs, Q_KEY_CODE_NUM_LOCK);
1842 if (down && vs->vd->lock_key_sync &&
1843 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) &&
1844 ((sym >= 'A' && sym <= 'Z') || (sym >= 'a' && sym <= 'z'))) {
1845 /* If the capslock state needs to change then simulate an additional
1846 keypress before sending this one. This will happen if the user
1847 toggles capslock away from the VNC window.
1849 int uppercase = !!(sym >= 'A' && sym <= 'Z');
1850 bool shift = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_SHIFT);
1851 bool capslock = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CAPSLOCK);
1853 if (uppercase == shift) {
1854 trace_vnc_key_sync_capslock(false);
1855 press_key(vs, Q_KEY_CODE_CAPS_LOCK);
1858 if (uppercase != shift) {
1859 trace_vnc_key_sync_capslock(true);
1860 press_key(vs, Q_KEY_CODE_CAPS_LOCK);
1865 qkbd_state_key_event(vs->vd->kbd, qcode, down);
1866 if (!qemu_console_is_graphic(NULL)) {
1867 bool numlock = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_NUMLOCK);
1868 bool control = qkbd_state_modifier_get(vs->vd->kbd, QKBD_MOD_CTRL);
1869 /* QEMU console emulation */
1872 case 0x2a: /* Left Shift */
1873 case 0x36: /* Right Shift */
1874 case 0x1d: /* Left CTRL */
1875 case 0x9d: /* Right CTRL */
1876 case 0x38: /* Left ALT */
1877 case 0xb8: /* Right ALT */
1880 kbd_put_keysym(QEMU_KEY_UP);
1883 kbd_put_keysym(QEMU_KEY_DOWN);
1886 kbd_put_keysym(QEMU_KEY_LEFT);
1889 kbd_put_keysym(QEMU_KEY_RIGHT);
1892 kbd_put_keysym(QEMU_KEY_DELETE);
1895 kbd_put_keysym(QEMU_KEY_HOME);
1898 kbd_put_keysym(QEMU_KEY_END);
1901 kbd_put_keysym(QEMU_KEY_PAGEUP);
1904 kbd_put_keysym(QEMU_KEY_PAGEDOWN);
1908 kbd_put_keysym(numlock ? '7' : QEMU_KEY_HOME);
1911 kbd_put_keysym(numlock ? '8' : QEMU_KEY_UP);
1914 kbd_put_keysym(numlock ? '9' : QEMU_KEY_PAGEUP);
1917 kbd_put_keysym(numlock ? '4' : QEMU_KEY_LEFT);
1920 kbd_put_keysym('5');
1923 kbd_put_keysym(numlock ? '6' : QEMU_KEY_RIGHT);
1926 kbd_put_keysym(numlock ? '1' : QEMU_KEY_END);
1929 kbd_put_keysym(numlock ? '2' : QEMU_KEY_DOWN);
1932 kbd_put_keysym(numlock ? '3' : QEMU_KEY_PAGEDOWN);
1935 kbd_put_keysym('0');
1938 kbd_put_keysym(numlock ? '.' : QEMU_KEY_DELETE);
1942 kbd_put_keysym('/');
1945 kbd_put_keysym('*');
1948 kbd_put_keysym('-');
1951 kbd_put_keysym('+');
1954 kbd_put_keysym('\n');
1959 kbd_put_keysym(sym & 0x1f);
1961 kbd_put_keysym(sym);
1969 static const char *code2name(int keycode)
1971 return QKeyCode_str(qemu_input_key_number_to_qcode(keycode));
1974 static void key_event(VncState *vs, int down, uint32_t sym)
1979 if (lsym >= 'A' && lsym <= 'Z' && qemu_console_is_graphic(NULL)) {
1980 lsym = lsym - 'A' + 'a';
1983 keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF,
1984 vs->vd->kbd, down) & SCANCODE_KEYMASK;
1985 trace_vnc_key_event_map(down, sym, keycode, code2name(keycode));
1986 do_key_event(vs, down, keycode, sym);
1989 static void ext_key_event(VncState *vs, int down,
1990 uint32_t sym, uint16_t keycode)
1992 /* if the user specifies a keyboard layout, always use it */
1993 if (keyboard_layout) {
1994 key_event(vs, down, sym);
1996 trace_vnc_key_event_ext(down, sym, keycode, code2name(keycode));
1997 do_key_event(vs, down, keycode, sym);
2001 static void framebuffer_update_request(VncState *vs, int incremental,
2002 int x, int y, int w, int h)
2005 if (vs->update != VNC_STATE_UPDATE_FORCE) {
2006 vs->update = VNC_STATE_UPDATE_INCREMENTAL;
2009 vs->update = VNC_STATE_UPDATE_FORCE;
2010 vnc_set_area_dirty(vs->dirty, vs->vd, x, y, w, h);
2014 static void send_ext_key_event_ack(VncState *vs)
2016 vnc_lock_output(vs);
2017 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
2018 vnc_write_u8(vs, 0);
2019 vnc_write_u16(vs, 1);
2020 vnc_framebuffer_update(vs, 0, 0,
2021 pixman_image_get_width(vs->vd->server),
2022 pixman_image_get_height(vs->vd->server),
2023 VNC_ENCODING_EXT_KEY_EVENT);
2024 vnc_unlock_output(vs);
2028 static void send_ext_audio_ack(VncState *vs)
2030 vnc_lock_output(vs);
2031 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
2032 vnc_write_u8(vs, 0);
2033 vnc_write_u16(vs, 1);
2034 vnc_framebuffer_update(vs, 0, 0,
2035 pixman_image_get_width(vs->vd->server),
2036 pixman_image_get_height(vs->vd->server),
2037 VNC_ENCODING_AUDIO);
2038 vnc_unlock_output(vs);
2042 static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings)
2045 unsigned int enc = 0;
2048 vs->vnc_encoding = 0;
2049 vs->tight->compression = 9;
2050 vs->tight->quality = -1; /* Lossless by default */
2054 * Start from the end because the encodings are sent in order of preference.
2055 * This way the preferred encoding (first encoding defined in the array)
2056 * will be set at the end of the loop.
2058 for (i = n_encodings - 1; i >= 0; i--) {
2061 case VNC_ENCODING_RAW:
2062 vs->vnc_encoding = enc;
2064 case VNC_ENCODING_HEXTILE:
2065 vs->features |= VNC_FEATURE_HEXTILE_MASK;
2066 vs->vnc_encoding = enc;
2068 case VNC_ENCODING_TIGHT:
2069 vs->features |= VNC_FEATURE_TIGHT_MASK;
2070 vs->vnc_encoding = enc;
2072 #ifdef CONFIG_VNC_PNG
2073 case VNC_ENCODING_TIGHT_PNG:
2074 vs->features |= VNC_FEATURE_TIGHT_PNG_MASK;
2075 vs->vnc_encoding = enc;
2078 case VNC_ENCODING_ZLIB:
2080 * VNC_ENCODING_ZRLE compresses better than VNC_ENCODING_ZLIB.
2081 * So prioritize ZRLE, even if the client hints that it prefers
2084 if ((vs->features & VNC_FEATURE_ZRLE_MASK) == 0) {
2085 vs->features |= VNC_FEATURE_ZLIB_MASK;
2086 vs->vnc_encoding = enc;
2089 case VNC_ENCODING_ZRLE:
2090 vs->features |= VNC_FEATURE_ZRLE_MASK;
2091 vs->vnc_encoding = enc;
2093 case VNC_ENCODING_ZYWRLE:
2094 vs->features |= VNC_FEATURE_ZYWRLE_MASK;
2095 vs->vnc_encoding = enc;
2097 case VNC_ENCODING_DESKTOPRESIZE:
2098 vs->features |= VNC_FEATURE_RESIZE_MASK;
2100 case VNC_ENCODING_POINTER_TYPE_CHANGE:
2101 vs->features |= VNC_FEATURE_POINTER_TYPE_CHANGE_MASK;
2103 case VNC_ENCODING_RICH_CURSOR:
2104 vs->features |= VNC_FEATURE_RICH_CURSOR_MASK;
2105 if (vs->vd->cursor) {
2106 vnc_cursor_define(vs);
2109 case VNC_ENCODING_EXT_KEY_EVENT:
2110 send_ext_key_event_ack(vs);
2112 case VNC_ENCODING_AUDIO:
2113 send_ext_audio_ack(vs);
2115 case VNC_ENCODING_WMVi:
2116 vs->features |= VNC_FEATURE_WMVI_MASK;
2118 case VNC_ENCODING_LED_STATE:
2119 vs->features |= VNC_FEATURE_LED_STATE_MASK;
2121 case VNC_ENCODING_COMPRESSLEVEL0 ... VNC_ENCODING_COMPRESSLEVEL0 + 9:
2122 vs->tight->compression = (enc & 0x0F);
2124 case VNC_ENCODING_QUALITYLEVEL0 ... VNC_ENCODING_QUALITYLEVEL0 + 9:
2125 if (vs->vd->lossy) {
2126 vs->tight->quality = (enc & 0x0F);
2130 VNC_DEBUG("Unknown encoding: %d (0x%.8x): %d\n", i, enc, enc);
2134 vnc_desktop_resize(vs);
2135 check_pointer_type_change(&vs->mouse_mode_notifier, NULL);
2136 vnc_led_state_change(vs);
2139 static void set_pixel_conversion(VncState *vs)
2141 pixman_format_code_t fmt = qemu_pixman_get_format(&vs->client_pf);
2143 if (fmt == VNC_SERVER_FB_FORMAT) {
2144 vs->write_pixels = vnc_write_pixels_copy;
2145 vnc_hextile_set_pixel_conversion(vs, 0);
2147 vs->write_pixels = vnc_write_pixels_generic;
2148 vnc_hextile_set_pixel_conversion(vs, 1);
2152 static void send_color_map(VncState *vs)
2156 vnc_write_u8(vs, VNC_MSG_SERVER_SET_COLOUR_MAP_ENTRIES);
2157 vnc_write_u8(vs, 0); /* padding */
2158 vnc_write_u16(vs, 0); /* first color */
2159 vnc_write_u16(vs, 256); /* # of colors */
2161 for (i = 0; i < 256; i++) {
2162 PixelFormat *pf = &vs->client_pf;
2164 vnc_write_u16(vs, (((i >> pf->rshift) & pf->rmax) << (16 - pf->rbits)));
2165 vnc_write_u16(vs, (((i >> pf->gshift) & pf->gmax) << (16 - pf->gbits)));
2166 vnc_write_u16(vs, (((i >> pf->bshift) & pf->bmax) << (16 - pf->bbits)));
2170 static void set_pixel_format(VncState *vs, int bits_per_pixel,
2171 int big_endian_flag, int true_color_flag,
2172 int red_max, int green_max, int blue_max,
2173 int red_shift, int green_shift, int blue_shift)
2175 if (!true_color_flag) {
2176 /* Expose a reasonable default 256 color map */
2186 switch (bits_per_pixel) {
2192 vnc_client_error(vs);
2196 vs->client_pf.rmax = red_max ? red_max : 0xFF;
2197 vs->client_pf.rbits = ctpopl(red_max);
2198 vs->client_pf.rshift = red_shift;
2199 vs->client_pf.rmask = red_max << red_shift;
2200 vs->client_pf.gmax = green_max ? green_max : 0xFF;
2201 vs->client_pf.gbits = ctpopl(green_max);
2202 vs->client_pf.gshift = green_shift;
2203 vs->client_pf.gmask = green_max << green_shift;
2204 vs->client_pf.bmax = blue_max ? blue_max : 0xFF;
2205 vs->client_pf.bbits = ctpopl(blue_max);
2206 vs->client_pf.bshift = blue_shift;
2207 vs->client_pf.bmask = blue_max << blue_shift;
2208 vs->client_pf.bits_per_pixel = bits_per_pixel;
2209 vs->client_pf.bytes_per_pixel = bits_per_pixel / 8;
2210 vs->client_pf.depth = bits_per_pixel == 32 ? 24 : bits_per_pixel;
2211 vs->client_be = big_endian_flag;
2213 if (!true_color_flag) {
2217 set_pixel_conversion(vs);
2219 graphic_hw_invalidate(vs->vd->dcl.con);
2220 graphic_hw_update(vs->vd->dcl.con);
2223 static void pixel_format_message (VncState *vs) {
2224 char pad[3] = { 0, 0, 0 };
2226 vs->client_pf = qemu_default_pixelformat(32);
2228 vnc_write_u8(vs, vs->client_pf.bits_per_pixel); /* bits-per-pixel */
2229 vnc_write_u8(vs, vs->client_pf.depth); /* depth */
2231 #ifdef HOST_WORDS_BIGENDIAN
2232 vnc_write_u8(vs, 1); /* big-endian-flag */
2234 vnc_write_u8(vs, 0); /* big-endian-flag */
2236 vnc_write_u8(vs, 1); /* true-color-flag */
2237 vnc_write_u16(vs, vs->client_pf.rmax); /* red-max */
2238 vnc_write_u16(vs, vs->client_pf.gmax); /* green-max */
2239 vnc_write_u16(vs, vs->client_pf.bmax); /* blue-max */
2240 vnc_write_u8(vs, vs->client_pf.rshift); /* red-shift */
2241 vnc_write_u8(vs, vs->client_pf.gshift); /* green-shift */
2242 vnc_write_u8(vs, vs->client_pf.bshift); /* blue-shift */
2243 vnc_write(vs, pad, 3); /* padding */
2245 vnc_hextile_set_pixel_conversion(vs, 0);
2246 vs->write_pixels = vnc_write_pixels_copy;
2249 static void vnc_colordepth(VncState *vs)
2251 if (vnc_has_feature(vs, VNC_FEATURE_WMVI)) {
2252 /* Sending a WMVi message to notify the client*/
2253 vnc_lock_output(vs);
2254 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
2255 vnc_write_u8(vs, 0);
2256 vnc_write_u16(vs, 1); /* number of rects */
2257 vnc_framebuffer_update(vs, 0, 0,
2258 pixman_image_get_width(vs->vd->server),
2259 pixman_image_get_height(vs->vd->server),
2261 pixel_format_message(vs);
2262 vnc_unlock_output(vs);
2265 set_pixel_conversion(vs);
2269 static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
2274 VncDisplay *vd = vs->vd;
2277 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
2281 case VNC_MSG_CLIENT_SET_PIXEL_FORMAT:
2285 set_pixel_format(vs, read_u8(data, 4),
2286 read_u8(data, 6), read_u8(data, 7),
2287 read_u16(data, 8), read_u16(data, 10),
2288 read_u16(data, 12), read_u8(data, 14),
2289 read_u8(data, 15), read_u8(data, 16));
2291 case VNC_MSG_CLIENT_SET_ENCODINGS:
2296 limit = read_u16(data, 2);
2298 return 4 + (limit * 4);
2300 limit = read_u16(data, 2);
2302 for (i = 0; i < limit; i++) {
2303 int32_t val = read_s32(data, 4 + (i * 4));
2304 memcpy(data + 4 + (i * 4), &val, sizeof(val));
2307 set_encodings(vs, (int32_t *)(data + 4), limit);
2309 case VNC_MSG_CLIENT_FRAMEBUFFER_UPDATE_REQUEST:
2313 framebuffer_update_request(vs,
2314 read_u8(data, 1), read_u16(data, 2), read_u16(data, 4),
2315 read_u16(data, 6), read_u16(data, 8));
2317 case VNC_MSG_CLIENT_KEY_EVENT:
2321 key_event(vs, read_u8(data, 1), read_u32(data, 4));
2323 case VNC_MSG_CLIENT_POINTER_EVENT:
2327 pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4));
2329 case VNC_MSG_CLIENT_CUT_TEXT:
2334 uint32_t dlen = read_u32(data, 4);
2335 if (dlen > (1 << 20)) {
2336 error_report("vnc: client_cut_text msg payload has %u bytes"
2337 " which exceeds our limit of 1MB.", dlen);
2338 vnc_client_error(vs);
2346 client_cut_text(vs, read_u32(data, 4), data + 8);
2348 case VNC_MSG_CLIENT_QEMU:
2352 switch (read_u8(data, 1)) {
2353 case VNC_MSG_CLIENT_QEMU_EXT_KEY_EVENT:
2357 ext_key_event(vs, read_u16(data, 2),
2358 read_u32(data, 4), read_u32(data, 8));
2360 case VNC_MSG_CLIENT_QEMU_AUDIO:
2364 switch (read_u16 (data, 2)) {
2365 case VNC_MSG_CLIENT_QEMU_AUDIO_ENABLE:
2368 case VNC_MSG_CLIENT_QEMU_AUDIO_DISABLE:
2371 case VNC_MSG_CLIENT_QEMU_AUDIO_SET_FORMAT:
2374 switch (read_u8(data, 4)) {
2375 case 0: vs->as.fmt = AUDIO_FORMAT_U8; break;
2376 case 1: vs->as.fmt = AUDIO_FORMAT_S8; break;
2377 case 2: vs->as.fmt = AUDIO_FORMAT_U16; break;
2378 case 3: vs->as.fmt = AUDIO_FORMAT_S16; break;
2379 case 4: vs->as.fmt = AUDIO_FORMAT_U32; break;
2380 case 5: vs->as.fmt = AUDIO_FORMAT_S32; break;
2382 VNC_DEBUG("Invalid audio format %d\n", read_u8(data, 4));
2383 vnc_client_error(vs);
2386 vs->as.nchannels = read_u8(data, 5);
2387 if (vs->as.nchannels != 1 && vs->as.nchannels != 2) {
2388 VNC_DEBUG("Invalid audio channel count %d\n",
2390 vnc_client_error(vs);
2393 freq = read_u32(data, 6);
2394 /* No official limit for protocol, but 48khz is a sensible
2395 * upper bound for trustworthy clients, and this limit
2396 * protects calculations involving 'vs->as.freq' later.
2399 VNC_DEBUG("Invalid audio frequency %u > 48000", freq);
2400 vnc_client_error(vs);
2406 VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 4));
2407 vnc_client_error(vs);
2413 VNC_DEBUG("Msg: %d\n", read_u16(data, 0));
2414 vnc_client_error(vs);
2419 VNC_DEBUG("Msg: %d\n", data[0]);
2420 vnc_client_error(vs);
2424 vnc_update_throttle_offset(vs);
2425 vnc_read_when(vs, protocol_client_msg, 1);
2429 static int protocol_client_init(VncState *vs, uint8_t *data, size_t len)
2435 mode = data[0] ? VNC_SHARE_MODE_SHARED : VNC_SHARE_MODE_EXCLUSIVE;
2436 switch (vs->vd->share_policy) {
2437 case VNC_SHARE_POLICY_IGNORE:
2439 * Ignore the shared flag. Nothing to do here.
2441 * Doesn't conform to the rfb spec but is traditional qemu
2442 * behavior, thus left here as option for compatibility
2446 case VNC_SHARE_POLICY_ALLOW_EXCLUSIVE:
2448 * Policy: Allow clients ask for exclusive access.
2450 * Implementation: When a client asks for exclusive access,
2451 * disconnect all others. Shared connects are allowed as long
2452 * as no exclusive connection exists.
2454 * This is how the rfb spec suggests to handle the shared flag.
2456 if (mode == VNC_SHARE_MODE_EXCLUSIVE) {
2458 QTAILQ_FOREACH(client, &vs->vd->clients, next) {
2462 if (client->share_mode != VNC_SHARE_MODE_EXCLUSIVE &&
2463 client->share_mode != VNC_SHARE_MODE_SHARED) {
2466 vnc_disconnect_start(client);
2469 if (mode == VNC_SHARE_MODE_SHARED) {
2470 if (vs->vd->num_exclusive > 0) {
2471 vnc_disconnect_start(vs);
2476 case VNC_SHARE_POLICY_FORCE_SHARED:
2478 * Policy: Shared connects only.
2479 * Implementation: Disallow clients asking for exclusive access.
2481 * Useful for shared desktop sessions where you don't want
2482 * someone forgetting to say -shared when running the vnc
2483 * client disconnect everybody else.
2485 if (mode == VNC_SHARE_MODE_EXCLUSIVE) {
2486 vnc_disconnect_start(vs);
2491 vnc_set_share_mode(vs, mode);
2493 if (vs->vd->num_shared > vs->vd->connections_limit) {
2494 vnc_disconnect_start(vs);
2498 assert(pixman_image_get_width(vs->vd->server) < 65536 &&
2499 pixman_image_get_width(vs->vd->server) >= 0);
2500 assert(pixman_image_get_height(vs->vd->server) < 65536 &&
2501 pixman_image_get_height(vs->vd->server) >= 0);
2502 vs->client_width = pixman_image_get_width(vs->vd->server);
2503 vs->client_height = pixman_image_get_height(vs->vd->server);
2504 vnc_write_u16(vs, vs->client_width);
2505 vnc_write_u16(vs, vs->client_height);
2507 pixel_format_message(vs);
2510 size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name);
2511 if (size > sizeof(buf)) {
2515 size = snprintf(buf, sizeof(buf), "QEMU");
2518 vnc_write_u32(vs, size);
2519 vnc_write(vs, buf, size);
2522 vnc_client_cache_auth(vs);
2523 vnc_qmp_event(vs, QAPI_EVENT_VNC_INITIALIZED);
2525 vnc_read_when(vs, protocol_client_msg, 1);
2530 void start_client_init(VncState *vs)
2532 vnc_read_when(vs, protocol_client_init, 1);
2535 static void authentication_failed(VncState *vs)
2537 vnc_write_u32(vs, 1); /* Reject auth */
2538 if (vs->minor >= 8) {
2539 static const char err[] = "Authentication failed";
2540 vnc_write_u32(vs, sizeof(err));
2541 vnc_write(vs, err, sizeof(err));
2544 vnc_client_error(vs);
2547 static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
2549 unsigned char response[VNC_AUTH_CHALLENGE_SIZE];
2551 unsigned char key[8];
2552 time_t now = time(NULL);
2553 QCryptoCipher *cipher = NULL;
2556 if (!vs->vd->password) {
2557 trace_vnc_auth_fail(vs, vs->auth, "password is not set", "");
2560 if (vs->vd->expires < now) {
2561 trace_vnc_auth_fail(vs, vs->auth, "password is expired", "");
2565 memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE);
2567 /* Calculate the expected challenge response */
2568 pwlen = strlen(vs->vd->password);
2569 for (i=0; i<sizeof(key); i++)
2570 key[i] = i<pwlen ? vs->vd->password[i] : 0;
2572 cipher = qcrypto_cipher_new(
2573 QCRYPTO_CIPHER_ALG_DES_RFB,
2574 QCRYPTO_CIPHER_MODE_ECB,
2575 key, G_N_ELEMENTS(key),
2578 trace_vnc_auth_fail(vs, vs->auth, "cannot create cipher",
2579 error_get_pretty(err));
2584 if (qcrypto_cipher_encrypt(cipher,
2587 VNC_AUTH_CHALLENGE_SIZE,
2589 trace_vnc_auth_fail(vs, vs->auth, "cannot encrypt challenge response",
2590 error_get_pretty(err));
2595 /* Compare expected vs actual challenge response */
2596 if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) {
2597 trace_vnc_auth_fail(vs, vs->auth, "mis-matched challenge response", "");
2600 trace_vnc_auth_pass(vs, vs->auth);
2601 vnc_write_u32(vs, 0); /* Accept auth */
2604 start_client_init(vs);
2607 qcrypto_cipher_free(cipher);
2611 authentication_failed(vs);
2612 qcrypto_cipher_free(cipher);
2616 void start_auth_vnc(VncState *vs)
2620 if (qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), &err)) {
2621 trace_vnc_auth_fail(vs, vs->auth, "cannot get random bytes",
2622 error_get_pretty(err));
2624 authentication_failed(vs);
2628 /* Send client a 'random' challenge */
2629 vnc_write(vs, vs->challenge, sizeof(vs->challenge));
2632 vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge));
2636 static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
2638 /* We only advertise 1 auth scheme at a time, so client
2639 * must pick the one we sent. Verify this */
2640 if (data[0] != vs->auth) { /* Reject auth */
2641 trace_vnc_auth_reject(vs, vs->auth, (int)data[0]);
2642 authentication_failed(vs);
2643 } else { /* Accept requested auth */
2644 trace_vnc_auth_start(vs, vs->auth);
2647 if (vs->minor >= 8) {
2648 vnc_write_u32(vs, 0); /* Accept auth completion */
2651 trace_vnc_auth_pass(vs, vs->auth);
2652 start_client_init(vs);
2659 case VNC_AUTH_VENCRYPT:
2660 start_auth_vencrypt(vs);
2663 #ifdef CONFIG_VNC_SASL
2665 start_auth_sasl(vs);
2667 #endif /* CONFIG_VNC_SASL */
2669 default: /* Should not be possible, but just in case */
2670 trace_vnc_auth_fail(vs, vs->auth, "Unhandled auth method", "");
2671 authentication_failed(vs);
2677 static int protocol_version(VncState *vs, uint8_t *version, size_t len)
2681 memcpy(local, version, 12);
2684 if (sscanf(local, "RFB %03d.%03d\n", &vs->major, &vs->minor) != 2) {
2685 VNC_DEBUG("Malformed protocol version %s\n", local);
2686 vnc_client_error(vs);
2689 VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, vs->minor);
2690 if (vs->major != 3 ||
2696 VNC_DEBUG("Unsupported client version\n");
2697 vnc_write_u32(vs, VNC_AUTH_INVALID);
2699 vnc_client_error(vs);
2702 /* Some broken clients report v3.4 or v3.5, which spec requires to be treated
2703 * as equivalent to v3.3 by servers
2705 if (vs->minor == 4 || vs->minor == 5)
2708 if (vs->minor == 3) {
2709 trace_vnc_auth_start(vs, vs->auth);
2710 if (vs->auth == VNC_AUTH_NONE) {
2711 vnc_write_u32(vs, vs->auth);
2713 trace_vnc_auth_pass(vs, vs->auth);
2714 start_client_init(vs);
2715 } else if (vs->auth == VNC_AUTH_VNC) {
2716 VNC_DEBUG("Tell client VNC auth\n");
2717 vnc_write_u32(vs, vs->auth);
2721 trace_vnc_auth_fail(vs, vs->auth,
2722 "Unsupported auth method for v3.3", "");
2723 vnc_write_u32(vs, VNC_AUTH_INVALID);
2725 vnc_client_error(vs);
2728 vnc_write_u8(vs, 1); /* num auth */
2729 vnc_write_u8(vs, vs->auth);
2730 vnc_read_when(vs, protocol_client_auth, 1);
2737 static VncRectStat *vnc_stat_rect(VncDisplay *vd, int x, int y)
2739 struct VncSurface *vs = &vd->guest;
2741 return &vs->stats[y / VNC_STAT_RECT][x / VNC_STAT_RECT];
2744 void vnc_sent_lossy_rect(VncState *vs, int x, int y, int w, int h)
2748 w = (x + w) / VNC_STAT_RECT;
2749 h = (y + h) / VNC_STAT_RECT;
2753 for (j = y; j <= h; j++) {
2754 for (i = x; i <= w; i++) {
2755 vs->lossy_rect[j][i] = 1;
2760 static int vnc_refresh_lossy_rect(VncDisplay *vd, int x, int y)
2763 int sty = y / VNC_STAT_RECT;
2764 int stx = x / VNC_STAT_RECT;
2767 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT);
2768 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT);
2770 QTAILQ_FOREACH(vs, &vd->clients, next) {
2773 /* kernel send buffers are full -> refresh later */
2774 if (vs->output.offset) {
2778 if (!vs->lossy_rect[sty][stx]) {
2782 vs->lossy_rect[sty][stx] = 0;
2783 for (j = 0; j < VNC_STAT_RECT; ++j) {
2784 bitmap_set(vs->dirty[y + j],
2785 x / VNC_DIRTY_PIXELS_PER_BIT,
2786 VNC_STAT_RECT / VNC_DIRTY_PIXELS_PER_BIT);
2794 static int vnc_update_stats(VncDisplay *vd, struct timeval * tv)
2796 int width = MIN(pixman_image_get_width(vd->guest.fb),
2797 pixman_image_get_width(vd->server));
2798 int height = MIN(pixman_image_get_height(vd->guest.fb),
2799 pixman_image_get_height(vd->server));
2804 for (y = 0; y < height; y += VNC_STAT_RECT) {
2805 for (x = 0; x < width; x += VNC_STAT_RECT) {
2806 VncRectStat *rect = vnc_stat_rect(vd, x, y);
2808 rect->updated = false;
2812 qemu_timersub(tv, &VNC_REFRESH_STATS, &res);
2814 if (timercmp(&vd->guest.last_freq_check, &res, >)) {
2817 vd->guest.last_freq_check = *tv;
2819 for (y = 0; y < height; y += VNC_STAT_RECT) {
2820 for (x = 0; x < width; x += VNC_STAT_RECT) {
2821 VncRectStat *rect= vnc_stat_rect(vd, x, y);
2822 int count = ARRAY_SIZE(rect->times);
2823 struct timeval min, max;
2825 if (!timerisset(&rect->times[count - 1])) {
2829 max = rect->times[(rect->idx + count - 1) % count];
2830 qemu_timersub(tv, &max, &res);
2832 if (timercmp(&res, &VNC_REFRESH_LOSSY, >)) {
2834 has_dirty += vnc_refresh_lossy_rect(vd, x, y);
2835 memset(rect->times, 0, sizeof (rect->times));
2839 min = rect->times[rect->idx];
2840 max = rect->times[(rect->idx + count - 1) % count];
2841 qemu_timersub(&max, &min, &res);
2843 rect->freq = res.tv_sec + res.tv_usec / 1000000.;
2844 rect->freq /= count;
2845 rect->freq = 1. / rect->freq;
2851 double vnc_update_freq(VncState *vs, int x, int y, int w, int h)
2857 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT);
2858 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT);
2860 for (j = y; j <= y + h; j += VNC_STAT_RECT) {
2861 for (i = x; i <= x + w; i += VNC_STAT_RECT) {
2862 total += vnc_stat_rect(vs->vd, i, j)->freq;
2874 static void vnc_rect_updated(VncDisplay *vd, int x, int y, struct timeval * tv)
2878 rect = vnc_stat_rect(vd, x, y);
2879 if (rect->updated) {
2882 rect->times[rect->idx] = *tv;
2883 rect->idx = (rect->idx + 1) % ARRAY_SIZE(rect->times);
2884 rect->updated = true;
2887 static int vnc_refresh_server_surface(VncDisplay *vd)
2889 int width = MIN(pixman_image_get_width(vd->guest.fb),
2890 pixman_image_get_width(vd->server));
2891 int height = MIN(pixman_image_get_height(vd->guest.fb),
2892 pixman_image_get_height(vd->server));
2893 int cmp_bytes, server_stride, line_bytes, guest_ll, guest_stride, y = 0;
2894 uint8_t *guest_row0 = NULL, *server_row0;
2897 pixman_image_t *tmpbuf = NULL;
2899 struct timeval tv = { 0, 0 };
2901 if (!vd->non_adaptive) {
2902 gettimeofday(&tv, NULL);
2903 has_dirty = vnc_update_stats(vd, &tv);
2907 * Walk through the guest dirty map.
2908 * Check and copy modified bits from guest to server surface.
2909 * Update server dirty map.
2911 server_row0 = (uint8_t *)pixman_image_get_data(vd->server);
2912 server_stride = guest_stride = guest_ll =
2913 pixman_image_get_stride(vd->server);
2914 cmp_bytes = MIN(VNC_DIRTY_PIXELS_PER_BIT * VNC_SERVER_FB_BYTES,
2916 if (vd->guest.format != VNC_SERVER_FB_FORMAT) {
2917 int width = pixman_image_get_width(vd->server);
2918 tmpbuf = qemu_pixman_linebuf_create(VNC_SERVER_FB_FORMAT, width);
2921 PIXMAN_FORMAT_BPP(pixman_image_get_format(vd->guest.fb));
2922 guest_row0 = (uint8_t *)pixman_image_get_data(vd->guest.fb);
2923 guest_stride = pixman_image_get_stride(vd->guest.fb);
2924 guest_ll = pixman_image_get_width(vd->guest.fb)
2925 * DIV_ROUND_UP(guest_bpp, 8);
2927 line_bytes = MIN(server_stride, guest_ll);
2931 uint8_t *guest_ptr, *server_ptr;
2932 unsigned long offset = find_next_bit((unsigned long *) &vd->guest.dirty,
2933 height * VNC_DIRTY_BPL(&vd->guest),
2934 y * VNC_DIRTY_BPL(&vd->guest));
2935 if (offset == height * VNC_DIRTY_BPL(&vd->guest)) {
2936 /* no more dirty bits */
2939 y = offset / VNC_DIRTY_BPL(&vd->guest);
2940 x = offset % VNC_DIRTY_BPL(&vd->guest);
2942 server_ptr = server_row0 + y * server_stride + x * cmp_bytes;
2944 if (vd->guest.format != VNC_SERVER_FB_FORMAT) {
2945 qemu_pixman_linebuf_fill(tmpbuf, vd->guest.fb, width, 0, y);
2946 guest_ptr = (uint8_t *)pixman_image_get_data(tmpbuf);
2948 guest_ptr = guest_row0 + y * guest_stride;
2950 guest_ptr += x * cmp_bytes;
2952 for (; x < DIV_ROUND_UP(width, VNC_DIRTY_PIXELS_PER_BIT);
2953 x++, guest_ptr += cmp_bytes, server_ptr += cmp_bytes) {
2954 int _cmp_bytes = cmp_bytes;
2955 if (!test_and_clear_bit(x, vd->guest.dirty[y])) {
2958 if ((x + 1) * cmp_bytes > line_bytes) {
2959 _cmp_bytes = line_bytes - x * cmp_bytes;
2961 assert(_cmp_bytes >= 0);
2962 if (memcmp(server_ptr, guest_ptr, _cmp_bytes) == 0) {
2965 memcpy(server_ptr, guest_ptr, _cmp_bytes);
2966 if (!vd->non_adaptive) {
2967 vnc_rect_updated(vd, x * VNC_DIRTY_PIXELS_PER_BIT,
2970 QTAILQ_FOREACH(vs, &vd->clients, next) {
2971 set_bit(x, vs->dirty[y]);
2978 qemu_pixman_image_unref(tmpbuf);
2982 static void vnc_refresh(DisplayChangeListener *dcl)
2984 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
2986 int has_dirty, rects = 0;
2988 if (QTAILQ_EMPTY(&vd->clients)) {
2989 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_MAX);
2993 graphic_hw_update(vd->dcl.con);
2995 if (vnc_trylock_display(vd)) {
2996 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
3000 has_dirty = vnc_refresh_server_surface(vd);
3001 vnc_unlock_display(vd);
3003 QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) {
3004 rects += vnc_update_client(vs, has_dirty);
3005 /* vs might be free()ed here */
3008 if (has_dirty && rects) {
3009 vd->dcl.update_interval /= 2;
3010 if (vd->dcl.update_interval < VNC_REFRESH_INTERVAL_BASE) {
3011 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_BASE;
3014 vd->dcl.update_interval += VNC_REFRESH_INTERVAL_INC;
3015 if (vd->dcl.update_interval > VNC_REFRESH_INTERVAL_MAX) {
3016 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_MAX;
3021 static void vnc_connect(VncDisplay *vd, QIOChannelSocket *sioc,
3022 bool skipauth, bool websocket)
3024 VncState *vs = g_new0(VncState, 1);
3025 bool first_client = QTAILQ_EMPTY(&vd->clients);
3028 trace_vnc_client_connect(vs, sioc);
3029 vs->zrle = g_new0(VncZrle, 1);
3030 vs->tight = g_new0(VncTight, 1);
3031 vs->magic = VNC_MAGIC;
3033 object_ref(OBJECT(vs->sioc));
3034 vs->ioc = QIO_CHANNEL(sioc);
3035 object_ref(OBJECT(vs->ioc));
3038 buffer_init(&vs->input, "vnc-input/%p", sioc);
3039 buffer_init(&vs->output, "vnc-output/%p", sioc);
3040 buffer_init(&vs->jobs_buffer, "vnc-jobs_buffer/%p", sioc);
3042 buffer_init(&vs->tight->tight, "vnc-tight/%p", sioc);
3043 buffer_init(&vs->tight->zlib, "vnc-tight-zlib/%p", sioc);
3044 buffer_init(&vs->tight->gradient, "vnc-tight-gradient/%p", sioc);
3045 #ifdef CONFIG_VNC_JPEG
3046 buffer_init(&vs->tight->jpeg, "vnc-tight-jpeg/%p", sioc);
3048 #ifdef CONFIG_VNC_PNG
3049 buffer_init(&vs->tight->png, "vnc-tight-png/%p", sioc);
3051 buffer_init(&vs->zlib.zlib, "vnc-zlib/%p", sioc);
3052 buffer_init(&vs->zrle->zrle, "vnc-zrle/%p", sioc);
3053 buffer_init(&vs->zrle->fb, "vnc-zrle-fb/%p", sioc);
3054 buffer_init(&vs->zrle->zlib, "vnc-zrle-zlib/%p", sioc);
3057 vs->auth = VNC_AUTH_NONE;
3058 vs->subauth = VNC_AUTH_INVALID;
3061 vs->auth = vd->ws_auth;
3062 vs->subauth = VNC_AUTH_INVALID;
3064 vs->auth = vd->auth;
3065 vs->subauth = vd->subauth;
3068 VNC_DEBUG("Client sioc=%p ws=%d auth=%d subauth=%d\n",
3069 sioc, websocket, vs->auth, vs->subauth);
3071 vs->lossy_rect = g_malloc0(VNC_STAT_ROWS * sizeof (*vs->lossy_rect));
3072 for (i = 0; i < VNC_STAT_ROWS; ++i) {
3073 vs->lossy_rect[i] = g_new0(uint8_t, VNC_STAT_COLS);
3076 VNC_DEBUG("New client on socket %p\n", vs->sioc);
3077 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
3078 qio_channel_set_blocking(vs->ioc, false, NULL);
3080 g_source_remove(vs->ioc_tag);
3085 vs->ioc_tag = qio_channel_add_watch(
3086 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR,
3087 vncws_tls_handshake_io, vs, NULL);
3089 vs->ioc_tag = qio_channel_add_watch(
3090 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR,
3091 vncws_handshake_io, vs, NULL);
3094 vs->ioc_tag = qio_channel_add_watch(
3095 vs->ioc, G_IO_IN | G_IO_HUP | G_IO_ERR,
3096 vnc_client_io, vs, NULL);
3099 vnc_client_cache_addr(vs);
3100 vnc_qmp_event(vs, QAPI_EVENT_VNC_CONNECTED);
3101 vnc_set_share_mode(vs, VNC_SHARE_MODE_CONNECTING);
3106 vs->as.freq = 44100;
3107 vs->as.nchannels = 2;
3108 vs->as.fmt = AUDIO_FORMAT_S16;
3109 vs->as.endianness = 0;
3111 qemu_mutex_init(&vs->output_mutex);
3112 vs->bh = qemu_bh_new(vnc_jobs_bh, vs);
3114 QTAILQ_INSERT_TAIL(&vd->clients, vs, next);
3116 vnc_update_server_surface(vd);
3119 graphic_hw_update(vd->dcl.con);
3121 if (!vs->websocket) {
3122 vnc_start_protocol(vs);
3125 if (vd->num_connecting > vd->connections_limit) {
3126 QTAILQ_FOREACH(vs, &vd->clients, next) {
3127 if (vs->share_mode == VNC_SHARE_MODE_CONNECTING) {
3128 vnc_disconnect_start(vs);
3135 void vnc_start_protocol(VncState *vs)
3137 vnc_write(vs, "RFB 003.008\n", 12);
3139 vnc_read_when(vs, protocol_version, 12);
3141 vs->mouse_mode_notifier.notify = check_pointer_type_change;
3142 qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier);
3145 static void vnc_listen_io(QIONetListener *listener,
3146 QIOChannelSocket *cioc,
3149 VncDisplay *vd = opaque;
3150 bool isWebsock = listener == vd->wslistener;
3152 qio_channel_set_name(QIO_CHANNEL(cioc),
3153 isWebsock ? "vnc-ws-server" : "vnc-server");
3154 qio_channel_set_delay(QIO_CHANNEL(cioc), false);
3155 vnc_connect(vd, cioc, false, isWebsock);
3158 static const DisplayChangeListenerOps dcl_ops = {
3160 .dpy_refresh = vnc_refresh,
3161 .dpy_gfx_update = vnc_dpy_update,
3162 .dpy_gfx_switch = vnc_dpy_switch,
3163 .dpy_gfx_check_format = qemu_pixman_check_format,
3164 .dpy_mouse_set = vnc_mouse_set,
3165 .dpy_cursor_define = vnc_dpy_cursor_define,
3168 void vnc_display_init(const char *id, Error **errp)
3172 if (vnc_display_find(id) != NULL) {
3175 vd = g_malloc0(sizeof(*vd));
3177 vd->id = strdup(id);
3178 QTAILQ_INSERT_TAIL(&vnc_displays, vd, next);
3180 QTAILQ_INIT(&vd->clients);
3181 vd->expires = TIME_MAX;
3183 if (keyboard_layout) {
3184 trace_vnc_key_map_init(keyboard_layout);
3185 vd->kbd_layout = init_keyboard_layout(name2keysym,
3186 keyboard_layout, errp);
3188 vd->kbd_layout = init_keyboard_layout(name2keysym, "en-us", errp);
3191 if (!vd->kbd_layout) {
3195 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
3196 vd->connections_limit = 32;
3198 qemu_mutex_init(&vd->mutex);
3199 vnc_start_worker_thread();
3201 vd->dcl.ops = &dcl_ops;
3202 register_displaychangelistener(&vd->dcl);
3203 vd->kbd = qkbd_state_init(vd->dcl.con);
3207 static void vnc_display_close(VncDisplay *vd)
3212 vd->is_unix = false;
3215 qio_net_listener_disconnect(vd->listener);
3216 object_unref(OBJECT(vd->listener));
3218 vd->listener = NULL;
3220 if (vd->wslistener) {
3221 qio_net_listener_disconnect(vd->wslistener);
3222 object_unref(OBJECT(vd->wslistener));
3224 vd->wslistener = NULL;
3226 vd->auth = VNC_AUTH_INVALID;
3227 vd->subauth = VNC_AUTH_INVALID;
3229 object_unparent(OBJECT(vd->tlscreds));
3230 vd->tlscreds = NULL;
3233 object_unparent(OBJECT(vd->tlsauthz));
3234 vd->tlsauthz = NULL;
3236 g_free(vd->tlsauthzid);
3237 vd->tlsauthzid = NULL;
3238 if (vd->lock_key_sync) {
3239 qemu_remove_led_event_handler(vd->led);
3242 #ifdef CONFIG_VNC_SASL
3243 if (vd->sasl.authz) {
3244 object_unparent(OBJECT(vd->sasl.authz));
3245 vd->sasl.authz = NULL;
3247 g_free(vd->sasl.authzid);
3248 vd->sasl.authzid = NULL;
3252 int vnc_display_password(const char *id, const char *password)
3254 VncDisplay *vd = vnc_display_find(id);
3259 if (vd->auth == VNC_AUTH_NONE) {
3260 error_printf_unless_qmp("If you want use passwords please enable "
3261 "password auth using '-vnc ${dpy},password'.\n");
3265 g_free(vd->password);
3266 vd->password = g_strdup(password);
3271 int vnc_display_pw_expire(const char *id, time_t expires)
3273 VncDisplay *vd = vnc_display_find(id);
3279 vd->expires = expires;
3283 static void vnc_display_print_local_addr(VncDisplay *vd)
3285 SocketAddress *addr;
3287 if (!vd->listener || !vd->listener->nsioc) {
3291 addr = qio_channel_socket_get_local_address(vd->listener->sioc[0], NULL);
3296 if (addr->type != SOCKET_ADDRESS_TYPE_INET) {
3297 qapi_free_SocketAddress(addr);
3300 error_printf_unless_qmp("VNC server running on %s:%s\n",
3303 qapi_free_SocketAddress(addr);
3306 static QemuOptsList qemu_vnc_opts = {
3308 .head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head),
3309 .implied_opt_name = "vnc",
3313 .type = QEMU_OPT_STRING,
3315 .name = "websocket",
3316 .type = QEMU_OPT_STRING,
3318 .name = "tls-creds",
3319 .type = QEMU_OPT_STRING,
3322 .type = QEMU_OPT_STRING,
3325 .type = QEMU_OPT_STRING,
3328 .type = QEMU_OPT_NUMBER,
3330 .name = "connections",
3331 .type = QEMU_OPT_NUMBER,
3334 .type = QEMU_OPT_NUMBER,
3337 .type = QEMU_OPT_BOOL,
3340 .type = QEMU_OPT_BOOL,
3343 .type = QEMU_OPT_BOOL,
3346 .type = QEMU_OPT_BOOL,
3348 .name = "lock-key-sync",
3349 .type = QEMU_OPT_BOOL,
3351 .name = "key-delay-ms",
3352 .type = QEMU_OPT_NUMBER,
3355 .type = QEMU_OPT_BOOL,
3358 .type = QEMU_OPT_BOOL,
3360 .name = "tls-authz",
3361 .type = QEMU_OPT_STRING,
3363 .name = "sasl-authz",
3364 .type = QEMU_OPT_STRING,
3367 .type = QEMU_OPT_BOOL,
3369 .name = "non-adaptive",
3370 .type = QEMU_OPT_BOOL,
3373 .type = QEMU_OPT_STRING,
3375 { /* end of list */ }
3381 vnc_display_setup_auth(int *auth,
3383 QCryptoTLSCreds *tlscreds,
3390 * We have a choice of 3 authentication options
3396 * The channel can be run in 2 modes
3401 * And TLS can use 2 types of credentials
3406 * We thus have 9 possible logical combinations
3411 * 4. tls + anon + none
3412 * 5. tls + anon + vnc
3413 * 6. tls + anon + sasl
3414 * 7. tls + x509 + none
3415 * 8. tls + x509 + vnc
3416 * 9. tls + x509 + sasl
3418 * These need to be mapped into the VNC auth schemes
3419 * in an appropriate manner. In regular VNC, all the
3420 * TLS options get mapped into VNC_AUTH_VENCRYPT
3423 * In websockets, the https:// protocol already provides
3424 * TLS support, so there is no need to make use of the
3425 * VeNCrypt extension. Furthermore, websockets browser
3426 * clients could not use VeNCrypt even if they wanted to,
3427 * as they cannot control when the TLS handshake takes
3428 * place. Thus there is no option but to rely on https://,
3429 * meaning combinations 4->6 and 7->9 will be mapped to
3430 * VNC auth schemes in the same way as combos 1->3.
3432 * Regardless of fact that we have a different mapping to
3433 * VNC auth mechs for plain VNC vs websockets VNC, the end
3434 * result has the same security characteristics.
3436 if (websocket || !tlscreds) {
3438 VNC_DEBUG("Initializing VNC server with password auth\n");
3439 *auth = VNC_AUTH_VNC;
3441 VNC_DEBUG("Initializing VNC server with SASL auth\n");
3442 *auth = VNC_AUTH_SASL;
3444 VNC_DEBUG("Initializing VNC server with no auth\n");
3445 *auth = VNC_AUTH_NONE;
3447 *subauth = VNC_AUTH_INVALID;
3449 bool is_x509 = object_dynamic_cast(OBJECT(tlscreds),
3450 TYPE_QCRYPTO_TLS_CREDS_X509) != NULL;
3451 bool is_anon = object_dynamic_cast(OBJECT(tlscreds),
3452 TYPE_QCRYPTO_TLS_CREDS_ANON) != NULL;
3454 if (!is_x509 && !is_anon) {
3456 "Unsupported TLS cred type %s",
3457 object_get_typename(OBJECT(tlscreds)));
3460 *auth = VNC_AUTH_VENCRYPT;
3463 VNC_DEBUG("Initializing VNC server with x509 password auth\n");
3464 *subauth = VNC_AUTH_VENCRYPT_X509VNC;
3466 VNC_DEBUG("Initializing VNC server with TLS password auth\n");
3467 *subauth = VNC_AUTH_VENCRYPT_TLSVNC;
3472 VNC_DEBUG("Initializing VNC server with x509 SASL auth\n");
3473 *subauth = VNC_AUTH_VENCRYPT_X509SASL;
3475 VNC_DEBUG("Initializing VNC server with TLS SASL auth\n");
3476 *subauth = VNC_AUTH_VENCRYPT_TLSSASL;
3480 VNC_DEBUG("Initializing VNC server with x509 no auth\n");
3481 *subauth = VNC_AUTH_VENCRYPT_X509NONE;
3483 VNC_DEBUG("Initializing VNC server with TLS no auth\n");
3484 *subauth = VNC_AUTH_VENCRYPT_TLSNONE;
3492 static int vnc_display_get_address(const char *addrstr,
3501 SocketAddress **retaddr,
3505 SocketAddress *addr = NULL;
3507 addr = g_new0(SocketAddress, 1);
3509 if (strncmp(addrstr, "unix:", 5) == 0) {
3510 addr->type = SOCKET_ADDRESS_TYPE_UNIX;
3511 addr->u.q_unix.path = g_strdup(addrstr + 5);
3514 error_setg(errp, "UNIX sockets not supported with websock");
3519 error_setg(errp, "Port range not support with UNIX socket");
3526 unsigned long long baseport = 0;
3527 InetSocketAddress *inet;
3529 port = strrchr(addrstr, ':');
3535 error_setg(errp, "no vnc port specified");
3539 hostlen = port - addrstr;
3541 if (*port == '\0') {
3542 error_setg(errp, "vnc port cannot be empty");
3547 addr->type = SOCKET_ADDRESS_TYPE_INET;
3548 inet = &addr->u.inet;
3549 if (addrstr[0] == '[' && addrstr[hostlen - 1] == ']') {
3550 inet->host = g_strndup(addrstr + 1, hostlen - 2);
3552 inet->host = g_strndup(addrstr, hostlen);
3554 /* plain VNC port is just an offset, for websocket
3555 * port is absolute */
3557 if (g_str_equal(addrstr, "") ||
3558 g_str_equal(addrstr, "on")) {
3559 if (displaynum == -1) {
3560 error_setg(errp, "explicit websocket port is required");
3563 inet->port = g_strdup_printf(
3564 "%d", displaynum + 5700);
3566 inet->has_to = true;
3567 inet->to = to + 5700;
3570 inet->port = g_strdup(port);
3573 int offset = reverse ? 0 : 5900;
3574 if (parse_uint_full(port, &baseport, 10) < 0) {
3575 error_setg(errp, "can't convert to a number: %s", port);
3578 if (baseport > 65535 ||
3579 baseport + offset > 65535) {
3580 error_setg(errp, "port %s out of range", port);
3583 inet->port = g_strdup_printf(
3584 "%d", (int)baseport + offset);
3587 inet->has_to = true;
3588 inet->to = to + offset;
3593 inet->has_ipv4 = has_ipv4;
3595 inet->has_ipv6 = has_ipv6;
3604 qapi_free_SocketAddress(addr);
3609 static void vnc_free_addresses(SocketAddress ***retsaddr,
3614 for (i = 0; i < *retnsaddr; i++) {
3615 qapi_free_SocketAddress((*retsaddr)[i]);
3623 static int vnc_display_get_addresses(QemuOpts *opts,
3625 SocketAddress ***retsaddr,
3627 SocketAddress ***retwsaddr,
3631 SocketAddress *saddr = NULL;
3632 SocketAddress *wsaddr = NULL;
3633 QemuOptsIter addriter;
3635 int to = qemu_opt_get_number(opts, "to", 0);
3636 bool has_ipv4 = qemu_opt_get(opts, "ipv4");
3637 bool has_ipv6 = qemu_opt_get(opts, "ipv6");
3638 bool ipv4 = qemu_opt_get_bool(opts, "ipv4", false);
3639 bool ipv6 = qemu_opt_get_bool(opts, "ipv6", false);
3640 int displaynum = -1;
3648 addr = qemu_opt_get(opts, "vnc");
3649 if (addr == NULL || g_str_equal(addr, "none")) {
3653 if (qemu_opt_get(opts, "websocket") &&
3654 !qcrypto_hash_supports(QCRYPTO_HASH_ALG_SHA1)) {
3656 "SHA1 hash support is required for websockets");
3660 qemu_opt_iter_init(&addriter, opts, "vnc");
3661 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) {
3663 rv = vnc_display_get_address(addr, false, reverse, 0, to,
3670 /* Historical compat - first listen address can be used
3671 * to set the default websocket port
3673 if (displaynum == -1) {
3676 *retsaddr = g_renew(SocketAddress *, *retsaddr, *retnsaddr + 1);
3677 (*retsaddr)[(*retnsaddr)++] = saddr;
3680 /* If we had multiple primary displays, we don't do defaults
3681 * for websocket, and require explicit config instead. */
3682 if (*retnsaddr > 1) {
3686 qemu_opt_iter_init(&addriter, opts, "websocket");
3687 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) {
3688 if (vnc_display_get_address(addr, true, reverse, displaynum, to,
3691 &wsaddr, errp) < 0) {
3695 /* Historical compat - if only a single listen address was
3696 * provided, then this is used to set the default listen
3697 * address for websocket too
3699 if (*retnsaddr == 1 &&
3700 (*retsaddr)[0]->type == SOCKET_ADDRESS_TYPE_INET &&
3701 wsaddr->type == SOCKET_ADDRESS_TYPE_INET &&
3702 g_str_equal(wsaddr->u.inet.host, "") &&
3703 !g_str_equal((*retsaddr)[0]->u.inet.host, "")) {
3704 g_free(wsaddr->u.inet.host);
3705 wsaddr->u.inet.host = g_strdup((*retsaddr)[0]->u.inet.host);
3708 *retwsaddr = g_renew(SocketAddress *, *retwsaddr, *retnwsaddr + 1);
3709 (*retwsaddr)[(*retnwsaddr)++] = wsaddr;
3715 vnc_free_addresses(retsaddr, retnsaddr);
3716 vnc_free_addresses(retwsaddr, retnwsaddr);
3721 static int vnc_display_connect(VncDisplay *vd,
3722 SocketAddress **saddr,
3724 SocketAddress **wsaddr,
3728 /* connect to viewer */
3729 QIOChannelSocket *sioc = NULL;
3731 error_setg(errp, "Cannot use websockets in reverse mode");
3735 error_setg(errp, "Expected a single address in reverse mode");
3738 /* TODO SOCKET_ADDRESS_TYPE_FD when fd has AF_UNIX */
3739 vd->is_unix = saddr[0]->type == SOCKET_ADDRESS_TYPE_UNIX;
3740 sioc = qio_channel_socket_new();
3741 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-reverse");
3742 if (qio_channel_socket_connect_sync(sioc, saddr[0], errp) < 0) {
3745 vnc_connect(vd, sioc, false, false);
3746 object_unref(OBJECT(sioc));
3751 static int vnc_display_listen(VncDisplay *vd,
3752 SocketAddress **saddr,
3754 SocketAddress **wsaddr,
3761 vd->listener = qio_net_listener_new();
3762 qio_net_listener_set_name(vd->listener, "vnc-listen");
3763 for (i = 0; i < nsaddr; i++) {
3764 if (qio_net_listener_open_sync(vd->listener,
3771 qio_net_listener_set_client_func(vd->listener,
3772 vnc_listen_io, vd, NULL);
3776 vd->wslistener = qio_net_listener_new();
3777 qio_net_listener_set_name(vd->wslistener, "vnc-ws-listen");
3778 for (i = 0; i < nwsaddr; i++) {
3779 if (qio_net_listener_open_sync(vd->wslistener,
3786 qio_net_listener_set_client_func(vd->wslistener,
3787 vnc_listen_io, vd, NULL);
3794 void vnc_display_open(const char *id, Error **errp)
3796 VncDisplay *vd = vnc_display_find(id);
3797 QemuOpts *opts = qemu_opts_find(&qemu_vnc_opts, id);
3798 SocketAddress **saddr = NULL, **wsaddr = NULL;
3799 size_t nsaddr, nwsaddr;
3800 const char *share, *device_id;
3802 bool password = false;
3803 bool reverse = false;
3807 const char *tlsauthz;
3808 const char *saslauthz;
3809 int lock_key_sync = 1;
3811 const char *audiodev;
3814 error_setg(errp, "VNC display not active");
3817 vnc_display_close(vd);
3823 reverse = qemu_opt_get_bool(opts, "reverse", false);
3824 if (vnc_display_get_addresses(opts, reverse, &saddr, &nsaddr,
3825 &wsaddr, &nwsaddr, errp) < 0) {
3829 password = qemu_opt_get_bool(opts, "password", false);
3831 if (fips_get_state()) {
3833 "VNC password auth disabled due to FIPS mode, "
3834 "consider using the VeNCrypt or SASL authentication "
3835 "methods as an alternative");
3838 if (!qcrypto_cipher_supports(
3839 QCRYPTO_CIPHER_ALG_DES_RFB, QCRYPTO_CIPHER_MODE_ECB)) {
3841 "Cipher backend does not support DES RFB algorithm");
3846 lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true);
3847 key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 10);
3848 sasl = qemu_opt_get_bool(opts, "sasl", false);
3849 #ifndef CONFIG_VNC_SASL
3851 error_setg(errp, "VNC SASL auth requires cyrus-sasl support");
3854 #endif /* CONFIG_VNC_SASL */
3855 credid = qemu_opt_get(opts, "tls-creds");
3858 creds = object_resolve_path_component(
3859 object_get_objects_root(), credid);
3861 error_setg(errp, "No TLS credentials with id '%s'",
3865 vd->tlscreds = (QCryptoTLSCreds *)
3866 object_dynamic_cast(creds,
3867 TYPE_QCRYPTO_TLS_CREDS);
3868 if (!vd->tlscreds) {
3869 error_setg(errp, "Object with id '%s' is not TLS credentials",
3873 object_ref(OBJECT(vd->tlscreds));
3875 if (vd->tlscreds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
3877 "Expecting TLS credentials with a server endpoint");
3881 if (qemu_opt_get(opts, "acl")) {
3882 error_report("The 'acl' option to -vnc is deprecated. "
3883 "Please use the 'tls-authz' and 'sasl-authz' "
3886 acl = qemu_opt_get_bool(opts, "acl", false);
3887 tlsauthz = qemu_opt_get(opts, "tls-authz");
3888 if (acl && tlsauthz) {
3889 error_setg(errp, "'acl' option is mutually exclusive with the "
3890 "'tls-authz' option");
3893 if (tlsauthz && !vd->tlscreds) {
3894 error_setg(errp, "'tls-authz' provided but TLS is not enabled");
3898 saslauthz = qemu_opt_get(opts, "sasl-authz");
3899 if (acl && saslauthz) {
3900 error_setg(errp, "'acl' option is mutually exclusive with the "
3901 "'sasl-authz' option");
3904 if (saslauthz && !sasl) {
3905 error_setg(errp, "'sasl-authz' provided but SASL auth is not enabled");
3909 share = qemu_opt_get(opts, "share");
3911 if (strcmp(share, "ignore") == 0) {
3912 vd->share_policy = VNC_SHARE_POLICY_IGNORE;
3913 } else if (strcmp(share, "allow-exclusive") == 0) {
3914 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
3915 } else if (strcmp(share, "force-shared") == 0) {
3916 vd->share_policy = VNC_SHARE_POLICY_FORCE_SHARED;
3918 error_setg(errp, "unknown vnc share= option");
3922 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
3924 vd->connections_limit = qemu_opt_get_number(opts, "connections", 32);
3926 #ifdef CONFIG_VNC_JPEG
3927 vd->lossy = qemu_opt_get_bool(opts, "lossy", false);
3929 vd->non_adaptive = qemu_opt_get_bool(opts, "non-adaptive", false);
3930 /* adaptive updates are only used with tight encoding and
3931 * if lossy updates are enabled so we can disable all the
3932 * calculations otherwise */
3934 vd->non_adaptive = true;
3938 vd->tlsauthzid = g_strdup(tlsauthz);
3940 if (strcmp(vd->id, "default") == 0) {
3941 vd->tlsauthzid = g_strdup("vnc.x509dname");
3943 vd->tlsauthzid = g_strdup_printf("vnc.%s.x509dname", vd->id);
3945 vd->tlsauthz = QAUTHZ(qauthz_list_new(vd->tlsauthzid,
3946 QAUTHZ_LIST_POLICY_DENY,
3949 #ifdef CONFIG_VNC_SASL
3952 vd->sasl.authzid = g_strdup(saslauthz);
3954 if (strcmp(vd->id, "default") == 0) {
3955 vd->sasl.authzid = g_strdup("vnc.username");
3957 vd->sasl.authzid = g_strdup_printf("vnc.%s.username", vd->id);
3959 vd->sasl.authz = QAUTHZ(qauthz_list_new(vd->sasl.authzid,
3960 QAUTHZ_LIST_POLICY_DENY,
3966 if (vnc_display_setup_auth(&vd->auth, &vd->subauth,
3967 vd->tlscreds, password,
3968 sasl, false, errp) < 0) {
3971 trace_vnc_auth_init(vd, 0, vd->auth, vd->subauth);
3973 if (vnc_display_setup_auth(&vd->ws_auth, &vd->ws_subauth,
3974 vd->tlscreds, password,
3975 sasl, true, errp) < 0) {
3978 trace_vnc_auth_init(vd, 1, vd->ws_auth, vd->ws_subauth);
3980 #ifdef CONFIG_VNC_SASL
3982 int saslErr = sasl_server_init(NULL, "qemu");
3984 if (saslErr != SASL_OK) {
3985 error_setg(errp, "Failed to initialize SASL auth: %s",
3986 sasl_errstring(saslErr, NULL, NULL));
3991 vd->lock_key_sync = lock_key_sync;
3992 if (lock_key_sync) {
3993 vd->led = qemu_add_led_event_handler(kbd_leds, vd);
3997 audiodev = qemu_opt_get(opts, "audiodev");
3999 vd->audio_state = audio_state_by_name(audiodev);
4000 if (!vd->audio_state) {
4001 error_setg(errp, "Audiodev '%s' not found", audiodev);
4006 device_id = qemu_opt_get(opts, "display");
4008 int head = qemu_opt_get_number(opts, "head", 0);
4011 con = qemu_console_lookup_by_device_name(device_id, head, &err);
4013 error_propagate(errp, err);
4020 if (con != vd->dcl.con) {
4021 qkbd_state_free(vd->kbd);
4022 unregister_displaychangelistener(&vd->dcl);
4024 register_displaychangelistener(&vd->dcl);
4025 vd->kbd = qkbd_state_init(vd->dcl.con);
4027 qkbd_state_set_delay(vd->kbd, key_delay_ms);
4029 if (saddr == NULL) {
4034 if (vnc_display_connect(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) {
4038 if (vnc_display_listen(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) {
4043 if (qemu_opt_get(opts, "to")) {
4044 vnc_display_print_local_addr(vd);
4048 vnc_free_addresses(&saddr, &nsaddr);
4049 vnc_free_addresses(&wsaddr, &nwsaddr);
4053 vnc_display_close(vd);
4057 void vnc_display_add_client(const char *id, int csock, bool skipauth)
4059 VncDisplay *vd = vnc_display_find(id);
4060 QIOChannelSocket *sioc;
4066 sioc = qio_channel_socket_new_fd(csock, NULL);
4068 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-server");
4069 vnc_connect(vd, sioc, skipauth, false);
4070 object_unref(OBJECT(sioc));
4074 static void vnc_auto_assign_id(QemuOptsList *olist, QemuOpts *opts)
4079 id = g_strdup("default");
4080 while (qemu_opts_find(olist, id)) {
4082 id = g_strdup_printf("vnc%d", i++);
4084 qemu_opts_set_id(opts, id);
4087 QemuOpts *vnc_parse(const char *str, Error **errp)
4089 QemuOptsList *olist = qemu_find_opts("vnc");
4090 QemuOpts *opts = qemu_opts_parse(olist, str, true, errp);
4097 id = qemu_opts_id(opts);
4099 /* auto-assign id if not present */
4100 vnc_auto_assign_id(olist, opts);
4105 int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp)
4107 Error *local_err = NULL;
4108 char *id = (char *)qemu_opts_id(opts);
4111 vnc_display_init(id, &local_err);
4113 error_propagate(errp, local_err);
4116 vnc_display_open(id, &local_err);
4117 if (local_err != NULL) {
4118 error_propagate(errp, local_err);
4124 static void vnc_register_config(void)
4126 qemu_add_opts(&qemu_vnc_opts);
4128 opts_init(vnc_register_config);
projects / qemu.git / blob