History | View | Annotate | Download (96.2 kB)
vnc: fix use-after-free in vnc_update_client_sync
Spotted by Coverity:
876 static int vnc_update_client_sync(VncState *vs, int has_dirty)877 {
(1) Event freed_arg: "vnc_update_client(VncState *, int)" frees "vs". [details]Also see events: [deref_arg]...
ui/vnc: introduce VNC_DIRTY_PIXELS_PER_BIT macro
Signed-off-by: Peter Lieven <pl@kamp.de>Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
ui/vnc: derive cmp_bytes from VNC_DIRTY_PIXELS_PER_BIT
this allows for setting VNC_DIRTY_PIXELS_PER_BIT to differentvalues than 16 if desired.
Reviewed-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>Signed-off-by: Peter Lieven <pl@kamp.de>Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
ui/vnc: optimize dirty bitmap tracking
vnc_update_client currently scans the dirty bitmap of each clientbitwise which is a very costly operation if only few bits are dirty.vnc_refresh_server_surface does almost the same.this patch optimizes both by utilizing the heavily optimized...
ui/vnc: optimize clearing in find_and_clear_dirty_height()
The following artifical test (just the bitmap operation part) runningvnc_update_client 65536 times on a 2560x2048 surface illustrates theperformance difference:
All bits clean - vnc_update_client_new: 0.07 secs...
ui/vnc: optimize setting in vnc_dpy_update()
ui/vnc: disable adaptive update calculations if not needed
Signed-off-by: Peter Lieven <pl@kamp.de>Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
input: mouse: switch vnc ui to new core
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
input: keyboard: switch vnc ui to new core
vnc: use booleans for vnc_connect, vnc_listen_read and vnc_display_add_client
Some arguments to these functions are booleans - either by declaration,or by actual usage, but sometimes value of 0 or 1 is passed for a bool,and sometimes it is declared as int but a bool value, or true/false,...
vnc: Make ledstate comparison before modifiers updated
The ledstate should be compared before modifiers updated,otherwise the ledstate would be the same as current_led_state.
Reported-by: Gerd Hoffmann <kraxel@redhat.com>Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com>...
TLS support for VNC Websockets
Added TLS support to the VNC QEMU Websockets implementation.VNC-TLS needs to be enabled for this feature to be used.
The required certificates are specified as in case of VNC-TLSwith the VNC parameter "x509=<path>".
If the server certificate isn't signed by a rooth authority it needs to...
vnc: Support for LED state extension
Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com>Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>Message-id: 1366867752-11578-3-git-send-email-lilei@linux.vnet.ibm.comSigned-off-by: Anthony Liguori <aliguori@us.ibm.com>
vnc: Adjust lock state sync logic with VNC_FEATURE_LED_STATE
Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com>Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>Message-id: 1366867752-11578-4-git-send-email-lilei@linux.vnet.ibm.comSigned-off-by: Anthony Liguori <aliguori@us.ibm.com>
vnc: Add SCROLL lock key to kbd_leds
Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com>Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>Message-id: 1366867752-11578-2-git-send-email-lilei@linux.vnet.ibm.comSigned-off-by: Anthony Liguori <aliguori@us.ibm.com>
console: zap ds arg from register_displaychangelistener
We don't have multiple DisplayStates any more,so passing it in as argument is not needed.
console: add qemu_console_is_*
console: gui timer fixes
Make gui update rate adaption code in gui_update() actually work.Sprinkle in a tracepoint so you can see the code at work. Removethe update rate adaption code in vnc and make vnc simply use thegeneric bits instead.
console: rename vga_hw_*, add QemuConsole param
Add QemuConsole parameter to vga_hw_*, so the interface allows to updatenon-active consoles (the actual code can't handle this yet, see nextpatch). Passing NULL is allowed and updates the active console, like...
oslib-posix: rename socket_set_nonblock() to qemu_set_nonblock()
The fcntl(fd, F_SETFL, O_NONBLOCK) flag is not specific to sockets.Rename to qemu_set_nonblock() just like qemu_set_cloexec().
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>Reviewed-by: Eric Blake <eblake@redhat.com>...
console: zap displaystate from dcl callbacks
Now that nobody depends on DisplayState in DisplayChangeListenercallbacks any more we can remove the parameter from all callbacks.
console: fix displaychangelisteners interface
Split callbacks into separate Ops struct. Pass DisplayChangeListenerpointer as first argument to all callbacks. Uninline a bunch ofdisplay functions and move them from console.h to console.c
console: kill DisplayState->opaque
It's broken by design. There can be multiple DisplayChangeListenerinstances, so they simply can't store state in the (single) DisplayStatestruct. Try 'qemu -display gtk -vnc :0', watch it crash & burn.
With DisplayChangeListenerOps having a more sane interface now we can...
console: rework DisplaySurface handling [dcl/ui side]
Replace the dpy_gfx_resize and dpy_gfx_setdata DisplayChangeListenercallbacks with a dpy_gfx_switch callback which notifies the ui codewhen the framebuffer backing storage changes.
vnc: stop using DisplayState
Rework DisplayStateListener callbacks to not use the DisplayStateany more.
vnc: added buffer_advance function
Following Anthony Liguori's Websocket implementation I have added thebuffer_advance function to VNC and replaced all related buffer memmoveoperations with it.
Signed-off-by: Tim Hardeck <thardeck@suse.de>Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>...
vnc: added initial websocket protocol support
This patch adds basic Websocket Protocol version 13 - RFC 6455 - supportto QEMU VNC. Binary encoding support on the client side is mandatory.
Because of the GnuTLS requirement the Websockets implementation is...
vnc: fix possible uninitialized removals
Some VncState values are not initialized before the Websocket handshake.If it fails QEMU segfaults during the cleanup. To prevent this behaviorintialization checks are added.
Signed-off-by: Tim Hardeck <thardeck@suse.de>...
softmmu: move include files to include/sysemu/
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
misc: move include files to include/qemu/
qapi: move include files to include/qobject/
pixman: fix vnc tight png/jpeg support
This patch adds an x argument to qemu_pixman_linebuf_fill so it canalso be used to convert a partial scanline. Then fix tight + png/jpegencoding by passing in the x+y offset, so the data is read from thecorrect screen location instead of the upper left corner....
vnc: fix option misspelling ("non-adapative" -> "non-adaptive")
Signed-off-by: Catalin Patulea <catalinp@google.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Merge branch 'trivial-patches' of git://github.com/stefanha/qemu
vnc: add missing static
Add missing 'static' qualifiers.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
pixman/vnc: remove dead code.
Switching the vnc server framebuffer to use 32bpp unconditionallyturns the code bits which handle 8 and 16 bpp into dead code.Remove them.
pixman/vnc: use pixman images in vnc.
The vnc code uses three DisplaySurfaces:
First is the surface of the actual QemuConsole, usually the guestscreen, but could also be a text console (monitor/serial reachable viaCtrl-Alt-<nr> keys). This is left as-is....
console: untangle gfx & txt updates
Stop abusing displaysurface fields for text mode displays.(bpp = 0, width = cols, height = lines).
Add flags to displaystate indicating whenever text mode display(curses) or gfx mode displays (sdl, vnc, ...) are present....
console: move set_mouse + cursor_define callbacks
When adding DisplayChangeListeners the set_mouse and cursor_definecallbacks have been left in DisplayState for some reason. Fix it.
vnc: add error propagation to vnc_display_open
Before:
$ qemu-system-x86_64 -vnc foo.bar:12345 getaddrinfo(foo.bar,18245): Name or service not known Failed to start VNC server on `foo.bar:12345'
$ qemu-system-x86_64 -vnc localhost:12345,reverse=on...
vnc: drop QERR_VNC_SERVER_FAILED
We now always return "nice" error messages in errp when we goto fail.Drop the default error message.
vnc: avoid Yoda conditionals
vnc: introduce a single label for error returns
vnc: reorganize code for reverse mode
Avoid the dance between csock and vs->lsock.
qemu-sockets: add Error ** to all functions
This lets me adjust the clients to do proper error propagation first,thus avoiding temporary regressions in the quality of the error messages.
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
ui/vnc: Only report/use TIGHT_PNG encoding if enabled.
If TIGHT_PNG is not enabled by the --enable-vnc-png configure flagthen do not report to the client that it is supported.
Also, since TIGHT_PNG is the same as the TIGHT encoding but with thefilter/copy replaced with PNG data, adding it to the supported...
vnc: fix "info vnc" with "-vnc ..., reverse=on"
When reverse connection is in use, there is no active VNC serversocket. Because of this, getsockopt(-1, ...) is attempted andthe following error is emitted:
$ socat TCP-LISTEN:5900,reuseaddr TCP-LISTEN:5901,reuseaddr &...
Separate inet_connect into inet_connect (blocking) and inet_nonblocking_connect
No need to add non blocking parameters to the blocking inet_connectadd block parameter for inet_connect_opts instead of using QemuOpt "block".
Signed-off-by: Orit Wasserman <owasserm@redhat.com>...
net: inet_connect(), inet_connect_opts(): add in_progress argument
It's used to indicate the special case where a valid file-descriptoris returned (ie. success) but the connection can't be completedw/o blocking.
This is needed because QERR_SOCKET_CONNECT_IN_PROGRESS is not...
vnc: disable VNC password authentication (security type 2) when in FIPS mode
FIPS 140-2 requires disabling certain ciphers, including DES, which is usedby VNC to obscure passwords when they are sent over the network. Thesolution for FIPS users is to disable the use of VNC password auth when the...
Avoid returning void
It's silly and non-conforming to standards to return void,don't do it.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Remove support for non-threaded VNC server
QEMU now has a fundamental requirement for pthreads, so thereis no compelling reason to retain support for the non-threadedVNC server. Remove the --{enable,disable}-vnc-thread configurearguments, and all CONFIG_VNC_THREAD conditionals...
vnc: fix segfault in vnc_display_pw_expire()
NULL pointer dereference in case no vnc server is configured.Catch this and return -EINVAL like vnc_display_password() does.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
sockets: change inet_connect() to support nonblock socket
Add a bool argument to inet_connect() to assign if set socketto block/nonblock, and delete original argument 'socktype'that is unused.Add a new argument to inet_connect()/inet_connect_opts(),to pass back connect error by error class....
sockets: use error class to pass listen error
Add a new argument in inet_listen()/inet_listen_opts()to pass back listen error.
Change nbd, qemu-char, vnc to use new interface.
Signed-off-by: Amos Kong <akong@redhat.com>Reviewed-by: Orit Wasserman <owasserm@redhat.com>...
vnc: don't mess up with iohandlers in the vnc thread
The threaded VNC servers messed up with QEMU fd handlers withoutany kind of locking, and that can cause some nasty race conditions.
Using qemu_mutex_lock_iothread() won't work because vnc_dpy_cpy(),which will wait for the current job queue to finish, can be called with...
vnc: Limit r/w access to size of allocated memory
This fixes memory reads and writes which exceeded the upper limitof allocated memory vd->guest.ds->data and vd->server->data.
Cc: Anthony Liguori <aliguori@us.ibm.com>Signed-off-by: Stefan Weil <weil@mail.berlios.de>...
implement vnc_dpy_setdata
The comment is wrong, we have to do something in the setdata callback.Changing the framebuffer backing storage (happens when the guest pansthe display) renders the whole screen content invalid.
Trigger #1: cirrus vga + 32bit linux guest + vesafb with ypan enabled....
vnc: Don't demote authentication scheme when changing password/disabling login
Currently when disabling login in VNC, the password is cleared out and theauthentication protocol is forced to AUTH_VNC. If you're using a strongerauthentication protocol, this has the effect of downgrading your security...
Fix vnc memory corruption with width = 1400
vnc assumes that the screen width is a multiple of 16 in several places.If this is not the case vnc will overrun buffers, corrupt memory, makeqemu crash.
This is the minimum fix for this bug. It makes sure we don't overrun the...
vnc: fix ctrl key in vnc terminal emulation
Make the control keys for terminals on the vnc display(i.e. qemu -vnc :0 -serial vc) work. Makes the terminalsalot more usable as typing Ctrl-C in your serial consoleactually has the desired effect ;)
vnc: implement shared flag handling.
VNC clients send a shared flag in the client init message. Up to nowqemu completely ignores this. This patch implements shared flaghandling. It comes with three policies: By default qemu behaves as onewould expect: Asking for a exclusive access grants exclusive access to...
vnc: lift modifier keys on client disconnect.
For any modifier key (shift, ctrl, alt) still pressed on disconnectinject a key-up event into the guest. The vnc client is gone, it willnot do that, so qemu has to do it instead.
Without this keys will get stuck, making the guest act in weird ways...
vnc: Simplify vnc_display_password()
Drop the qerror_report() call from it and let its callers set the errorthemselves. This also allows for dropping the 'ret' variable.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
vnc: fix no-lock-key-sync strncmp() length
The no-lock-key-sync option is being parsed incorrectly because of anoutdated strcmp() length value. Use the correct length so that invalidoption names do not match.
Reported-by: Dr David Alan Gilbert <davidagilbert@uk.ibm.com>...
fix typo: delete redundant semicolon
Double semicolons should be single.
Signed-off-by: Dong Xu Wang <wdongxu@linux.vnet.ibm.com>Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
fix spelling in ui sub directory
Cc: Anthony Liguori <aliguori@us.ibm.com>Signed-off-by: Dong Xu Wang <wdongxu@linux.vnet.ibm.com>Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
ui/vnc: Fix use of free() instead of g_free()
Please note that mechlist still uses malloc / strdup / free.
Signed-off-by: Stefan Weil <sw@weilnetz.de>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
qapi: Convert query-vnc
There are three important remarks in relation to the non-qapi command:
1. This commit also fixes the behavior of the 'query-vnc' and 'info vnc' commands to return an error when qemu is built without VNC support (ie. --disable-vnc). The non-qapi command would return the OK...
Use glib memory allocation and free functions
qemu_malloc/qemu_free no longer exist after this commit.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Wrap recv to avoid warnings
Avoid warnings like these by wrapping recv(): CC slirp/ip_icmp.o/src/qemu/slirp/ip_icmp.c: In function 'icmp_receive':/src/qemu/slirp/ip_icmp.c:418:5: error: passing argument 2 of 'recv' from incompatible pointer type [-Werror]...
notifier: Pass data argument to callback
This allows to pass additional information to the notifier callbackwhich is useful if sender and receiver do not share any other distinctdata structure.
Will be used first for the clock reset notifier.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>...
Store VNC auth scheme per-client as well as per-server
A future patch will introduce a situation where differentclients may have different authentication schemes set.When a new client arrives, copy the 'auth' and 'subauth'fields from VncDisplay into the client's VncState, and...
Introduce a 'client_add' monitor command accepting an open FD
Allow client connections for VNC and socket based characterdevices to be passed in over the monitor using SCM_RIGHTS.
One intended usage scenario is to start QEMU with VNC on aUNIX domain socket. An unprivileged user which cannot access...
vnc: fix build error from VNC_DIRTY_WORDS
Make VNC support optional
Per default VNC is enabled.
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
fix vnc regression
This patch fix the following regression:1. we should use bitmap_set() and bitmap_clear() to replace vnc_set_bits().
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
change all rt_clock references to use millisecond resolution accessors
This was done with:
sed -i '/get_clock\>.*rt_clock/s/get_clock\>/get_clock_ms/' \ $(git grep -l 'get_clock\>.*rt_clock' ) sed -i '/new_timer\>.*rt_clock/s/new_timer\>/new_timer_ms/' \...
win32: implement missing timersub
Implement and wrap timersub() for Win32.
Acked-by: Stefan Weil <weil@mail.berlios.de>Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
vnc: Fix stack corruption and other bitmap related bugs
Commit bc2429b9174ac2d3c56b7fd35884b0d89ec7fb02 introduceda severe bug (stack corruption).
bitmap_clear was called with a wrong argumentwhich caused out-of-bound writes to the local variable width_mask....
vnc: fix lossy rect refreshing
The for loop in send_lossy_rect was totally wrong, and we can'tcall vnc_set_bits() because it does not really do what it should.Use vnc_set_bit() directly instead.
Signed-off-by: Corentin Chary <corentincj@iksaif.net>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
vnc: use the new generic bitmap functions
Switch to bitmap.h and bitops.h instead of redefining our own bitmaphelpers.
vnc: don't try to send bigger updates that client height
Respect client size if it doesn't not support desktop resizing.
vnc: add a non-adaptive option
This option allow to disable adaptive behaviors in some encodings.
vnc: Fix fatal crash with vnc reverse mode
Reverse mode is unusable:
qemu -vnc localhost:5500,reverse
crashes in vnc_refresh_server_surface because some pointers are NULL.
Fix this by calling vnc_dpy_resize (which initializes these pointers)before calling vnc_refresh....
vnc: don't set the quality if lossy encoding are disabled
This should not change the current behavior, but if any newencoding try to use the tight quality, it will always be setto -1 when lossy encodings are disabled.
Signed-off-by: Corentin Chary <corentincj@iksaif.net>...
vnc: add a way to get the update frequency for a given region
This patch compute the update frequency (in Hz) for each 64x64 rects.Any adaptive encoding can get this value using vnc_update_freq(), andswitch to a lossy encoding if the value is too high....
vnc: refresh lossy rect after a given timeout
If an adaptive encoding has choosen to send a lossy updatebased on the result of vnc_update_freq(), then it should advertiseit with vnc_sent_lossy_rect(). This will allow to automatically refreshthis rect once it's static again....
vnc: Add ZRLE and ZYWRLE encodings.
Add ZRLE [1] and ZYWRLE [2] encodings. The code is inspire^W stolenfrom libvncserver (again), but have been rewriten to match QEMU codingstyle.
[1] http://www.realvnc.com/docs/rfbproto.pdf[2] http://micro-vnc.jp/research/remote_desktop_ng/ZYWRLE/publications/...
Merge remote branch 'spice/usb.5' into staging
vnc: Fix password expiration through 'change vnc ""' (v2)
commit 52c18be9e99dabe295321153fda7fce9f76647ac introduced a regression in thechange vnc password command that changed the behavior of setting the VNCpassword to an empty string from disabling login to disabling authentication....
vnc: fix numlock+capslock tracking
This patch makes the numlock+capslock tracking logic only look atkeydown events. Without this patch the vnc server will insertbogous capslock keypress in case it sees the following key sequence:
shift down --- 'A' down --- shift up --- 'A' up...
vnc: auth reject cleanup
protocol_client_auth_vnc() has two places where the auth can fail,with identical code sending the reject message to the client.Move the common code to the end of the function and make botherror paths jump there. No functional change....
vnc: support password expire
This patch adds support for expiring passwords to vnc. It adds a newvnc_display_pw_expire() function which specifies the time when thepassword will expire.
vnc: avoid write only variables
Compiling with GCC 4.6.0 20100925 produced warnings:/src/qemu/ui/vnc.c: In function 'vnc_client_cache_auth':/src/qemu/ui/vnc.c:217:12: error: variable 'qdict' set but not used [-Werror=unused-but-set-variable]/src/qemu/ui/vnc.c: In function 'vnc_display_open':...
vnc: check fd before calling qemu_set_fd_handler2() in vnc_client_write()
Setting fd = -1 to qemu_set_fd_handler2() causes bus error at FD_SETin main_loop_wait().
Signed-off-by: Yoshiaki Tamura <tamura.yoshiaki@lab.ntt.co.jp>Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
vnc: tight add PNG encoding
Introduce a new encoding: VNC_ENCODING_TIGHT_PNG [1] (-269) with a newtight filter VNC_TIGHT_PNG (0x0A). When the client tells it supports the Tight PNGencoding, the server will use tight, but will always send encoding pixels using...
vnc: encapsulate encoding members
This will allow to implement the threaded VNC server in amore cleaner way.
vnc: threaded VNC server
Implement a threaded VNC server using the producer-consumer model.The main thread will push encoding jobs (a list a rectangles to update)in a queue, and the VNC worker thread will consume that queue and sendframebuffer updates to the output buffer....
vnc: add missing lock for vnc_cursor_define()
All vnc_write() calls must be locked (except the ones present beforethe protocol initialization).