Some are called do_COMMAND() (old ones, usually), some hmp_COMMAND(),
and sometimes COMMAND pointlessly differs in spelling.
Normalize to hmp_COMMAND(), where COMMAND is exactly the command name
with '-' replaced by '_'.
Exceptions:
* do_device_add() and client_migrate_info() *not* renamed to
hmp_device_add(), hmp_client_migrate_info(), because they're also
QMP handlers. They still need to be converted to QAPI.
* do_memory_dump(), do_physical_memory_dump(), do_ioport_read(),
do_ioport_write() renamed do hmp_* instead of hmp_x(), hmp_xp(),
hmp_i(), hmp_o(), because those names are too cryptic for my taste.
* do_info_help() renamed to hmp_info_help() instead of hmp_info(),
because it only covers help.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
vnc_display_local_addr will not be called with an invalid display id.
Add assert() to silence coverity warning about a null pointer dereference.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
in case we send and update for a complete scanline increment
the y offset to avoid running to find_next_bit for that lines
twice.
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Thomas Huth <thuth@linux.vnet.ibm.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Add new query vnc qmp command, for the lack of better ideas just name it
"query-vnc-servers". Changes over query-vnc:
* It returns a list of vnc servers, so multiple vnc server instances
are covered.
* Each vnc server returns a list of server sockets. Followup patch
will use that to also report websockets. In case we add support for
multiple server sockets server sockets (to better support ipv4+ipv6
dualstack) we can add them to the list too.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Also track the number of connections in "connecting" and "shared" state
(in addition to the "exclusive" state). Apply a configurable limit to
these connections.
The logic to apply the limit to connections in "shared" state is pretty
simple: When the limit is reached no new connections are allowed.
The logic to apply the limit to connections in "connecting" state (this
is the state you are in *before* successful authentication) is
slightly different: A new connect kicks out the oldest client which is
still in "connecting" state. This avoids a easy DoS by unauthenticated
users by simply opening connections until the limit is reached.
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch adds a display= parameter to the vnc options. This allows to
bind a vnc server instance to a specific display, allowing to create a
multiseat setup with a vnc server for each seat.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch switches vnc over to QemuOpts, and it (more or less
as side effect) allows multiple vnc server instances.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
In case the display id is "default" (which is the one you get if you
don't explicitly assign one) we keep the old name scheme, without
display, for backward compatibility reasons.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
DisplayState isn't used anywhere, drop it. Add the vnc server ID as
parameter instead, so it is possible to specify the server instance.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Replace with a vnc_displays list, so we can have multiple vnc server
instances. Add vnc_server_find function to lookup a display by id.
With no id supplied return the first vnc server, for backward
compatibility reasons.
It is not possible (yet) to actually create multiple vnc server
instances.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Teach qemu to set up a Spice server with a UNIX socket using the
following arguments -spice unix,addr=path.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
At least all the ones I've tested. We make the assumption that
SDL is going to be better at conversion than we are.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
[ kraxel: minor format tweaks ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
At least all the ones I've tested. We make the assumption that
pixman is going to be better at conversion than we are.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
[ kraxel: just hook up qemu_pixman_check_format ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
At least all the ones I've tested. We make the assumption that
pixman is going to be better at conversion than we are.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
[ kraxel: just hook up qemu_pixman_check_format ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This allows VGA to decide whether to use a shared surface based on
whether the UI backend supports the format or not. Backends that
don't provide the new callback fallback to native 32 bpp which
is equivalent to what was supported before.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
[ kraxel: fix console check, allow only 32 bpp as fallback ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
In order to remove the logic for detecting supported shared
pixmap formats from device models, make qemu_default_pixman_format()
capable for failing by returning 0 which is not a possible format
value rather than asserting.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Apparently it is possible for X to send an event to a hidden SDL2
window, leading to SDL2 believing it is now shown. SDL2 will pass the
SDL_WINDOWEVENT_SHOWN message to the application without actually
showing the window; the problem is that the next SDL_ShowWindow() will
be a no-op because SDL2 assumes the window is already shown.
The correct way to react to SDL_WINDOWEVENT_SHOWN would be to clear
scon->hidden (analogous for SDL_WINDOWEVENT_HIDDEN). However, due to the
window not actually being shown, this will somehow not be correct after
all.
Therefore, just hide the window on SDL_WINDOWEVENT_SHOWN if it is
supposed to be hidden (and analogous for SDL_WINDOWEVENT_HIDDEN).
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
SDL_PollEvent() polls events for all windows; therefore,
sdl2_poll_events() will poll the events for all windows and not only for
the one identified by the given sdl2_console.
This should be considered in handle_windowevent(): The window affected
by the event is not necessarily the one identified by the sdl2_console
object given to sdl2_poll_events(), but the one identified by
ev->window.windowID.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Now that common event handling code is split off, we can move
over sdl_refresh to sdl2-2d.c, and rename it to sdl2_2d_refresh.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Create a new function to poll and handle sdl2 events,
which is then just called from the refresh timer.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Add a new sdl2_2d_redraw function for a complete screen refresh,
so we can stop using graphic_hw_invalidate for that. There is
no need to bother console / gfx emulation code if we are just
going to re-blit the screen after window resizes.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Split do_sdl_resize function (which does alot more than just resizing)
into three: sdl2_window_{create,destroy,resize}.
Fix SDL_Renderer handling: must be guest display size not host window
size, and SDL2 will magically handle all scaling for us.
Make fullscreen actually enter fullscreen mode and simplify the code.
There is no need to store the original window size, the window manager
will do that for us.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Create new sdl2-2d file for 2d display rendering.
Move over sdl_update code, and rename to sdl2_2d_update.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Makes quite some keys actually go to the guest instead of
being captured by the host window manager.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Create sdl2.h header file, in preparation for sdl2 code splitup.
Populate it with sdl2_console struct (renamed from sdl2_state).
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
If errors happen for middle items of channel_list,
qmp_query_spice_channels() returns NULL, and the variable
cur_item going out of scope leaks the storage it points to.
The flag is a compatibility thing for older spice-server
versions. Meanwhile our minimum spice version requirement is
new enough that we should never ever see this error, and if we
do something went very seriously wrong. Let's using assert()
instead of returning NULL to avoid a memory leak.
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Nothing seems to be using functions from spice-experimental.h (better
that way). Let's remove its inclusion.
Signed-off-by: Marc-André Lureau <marcandre.lureau@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
It is possible to use Spice server without TCP port. On local VM,
qemu (and libvirt) can add new clients thanks to QMP add_client command.
Signed-off-by: Marc-André Lureau <marcandre.lureau@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add fast path to qemu_spice_display_switch in case old and new
displaysurface have identical size (happens with display panning
and page flipping). We just swap the backing store then and don't
go through the whole process of deleting and creating the primary
surface.
To simplify the code a bit move mirror surface allocation to
qemu_spice_display_switch().
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Calling directly doesn't work due to the qxl-render code running in
spice server thread context. Meanwhile bottom half scheduling is
thread-safe though, so we can use that to kick a cursor update in
main i/o thread context.
Cc: Marc-André Lureau <marcandre.lureau@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Compile sdl.c / sdl2.c depending on CONFIG_SDLABI instead of
compiling both and have version #ifdefs in the source code.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
It's hard to read because of the confused coding
style in this file. Let's correct it following Qemu
coding style.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Arguments in wrong order (SWAPPED_ARGUMENTS)
The positions of arguments in the call to
tight_fill_palette do not match the ordering of the parameters:
&fg is passed to bg
&bg is passed to fg
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Ongoing discussions on how we are going to specify the console,
so tag the command as experiental so we can refine things in
the 2.3 development cycle.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1416923657-10614-1-git-send-email-armbru@redhat.com
[Spell out "not a stable API", and x- the QAPI schema, too]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Amos Kong <akong@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This fixes a crash by just skipping the vte resize hack if cur is NULL.
Reproducer:
qemu-system-x86_64 -nodefaults
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
local_err in gd_vc_gfx_init() is not freed, and we don't use it,
so remove it.
Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The 'QemuConsole' is the input source for handler, we share some
input handlers to process the input events from different QemuConsole.
Normally we only have one set of keyboard, mouse, usbtablet, etc.
The devices have different mask, it's fine to just checking mask to
insure that the handler has the ability to process the event.
I saw we try to bind console to handler in usb/dev-hid.c, but display
always isn't available at that time.
If we have multiseat setup (as Gerd said), we only have 'problem' in
this case. Actually event from different devices have the same effect
for system, it's fine to always use the first available handler
without caring about the console.
For send-key command, we just pass a NULL for console parameter in
calling qemu_input_event_send_key(NULL, ..), but 'input-send-event'
needs to care more devices.
Conclusion:
Generally assigning the special console is meanless, and we can't
directly remove the QMP parameter for compatibility.
So we can make the parameter optional. The parameter might be useful
for some special condition: we have multiple devices without binding
console and they all have the ability(mask) to process events, and
we don't want to use the first one.
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
In fullscreen mode, we attempt to shrink the menubar to 1 pixel in height,
so it takes up as little room as possible while still allowing us to use
the keyboard shortcuts for its various operations.
However this shrinking is disregarded on gtk3, so the entire menu bar is
visible, which isn't very pleasant. This patch hides the menu bar instead.
The side effect is that the only keyboard shortcuts that will work in this
mode are the ones that we explicitly register on the top level window and
not the menu bar. The previous patches changed the fullscreen and vc
shortcuts to work like that, which I think are the only ones that really
matter in for the fullscreen case.
https://bugs.launchpad.net/qemu/+bug/1294898
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
So they are usable when we hide the menubar in upcoming patches. This
has the accelerator text caveat as the fullscreen bit in the previous
patch.
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Instead of installing it on the menu. This will be needed to keep the
fullscreen keyboard shortcut working when we hide the menu (in future
patches).
On gtk < 3.8, this has the unfortunate side effect of no longer listing
the key combo in the UI. We could manually change the label in that case,
but it will look visually out of place, and I'm not sure if anyone really
cares.
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
graphic_hw_update and vnc_refresh_server_surface aren't
need to do when no vnc client connected. It can reduce
lock contention, because vnc_refresh will hold global big
lock two millisecond every three seconds.
Signed-off-by: ChenLiang <chenliang88@huawei.com>
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
bits_per_pixel that are less than 8 could result in accessing
non-initialized buffers later in the code due to the expectation
that bytes_per_pixel value that is used to initialize these buffers is
never zero.
To fix this check that bits_per_pixel from the client is one of the
values that the rfb protocol specification allows.
This is CVE-2014-7815.
Signed-off-by: Petr Matousek <pmatouse@redhat.com>
[ kraxel: apply codestyle fix ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Special handing of the Pause key. Implemented in a similar way as in
ui/sdl.c.
Signed-off-by: Martin Decky <martin@decky.cz>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
this memory leak is introduced by the original
commit 3158a3482b
valgrind out showing:
==14553== 21,459 (72 direct, 21,387 indirect) bytes in 1 blocks are definitely
lost in loss record 8,055 of 8,082
==14553== at 0x4A06BC3: calloc (vg_replace_malloc.c:618)
==14553== by 0x80DBFBC: XkbGetKeyboardByName (in /usr/lib64/libX11.so.6.3.0)
==14553== by 0x40C704: gtk_display_init (gtk.c:1798)
==14553== by 0x1AEDC1: main (vl.c:4480)
Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Which allows specification of absolute/relative,
up/down and console parameters.
Suggested by Gerd Hoffman.
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
commit 2e377f1730 changed the ordering
of the release events as side effect. Some guests are not happy with
that and don't recognise ctrl-alt-del any more. This patch restores
the old last-pressed first-released behavior.
Cc: Amos Kong <akong@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add a function to allow display emulations to switch the hwops
function pointers. This is useful for devices which have two
completely different operation modes. Typical case is the vga
compatibility mode vs. native mode in qxl and the upcoming
virtio-vga device.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch removes support for the cow file format.
Normally we do not break backwards compatibility but in this case there
is no impact and it is the most logical option. Extraordinary claims
require extraordinary evidence so I will show why removing the cow block
driver is the right thing to do.
The cow file format is the disk image format for Usermode Linux, a way
of running a Linux system in userspace. The performance of UML was
never great and it was hacky, but it enjoyed some popularity before
hardware virtualization support became mainstream.
QEMU's block/cow.c is supposed to read this image file format.
Unfortunately the file format was underspecified:
1. Earlier Linux versions used the MAXPATHLEN constant for the backing
filename field. The value of MAXPATHLEN can change, so Linux
switched to a 4096 literal but QEMU has a 1024 literal.
2. Padding was not used on the header struct (both in the Linux kernel
and in QEMU) so the struct layout varied across architectures. In
particular, i386 and x86_64 were different due to int64_t alignment
differences. Linux now uses __attribute__((packed)), QEMU does not.
Therefore:
1. QEMU cow images do not conform to the Linux cow image file format.
2. cow images cannot be shared between different host architectures.
This means QEMU cow images are useless and QEMU has not had bug reports
from users actually hitting these issues.
Let's get rid of this thing, it serves no purpose and no one will be
affected.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1410877464-20481-1-git-send-email-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
we currently have the Nagle algorithm enabled for all outgoing VNC updates.
This may delay sensitive updates as mouse movements or typing in the console.
As we currently prepare all data in a buffer and then send as much as we can
disabling the Nagle algorithm should not cause big trouble. Well established
VNC servers like TightVNC set TCP_NODELAY as well.
A regular framebuffer update request generates exactly one framebuffer update
which should be pushed out as fast as possible.
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Now we have removed the legacy register_char_driver() we can
rename register_char_driver_qapi() to the more obvious and
shorter name.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1409653457-27863-6-git-send-email-peter.maydell@linaro.org
Don't call SPICE API directly to set password given in command line, but
use the internal API, saving password for later calls.
This solves losing password when changing expiration in qemu monitor.
https://bugzilla.redhat.com/show_bug.cgi?id=1138639
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
If we need to, we should use the pixman formats instead but for
now this is unused except in commented out code so take it out
to avoid further confusion about surface endianness.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Helper function for copying data from linebuf to framebuffer using
pixman, possibly converting in case src and dst formats differ.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Calls dpy_gfx_update for all dirty scanlines. Works for
DisplaySurfaces backed by guest memory (i.e. the ones created
using qemu_create_displaysurface_guestmem).
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch adds a qemu_create_displaysurface_guestmem helper function.
Works simliar to qemu_create_displaysurface_from, but accepts a
guest address instead of a host pointer and it handles
cpu_physical_memory_{map,unmap} for you.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
With this patch the qemu console core stops using PixelFormat and pixman
format codes side-by-side, pixman format code is the primary way to
specify the DisplaySurface format:
* DisplaySurface stops carrying a PixelFormat field.
* qemu_create_displaysurface_from() expects a pixman format now.
Functions to convert PixelFormat to pixman_format_code_t (and back)
exist for those who still use PixelFormat. As PixelFormat allows
easy access to masks and shifts it will probably continue to exist.
[ xenfb added by Benjamin Herrenschmidt ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Use the new qemu_pixelformat_from_pixman and qemu_default_pixman_format
functions to reimplement qemu_default_pixelformat
(qemu_different_endianness_pixelformat too).
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Function to convert pixman format codes to qemu PixelFormat.
[ Benjamin Herrenschmidt: fix BGRA+RGBA shifts ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Related spice-only bug. We have a fixed 16 MB buffer here, being
presented to the spice-server as qxl video memory in case spice is
used with a non-qxl card. It's also used with qxl in vga mode.
When using display resolutions requiring more than 16 MB of memory we
are going to overflow that buffer. In theory the guest can write,
indirectly via spice-server. The spice-server clears the memory after
setting a new video mode though, triggering a segfault in the overflow
case, so qemu crashes before the guest has a chance to do something
evil.
Fix that by switching to dynamic allocation for the buffer.
CVE-2014-3615
Cc: qemu-stable@nongnu.org
Cc: secalert@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
imitate nearby code about using '!value' or 'value == NULL'
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
We need to remember has_updates for each vnc client. Otherwise it might
happen that vnc_update_client(has_dirty=1) takes the first exit due to
output buffers not being flushed yet and subsequent calls with
has_dirty=0 take the second exit, wrongly assuming there is nothing to
do because the work defered in the first call is ignored.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Peter Lieven <pl@kamp.de>
If the client asks for !incremental frame updates, it has lost its content
so dirty doesn't matter - it has to see the full frame, so setting force_update
Signed-off-by: Stephan Kulow <coolo@suse.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Peter Lieven <pl@kamp.de>
(Resending for correct email addresses via MAINTAINERS ...)
In the GTK UI, after changing focus to the qemu monitor Notebook Page,
when restoring focus to the virtual machine page, the keyboard focus is lost
to a hidden GTK widget. Focus can only be restored to the virtual machine by
pressing "tab" or any of the four directional arrow keys.
Clicking in the window or grabbing/ungrabbing input does not restore keyboard
focus to the child widget.
This patch adjusts the Notebook page switching callback to automatically
steal keyboard focus on the Page switch event, so that keyboard input
does not appear to break or disappear after tabbing to the QEMU monitor.
Signed-off-by: John Snow <jsnow@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Set auth to sasl when sasl is enabled, this makes "info spice" correctly
display sasl auth. Also throw an error in case someone tries to set
a spice password via monitor without auth mode being "spice".
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
this patch makes the VNC server work correctly if the
server surface and the guest surface have different sizes.
Basically the server surface is adjusted to not exceed VNC_MAX_WIDTH
x VNC_MAX_HEIGHT and additionally the width is rounded up to multiple of
VNC_DIRTY_PIXELS_PER_BIT.
If we have a resolution whose width is not dividable by VNC_DIRTY_PIXELS_PER_BIT
we now get a small black bar on the right of the screen.
If the surface is too big to fit the limits only the upper left area is shown.
On top of that this fixes 2 memory corruption issues:
The first was actually discovered during playing
around with a Windows 7 vServer. During resolution
change in Windows 7 it happens sometimes that Windows
changes to an intermediate resolution where
server_stride % cmp_bytes != 0 (in vnc_refresh_server_surface).
This happens only if width % VNC_DIRTY_PIXELS_PER_BIT != 0.
The second is a theoretical issue, but is maybe exploitable
by the guest. If for some reason the guest surface size is bigger
than VNC_MAX_WIDTH x VNC_MAX_HEIGHT we end up in severe corruption since
this limit is nowhere enforced.
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
currently a malicious client could define a payload
size of 2^32 - 1 bytes and send up to that size of
data to the vnc server. The server would allocated
that amount of memory which could easily create an
out of memory condition.
This patch limits the payload size to 1MB max.
Please note that client_cut_text messages are currently
silently ignored.
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Honour the -show-cursor command line option (which forces the mouse pointer
to always be displayed even when input is grabbed) in the Cocoa UI backend.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1403516125-14568-5-git-send-email-peter.maydell@linaro.org
Fix handling of absolute positioning devices, which were basically
unusable for two separate reasons:
(1) as soon as you pressed the left mouse button we would call
CGAssociateMouseAndMouseCursorPosition(FALSE), which means that
the absolute coordinates of the mouse events are never updated
(2) we didn't account for MacOSX coordinate origin being bottom left
rather than top right, and so all the Y values sent to the guest
were inverted
We fix (1) by aligning our behaviour with the SDL UI backend for
absolute devices:
* when the mouse moves into the window we do a grab (which means
hiding the host cursor and sending special keys to the guest)
* when the mouse moves out of the window we un-grab
and fix (2) by doing the correct transformation in the call to
qemu_input_queue_abs().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1403516125-14568-4-git-send-email-peter.maydell@linaro.org
Add a utility method to check whether a point is within the current window
bounds, and use it in the various places in the mouse handling code that
were opencoding the check.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1403516125-14568-3-git-send-email-peter.maydell@linaro.org
Markus Armbruster
Gerd Hoffmann
Peter Lieven
Gonglei
Peter Maydell
Marc-André Lureau
Benjamin Herrenschmidt
Max Reitz
Fam Zheng
zhanghailiang
Amos Kong
Cole Robinson
ChenLiang
Petr Matousek
Martin Decky
Chen Fan
Marcelo Tosatti
Stefan Hajnoczi
Stephan Kulow
John Snow