aboutsummaryrefslogtreecommitdiff
path: root/ui
AgeCommit message (Collapse)AuthorFilesLines
2019-08-16Include qemu/queue.h slightly lessMarkus Armbruster1-1/+0
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20190812052359.30071-20-armbru@redhat.com>
2019-08-16Include hw/hw.h exactly where neededMarkus Armbruster1-1/+0
In my "build everything" tree, changing hw/hw.h triggers a recompile of some 2600 out of 6600 objects (not counting tests and objects that don't depend on qemu/osdep.h). The previous commits have left only the declaration of hw_error() in hw/hw.h. This permits dropping most of its inclusions. Touching it now recompiles less than 200 objects. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20190812052359.30071-19-armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-08-16trace: Do not include qom/cpu.h into generated trace.hMarkus Armbruster1-0/+1
docs/devel/tracing.txt explains "since many source files include trace.h, [the generated trace.h use] a minimum of types and other header files included to keep the namespace clean and compile times and dependencies down." Commit 4815185902 "trace: Add per-vCPU tracing states for events with the 'vcpu' property" made them all include qom/cpu.h via control-internal.h. qom/cpu.h in turn includes about thirty headers. Ouch. Per-vCPU tracing is currently not supported in sub-directories' trace-events. In other words, qom/cpu.h can only be used in trace-root.h, not in any trace.h. Split trace/control-vcpu.h off trace/control.h and trace/control-internal.h. Have the generated trace.h include trace/control.h (which no longer includes qom/cpu.h), and trace-root.h include trace/control-vcpu.h (which includes it). The resulting improvement is a bit disappointing: in my "build everything" tree, some 1100 out of 6600 objects (not counting tests and objects that don't depend on qemu/osdep.h) depend on a trace.h, and about 600 of them no longer depend on qom/cpu.h. But more than 1300 others depend on trace-root.h. More work is clearly needed. Left for another day. Cc: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20190812052359.30071-8-armbru@redhat.com>
2019-08-16Include generated QAPI headers lessMarkus Armbruster1-1/+0
Some of the generated qapi-types-MODULE.h are included all over the place. Changing a QAPI type can trigger massive recompiling. Top scorers recompile more than 1000 out of some 6600 objects (not counting tests and objects that don't depend on qemu/osdep.h): 6300 qapi/qapi-builtin-types.h 5700 qapi/qapi-types-run-state.h 3900 qapi/qapi-types-common.h 3300 qapi/qapi-types-sockets.h 3000 qapi/qapi-types-misc.h 3000 qapi/qapi-types-crypto.h 3000 qapi/qapi-types-job.h 3000 qapi/qapi-types-block-core.h 2800 qapi/qapi-types-block.h 1300 qapi/qapi-types-net.h Clean up headers to include generated QAPI headers only where needed. Impact is negligible except for hw/qdev-properties.h. This header includes qapi/qapi-types-block.h and qapi/qapi-types-misc.h. They are used only in expansions of property definition macros such as DEFINE_PROP_BLOCKDEV_ON_ERROR() and DEFINE_PROP_OFF_AUTO(). Moving their inclusion from hw/qdev-properties.h to the users of these macros avoids pointless recompiles. This is how other property definition macros, such as DEFINE_PROP_NETDEV(), already work. Improves things for some of the top scorers: 3600 qapi/qapi-types-common.h 2800 qapi/qapi-types-sockets.h 900 qapi/qapi-types-misc.h 2200 qapi/qapi-types-crypto.h 2100 qapi/qapi-types-job.h 2100 qapi/qapi-types-block-core.h 270 qapi/qapi-types-block.h Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20190812052359.30071-3-armbru@redhat.com>
2019-07-03console: fix cell overflowGerd Hoffmann1-2/+8
Linux terminal behavior (coming from vt100 I think) is somewhat strange when it comes to line wraps: When a character is printed to the last char cell of a line the cursor does NOT jump to the next line but stays where it is. The line feed happens when the next character is printed. So the valid range for the cursor position is not 0 .. width-1 but 0 .. width, where x == width represents the state where the line is full but the cursor didn't jump to the next line yet. The code for the 'clear from start of line' control sequence (ESC[1K) fails to handle this corner case correctly and may call console_clear_xy() with x == width. That will incorrectly clear the first char cell of the next line, or in case the cursor happens to be on the last line overflow the cell buffer by one character (three bytes). Add a check to the loop to fix that. Didn't spot any other places with the same problem. But it's easy to miss that corner case, so also allocate one extra cell as precaution, so in case we have simliar issues lurking elsewhere it at least wouldn't be a buffer overflow. v2: squashed in additional checks suggested by Christophe de Dinechin. Reported-by: Alexander Oleinik <alxndr@bu.edu> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Christophe de Dinechin <dinechin@redhat.com> Message-id: 20190701075301.14165-1-kraxel@redhat.com
2019-06-13ui/cocoa: Fix mouse grabbing in fullscreen mode for relative input deviceChen Zhang1-1/+6
In fullscreen mode, the window property of cocoaView may not be the key window, and the current implementation would not re-grab cursor by left click in fullscreen mode after ungrabbed in fullscreen mode with hot-key ctrl-opt-g. This patch used value of isFullscreen as a short-cirtuit condition for relative input device grabbing. Signed-off-by: Chen Zhang <tgfbeta@me.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 2D2F1191-E82F-4B54-A6E7-73FFB953DE93@me.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-06-13ui/cocoa: Fix absolute input device grabbing issue on MojaveChen Zhang1-2/+41
On Mojave, absolute input device, i.e. tablet, had trouble re-grabbing the cursor in re-entry into the virtual screen area. In some cases, the `window` property of NSEvent object was nil after cursor exiting from window, hinting that the `-locationInWindow` method would return value in screen coordinates. The current implementation used raw locations from NSEvent without considering whether the value was for the window coordinates or the macOS screen coordinates, nor the zooming factor for Zoom-to-Fit in fullscreen mode. In fullscreen mode, the fullscreen cocoa window might not be the key window, therefore the location of event in virtual coordinates should suffice. This patches fixed boundary check methods for cursor in normal and fullscreen with/without Zoom-to-Fit in Mojave. Note: CGRect, -convertRectToScreen: and -convertRectFromScreen: were used in coordinates conversion for compatibility reason. Signed-off-by: Chen Zhang <tgfbeta@me.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: FA3FBC4F-5379-4118-B997-58FE05CC58F9@me.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-06-12Include qemu-common.h exactly where neededMarkus Armbruster16-15/+1
No header includes qemu-common.h after this commit, as prescribed by qemu-common.h's file comment. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20190523143508.25387-5-armbru@redhat.com> [Rebased with conflicts resolved automatically, except for include/hw/arm/xlnx-zynqmp.h hw/arm/nrf51_soc.c hw/arm/msf2-soc.c block/qcow2-refcount.c block/qcow2-cluster.c block/qcow2-cache.c target/arm/cpu.h target/lm32/cpu.h target/m68k/cpu.h target/mips/cpu.h target/moxie/cpu.h target/nios2/cpu.h target/openrisc/cpu.h target/riscv/cpu.h target/tilegx/cpu.h target/tricore/cpu.h target/unicore32/cpu.h target/xtensa/cpu.h; bsd-user/main.c and net/tap-bsd.c fixed up]
2019-06-12Include qemu/module.h where needed, drop it from qemu-common.hMarkus Armbruster9-5/+11
Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20190523143508.25387-4-armbru@redhat.com> [Rebased with conflicts resolved automatically, except for hw/usb/dev-hub.c hw/misc/exynos4210_rng.c hw/misc/bcm2835_rng.c hw/misc/aspeed_scu.c hw/display/virtio-vga.c hw/arm/stm32f205_soc.c; ui/cocoa.m fixed up]
2019-06-11qemu-common: Move qemu_isalnum() etc. to qemu/ctype.hMarkus Armbruster1-0/+1
Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20190523143508.25387-3-armbru@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2019-06-07egl-helpers: add modifier support to egl_dmabuf_import_texture()Gerd Hoffmann1-9/+25
Check and use QemuDmaBuf->modifier in egl_dmabuf_import_texture() for dmabuf imports. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 20190529072144.26737-5-kraxel@redhat.com
2019-06-07egl-helpers: add modifier support to egl_get_fd_for_texture().Gerd Hoffmann2-5/+7
Add modifier parameter to egl_get_fd_for_texture(), to return the used modifier on dmabuf exports. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 20190529072144.26737-4-kraxel@redhat.com
2019-06-07ui/curses: Fix build with -m32Max Reitz1-4/+4
wchar_t may resolve to be an unsigned long on 32-bit architectures. Using the %x conversion specifier will then give a compiler warning: ui/curses.c: In function ‘get_ucs’: ui/curses.c:492:49: error: format ‘%x’ expects argument of type ‘unsigned int’, but argument 3 has type ‘wchar_t’ {aka ‘long int’} [-Werror=format=] 492 | fprintf(stderr, "Could not convert 0x%04x " | ~~~^ | | | unsigned int | %04lx 493 | "from wchar_t to a multibyte character: %s\n", 494 | wch, strerror(errno)); | ~~~ | | | wchar_t {aka long int} ui/curses.c:504:49: error: format ‘%x’ expects argument of type ‘unsigned int’, but argument 3 has type ‘wchar_t’ {aka ‘long int’} [-Werror=format=] 504 | fprintf(stderr, "Could not convert 0x%04x " | ~~~^ | | | unsigned int | %04lx 505 | "from a multibyte character to UCS-2 : %s\n", 506 | wch, strerror(errno)); | ~~~ | | | wchar_t {aka long int} Fix this by casting the wchar_t value to an unsigned long and using %lx as the conversion specifier. Fixes: b7b664a4fe9a955338f2e11a0f7433b29c8cbad0 Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Message-id: 20190527142540.23255-1-mreitz@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-05-29spice-app: fix running when !CONFIG_OPENGLMarc-André Lureau1-1/+2
Do not set 'gl' parameter, fixes: qemu-system-x86_64: Invalid parameter 'gl' Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20190524130946.31736-7-marcandre.lureau@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-05-22ui/vnc: Use gcrypto_random_bytes for start_auth_vncRichard Henderson1-11/+11
Use a better interface for random numbers than rand(). Fail gracefully if for some reason we cannot use the crypto system. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2019-05-22ui/vnc: Split out authentication_failedRichard Henderson1-22/+15
There were 3 copies of this code, one of which used the wrong data size for the failure indicator. Reviewed-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2019-05-17kbd-state: fix autorepeat handlingGerd Hoffmann1-1/+5
When allowing multiple down-events in a row (key autorepeat) we can't use change_bit() any more to update the state, because autorepeat events don't change the key state. We have to explicitly use set_bit() and clear_bit() instead. Cc: qemu-stable@nongnu.org Fixes: 35921860156e kbd-state: don't block auto-repeat events Buglink: https://bugs.launchpad.net/qemu/+bug/1828272 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 20190514042443.10735-1-kraxel@redhat.com
2019-05-17ui/console: Precautionary glBindTexture and surface->texture validation in ↵HOU Qiming1-7/+11
surface_gl_update_texture In a GVT-g setup with dmabuf and GTK GUI, the current 2D texture at surface_gl_update_texture is not necessarily surface->texture. Adding a glBindTexture fixes related crashes and artifacts, and is generally more secure. Signed-off-by: HOU Qiming <hqm03ster@gmail.com> Tested-by: Marcel Apfelbaum<marcel.apfelbaum@gmail.com> Signed-off-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com> Message-id: 20190507080501.26712-1-marcel.apfelbaum@gmail.com [fixed malformed patch, rebase to master] Signed-off-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-05-17ui/curses: manipulate cchar_t with standard curses functionsSamuel Thibault1-14/+29
The chars/attr fields are curses internals, setcchar and getcchar have to be used instead. Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Tested-by: Kamil Rytarowski <n54@gmx.com> Message-Id: <20190427183307.12796-3-samuel.thibault@ens-lyon.org> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-05-17ui/curses: do not assume wchar_t contains unicodeSamuel Thibault1-57/+100
E.g. BSD and Solaris even use locale-specific encoding there. We thus have to go through the native multibyte representation and use mbrtowc/wcrtomb to make a proper conversion. Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Tested-by: Kamil Rytarowski <n54@gmx.com> Message-Id: <20190427183307.12796-2-samuel.thibault@ens-lyon.org> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-04-12curses: fix wchar_t printf warningGerd Hoffmann1-2/+2
On some systems wchar_t is "long int", on others just "int". So go cast to "long int" and adjust the printf format accordingly. Reported-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20190402073018.17747-1-kraxel@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-03-22trace-events: Fix attribution of trace points to sourceMarkus Armbruster1-0/+5
Some trace points are attributed to the wrong source file. Happens when we neglect to update trace-events for code motion, or add events in the wrong place, or misspell the file name. Clean up with help of cleanup-trace-events.pl. Same funnies as in the previous commit, of course. Manually shorten its change to linux-user/trace-events to */signal.c. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-id: 20190314180929.27722-6-armbru@redhat.com Message-Id: <20190314180929.27722-6-armbru@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2019-03-22trace-events: Shorten file names in commentsMarkus Armbruster1-7/+7
We spell out sub/dir/ in sub/dir/trace-events' comments pointing to source files. That's because when trace-events got split up, the comments were moved verbatim. Delete the sub/dir/ part from these comments. Gets rid of several misspellings. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20190314180929.27722-3-armbru@redhat.com Message-Id: <20190314180929.27722-3-armbru@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2019-03-18curses ui: add missing iconv_close callsSamuel Thibault1-0/+6
The iconv_t are opened but never closed. Spotted by Coverity: CID 1399708 Spotted by Coverity: CID 1399709 Spotted by Coverity: CID 1399713 Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Message-Id: <20190314172524.9290-1-samuel.thibault@ens-lyon.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-03-18curses ui: always initialize all curses_line fieldsSamuel Thibault1-3/+3
cchar_t can contain not only attr and chars fields, but also ext_color. Initialize the whole structure to zero instead of enumerating fields. Spotted by Coverity: CID 1399711 Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Message-Id: <20190315130932.26094-1-samuel.thibault@ens-lyon.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-03-18vnc: fix unalignment access in tight_pack24Li Qiang1-3/+4
When adding '-fsanitize=undefined' in compiling configuration and connect VM with vnc, it reports following error: ui/vnc-enc-tight.c:910:13: runtime error: load of misaligned address 0x621000466513 for type 'uint32_t', which requires 4 byte alignment This patch fix this issue. Signed-off-by: Li Qiang <liq3ea@163.com> Message-id: 20190318010442.14897-1-liq3ea@163.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-03-13Merge remote-tracking branch 'remotes/kraxel/tags/ui-20190313-pull-request' ↵Peter Maydell2-49/+270
into staging ui: better unicode support for curses, v2. # gpg: Signature made Wed 13 Mar 2019 07:29:44 GMT # gpg: using RSA key 4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full] # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" [full] # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full] # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/ui-20190313-pull-request: curses: add option to specify VGA font encoding iconv: detect and make curses depend on it Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-03-13curses: add option to specify VGA font encodingSamuel Thibault1-47/+268
This uses iconv to convert glyphs from the specified VGA font encoding to unicode, and makes use of cchar_t instead of chtype when using ncursesw, which allows to store all wide char as well as the WACS values. The default charset is made CP437 since that is the charset of the hardware default VGA font. This also makes the curses backend set the LC_CTYPE locale to "" to allow curses to emit wide characters. Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Cc: Eddie Kohler <ekohler@gmail.com> Acked-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20190311135127.2229-3-samuel.thibault@ens-lyon.org> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-03-13iconv: detect and make curses depend on itSamuel Thibault1-2/+2
curses will use it for proper wide output support. Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Message-Id: <20190311135127.2229-2-samuel.thibault@ens-lyon.org> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-03-12Merge remote-tracking branch ↵Peter Maydell1-13/+13
'remotes/kraxel/tags/audio-20190312-pull-request' into staging audio: introduce -audiodev # gpg: Signature made Tue 12 Mar 2019 07:12:19 GMT # gpg: using RSA key 4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full] # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" [full] # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full] # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/audio-20190312-pull-request: audio: -audiodev command line option: cleanup wavaudio: port to -audiodev config spiceaudio: port to -audiodev config sdlaudio: port to -audiodev config paaudio: port to -audiodev config ossaudio: port to -audiodev config noaudio: port to -audiodev config dsoundaudio: port to -audiodev config coreaudio: port to -audiodev config alsaaudio: port to -audiodev config audio: -audiodev command line option basic implementation audio: -audiodev command line option: documentation audio: use qapi AudioFormat instead of audfmt_e qapi: qapi for audio backends Signed-off-by: Peter Maydell <peter.maydell@linaro.org> # Conflicts: # qemu-deprecated.texi
2019-03-11audio: use qapi AudioFormat instead of audfmt_eKővágó, Zoltán1-13/+13
I had to include an enum for audio sampling formats into qapi, but that meant duplicating the audfmt_e enum. This patch replaces audfmt_e and associated values with the qapi generated AudioFormat enum. This patch is mostly a search-and-replace, except for switches where the qapi generated AUDIO_FORMAT_MAX caused problems. Signed-off-by: Kővágó, Zoltán <DirtY.iCE.hu@gmail.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-id: 01251b2758a1679c66842120b77c0fb46d7d0eaf.1552083282.git.DirtY.iCE.hu@gmail.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-03-11vnc: allow specifying a custom authorization object nameDaniel P. Berrange1-9/+49
The VNC server has historically had support for ACLs to check both the SASL username and the TLS x509 distinguished name. The VNC server was responsible for creating the initial ACL, and the client app was then responsible for populating it with rules using the HMP 'acl_add' command. This is not satisfactory for a variety of reasons. There is no way to populate the ACLs from the command line, users are forced to use the HMP. With multiple network services all supporting TLS and ACLs now, it is desirable to be able to define a single ACL that is referenced by all services. To address these limitations, two new options are added to the VNC server CLI. The 'tls-authz' option takes the ID of a QAuthZ object to use for checking TLS x509 distinguished names, and the 'sasl-authz' option takes the ID of another object to use for checking SASL usernames. In this example, we setup two authorization rules. The first allows any client with a certificate issued by the 'RedHat' organization in the 'London' locality. The second ACL allows clients with either the 'joe@REDHAT.COM' or 'fred@REDHAT.COM' kerberos usernames. Both checks must pass for the user to be allowed. $QEMU -object tls-creds-x509,id=tls0,dir=/home/berrange/qemutls,\ endpoint=server,verify-peer=yes \ -object authz-simple,id=authz0,policy=deny,\ rules.0.match=O=RedHat,,L=London,rules.0.policy=allow \ -object authz-simple,id=authz1,policy=deny,\ rules.0.match=fred@REDHAT.COM,rules.0.policy=allow \ rules.0.match=joe@REDHAT.COM,rules.0.policy=allow \ -vnc 0.0.0.0:1,tls-creds=tls0,tls-authz=authz0, sasl,sasl-authz=authz1 \ ...other QEMU args... Reviewed-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 20190227145755.26556-2-berrange@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-03-11vnc: fix update stallsGerd Hoffmann1-0/+6
vnc aborts display update jobs on video mode switches and page flips. That can cause vnc update stalls in case an unfinished vnc job gets aborted. The vnc client will never receive the requested update then. Fix that by copying the state from job_update back to update in that case. Reports complain about stalls with two or more clients being connected at the same time, on some but not all connections. I suspect it can also happen with a single connection, multiple connections only make this more much likely to happen. Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1662260 Reported-by: Ying Fang <fangying1@huawei.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Ying Fang <fangying1@huawei.com> Message-id: 20190305130930.24516-1-kraxel@redhat.com
2019-03-11curses: support wide inputSamuel Thibault2-62/+127
This makes use of wide curses functions instead of 8bit functions. This allows to type e.g. accented letters. Unfortunately, key codes are then returned with values that could be confused with wide characters by ncurses, so we need to add a maybe_keycode variable to know whether the returned value is a key code or a character (curses with wide support), or possibly both (curses without wide support). The translation tables thus also need to be separated into key code translation and character translation. The curses2foo helper makes it easier to use them. Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Message-id: 20190304210532.7840-1-samuel.thibault@ens-lyon.org Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-03-11Reduce curses escdelay from 1s to 25msSamuel Thibault1-1/+2
By default, curses will only report single ESC key event after 1s delay, since ESC is also used for keypad escape sequences. This however makes users believe that ESC is not working. Reducing to 25ms provides good user experience, while still allowing 25ms for keypad sequences to get in, which should be enough. Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Message-Id: <20190303172557.17139-1-samuel.thibault@ens-lyon.org> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-03-04ui/cocoa: Perform UI operations only on the main threadPeter Maydell1-78/+115
The OSX Mojave release is more picky about enforcing the Cocoa API restriction that only the main thread may perform UI calls. To accommodate this we need to restructure the Cocoa code: * the special OSX main() creates a second thread and uses that to call the vl.c qemu_main(); the original main thread goes into the OSX event loop * the refresh, switch and update callbacks asynchronously tell the main thread to do the necessary work * the refresh callback no longer does the "get events from the UI event queue and handle them" loop, since we now use the stock OSX event loop. Instead our NSApplication sendEvent method will either deal with them or pass them on to OSX All these things have to be changed in one commit, to avoid breaking bisection. Note that since we use dispatch_get_main_queue(), this bumps our minimum version requirement to OSX 10.10 Yosemite (released in 2014, unsupported by Apple since 2017). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Tested-by: Roman Bolshakov <r.bolshakov@yadro.com> Message-id: 20190225102433.22401-8-peter.maydell@linaro.org Message-id: 20190214102816.3393-8-peter.maydell@linaro.org
2019-03-04ui/cocoa: Subclass NSApplication so we can implement sendEventPeter Maydell1-1/+12
When we switch away from our custom event handling, we still want to be able to have first go at any events our application receives, because in full-screen mode we want to send key events to the guest, even if they would be menu item activation events. There are several ways we could do that, but one simple approach is to subclass NSApplication so we can implement a custom sendEvent method. Do that, but for the moment have our sendEvent just invoke the superclass method. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu> Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Tested-by: Roman Bolshakov <r.bolshakov@yadro.com> Message-id: 20190225102433.22401-7-peter.maydell@linaro.org Message-id: 20190214102816.3393-7-peter.maydell@linaro.org
2019-03-04ui/cocoa: Don't call NSApp sendEvent directly from handleEventPeter Maydell1-15/+34
Currently the handleEvent method will directly call the NSApp sendEvent method for any events that we want to let OSX deal with. When we rearrange the event handling code, the way that we say "let OSX have this event" is going to change. Prepare for that by refactoring so that handleEvent returns a flag indicating whether it consumed the event. Suggested-by: BALATON Zoltan <balaton@eik.bme.hu> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu> Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Tested-by: Roman Bolshakov <r.bolshakov@yadro.com> Message-id: 20190225102433.22401-6-peter.maydell@linaro.org Message-id: 20190214102816.3393-6-peter.maydell@linaro.org
2019-03-04ui/cocoa: Move console/device menu creation code up in filePeter Maydell1-92/+92
Move the console/device menu creation code functions further up in the source file, next to the code which creates the initial menus. We're going to want to change the location we call these functions from in the next patch. This commit is a pure code move with no other changes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu> Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Tested-by: Roman Bolshakov <r.bolshakov@yadro.com> Message-id: 20190225102433.22401-5-peter.maydell@linaro.org Message-id: 20190214102816.3393-5-peter.maydell@linaro.org
2019-03-04ui/cocoa: Factor out initial menu creationPeter Maydell1-37/+41
Factor out the long code sequence in main() which creates the initial set of menus. This will make later patches which move initialization code around a bit clearer. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu> Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Tested-by: Roman Bolshakov <r.bolshakov@yadro.com> Message-id: 20190225102433.22401-4-peter.maydell@linaro.org Message-id: 20190214102816.3393-4-peter.maydell@linaro.org
2019-03-04ui/cocoa: Use the pixman image directly in switchSurfacePeter Maydell1-8/+9
Currently the switchSurface method takes a DisplaySurface. We want to change our DisplayChangeListener's dpy_gfx_switch callback to do this work asynchronously on a different thread. The caller of the switch callback will free the old DisplaySurface immediately the callback returns, so to ensure that the other thread doesn't access freed data we need to switch to using the underlying pixman image instead. The pixman image is reference counted, so we will be able to take a reference to it to avoid it vanishing too early. In this commit we only change the switchSurface method to take a pixman image, and keep the flow of control synchronous for now. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu> Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Tested-by: Roman Bolshakov <r.bolshakov@yadro.com> Message-id: 20190225102433.22401-3-peter.maydell@linaro.org Message-id: 20190214102816.3393-3-peter.maydell@linaro.org
2019-03-04ui/cocoa: Ensure we have the iothread lock when calling into QEMUPeter Maydell1-26/+65
The Cocoa UI should run on the main thread; this is enforced in OSX Mojave. In order to be able to run on the main thread, we need to make sure we hold the iothread lock whenever we call into various QEMU UI midlayer functions. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Tested-by: Roman Bolshakov <r.bolshakov@yadro.com> Message-id: 20190225102433.22401-2-peter.maydell@linaro.org Message-id: 20190214102816.3393-2-peter.maydell@linaro.org
2019-02-26authz: delete existing ACL implementationDaniel P. Berrange6-24/+49
The 'qemu_acl' type was a previous non-QOM based attempt to provide an authorization facility in QEMU. Because it is non-QOM based it cannot be created via the command line and requires special monitor commands to manipulate it. The new QAuthZ subclasses provide a superset of the functionality in qemu_acl, so the latter can now be deleted. The HMP 'acl_*' monitor commands are converted to use the new QAuthZSimple data type instead in order to provide temporary backwards compatibility. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2019-02-22display: add -display spice-app launching a Spice clientMarc-André Lureau2-0/+207
Add a new display backend that will configure Spice to allow a remote client to control QEMU in a similar fashion as other QEMU display backend/UI like GTK. For this to work, it will set up Spice server with a unix socket, and register a VC chardev that will be exposed as Spice ports. A QMP monitor is also exposed as a Spice port, this allows the remote client fuller qemu control and state handling. - doesn't handle VC set_echo() - this doesn't seem a strong requirement, very few front-end use it - spice options can be tweaked with other -spice arguments - Windows support shouldn't be hard to do, but will probably use a TCP port instead - we may want to watch the child process to quit automatically if it crashed Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Tested-by: Victor Toso <victortoso@redhat.com> Message-id: 20190221110703.5775-12-marcandre.lureau@redhat.com [ kraxel: squash incremental fix ] Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-02-21spice: use a default name for the serverMarc-André Lureau1-1/+1
If no -name is given, let's use a friendly "QEMU version" server name. This is sometime exposed on spice client side, for example on remote-viewer title. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Tested-by: Victor Toso <victortoso@redhat.com> Message-id: 20190221110703.5775-11-marcandre.lureau@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-02-21spice: do not stop spice if VM is pausedMarc-André Lureau1-1/+1
spice_server_vm_start/stop() was added to help migration state (commit f5bb039c6d97ef3e664094eab3c9a4dc1824ed73). However, a paused VM could keep running the spice server. This will allow a Spice client to keep sending commands to a spice chardev. This allows to stop/cont a VM from a Spice monitor port. Character devices (vdagent/usb/smartcard/..) should not read from Spice when the VM is paused. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Tested-by: Victor Toso <victortoso@redhat.com> Message-id: 20190221110703.5775-6-marcandre.lureau@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-02-21spice: merge options listsMarc-André Lureau1-0/+1
Passing several -spice options to qemu command line, or calling several time qemu_opts_set() will ignore all but the first option list. Since the spice server is a singleton, it makes sense to merge all the options, the last value being the one taken into account. This changes the behaviour from, for ex: $ qemu... -spice port=5900 -spice port=5901 -> port: 5900 to: $ qemu... -spice port=5900 -spice port=5901 -> port: 5901 (if necessary we could instead produce an error when an option is given twice, although this makes handling default values and such more complicated) Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Tested-by: Victor Toso <victortoso@redhat.com> Message-id: 20190221110703.5775-5-marcandre.lureau@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-02-21spice: avoid spice runtime assertMarc-André Lureau1-0/+8
The Spice server doesn't like to be started or stopped twice . It aborts with: (process:6191): Spice-ERROR **: 19:29:35.912: red-worker.c:623:handle_dev_start: assertion `!worker->running' failed It's easy to avoid that situation since qemu spice_display_is_running tracks the server state. After the commit "spice: do not stop spice if VM is paused", it will be possible to pause and resume the VM, and this will call qemu_spice_display_start() twice. The easiest is to add a check for spice_display_is_running with this patch to avoid the assert. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Tested-by: Victor Toso <victortoso@redhat.com> Message-id: 20190221110703.5775-4-marcandre.lureau@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-02-21ui/gtk: Fix the license informationThomas Huth1-17/+13
The license information in this file is very messy. A short note at the beginning says GPL first, but the long boilerplate code then talks about "GNU Lesser General Public License version 2.0". First, there is no such version of the "GNU Lesser GPL", it only started with version 2.1. In version 2.0, it was still called "GNU Library GPL" instead. Second, you can easily get the license of this file wrong if you only quickly glance at the long boilerplate code. Anyway, looking at the text of the LGPL (see COPYING.LIB in the top directory), the license clearly states in section "3." that one should rather replace the license information with the GPL information in such a case of a mixture instead. Thus let's clean up the confusing statements and use the proper GPL text only. Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-id: 1550731902-28842-1-git-send-email-thuth@redhat.com [ kraxel: s/v2/v2+/ as requested by Daniel ] Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2019-02-21sdl2: drop qemu_input_event_send_key_qcode callGerd Hoffmann1-3/+0
qkbd_state_key_event() does that for us. Fixes: 07333e1ca3 kbd-state: use state tracker for sdl2 Reported-by: BALATON Zoltan <balaton@eik.bme.hu> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Tested-by: BALATON Zoltan <balaton@eik.bme.hu> Message-id: 20190208072744.10687-1-kraxel@redhat.com