gdk_cursor_new() has been deprecated in GTK 3.16, it is recommended to
use gdk_cursor_new_for_display() instead, so do that.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This adds opengl rendering support to the gtk ui, using egl.
It's off by default for now, use 'qemu -display gtk,gl=on'
to play with this.
Note that gtk got native opengl support with release 3.16.
There most likely will be a separate implementation for 3.16+,
using the native gtk opengl support. This patch covers older
versions (and for the time being 3.16 too, hopefully without
rendering quirks).
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch adds the two extra brazilian keys to the evdev keymap for
X11. This patch gets the two keys going with the vnc, gtk and sdl1
UIs.
The SDL2 library complains it doesn't know these keys, so the SDL2
library must be fixed before we can update ui/sdl2-keymap.h
Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
The brazilian computer keyboard layout has two extra keys (compared to
the usual 105-key intl ps/2 keyboard). This patch makes these two keys
known to qemu.
For historic reasons qemu has two ways to specify a key: A QKeyCode
(name-based) or a number (ps/2 scancode based). Therefore we have to
update multiple places to make new keys known to qemu:
(1) The QKeyCode definition in qapi-schema.json
(2) The QKeyCode <-> number mapping table in ui/input-keymap.c
This patch does just that. With this patch applied you can send those
two keys to the guest using the send-key monitor command.
Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Skip mm_time updates (in qxl device memory) in case the guest is stopped.
Guest isn't able to look anyway, and it causes problems with migration.
Also make sure the initial state for spice server is stopped.
Reported-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Before:
qemu-system-x86_64: -display vnc=unix:/root/foo.sock: Failed to start VNC server on `(null)': Failed to bind socket to /root/foo.sock: Permission denied
After:
qemu-system-x86_64: -display vnc=unix:/root/foo.sock: Failed to start VNC server: Failed to bind socket to /root/foo.sock: Permission denied
Rather than tweak the string possibly show unix: value as well,
just drop the explicit display reporting. We already get the cli
string in the error message, that should be sufficient.
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The qemu_acl_init() function has long since stopped being able
to return NULL, since g_malloc will abort on OOM. As such the
checks for NULL were unreachable code.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Commit v2.2.0-1530-ge556032 vnc: switch to inet_listen_opts
bypassed the use of inet_parse in inet_listen, making literal
IPv6 addresses enclosed in brackets fail:
qemu-kvm: -vnc [::1]:0: Failed to start VNC server on `(null)': address
resolution failed for [::1]:5900: Name or service not known
Strip the brackets to make it work again.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add any console that is available to the current emulator as a
menu item under the View menu.
Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
[PMM: Adjusted to apply after zoom-to-fit menu item was added;
create the View menu at the same time as all the others, and only
add the dynamically-determined items to it later]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
In OSX 10.10, the NSOKButton and NSCancelButton constants are deprecated
and provoke compiler warnings. Avoid them by using the
NSFileHandlingPanelCancelButton and NSFileHandlingPanelOKButton constants
instead. These are the documented correct constants for the 10.6-and-up
beginSheetModalForWindow API we use. We also use the same method for
the pre-10.6 compatibility code path, but conveniently the constant
values are the same and the constant names have been present since 10.0.
Preferring the constant names that match the non-legacy API makes more
sense anyway.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1431296361-16981-7-git-send-email-peter.maydell@linaro.org
Our class QemuCocoaAppController implements the NSApplicationDelegate
interface, and we pass an object of this class to [NSApp setDelegate].
However, we weren't declaring in the class definition that we implemented
this interface; in OSX 10.10 this provokes the following (slighly
misleading) warning:
ui/cocoa.m:1031:24: warning: sending 'QemuCocoaAppController *' to parameter of
incompatible type 'id<NSFileManagerDelegate>'
[NSApp setDelegate:appController];
^~~~~~~~~~~~~
/System/Library/Frameworks/Foundation.framework/Headers/NSFileManager.h:109:47:
note: passing argument to parameter 'delegate' here
@property (assign) id <NSFileManagerDelegate> delegate NS_AVAILABLE(10_5,
2_0);
^
Annoyingly, this interface wasn't formally defined until OSX 10.6, so we
have to surround the relevant part of the @interface line with an ifdef.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1431296361-16981-5-git-send-email-peter.maydell@linaro.org
The code that tries to test at both compiletime and runtime
for whether CGImageCreateWithImageInRect is supported provokes
a compile warning on OSX 10.3:
ui/cocoa.m:378:13: warning: comparison of function 'CGImageCreateWithImageInRect'
equal to a null pointer is always false[-Wtautological-pointer-compare]
if (CGImageCreateWithImageInRect == NULL) { // test if "CGImageCreateWithImageInRect" is
supported on host at runtime
^~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
The simplest way to deal with this is just to drop this code,
since we don't in practice support OSX 10.4 anyway. (10.5 was
released in 2007 and is the last PPC version, so is the earliest
we really need to continue to support at all.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1431296361-16981-2-git-send-email-peter.maydell@linaro.org
This patch makes the -full-screen option actually instruct QEMU to
enter fullscreen at startup, on Mac OS X.
Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This patch makes several changes:
- Minimizes distorted full screen display by respecting aspect
ratios.
- Makes full screen mode available on Mac OS 10.7 and higher.
- Allows user to decide if video should be stretched to fill the
screen, using a menu item called "Zoom To Fit".
- Hides the normalWindow so it won't show up in full screen mode.
- Allows user to exit full screen mode.
Signed-off-by: John Arbuckle <programmingkidx@gmail.com>
[PMM: minor whitespace tweaks, remove incorrectly duplicated
use of 'f' menu accelerator key]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Without that the next mouse motion event uses the old position
as base for relative move calculation, giving wrong results and
making your mouse pointer jump around.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add new sdl2-gl.c file, with display
rendering functions using opengl.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
The Spice protocol uses cursor position on hotspot: the client is
applying hotspot offset when drawing the cursor.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Denis Kirjanov is busy getting spice run on ppc64 and trapped into this
one. Spice wire format is little endian, so we have to explicitly say
we want little endian when letting pixman convert the data for us.
Reported-by: Denis Kirjanov <kirjanov@gmail.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Live migration with spice works like this today:
(1) client_migrate_info monitor cmd
(2) spice server notifies client, client connects to target host.
(3) qemu waits until spice client connect is finished.
(4) send over vmstate (i.e. main part of live migration).
(5) spice handover to target host.
(3) is implemented by making client_migrate_info a async monitor
command. This is the only async monitor command we have.
The original reason to implement this dance was that qemu did not accept
new tcp connections while the incoming migration was running, so (2) and
(4) could not be done in parallel. That issue was fixed long ago though.
Qemu version 1.3.0 (released Dec 2012) and newer happily accept tcp
connects while the incoming migration runs.
Time to drop step (3). This patch does exactly that, by making the
monitor command synchronous and removing the code needed to handle the
async monitor command in ui/spice-core.c
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
GTK2 sends the accel key to the guest when switching to the graphic
console via that shortcut. Resolve this by ignoring any keys until the
next key-release event. However, do not ignore keys when switching via
the menu or when on GTK3.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
At least on GTK2, the VTE terminal has to be specified as target of
gtk_widget_grab_focus. Otherwise, switching from one VTE terminal to
another causes the focus to get lost.
CC: John Snow <jsnow@redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
[ kraxel: fixed build with CONFIG_VTE=n ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add a new function to get a nice label for a given QemuConsole.
Drop the labeling code in gtk.c and use the new function instead.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This way gtk has text terminal consoles even when building without vte.
Most notably you'll get a monitor tab on windows now.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The VNC server websockets decoder will read and buffer data from
websockets clients until it sees the end of the HTTP headers,
as indicated by \r\n\r\n. In theory this allows a malicious to
trick QEMU into consuming an arbitrary amount of RAM. In practice,
because QEMU runs g_strstr_len() across the buffered header data,
it will spend increasingly long burning CPU time searching for
the substring match and less & less time reading data. So while
this does cause arbitrary memory growth, the bigger problem is
that QEMU will be burning 100% of available CPU time.
A novnc websockets client typically sends headers of around
512 bytes in length. As such it is reasonable to place a 4096
byte limit on the amount of data buffered while searching for
the end of HTTP headers.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The logic for decoding websocket frames wants to fully
decode the frame header and payload, before allowing the
VNC server to see any of the payload data. There is no
size limit on websocket payloads, so this allows a
malicious network client to consume 2^64 bytes in memory
in QEMU. It can trigger this denial of service before
the VNC server even performs any authentication.
The fix is to decode the header, and then incrementally
decode the payload data as it is needed. With this fix
the websocket decoder will allow at most 4k of data to
be buffered before decoding and processing payload.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
[ kraxel: fix frequent spurious disconnects, suggested by Peter Maydell ]
@@ -361,7 +361,7 @@ int vncws_decode_frame_payload(Buffer *input,
- *payload_size = input->offset;
+ *payload_size = *payload_remain;
[ kraxel: fix 32bit build ]
@@ -306,7 +306,7 @@ struct VncState
- uint64_t ws_payload_remain;
+ size_t ws_payload_remain;
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
If the x509verify option is requested, the VNC websockets server
was failing to validate that the websockets client provided an
x509 certificate matching the ACL rules.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The previous change to the auth scheme handling guarantees we
can never have nested TLS sessions in the VNC websockets server.
Thus we can remove the separate gnutls_session instance.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
