2 * Copyright (C) 2010 Red Hat, Inc.
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License as
6 * published by the Free Software Foundation; either version 2 or
7 * (at your option) version 3 of the License.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 #include <spice-experimental.h>
23 #include "qemu-common.h"
24 #include "qemu-spice.h"
25 #include "qemu-thread.h"
26 #include "qemu-timer.h"
27 #include "qemu-queue.h"
28 #include "qemu-x509.h"
29 #include "qemu_socket.h"
35 #include "migration.h"
41 static SpiceServer
*spice_server
;
42 static Notifier migration_state
;
43 static const char *auth
= "spice";
44 static char *auth_passwd
;
45 static time_t auth_expires
= TIME_MAX
;
52 QTAILQ_ENTRY(SpiceTimer
) next
;
54 static QTAILQ_HEAD(, SpiceTimer
) timers
= QTAILQ_HEAD_INITIALIZER(timers
);
56 static SpiceTimer
*timer_add(SpiceTimerFunc func
, void *opaque
)
60 timer
= g_malloc0(sizeof(*timer
));
61 timer
->timer
= qemu_new_timer_ms(rt_clock
, func
, opaque
);
62 QTAILQ_INSERT_TAIL(&timers
, timer
, next
);
66 static void timer_start(SpiceTimer
*timer
, uint32_t ms
)
68 qemu_mod_timer(timer
->timer
, qemu_get_clock_ms(rt_clock
) + ms
);
71 static void timer_cancel(SpiceTimer
*timer
)
73 qemu_del_timer(timer
->timer
);
76 static void timer_remove(SpiceTimer
*timer
)
78 qemu_del_timer(timer
->timer
);
79 qemu_free_timer(timer
->timer
);
80 QTAILQ_REMOVE(&timers
, timer
, next
);
89 QTAILQ_ENTRY(SpiceWatch
) next
;
91 static QTAILQ_HEAD(, SpiceWatch
) watches
= QTAILQ_HEAD_INITIALIZER(watches
);
93 static void watch_read(void *opaque
)
95 SpiceWatch
*watch
= opaque
;
96 watch
->func(watch
->fd
, SPICE_WATCH_EVENT_READ
, watch
->opaque
);
99 static void watch_write(void *opaque
)
101 SpiceWatch
*watch
= opaque
;
102 watch
->func(watch
->fd
, SPICE_WATCH_EVENT_WRITE
, watch
->opaque
);
105 static void watch_update_mask(SpiceWatch
*watch
, int event_mask
)
107 IOHandler
*on_read
= NULL
;
108 IOHandler
*on_write
= NULL
;
110 watch
->event_mask
= event_mask
;
111 if (watch
->event_mask
& SPICE_WATCH_EVENT_READ
) {
112 on_read
= watch_read
;
114 if (watch
->event_mask
& SPICE_WATCH_EVENT_WRITE
) {
115 on_write
= watch_write
;
117 qemu_set_fd_handler(watch
->fd
, on_read
, on_write
, watch
);
120 static SpiceWatch
*watch_add(int fd
, int event_mask
, SpiceWatchFunc func
, void *opaque
)
124 watch
= g_malloc0(sizeof(*watch
));
127 watch
->opaque
= opaque
;
128 QTAILQ_INSERT_TAIL(&watches
, watch
, next
);
130 watch_update_mask(watch
, event_mask
);
134 static void watch_remove(SpiceWatch
*watch
)
136 watch_update_mask(watch
, 0);
137 QTAILQ_REMOVE(&watches
, watch
, next
);
141 #if SPICE_INTERFACE_CORE_MINOR >= 3
143 typedef struct ChannelList ChannelList
;
145 SpiceChannelEventInfo
*info
;
146 QTAILQ_ENTRY(ChannelList
) link
;
148 static QTAILQ_HEAD(, ChannelList
) channel_list
= QTAILQ_HEAD_INITIALIZER(channel_list
);
150 static void channel_list_add(SpiceChannelEventInfo
*info
)
154 item
= g_malloc0(sizeof(*item
));
156 QTAILQ_INSERT_TAIL(&channel_list
, item
, link
);
159 static void channel_list_del(SpiceChannelEventInfo
*info
)
163 QTAILQ_FOREACH(item
, &channel_list
, link
) {
164 if (item
->info
!= info
) {
167 QTAILQ_REMOVE(&channel_list
, item
, link
);
173 static void add_addr_info(QDict
*dict
, struct sockaddr
*addr
, int len
)
175 char host
[NI_MAXHOST
], port
[NI_MAXSERV
];
178 getnameinfo(addr
, len
, host
, sizeof(host
), port
, sizeof(port
),
179 NI_NUMERICHOST
| NI_NUMERICSERV
);
180 family
= inet_strfamily(addr
->sa_family
);
182 qdict_put(dict
, "host", qstring_from_str(host
));
183 qdict_put(dict
, "port", qstring_from_str(port
));
184 qdict_put(dict
, "family", qstring_from_str(family
));
187 static void add_channel_info(QDict
*dict
, SpiceChannelEventInfo
*info
)
189 int tls
= info
->flags
& SPICE_CHANNEL_EVENT_FLAG_TLS
;
191 qdict_put(dict
, "connection-id", qint_from_int(info
->connection_id
));
192 qdict_put(dict
, "channel-type", qint_from_int(info
->type
));
193 qdict_put(dict
, "channel-id", qint_from_int(info
->id
));
194 qdict_put(dict
, "tls", qbool_from_int(tls
));
197 static QList
*channel_list_get(void)
204 QTAILQ_FOREACH(item
, &channel_list
, link
) {
206 add_addr_info(dict
, &item
->info
->paddr
, item
->info
->plen
);
207 add_channel_info(dict
, item
->info
);
208 qlist_append(list
, dict
);
213 static void channel_event(int event
, SpiceChannelEventInfo
*info
)
215 static const int qevent
[] = {
216 [ SPICE_CHANNEL_EVENT_CONNECTED
] = QEVENT_SPICE_CONNECTED
,
217 [ SPICE_CHANNEL_EVENT_INITIALIZED
] = QEVENT_SPICE_INITIALIZED
,
218 [ SPICE_CHANNEL_EVENT_DISCONNECTED
] = QEVENT_SPICE_DISCONNECTED
,
220 QDict
*server
, *client
;
224 * Spice server might have called us from spice worker thread
225 * context (happens on display channel disconnects). Spice should
226 * not do that. It isn't that easy to fix it in spice and even
227 * when it is fixed we still should cover the already released
228 * spice versions. So detect that we've been called from another
229 * thread and grab the iothread lock if so before calling qemu
232 bool need_lock
= !qemu_thread_is_self(&me
);
234 qemu_mutex_lock_iothread();
237 client
= qdict_new();
238 add_addr_info(client
, &info
->paddr
, info
->plen
);
240 server
= qdict_new();
241 add_addr_info(server
, &info
->laddr
, info
->llen
);
243 if (event
== SPICE_CHANNEL_EVENT_INITIALIZED
) {
244 qdict_put(server
, "auth", qstring_from_str(auth
));
245 add_channel_info(client
, info
);
246 channel_list_add(info
);
248 if (event
== SPICE_CHANNEL_EVENT_DISCONNECTED
) {
249 channel_list_del(info
);
252 data
= qobject_from_jsonf("{ 'client': %p, 'server': %p }",
253 QOBJECT(client
), QOBJECT(server
));
254 monitor_protocol_event(qevent
[event
], data
);
255 qobject_decref(data
);
258 qemu_mutex_unlock_iothread();
262 #else /* SPICE_INTERFACE_CORE_MINOR >= 3 */
264 static QList
*channel_list_get(void)
269 #endif /* SPICE_INTERFACE_CORE_MINOR >= 3 */
271 static SpiceCoreInterface core_interface
= {
272 .base
.type
= SPICE_INTERFACE_CORE
,
273 .base
.description
= "qemu core services",
274 .base
.major_version
= SPICE_INTERFACE_CORE_MAJOR
,
275 .base
.minor_version
= SPICE_INTERFACE_CORE_MINOR
,
277 .timer_add
= timer_add
,
278 .timer_start
= timer_start
,
279 .timer_cancel
= timer_cancel
,
280 .timer_remove
= timer_remove
,
282 .watch_add
= watch_add
,
283 .watch_update_mask
= watch_update_mask
,
284 .watch_remove
= watch_remove
,
286 #if SPICE_INTERFACE_CORE_MINOR >= 3
287 .channel_event
= channel_event
,
291 #ifdef SPICE_INTERFACE_MIGRATION
292 typedef struct SpiceMigration
{
293 SpiceMigrateInstance sin
;
295 MonitorCompletion
*cb
;
300 static void migrate_connect_complete_cb(SpiceMigrateInstance
*sin
);
302 static const SpiceMigrateInterface migrate_interface
= {
303 .base
.type
= SPICE_INTERFACE_MIGRATION
,
304 .base
.description
= "migration",
305 .base
.major_version
= SPICE_INTERFACE_MIGRATION_MAJOR
,
306 .base
.minor_version
= SPICE_INTERFACE_MIGRATION_MINOR
,
307 .migrate_connect_complete
= migrate_connect_complete_cb
,
308 .migrate_end_complete
= NULL
,
311 static SpiceMigration spice_migrate
;
313 static void migrate_connect_complete_cb(SpiceMigrateInstance
*sin
)
315 SpiceMigration
*sm
= container_of(sin
, SpiceMigration
, sin
);
316 if (sm
->connect_complete
.cb
) {
317 sm
->connect_complete
.cb(sm
->connect_complete
.opaque
, NULL
);
319 sm
->connect_complete
.cb
= NULL
;
323 /* config string parsing */
325 static int name2enum(const char *string
, const char *table
[], int entries
)
330 for (i
= 0; i
< entries
; i
++) {
334 if (strcmp(string
, table
[i
]) != 0) {
343 static int parse_name(const char *string
, const char *optname
,
344 const char *table
[], int entries
)
346 int value
= name2enum(string
, table
, entries
);
351 fprintf(stderr
, "spice: invalid %s: %s\n", optname
, string
);
355 static const char *stream_video_names
[] = {
356 [ SPICE_STREAM_VIDEO_OFF
] = "off",
357 [ SPICE_STREAM_VIDEO_ALL
] = "all",
358 [ SPICE_STREAM_VIDEO_FILTER
] = "filter",
360 #define parse_stream_video(_name) \
361 name2enum(_name, stream_video_names, ARRAY_SIZE(stream_video_names))
363 static const char *compression_names
[] = {
364 [ SPICE_IMAGE_COMPRESS_OFF
] = "off",
365 [ SPICE_IMAGE_COMPRESS_AUTO_GLZ
] = "auto_glz",
366 [ SPICE_IMAGE_COMPRESS_AUTO_LZ
] = "auto_lz",
367 [ SPICE_IMAGE_COMPRESS_QUIC
] = "quic",
368 [ SPICE_IMAGE_COMPRESS_GLZ
] = "glz",
369 [ SPICE_IMAGE_COMPRESS_LZ
] = "lz",
371 #define parse_compression(_name) \
372 parse_name(_name, "image compression", \
373 compression_names, ARRAY_SIZE(compression_names))
375 static const char *wan_compression_names
[] = {
376 [ SPICE_WAN_COMPRESSION_AUTO
] = "auto",
377 [ SPICE_WAN_COMPRESSION_NEVER
] = "never",
378 [ SPICE_WAN_COMPRESSION_ALWAYS
] = "always",
380 #define parse_wan_compression(_name) \
381 parse_name(_name, "wan compression", \
382 wan_compression_names, ARRAY_SIZE(wan_compression_names))
384 /* functions for the rest of qemu */
386 static void info_spice_iter(QObject
*obj
, void *opaque
)
389 Monitor
*mon
= opaque
;
391 client
= qobject_to_qdict(obj
);
392 monitor_printf(mon
, "Channel:\n");
393 monitor_printf(mon
, " address: %s:%s%s\n",
394 qdict_get_str(client
, "host"),
395 qdict_get_str(client
, "port"),
396 qdict_get_bool(client
, "tls") ? " [tls]" : "");
397 monitor_printf(mon
, " session: %" PRId64
"\n",
398 qdict_get_int(client
, "connection-id"));
399 monitor_printf(mon
, " channel: %d:%d\n",
400 (int)qdict_get_int(client
, "channel-type"),
401 (int)qdict_get_int(client
, "channel-id"));
404 void do_info_spice_print(Monitor
*mon
, const QObject
*data
)
411 server
= qobject_to_qdict(data
);
412 if (qdict_get_bool(server
, "enabled") == 0) {
413 monitor_printf(mon
, "Server: disabled\n");
417 monitor_printf(mon
, "Server:\n");
418 host
= qdict_get_str(server
, "host");
419 port
= qdict_get_try_int(server
, "port", -1);
421 monitor_printf(mon
, " address: %s:%d\n", host
, port
);
423 port
= qdict_get_try_int(server
, "tls-port", -1);
425 monitor_printf(mon
, " address: %s:%d [tls]\n", host
, port
);
427 monitor_printf(mon
, " auth: %s\n", qdict_get_str(server
, "auth"));
428 monitor_printf(mon
, " compiled: %s\n",
429 qdict_get_str(server
, "compiled-version"));
431 channels
= qdict_get_qlist(server
, "channels");
432 if (qlist_empty(channels
)) {
433 monitor_printf(mon
, "Channels: none\n");
435 qlist_iter(channels
, info_spice_iter
, mon
);
439 void do_info_spice(Monitor
*mon
, QObject
**ret_data
)
441 QemuOpts
*opts
= QTAILQ_FIRST(&qemu_spice_opts
.head
);
446 char version_string
[20]; /* 12 = |255.255.255\0| is the max */
448 if (!spice_server
|| !opts
) {
449 *ret_data
= qobject_from_jsonf("{ 'enabled': false }");
453 addr
= qemu_opt_get(opts
, "addr");
454 port
= qemu_opt_get_number(opts
, "port", 0);
455 tls_port
= qemu_opt_get_number(opts
, "tls-port", 0);
456 clist
= channel_list_get();
458 server
= qdict_new();
459 qdict_put(server
, "enabled", qbool_from_int(true));
460 qdict_put(server
, "auth", qstring_from_str(auth
));
461 qdict_put(server
, "host", qstring_from_str(addr
? addr
: "0.0.0.0"));
462 snprintf(version_string
, sizeof(version_string
), "%d.%d.%d",
463 (SPICE_SERVER_VERSION
& 0xff0000) >> 16,
464 (SPICE_SERVER_VERSION
& 0xff00) >> 8,
465 SPICE_SERVER_VERSION
& 0xff);
466 qdict_put(server
, "compiled-version", qstring_from_str(version_string
));
468 qdict_put(server
, "port", qint_from_int(port
));
471 qdict_put(server
, "tls-port", qint_from_int(tls_port
));
474 qdict_put(server
, "channels", clist
);
477 *ret_data
= QOBJECT(server
);
480 static void migration_state_notifier(Notifier
*notifier
, void *data
)
482 MigrationState
*s
= data
;
484 if (migration_is_active(s
)) {
485 #ifdef SPICE_INTERFACE_MIGRATION
486 spice_server_migrate_start(spice_server
);
488 } else if (migration_has_finished(s
)) {
489 #if SPICE_SERVER_VERSION >= 0x000701 /* 0.7.1 */
490 #ifndef SPICE_INTERFACE_MIGRATION
491 spice_server_migrate_switch(spice_server
);
493 spice_server_migrate_end(spice_server
, true);
494 } else if (migration_has_failed(s
)) {
495 spice_server_migrate_end(spice_server
, false);
501 int qemu_spice_migrate_info(const char *hostname
, int port
, int tls_port
,
503 MonitorCompletion
*cb
, void *opaque
)
506 #ifdef SPICE_INTERFACE_MIGRATION
507 spice_migrate
.connect_complete
.cb
= cb
;
508 spice_migrate
.connect_complete
.opaque
= opaque
;
509 ret
= spice_server_migrate_connect(spice_server
, hostname
,
510 port
, tls_port
, subject
);
512 ret
= spice_server_migrate_info(spice_server
, hostname
,
513 port
, tls_port
, subject
);
519 static int add_channel(const char *name
, const char *value
, void *opaque
)
524 if (strcmp(name
, "tls-channel") == 0) {
525 security
= SPICE_CHANNEL_SECURITY_SSL
;
527 if (strcmp(name
, "plaintext-channel") == 0) {
528 security
= SPICE_CHANNEL_SECURITY_NONE
;
533 if (strcmp(value
, "default") == 0) {
534 rc
= spice_server_set_channel_security(spice_server
, NULL
, security
);
536 rc
= spice_server_set_channel_security(spice_server
, value
, security
);
539 fprintf(stderr
, "spice: failed to set channel security for %s\n", value
);
545 void qemu_spice_init(void)
547 QemuOpts
*opts
= QTAILQ_FIRST(&qemu_spice_opts
.head
);
548 const char *password
, *str
, *x509_dir
, *addr
,
549 *x509_key_password
= NULL
,
550 *x509_dh_file
= NULL
,
552 char *x509_key_file
= NULL
,
553 *x509_cert_file
= NULL
,
554 *x509_cacert_file
= NULL
;
555 int port
, tls_port
, len
, addr_flags
;
556 spice_image_compression_t compression
;
557 spice_wan_compression_t wan_compr
;
559 qemu_thread_get_self(&me
);
564 port
= qemu_opt_get_number(opts
, "port", 0);
565 tls_port
= qemu_opt_get_number(opts
, "tls-port", 0);
566 if (!port
&& !tls_port
) {
567 fprintf(stderr
, "neither port nor tls-port specified for spice.");
570 if (port
< 0 || port
> 65535) {
571 fprintf(stderr
, "spice port is out of range");
574 if (tls_port
< 0 || tls_port
> 65535) {
575 fprintf(stderr
, "spice tls-port is out of range");
578 password
= qemu_opt_get(opts
, "password");
581 x509_dir
= qemu_opt_get(opts
, "x509-dir");
582 if (NULL
== x509_dir
) {
585 len
= strlen(x509_dir
) + 32;
587 str
= qemu_opt_get(opts
, "x509-key-file");
589 x509_key_file
= g_strdup(str
);
591 x509_key_file
= g_malloc(len
);
592 snprintf(x509_key_file
, len
, "%s/%s", x509_dir
, X509_SERVER_KEY_FILE
);
595 str
= qemu_opt_get(opts
, "x509-cert-file");
597 x509_cert_file
= g_strdup(str
);
599 x509_cert_file
= g_malloc(len
);
600 snprintf(x509_cert_file
, len
, "%s/%s", x509_dir
, X509_SERVER_CERT_FILE
);
603 str
= qemu_opt_get(opts
, "x509-cacert-file");
605 x509_cacert_file
= g_strdup(str
);
607 x509_cacert_file
= g_malloc(len
);
608 snprintf(x509_cacert_file
, len
, "%s/%s", x509_dir
, X509_CA_CERT_FILE
);
611 x509_key_password
= qemu_opt_get(opts
, "x509-key-password");
612 x509_dh_file
= qemu_opt_get(opts
, "x509-dh-file");
613 tls_ciphers
= qemu_opt_get(opts
, "tls-ciphers");
616 addr
= qemu_opt_get(opts
, "addr");
618 if (qemu_opt_get_bool(opts
, "ipv4", 0)) {
619 addr_flags
|= SPICE_ADDR_FLAG_IPV4_ONLY
;
620 } else if (qemu_opt_get_bool(opts
, "ipv6", 0)) {
621 addr_flags
|= SPICE_ADDR_FLAG_IPV6_ONLY
;
624 spice_server
= spice_server_new();
625 spice_server_set_addr(spice_server
, addr
? addr
: "", addr_flags
);
627 spice_server_set_port(spice_server
, port
);
630 spice_server_set_tls(spice_server
, tls_port
,
639 spice_server_set_ticket(spice_server
, password
, 0, 0, 0);
641 if (qemu_opt_get_bool(opts
, "sasl", 0)) {
642 #if SPICE_SERVER_VERSION >= 0x000900 /* 0.9.0 */
643 if (spice_server_set_sasl_appname(spice_server
, "qemu") == -1 ||
644 spice_server_set_sasl(spice_server
, 1) == -1) {
645 fprintf(stderr
, "spice: failed to enable sasl\n");
649 fprintf(stderr
, "spice: sasl is not available (spice >= 0.9 required)\n");
653 if (qemu_opt_get_bool(opts
, "disable-ticketing", 0)) {
655 spice_server_set_noauth(spice_server
);
658 #if SPICE_SERVER_VERSION >= 0x000801
659 if (qemu_opt_get_bool(opts
, "disable-copy-paste", 0)) {
660 spice_server_set_agent_copypaste(spice_server
, false);
664 compression
= SPICE_IMAGE_COMPRESS_AUTO_GLZ
;
665 str
= qemu_opt_get(opts
, "image-compression");
667 compression
= parse_compression(str
);
669 spice_server_set_image_compression(spice_server
, compression
);
671 wan_compr
= SPICE_WAN_COMPRESSION_AUTO
;
672 str
= qemu_opt_get(opts
, "jpeg-wan-compression");
674 wan_compr
= parse_wan_compression(str
);
676 spice_server_set_jpeg_compression(spice_server
, wan_compr
);
678 wan_compr
= SPICE_WAN_COMPRESSION_AUTO
;
679 str
= qemu_opt_get(opts
, "zlib-glz-wan-compression");
681 wan_compr
= parse_wan_compression(str
);
683 spice_server_set_zlib_glz_compression(spice_server
, wan_compr
);
685 str
= qemu_opt_get(opts
, "streaming-video");
687 int streaming_video
= parse_stream_video(str
);
688 spice_server_set_streaming_video(spice_server
, streaming_video
);
691 spice_server_set_agent_mouse
692 (spice_server
, qemu_opt_get_bool(opts
, "agent-mouse", 1));
693 spice_server_set_playback_compression
694 (spice_server
, qemu_opt_get_bool(opts
, "playback-compression", 1));
696 qemu_opt_foreach(opts
, add_channel
, NULL
, 0);
698 if (0 != spice_server_init(spice_server
, &core_interface
)) {
699 fprintf(stderr
, "failed to initialize spice server");
704 migration_state
.notify
= migration_state_notifier
;
705 add_migration_state_change_notifier(&migration_state
);
706 #ifdef SPICE_INTERFACE_MIGRATION
707 spice_migrate
.sin
.base
.sif
= &migrate_interface
.base
;
708 spice_migrate
.connect_complete
.cb
= NULL
;
709 qemu_spice_add_interface(&spice_migrate
.sin
.base
);
712 qemu_spice_input_init();
713 qemu_spice_audio_init();
715 g_free(x509_key_file
);
716 g_free(x509_cert_file
);
717 g_free(x509_cacert_file
);
720 int qemu_spice_add_interface(SpiceBaseInstance
*sin
)
723 if (QTAILQ_FIRST(&qemu_spice_opts
.head
) != NULL
) {
724 fprintf(stderr
, "Oops: spice configured but not active\n");
728 * Create a spice server instance.
729 * It does *not* listen on the network.
730 * It handles QXL local rendering only.
732 * With a command line like '-vnc :0 -vga qxl' you'll end up here.
734 spice_server
= spice_server_new();
735 spice_server_init(spice_server
, &core_interface
);
737 return spice_server_add_interface(spice_server
, sin
);
740 static int qemu_spice_set_ticket(bool fail_if_conn
, bool disconnect_if_conn
)
742 time_t lifetime
, now
= time(NULL
);
745 if (now
< auth_expires
) {
746 passwd
= auth_passwd
;
747 lifetime
= (auth_expires
- now
);
748 if (lifetime
> INT_MAX
) {
755 return spice_server_set_ticket(spice_server
, passwd
, lifetime
,
756 fail_if_conn
, disconnect_if_conn
);
759 int qemu_spice_set_passwd(const char *passwd
,
760 bool fail_if_conn
, bool disconnect_if_conn
)
763 auth_passwd
= strdup(passwd
);
764 return qemu_spice_set_ticket(fail_if_conn
, disconnect_if_conn
);
767 int qemu_spice_set_pw_expire(time_t expires
)
769 auth_expires
= expires
;
770 return qemu_spice_set_ticket(false, false);
773 static void spice_register_config(void)
775 qemu_add_opts(&qemu_spice_opts
);
777 machine_init(spice_register_config
);
779 static void spice_initialize(void)
783 device_init(spice_initialize
);