From nobody Tue Oct 28 12:12:52 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1513624738635345.6966396724986; Mon, 18 Dec 2017 11:18:58 -0800 (PST) Received: from localhost ([::1]:60553 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0w5-0002WV-OH for importer@patchew.org; Mon, 18 Dec 2017 14:18:49 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:49943) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0qM-0006Gs-1v for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:02 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eR0qA-0004uU-Sr for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:12:53 -0500 Received: from mx1.redhat.com ([209.132.183.28]:57654) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eR0qA-0004tY-M6 for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:12:42 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D1C54C045757 for ; Mon, 18 Dec 2017 19:12:41 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5F57A78401; Mon, 18 Dec 2017 19:12:40 +0000 (UTC) From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Mon, 18 Dec 2017 19:12:16 +0000 Message-Id: <20171218191228.31018-2-berrange@redhat.com> In-Reply-To: <20171218191228.31018-1-berrange@redhat.com> References: <20171218191228.31018-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Mon, 18 Dec 2017 19:12:41 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v1 01/13] ui: remove 'sync' parametr from vnc_update_client X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Gerd Hoffmann , P J P Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" There is only one caller of vnc_update_client and that always passes false for the 'sync' parameter. Signed-off-by: Daniel P. Berrange Reviewed-by: Darren Kenny Reviewed-by: Marc-Andr=C3=A9 Lureau --- ui/vnc.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/ui/vnc.c b/ui/vnc.c index 9f8d5a1b1f..7ba3297dfa 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -596,7 +596,7 @@ VncInfo2List *qmp_query_vnc_servers(Error **errp) 3) resolutions > 1024 */ =20 -static int vnc_update_client(VncState *vs, int has_dirty, bool sync); +static int vnc_update_client(VncState *vs, int has_dirty); static void vnc_disconnect_start(VncState *vs); =20 static void vnc_colordepth(VncState *vs); @@ -961,7 +961,7 @@ static int find_and_clear_dirty_height(VncState *vs, return h; } =20 -static int vnc_update_client(VncState *vs, int has_dirty, bool sync) +static int vnc_update_client(VncState *vs, int has_dirty) { if (vs->disconnecting) { vnc_disconnect_finish(vs); @@ -1025,9 +1025,6 @@ static int vnc_update_client(VncState *vs, int has_di= rty, bool sync) } =20 vnc_job_push(job); - if (sync) { - vnc_jobs_join(vs); - } vs->force_update =3D 0; vs->has_dirty =3D 0; return n; @@ -1035,8 +1032,6 @@ static int vnc_update_client(VncState *vs, int has_di= rty, bool sync) =20 if (vs->disconnecting) { vnc_disconnect_finish(vs); - } else if (sync) { - vnc_jobs_join(vs); } =20 return 0; @@ -2863,7 +2858,7 @@ static void vnc_refresh(DisplayChangeListener *dcl) vnc_unlock_display(vd); =20 QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) { - rects +=3D vnc_update_client(vs, has_dirty, false); + rects +=3D vnc_update_client(vs, has_dirty); /* vs might be free()ed here */ } =20 --=20 2.14.3 From nobody Tue Oct 28 12:12:52 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1513624538257565.3037894092045; Mon, 18 Dec 2017 11:15:38 -0800 (PST) Received: from localhost ([::1]:60335 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0sn-00081h-4G for importer@patchew.org; Mon, 18 Dec 2017 14:15:25 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:49999) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0qN-0006J1-Pf for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:02 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eR0qD-0004wx-6T for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:12:55 -0500 Received: from mx1.redhat.com ([209.132.183.28]:60688) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eR0qC-0004w4-Us for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:12:45 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 05C1D356CF for ; Mon, 18 Dec 2017 19:12:44 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id 527CF78401; Mon, 18 Dec 2017 19:12:42 +0000 (UTC) From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Mon, 18 Dec 2017 19:12:17 +0000 Message-Id: <20171218191228.31018-3-berrange@redhat.com> In-Reply-To: <20171218191228.31018-1-berrange@redhat.com> References: <20171218191228.31018-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Mon, 18 Dec 2017 19:12:44 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v1 02/13] ui: remove unreachable code in vnc_update_client X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Gerd Hoffmann , P J P Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" A previous commit: commit 5a8be0f73d6f60ff08746377eb09ca459f39deab Author: Gerd Hoffmann Date: Wed Jul 13 12:21:20 2016 +0200 vnc: make sure we finish disconnect Added a check for vs->disconnecting at the very start of the vnc_update_client method. This means that the very next "if" statement check for !vs->disconnecting always evaluates true, and is thus redundant. This in turn means the vs->disconnecting check at the very end of the method never evaluates true, and is thus unreachable code. Signed-off-by: Daniel P. Berrange Reviewed-by: Darren Kenny Reviewed-by: Marc-Andr=C3=A9 Lureau --- ui/vnc.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/ui/vnc.c b/ui/vnc.c index 7ba3297dfa..869c75bbcf 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -969,7 +969,7 @@ static int vnc_update_client(VncState *vs, int has_dirt= y) } =20 vs->has_dirty +=3D has_dirty; - if (vs->need_update && !vs->disconnecting) { + if (vs->need_update) { VncDisplay *vd =3D vs->vd; VncJob *job; int y; @@ -1030,10 +1030,6 @@ static int vnc_update_client(VncState *vs, int has_d= irty) return n; } =20 - if (vs->disconnecting) { - vnc_disconnect_finish(vs); - } - return 0; } =20 --=20 2.14.3 From nobody Tue Oct 28 12:12:52 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1513624644366795.302104548533; Mon, 18 Dec 2017 11:17:24 -0800 (PST) Received: from localhost ([::1]:60548 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0uW-0001G5-3P for importer@patchew.org; Mon, 18 Dec 2017 14:17:12 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50043) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0qO-0006Js-JU for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:02 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eR0qE-0004yP-Qu for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:12:56 -0500 Received: from mx1.redhat.com ([209.132.183.28]:54790) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eR0qE-0004xS-Ha for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:12:46 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9DCAB5FD45 for ; Mon, 18 Dec 2017 19:12:45 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4726C78401; Mon, 18 Dec 2017 19:12:44 +0000 (UTC) From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Mon, 18 Dec 2017 19:12:18 +0000 Message-Id: <20171218191228.31018-4-berrange@redhat.com> In-Reply-To: <20171218191228.31018-1-berrange@redhat.com> References: <20171218191228.31018-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Mon, 18 Dec 2017 19:12:45 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v1 03/13] ui: remove redundant indentation in vnc_client_update X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Gerd Hoffmann , P J P Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Now that previous dead / unreachable code has been removed, we can simplify the indentation in the vnc_client_update method. Signed-off-by: Daniel P. Berrange Reviewed-by: Darren Kenny Reviewed-by: Marc-Andr=C3=A9 Lureau --- ui/vnc.c | 112 ++++++++++++++++++++++++++++++++---------------------------= ---- 1 file changed, 57 insertions(+), 55 deletions(-) diff --git a/ui/vnc.c b/ui/vnc.c index 869c75bbcf..a61fcbd20c 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -963,74 +963,76 @@ static int find_and_clear_dirty_height(VncState *vs, =20 static int vnc_update_client(VncState *vs, int has_dirty) { + VncDisplay *vd =3D vs->vd; + VncJob *job; + int y; + int height, width; + int n =3D 0; + if (vs->disconnecting) { vnc_disconnect_finish(vs); return 0; } =20 vs->has_dirty +=3D has_dirty; - if (vs->need_update) { - VncDisplay *vd =3D vs->vd; - VncJob *job; - int y; - int height, width; - int n =3D 0; - - if (vs->output.offset && !vs->audio_cap && !vs->force_update) - /* kernel send buffers are full -> drop frames to throttle */ - return 0; + if (!vs->need_update) { + return 0; + } =20 - if (!vs->has_dirty && !vs->audio_cap && !vs->force_update) - return 0; + if (vs->output.offset && !vs->audio_cap && !vs->force_update) { + /* kernel send buffers are full -> drop frames to throttle */ + return 0; + } =20 - /* - * Send screen updates to the vnc client using the server - * surface and server dirty map. guest surface updates - * happening in parallel don't disturb us, the next pass will - * send them to the client. - */ - job =3D vnc_job_new(vs); - - height =3D pixman_image_get_height(vd->server); - width =3D pixman_image_get_width(vd->server); - - y =3D 0; - for (;;) { - int x, h; - unsigned long x2; - unsigned long offset =3D find_next_bit((unsigned long *) &vs->= dirty, - height * VNC_DIRTY_BPL(vs= ), - y * VNC_DIRTY_BPL(vs)); - if (offset =3D=3D height * VNC_DIRTY_BPL(vs)) { - /* no more dirty bits */ + if (!vs->has_dirty && !vs->audio_cap && !vs->force_update) { + return 0; + } + + /* + * Send screen updates to the vnc client using the server + * surface and server dirty map. guest surface updates + * happening in parallel don't disturb us, the next pass will + * send them to the client. + */ + job =3D vnc_job_new(vs); + + height =3D pixman_image_get_height(vd->server); + width =3D pixman_image_get_width(vd->server); + + y =3D 0; + for (;;) { + int x, h; + unsigned long x2; + unsigned long offset =3D find_next_bit((unsigned long *) &vs->dirt= y, + height * VNC_DIRTY_BPL(vs), + y * VNC_DIRTY_BPL(vs)); + if (offset =3D=3D height * VNC_DIRTY_BPL(vs)) { + /* no more dirty bits */ + break; + } + y =3D offset / VNC_DIRTY_BPL(vs); + x =3D offset % VNC_DIRTY_BPL(vs); + x2 =3D find_next_zero_bit((unsigned long *) &vs->dirty[y], + VNC_DIRTY_BPL(vs), x); + bitmap_clear(vs->dirty[y], x, x2 - x); + h =3D find_and_clear_dirty_height(vs, y, x, x2, height); + x2 =3D MIN(x2, width / VNC_DIRTY_PIXELS_PER_BIT); + if (x2 > x) { + n +=3D vnc_job_add_rect(job, x * VNC_DIRTY_PIXELS_PER_BIT, y, + (x2 - x) * VNC_DIRTY_PIXELS_PER_BIT, h); + } + if (!x && x2 =3D=3D width / VNC_DIRTY_PIXELS_PER_BIT) { + y +=3D h; + if (y =3D=3D height) { break; } - y =3D offset / VNC_DIRTY_BPL(vs); - x =3D offset % VNC_DIRTY_BPL(vs); - x2 =3D find_next_zero_bit((unsigned long *) &vs->dirty[y], - VNC_DIRTY_BPL(vs), x); - bitmap_clear(vs->dirty[y], x, x2 - x); - h =3D find_and_clear_dirty_height(vs, y, x, x2, height); - x2 =3D MIN(x2, width / VNC_DIRTY_PIXELS_PER_BIT); - if (x2 > x) { - n +=3D vnc_job_add_rect(job, x * VNC_DIRTY_PIXELS_PER_BIT,= y, - (x2 - x) * VNC_DIRTY_PIXELS_PER_BIT,= h); - } - if (!x && x2 =3D=3D width / VNC_DIRTY_PIXELS_PER_BIT) { - y +=3D h; - if (y =3D=3D height) { - break; - } - } } - - vnc_job_push(job); - vs->force_update =3D 0; - vs->has_dirty =3D 0; - return n; } =20 - return 0; + vnc_job_push(job); + vs->force_update =3D 0; + vs->has_dirty =3D 0; + return n; } =20 /* audio */ --=20 2.14.3 From nobody Tue Oct 28 12:12:52 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1513624940229839.9230045126959; Mon, 18 Dec 2017 11:22:20 -0800 (PST) Received: from localhost ([::1]:60699 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0zI-00059u-HU for importer@patchew.org; Mon, 18 Dec 2017 14:22:08 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50102) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0qQ-0006Lo-8P for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:02 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eR0qI-00052B-0q for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:12:58 -0500 Received: from mx1.redhat.com ([209.132.183.28]:54828) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eR0qH-000517-O2 for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:12:49 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D5905693D6 for ; Mon, 18 Dec 2017 19:12:48 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id E1BCF78401; Mon, 18 Dec 2017 19:12:45 +0000 (UTC) From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Mon, 18 Dec 2017 19:12:19 +0000 Message-Id: <20171218191228.31018-5-berrange@redhat.com> In-Reply-To: <20171218191228.31018-1-berrange@redhat.com> References: <20171218191228.31018-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Mon, 18 Dec 2017 19:12:48 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v1 04/13] ui: avoid pointless VNC updates if framebuffer isn't dirty X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Gerd Hoffmann , P J P Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The vnc_update_client() method checks the 'has_dirty' flag to see if there = are dirty regions that are pending to send to the client. Regardless of this fl= ag, if a forced update is requested, updates must be sent. For unknown reasons though, the code also tries to sent updates if audio capture is enabled. Th= is makes no sense as audio capture state does not impact framebuffer contents,= so this check is removed. Signed-off-by: Daniel P. Berrange Reviewed-by: Darren Kenny Reviewed-by: Marc-Andr=C3=A9 Lureau --- ui/vnc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ui/vnc.c b/ui/vnc.c index a61fcbd20c..f53eddb8e5 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -984,7 +984,7 @@ static int vnc_update_client(VncState *vs, int has_dirt= y) return 0; } =20 - if (!vs->has_dirty && !vs->audio_cap && !vs->force_update) { + if (!vs->has_dirty && !vs->force_update) { return 0; } =20 --=20 2.14.3 From nobody Tue Oct 28 12:12:52 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1513624849997125.58779264949783; Mon, 18 Dec 2017 11:20:49 -0800 (PST) Received: from localhost ([::1]:60607 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0xr-0003w7-0t for importer@patchew.org; Mon, 18 Dec 2017 14:20:39 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50146) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0qR-0006O7-4P for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:06 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eR0qJ-00054g-Dk for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:12:59 -0500 Received: from mx1.redhat.com ([209.132.183.28]:33180) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eR0qJ-000539-56 for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:12:51 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4F62BC04AC48 for ; Mon, 18 Dec 2017 19:12:50 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2085B78401; Mon, 18 Dec 2017 19:12:48 +0000 (UTC) From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Mon, 18 Dec 2017 19:12:20 +0000 Message-Id: <20171218191228.31018-6-berrange@redhat.com> In-Reply-To: <20171218191228.31018-1-berrange@redhat.com> References: <20171218191228.31018-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Mon, 18 Dec 2017 19:12:50 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v1 05/13] ui: track how much decoded data we consumed when doing SASL encoding X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Gerd Hoffmann , P J P Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" When we encode data for writing with SASL, we encode the entire pending out= put buffer. The subsequent write, however, may not be able to send the full enc= oded data in one go though, particularly with a slow network. So we delay settin= g the output buffer offset back to zero until all the SASL encoded data is sent. Between encoding the data and completing sending of the SASL encoded data, however, more data might have been placed on the pending output buffer. So = it is not valid to set offset back to zero. Instead we must keep track of how = much data we consumed during encoding and subtract only that amount. With the current bug we would be throwing away some pending data without ha= ving sent it at all. By sheer luck this did not previously cause any serious pro= blem because appending data to the send buffer is always an atomic action, so we only ever throw away complete RFB protocol messages. In the case of frame b= uffer updates we'd catch up fairly quickly, so no obvious problem was visible. Signed-off-by: Daniel P. Berrange Reviewed-by: Darren Kenny Reviewed-by: Marc-Andr=C3=A9 Lureau --- ui/vnc-auth-sasl.c | 3 ++- ui/vnc-auth-sasl.h | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/ui/vnc-auth-sasl.c b/ui/vnc-auth-sasl.c index 23f28280e7..761493b9b2 100644 --- a/ui/vnc-auth-sasl.c +++ b/ui/vnc-auth-sasl.c @@ -67,6 +67,7 @@ long vnc_client_write_sasl(VncState *vs) if (err !=3D SASL_OK) return vnc_client_io_error(vs, -1, NULL); =20 + vs->sasl.encodedRawLength =3D vs->output.offset; vs->sasl.encodedOffset =3D 0; } =20 @@ -78,7 +79,7 @@ long vnc_client_write_sasl(VncState *vs) =20 vs->sasl.encodedOffset +=3D ret; if (vs->sasl.encodedOffset =3D=3D vs->sasl.encodedLength) { - vs->output.offset =3D 0; + vs->output.offset -=3D vs->sasl.encodedRawLength; vs->sasl.encoded =3D NULL; vs->sasl.encodedOffset =3D vs->sasl.encodedLength =3D 0; } diff --git a/ui/vnc-auth-sasl.h b/ui/vnc-auth-sasl.h index cb42745a6b..b9d8de1c10 100644 --- a/ui/vnc-auth-sasl.h +++ b/ui/vnc-auth-sasl.h @@ -53,6 +53,7 @@ struct VncStateSASL { */ const uint8_t *encoded; unsigned int encodedLength; + unsigned int encodedRawLength; unsigned int encodedOffset; char *username; char *mechlist; --=20 2.14.3 From nobody Tue Oct 28 12:12:52 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1513625241087847.5448286852327; Mon, 18 Dec 2017 11:27:21 -0800 (PST) Received: from localhost ([::1]:33196 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR149-00020x-TD for importer@patchew.org; Mon, 18 Dec 2017 14:27:09 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50212) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0qS-0006Pr-Uw for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:06 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eR0qK-000570-VQ for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:00 -0500 Received: from mx1.redhat.com ([209.132.183.28]:54862) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eR0qK-00055P-Ji for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:12:52 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A604581226 for ; Mon, 18 Dec 2017 19:12:51 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9041484D17; Mon, 18 Dec 2017 19:12:50 +0000 (UTC) From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Mon, 18 Dec 2017 19:12:21 +0000 Message-Id: <20171218191228.31018-7-berrange@redhat.com> In-Reply-To: <20171218191228.31018-1-berrange@redhat.com> References: <20171218191228.31018-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Mon, 18 Dec 2017 19:12:51 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v1 06/13] ui: introduce enum to track VNC client framebuffer update request state X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Gerd Hoffmann , P J P Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Currently the VNC servers tracks whether a client has requested an incremen= tal or forced update with two boolean flags. There are only really 3 distinct states to track, so create an enum to more accurately reflect permitted sta= tes. Signed-off-by: Daniel P. Berrange Reviewed-by: Darren Kenny Reviewed-by: Marc-Andr=C3=A9 Lureau --- ui/vnc.c | 21 +++++++++++---------- ui/vnc.h | 9 +++++++-- 2 files changed, 18 insertions(+), 12 deletions(-) diff --git a/ui/vnc.c b/ui/vnc.c index f53eddb8e5..d3b04f1166 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -975,16 +975,17 @@ static int vnc_update_client(VncState *vs, int has_di= rty) } =20 vs->has_dirty +=3D has_dirty; - if (!vs->need_update) { + if (vs->update =3D=3D VNC_STATE_UPDATE_NONE) { return 0; } =20 - if (vs->output.offset && !vs->audio_cap && !vs->force_update) { + if (vs->output.offset && !vs->audio_cap && + vs->update !=3D VNC_STATE_UPDATE_FORCE) { /* kernel send buffers are full -> drop frames to throttle */ return 0; } =20 - if (!vs->has_dirty && !vs->force_update) { + if (!vs->has_dirty && vs->update !=3D VNC_STATE_UPDATE_FORCE) { return 0; } =20 @@ -1030,7 +1031,7 @@ static int vnc_update_client(VncState *vs, int has_di= rty) } =20 vnc_job_push(job); - vs->force_update =3D 0; + vs->update =3D VNC_STATE_UPDATE_INCREMENTAL; vs->has_dirty =3D 0; return n; } @@ -1869,14 +1870,14 @@ static void ext_key_event(VncState *vs, int down, static void framebuffer_update_request(VncState *vs, int incremental, int x, int y, int w, int h) { - vs->need_update =3D 1; - if (incremental) { - return; + if (vs->update !=3D VNC_STATE_UPDATE_FORCE) { + vs->update =3D VNC_STATE_UPDATE_INCREMENTAL; + } + } else { + vs->update =3D VNC_STATE_UPDATE_FORCE; + vnc_set_area_dirty(vs->dirty, vs->vd, x, y, w, h); } - - vs->force_update =3D 1; - vnc_set_area_dirty(vs->dirty, vs->vd, x, y, w, h); } =20 static void send_ext_key_event_ack(VncState *vs) diff --git a/ui/vnc.h b/ui/vnc.h index 694cf32ca9..b9d310e640 100644 --- a/ui/vnc.h +++ b/ui/vnc.h @@ -252,6 +252,12 @@ struct VncJob QTAILQ_ENTRY(VncJob) next; }; =20 +typedef enum { + VNC_STATE_UPDATE_NONE, + VNC_STATE_UPDATE_INCREMENTAL, + VNC_STATE_UPDATE_FORCE, +} VncStateUpdate; + struct VncState { QIOChannelSocket *sioc; /* The underlying socket */ @@ -264,8 +270,7 @@ struct VncState * vnc-jobs-async.c */ =20 VncDisplay *vd; - int need_update; - int force_update; + VncStateUpdate update; /* Most recent pending request from client */ int has_dirty; uint32_t features; int absolute; --=20 2.14.3 From nobody Tue Oct 28 12:12:52 2025 Delivered-To: importer@patchew.org Received-SPF: temperror (zoho.com: Error in retrieving data from DNS) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=temperror (zoho.com: Error in retrieving data from DNS) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1513625102766827.4866312554409; Mon, 18 Dec 2017 11:25:02 -0800 (PST) Received: from localhost ([::1]:32805 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR11q-0007sC-MG for importer@patchew.org; Mon, 18 Dec 2017 14:24:46 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50331) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0qW-0006Sj-4Y for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:06 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eR0qS-0005Ic-2Q for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:04 -0500 Received: from mx1.redhat.com ([209.132.183.28]:55008) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eR0qR-0005H1-Pb for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:12:59 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id E56BF5FD51 for ; Mon, 18 Dec 2017 19:12:58 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id E634F84D17; Mon, 18 Dec 2017 19:12:51 +0000 (UTC) From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Mon, 18 Dec 2017 19:12:22 +0000 Message-Id: <20171218191228.31018-8-berrange@redhat.com> In-Reply-To: <20171218191228.31018-1-berrange@redhat.com> References: <20171218191228.31018-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Mon, 18 Dec 2017 19:12:58 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v1 07/13] ui: correctly reset framebuffer update state after processing dirty regions X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Gerd Hoffmann , P J P Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_6 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" According to the RFB protocol, a client sends one or more framebuffer update requests to the server. The server can reply with a single framebuffer upda= te response, that covers all previously received requests. Once the client has read this update from the server, it may send further framebuffer update requests to monitor future changes. The client is free to delay sending the framebuffer update request if it needs to throttle the amount of data it is reading from the server. The QEMU VNC server, however, has never correctly handled the framebuffer update requests. Once QEMU has received an update request, it will continue= to send client updates forever, even if the client hasn't asked for further updates. This prevents the client from throttling back data it gets from the server. This change fixes the flawed logic such that after a set of updates= are sent out, QEMU waits for a further update request before sending more data. Signed-off-by: Daniel P. Berrange Reviewed-by: Darren Kenny Reviewed-by: Marc-Andr=C3=A9 Lureau --- ui/vnc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ui/vnc.c b/ui/vnc.c index d3b04f1166..51fbf0449d 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -1031,7 +1031,7 @@ static int vnc_update_client(VncState *vs, int has_di= rty) } =20 vnc_job_push(job); - vs->update =3D VNC_STATE_UPDATE_INCREMENTAL; + vs->update =3D VNC_STATE_UPDATE_NONE; vs->has_dirty =3D 0; return n; } --=20 2.14.3 From nobody Tue Oct 28 12:12:52 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1513625366830106.35802693378787; Mon, 18 Dec 2017 11:29:26 -0800 (PST) Received: from localhost ([::1]:33299 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR168-0003tz-DO for importer@patchew.org; Mon, 18 Dec 2017 14:29:12 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50369) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0qW-0006So-Vc for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:06 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eR0qT-0005L6-DT for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:04 -0500 Received: from mx1.redhat.com ([209.132.183.28]:35798) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eR0qT-0005JD-3D for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:01 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3FFED7EA83 for ; Mon, 18 Dec 2017 19:13:00 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id 33E4D84D25; Mon, 18 Dec 2017 19:12:59 +0000 (UTC) From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Mon, 18 Dec 2017 19:12:23 +0000 Message-Id: <20171218191228.31018-9-berrange@redhat.com> In-Reply-To: <20171218191228.31018-1-berrange@redhat.com> References: <20171218191228.31018-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Mon, 18 Dec 2017 19:13:00 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v1 08/13] ui: refactor code for determining if an update should be sent to the client X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Gerd Hoffmann , P J P Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The logic for determining if it is possible to send an update to the client will become more complicated shortly, so pull it out into a separate method for easier extension later. Signed-off-by: Daniel P. Berrange Reviewed-by: Darren Kenny Reviewed-by: Marc-Andr=C3=A9 Lureau --- ui/vnc.c | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/ui/vnc.c b/ui/vnc.c index 51fbf0449d..6ae002cd36 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -961,6 +961,25 @@ static int find_and_clear_dirty_height(VncState *vs, return h; } =20 +static bool vnc_should_update(VncState *vs) +{ + switch (vs->update) { + case VNC_STATE_UPDATE_NONE: + break; + case VNC_STATE_UPDATE_INCREMENTAL: + /* Only allow incremental updates if the output buffer + * is empty, or if audio capture is enabled. + */ + if (!vs->output.offset || vs->audio_cap) { + return true; + } + break; + case VNC_STATE_UPDATE_FORCE: + return true; + } + return false; +} + static int vnc_update_client(VncState *vs, int has_dirty) { VncDisplay *vd =3D vs->vd; @@ -975,13 +994,7 @@ static int vnc_update_client(VncState *vs, int has_dir= ty) } =20 vs->has_dirty +=3D has_dirty; - if (vs->update =3D=3D VNC_STATE_UPDATE_NONE) { - return 0; - } - - if (vs->output.offset && !vs->audio_cap && - vs->update !=3D VNC_STATE_UPDATE_FORCE) { - /* kernel send buffers are full -> drop frames to throttle */ + if (!vnc_should_update(vs)) { return 0; } =20 --=20 2.14.3 From nobody Tue Oct 28 12:12:52 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 15136250273511014.972779989454; Mon, 18 Dec 2017 11:23:47 -0800 (PST) Received: from localhost ([::1]:60974 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR10h-0006kS-Ez for importer@patchew.org; Mon, 18 Dec 2017 14:23:35 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50444) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0qY-0006U0-P1 for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:09 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eR0qU-0005NN-Qi for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:06 -0500 Received: from mx1.redhat.com ([209.132.183.28]:35812) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eR0qU-0005Le-C5 for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:02 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8E5067EA83 for ; Mon, 18 Dec 2017 19:13:01 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8283684D17; Mon, 18 Dec 2017 19:13:00 +0000 (UTC) From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Mon, 18 Dec 2017 19:12:24 +0000 Message-Id: <20171218191228.31018-10-berrange@redhat.com> In-Reply-To: <20171218191228.31018-1-berrange@redhat.com> References: <20171218191228.31018-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Mon, 18 Dec 2017 19:13:01 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v1 09/13] ui: fix VNC client throttling when audio capture is active X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Gerd Hoffmann , P J P Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The VNC server must throttle data sent to the client to prevent the 'output' buffer size growing without bound, if the client stops reading data off the socket (either maliciously or due to stalled/slow network connection). The current throttling is very crude because it simply checks whether the output buffer offset is zero. This check must be disabled if audio capture = is enabled, because when streaming audio the output buffer offset will rarely = be zero due to queued audio data, and so this would starve framebuffer updates. As a result, the VNC client can cause QEMU to allocate arbitrary amounts of= RAM. They can first start something in the guest that triggers lots of framebuff= er updates eg play a youtube video. Then enable audio capture, and simply never read data back from the server. This can easily make QEMU's VNC server send buffer consume 100MB of RAM per second, until the OOM killer starts reaping processes (hopefully the rogue QEMU process, but it might pick others...). To address this we make the throttling more intelligent, so we can throttle when audio capture is active too. To determine how to throttle incremental updates or audio data, we calculate a size threshold. Normally the threshol= d is the approximate number of bytes associated with a single complete framebuff= er update. ie width * height * bytes per pixel. We'll send incremental updates until we hit this threshold, at which point we'll stop sending updates until data has been written to the wire, causing the output buffer offset to fall back below the threshold. If audio capture is enabled, we increase the size of the threshold to also allow for upto 1 seconds worth of audio data samples. ie nchannels * bytes per sample * frequency. This allows the output buffer to have a mixture of incremental framebuffer updates and audio data queued, but once the thresho= ld is exceeded, audio data will be dropped and incremental updates will be throttled. This unbounded memory growth affects all VNC server configurations supporte= d by QEMU, with no workaround possible. The mitigating factor is that it can onl= y be triggered by a client that has authenticated with the VNC server, and who is able to trigger a large quantity of framebuffer updates or audio samples fr= om the guest OS. Mostly they'll just succeed in getting the OOM killer to kill their own QEMU process, but its possible other processes can get taken out = as collateral damage. This is a more general variant of the similar unbounded memory usage flaw in the websockets server, that was previously assigned CVE-2017-15268, and fix= ed in 2.11 by: commit a7b20a8efa28e5f22c26c06cd06c2f12bc863493 Author: Daniel P. Berrange Date: Mon Oct 9 14:43:42 2017 +0100 io: monitor encoutput buffer size from websocket GSource This new general memory usage flaw has been assigned CVE-2017-15124, and is partially fixed by this patch. Signed-off-by: Daniel P. Berrange Reviewed-by: Darren Kenny Reviewed-by: Marc-Andr=C3=A9 Lureau --- ui/vnc.c | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++----= ---- ui/vnc.h | 6 ++++++ 2 files changed, 70 insertions(+), 8 deletions(-) diff --git a/ui/vnc.c b/ui/vnc.c index 6ae002cd36..a2699f534d 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -60,6 +60,7 @@ static QTAILQ_HEAD(, VncDisplay) vnc_displays =3D =20 static int vnc_cursor_define(VncState *vs); static void vnc_release_modifiers(VncState *vs); +static void vnc_update_throttle_offset(VncState *vs); =20 static void vnc_set_share_mode(VncState *vs, VncShareMode mode) { @@ -766,6 +767,7 @@ static void vnc_dpy_switch(DisplayChangeListener *dcl, vnc_set_area_dirty(vs->dirty, vd, 0, 0, vnc_width(vd), vnc_height(vd)); + vnc_update_throttle_offset(vs); } } =20 @@ -961,16 +963,67 @@ static int find_and_clear_dirty_height(VncState *vs, return h; } =20 +/* + * Figure out how much pending data we should allow in the output + * buffer before we throttle incremental display updates, and/or + * drop audio samples. + * + * We allow for equiv of 1 full display's worth of FB updates, + * and 1 second of audio samples. If audio backlog was larger + * than that the client would already suffering awful audio + * glitches, so dropping samples is no worse really). + */ +static void vnc_update_throttle_offset(VncState *vs) +{ + size_t offset =3D + vs->client_width * vs->client_height * vs->client_pf.bytes_per_pix= el; + + if (vs->audio_cap) { + int freq =3D vs->as.freq; + /* We don't limit freq when reading settings from client, so + * it could be upto MAX_INT in size. 48khz is a sensible + * upper bound for trustworthy clients */ + int bps; + if (freq > 48000) { + freq =3D 48000; + } + switch (vs->as.fmt) { + default: + case AUD_FMT_U8: + case AUD_FMT_S8: + bps =3D 1; + break; + case AUD_FMT_U16: + case AUD_FMT_S16: + bps =3D 2; + break; + case AUD_FMT_U32: + case AUD_FMT_S32: + bps =3D 4; + break; + } + offset +=3D freq * bps * vs->as.nchannels; + } + + /* Put a floor of 1MB on offset, so that if we have a large pending + * buffer and the display is resized to a small size & back again + * we don't suddenly apply a tiny send limit + */ + offset =3D MAX(offset, 1024 * 1024); + + vs->throttle_output_offset =3D offset; +} + static bool vnc_should_update(VncState *vs) { switch (vs->update) { case VNC_STATE_UPDATE_NONE: break; case VNC_STATE_UPDATE_INCREMENTAL: - /* Only allow incremental updates if the output buffer - * is empty, or if audio capture is enabled. + /* Only allow incremental updates if the pending send queue + * is less than the permitted threshold */ - if (!vs->output.offset || vs->audio_cap) { + if (vs->output.offset < vs->throttle_output_offset) { return true; } break; @@ -1084,11 +1137,13 @@ static void audio_capture(void *opaque, void *buf, = int size) VncState *vs =3D opaque; =20 vnc_lock_output(vs); - vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); - vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); - vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA); - vnc_write_u32(vs, size); - vnc_write(vs, buf, size); + if (vs->output.offset < vs->throttle_output_offset) { + vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); + vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); + vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA); + vnc_write_u32(vs, size); + vnc_write(vs, buf, size); + } vnc_unlock_output(vs); vnc_flush(vs); } @@ -2288,6 +2343,7 @@ static int protocol_client_msg(VncState *vs, uint8_t = *data, size_t len) break; } =20 + vnc_update_throttle_offset(vs); vnc_read_when(vs, protocol_client_msg, 1); return 0; } diff --git a/ui/vnc.h b/ui/vnc.h index b9d310e640..8fe69595c6 100644 --- a/ui/vnc.h +++ b/ui/vnc.h @@ -298,6 +298,12 @@ struct VncState =20 VncClientInfo *info; =20 + /* We allow multiple incremental updates or audio capture + * samples to be queued in output buffer, provided the + * buffer size doesn't exceed this threshold. The value + * is calculating dynamically based on framebuffer size + * and audio sample settings in vnc_update_throttle_offset() */ + size_t throttle_output_offset; Buffer output; Buffer input; /* current output mode information */ --=20 2.14.3 From nobody Tue Oct 28 12:12:52 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1513625164020247.78147816623868; Mon, 18 Dec 2017 11:26:04 -0800 (PST) Received: from localhost ([::1]:33140 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR12p-0000jI-Rw for importer@patchew.org; Mon, 18 Dec 2017 14:25:47 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50533) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0qb-0006X0-Au for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:11 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eR0qX-0005Rn-KI for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:09 -0500 Received: from mx1.redhat.com ([209.132.183.28]:58118) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eR0qX-0005Py-AF for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:05 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7C47B8210C for ; Mon, 18 Dec 2017 19:13:04 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id CFB3E78401; Mon, 18 Dec 2017 19:13:01 +0000 (UTC) From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Mon, 18 Dec 2017 19:12:25 +0000 Message-Id: <20171218191228.31018-11-berrange@redhat.com> In-Reply-To: <20171218191228.31018-1-berrange@redhat.com> References: <20171218191228.31018-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Mon, 18 Dec 2017 19:13:04 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v1 10/13] ui: fix VNC client throttling when forced update is requested X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Gerd Hoffmann , P J P Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The VNC server must throttle data sent to the client to prevent the 'output' buffer size growing without bound, if the client stops reading data off the socket (either maliciously or due to stalled/slow network connection). The current throttling is very crude because it simply checks whether the output buffer offset is zero. This check is disabled if the client has requ= ested a forced update, because we want to send these as soon as possible. As a result, the VNC client can cause QEMU to allocate arbitrary amounts of= RAM. They can first start something in the guest that triggers lots of framebuff= er updates eg play a youtube video. Then repeatedly send full framebuffer upda= te requests, but never read data back from the server. This can easily make QE= MU's VNC server send buffer consume 100MB of RAM per second, until the OOM killer starts reaping processes (hopefully the rogue QEMU process, but it might pi= ck others...). To address this we make the throttling more intelligent, so we can throttle full updates. When we get a forced update request, we keep track of exactly= how much data we put on the output buffer. We will not process a subsequent for= ced update request until this data has been fully sent on the wire. We always a= llow one forced update request to be in flight, regardless of what data is queued for incremental updates or audio data. The slight complication is that we do not initially know how much data an update will send, as this is done in the background by the VNC job thread. So we must track the fact that the job th= read has an update pending, and not process any further updates until this job is has been completed & put data on the output buffer. This unbounded memory growth affects all VNC server configurations supporte= d by QEMU, with no workaround possible. The mitigating factor is that it can onl= y be triggered by a client that has authenticated with the VNC server, and who is able to trigger a large quantity of framebuffer updates or audio samples fr= om the guest OS. Mostly they'll just succeed in getting the OOM killer to kill their own QEMU process, but its possible other processes can get taken out = as collateral damage. This is a more general variant of the similar unbounded memory usage flaw in the websockets server, that was previously assigned CVE-2017-15268, and fix= ed in 2.11 by: commit a7b20a8efa28e5f22c26c06cd06c2f12bc863493 Author: Daniel P. Berrange Date: Mon Oct 9 14:43:42 2017 +0100 io: monitor encoutput buffer size from websocket GSource This new general memory usage flaw has been assigned CVE-2017-15124, and is partially fixed by this patch. Signed-off-by: Daniel P. Berrange Reviewed-by: Darren Kenny Reviewed-by: Marc-Andr=C3=A9 Lureau --- ui/vnc-auth-sasl.c | 5 +++++ ui/vnc-jobs.c | 5 +++++ ui/vnc.c | 28 ++++++++++++++++++++++++---- ui/vnc.h | 7 +++++++ 4 files changed, 41 insertions(+), 4 deletions(-) diff --git a/ui/vnc-auth-sasl.c b/ui/vnc-auth-sasl.c index 761493b9b2..8c1cdde3db 100644 --- a/ui/vnc-auth-sasl.c +++ b/ui/vnc-auth-sasl.c @@ -79,6 +79,11 @@ long vnc_client_write_sasl(VncState *vs) =20 vs->sasl.encodedOffset +=3D ret; if (vs->sasl.encodedOffset =3D=3D vs->sasl.encodedLength) { + if (vs->sasl.encodedRawLength >=3D vs->force_update_offset) { + vs->force_update_offset =3D 0; + } else { + vs->force_update_offset -=3D vs->sasl.encodedRawLength; + } vs->output.offset -=3D vs->sasl.encodedRawLength; vs->sasl.encoded =3D NULL; vs->sasl.encodedOffset =3D vs->sasl.encodedLength =3D 0; diff --git a/ui/vnc-jobs.c b/ui/vnc-jobs.c index f7867771ae..e326679dd0 100644 --- a/ui/vnc-jobs.c +++ b/ui/vnc-jobs.c @@ -152,6 +152,11 @@ void vnc_jobs_consume_buffer(VncState *vs) vs->ioc, G_IO_IN | G_IO_OUT, vnc_client_io, vs, NULL); } buffer_move(&vs->output, &vs->jobs_buffer); + + if (vs->job_update =3D=3D VNC_STATE_UPDATE_FORCE) { + vs->force_update_offset =3D vs->output.offset; + } + vs->job_update =3D VNC_STATE_UPDATE_NONE; } flush =3D vs->ioc !=3D NULL && vs->abort !=3D true; vnc_unlock_output(vs); diff --git a/ui/vnc.c b/ui/vnc.c index a2699f534d..4021c0118c 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -1021,14 +1021,28 @@ static bool vnc_should_update(VncState *vs) break; case VNC_STATE_UPDATE_INCREMENTAL: /* Only allow incremental updates if the pending send queue - * is less than the permitted threshold + * is less than the permitted threshold, and the job worker + * is completely idle. */ - if (vs->output.offset < vs->throttle_output_offset) { + if (vs->output.offset < vs->throttle_output_offset && + vs->job_update =3D=3D VNC_STATE_UPDATE_NONE) { return true; } break; case VNC_STATE_UPDATE_FORCE: - return true; + /* Only allow forced updates if the pending send queue + * does not contain a previous forced update, and the + * job worker is completely idle. + * + * Note this means we'll queue a forced update, even if + * the output buffer size is otherwise over the throttle + * output limit. + */ + if (vs->force_update_offset =3D=3D 0 && + vs->job_update =3D=3D VNC_STATE_UPDATE_NONE) { + return true; + } + break; } return false; } @@ -1096,8 +1110,9 @@ static int vnc_update_client(VncState *vs, int has_di= rty) } } =20 - vnc_job_push(job); + vs->job_update =3D vs->update; vs->update =3D VNC_STATE_UPDATE_NONE; + vnc_job_push(job); vs->has_dirty =3D 0; return n; } @@ -1332,6 +1347,11 @@ static ssize_t vnc_client_write_plain(VncState *vs) if (!ret) return 0; =20 + if (ret >=3D vs->force_update_offset) { + vs->force_update_offset =3D 0; + } else { + vs->force_update_offset -=3D ret; + } buffer_advance(&vs->output, ret); =20 if (vs->output.offset =3D=3D 0) { diff --git a/ui/vnc.h b/ui/vnc.h index 8fe69595c6..3f4cd4d93d 100644 --- a/ui/vnc.h +++ b/ui/vnc.h @@ -271,6 +271,7 @@ struct VncState =20 VncDisplay *vd; VncStateUpdate update; /* Most recent pending request from client */ + VncStateUpdate job_update; /* Currently processed by job thread */ int has_dirty; uint32_t features; int absolute; @@ -298,6 +299,12 @@ struct VncState =20 VncClientInfo *info; =20 + /* Job thread bottom half has put data for a forced update + * into the output buffer. This offset points to the end of + * the update data in the output buffer. This lets us determine + * when a force update is fully sent to the client, allowing + * us to process further forced updates. */ + size_t force_update_offset; /* We allow multiple incremental updates or audio capture * samples to be queued in output buffer, provided the * buffer size doesn't exceed this threshold. The value --=20 2.14.3 From nobody Tue Oct 28 12:12:52 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1513625293430387.74259725857314; Mon, 18 Dec 2017 11:28:13 -0800 (PST) Received: from localhost ([::1]:33249 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR153-00037E-DU for importer@patchew.org; Mon, 18 Dec 2017 14:28:05 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50529) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0qb-0006Wq-7U for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:11 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eR0qZ-0005Tz-0y for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:09 -0500 Received: from mx1.redhat.com ([209.132.183.28]:50668) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eR0qY-0005Sk-Mw for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:06 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id DC0E32D6A28 for ; Mon, 18 Dec 2017 19:13:05 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id BA49E78401; Mon, 18 Dec 2017 19:13:04 +0000 (UTC) From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Mon, 18 Dec 2017 19:12:26 +0000 Message-Id: <20171218191228.31018-12-berrange@redhat.com> In-Reply-To: <20171218191228.31018-1-berrange@redhat.com> References: <20171218191228.31018-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Mon, 18 Dec 2017 19:13:05 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v1 11/13] ui: place a hard cap on VNC server output buffer size X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Gerd Hoffmann , P J P Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The previous patches fix problems with throttling of forced framebuffer upd= ates and audio data capture that would cause the QEMU output buffer size to grow without bound. Those fixes are graceful in that once the client catches up = with reading data from the server, everything continues operating normally. There is some data which the server sends to the client that is impractical= to throttle. Specifically there are various pseudo framebuffer update encoding= s to inform the client of things like desktop resizes, pointer changes, audio playback start/stop, LED state and so on. These generally only involve send= ing a very small amount of data to the client, but a malicious guest might be a= ble to do things that trigger these changes at a very high rate. Throttling the= m is not practical as missed or delayed events would cause broken behaviour for = the client. This patch thus takes a more forceful approach of setting an absolute upper bound on the amount of data we permit to be present in the output buffer at any time. The previous patch set a threshold for throttling the output buff= er by allowing an amount of data equivalent to one complete framebuffer update= and one seconds worth of audio data. On top of this it allowed for one further forced framebuffer update to be queued. To be conservative, we thus take that throttling threshold and multiply it = by 5 to form an absolute upper bound. If this bound is hit during vnc_write() = we forceably disconnect the client, refusing to queue further data. This limit= is high enough that it should never be hit unless a malicious client is trying= to exploit the sever, or the network is completely saturated preventing any se= nding of data on the socket. This completes the fix for CVE-2017-15124 started in the previous patches. Signed-off-by: Daniel P. Berrange Reviewed-by: Darren Kenny Reviewed-by: Marc-Andr=C3=A9 Lureau --- ui/vnc.c | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/ui/vnc.c b/ui/vnc.c index 4021c0118c..a4f0279cdc 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -1521,8 +1521,37 @@ gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED, } =20 =20 +/* + * Scale factor to apply to vs->throttle_output_offset when checking for + * hard limit. Worst case normal usage could be x2, if we have a complete + * incremental update and complete forced update in the output buffer. + * So x3 should be good enough, but we pick x5 to be conservative and thus + * (hopefully) never trigger incorrectly. + */ +#define VNC_THROTTLE_OUTPUT_LIMIT_SCALE 5 + void vnc_write(VncState *vs, const void *data, size_t len) { + if (vs->disconnecting) { + return; + } + /* Protection against malicious client/guest to prevent our output + * buffer growing without bound if client stops reading data. This + * should rarely trigger, because we have earlier throttling code + * which stops issuing framebuffer updates and drops audio data + * if the throttle_output_offset value is exceeded. So we only reach + * this higher level if a huge number of pseudo-encodings get + * triggered while data can't be sent on the socket. + * + * NB throttle_output_offset can be zero during early protocol + * handshake, or from the job thread's VncState clone + */ + if (vs->throttle_output_offset !=3D 0 && + vs->output.offset > (vs->throttle_output_offset * + VNC_THROTTLE_OUTPUT_LIMIT_SCALE)) { + vnc_disconnect_start(vs); + return; + } buffer_reserve(&vs->output, len); =20 if (vs->ioc !=3D NULL && buffer_empty(&vs->output)) { --=20 2.14.3 From nobody Tue Oct 28 12:12:52 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1513625411656772.6024738657306; Mon, 18 Dec 2017 11:30:11 -0800 (PST) Received: from localhost ([::1]:33337 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR16z-0004ZB-FM for importer@patchew.org; Mon, 18 Dec 2017 14:30:05 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50615) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0qd-0006ZT-EG for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:13 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eR0qa-0005VR-Co for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:11 -0500 Received: from mx1.redhat.com ([209.132.183.28]:50688) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eR0qa-0005UN-1Y for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:08 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 30A7734CD for ; Mon, 18 Dec 2017 19:13:07 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id 263C078401; Mon, 18 Dec 2017 19:13:06 +0000 (UTC) From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Mon, 18 Dec 2017 19:12:27 +0000 Message-Id: <20171218191228.31018-13-berrange@redhat.com> In-Reply-To: <20171218191228.31018-1-berrange@redhat.com> References: <20171218191228.31018-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Mon, 18 Dec 2017 19:13:07 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v1 12/13] ui: add trace events related to VNC client throttling X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Gerd Hoffmann , P J P Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The VNC client throttling is quite subtle so will benefit from having trace points available for live debugging. Signed-off-by: Daniel P. Berrange Reviewed-by: Darren Kenny Reviewed-by: Marc-Andr=C3=A9 Lureau --- ui/trace-events | 7 +++++++ ui/vnc.c | 23 +++++++++++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/ui/trace-events b/ui/trace-events index 1a9f126330..85f74f948b 100644 --- a/ui/trace-events +++ b/ui/trace-events @@ -35,6 +35,13 @@ vnc_client_connect(void *state, void *ioc) "VNC client c= onnect state=3D%p ioc=3D%p" vnc_client_disconnect_start(void *state, void *ioc) "VNC client disconnect= start state=3D%p ioc=3D%p" vnc_client_disconnect_finish(void *state, void *ioc) "VNC client disconnec= t finish state=3D%p ioc=3D%p" vnc_client_io_wrap(void *state, void *ioc, const char *type) "VNC client I= /O wrap state=3D%p ioc=3D%p type=3D%s" +vnc_client_throttle_threshold(void *state, void *ioc, size_t oldoffset, si= ze_t offset, int client_width, int client_height, int bytes_per_pixel, void= *audio_cap) "VNC client throttle threshold state=3D%p ioc=3D%p oldoffset= =3D%zu newoffset=3D%zu width=3D%d height=3D%d bpp=3D%d audio=3D%p" +vnc_client_throttle_incremental(void *state, void *ioc, int job_update, si= ze_t offset) "VNC client throttle incremental state=3D%p ioc=3D%p job-updat= e=3D%d offset=3D%zu" +vnc_client_throttle_forced(void *state, void *ioc, int job_update, size_t = offset) "VNC client throttle forced state=3D%p ioc=3D%p job-update=3D%d off= set=3D%zu" +vnc_client_throttle_audio(void *state, void *ioc, size_t offset) "VNC clie= nt throttle audio state=3D%p ioc=3D%p offset=3D%zu" +vnc_client_unthrottle_forced(void *state, void *ioc) "VNC client unthrottl= e forced offset state=3D%p ioc=3D%p" +vnc_client_unthrottle_incremental(void *state, void *ioc, size_t offset) "= VNC client unthrottle incremental state=3D%p ioc=3D%p offset=3D%zu" +vnc_client_output_limit(void *state, void *ioc, size_t offset, size_t thre= shold) "VNC client output limit state=3D%p ioc=3D%p offset=3D%zu threshold= =3D%zu" vnc_auth_init(void *display, int websock, int auth, int subauth) "VNC auth= init state=3D%p websock=3D%d auth=3D%d subauth=3D%d" vnc_auth_start(void *state, int method) "VNC client auth start state=3D%p = method=3D%d" vnc_auth_pass(void *state, int method) "VNC client auth passed state=3D%p = method=3D%d" diff --git a/ui/vnc.c b/ui/vnc.c index a4f0279cdc..1b5a399dc0 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -1011,6 +1011,12 @@ static void vnc_update_throttle_offset(VncState *vs) */ offset =3D MAX(offset, 1024 * 1024); =20 + if (vs->throttle_output_offset !=3D offset) { + trace_vnc_client_throttle_threshold( + vs, vs->ioc, vs->throttle_output_offset, offset, vs->client_wi= dth, + vs->client_height, vs->client_pf.bytes_per_pixel, vs->audio_ca= p); + } + vs->throttle_output_offset =3D offset; } =20 @@ -1028,6 +1034,8 @@ static bool vnc_should_update(VncState *vs) vs->job_update =3D=3D VNC_STATE_UPDATE_NONE) { return true; } + trace_vnc_client_throttle_incremental( + vs, vs->ioc, vs->job_update, vs->output.offset); break; case VNC_STATE_UPDATE_FORCE: /* Only allow forced updates if the pending send queue @@ -1042,6 +1050,8 @@ static bool vnc_should_update(VncState *vs) vs->job_update =3D=3D VNC_STATE_UPDATE_NONE) { return true; } + trace_vnc_client_throttle_forced( + vs, vs->ioc, vs->job_update, vs->force_update_offset); break; } return false; @@ -1158,6 +1168,8 @@ static void audio_capture(void *opaque, void *buf, in= t size) vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA); vnc_write_u32(vs, size); vnc_write(vs, buf, size); + } else { + trace_vnc_client_throttle_audio(vs, vs->ioc, vs->output.offset); } vnc_unlock_output(vs); vnc_flush(vs); @@ -1328,6 +1340,7 @@ ssize_t vnc_client_write_buf(VncState *vs, const uint= 8_t *data, size_t datalen) */ static ssize_t vnc_client_write_plain(VncState *vs) { + size_t offset; ssize_t ret; =20 #ifdef CONFIG_VNC_SASL @@ -1348,11 +1361,19 @@ static ssize_t vnc_client_write_plain(VncState *vs) return 0; =20 if (ret >=3D vs->force_update_offset) { + if (vs->force_update_offset !=3D 0) { + trace_vnc_client_unthrottle_forced(vs, vs->ioc); + } vs->force_update_offset =3D 0; } else { vs->force_update_offset -=3D ret; } + offset =3D vs->output.offset; buffer_advance(&vs->output, ret); + if (offset >=3D vs->throttle_output_offset && + vs->output.offset < vs->throttle_output_offset) { + trace_vnc_client_unthrottle_incremental(vs, vs->ioc, vs->output.of= fset); + } =20 if (vs->output.offset =3D=3D 0) { if (vs->ioc_tag) { @@ -1549,6 +1570,8 @@ void vnc_write(VncState *vs, const void *data, size_t= len) if (vs->throttle_output_offset !=3D 0 && vs->output.offset > (vs->throttle_output_offset * VNC_THROTTLE_OUTPUT_LIMIT_SCALE)) { + trace_vnc_client_output_limit(vs, vs->ioc, vs->output.offset, + vs->throttle_output_offset); vnc_disconnect_start(vs); return; } --=20 2.14.3 From nobody Tue Oct 28 12:12:52 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1513625492166929.1031079669739; Mon, 18 Dec 2017 11:31:32 -0800 (PST) Received: from localhost ([::1]:33454 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR18C-0005Tq-Va for importer@patchew.org; Mon, 18 Dec 2017 14:31:21 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50614) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eR0qd-0006ZS-De for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:14 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eR0qb-0005Wg-HG for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:11 -0500 Received: from mx1.redhat.com ([209.132.183.28]:35920) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eR0qb-0005Vj-9j for qemu-devel@nongnu.org; Mon, 18 Dec 2017 14:13:09 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7FBEC7EA81 for ; Mon, 18 Dec 2017 19:13:08 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.45]) by smtp.corp.redhat.com (Postfix) with ESMTP id 71C5A84D17; Mon, 18 Dec 2017 19:13:07 +0000 (UTC) From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Mon, 18 Dec 2017 19:12:28 +0000 Message-Id: <20171218191228.31018-14-berrange@redhat.com> In-Reply-To: <20171218191228.31018-1-berrange@redhat.com> References: <20171218191228.31018-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Mon, 18 Dec 2017 19:13:08 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v1 13/13] ui: mix misleading comments & return types of VNC I/O helper methods X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Gerd Hoffmann , P J P Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" While the QIOChannel APIs for reading/writing data return ssize_t, with neg= ative value indicating an error, the VNC code passes this return value through the vnc_client_io_error() method. This detects the error condition, disconnects= the client and returns 0 to indicate error. Thus all the VNC helper methods sho= uld return size_t (unsigned), and misleading comments which refer to the possib= ility of negative return values need fixing. Signed-off-by: Daniel P. Berrange Reviewed-by: Darren Kenny Reviewed-by: Marc-Andr=C3=A9 Lureau --- ui/vnc-auth-sasl.c | 8 ++++---- ui/vnc-auth-sasl.h | 4 ++-- ui/vnc.c | 29 +++++++++++++++-------------- ui/vnc.h | 6 +++--- 4 files changed, 24 insertions(+), 23 deletions(-) diff --git a/ui/vnc-auth-sasl.c b/ui/vnc-auth-sasl.c index 8c1cdde3db..74a5f513f2 100644 --- a/ui/vnc-auth-sasl.c +++ b/ui/vnc-auth-sasl.c @@ -48,9 +48,9 @@ void vnc_sasl_client_cleanup(VncState *vs) } =20 =20 -long vnc_client_write_sasl(VncState *vs) +size_t vnc_client_write_sasl(VncState *vs) { - long ret; + size_t ret; =20 VNC_DEBUG("Write SASL: Pending output %p size %zd offset %zd " "Encoded: %p size %d offset %d\n", @@ -106,9 +106,9 @@ long vnc_client_write_sasl(VncState *vs) } =20 =20 -long vnc_client_read_sasl(VncState *vs) +size_t vnc_client_read_sasl(VncState *vs) { - long ret; + size_t ret; uint8_t encoded[4096]; const char *decoded; unsigned int decodedLen; diff --git a/ui/vnc-auth-sasl.h b/ui/vnc-auth-sasl.h index b9d8de1c10..2ae224ee3a 100644 --- a/ui/vnc-auth-sasl.h +++ b/ui/vnc-auth-sasl.h @@ -65,8 +65,8 @@ struct VncDisplaySASL { =20 void vnc_sasl_client_cleanup(VncState *vs); =20 -long vnc_client_read_sasl(VncState *vs); -long vnc_client_write_sasl(VncState *vs); +size_t vnc_client_read_sasl(VncState *vs); +size_t vnc_client_write_sasl(VncState *vs); =20 void start_auth_sasl(VncState *vs); =20 diff --git a/ui/vnc.c b/ui/vnc.c index 1b5a399dc0..b0e12ca4dd 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -1272,7 +1272,7 @@ void vnc_disconnect_finish(VncState *vs) g_free(vs); } =20 -ssize_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp) +size_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp) { if (ret <=3D 0) { if (ret =3D=3D 0) { @@ -1315,9 +1315,9 @@ void vnc_client_error(VncState *vs) * * Returns the number of bytes written, which may be less than * the requested 'datalen' if the socket would block. Returns - * -1 on error, and disconnects the client socket. + * 0 on I/O error, and disconnects the client socket. */ -ssize_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t dat= alen) +size_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t data= len) { Error *err =3D NULL; ssize_t ret; @@ -1335,13 +1335,13 @@ ssize_t vnc_client_write_buf(VncState *vs, const ui= nt8_t *data, size_t datalen) * will switch the FD poll() handler back to read monitoring. * * Returns the number of bytes written, which may be less than - * the buffered output data if the socket would block. Returns - * -1 on error, and disconnects the client socket. + * the buffered output data if the socket would block. Returns + * 0 on I/O error, and disconnects the client socket. */ -static ssize_t vnc_client_write_plain(VncState *vs) +static size_t vnc_client_write_plain(VncState *vs) { size_t offset; - ssize_t ret; + size_t ret; =20 #ifdef CONFIG_VNC_SASL VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SS= F %d\n", @@ -1442,9 +1442,9 @@ void vnc_read_when(VncState *vs, VncReadEvent *func, = size_t expecting) * * Returns the number of bytes read, which may be less than * the requested 'datalen' if the socket would block. Returns - * -1 on error, and disconnects the client socket. + * 0 on I/O error or EOF, and disconnects the client socket. */ -ssize_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen) +size_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen) { ssize_t ret; Error *err =3D NULL; @@ -1460,12 +1460,13 @@ ssize_t vnc_client_read_buf(VncState *vs, uint8_t *= data, size_t datalen) * when not using any SASL SSF encryption layers. Will read as much * data as possible without blocking. * - * Returns the number of bytes read. Returns -1 on error, and - * disconnects the client socket. + * Returns the number of bytes read, which may be less than + * the requested 'datalen' if the socket would block. Returns + * 0 on I/O error or EOF, and disconnects the client socket. */ -static ssize_t vnc_client_read_plain(VncState *vs) +static size_t vnc_client_read_plain(VncState *vs) { - ssize_t ret; + size_t ret; VNC_DEBUG("Read plain %p size %zd offset %zd\n", vs->input.buffer, vs->input.capacity, vs->input.offset); buffer_reserve(&vs->input, 4096); @@ -1491,7 +1492,7 @@ static void vnc_jobs_bh(void *opaque) */ static int vnc_client_read(VncState *vs) { - ssize_t ret; + size_t ret; =20 #ifdef CONFIG_VNC_SASL if (vs->sasl.conn && vs->sasl.runSSF) diff --git a/ui/vnc.h b/ui/vnc.h index 3f4cd4d93d..0c33a5f7fe 100644 --- a/ui/vnc.h +++ b/ui/vnc.h @@ -524,8 +524,8 @@ gboolean vnc_client_io(QIOChannel *ioc, GIOCondition condition, void *opaque); =20 -ssize_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen); -ssize_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t dat= alen); +size_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen); +size_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t data= len); =20 /* Protocol I/O functions */ void vnc_write(VncState *vs, const void *data, size_t len); @@ -544,7 +544,7 @@ uint32_t read_u32(uint8_t *data, size_t offset); =20 /* Protocol stage functions */ void vnc_client_error(VncState *vs); -ssize_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp); +size_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp); =20 void start_client_init(VncState *vs); void start_auth_vnc(VncState *vs); --=20 2.14.3