diff options
| -rw-r--r-- | crypto/tlscredsx509.c | 48 | ||||
| -rw-r--r-- | hw/display/edid-generate.c | 15 | ||||
| -rw-r--r-- | include/crypto/tlscreds.h | 8 | ||||
| -rw-r--r-- | include/ui/console.h | 11 | ||||
| -rw-r--r-- | monitor/qmp-cmds.c | 17 | ||||
| -rw-r--r-- | qapi/ui.json | 61 | ||||
| -rw-r--r-- | ui/vnc.c | 28 |
7 files changed, 168 insertions, 20 deletions
diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c index dbadad4df2..bc503bab55 100644 --- a/crypto/tlscredsx509.c +++ b/crypto/tlscredsx509.c @@ -770,6 +770,51 @@ qcrypto_tls_creds_x509_prop_get_sanity(Object *obj, } +#ifdef CONFIG_GNUTLS + + +static bool +qcrypto_tls_creds_x509_reload(QCryptoTLSCreds *creds, Error **errp) +{ + QCryptoTLSCredsX509 *x509_creds = QCRYPTO_TLS_CREDS_X509(creds); + Error *local_err = NULL; + gnutls_certificate_credentials_t creds_data = x509_creds->data; + gnutls_dh_params_t creds_dh_params = x509_creds->parent_obj.dh_params; + + x509_creds->data = NULL; + x509_creds->parent_obj.dh_params = NULL; + qcrypto_tls_creds_x509_load(x509_creds, &local_err); + if (local_err) { + qcrypto_tls_creds_x509_unload(x509_creds); + x509_creds->data = creds_data; + x509_creds->parent_obj.dh_params = creds_dh_params; + error_propagate(errp, local_err); + return false; + } + + if (creds_data) { + gnutls_certificate_free_credentials(creds_data); + } + if (creds_dh_params) { + gnutls_dh_params_deinit(creds_dh_params); + } + return true; +} + + +#else /* ! CONFIG_GNUTLS */ + + +static bool +qcrypto_tls_creds_x509_reload(QCryptoTLSCreds *creds, Error **errp) +{ + return false; +} + + +#endif /* ! CONFIG_GNUTLS */ + + static void qcrypto_tls_creds_x509_complete(UserCreatable *uc, Error **errp) { @@ -800,6 +845,9 @@ static void qcrypto_tls_creds_x509_class_init(ObjectClass *oc, void *data) { UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc); + QCryptoTLSCredsClass *ctcc = QCRYPTO_TLS_CREDS_CLASS(oc); + + ctcc->reload = qcrypto_tls_creds_x509_reload; ucc->complete = qcrypto_tls_creds_x509_complete; diff --git a/hw/display/edid-generate.c b/hw/display/edid-generate.c index 1665b7cbb2..a1bea9a3aa 100644 --- a/hw/display/edid-generate.c +++ b/hw/display/edid-generate.c @@ -25,19 +25,20 @@ static const struct edid_mode { { .xres = 1920, .yres = 1080, .dta = 31 }, /* additional standard timings 3 (all @ 60Hz) */ - { .xres = 1920, .yres = 1440, .xtra3 = 11, .bit = 5 }, { .xres = 1920, .yres = 1200, .xtra3 = 10, .bit = 0 }, - { .xres = 1856, .yres = 1392, .xtra3 = 10, .bit = 3 }, - { .xres = 1792, .yres = 1344, .xtra3 = 10, .bit = 5 }, { .xres = 1600, .yres = 1200, .xtra3 = 9, .bit = 2 }, { .xres = 1680, .yres = 1050, .xtra3 = 9, .bit = 5 }, - { .xres = 1440, .yres = 1050, .xtra3 = 8, .bit = 1 }, { .xres = 1440, .yres = 900, .xtra3 = 8, .bit = 5 }, - { .xres = 1360, .yres = 768, .xtra3 = 8, .bit = 7 }, { .xres = 1280, .yres = 1024, .xtra3 = 7, .bit = 1 }, { .xres = 1280, .yres = 960, .xtra3 = 7, .bit = 3 }, { .xres = 1280, .yres = 768, .xtra3 = 7, .bit = 6 }, + { .xres = 1920, .yres = 1440, .xtra3 = 11, .bit = 5 }, + { .xres = 1856, .yres = 1392, .xtra3 = 10, .bit = 3 }, + { .xres = 1792, .yres = 1344, .xtra3 = 10, .bit = 5 }, + { .xres = 1440, .yres = 1050, .xtra3 = 8, .bit = 1 }, + { .xres = 1360, .yres = 768, .xtra3 = 8, .bit = 7 }, + /* established timings (all @ 60Hz) */ { .xres = 1024, .yres = 768, .byte = 36, .bit = 3 }, { .xres = 800, .yres = 600, .byte = 35, .bit = 0 }, @@ -109,13 +110,13 @@ static void edid_fill_modes(uint8_t *edid, uint8_t *xtra3, uint8_t *dta, if (mode->byte) { edid[mode->byte] |= (1 << mode->bit); - } else if (mode->xtra3 && xtra3) { - xtra3[mode->xtra3] |= (1 << mode->bit); } else if (std < 54) { rc = edid_std_mode(edid + std, mode->xres, mode->yres); if (rc == 0) { std += 2; } + } else if (mode->xtra3 && xtra3) { + xtra3[mode->xtra3] |= (1 << mode->bit); } if (dta && mode->dta) { diff --git a/include/crypto/tlscreds.h b/include/crypto/tlscreds.h index 079e376047..d0808e391e 100644 --- a/include/crypto/tlscreds.h +++ b/include/crypto/tlscreds.h @@ -30,14 +30,15 @@ #define TYPE_QCRYPTO_TLS_CREDS "tls-creds" typedef struct QCryptoTLSCreds QCryptoTLSCreds; -DECLARE_INSTANCE_CHECKER(QCryptoTLSCreds, QCRYPTO_TLS_CREDS, - TYPE_QCRYPTO_TLS_CREDS) - typedef struct QCryptoTLSCredsClass QCryptoTLSCredsClass; +DECLARE_OBJ_CHECKERS(QCryptoTLSCreds, QCryptoTLSCredsClass, QCRYPTO_TLS_CREDS, + TYPE_QCRYPTO_TLS_CREDS) + #define QCRYPTO_TLS_CREDS_DH_PARAMS "dh-params.pem" +typedef bool (*CryptoTLSCredsReload)(QCryptoTLSCreds *, Error **); /** * QCryptoTLSCreds: * @@ -61,6 +62,7 @@ struct QCryptoTLSCreds { struct QCryptoTLSCredsClass { ObjectClass parent_class; + CryptoTLSCredsReload reload; }; diff --git a/include/ui/console.h b/include/ui/console.h index c960b7066c..ca3c7af6a6 100644 --- a/include/ui/console.h +++ b/include/ui/console.h @@ -267,16 +267,6 @@ PixelFormat qemu_default_pixelformat(int bpp); DisplaySurface *qemu_create_displaysurface(int width, int height); void qemu_free_displaysurface(DisplaySurface *surface); -static inline int is_surface_bgr(DisplaySurface *surface) -{ - if (PIXMAN_FORMAT_BPP(surface->format) == 32 && - PIXMAN_FORMAT_TYPE(surface->format) == PIXMAN_TYPE_ABGR) { - return 1; - } else { - return 0; - } -} - static inline int is_buffer_shared(DisplaySurface *surface) { return !(surface->flags & QEMU_ALLOCATED_FLAG); @@ -476,6 +466,7 @@ int vnc_display_password(const char *id, const char *password); int vnc_display_pw_expire(const char *id, time_t expires); void vnc_parse(const char *str); int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp); +bool vnc_display_reload_certs(const char *id, Error **errp); /* input.c */ int index_from_key(const char *key, size_t key_length); diff --git a/monitor/qmp-cmds.c b/monitor/qmp-cmds.c index c7df8c0ee2..f7d64a6457 100644 --- a/monitor/qmp-cmds.c +++ b/monitor/qmp-cmds.c @@ -334,3 +334,20 @@ MemoryInfo *qmp_query_memory_size_summary(Error **errp) return mem_info; } + +void qmp_display_reload(DisplayReloadOptions *arg, Error **errp) +{ + switch (arg->type) { + case DISPLAY_RELOAD_TYPE_VNC: +#ifdef CONFIG_VNC + if (arg->u.vnc.has_tls_certs && arg->u.vnc.tls_certs) { + vnc_display_reload_certs(NULL, errp); + } +#else + error_setg(errp, "vnc is invalid, missing 'CONFIG_VNC'"); +#endif + break; + default: + abort(); + } +} diff --git a/qapi/ui.json b/qapi/ui.json index cc1882108b..1052ca9c38 100644 --- a/qapi/ui.json +++ b/qapi/ui.json @@ -1168,3 +1168,64 @@ ## { 'command': 'query-display-options', 'returns': 'DisplayOptions' } + +## +# @DisplayReloadType: +# +# Available DisplayReload types. +# +# @vnc: VNC display +# +# Since: 6.0 +# +## +{ 'enum': 'DisplayReloadType', + 'data': ['vnc'] } + +## +# @DisplayReloadOptionsVNC: +# +# Specify the VNC reload options. +# +# @tls-certs: reload tls certs or not. +# +# Since: 6.0 +# +## +{ 'struct': 'DisplayReloadOptionsVNC', + 'data': { '*tls-certs': 'bool' } } + +## +# @DisplayReloadOptions: +# +# Options of the display configuration reload. +# +# @type: Specify the display type. +# +# Since: 6.0 +# +## +{ 'union': 'DisplayReloadOptions', + 'base': {'type': 'DisplayReloadType'}, + 'discriminator': 'type', + 'data': { 'vnc': 'DisplayReloadOptionsVNC' } } + +## +# @display-reload: +# +# Reload display configuration. +# +# Returns: Nothing on success. +# +# Since: 6.0 +# +# Example: +# +# -> { "execute": "display-reload", +# "arguments": { "type": "vnc", "tls-certs": true } } +# <- { "return": {} } +# +## +{ 'command': 'display-reload', + 'data': 'DisplayReloadOptions', + 'boxed' : true } diff --git a/ui/vnc.c b/ui/vnc.c index e0fac2136e..456db47d71 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -585,6 +585,34 @@ VncInfo2List *qmp_query_vnc_servers(Error **errp) return prev; } +bool vnc_display_reload_certs(const char *id, Error **errp) +{ + VncDisplay *vd = vnc_display_find(id); + QCryptoTLSCredsClass *creds = NULL; + + if (!vd) { + error_setg(errp, "Can not find vnc display"); + return false; + } + + if (!vd->tlscreds) { + error_setg(errp, "vnc tls is not enable"); + return false; + } + + creds = QCRYPTO_TLS_CREDS_GET_CLASS(OBJECT(vd->tlscreds)); + if (creds->reload == NULL) { + error_setg(errp, "%s doesn't support to reload TLS credential", + object_get_typename(OBJECT(vd->tlscreds))); + return false; + } + if (!creds->reload(vd->tlscreds, errp)) { + return false; + } + + return true; +} + /* TODO 1) Get the queue working for IO. 2) there is some weirdness when using the -S option (the screen is grey |