Changeset View
Standalone View
src/server/remote_access_interface.cpp
- This file was added.
1 | /**************************************************************************** | ||||
---|---|---|---|---|---|
2 | Copyright 2016 Oleg Chernovskiy <kanedias@xaker.ru> | ||||
3 | | ||||
4 | This library is free software; you can redistribute it and/or | ||||
5 | modify it under the terms of the GNU Lesser General Public | ||||
6 | License as published by the Free Software Foundation; either | ||||
7 | version 2.1 of the License, or (at your option) version 3, or any | ||||
8 | later version accepted by the membership of KDE e.V. (or its | ||||
9 | successor approved by the membership of KDE e.V.), which shall | ||||
10 | act as a proxy defined in Section 6 of version 3 of the license. | ||||
11 | | ||||
12 | This library is distributed in the hope that it will be useful, | ||||
13 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||||
15 | Lesser General Public License for more details. | ||||
16 | | ||||
17 | You should have received a copy of the GNU Lesser General Public | ||||
18 | License along with this library. If not, see <http://www.gnu.org/licenses/>. | ||||
19 | ****************************************************************************/ | ||||
20 | #include "output_interface.h" | ||||
21 | #include "remote_access_interface.h" | ||||
22 | #include "remote_access_interface_p.h" | ||||
23 | #include "display.h" | ||||
24 | #include "global_p.h" | ||||
25 | #include "resource_p.h" | ||||
26 | #include "logging_p.h" | ||||
27 | | ||||
28 | #include <wayland-remote-access-server-protocol.h> | ||||
29 | | ||||
graesslin: you can just include "logging_p.h" | |||||
Kanedias: Noted, re-using categories from there. | |||||
30 | #include <QHash> | ||||
31 | #include <QMutableHashIterator> | ||||
32 | | ||||
33 | #include <functional> | ||||
34 | | ||||
35 | namespace KWayland | ||||
36 | { | ||||
37 | namespace Server | ||||
38 | { | ||||
39 | | ||||
40 | class BufferHandle::Private // @see gbm_import_fd_data | ||||
41 | { | ||||
42 | public: | ||||
43 | // Note that on client side received fd number will be different | ||||
44 | // and meaningful only for client process! | ||||
45 | // Thus we can use server-side fd as an implicit unique id | ||||
46 | qint32 fd = 0; ///< also internal buffer id for client | ||||
47 | quint32 width = 0; | ||||
48 | quint32 height = 0; | ||||
49 | quint32 stride = 0; | ||||
50 | quint32 format = 0; | ||||
51 | }; | ||||
52 | | ||||
53 | BufferHandle::BufferHandle() | ||||
54 | : d(new Private) | ||||
55 | { | ||||
56 | } | ||||
57 | | ||||
58 | BufferHandle::~BufferHandle() | ||||
59 | { | ||||
60 | } | ||||
61 | | ||||
62 | void BufferHandle::setFd(qint32 fd) | ||||
63 | { | ||||
64 | d->fd = fd; | ||||
65 | } | ||||
66 | | ||||
67 | qint32 BufferHandle::fd() const | ||||
68 | { | ||||
69 | return d->fd; | ||||
70 | } | ||||
71 | | ||||
72 | void BufferHandle::setSize(quint32 width, quint32 height) | ||||
73 | { | ||||
74 | d->width = width; | ||||
75 | d->height = height; | ||||
76 | } | ||||
77 | | ||||
78 | quint32 BufferHandle::width() const | ||||
79 | { | ||||
80 | return d->width; | ||||
81 | } | ||||
82 | | ||||
83 | quint32 BufferHandle::height() const | ||||
84 | { | ||||
85 | return d->height; | ||||
86 | } | ||||
87 | | ||||
88 | void BufferHandle::setStride(quint32 stride) | ||||
89 | { | ||||
90 | d->stride = stride; | ||||
91 | } | ||||
92 | | ||||
93 | | ||||
94 | quint32 BufferHandle::stride() const | ||||
95 | { | ||||
96 | return d->stride; | ||||
97 | } | ||||
98 | | ||||
99 | void BufferHandle::setFormat(quint32 format) | ||||
100 | { | ||||
101 | d->format = format; | ||||
102 | } | ||||
103 | | ||||
104 | quint32 BufferHandle::format() const | ||||
105 | { | ||||
106 | return d->format; | ||||
107 | } | ||||
108 | | ||||
109 | /** | ||||
110 | * @brief helper struct for manual reference counting. | ||||
111 | * automatic counting via QSharedPointer is no-go here as we hold strong reference in sentBuffers. | ||||
112 | */ | ||||
113 | struct BufferHolder | ||||
114 | { | ||||
115 | const BufferHandle *buf; | ||||
116 | quint64 counter; | ||||
117 | }; | ||||
118 | | ||||
119 | class RemoteAccessManagerInterface::Private : public Global::Private | ||||
romangg: rm whitespace | |||||
120 | { | ||||
121 | public: | ||||
122 | Private(RemoteAccessManagerInterface *q, Display *d); | ||||
123 | virtual ~Private(); | ||||
124 | | ||||
125 | /** | ||||
126 | * @brief Send buffer ready notification to all connected clients | ||||
127 | * @param output wl_output interface to determine which screen sent this buf | ||||
128 | * @param buf buffer containing GBM-related params | ||||
129 | */ | ||||
130 | void sendBufferReady(const OutputInterface *output, const BufferHandle *buf); | ||||
131 | /** | ||||
132 | * @brief Release all bound buffers associated with this resource | ||||
133 | * @param resource one of bound clients | ||||
134 | */ | ||||
135 | void release(wl_resource *resource); | ||||
136 | | ||||
137 | /** | ||||
138 | * Clients of this interface. | ||||
139 | * This may be screenshot app, video capture app, | ||||
140 | * remote control app etc. | ||||
141 | */ | ||||
142 | QList<wl_resource *> clientResources; | ||||
143 | private: | ||||
144 | // methods | ||||
145 | static void unbind(wl_resource *resource); | ||||
146 | static Private *cast(wl_resource *r) { | ||||
147 | return reinterpret_cast<Private*>(wl_resource_get_user_data(r)); | ||||
148 | } | ||||
149 | static void getBufferCallback(wl_client *client, wl_resource *resource, uint32_t buffer, int32_t internalBufId); | ||||
150 | static void releaseCallback(wl_client *client, wl_resource *resource); | ||||
if really only one client should be allowed (why?) it would be better to send a dedicated error state to inform it instead of "abusing" no memory. graesslin: if really only one client should be allowed (why?) it would be better to send a dedicated error… | |||||
Kanedias: Added ability to have multiple clients in the same time | |||||
151 | void bind(wl_client *client, uint32_t version, uint32_t id) override; | ||||
152 | | ||||
153 | /** | ||||
154 | * @brief Unreferences counter and frees buffer when it reaches zero | ||||
155 | * @param buf holder to decrease reference counter on | ||||
156 | * @return true if buffer was released, false otherwise | ||||
157 | */ | ||||
158 | bool unref(BufferHolder &buf); | ||||
159 | | ||||
this allows to have only one client bind it. As soon as a second client binds the protocol it will get overwritten and breaks the existing one. I think you need a QVector<wl_resource*> here. graesslin: this allows to have only one client bind it. As soon as a second client binds the protocol it… | |||||
Kanedias: Reimplemented | |||||
160 | // fields | ||||
161 | static const struct org_kde_kwin_remote_access_manager_interface s_interface; | ||||
162 | static const quint32 s_version; | ||||
163 | | ||||
164 | RemoteAccessManagerInterface *q; | ||||
165 | | ||||
166 | /** | ||||
167 | * Buffers that were sent but still not acked by server | ||||
168 | * Keys are fd numbers as they are unique | ||||
169 | **/ | ||||
170 | QHash<quint32, BufferHolder> sentBuffers; | ||||
171 | }; | ||||
172 | | ||||
173 | const quint32 RemoteAccessManagerInterface::Private::s_version = 1; | ||||
174 | | ||||
175 | RemoteAccessManagerInterface::Private::Private(RemoteAccessManagerInterface *q, Display *d) | ||||
176 | : Global::Private(d, &org_kde_kwin_remote_access_manager_interface, s_version) | ||||
177 | , q(q) | ||||
178 | { | ||||
179 | } | ||||
180 | | ||||
181 | void RemoteAccessManagerInterface::Private::bind(wl_client *client, uint32_t version, uint32_t id) | ||||
182 | { | ||||
183 | // create new client resource | ||||
184 | auto c = display->getConnection(client); | ||||
185 | wl_resource *resource = c->createResource(&org_kde_kwin_remote_access_manager_interface, qMin(version, s_version), id); | ||||
186 | if (!resource) { | ||||
187 | wl_client_post_no_memory(client); | ||||
188 | return; | ||||
189 | } | ||||
190 | wl_resource_set_implementation(resource, &s_interface, this, unbind); | ||||
191 | | ||||
192 | // add newly created client resource to the list | ||||
193 | clientResources << resource; | ||||
194 | } | ||||
195 | | ||||
196 | void RemoteAccessManagerInterface::Private::sendBufferReady(const OutputInterface *output, const BufferHandle *buf) | ||||
197 | { | ||||
198 | BufferHolder holder {buf, 0}; | ||||
199 | // notify clients | ||||
200 | qCDebug(KWAYLAND_SERVER) << "Server buffer sent: fd" << buf->fd(); | ||||
201 | for (auto res : clientResources) { | ||||
202 | auto client = wl_resource_get_client(res); | ||||
203 | auto boundScreens = output->clientResources(display->getConnection(client)); | ||||
204 | | ||||
205 | // no reason for client to bind wl_output multiple times | ||||
206 | Q_ASSERT(boundScreens.size() == 1); | ||||
romangg: Can a rogue client do it though? This would crash the server then? | |||||
Yes, I guess so... What would you propose? Should we send it only to first bound? Or last one? P.S. Even more: this interface has no authentication/authorization at all, so any client can connect and steal our video buffers. Kanedias: > Can a rogue client do it though? This would crash the server then?
Yes, I guess so... What… | |||||
Only first bound like you do it now. Just remove the Q_ASSERT (and make sure boundScreens.size() >= 1, otherwise continue).
That's a generic problem yet to be solved on Wayland / the Linux desktop. This also correlates with the push to containerized apps. I would just want something like the permission system in Android, but there might be better solutions. It's a bigger project for sure. Also see here for some early thoughts on it, which to my knowledge until now did not lead to anything more: http://www.mupuf.org/blog/2014/02/19/wayland-compositors-why-and-how-to-handle/ romangg: Only first bound like you do it now. Just remove the Q_ASSERT (and make sure `boundScreens.size… | |||||
207 | org_kde_kwin_remote_access_manager_send_buffer_ready(res, buf->fd(), boundScreens[0]); | ||||
romangg: Use braces: https://techbase.kde.org/Policies/Frameworks_Coding_Style#Braces | |||||
208 | holder.counter++; | ||||
209 | } | ||||
210 | // store buffer locally, clients will ask it later | ||||
211 | sentBuffers[buf->fd()] = holder; | ||||
212 | } | ||||
213 | | ||||
214 | #ifndef DOXYGEN_SHOULD_SKIP_THIS | ||||
215 | const struct org_kde_kwin_remote_access_manager_interface RemoteAccessManagerInterface::Private::s_interface = { | ||||
216 | getBufferCallback, | ||||
217 | releaseCallback | ||||
218 | }; | ||||
219 | #endif | ||||
220 | | ||||
221 | void RemoteAccessManagerInterface::Private::getBufferCallback(wl_client *client, wl_resource *resource, uint32_t buffer, int32_t internalBufId) | ||||
222 | { | ||||
223 | Private *p = cast(resource); | ||||
224 | | ||||
225 | // client asks for buffer we earlier announced, we must have it | ||||
226 | if (Q_UNLIKELY(!p->sentBuffers.contains(internalBufId))) { // no such buffer (?) | ||||
227 | wl_resource_post_no_memory(resource); | ||||
228 | return; | ||||
229 | } | ||||
230 | | ||||
231 | BufferHolder &bh = p->sentBuffers[internalBufId]; | ||||
232 | auto rbuf = new RemoteBufferInterface(p->q, resource, bh.buf); | ||||
233 | rbuf->create(p->display->getConnection(client), wl_resource_get_version(resource), buffer); | ||||
234 | if (!rbuf->resource()) { | ||||
235 | wl_resource_post_no_memory(resource); | ||||
236 | delete rbuf; | ||||
237 | return; | ||||
238 | } | ||||
239 | | ||||
240 | QObject::connect(rbuf, &QObject::destroyed, [p, rbuf, resource, &bh] { | ||||
241 | if (!p->clientResources.contains(resource)) { | ||||
graesslin: qCDebug | |||||
Kanedias: Done | |||||
242 | // remote buffer destroy confirmed after client is already gone | ||||
243 | // all relevant buffers are already unreferenced | ||||
244 | return; | ||||
245 | } | ||||
246 | | ||||
247 | qCDebug(KWAYLAND_SERVER) << "Remote buffer returned, client" << wl_resource_get_id(resource) | ||||
248 | << ", id" << rbuf->id() | ||||
249 | << ", fd" << bh.buf->fd(); | ||||
250 | if (p->unref(bh)) { | ||||
251 | p->sentBuffers.remove(bh.buf->fd()); | ||||
252 | } | ||||
253 | }); | ||||
254 | | ||||
255 | // send buffer params | ||||
256 | rbuf->passFd(); | ||||
257 | } | ||||
258 | | ||||
259 | void RemoteAccessManagerInterface::Private::releaseCallback(wl_client *client, wl_resource *resource) | ||||
260 | { | ||||
261 | Q_UNUSED(client); | ||||
262 | unbind(resource); | ||||
263 | } | ||||
264 | | ||||
graesslin: qCDebug | |||||
Kanedias: Done | |||||
265 | bool RemoteAccessManagerInterface::Private::unref(BufferHolder &bh) | ||||
266 | { | ||||
267 | bh.counter--; | ||||
268 | if (!bh.counter) { | ||||
269 | // no more clients using this buffer | ||||
270 | qCDebug(KWAYLAND_SERVER) << "Buffer released, fd" << bh.buf->fd(); | ||||
271 | emit q->bufferReleased(bh.buf); | ||||
272 | return true; | ||||
273 | } | ||||
274 | | ||||
275 | return false; | ||||
276 | } | ||||
277 | | ||||
278 | void RemoteAccessManagerInterface::Private::unbind(wl_resource *resource) | ||||
279 | { | ||||
280 | // we're unbinding, all sent buffers for this client are now effectively invalid | ||||
281 | Private *p = cast(resource); | ||||
282 | p->release(resource); | ||||
283 | } | ||||
284 | | ||||
285 | void RemoteAccessManagerInterface::Private::release(wl_resource *resource) | ||||
286 | { | ||||
287 | // all holders should decrement their counter as one client is gone | ||||
288 | QMutableHashIterator<quint32, BufferHolder> itr(sentBuffers); | ||||
289 | while (itr.hasNext()) { | ||||
290 | BufferHolder &bh = itr.next().value(); | ||||
291 | if (unref(bh)) { | ||||
292 | itr.remove(); | ||||
293 | } | ||||
294 | } | ||||
295 | | ||||
296 | clientResources.removeAll(resource); | ||||
297 | } | ||||
298 | | ||||
299 | RemoteAccessManagerInterface::Private::~Private() | ||||
300 | { | ||||
301 | // server deletes created interfaces, release all held buffers | ||||
302 | auto c = clientResources; // shadow copy | ||||
303 | for (auto res : c) { | ||||
304 | release(res); | ||||
305 | } | ||||
306 | } | ||||
307 | | ||||
308 | RemoteAccessManagerInterface::RemoteAccessManagerInterface(Display *display, QObject *parent) | ||||
309 | : Global(new Private(this, display), parent) | ||||
310 | { | ||||
311 | } | ||||
312 | | ||||
313 | void RemoteAccessManagerInterface::sendBufferReady(const OutputInterface *output, const BufferHandle *buf) | ||||
314 | { | ||||
315 | Private *priv = reinterpret_cast<Private *>(d.data()); | ||||
316 | priv->sendBufferReady(output, buf); | ||||
317 | } | ||||
318 | | ||||
319 | bool RemoteAccessManagerInterface::isBound() const | ||||
320 | { | ||||
321 | Private *priv = reinterpret_cast<Private *>(d.data()); | ||||
322 | return !priv->clientResources.isEmpty(); | ||||
323 | } | ||||
324 | | ||||
325 | class RemoteBufferInterface::Private : public Resource::Private | ||||
326 | { | ||||
327 | public: | ||||
328 | Private(RemoteAccessManagerInterface *ram, RemoteBufferInterface *q, wl_resource *pResource, const BufferHandle *buf); | ||||
329 | ~Private(); | ||||
330 | | ||||
331 | void passFd(); | ||||
332 | | ||||
333 | private: | ||||
334 | static const struct org_kde_kwin_remote_buffer_interface s_interface; | ||||
335 | | ||||
336 | const BufferHandle *wrapped; | ||||
337 | }; | ||||
you can use the new resourceDestroyedCallback in resource_p.h. It handles the destroy correctly and that will trigger the unbind and deleteLater automatically. graesslin: you can use the new resourceDestroyedCallback in resource_p.h. It handles the destroy correctly… | |||||
Kanedias: Reused, thanks | |||||
338 | | ||||
339 | #ifndef DOXYGEN_SHOULD_SKIP_THIS | ||||
340 | const struct org_kde_kwin_remote_buffer_interface RemoteBufferInterface::Private::s_interface = { | ||||
341 | resourceDestroyedCallback | ||||
342 | }; | ||||
343 | #endif | ||||
344 | | ||||
345 | RemoteBufferInterface::Private::Private(RemoteAccessManagerInterface *ram, RemoteBufferInterface *q, wl_resource *pResource, const BufferHandle *buf) | ||||
346 | : Resource::Private(q, ram, pResource, &org_kde_kwin_remote_buffer_interface, &s_interface), wrapped(buf) | ||||
347 | { | ||||
graesslin: that would trigger a double delete as I had to learn very painfully lately. | |||||
Kanedias: Removed that code completely, thanks to `resourceDestroyedCallback` | |||||
348 | } | ||||
349 | | ||||
350 | RemoteBufferInterface::Private::~Private() | ||||
351 | { | ||||
352 | } | ||||
353 | | ||||
354 | void RemoteBufferInterface::Private::passFd() | ||||
355 | { | ||||
356 | org_kde_kwin_remote_buffer_send_gbm_handle(resource, wrapped->fd(), | ||||
357 | wrapped->width(), wrapped->height(), wrapped->stride(), wrapped->format()); | ||||
358 | } | ||||
359 | | ||||
360 | RemoteBufferInterface::RemoteBufferInterface(RemoteAccessManagerInterface *ram, wl_resource *pResource, const BufferHandle *buf) | ||||
graesslin: you don't need that, it's already in Resource | |||||
Kanedias: Removed | |||||
361 | : Resource(new Private(ram, this, pResource, buf), ram) | ||||
362 | { | ||||
363 | } | ||||
364 | | ||||
365 | RemoteBufferInterface::Private *RemoteBufferInterface::d_func() const | ||||
366 | { | ||||
367 | return reinterpret_cast<Private*>(d.data()); | ||||
368 | } | ||||
369 | | ||||
370 | | ||||
371 | void RemoteBufferInterface::passFd() | ||||
372 | { | ||||
373 | d_func()->passFd(); | ||||
374 | } | ||||
375 | | ||||
376 | } | ||||
377 | } |
you can just include "logging_p.h"