From: Christophe de Dinechin <cdupontd@redhat.com>
To: "\"Daniel P. Berrangé\"" <berrange@redhat.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>, qemu-devel@nongnu.org
Subject: Re: vnc clipboard support
Date: Mon, 1 Feb 2021 16:27:43 +0100 [thread overview]
Message-ID: <05C58667-D9BA-49E2-897D-2286B243E802@redhat.com> (raw)
In-Reply-To: <20210129143252.GE4008275@redhat.com>
[-- Attachment #1: Type: text/plain, Size: 6406 bytes --]
> On 29 Jan 2021, at 15:32, Daniel P. Berrangé <berrange@redhat.com> wrote:
>
> On Fri, Jan 29, 2021 at 03:19:45PM +0100, Christophe de Dinechin wrote:
>>
>>
>>> On 29 Jan 2021, at 12:08, Daniel P. Berrangé <berrange@redhat.com> wrote:
>>>
>>> On Fri, Jan 29, 2021 at 11:50:10AM +0100, Christophe de Dinechin wrote:
>>>>
>>>>
>>>>> On 29 Jan 2021, at 09:03, Gerd Hoffmann <kraxel@redhat.com> wrote:
>>>>>
>>>>> Hi,
>>>>>
>>>>>>> (1) Have some guest agent (spice does it that way).
>>>>>>> Advantage: more flexible, allows more features.
>>>>>>> Disadvantage: requires agent in the guest.
>>>>>>
>>>>>> What about running the option to relay data to a VNC server in the
>>>>>> guest if there is one running? In other words, using an existing
>>>>>> VNC server as an agent, with the option of having a stripped-down,
>>>>>> clipboard only VNC server as a later optimization.
>>>>>
>>>>> Well, if you run Xvnc in the guest anyway why use the qemu vnc server
>>>>> in the first place?
>>>>
>>>> I assume that if you use the qemu VNC, it's because you you don't want to
>>>> run Xvnc on some external network, or care about accessing the guest
>>>> before Xvnc can be launched. There can be many reasons.
>>>>
>>>> Again, I want to make it clear that my suggestion is _not_ simply to access
>>>> the existing Xvnc as is, but rather to stick with some VNC server code to handle
>>>> the clipboard if / when possible.
>>>>
>>>> Let me try to imagine a scenario, where I'll use a macOS guest intentionally
>>>> to clarify what I was thinking about.
>>>>
>>>> - During early boot, there is no in-guest VNC server, so to address that,
>>>> you connect to the qemu VNC. At this stage, all screen refresh is handled
>>>> by the qemu VNC, and the best you can do if you want to support any
>>>> kind of copy-paste is to convert it to virtual keystrokes. The same would
>>>> be true for Linux on a text console.
>>>>
>>>> - Then comes up you macOS guest, and it still has no VNC port open,
>>>> so you are stuck with qemu-vnc doing all the work. But now you can
>>>> enable screen sharing, and that launches the Apple-maintained macOS
>>>> VNC server.
>>>>
>>>> - Let's assume for illustration that this listens on some private network
>>>> that qemu can access, but that is not visible externally. In this case,
>>>> you could not VNC to the guest, but you can still VNC to qemu.
>>>>
>>>> - What I'm suggesting is that qemu-vnc could then switch to simply
>>>> relaying VNC traffic to that in-guest server. You'd get the smart update
>>>> algorithm that Apple has put in place to deal with transparency and the
>>>> like, as well as a level of guest OS integration that would otherwise be
>>>> much harder to replicate.
>>>
>>> IMHO that's an awful lot of complexity to add to the system
>>> that isn't especially useful and this opens up new attack
>>> vectors for the guest to exploit the host.
>>>
>>> If people have VNC/RDP/whatever configured inside their guest
>>> OS, then there's really little to no reason for them to want
>>> to connect to the QEMU VNC server, as viewing initial bootup
>>> phase is not required in normal case. The only time such
>>> people will need to use the QEMU VNC server is if the guest
>>> OS has broken in some way before it fully booted and thus failed
>>> to start the guest VNC server. There is no guest VNC server
>>> to hand off to in this scenario.
>>
>> It's a matter of what you want to do with that qemu vnc.
>>
>> If it's only a backup when there's nothing in the guest to help,
>> then maybe trying to support copy-paste is not a good idea.
>>
>> If it's a standard go-to access point for connecting to your
>> guest, then making it smart is hard, but useful.
>>
>>>
>>> The value of the QEMU host side VNC server is that it works
>>> for all possible guest OS, no matter whether they are running
>>> normally or broken, regardless of what the guest admin has
>>> configured in terms of guest level remote desktop.
>>
>> Understood.
>>
>> The downside is that there are things it can't do. It cannot correctly
>> determine the keyboard map, because that's controlled in software
>> in the guest.
>
> There is no need for the remote desktop server to care about the
> keymap. The remote client takes scancodes and passes them to the
> server, which then passes them to the guest.
Aren't we talking about pasting clipboard data here?
I assume that clipboard data is not encoded as scancodes.
>
> The person connected to the remote server simply has to configure
> their guest OS keymap to match the physical keyboard they currently
> have plugged in.
>
> The only reason a remote server would need to know the keymap is
> if it was trying to translate from keycodes back into scancodes.
> This is what VNC protocol had to do originally, but VNC was since
> extended to pass raw scancodes instead of keycodes, precisely to
> avoid needing to care about keymaps.
>
>>> IOW, if you have a guest remote desktop solution you'll just
>>> use that 99% of the time. If you don't have that, then you'll
>>> use QEMU VNC/SPICE server, and there won't be anything in the
>>> guest for that to proxy to/from.
>>
>> If really the assumption is there is nothing in the guest to help
>> us, then I'd say "paste" should come up with a warning "do you want
>> me to try and translate that into keystrokes", and I don't see how to
>> implement copy from a graphical display without OCR…
>
> I'm not saying we can't use stuff in the guest, just that we should be
> pragmatic about what we interact with in the guest and degrade nicely.
> I don't think that proxying from a host VNC server to a guest VNC server
> is sensible, but making use of a guest agent of some kind is not
> unreasonable, especially if we can use one that already exists.
>
>
> Regards,
> Daniel
> --
> |: https://berrange.com <https://berrange.com/> -o- https://www.flickr.com/photos/dberrange <https://www.flickr.com/photos/dberrange> :|
> |: https://libvirt.org <https://libvirt.org/> -o- https://fstop138.berrange.com <https://fstop138.berrange.com/> :|
> |: https://entangle-photo.org <https://entangle-photo.org/> -o- https://www.instagram.com/dberrange <https://www.instagram.com/dberrange> :|
[-- Attachment #2: Type: text/html, Size: 32410 bytes --]
next prev parent reply other threads:[~2021-02-01 15:29 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-28 17:12 vnc clipboard support Gerd Hoffmann
2021-01-28 17:35 ` Daniel P. Berrangé
2021-01-29 7:59 ` Gerd Hoffmann
2021-01-28 17:38 ` Christophe de Dinechin
2021-01-29 8:03 ` Gerd Hoffmann
2021-01-29 10:50 ` Christophe de Dinechin
2021-01-29 11:08 ` Daniel P. Berrangé
2021-01-29 14:19 ` Christophe de Dinechin
2021-01-29 14:32 ` Daniel P. Berrangé
2021-02-01 15:27 ` Christophe de Dinechin [this message]
2021-02-01 15:51 ` Daniel P. Berrangé
2021-02-01 16:31 ` Christophe de Dinechin
2021-02-01 16:56 ` Daniel P. Berrangé
2021-02-01 17:28 ` Christophe de Dinechin
2021-02-01 17:40 ` Daniel P. Berrangé
2021-02-01 18:45 ` BALATON Zoltan
2021-02-02 11:31 ` Gerd Hoffmann
2021-02-02 12:31 ` BALATON Zoltan
2021-02-02 12:38 ` Daniel P. Berrangé
2021-02-02 13:35 ` Gerd Hoffmann
2021-02-02 16:36 ` Gerd Hoffmann
2021-02-02 21:00 ` Marc-André Lureau
2021-02-03 9:40 ` Gerd Hoffmann
2021-02-02 11:10 ` Gerd Hoffmann
2021-02-02 11:17 ` Daniel P. Berrangé
2021-02-02 11:44 ` Gerd Hoffmann
2021-01-29 15:04 ` Gerd Hoffmann
2021-02-01 17:07 ` Christophe de Dinechin
2021-01-29 11:49 ` Gerd Hoffmann
2021-01-29 13:28 ` Christophe de Dinechin
2021-01-28 17:57 ` Laszlo Ersek
2021-01-29 8:09 ` Gerd Hoffmann
2021-01-29 10:02 ` Daniel P. Berrangé
2021-01-28 20:18 ` Marc-André Lureau
2021-01-28 20:47 ` BALATON Zoltan
2021-01-29 7:59 ` Christophe de Dinechin
2021-01-29 8:27 ` Gerd Hoffmann
2021-01-29 8:34 ` Marc-André Lureau
2021-01-29 10:33 ` Gerd Hoffmann
2021-01-29 11:10 ` Daniel P. Berrangé
2021-01-29 11:24 ` Daniel P. Berrangé
2021-01-29 11:58 ` Marc-André Lureau
2021-01-29 12:21 ` Daniel P. Berrangé
2021-01-29 12:02 ` Gerd Hoffmann
2021-01-29 12:10 ` Marc-André Lureau
[not found] <CWLP265MB5209050A121EB63FE07F9BD5A8689@CWLP265MB5209.GBRP265.PROD.OUTLOOK.COM>
2023-04-30 16:20 ` VNC " Philipp Hahn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=05C58667-D9BA-49E2-897D-2286B243E802@redhat.com \
--to=cdupontd@redhat.com \
--cc=berrange@redhat.com \
--cc=kraxel@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).