WIP vhost support

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

Makefile.am

@@ -65,13 +65,17 @@ lib_srcs_yubikey = yubikey.c
 lib_srcs_stoken = stoken.c
 lib_srcs_esp = esp.c esp-seqno.c
 lib_srcs_dtls = dtls.c
+lib_srcs_vhost = vhost.c
 
 POTFILES = $(openconnect_SOURCES) gnutls-esp.c gnutls-dtls.c openssl-esp.c openssl-dtls.c \
 	   $(lib_srcs_esp) $(lib_srcs_dtls) gnutls_tpm2_esys.c gnutls_tpm2_ibm.c \
 	   $(lib_srcs_openssl) $(lib_srcs_gnutls) $(library_srcs) \
 	   $(lib_srcs_win32) $(lib_srcs_posix) $(lib_srcs_gssapi) $(lib_srcs_iconv) \
-	   $(lib_srcs_yubikey) $(lib_srcs_stoken) $(lib_srcs_oidc)
+	   $(lib_srcs_yubikey) $(lib_srcs_stoken) $(lib_srcs_oidc) $(lib_srcs_vhost)
 
+if OPENCONNECT_VHOST
+library_srcs += $(lib_srcs_vhost)
+endif
 if OPENCONNECT_LIBPCSCLITE
 library_srcs += $(lib_srcs_yubikey)
 endif

configure.ac

@@ -1168,6 +1168,11 @@ AC_CHECK_HEADER([if_tun.h],
 AC_CHECK_HEADER([net/if_utun.h], AC_DEFINE([HAVE_NET_UTUN_H], 1, [Have net/if_utun.h]), ,
 		[#include <sys/types.h>])
 
+have_vhost=no
+AC_CHECK_HEADER([linux/vhost.h], [have_vhost=yes
+				  AC_DEFINE([HAVE_VHOST], 1, [Have vhost])])
+AM_CONDITIONAL(OPENCONNECT_VHOST, [test "$have_vhost" = "yes"])
+
 AC_CHECK_HEADER([alloca.h], AC_DEFINE([HAVE_ALLOCA_H], 1, [Have alloca.h]))
 
 AC_CHECK_HEADER([endian.h],

library.c

@@ -66,6 +66,9 @@ struct openconnect_info *openconnect_vpninfo_new(const char *useragent,
 		vpninfo->ic_legacy_to_utf8 = (iconv_t)-1;
 	}
 #endif
+#ifdef HAVE_VHOST
+	vpninfo->vhost_fd = vpninfo->vhost_call_fd = vpninfo->vhost_kick_fd = -1;
+#endif
 #ifndef _WIN32
 	vpninfo->tun_fd = -1;
 #endif

mainloop.c

@@ -58,6 +58,11 @@ int tun_mainloop(struct openconnect_info *vpninfo, int *timeout, int readable)
 		return 0;
 	}
 
+#ifdef HAVE_VHOST
+	if (vpninfo->vhost_fd != -1)
+		return vhost_tun_mainloop(vpninfo, timeout);
+#endif
+
 	if (readable && read_fd_monitored(vpninfo, tun)) {
 		struct pkt *out_pkt = vpninfo->tun_pkt;
 		while (1) {

openconnect-internal.h

@@ -139,6 +139,21 @@
 #define IPPROTO_IPIP 0x04
 #endif
 
+#ifdef HAVE_VHOST
+#include <linux/vhost.h>
+
+struct oc_vring {
+	struct vring_desc *desc;
+	struct vring_avail *avail;
+	struct vring_used *used;
+	int seen_used;
+	int outstanding;
+	int next_desc;
+};
+
+#endif
+
+
 /****************************************************************************/
 
 struct pkt {
@@ -711,6 +726,10 @@ struct openconnect_info {
 	int ip_fd;
 	int ip6_fd;
 #endif
+#ifdef HAVE_VHOST
+	int vhost_fd, vhost_call_fd, vhost_kick_fd;
+	struct oc_vring tx_vring, rx_vring;
+	#endif
 #ifdef _WIN32
 	HMODULE wintun;
 	wchar_t *ifname_w;
@@ -970,6 +989,11 @@ void free_split_routes(struct oc_ip_info *ip_info);
 int install_vpn_opts(struct openconnect_info *vpninfo, struct oc_vpn_option *opt,
 		     struct oc_ip_info *ip_info);
 
+/* vhost.h */
+int setup_vhost(struct openconnect_info *vpninfo, int tun_fd);
+void shutdown_vhost(struct openconnect_info *vpninfo);
+int vhost_tun_mainloop(struct openconnect_info *vpninfo, int *timeout);
+
 /* tun.c / tun-win32.c */
 void os_shutdown_tun(struct openconnect_info *vpninfo);
 int os_read_tun(struct openconnect_info *vpninfo, struct pkt *pkt);

tun.c

@@ -457,15 +457,20 @@ int openconnect_setup_tun_fd(struct openconnect_info *vpninfo, int tun_fd)
 
 	vpninfo->tun_fd = tun_fd;
 
-	monitor_fd_new(vpninfo, tun);
-	monitor_read_fd(vpninfo, tun);
-
 	if (set_sock_nonblock(tun_fd)) {
 		vpn_progress(vpninfo, PRG_ERR, _("Failed to make tun socket nonblocking: %s\n"),
 			     strerror(errno));
 		return -EIO;
 	}
 
+#ifdef HAVE_VHOST
+	if (!setup_vhost(vpninfo, tun_fd))
+		return 0;
+#endif
+
+	monitor_fd_new(vpninfo, tun);
+	monitor_read_fd(vpninfo, tun);
+
 	return 0;
 }
 
@@ -591,6 +596,10 @@ void os_shutdown_tun(struct openconnect_info *vpninfo)
 #endif
 	}
 
+#ifdef HAVE_VHOST
+	shutdown_vhost(vpninfo);
+#endif
+
 	if (vpninfo->vpnc_script)
 		close(vpninfo->tun_fd);
 	vpninfo->tun_fd = -1;