From nobody Tue Feb 10 00:00:29 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates
 8.43.85.245 as permitted sender) client-ip=8.43.85.245;
 envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=fail(p=none dis=none)  header.from=gmail.com
Return-Path: <devel-bounces@lists.libvirt.org>
Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by
 mx.zohomail.com
	with SMTPS id 174412998814745.71393745980765;
 Tue, 8 Apr 2025 09:33:08 -0700 (PDT)
Received: by lists.libvirt.org (Postfix, from userid 996)
	id 34645CEF; Tue,  8 Apr 2025 12:33:07 -0400 (EDT)
Received: from lists.libvirt.org (localhost [IPv6:::1])
	by lists.libvirt.org (Postfix) with ESMTP id D587DA4A;
	Tue,  8 Apr 2025 12:31:23 -0400 (EDT)
Received: by lists.libvirt.org (Postfix, from userid 996)
	id A7466B31; Tue,  8 Apr 2025 12:31:14 -0400 (EDT)
Received: from mail-ej1-f47.google.com (mail-ej1-f47.google.com
 [209.85.218.47])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by lists.libvirt.org (Postfix) with ESMTPS id 0E35114D7
	for <devel@lists.libvirt.org>; Tue,  8 Apr 2025 12:31:13 -0400 (EDT)
Received: by mail-ej1-f47.google.com with SMTP id
 a640c23a62f3a-ac298c8fa50so964812266b.1
        for <devel@lists.libvirt.org>; Tue, 08 Apr 2025 09:31:13 -0700 (PDT)
Received: from tulp.my.domain (80-115-115-199.cable.dynamic.v4.ziggo.nl.
 [80.115.115.199])
        by smtp.gmail.com with ESMTPSA id
 a640c23a62f3a-ac7bfe5c5ffsm937295966b.23.2025.04.08.09.31.10
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 08 Apr 2025 09:31:10 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_ADSP_CUSTOM_MED,
	DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,
	RCVD_IN_MSPIKE_H2,RCVD_IN_VALIDITY_RPBL_BLOCKED,
	RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_HELO_NONE autolearn=unavailable
	autolearn_force=no version=3.4.4
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1744129872; x=1744734672;
 darn=lists.libvirt.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=iGYjF3BnbXfDtcBMVESIpOHW69CezbR4H1H9DENHVEQ=;
        b=fFETZcrvFOrg7VwG/8iWxgXc49FJPL1gbSFD0uT/9EOFcjKsuHXSBp18CVkcwhtPMF
         ZmuZKVMClAA4LAkDgNNtbkt37wf5TtbogUph/fy3kWxfzXgNpOoqQRSIxWOntPahxOcp
         plV9iFsGSfk09IJ4UBcdLcN1emQwtHoV08vL3Sr2fA34RdDVuLjOO7dHY9PZWyvA8Ot6
         MsY3xw+zTUwG8tnHfU+TuXorgmskVpt2k3glU942jWGMwCGRqKk0XZoTq1RVORnThcVF
         zmdVIzqxVgd1hx22ZCqp06kZMqG6Moq9786OspcwsBw6cNfmXWuHH4UT3QGtAxOeraLo
         Ke2Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1744129872; x=1744734672;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=iGYjF3BnbXfDtcBMVESIpOHW69CezbR4H1H9DENHVEQ=;
        b=ELaXqTEBkxAyuXualqHvPvrPu6NPlqPi9AINgSaU/Ar/5iGz93mFWBiY1SEhwzYTYV
         AE9QzswEou/FWcqN1hvvZHyFEAy8RAqiMDLVUxHI0KBL4NXTENT4v7V/vEjY/z3BmOoL
         C7m4puvImIFtRzvDf6cf5c7XsbryMxn/1qoOdU4ccqcMDZ+KQ7WklQjLqb3OssLwYKZl
         510VALZvhODSXR1THjvDvlVGlyEoMt1AyFDW/OM/ssThXb1A35QL/BoFxN76tjhkYsuH
         obJGNV6lvmydwpN/aXo5xySQJsv4BIaz9kC76TgAWrgPl3kwMyNx96R5LF4gdY1QeFn2
         nR7Q==
X-Gm-Message-State: AOJu0Yz+tNizqLuQSs1CB3iI3S2+tjrzm+il2FEk/TYZY5Sskh6f47mz
	pfgcoFWXt5pPeS5HYgNj8HPGwX8XKE3EX9Izvr8+XaH4ZUoWdb/ffiP7uYmbYCWzAg==
X-Gm-Gg: ASbGncuB2qJ9ZHOP07DEb2PJ0MIcViDJ5YKJ5QeqcCv89rxiYMnZ1obe/qAV9maMld4
	tnhHe8RvGnPVhKSbwO10qDoJKgTUp+4ZZ63sqTUwZHrCdHF0iO0CGNGwNYjIadMl8V6qIMMXORf
	PqW/VJSyz0MoIofXmL3BgbFwiLNqyvS3sGEsil9AP+yxAun3dG+9+GfnMwkE5kjuFNyEOQT/YuS
	PV1LpzcMYlO4NMHig+21xd0mGYVl2H87RpXwNOGvkhWo581wMs/nfJzcw8zHv6DuN5R9PSDt3p8
	mVygexwwpFSagNypDs5yz0zGf2aEnxPWVuk0UsNmmW0lNaQrV92l4lOa5QUMaQuBsbNKnB+7+XM
	5MNb3jQ05+SNYmVCwGUSyjHhvO1Up
X-Google-Smtp-Source: 
 AGHT+IGdKYQMu31LULPglkHgiqgdjMFvBu63oJQRbSy4Dnnzjv9uKfXtur0Mdsup12st30P7mraFmg==
X-Received: by 2002:a17:907:9443:b0:ac6:ba91:ca4d with SMTP id
 a640c23a62f3a-ac7d17da774mr1492552466b.31.1744129871444;
        Tue, 08 Apr 2025 09:31:11 -0700 (PDT)
From: Roman Bogorodskiy <bogorodskiy@gmail.com>
To: devel@lists.libvirt.org
Subject: [PATCH 3/3] bhyve: extend RNG device validation
Date: Tue,  8 Apr 2025 18:27:30 +0200
Message-ID: <20250408162730.67891-4-bogorodskiy@gmail.com>
X-Mailer: git-send-email 2.49.0
In-Reply-To: <20250408162730.67891-1-bogorodskiy@gmail.com>
References: <20250408162730.67891-1-bogorodskiy@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: 6L4WDURLELHAUYHNNLL54MYCNIY4I4EF
X-Message-ID-Hash: 6L4WDURLELHAUYHNNLL54MYCNIY4I4EF
X-MailFrom: bogorodskiy@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; header-match-config-1;
 header-match-config-2; header-match-config-3;
 header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 suspicious-header
CC: Roman Bogorodskiy <bogorodskiy@gmail.com>
X-Mailman-Version: 3.2.2
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <devel.lists.libvirt.org>
Archived-At: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/6L4WDURLELHAUYHNNLL54MYCNIY4I4EF/>
List-Archive: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/>
List-Help: <mailto:devel-request@lists.libvirt.org?subject=help>
List-Post: <mailto:devel@lists.libvirt.org>
List-Subscribe: <mailto:devel-join@lists.libvirt.org>
List-Unsubscribe: <mailto:devel-leave@lists.libvirt.org>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZM-MESSAGEID: 1744130007640019100
Content-Type: text/plain; charset="utf-8"

Add a bunch of device def validation to catch unsupported RNG device
configurations early.

Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
---
 src/bhyve/bhyve_domain.c                      | 21 +++++++++++++++
 ...yvexml2argv-virtio-rnd-backend-builtin.xml | 26 +++++++++++++++++++
 ...io-rnd-backend-random-non-default-file.xml | 26 +++++++++++++++++++
 .../bhyvexml2argv-virtio-rnd-transitional.xml | 26 +++++++++++++++++++
 tests/bhyvexml2argvtest.c                     |  3 +++
 5 files changed, 102 insertions(+)
 create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-virtio-rnd-backen=
d-builtin.xml
 create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-virtio-rnd-backen=
d-random-non-default-file.xml
 create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-virtio-rnd-transi=
tional.xml

diff --git a/src/bhyve/bhyve_domain.c b/src/bhyve/bhyve_domain.c
index 7d1ea7f1b1..ca5176885a 100644
--- a/src/bhyve/bhyve_domain.c
+++ b/src/bhyve/bhyve_domain.c
@@ -2,6 +2,7 @@
  * bhyve_domain.c: bhyve domain private state
  *
  * Copyright (C) 2014 Roman Bogorodskiy
+ * Copyright (C) 2025 The FreeBSD Foundation
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
@@ -243,6 +244,26 @@ bhyveDomainDeviceDefValidate(const virDomainDeviceDef =
*dev,
         return -1;
     }
=20
+    if (dev->type =3D=3D VIR_DOMAIN_DEVICE_RNG) {
+        if (dev->data.rng->model =3D=3D VIR_DOMAIN_RNG_MODEL_VIRTIO) {
+            if (dev->data.rng->backend =3D=3D VIR_DOMAIN_RNG_BACKEND_RANDO=
M) {
+                if (STRNEQ(dev->data.rng->source.file, "/dev/random")) {
+                    virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                                   _("Only /dev/random source is supported=
"));
+                    return -1;
+                }
+            } else {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                               _("Only 'random' backend model is supported=
"));
+                return -1;
+            }
+        } else {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                           _("Only 'virio' RNG device model is supported")=
);
+            return -1;
+        }
+    }
+
     return 0;
 }
=20
diff --git a/tests/bhyvexml2argvdata/bhyvexml2argv-virtio-rnd-backend-built=
in.xml b/tests/bhyvexml2argvdata/bhyvexml2argv-virtio-rnd-backend-builtin.x=
ml
new file mode 100644
index 0000000000..ffca72d120
--- /dev/null
+++ b/tests/bhyvexml2argvdata/bhyvexml2argv-virtio-rnd-backend-builtin.xml
@@ -0,0 +1,26 @@
+<domain type=3D'bhyve'>
+  <name>bhyve</name>
+  <uuid>df3be7e7-a104-11e3-aeb0-50e5492bd3dc</uuid>
+  <memory>219136</memory>
+  <vcpu>1</vcpu>
+  <os>
+    <type>hvm</type>
+  </os>
+  <devices>
+    <disk type=3D'file'>
+      <driver name=3D'file' type=3D'raw'/>
+      <source file=3D'/tmp/freebsd.img'/>
+      <target dev=3D'hda' bus=3D'sata'/>
+      <address type=3D'drive' controller=3D'0' bus=3D'0' target=3D'2' unit=
=3D'0'/>
+    </disk>
+    <interface type=3D'bridge'>
+      <mac address=3D'52:54:00:b9:94:02'/>
+      <model type=3D'virtio'/>
+      <source bridge=3D"virbr0"/>
+      <address type=3D'pci' domain=3D'0x0000' bus=3D'0x00' slot=3D'0x03' f=
unction=3D'0x0'/>
+    </interface>
+    <rng model=3D'virtio'>
+      <backend model=3D'builtin'/>
+    </rng>
+  </devices>
+</domain>
diff --git a/tests/bhyvexml2argvdata/bhyvexml2argv-virtio-rnd-backend-rando=
m-non-default-file.xml b/tests/bhyvexml2argvdata/bhyvexml2argv-virtio-rnd-b=
ackend-random-non-default-file.xml
new file mode 100644
index 0000000000..08457df89a
--- /dev/null
+++ b/tests/bhyvexml2argvdata/bhyvexml2argv-virtio-rnd-backend-random-non-d=
efault-file.xml
@@ -0,0 +1,26 @@
+<domain type=3D'bhyve'>
+  <name>bhyve</name>
+  <uuid>df3be7e7-a104-11e3-aeb0-50e5492bd3dc</uuid>
+  <memory>219136</memory>
+  <vcpu>1</vcpu>
+  <os>
+    <type>hvm</type>
+  </os>
+  <devices>
+    <disk type=3D'file'>
+      <driver name=3D'file' type=3D'raw'/>
+      <source file=3D'/tmp/freebsd.img'/>
+      <target dev=3D'hda' bus=3D'sata'/>
+      <address type=3D'drive' controller=3D'0' bus=3D'0' target=3D'2' unit=
=3D'0'/>
+    </disk>
+    <interface type=3D'bridge'>
+      <mac address=3D'52:54:00:b9:94:02'/>
+      <model type=3D'virtio'/>
+      <source bridge=3D"virbr0"/>
+      <address type=3D'pci' domain=3D'0x0000' bus=3D'0x00' slot=3D'0x03' f=
unction=3D'0x0'/>
+    </interface>
+    <rng model=3D'virtio'>
+      <backend model=3D'random'>/random/dev</backend>
+    </rng>
+  </devices>
+</domain>
diff --git a/tests/bhyvexml2argvdata/bhyvexml2argv-virtio-rnd-transitional.=
xml b/tests/bhyvexml2argvdata/bhyvexml2argv-virtio-rnd-transitional.xml
new file mode 100644
index 0000000000..abcb7182ed
--- /dev/null
+++ b/tests/bhyvexml2argvdata/bhyvexml2argv-virtio-rnd-transitional.xml
@@ -0,0 +1,26 @@
+<domain type=3D'bhyve'>
+  <name>bhyve</name>
+  <uuid>df3be7e7-a104-11e3-aeb0-50e5492bd3dc</uuid>
+  <memory>219136</memory>
+  <vcpu>1</vcpu>
+  <os>
+    <type>hvm</type>
+  </os>
+  <devices>
+    <disk type=3D'file'>
+      <driver name=3D'file' type=3D'raw'/>
+      <source file=3D'/tmp/freebsd.img'/>
+      <target dev=3D'hda' bus=3D'sata'/>
+      <address type=3D'drive' controller=3D'0' bus=3D'0' target=3D'2' unit=
=3D'0'/>
+    </disk>
+    <interface type=3D'bridge'>
+      <mac address=3D'52:54:00:b9:94:02'/>
+      <model type=3D'virtio'/>
+      <source bridge=3D"virbr0"/>
+      <address type=3D'pci' domain=3D'0x0000' bus=3D'0x00' slot=3D'0x03' f=
unction=3D'0x0'/>
+    </interface>
+    <rng model=3D'virtio-transitional'>
+      <backend model=3D'random'/>
+    </rng>
+  </devices>
+</domain>
diff --git a/tests/bhyvexml2argvtest.c b/tests/bhyvexml2argvtest.c
index 74d9ba4f70..3831f0c65d 100644
--- a/tests/bhyvexml2argvtest.c
+++ b/tests/bhyvexml2argvtest.c
@@ -244,6 +244,9 @@ mymain(void)
     driver.bhyvecaps &=3D ~BHYVE_CAP_VIRTIO_9P;
     DO_TEST_FAILURE("fs-9p");
     DO_TEST("virtio-rnd");
+    DO_TEST_FAILURE("virtio-rnd-backend-random-non-default-file");
+    DO_TEST_FAILURE("virtio-rnd-backend-builtin");
+    DO_TEST_FAILURE("virtio-rnd-transitional");
     driver.bhyvecaps &=3D ~BHYVE_CAP_VIRTIO_RND;
     DO_TEST_FAILURE("virtio-rnd");
=20
--=20
2.49.0