From nobody Tue Mar  3 03:06:20 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates
 8.43.85.245 as permitted sender) client-ip=8.43.85.245;
 envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass(p=reject dis=none)  header.from=lists.libvirt.org
ARC-Seal: i=1; a=rsa-sha256; t=1771919587; cv=none;
	d=zohomail.com; s=zohoarc;
	b=dvTg+SzjVC5jQMjIKf/hnAET3ef7r72Tm6sL+ub2SqB9Xb670p5US3f3AP8KaDRAW+MAY5+3a/yFXqymwSPnW/Z+/LGIXDWbY/og1r3vpNckQ45LoM5AjONexB/9Cb94/eSFMaRis7tHK3PVXjh7GNT6Y7Lb4vldqOW2WChUXOk=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1771919587;
 h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc;
	bh=G/MDCpKe3JqXRoYX38irQzAKky+VR0lbQkA2sfhGzmk=;
	b=XjRKp+/cjNa/QrYK7G34z/bavULUJHnxCzN/lktPmkKG5Nb06iNO1VhpJ/5cPEdmEw6TT4EBF39dx9WuhhDelAslYdUsytp/3rK5FLYmUC4VqRFflyitGupBhZTaesyR2Ejn23VwiazN5O8fXxxvq4gnzKH2S6sL7h8aCbi/e4Y=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass header.from=<devel@lists.libvirt.org> (p=reject dis=none)
Return-Path: <devel-bounces@lists.libvirt.org>
Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by
 mx.zohomail.com
	with SMTPS id 1771919587170331.65091485495793;
 Mon, 23 Feb 2026 23:53:07 -0800 (PST)
Received: by lists.libvirt.org (Postfix, from userid 993)
	id D0D6941C08; Tue, 24 Feb 2026 02:53:04 -0500 (EST)
Received: from [172.19.199.9] (lists.libvirt.org [8.43.85.245])
	by lists.libvirt.org (Postfix) with ESMTP id EE54841C4A;
	Tue, 24 Feb 2026 02:52:18 -0500 (EST)
Received: by lists.libvirt.org (Postfix, from userid 993)
	id A779841B4C; Tue, 24 Feb 2026 02:52:13 -0500 (EST)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest
 SHA256)
	(No client certificate requested)
	by lists.libvirt.org (Postfix) with ESMTPS id 48C4341A0A
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 02:52:13 -0500 (EST)
Received: from mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com
 (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by
 relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,
 cipher=TLS_AES_256_GCM_SHA384) id us-mta-483-GMjOvc8mMrqqxdXYuDRcNQ-1; Tue,
 24 Feb 2026 02:52:11 -0500
Received: from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com
 (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS
 id 4A88D180025F
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 07:52:10 +0000 (UTC)
Received: from vhost3.router.laine.org (unknown [10.22.64.82])
	by mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP
 id E79EE1800370
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 07:52:09 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,HELO_MISC_IP,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,
	RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED,
	RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable
	autolearn_force=no version=4.0.1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1771919532;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=G/MDCpKe3JqXRoYX38irQzAKky+VR0lbQkA2sfhGzmk=;
	b=MFIJ/bhtLU+Rl77QwA885PhVouVBbuuP8HE3CLT82u41WCaCjVZNfCbevEwxBt1CTjDsF5
	rO09ezTrYhqGrrNcabI/XqMA2JOJFFu9Hj29BA5ooJrbwD8EZYhr4oCxTQF7yr/TE0gDCw
	tg9WpOcRJEgwIDg/iT2gwvyYxf0c8fE=
X-MC-Unique: GMjOvc8mMrqqxdXYuDRcNQ-1
X-Mimecast-MFC-AGG-ID: GMjOvc8mMrqqxdXYuDRcNQ_1771919530
To: devel@lists.libvirt.org
Subject: [PATCH 1/6] qemu: delete passt "repair" socket when appropriate
Date: Tue, 24 Feb 2026 02:52:03 -0500
Message-ID: <20260224075208.225959-2-laine@redhat.com>
In-Reply-To: <20260224075208.225959-1-laine@redhat.com>
References: <20260224075208.225959-1-laine@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.93
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: PpCMid0dWo6m6FukG5I-p_KgyTLM6AdZfXVHnL9qhOE_1771919530
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: HGABZUXU3XTYCEXNI52AIV5DK4ZK53XR
X-Message-ID-Hash: HGABZUXU3XTYCEXNI52AIV5DK4ZK53XR
X-MailFrom: laine@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; header-match-devel.lists.libvirt.org-0; emergency;
 member-moderation; nonmember-moderation; administrivia; implicit-dest;
 max-recipients; max-size; news-moderation; no-subject; digests;
 suspicious-header
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <devel.lists.libvirt.org>
Archived-At: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/HGABZUXU3XTYCEXNI52AIV5DK4ZK53XR/>
List-Archive: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/>
List-Help: <mailto:devel-request@lists.libvirt.org?subject=help>
List-Owner: <mailto:devel-owner@lists.libvirt.org>
List-Post: <mailto:devel@lists.libvirt.org>
List-Subscribe: <mailto:devel-join@lists.libvirt.org>
List-Unsubscribe: <mailto:devel-leave@lists.libvirt.org>
From: Laine Stump via Devel <devel@lists.libvirt.org>
Reply-To: Laine Stump <laine@redhat.com>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZM-MESSAGEID: 1771919589709158500
Content-Type: text/plain; charset="utf-8"; x-default="true"

From: Laine Stump <laine@redhat.com>

When using a vhost-user connection between passt and QEMU, passt will
autocreate a socket called ${socketname}.repair, but doesn't delete
this socket when it exits, so to be a good citizen, libvirtshould
delete it when we are tearing down the passt device plumbing.

Resolves: https://issues.redhat.com/browse/RHEL-80285
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: J=C3=A1n Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/qemu/qemu_passt.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/src/qemu/qemu_passt.c b/src/qemu/qemu_passt.c
index 520eb1244a..56d048d585 100644
--- a/src/qemu/qemu_passt.c
+++ b/src/qemu/qemu_passt.c
@@ -121,7 +121,7 @@ qemuPasstAddNetProps(virDomainObj *vm,
=20
=20
 static void
-qemuPasstKill(const char *pidfile, const char *passtSocketName)
+qemuPasstKill(const virDomainNetDef *net, const char *pidfile, const char =
*passtSocketName)
 {
     virErrorPtr orig_err;
     pid_t pid =3D 0;
@@ -135,6 +135,14 @@ qemuPasstKill(const char *pidfile, const char *passtSo=
cketName)
=20
     unlink(passtSocketName);
=20
+    /* repair socket is (always) created by passt only for vhostuser mode =
*/
+    if (virDomainNetGetActualType(net) =3D=3D VIR_DOMAIN_NET_TYPE_VHOSTUSE=
R) {
+        g_autofree char *passtRepairSocketName
+            =3D g_strdup_printf("%s.repair", passtSocketName);
+
+        unlink(passtRepairSocketName);
+    }
+
     virErrorRestore(&orig_err);
 }
=20
@@ -146,7 +154,7 @@ qemuPasstStop(virDomainObj *vm,
     g_autofree char *pidfile =3D qemuPasstCreatePidFilename(vm, net);
     g_autofree char *passtSocketName =3D qemuPasstCreateSocketPath(vm, net=
);
=20
-    qemuPasstKill(pidfile, passtSocketName);
+    qemuPasstKill(net, pidfile, passtSocketName);
 }
=20
=20
@@ -351,6 +359,6 @@ qemuPasstStart(virDomainObj *vm,
     return 0;
=20
  error:
-    qemuPasstKill(pidfile, passtSocketName);
+    qemuPasstKill(net, pidfile, passtSocketName);
     return -1;
 }
--=20
2.52.0
From nobody Tue Mar  3 03:06:20 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates
 8.43.85.245 as permitted sender) client-ip=8.43.85.245;
 envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass(p=reject dis=none)  header.from=lists.libvirt.org
ARC-Seal: i=1; a=rsa-sha256; t=1771919690; cv=none;
	d=zohomail.com; s=zohoarc;
	b=MrQsd/aQ4T9RiOrWV0PyuTmPTvIL8biir6vO9UOU2nIS6PSa+j7KOqruLjwJ5s1GD0rUpbj0JgRbCWWlfCta+cFhkNZc2Kufc6pNw2ddt+aliraw/baWMpJbta51LiRw/rFdinajrj6UsDhXOc3N9ZxZ+rS3QATz9uksOTgMvW0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1771919690;
 h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc;
	bh=OmZlcN0SYF9AgsC2FkB3l+cdEzYwD/F6fgVJ9Nyh0tc=;
	b=k3v+mV8hLHS3JQ5ATToFKS2c8hVO6tmlgpJnD5GCTk/pz/ziYvpb+dGn9R0Us767RN2fp7CcM+uoSe8cfAMUEbTs299jql5/N1idXTzmGtZNFJWbV4BWqJ8bjBCTQ+AT2Lc0HGfJo4g/8CM/wCZKdZDoXMeBoz2Gd+mgO0BV/7g=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass header.from=<devel@lists.libvirt.org> (p=reject dis=none)
Return-Path: <devel-bounces@lists.libvirt.org>
Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by
 mx.zohomail.com
	with SMTPS id 1771919690123972.8849253096374;
 Mon, 23 Feb 2026 23:54:50 -0800 (PST)
Received: by lists.libvirt.org (Postfix, from userid 993)
	id 3CB0F41BB1; Tue, 24 Feb 2026 02:54:49 -0500 (EST)
Received: from [172.19.199.9] (lists.libvirt.org [8.43.85.245])
	by lists.libvirt.org (Postfix) with ESMTP id 2619041CCA;
	Tue, 24 Feb 2026 02:52:24 -0500 (EST)
Received: by lists.libvirt.org (Postfix, from userid 993)
	id ACB7841A0A; Tue, 24 Feb 2026 02:52:14 -0500 (EST)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest
 SHA256)
	(No client certificate requested)
	by lists.libvirt.org (Postfix) with ESMTPS id 3783F41B43
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 02:52:14 -0500 (EST)
Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com
 (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by
 relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,
 cipher=TLS_AES_256_GCM_SHA384) id us-mta-110-y9cK0-36MwSLAgg5_JfY-Q-1; Tue,
 24 Feb 2026 02:52:11 -0500
Received: from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com
 (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS
 id D9800195609E
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 07:52:10 +0000 (UTC)
Received: from vhost3.router.laine.org (unknown [10.22.64.82])
	by mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP
 id 7ED531800676
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 07:52:10 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,HELO_MISC_IP,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,
	RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED,
	RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable
	autolearn_force=no version=4.0.1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1771919533;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=OmZlcN0SYF9AgsC2FkB3l+cdEzYwD/F6fgVJ9Nyh0tc=;
	b=I+e9zMmoB7Wdy90eIoFu+lmYtkniixAhiwL11jQju2ACJH/s2n3p+el2sS65hd3QSO6n+V
	fczPgEA4USOYzB/JHkdk40mTpYQeqZL3i9qaBD62jW+hx1SYvXIB7MynFYJmg3W7tc0Ifm
	PJyh4qtV2xZ9nu4hfNxz4cnbihSoCY0=
X-MC-Unique: y9cK0-36MwSLAgg5_JfY-Q-1
X-Mimecast-MFC-AGG-ID: y9cK0-36MwSLAgg5_JfY-Q_1771919531
To: devel@lists.libvirt.org
Subject: [PATCH 2/6] qemu: reorganize qemuValidateDomainDeviceDefNetwork()
Date: Tue, 24 Feb 2026 02:52:04 -0500
Message-ID: <20260224075208.225959-3-laine@redhat.com>
In-Reply-To: <20260224075208.225959-1-laine@redhat.com>
References: <20260224075208.225959-1-laine@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.93
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: 3pkLnBcga2PIOGeYxLHmGgrnRx81GnwChW6x06w5YaU_1771919531
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: ELGV7VGP7QSHCJDDLPOVQGQI5BTVVG3N
X-Message-ID-Hash: ELGV7VGP7QSHCJDDLPOVQGQI5BTVVG3N
X-MailFrom: laine@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; header-match-devel.lists.libvirt.org-0; emergency;
 member-moderation; nonmember-moderation; administrivia; implicit-dest;
 max-recipients; max-size; news-moderation; no-subject; digests;
 suspicious-header
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <devel.lists.libvirt.org>
Archived-At: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/ELGV7VGP7QSHCJDDLPOVQGQI5BTVVG3N/>
List-Archive: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/>
List-Help: <mailto:devel-request@lists.libvirt.org?subject=help>
List-Owner: <mailto:devel-owner@lists.libvirt.org>
List-Post: <mailto:devel@lists.libvirt.org>
List-Subscribe: <mailto:devel-join@lists.libvirt.org>
List-Unsubscribe: <mailto:devel-leave@lists.libvirt.org>
From: Laine Stump via Devel <devel@lists.libvirt.org>
Reply-To: Laine Stump <laine@redhat.com>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZM-MESSAGEID: 1771919690873158500
Content-Type: text/plain; charset="utf-8"; x-default="true"

From: Laine Stump <laine@redhat.com>

This will make existing code more consistent with upcoming validation
for routes.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: J=C3=A1n Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/qemu/qemu_validate.c | 95 +++++++++++++++++++++-------------------
 1 file changed, 49 insertions(+), 46 deletions(-)

diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 16dd5fef1a..a0ddf512f1 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -1882,16 +1882,10 @@ qemuValidateDomainDeviceDefNetwork(const virDomainN=
etDef *net,
                                    const virDomainDef *def,
                                    virQEMUCaps *qemuCaps)
 {
-    bool hasIPv4 =3D false;
-    bool hasIPv6 =3D false;
+    bool hasV4Addr =3D false;
+    bool hasV6Addr =3D false;
     size_t i;
=20
-    if (net->guestIP.nroutes) {
-        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                       _("Invalid attempt to set network interface guest-s=
ide IP route, not supported by QEMU"));
-        return -1;
-    }
-
     if (net->type =3D=3D VIR_DOMAIN_NET_TYPE_USER ||
         (net->type =3D=3D VIR_DOMAIN_NET_TYPE_VHOSTUSER &&
          net->backend.type =3D=3D VIR_DOMAIN_NET_BACKEND_PASST)) {
@@ -1906,57 +1900,66 @@ qemuValidateDomainDeviceDefNetwork(const virDomainN=
etDef *net,
                            virDomainNetBackendTypeToString(net->backend.ty=
pe));
             return -1;
         }
+    }
+
+    for (i =3D 0; i < net->guestIP.nips; i++) {
+        const virNetDevIPAddr *ip =3D net->guestIP.ips[i];
+
+        if (net->type !=3D VIR_DOMAIN_NET_TYPE_USER &&
+            net->backend.type !=3D VIR_DOMAIN_NET_BACKEND_PASST) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                           _("Invalid attempt to set network interface gue=
st-side IP address info, not supported for this interface type/backend"));
+            return -1;
+        }
=20
-        for (i =3D 0; i < net->guestIP.nips; i++) {
-            const virNetDevIPAddr *ip =3D net->guestIP.ips[i];
+        if (VIR_SOCKET_ADDR_VALID(&net->guestIP.ips[i]->peer)) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                           _("Invalid attempt to set peer IP for guest"));
+            return -1;
+        }
=20
-            if (VIR_SOCKET_ADDR_VALID(&net->guestIP.ips[i]->peer)) {
+        if (VIR_SOCKET_ADDR_IS_FAMILY(&ip->address, AF_INET)) {
+            if (hasV4Addr) {
                 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                               _("Invalid attempt to set peer IP for guest=
"));
+                               _("Only one IPv4 address per interface is a=
llowed"));
                 return -1;
             }
+            hasV4Addr =3D true;
=20
-            if (VIR_SOCKET_ADDR_IS_FAMILY(&ip->address, AF_INET)) {
-                if (hasIPv4) {
-                    virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                                   _("Only one IPv4 address per interface =
is allowed"));
-                    return -1;
-                }
-                hasIPv4 =3D true;
-
-                if (ip->prefix > 0 &&
-                    (ip->prefix < 4 || ip->prefix > 27)) {
-                    virReportError(VIR_ERR_XML_ERROR, "%s",
-                                   _("invalid prefix, must be in range of =
4-27"));
-                    return -1;
-                }
+            if (ip->prefix > 0 &&
+                (ip->prefix < 4 || ip->prefix > 27)) {
+                virReportError(VIR_ERR_XML_ERROR, "%s",
+                               _("invalid prefix, must be in range of 4-27=
"));
+                return -1;
             }
+        }
=20
-            if (VIR_SOCKET_ADDR_IS_FAMILY(&ip->address, AF_INET6)) {
-                if (hasIPv6) {
-                    virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                                   _("Only one IPv6 address per interface =
is allowed"));
-                    return -1;
-                }
-                hasIPv6 =3D true;
+        if (VIR_SOCKET_ADDR_IS_FAMILY(&ip->address, AF_INET6)) {
+            if (hasV6Addr) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                               _("Only one IPv6 address per interface is a=
llowed"));
+                return -1;
+            }
+            hasV6Addr =3D true;
=20
-                if (ip->prefix && ip->prefix !=3D 64) {
-                    virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-                                   _("unsupported IPv6 address prefix=3D'%=
1$u' - must be 64"),
-                                   ip->prefix);
-                    return -1;
-                }
+            if (ip->prefix && ip->prefix !=3D 64) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                               _("unsupported IPv6 address prefix=3D'%1$u'=
 - must be 64"),
+                               ip->prefix);
+                return -1;
+            }
=20
-                if (ip->prefix > 120) {
-                    virReportError(VIR_ERR_XML_ERROR, "%s",
-                                   _("prefix too long"));
-                    return -1;
-                }
+            if (ip->prefix > 120) {
+                virReportError(VIR_ERR_XML_ERROR, "%s",
+                               _("prefix too long"));
+                return -1;
             }
         }
-    } else if (net->guestIP.nips) {
+    }
+
+    if (net->guestIP.nroutes) {
         virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                       _("Invalid attempt to set network interface guest-s=
ide IP address info, not supported by QEMU"));
+                       _("Invalid attempt to set network interface guest-s=
ide IP route, not supported by QEMU"));
         return -1;
     }
=20
--=20
2.52.0
From nobody Tue Mar  3 03:06:20 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates
 8.43.85.245 as permitted sender) client-ip=8.43.85.245;
 envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass(p=reject dis=none)  header.from=lists.libvirt.org
ARC-Seal: i=1; a=rsa-sha256; t=1771919759; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Ki7y/eKCWQs8Fz6eU2DxouuB4Tn5bAfouJpcAZwYMiaf3VnKqRgyZ160EPyB5G4WHwuqDnzboL8tEuPPwVuQ461voz+5Isqr+7Sfigq4UwaSDJUGMNje9ErAy4dpzIFZUEzr3fvS3z4mwMqXEG0xx+BybBjym7Xpxoo6+xnp3uc=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1771919759;
 h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc;
	bh=QGYL4sJ23Cb4K+H1zAbP6kS5yn7O1nOjQm1a4WZGBCg=;
	b=GonDeQ2nqQm13SSBMPBGSQ1h0/prEinX7XY/t36fbl7FteNAns1iFiLJ9GGtuK5ZYY1CqI1Q/qcgZGKYqMq1ujIWg/Oe2oIAR8+C77s1IfnVjHaoWAUD7mksAcPXXlc1evmjKR1apsuQnl522kYM21YhF8Vhv840RXcQ5xFH2dg=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass header.from=<devel@lists.libvirt.org> (p=reject dis=none)
Return-Path: <devel-bounces@lists.libvirt.org>
Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by
 mx.zohomail.com
	with SMTPS id 1771919759549246.21070250144078;
 Mon, 23 Feb 2026 23:55:59 -0800 (PST)
Received: by lists.libvirt.org (Postfix, from userid 993)
	id BB83241BF0; Tue, 24 Feb 2026 02:55:58 -0500 (EST)
Received: from [172.19.199.9] (lists.libvirt.org [8.43.85.245])
	by lists.libvirt.org (Postfix) with ESMTP id AD59E41DC3;
	Tue, 24 Feb 2026 02:52:26 -0500 (EST)
Received: by lists.libvirt.org (Postfix, from userid 993)
	id DC7EC41B5C; Tue, 24 Feb 2026 02:52:15 -0500 (EST)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest
 SHA256)
	(No client certificate requested)
	by lists.libvirt.org (Postfix) with ESMTPS id 7715241B4C
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 02:52:15 -0500 (EST)
Received: from mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com
 (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by
 relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,
 cipher=TLS_AES_256_GCM_SHA384) id us-mta-184-Wt8JHmAhNlSLzcWCCi2a9Q-1; Tue,
 24 Feb 2026 02:52:12 -0500
Received: from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com
 (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS
 id 8761C1956073
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 07:52:11 +0000 (UTC)
Received: from vhost3.router.laine.org (unknown [10.22.64.82])
	by mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP
 id 24CF21800370
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 07:52:10 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,HELO_MISC_IP,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,
	RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED,
	RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable
	autolearn_force=no version=4.0.1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1771919535;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=QGYL4sJ23Cb4K+H1zAbP6kS5yn7O1nOjQm1a4WZGBCg=;
	b=P0BkeHjjk3sbBf/awBbU6spdx8oFCv0RxziZuPUraUVcJbE3ucyZFsOhl3ogG2XVlc8N5l
	RWlzc5BAmREGphUfpGcyWAbNDCnBteT+lfqU3t7h2xm7NQMy7CEFv+kKtrIXDYwnmWW5J6
	KUsch8Byb7fO0iDNpLBMhMvKenyqBmA=
X-MC-Unique: Wt8JHmAhNlSLzcWCCi2a9Q-1
X-Mimecast-MFC-AGG-ID: Wt8JHmAhNlSLzcWCCi2a9Q_1771919531
To: devel@lists.libvirt.org
Subject: [PATCH 3/6] qemu: only limit IPv4 prefix for slirp
Date: Tue, 24 Feb 2026 02:52:05 -0500
Message-ID: <20260224075208.225959-4-laine@redhat.com>
In-Reply-To: <20260224075208.225959-1-laine@redhat.com>
References: <20260224075208.225959-1-laine@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.93
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: Pf6LVifQdBlwQWLgg1rNY5ZAkzviFqPNYZH_OCtc540_1771919531
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: XESH5ZXDLPU6TIDHVLWOVEW3PSKLCX36
X-Message-ID-Hash: XESH5ZXDLPU6TIDHVLWOVEW3PSKLCX36
X-MailFrom: laine@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; header-match-devel.lists.libvirt.org-0; emergency;
 member-moderation; nonmember-moderation; administrivia; implicit-dest;
 max-recipients; max-size; news-moderation; no-subject; digests;
 suspicious-header
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <devel.lists.libvirt.org>
Archived-At: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/XESH5ZXDLPU6TIDHVLWOVEW3PSKLCX36/>
List-Archive: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/>
List-Help: <mailto:devel-request@lists.libvirt.org?subject=help>
List-Owner: <mailto:devel-owner@lists.libvirt.org>
List-Post: <mailto:devel@lists.libvirt.org>
List-Subscribe: <mailto:devel-join@lists.libvirt.org>
List-Unsubscribe: <mailto:devel-leave@lists.libvirt.org>
From: Laine Stump via Devel <devel@lists.libvirt.org>
Reply-To: Laine Stump <laine@redhat.com>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZM-MESSAGEID: 1771919761263158500
Content-Type: text/plain; charset="utf-8"; x-default="true"

From: Laine Stump <laine@redhat.com>

The slirp backend is limited in what the netmask/prefix of a
user-specified IP address can be, but passt doesn't have these
artificial limitations - any valid prefix is okay with passt, so we
shouldn't reject them

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: J=C3=A1n Tomko <jtomko@redhat.com>
---
 src/qemu/qemu_validate.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index a0ddf512f1..1c6662751b 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -1926,8 +1926,9 @@ qemuValidateDomainDeviceDefNetwork(const virDomainNet=
Def *net,
             }
             hasV4Addr =3D true;
=20
-            if (ip->prefix > 0 &&
-                (ip->prefix < 4 || ip->prefix > 27)) {
+            if (net->backend.type !=3D VIR_DOMAIN_NET_BACKEND_PASST &&
+                (ip->prefix > 0 &&
+                 (ip->prefix < 4 || ip->prefix > 27))) {
                 virReportError(VIR_ERR_XML_ERROR, "%s",
                                _("invalid prefix, must be in range of 4-27=
"));
                 return -1;
--=20
2.52.0
From nobody Tue Mar  3 03:06:20 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates
 8.43.85.245 as permitted sender) client-ip=8.43.85.245;
 envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass(p=reject dis=none)  header.from=lists.libvirt.org
ARC-Seal: i=1; a=rsa-sha256; t=1771919724; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Qnim4wWjKFyXKiIPkoD+m2nEm7rfef5+lYkGjA0rDQJIbiGJ5gy/mdiAWD3WwQyu+hzjTkR4gtJucVSpqxwRdNLZjjKpf0PvdpynxfgmjKrUjRXO47lqZqMxYsW0SachmLhp2hiOgk1NDXUpfQsMcVGmnaMgHEJVG7t6XfQ/xys=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1771919724;
 h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc;
	bh=MMGXemVY2d2adL+RmO8e+FmUgrYcinlaO+bSc6NnjLM=;
	b=iePmFa5aQMjJuiJYd2GuAIfR3USQ7GAGzEAM+fA0ovvMzD20uYkQ8lOAILVT966FCX8KLKnewLIsadtxm5EXUEms712cZTfSS36U3Ibb+Hhyvjv4PsCMiZ+Q1MbKYZQ+LZkCfPA1xXZr1Fr+Ojx0Hy2hu+l+ozmsK/5UHGYhqW4=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass header.from=<devel@lists.libvirt.org> (p=reject dis=none)
Return-Path: <devel-bounces@lists.libvirt.org>
Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by
 mx.zohomail.com
	with SMTPS id 1771919724322153.09486654278453;
 Mon, 23 Feb 2026 23:55:24 -0800 (PST)
Received: by lists.libvirt.org (Postfix, from userid 993)
	id A46BA41C35; Tue, 24 Feb 2026 02:55:24 -0500 (EST)
Received: from [172.19.199.9] (lists.libvirt.org [8.43.85.245])
	by lists.libvirt.org (Postfix) with ESMTP id C1BA941D71;
	Tue, 24 Feb 2026 02:52:24 -0500 (EST)
Received: by lists.libvirt.org (Postfix, from userid 993)
	id E205141B4C; Tue, 24 Feb 2026 02:52:15 -0500 (EST)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest
 SHA256)
	(No client certificate requested)
	by lists.libvirt.org (Postfix) with ESMTPS id 669C241B43
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 02:52:15 -0500 (EST)
Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com
 (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by
 relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,
 cipher=TLS_AES_256_GCM_SHA384) id us-mta-493-7-RYhuHIP32mjLyhwULxjA-1; Tue,
 24 Feb 2026 02:52:12 -0500
Received: from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com
 (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS
 id 2798719560B4
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 07:52:12 +0000 (UTC)
Received: from vhost3.router.laine.org (unknown [10.22.64.82])
	by mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP
 id B9DA31800370
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 07:52:11 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,HELO_MISC_IP,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,
	RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED,
	RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable
	autolearn_force=no version=4.0.1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1771919535;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=MMGXemVY2d2adL+RmO8e+FmUgrYcinlaO+bSc6NnjLM=;
	b=R9O45Pe6ftaM0za3rSHUHj8oneT8fkbzm/pQQt0MhMpDeaLkwJkC0pW9C0T+eE3Gl9fxEe
	F8yFav0JlNbPh3OljRgJ+Bv0OoIaPvQy/EAOU3jzqpA6iQOWwxHZRXBtdh7IqzCFLmssAS
	XkabY9c89T1CjJb0CidutT6a+HQkMA8=
X-MC-Unique: 7-RYhuHIP32mjLyhwULxjA-1
X-Mimecast-MFC-AGG-ID: 7-RYhuHIP32mjLyhwULxjA_1771919532
To: devel@lists.libvirt.org
Subject: [PATCH 4/6] util: make the route arg to virNetDevIPRouteGetPrefix
 const
Date: Tue, 24 Feb 2026 02:52:06 -0500
Message-ID: <20260224075208.225959-5-laine@redhat.com>
In-Reply-To: <20260224075208.225959-1-laine@redhat.com>
References: <20260224075208.225959-1-laine@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.93
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: oa4ICFiFVkwDsJrfPlWjdThzAkgY5mWIvWasHmrtc8w_1771919532
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: WTE75MO36L7VSGVQVD3BIQ2LHAFZ63QS
X-Message-ID-Hash: WTE75MO36L7VSGVQVD3BIQ2LHAFZ63QS
X-MailFrom: laine@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; header-match-devel.lists.libvirt.org-0; emergency;
 member-moderation; nonmember-moderation; administrivia; implicit-dest;
 max-recipients; max-size; news-moderation; no-subject; digests;
 suspicious-header
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <devel.lists.libvirt.org>
Archived-At: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/WTE75MO36L7VSGVQVD3BIQ2LHAFZ63QS/>
List-Archive: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/>
List-Help: <mailto:devel-request@lists.libvirt.org?subject=help>
List-Owner: <mailto:devel-owner@lists.libvirt.org>
List-Post: <mailto:devel@lists.libvirt.org>
List-Subscribe: <mailto:devel-join@lists.libvirt.org>
List-Unsubscribe: <mailto:devel-leave@lists.libvirt.org>
From: Laine Stump via Devel <devel@lists.libvirt.org>
Reply-To: Laine Stump <laine@redhat.com>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZM-MESSAGEID: 1771919740992158500
Content-Type: text/plain; charset="utf-8"; x-default="true"

From: Laine Stump <laine@redhat.com>

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: J=C3=A1n Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/util/virnetdevip.c | 2 +-
 src/util/virnetdevip.h | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/util/virnetdevip.c b/src/util/virnetdevip.c
index d4f023ca5c..5ffd2bf398 100644
--- a/src/util/virnetdevip.c
+++ b/src/util/virnetdevip.c
@@ -776,7 +776,7 @@ virNetDevIPRouteGetAddress(virNetDevIPRoute *def)
 }
=20
 int
-virNetDevIPRouteGetPrefix(virNetDevIPRoute *def)
+virNetDevIPRouteGetPrefix(const virNetDevIPRoute *def)
 {
     int prefix =3D 0;
     virSocketAddr zero;
diff --git a/src/util/virnetdevip.h b/src/util/virnetdevip.h
index f2ee90be2f..8771e04ba7 100644
--- a/src/util/virnetdevip.h
+++ b/src/util/virnetdevip.h
@@ -79,7 +79,7 @@ void virNetDevIPAddrFree(virNetDevIPAddr *ip);
 /* virNetDevIPRoute object */
 void virNetDevIPRouteFree(virNetDevIPRoute *def);
 virSocketAddr *virNetDevIPRouteGetAddress(virNetDevIPRoute *def);
-int virNetDevIPRouteGetPrefix(virNetDevIPRoute *def);
+int virNetDevIPRouteGetPrefix(const virNetDevIPRoute *def);
 unsigned int virNetDevIPRouteGetMetric(virNetDevIPRoute *def);
 virSocketAddr *virNetDevIPRouteGetGateway(virNetDevIPRoute *def);
=20
--=20
2.52.0
From nobody Tue Mar  3 03:06:20 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates
 8.43.85.245 as permitted sender) client-ip=8.43.85.245;
 envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass(p=reject dis=none)  header.from=lists.libvirt.org
ARC-Seal: i=1; a=rsa-sha256; t=1771919812; cv=none;
	d=zohomail.com; s=zohoarc;
	b=L/0aOyC2bkSXjjlclFV5FI25f0zrxQI9tEAWhvAnolCQTVHG49qe3yeC7mRYyuzUOjJDG9JA4oerocFLCPMXr6K27A2PMCoTVX7Hhh5aYIpDynMIYC56m3N8xkZifw9sCo3+6zOGIxspkYDwFY8/G2KdUvBybTm5RTDlZmHUDq4=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1771919812;
 h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc;
	bh=R+5kfq0+it8HHS5dlSLhP4kW/IsTDadXHbB1vyTU5BI=;
	b=TrZdZqqFqzEYdndw/VG4bLwjzdCI1VZ2/JGgO7oXJV++cwZWIkRK3OMs9fK8/CGgUTiTv5PT3jPS+Ir3U2dJUGNA2fnTOl8QAHGf5uYHslCxcGPjqmdOa5C2n4JEnihTK6iZePI/eUDM5wMUNIXPAU5nYZo33/nkteFrA8hT4ls=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass header.from=<devel@lists.libvirt.org> (p=reject dis=none)
Return-Path: <devel-bounces@lists.libvirt.org>
Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by
 mx.zohomail.com
	with SMTPS id 1771919812507948.612811643664;
 Mon, 23 Feb 2026 23:56:52 -0800 (PST)
Received: by lists.libvirt.org (Postfix, from userid 993)
	id A46FF41BB8; Tue, 24 Feb 2026 02:56:51 -0500 (EST)
Received: from [172.19.199.9] (lists.libvirt.org [8.43.85.245])
	by lists.libvirt.org (Postfix) with ESMTP id 2596441E16;
	Tue, 24 Feb 2026 02:52:31 -0500 (EST)
Received: by lists.libvirt.org (Postfix, from userid 993)
	id 3312A41B83; Tue, 24 Feb 2026 02:52:21 -0500 (EST)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest
 SHA256)
	(No client certificate requested)
	by lists.libvirt.org (Postfix) with ESMTPS id 0427B41B5A
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 02:52:15 -0500 (EST)
Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com
 (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by
 relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,
 cipher=TLS_AES_256_GCM_SHA384) id us-mta-513-a-KMoss3O9OgJquPtTZ4pg-1; Tue,
 24 Feb 2026 02:52:13 -0500
Received: from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com
 (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS
 id BEF8A1956052
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 07:52:12 +0000 (UTC)
Received: from vhost3.router.laine.org (unknown [10.22.64.82])
	by mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP
 id 663151800668
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 07:52:12 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,HELO_MISC_IP,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,
	RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED,
	RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable
	autolearn_force=no version=4.0.1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1771919535;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=R+5kfq0+it8HHS5dlSLhP4kW/IsTDadXHbB1vyTU5BI=;
	b=KAe5uA8vY9IQKqGUjwzNTdnQGpRrJGOo8qV4kz+R+WhBdCHUjNV/Derh6kYFRaWSuZs7hC
	AS4g/TNZF8v38l0EzMNs7WB73uADw9bTCON77n8Wqh/jALSmttPX7KI1o/AgsI2DtVSxp1
	vYsQBOdn6qULxgV+tFZc1aS4EGdyXhI=
X-MC-Unique: a-KMoss3O9OgJquPtTZ4pg-1
X-Mimecast-MFC-AGG-ID: a-KMoss3O9OgJquPtTZ4pg_1771919532
To: devel@lists.libvirt.org
Subject: [PATCH 5/6] conf/util: allow non-specification of IP route
 destination address
Date: Tue, 24 Feb 2026 02:52:07 -0500
Message-ID: <20260224075208.225959-6-laine@redhat.com>
In-Reply-To: <20260224075208.225959-1-laine@redhat.com>
References: <20260224075208.225959-1-laine@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.93
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: s2zC7HS0zTj-jaU6bh05CRnn96l01OUClPti9X-tLWQ_1771919532
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: 2NBN2ME6FJKIKZKOEIAYR5YZMAME7COX
X-Message-ID-Hash: 2NBN2ME6FJKIKZKOEIAYR5YZMAME7COX
X-MailFrom: laine@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; header-match-devel.lists.libvirt.org-0; emergency;
 member-moderation; nonmember-moderation; administrivia; implicit-dest;
 max-recipients; max-size; news-moderation; no-subject; digests;
 suspicious-header
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <devel.lists.libvirt.org>
Archived-At: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/2NBN2ME6FJKIKZKOEIAYR5YZMAME7COX/>
List-Archive: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/>
List-Help: <mailto:devel-request@lists.libvirt.org?subject=help>
List-Owner: <mailto:devel-owner@lists.libvirt.org>
List-Post: <mailto:devel@lists.libvirt.org>
List-Subscribe: <mailto:devel-join@lists.libvirt.org>
List-Unsubscribe: <mailto:devel-leave@lists.libvirt.org>
From: Laine Stump via Devel <devel@lists.libvirt.org>
Reply-To: Laine Stump <laine@redhat.com>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZM-MESSAGEID: 1771919813410158500
Content-Type: text/plain; charset="utf-8"; x-default="true"

From: Laine Stump <laine@redhat.com>

The Linux/libnl version of virNetDevIPRouteAdd() has always had code
that would use "0.0.0.0" (or "::" for IPv6) for the route's
destination address if none was specified, but 1) our validation code
has always required it to be specified anyway, 2) the FreeBSD version
of virnertDevIPRouteAdd() expected that it would be specified, and 3)
virNetDevIPRouteFormat() also expected route->address to be
valid. This patch fixes those 3 deficiencies, so that this XML now
works:

   <route gateway=3D'1.2.3.4'/>

i.e. it is the same as:

   <route address=3D'0.0.0.0' prefix=3D'0' gateway=3D'1.2.3.4'/>

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: J=C3=A1n Tomko <jtomko@redhat.com>
---
 src/conf/networkcommon_conf.c      | 74 ++++++++++++++----------------
 src/conf/schemas/networkcommon.rng |  4 +-
 src/util/virnetdevip.c             | 12 ++++-
 3 files changed, 48 insertions(+), 42 deletions(-)

diff --git a/src/conf/networkcommon_conf.c b/src/conf/networkcommon_conf.c
index 6f88d173c6..bfa58a26a8 100644
--- a/src/conf/networkcommon_conf.c
+++ b/src/conf/networkcommon_conf.c
@@ -50,15 +50,6 @@ virNetDevIPRouteCreate(const char *errorDetail,
     def->metric =3D metric;
     def->has_metric =3D hasMetric;
=20
-    /* Note: both network and gateway addresses must be specified */
-
-    if (!address) {
-        virReportError(VIR_ERR_XML_ERROR,
-                       _("%1$s: Missing required address attribute in rout=
e definition"),
-                       errorDetail);
-        return NULL;
-    }
-
     if (!gateway) {
         virReportError(VIR_ERR_XML_ERROR,
                        _("%1$s: Missing required gateway attribute in rout=
e definition"),
@@ -66,17 +57,17 @@ virNetDevIPRouteCreate(const char *errorDetail,
         return NULL;
     }
=20
-    if (virSocketAddrParse(&def->address, address, AF_UNSPEC) < 0) {
+    if (virSocketAddrParse(&def->gateway, gateway, AF_UNSPEC) < 0) {
         virReportError(VIR_ERR_XML_ERROR,
-                       _("%1$s: Bad network address '%2$s' in route defini=
tion"),
-                       errorDetail, address);
+                       _("%1$s: Bad gateway address '%2$s' in route defini=
tion"),
+                       errorDetail, gateway);
         return NULL;
     }
=20
-    if (virSocketAddrParse(&def->gateway, gateway, AF_UNSPEC) < 0) {
+    if (address && virSocketAddrParse(&def->address, address, AF_UNSPEC) <=
 0) {
         virReportError(VIR_ERR_XML_ERROR,
-                       _("%1$s: Bad gateway address '%2$s' in route defini=
tion"),
-                       errorDetail, gateway);
+                       _("%1$s: Bad network address '%2$s' in route defini=
tion"),
+                       errorDetail, address);
         return NULL;
     }
=20
@@ -127,7 +118,8 @@ virNetDevIPRouteCreate(const char *errorDetail,
             return NULL;
         }
     } else if (STREQ(def->family, "ipv6")) {
-        if (!VIR_SOCKET_ADDR_IS_FAMILY(&def->address, AF_INET6)) {
+        if (!(VIR_SOCKET_ADDR_IS_FAMILY(&def->address, AF_INET6) ||
+              VIR_SOCKET_ADDR_IS_FAMILY(&def->address, AF_UNSPEC))) {
             virReportError(VIR_ERR_XML_ERROR,
                            _("%1$s: ipv6 family specified for non-IPv6 add=
ress '%2$s' in route definition"),
                            errorDetail, address);
@@ -158,29 +150,32 @@ virNetDevIPRouteCreate(const char *errorDetail,
         return NULL;
     }
=20
-    /* make sure the address is a network address */
-    if (netmask) {
-        if (virSocketAddrMask(&def->address, &def->netmask, &testAddr) < 0=
) {
-            virReportError(VIR_ERR_INTERNAL_ERROR,
-                           _("%1$s: Error converting address '%2$s' with n=
etmask '%3$s' to network-address in route definition"),
-                           errorDetail, address, netmask);
-            return NULL;
+    if (address) {
+        /* make sure the address is a network address */
+
+        if (netmask) {
+            if (virSocketAddrMask(&def->address, &def->netmask, &testAddr)=
 < 0) {
+                virReportError(VIR_ERR_INTERNAL_ERROR,
+                               _("%1$s: Error converting address '%2$s' wi=
th netmask '%3$s' to network-address in route definition"),
+                               errorDetail, address, netmask);
+                return NULL;
+            }
+        } else {
+            if (virSocketAddrMaskByPrefix(&def->address,
+                                          def->prefix, &testAddr) < 0) {
+                virReportError(VIR_ERR_INTERNAL_ERROR,
+                               _("%1$s: Error converting address '%2$s' wi=
th prefix %3$u to network-address in route definition"),
+                               errorDetail, address, def->prefix);
+                return NULL;
+            }
         }
-    } else {
-        if (virSocketAddrMaskByPrefix(&def->address,
-                                      def->prefix, &testAddr) < 0) {
-            virReportError(VIR_ERR_INTERNAL_ERROR,
-                           _("%1$s: Error converting address '%2$s' with p=
refix %3$u to network-address in route definition"),
-                           errorDetail, address, def->prefix);
+        if (!virSocketAddrEqual(&def->address, &testAddr)) {
+            virReportError(VIR_ERR_XML_ERROR,
+                           _("%1$s: Address '%2$s' in route definition is =
not a network address"),
+                           errorDetail, address);
             return NULL;
         }
     }
-    if (!virSocketAddrEqual(&def->address, &testAddr)) {
-        virReportError(VIR_ERR_XML_ERROR,
-                       _("%1$s: Address '%2$s' in route definition is not =
a network address"),
-                       errorDetail, address);
-        return NULL;
-    }
=20
     return g_steal_pointer(&def);
 }
@@ -229,10 +224,11 @@ virNetDevIPRouteFormat(virBuffer *buf,
     if (def->family)
         virBufferAsprintf(buf, " family=3D'%s'", def->family);
=20
-    if (!(address =3D virSocketAddrFormat(&def->address)))
-        return -1;
-    virBufferAsprintf(buf, " address=3D'%s'", address);
-
+    if (VIR_SOCKET_ADDR_VALID(&def->address)) {
+        if (!(address =3D virSocketAddrFormat(&def->address)))
+            return -1;
+        virBufferAsprintf(buf, " address=3D'%s'", address);
+    }
     if (VIR_SOCKET_ADDR_VALID(&def->netmask)) {
         if (!(netmask =3D virSocketAddrFormat(&def->netmask)))
             return -1;
diff --git a/src/conf/schemas/networkcommon.rng b/src/conf/schemas/networkc=
ommon.rng
index 28424f9abd..49149a3d4b 100644
--- a/src/conf/schemas/networkcommon.rng
+++ b/src/conf/schemas/networkcommon.rng
@@ -253,7 +253,9 @@
       <optional>
         <attribute name=3D"family"><ref name=3D"addr-family"/></attribute>
       </optional>
-      <attribute name=3D"address"><ref name=3D"ipAddr"/></attribute>
+      <optional>
+        <attribute name=3D"address"><ref name=3D"ipAddr"/></attribute>
+      </optional>
       <optional>
         <choice>
           <attribute name=3D"netmask"><ref name=3D"ipv4Addr"/></attribute>
diff --git a/src/util/virnetdevip.c b/src/util/virnetdevip.c
index 5ffd2bf398..8786bb236e 100644
--- a/src/util/virnetdevip.c
+++ b/src/util/virnetdevip.c
@@ -465,8 +465,16 @@ virNetDevIPRouteAdd(const char *ifname,
     g_autofree char *addrstr =3D NULL;
     g_autofree char *gatewaystr =3D NULL;
=20
-    if (!(addrstr =3D virSocketAddrFormat(addr)))
-        return -1;
+    if (VIR_SOCKET_ADDR_VALID(addr)) {
+        if (!(addrstr =3D virSocketAddrFormat(addr)))
+            return -1;
+    } else {
+        if (VIR_SOCKET_ADDR_IS_FAMILY(gateway, AF_INET6))
+            addrstr =3D g_strdup(VIR_SOCKET_ADDR_IPV6_ALL);
+        else
+            addrstr =3D g_strdup(VIR_SOCKET_ADDR_IPV4_ALL);
+    }
+
     if (!(gatewaystr =3D virSocketAddrFormat(gateway)))
         return -1;
     cmd =3D virCommandNew("ip");
--=20
2.52.0
From nobody Tue Mar  3 03:06:20 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates
 8.43.85.245 as permitted sender) client-ip=8.43.85.245;
 envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass(p=reject dis=none)  header.from=lists.libvirt.org
ARC-Seal: i=1; a=rsa-sha256; t=1771919865; cv=none;
	d=zohomail.com; s=zohoarc;
	b=CfQ61dIEhe4qjCM0bcsY+sJWUllQj47RTArN37hoGfZhWPhL42h+EaM0MvEM+oT76AKj7Fo/ZHUwXzUHGZk9PnUcoI4C5oSx/nX1oROXpsWeY6lRO5KMVzw4ntdeEYEJwbJ6vVBBOGTnn2h5Po6RLV9Fl9urwISgHGe+usWaF/c=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1771919865;
 h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc;
	bh=eRmtygk9l4WUQh34qJC1K9dgBKlBF+o4MXNN9UmcjaY=;
	b=NwRUmt5nGyKd0eiP4uIdQbaxODJOi85FDfFunZJiBKHpy0imBuc13+P0+b4A1o+lWWliq73Gs4GvxfbJfUpduprqrfAi+rFofEIW7iArYbG2/uO8tk/chO3QCqGHSqh+Crict9FVo+cyQmfcHBtP5hDZJ9buqhMWltSkcpo5mTY=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass header.from=<devel@lists.libvirt.org> (p=reject dis=none)
Return-Path: <devel-bounces@lists.libvirt.org>
Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by
 mx.zohomail.com
	with SMTPS id 1771919865055807.7780472945913;
 Mon, 23 Feb 2026 23:57:45 -0800 (PST)
Received: by lists.libvirt.org (Postfix, from userid 993)
	id 1B04B41B7B; Tue, 24 Feb 2026 02:57:44 -0500 (EST)
Received: from [172.19.199.9] (lists.libvirt.org [8.43.85.245])
	by lists.libvirt.org (Postfix) with ESMTP id EE03C4240F;
	Tue, 24 Feb 2026 02:52:34 -0500 (EST)
Received: by lists.libvirt.org (Postfix, from userid 993)
	id A238E41DE8; Tue, 24 Feb 2026 02:52:29 -0500 (EST)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest
 SHA256)
	(No client certificate requested)
	by lists.libvirt.org (Postfix) with ESMTPS id 3E97841B80
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 02:52:17 -0500 (EST)
Received: from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com
 (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by
 relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,
 cipher=TLS_AES_256_GCM_SHA384) id us-mta-486-6Qf0SN38Or643jcAhLWNjA-1; Tue,
 24 Feb 2026 02:52:14 -0500
Received: from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com
 (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS
 id 615DA1828ABF
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 07:52:13 +0000 (UTC)
Received: from vhost3.router.laine.org (unknown [10.22.64.82])
	by mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP
 id 0A3271800370
	for <devel@lists.libvirt.org>; Tue, 24 Feb 2026 07:52:12 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,HELO_MISC_IP,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,
	RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED,
	RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable
	autolearn_force=no version=4.0.1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1771919536;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=eRmtygk9l4WUQh34qJC1K9dgBKlBF+o4MXNN9UmcjaY=;
	b=V4JBLRf5QtDF3C7wZTDMBkDBdIn6kV7MhuG/rhljaaaM4aJE+9OBbrLP//xF5sJSIiOiS/
	L8YUxGk5J0MmTDjf3p+hpzXyGwPU8Y4wYg08TLZV0jbcdZeeEfXqXwEjANJYFlJ/e+pTD5
	kd6DVyGoZ/x9oJWM3QUUs5cZCk3cUVY=
X-MC-Unique: 6Qf0SN38Or643jcAhLWNjA-1
X-Mimecast-MFC-AGG-ID: 6Qf0SN38Or643jcAhLWNjA_1771919533
To: devel@lists.libvirt.org
Subject: [PATCH 6/6] qemu: support setting default route for passt interfaces
 inside the guest
Date: Tue, 24 Feb 2026 02:52:08 -0500
Message-ID: <20260224075208.225959-7-laine@redhat.com>
In-Reply-To: <20260224075208.225959-1-laine@redhat.com>
References: <20260224075208.225959-1-laine@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.93
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: Z4bHSjquVtKhflC42B-_yNYqHyzRO9tfgkBfoDyS45U_1771919533
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: DNTD2IMES6H2X4RGY2OQV3U73JYVVFZO
X-Message-ID-Hash: DNTD2IMES6H2X4RGY2OQV3U73JYVVFZO
X-MailFrom: laine@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; header-match-devel.lists.libvirt.org-0; emergency;
 member-moderation; nonmember-moderation; administrivia; implicit-dest;
 max-recipients; max-size; news-moderation; no-subject; digests;
 suspicious-header
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <devel.lists.libvirt.org>
Archived-At: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/DNTD2IMES6H2X4RGY2OQV3U73JYVVFZO/>
List-Archive: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/>
List-Help: <mailto:devel-request@lists.libvirt.org?subject=help>
List-Owner: <mailto:devel-owner@lists.libvirt.org>
List-Post: <mailto:devel@lists.libvirt.org>
List-Subscribe: <mailto:devel-join@lists.libvirt.org>
List-Unsubscribe: <mailto:devel-leave@lists.libvirt.org>
From: Laine Stump via Devel <devel@lists.libvirt.org>
Reply-To: Laine Stump <laine@redhat.com>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZM-MESSAGEID: 1771919865673158500
Content-Type: text/plain; charset="utf-8"; x-default="true"

From: Laine Stump <laine@redhat.com>

libvirt's <interface> element has for a long time supported adding
<route> sub-elements to specify arbitrary routes to be added to the
guest OS networking, but historically this has only worked for LXC
guests. If you tried to add <route> to the interface of a QEMU guest,
it would be rejected.

passt networking doesn't support setting *any arbitrary* route but it
does support setting a default route (using the passt commandline
"--gateway" parameter). A default route is really just a "route with
unspecified destination/prefix", so a default route can be specified
in libvirt XML with:

   <route gateway=3D'192.168.0.1'/>

Attempts to give a specified destination, prefix, or metric will
result in a validation error.

Resolves: https://issues.redhat.com/browse/RHEL-46602
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: J=C3=A1n Tomko <jtomko@redhat.com>
---
 src/qemu/qemu_passt.c    | 16 +++++++++++++
 src/qemu/qemu_validate.c | 50 ++++++++++++++++++++++++++++++++++++----
 2 files changed, 62 insertions(+), 4 deletions(-)

diff --git a/src/qemu/qemu_passt.c b/src/qemu/qemu_passt.c
index 56d048d585..125227747d 100644
--- a/src/qemu/qemu_passt.c
+++ b/src/qemu/qemu_passt.c
@@ -263,6 +263,22 @@ qemuPasstBuildCommand(char **socketName,
         }
     }
=20
+    /* Add default route(s) */
+    for (i =3D 0; i < net->guestIP.nroutes; i++) {
+        const virNetDevIPRoute *route =3D net->guestIP.routes[i];
+        g_autofree char *gateway =3D NULL;
+
+        if (!(gateway =3D virSocketAddrFormat(&route->gateway)))
+            return NULL;
+
+        /* validation has already guaranteed that there is at most 1
+         * IPv4 and 1 IPv6 route, and that they are only default
+         * routes (i.e. destination 0.0.0.0/0)
+         */
+
+        virCommandAddArgList(cmd, "--gateway", gateway, NULL);
+    }
+
     /* Add port forwarding info */
=20
     for (i =3D 0; i < net->nPortForwards; i++) {
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 1c6662751b..c194a8a7cd 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -1884,6 +1884,8 @@ qemuValidateDomainDeviceDefNetwork(const virDomainNet=
Def *net,
 {
     bool hasV4Addr =3D false;
     bool hasV6Addr =3D false;
+    bool hasV4Route =3D false;
+    bool hasV6Route =3D false;
     size_t i;
=20
     if (net->type =3D=3D VIR_DOMAIN_NET_TYPE_USER ||
@@ -1958,10 +1960,50 @@ qemuValidateDomainDeviceDefNetwork(const virDomainN=
etDef *net,
         }
     }
=20
-    if (net->guestIP.nroutes) {
-        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                       _("Invalid attempt to set network interface guest-s=
ide IP route, not supported by QEMU"));
-        return -1;
+
+    for (i =3D 0; i < net->guestIP.nroutes; i++) {
+        const virNetDevIPRoute *route =3D net->guestIP.routes[i];
+
+        if (net->backend.type !=3D VIR_DOMAIN_NET_BACKEND_PASST) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                           _("Invalid attempt to set network interface gue=
st-side IP route, not supported for this interface type/backend"));
+            return -1;
+        }
+
+        switch (VIR_SOCKET_ADDR_FAMILY(&route->gateway)) {
+        case AF_INET:
+            if (hasV4Route) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                               _("only one IPv4 default route can be speci=
fied for an interface using the passt backend"));
+                return -1;
+            }
+            hasV4Route =3D true;
+            break;
+        case AF_INET6:
+            if (hasV6Route) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                               _("only one IPv6 default route can be speci=
fied for an interface using the passt backend"));
+                return -1;
+            }
+            hasV6Route =3D true;
+            break;
+        default:
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                           _("All <route> elements of an interface using t=
he passt backend must be default routes, with an IPv4 or IPv6 gateway speci=
fied"));
+            return -1;
+        }
+
+        /* the only type of route that can be specified for passt is
+         * the default route, so none of the parameters except gateway
+         * are acceptable
+         */
+        if (VIR_SOCKET_ADDR_VALID(&route->address) ||
+            virNetDevIPRouteGetPrefix(route) !=3D 0 ||
+            route->has_metric) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                           _("<route> elements of an interface using the p=
asst backend must be default routes, with only a gateway specified"));
+            return -1;
+        }
     }
=20
     if (net->type =3D=3D VIR_DOMAIN_NET_TYPE_VDPA) {
--=20
2.52.0