git: bc7862bc916c - main - vmm: Start using exterror

Thu, 19 Feb 2026 09:17:03 -0800 

The branch main has been updated by markj:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=bc7862bc916c3b81bcdc374e5144ab2f5bf62b19

commit bc7862bc916c3b81bcdc374e5144ab2f5bf62b19
Author:     Mark Johnston <[email protected]>
AuthorDate: 2026-02-19 14:39:12 +0000
Commit:     Mark Johnston <[email protected]>
CommitDate: 2026-02-19 17:16:15 +0000

    vmm: Start using exterror
    
    For now, just describe the error where an unprivileged user attempts to
    run a VM without DESTROY_ON_CLOSE semantics, i.e., monitor mode.
    
    Reviewed by:    bnovkov
    MFC after:      2 months
    Sponsored by:   The FreeBSD Foundation
    Sponsored by:   Klara, Inc.
    Differential Revision:  https://reviews.freebsd.org/D54743
---
 lib/libc/gen/exterr_cat_filenames.h | 1 +
 sys/dev/vmm/vmm_dev.c               | 5 ++++-
 sys/sys/exterr_cat.h                | 1 +
 3 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/lib/libc/gen/exterr_cat_filenames.h 
b/lib/libc/gen/exterr_cat_filenames.h
index d55396a1b286..e45d05e384bd 100644
--- a/lib/libc/gen/exterr_cat_filenames.h
+++ b/lib/libc/gen/exterr_cat_filenames.h
@@ -2,6 +2,7 @@
  * Automatically @generated, use
  * tools/build/make_libc_exterr_cat_filenames.sh
  */
+       [EXTERR_CAT_VMM] = "dev/vmm/vmm_dev.c",
        [EXTERR_CAT_FUSE_DEVICE] = "fs/fuse/fuse_device.c",
        [EXTERR_CAT_FUSE_VFS] = "fs/fuse/fuse_vfsops.c",
        [EXTERR_CAT_FUSE_VNOPS] = "fs/fuse/fuse_vnops.c",
diff --git a/sys/dev/vmm/vmm_dev.c b/sys/dev/vmm/vmm_dev.c
index 0e5477745db5..ed8e5b2e0777 100644
--- a/sys/dev/vmm/vmm_dev.c
+++ b/sys/dev/vmm/vmm_dev.c
@@ -8,6 +8,8 @@
 
 #include <sys/param.h>
 #include <sys/conf.h>
+#define        EXTERR_CATEGORY EXTERR_CAT_VMM
+#include <sys/exterrvar.h>
 #include <sys/fcntl.h>
 #include <sys/ioccom.h>
 #include <sys/jail.h>
@@ -1010,7 +1012,8 @@ vmmdev_create(const char *name, uint32_t flags, struct 
ucred *cred)
        if ((flags & VMMCTL_CREATE_DESTROY_ON_CLOSE) == 0 &&
            (error = priv_check_cred(cred, PRIV_VMM_CREATE)) != 0) {
                sx_xunlock(&vmmdev_mtx);
-               return (error);
+               return (EXTERROR(error,
+                   "An unprivileged user must run VMs in monitor mode"));
        }
 
        if (!chgvmmcnt(cred->cr_ruidinfo, 1, vm_maxvmms)) {
diff --git a/sys/sys/exterr_cat.h b/sys/sys/exterr_cat.h
index 015eb6a1ae76..4f3ff6925242 100644
--- a/sys/sys/exterr_cat.h
+++ b/sys/sys/exterr_cat.h
@@ -39,6 +39,7 @@
 #define        EXTERR_CAT_FUSE_DEVICE  14
 #define        EXTERR_CAT_FORK         15
 #define        EXTERR_CAT_PROCEXIT     16
+#define        EXTERR_CAT_VMM          17
 
 #endif

Reply via email to