Page MenuHomeFreeBSD

vmm: Fully adopt the getrlimit(2) machinery for limiting the number of VMM instances
AcceptedPublic

Authored by bnovkov on May 18 2026, 3:33 PM.
Tags
None
Referenced Files
F162182595: D57067.diff
Fri, Jul 10, 4:10 PM
Unknown Object (File)
Wed, Jun 24, 7:54 AM
Unknown Object (File)
Sun, Jun 21, 2:21 PM
Unknown Object (File)
Fri, Jun 12, 10:41 PM
Unknown Object (File)
Jun 8 2026, 8:55 AM
Unknown Object (File)
Jun 3 2026, 5:14 AM
Unknown Object (File)
May 30 2026, 11:38 AM
Unknown Object (File)
May 28 2026, 1:12 PM

Details

Reviewers
markj
des
Group Reviewers
bhyve
Summary

The vmm module currently combines parts of the kernelspace
getrlimit(2) machinery and a sysctl value to limit the number
of VMM instances per-UID. The original rationale for this
approach was to sidestep the convoluted way in which per-UID
getrlimit(2) limit values are currently propagated.

However, this approach deviates from the expected workflow when dealing
getrlimit(2) limits.

Fix this by teaching login(1) about RLIMIT_VMM and changing
vmmdev_create to use lim_cur. While we're here, document the limit
in the getrlimit(2) manpage.

Fixes: 1092ec8b3375 ("kern: Introduce RLIMIT_VMM")

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 73194
Build 70077: arc lint + arc unit

Event Timeline

This revision is now accepted and ready to land.Fri, Jul 10, 4:10 PM
usr.bin/login/login.conf
47
usr.bin/login/login.conf
47

So we're changing the existing limit to unlimited, I guess because there's no way to express a constant like 4 * mp_ncpus here?

usr.bin/login/login.conf
47

It's still named vms elsewhere, I think we should standardize on vmm to reflect RLIMIT_VMM.

usr.bin/login/login.conf
47

Yes, I'm not aware of way to dynamically populate login.conf with a machine-specific value.

markj added inline comments.
sys/dev/vmm/vmm_dev.c
1021

Do you mind adding an EXTERROR() here? Could be done in a separate patch.