Given the changes in D54739, should we perhaps add an explicit disclaimer about PCI passthrough not being supported for unprivileged users?
From what I can tell, trying to run an unprivileged VM with pci passthrough won't print any warnings about not being able to open /dev/pci, and I can already see new bug reports about this.

Yes, that's a good point. I should make passthru_init() print a message when it fails due to lack of permissions.

I also realized after the fact that pci_lpc_get_sel() will fail with unprivileged bhyve, but the info it's fetching is available to unprivileged users via PCIOCGETCONF. We should rewrite that code to use PCIOCGETCONF instead.

Yes, that's a good point. I should make passthru_init() print a message when it fails due to lack of permissions.

wonder if its worth having a block of sanity-checks specific to provide normal users with fine-grained error messages?

if (normal_user)
   is_bhyve_in_monitor_mode()
   is_passthru_being_requested()
   is_user_in_vmm_group()

I did notice the error message you already have for monitor mode...that was helpful hint when I tested this out

I also realized after the fact that pci_lpc_get_sel() will fail with unprivileged bhyve, but the info it's fetching is available to unprivileged users via PCIOCGETCONF. We should rewrite that code to use PCIOCGETCONF instead.

yea, I saw this warning when I tried this out...the review https://reviews.freebsd.org/D39311 that brought the warning in made it sound like a somewhat expected scenario

I was gonna look into further it but I'm glad you mentioned the future fix here

You're using Va here but nothing in bhyve.8