Add assertion for duplicate USB device assignments across VMs

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-17 12:58:38 +00:00 · 2026-03-17 12:58:38 +00:00 · 4ef549b981
commit 4ef549b981
parent 22259e187f
1 changed files with 18 additions and 0 deletions
--- a/modules/assertions.nix
+++ b/modules/assertions.nix
@ -182,6 +182,24 @@ in
          ) effectiveSharedDirs
        )
      ) (lib.attrValues cfg.nixosVms)
+      # USB device assertions: no duplicate VID:PID+serial across VMs
+      ++ (
+        let
+          allUsbDeviceKeys = lib.concatMap (
+            vm:
+            map (
+              dev:
+              "${dev.vendorId}:${dev.productId}:${toString (dev.serial or "")}"
+            ) vm.usbDevices
+          ) (lib.attrValues cfg.nixosVms);
+        in
+        [
+          {
+            assertion = lib.length allUsbDeviceKeys == lib.length (lib.unique allUsbDeviceKeys);
+            message = "USB devices (VID:PID+serial) cannot be assigned to multiple VMs";
+          }
+        ]
+      )
      # netvm: network.netvm must reference a VM with isNetvm = true (skip for "host")
      ++ lib.concatMap (
        vm: