Dear list,
Here's a manpage diff for i386_get_ioperm(2) to reflect the behaviour I
have observed (see below diff). Please whack me with a stick if I have
made any obvious mistakes.
Index: src/lib/libarch/i386/i386_get_ioperm.2
===================================================================
RCS file: /cvs/src/lib/libarch/i386/i386_get_ioperm.2,v
retrieving revision 1.14
diff -u -r1.14 i386_get_ioperm.2
--- src/lib/libarch/i386/i386_get_ioperm.2 26 Jun 2008 05:42:04
-0000 1.14
+++ src/lib/libarch/i386/i386_get_ioperm.2 10 Sep 2013 07:08:23 -0000
@@ -50,7 +50,9 @@
.Fn i386_set_ioperm
sets the I/O permission bitmap from the data pointed to by
.Fa iomap .
-This call is restricted to the superuser.
+This call is restricted to the superuser and is only permitted when the
+.Va machdep.allowaperture
+sysctl is set to an non-zero value.
.Pp
The permission bitmap contains 1024 bits in 32 longwords.
If bit
@@ -82,8 +84,6 @@
.Va errno
is set to indicate the error.
.Sh ERRORS
-.Fn i386_get_ioperm
-and
.Fn i386_set_ioperm
will fail if:
.Bl -tag -width [EINVAL]
@@ -91,7 +91,9 @@
.Fa iomap
points outside the process's allocated address space.
.It Bq Er EPERM
-The caller was not the superuser.
+The caller was not the superuser or
+.Va machdep.allowaperture
+is not an non-zero value.
.El
.Sh SEE ALSO
.Xr i386_iopl 2
$ cat test_ioperm.c
#include <sys/types.h>
#include <machine/sysarch.h>
#include <err.h>
#include <stdio.h>
int
main() {
u_long iomap[32];
if (i386_get_ioperm(iomap) != 0) {
err(-1,"i386_get_ioperm");
}
if (i386_set_ioperm(iomap) != 0) {
err(-1,"i386_set_ioperm");
}
printf("i386_get_ioperm and i386_set_ioperm returned 0\n");
return 0;
}
$
$ gcc test_ioperm.c -o test_ioperm -li386
$ ./test_ioperm
test_ioperm: i386_set_ioperm: Operation not permitted
$ sudo ./test_ioperm
i386_get_ioperm and i386_set_ioperm returned 0
* Note the above tests were performed with machdep.allowaperture=2 in
/etc/sysctl.conf
Kind regards,
Paul
