Re: i386_set_ioperm and machdep.allowaperture

[Jason McIntyre]

On Tue, Sep 10, 2013 at 05:24:31PM +1000, Paul Kelly wrote:
 Dear list,
 
 Here's a manpage diff for i386_get_ioperm(2) to reflect the
 behaviour I have observed (see below diff). Please whack me with a
 stick if I have made any obvious mistakes.
 
 

diff below committed. mark kettenis advised me just to lift the
securelevel text from i386_iopl(2), which makes sense.

he also wanted it left that both could return EFAULT.

thanks for your mail,
jmc

Index: i386_get_ioperm.2
===
RCS file: /cvs/src/lib/libarch/i386/i386_get_ioperm.2,v
retrieving revision 1.14
diff -u -r1.14 i386_get_ioperm.2
--- i386_get_ioperm.2   26 Jun 2008 05:42:04 -  1.14
+++ i386_get_ioperm.2   14 Sep 2013 14:56:27 -
@@ -50,7 +50,12 @@
 .Fn i386_set_ioperm
 sets the I/O permission bitmap from the data pointed to by
 .Fa iomap .
-This call is restricted to the superuser.
+This call may only be made by the superuser.
+Additionally, it is only permitted when the
+.Xr securelevel 7
+is less than or equal to 0 or the
+.Va machdep.allowaperture
+sysctl has been set to a non-zero value.
 .Pp
 The permission bitmap contains 1024 bits in 32 longwords.
 If bit
@@ -90,8 +95,16 @@
 .It Bq Er EFAULT
 .Fa iomap
 points outside the process's allocated address space.
+.El
+.Pp
+Additionally
+.Fn i386_set_ioperm
+will fail if:
+.Bl -tag -width [EINVAL]
 .It Bq Er EPERM
-The caller was not the superuser.
+The caller was not the superuser, or the securelevel is greater than zero and
+.Va machdep.allowaperture
+has not been set to a non-zero value.
 .El
 .Sh SEE ALSO
 .Xr i386_iopl 2

Re: i386_set_ioperm and machdep.allowaperture

[Paul Kelly]

Dear list,

Here's a manpage diff for i386_get_ioperm(2) to reflect the behaviour I 
have observed (see below diff). Please whack me with a stick if I have 
made any obvious mistakes.




Index: src/lib/libarch/i386/i386_get_ioperm.2
===
RCS file: /cvs/src/lib/libarch/i386/i386_get_ioperm.2,v
retrieving revision 1.14
diff -u -r1.14 i386_get_ioperm.2
--- src/lib/libarch/i386/i386_get_ioperm.2  26 Jun 2008 05:42:04 
-  1.14

+++ src/lib/libarch/i386/i386_get_ioperm.2  10 Sep 2013 07:08:23 -
@@ -50,7 +50,9 @@
 .Fn i386_set_ioperm
 sets the I/O permission bitmap from the data pointed to by
 .Fa iomap .
-This call is restricted to the superuser.
+This call is restricted to the superuser and is only permitted when the
+.Va machdep.allowaperture
+sysctl is set to an non-zero value.
 .Pp
 The permission bitmap contains 1024 bits in 32 longwords.
 If bit
@@ -82,8 +84,6 @@
 .Va errno
 is set to indicate the error.
 .Sh ERRORS
-.Fn i386_get_ioperm
-and
 .Fn i386_set_ioperm
 will fail if:
 .Bl -tag -width [EINVAL]
@@ -91,7 +91,9 @@
 .Fa iomap
 points outside the process's allocated address space.
 .It Bq Er EPERM
-The caller was not the superuser.
+The caller was not the superuser or
+.Va machdep.allowaperture
+is not an non-zero value.
 .El
 .Sh SEE ALSO
 .Xr i386_iopl 2



$ cat test_ioperm.c
#include sys/types.h
#include machine/sysarch.h

#include err.h
#include stdio.h

int
main() {

u_long iomap[32];

if (i386_get_ioperm(iomap) != 0) {
err(-1,i386_get_ioperm);
}

if (i386_set_ioperm(iomap) != 0) {
err(-1,i386_set_ioperm);
}

printf(i386_get_ioperm and i386_set_ioperm returned 0\n);

return 0;
}

$


$ gcc test_ioperm.c -o test_ioperm -li386
$ ./test_ioperm
test_ioperm: i386_set_ioperm: Operation not permitted
$ sudo ./test_ioperm
i386_get_ioperm and i386_set_ioperm returned 0

* Note the above tests were performed with machdep.allowaperture=2 in 
/etc/sysctl.conf



Kind regards,

Paul

i386_set_ioperm and machdep.allowaperture

[Paul Kelly]

Dear list,

I'm experimenting with i386_set_ioperm() on an old machine and I'm 
experiencing a problem. I'm running 5.3-RELEASE and dmesg is at the bottom.


i386_get_ioperm correctly retrieves the permission map and returns 0. 
i386_set_operm returns -1 and sets errno to 1 (EPERM). This occurs when 
using it through sudo.


man i386_set_ioperm says:


i386_get_ioperm() and i386_set_ioperm() will fail if:
[EFAULT] iomap points outside the process's allocated address space.
[EPERM] The caller was not the superuser.


Reading that man page led me to i386_iopl, which notes:


This call may only be made by the superuser.  Additionally, it is
only permitted when the securelevel(7) is less than or equal to 0 or
the machdep.allowaperture sysctl has been set to a non-zero value.


Changing machdep.allowaperture to 2, as per the i386 X.Org readme [1], 
results in a successful call of i386_set_ioperm. It fails again if I 
toggle allowaperture back to 0.


So, it seems that i386_set_ioperm might have the same constraint 
outlined above for i386_iopl. A post from a few years ago [2] seems to 
support that. Does that sound correct or am I missing something?



Thanks!

Paul


[1] 
http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/xenocara/distrib/notes/README.i386


[2] http://marc.info/?l=openbsd-miscm=114692255503116w=2

[3] dmesg


OpenBSD 5.3 (GENERIC) #50: Tue Mar 12 18:35:23 MDT 2013
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) 4 CPU 1.70GHz (GenuineIntel 686-class) 1.70 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PERF
real mem  = 804831232 (767MB)
avail mem = 780693504 (744MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 03/27/02, BIOS32 rev. 0 @ 0xf1050, SMBIOS 
rev. 2.3 @ 0xf3010 (51 entries)
bios0: vendor Award Software, Inc. version ASUS P4B-MX ACPI BIOS Revision 
1004 date 03/27/2002
bios0: ASUSTeK Computer INC. P4B-MX
acpi0 at bios0: rev 0
acpi0: sleep states S0 S1 S4 S5
acpi0: tables DSDT FACP BOOT APIC
acpi0: wakeup devices PCI1(S4) PCI2(S4) USB0(S4) USB1(S4) PCI0(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 99MHz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (PCI1)
acpiprt2 at acpi0: bus 2 (PCI2)
acpicpu0 at acpi0
acpibtn0 at acpi0: PWRB
bios0: ROM list: 0xc/0x9000
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 Intel 82845 Host rev 0x04
intelagp0 at pchb0
agp0 at intelagp0: aperture at 0xf800, size 0x400
ppb0 at pci0 dev 1 function 0 Intel 82845 AGP rev 0x04
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 Matrox MGA G400/G450 AGP rev 0x85
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ppb1 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0x12
pci2 at ppb1 bus 2
fxp0 at pci2 dev 8 function 0 Intel 82562 rev 0x03, i82562: apic 2 int 20, 
address 00:e0:18:87:d2:b1
inphy0 at fxp0 phy 1: i82562ET 10/100 PHY, rev. 0
malo0 at pci2 dev 10 function 0 Marvell Libertas 88W8335 rev 0x03: apic 2 int 
22, address 00:1e:2a:47:39:13
ichpcib0 at pci0 dev 31 function 0 Intel 82801BA LPC rev 0x12
pciide0 at pci0 dev 31 function 1 Intel 82801BA IDE rev 0x12: DMA, channel 0 
wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: ST380021A
wd0: 16-sector PIO, LBA, 76319MB, 156301488 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: LITE-ON, LTR-52246S, 6S0F ATAPI 5/cdrom 
removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
uhci0 at pci0 dev 31 function 2 Intel 82801BA USB rev 0x12: apic 2 int 19
uhci1 at pci0 dev 31 function 4 Intel 82801BA USB rev 0x12: apic 2 int 23
auich0 at pci0 dev 31 function 5 Intel 82801BA AC97 rev 0x12: apic 2 int 17, 
ICH2 AC97
ac97: codec id 0x41445360 (Analog Devices AD1885)
ac97: codec features headphone, Analog Devices Phat Stereo
audio0 at auich0
isa0 at ichpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
nsclpcsio0 at isa0 port 0x2e/2: NSC PC87366 rev 10: GPIO VLM TMS
gpio0 at nsclpcsio0: 29 pins
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
usb0 at uhci0: USB revision 1.0
uhub0 at usb0 Intel UHCI root hub rev 1.00/1.00 addr 1
usb1 at uhci1: USB revision 1.0
uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1
mtrr: Pentium Pro MTRR