manage i386 per-process I/O permission
copies the current I/O permission bitmap into the memory referenced by
sets the I/O permission bitmap from the data pointed to by
iomap. This call may only be made by the superuser.
Additionally, it is only permitted when the
securelevel(7) is less than or equal to 0 or the
machdep.allowaperture sysctl has been set to a
The permission bitmap contains 1024 bits in 32 longwords. If bit
n is clear in the bitmap, then access is granted to
I/O port n. If bit n is set in
the bitmap, then an attempt to access I/O port n
results in delivery of a
SIGBUS signal unless the
process's I/O permission level would grant I/O access.
Code using the
i386_set_ioperm() functions must be compiled
Upon successful completion,
i386_set_ioperm() return 0. Otherwise, a value of -1
is returned and the global variable errno is set to
indicate the error.
i386_set_ioperm() will fail if:
- iomap points outside the process's allocated address space.
i386_set_ioperm() will fail
- The caller was not the superuser, or the securelevel is greater than zero and machdep.allowaperture has not been set to a non-zero value.
Intel, i386 Microprocessor Programmer's Reference Manual.
You can really hose your machine if you enable user-level I/O and write to hardware ports without care.
The bitmap should really cover 65536 bits, but that's just too big for allocation in a kernel structure. If you need access to ports beyond 1024, use i386_iopl(2).