Hello Thomas, On 6/26/20 10:29 PM, Thomas Piekarski wrote: > Updating description of permissions for port-mapped I/O set per-thread > and not per-process. Mentioning iopl can not disable interrupts since > 5.5 anymore and is in general deprecated and only provided for legacy X > servers. > > See https://bugzilla.kernel.org/show_bug.cgi?id=205317 > > Reported-by: victorm007@xxxxxxxxx > Signed-off-by: Thomas Piekarski <t.piekarski@xxxxxxxxxxxxxx> Thanks! I've applied this patch. Cheers, Michael > --- > man2/iopl.2 | 34 ++++++++++++++-------------------- > 1 file changed, 14 insertions(+), 20 deletions(-) > > diff --git a/man2/iopl.2 b/man2/iopl.2 > index e5b216a14..be9acfd1e 100644 > --- a/man2/iopl.2 > +++ b/man2/iopl.2 > @@ -39,29 +39,17 @@ iopl \- change I/O privilege level > .BI "int iopl(int " level ); > .SH DESCRIPTION > .BR iopl () > -changes the I/O privilege level of the calling process, > +changes the I/O privilege level of the calling thread, > as specified by the two least significant bits in > .IR level . > .PP > -This call is necessary to allow 8514-compatible X servers to run under > -Linux. > -Since these X servers require access to all 65536 I/O ports, the > -.BR ioperm (2) > -call is not sufficient. > +The I/O privilege level for a normal thread is 0. > +Permissions are inherited from parents to children. > .PP > -In addition to granting unrestricted I/O port access, running at a higher > -I/O privilege level also allows the process to disable interrupts. > -This will probably crash the system, and is not recommended. > -.PP > -Permissions are not inherited by the child process created by > -.BR fork (2) > -and are not preserved across > -.BR execve (2) > -(but see NOTES). > -.PP > -The I/O privilege level for a normal process is 0. > -.PP > -This call is mostly for the i386 architecture. > +This call is deprecated, significantly slower than > +.BR ioperm(2) > +and is only provided for older X servers which require > +access to all 65536 I/O ports. It is mostly for the i386 architecture. > On many other architectures it does not exist or will always > return an error. > .SH RETURN VALUE > @@ -79,7 +67,7 @@ is greater than 3. > This call is unimplemented. > .TP > .B EPERM > -The calling process has insufficient privilege to call > +The calling thread has insufficient privilege to call > .BR iopl (); > the > .B CAP_SYS_RAWIO > @@ -99,6 +87,12 @@ and in > .IR <sys/perm.h> . > Avoid the latter, it is available on i386 only. > .PP > +Prior to Linux 5.5 > +.BR iopl () > +allowed the thread to disable interrupts while running > +at a higher I/O privilege level. This will probably crash > +the system, and is not recommended. > +.PP > Prior to Linux 3.7, > on some architectures (such as i386), permissions > .I were > -- Michael Kerrisk Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/ Linux/UNIX System Programming Training: http://man7.org/training/
