-.\" Hey Emacs! This file is -*- nroff -*- source.
-.\"
.\" Copyright (c) 1993 Michael Haardt
.\" (michael@moria.de)
.\" Fri Apr 2 11:32:09 MET DST 1993
.\"
+.\" %%%LICENSE_START(GPLv2+_DOC_FULL)
.\" This is free documentation; you can redistribute it and/or
.\" modify it under the terms of the GNU General Public License as
.\" published by the Free Software Foundation; either version 2 of
.\" GNU General Public License for more details.
.\"
.\" You should have received a copy of the GNU General Public
-.\" License along with this manual; if not, write to the Free
-.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111,
-.\" USA.
+.\" License along with this manual; if not, see
+.\" <http://www.gnu.org/licenses/>.
+.\" %%%LICENSE_END
.\"
.\" Modified Sat Jul 24 15:12:05 1993 by Rik Faith <faith@cs.unc.edu>
.\" Modified Tue Aug 1 16:27 1995 by Jochen Karrer
.\" <cip307@cip.physik.uni-wuerzburg.de>
.\" Modified Tue Oct 22 08:11:14 EDT 1996 by Eric S. Raymond <esr@thyrsus.com>
.\" Modified Mon Feb 15 17:28:41 CET 1999 by Andries E. Brouwer <aeb@cwi.nl>
-.\" Modified, 27 May 2004, Michael Kerrisk <mtk-manpages@gmx.net>
+.\" Modified, 27 May 2004, Michael Kerrisk <mtk.manpages@gmail.com>
.\" Added notes on capability requirements
.\"
-.TH IOPERM 2 2007-06-15 "Linux" "Linux Programmer's Manual"
+.TH IOPERM 2 2017-09-15 "Linux" "Linux Programmer's Manual"
.SH NAME
ioperm \- set port input/output permissions
.SH SYNOPSIS
-.B #include <unistd.h>
-/* for libc5 */
-.br
.B #include <sys/io.h>
/* for glibc */
-.sp
+.PP
.BI "int ioperm(unsigned long " from ", unsigned long " num ", int " turn_on );
.SH DESCRIPTION
.BR ioperm ()
-sets the port access permission bits for the calling process for
-\fInum\fP bytes starting from port address \fIfrom\fP to the value
-\fIturn_on\fP.
-If \fIturn_on\fP is non-zero, the calling process must be privileged
+sets the port access permission bits for the calling thread for
+.I num
+bits starting from port address
+.IR from .
+If
+.I turn_on
+is nonzero, then permission for the specified bits is enabled;
+otherwise it is disabled.
+If
+.I turn_on
+is nonzero, the calling thread must be privileged
.RB ( CAP_SYS_RAWIO ).
-
-.\" FIXME is the following ("Only the first 0x3ff I/O ports can be
-.\" specified in this manner") still true? Looking at changes in
-.\" include/asm-i386/processor.h between 2.4 and 2.6 suggests
-.\" that the limit is different in 2.6.
-Only the first 0x3ff I/O ports can be specified in this manner.
+.PP
+Before Linux 2.6.8,
+only the first 0x3ff I/O ports could be specified in this manner.
For more ports, the
.BR iopl (2)
-system call must be used.
-
-Permissions are not inherited by the child created by
-.BR fork (2).
+system call had to be used (with a
+.I level
+argument of 3).
+Since Linux 2.6.8, 65,536 I/O ports can be specified.
+.PP
+Permissions are inherited by the child created by
+.BR fork (2)
+(but see NOTES).
Permissions are preserved across
.BR execve (2);
-this is useful for giving port access permissions to non-privileged
+this is useful for giving port access permissions to unprivileged
programs.
-
+.PP
This call is mostly for the i386 architecture.
On many other architectures it does not exist or will always
return an error.
-.SH "RETURN VALUE"
+.SH RETURN VALUE
On success, zero is returned.
On error, \-1 is returned, and
.I errno
Out of memory.
.TP
.B EPERM
-The calling process has insufficient privilege.
-.SH "CONFORMING TO"
+The calling thread has insufficient privilege.
+.SH CONFORMING TO
.BR ioperm ()
-is Linux specific and should not be used in programs
+is Linux-specific and should not be used in programs
intended to be portable.
.SH NOTES
-Libc5 treats it as a system call and has a prototype in
-.IR <unistd.h> .
-Glibc1 does not have a prototype.
-Glibc2 has a prototype both in
+The
+.I /proc/ioports
+file shows the I/O ports that are currently allocated on the system.
+.PP
+Before Linux 2.4,
+permissions were not inherited by a child created by
+.BR fork (2).
+.PP
+Glibc has an
+.BR ioperm ()
+prototype both in
.I <sys/io.h>
and in
.IR <sys/perm.h> .
Avoid the latter, it is available on i386 only.
-.SH "SEE ALSO"
+.SH SEE ALSO
.BR iopl (2),
+.BR outb (2),
.BR capabilities (7)