Am Sonntag, den 08.05.2011, 12:05 +0400 schrieb Антон Кочков:
And found this theme http://forums.grsecurity.net/viewtopic.php?t=1654 So, for access ioperm() and iopl() you need disable "Disable Privileged I/O (CONFIG_GRKERSEC_IO)" option in kernel config. Can we print this message when found such configuration? Are there way to make port access without iopl()?
The only way to make some I/O port access without iopl() is with ioperm(), and the limites ioperm sets (no ports above 0x3ff) are making it nearly useless for flashrom. And as even ioperm is forbidden, there are no ways remaining. And that's intentional. With iopl() you are able not only to flash a BIOS rootkit, but also for example to write random data to random sectors of parallel ATA hard drives. The latter also works with ioperm in typical PC configurations.
Regards, Michael Karcher