Good day! Just found that flashrom doesnt work on some hardened configuration - Hardened Gentoo - on hardened kernel-2.6.38
Linux xserver 2.6.38-hardened #1 SMP Wed Apr 20 02:19:23 CEST 2011 x86_64 Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz GenuineIntel GNU/Linux
flashrom v0.9.3-r1297 on Linux 2.6.38-hardened (x86_64), built with libpci 3.1.7, GCC 4.5.2, little endian flashrom is free software, get the source code at http://www.flashrom.org
Calibrating delay loop... OS timer resolution is 1 usecs, 1530M loops per second, 10 myus = 10 us, 100 myus = 99 us, 1000 myus = 996 us, 10000 myus = 9977 us, 4 myus = 4 us, OK. Initializing internal programmer ERROR: Could not get I/O privileges (Operation not permitted). You need to be root.
And this from dmesg:
[1578171.686680] grsec: From 79.111.220.160: denied use of iopl() by /home/xvilka/flashrom/flashrom[flashrom:10596] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:10591] uid/euid:0/0 gid/egid:0/0 [1578218.043347] grsec: From 79.111.220.160: denied use of iopl() by /home/xvilka/flashrom/flashrom[flashrom:10612] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:10606] uid/euid:0/0 gid/egid:0/0 [1578388.047996] grsec: From 79.111.220.160: denied use of iopl() by /home/xvilka/flashrom/flashrom[flashrom:10645] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:10606] uid/euid:0/0 gid/egid:0/0
And found this theme http://forums.grsecurity.net/viewtopic.php?t=1654 So, for access ioperm() and iopl() you need disable "Disable Privileged I/O (CONFIG_GRKERSEC_IO)" option in kernel config. Can we print this message when found such configuration? Are there way to make port access without iopl()?
Best regards, Anton Kochkov.