iopl(2) — Linux manual page


IOPL(2)                   Linux Programmer's Manual                  IOPL(2)

NAME         top

       iopl - change I/O privilege level

SYNOPSIS         top

       #include <sys/io.h>

       int iopl(int level);

DESCRIPTION         top

       iopl() changes the I/O privilege level of the calling process, as
       specified by the two least significant bits in level.

       This call is necessary to allow 8514-compatible X servers to run
       under Linux.  Since these X servers require access to all 65536 I/O
       ports, the ioperm(2) call is not sufficient.

       In addition to granting unrestricted I/O port access, running at a
       higher I/O privilege level also allows the process to disable
       interrupts.  This will probably crash the system, and is not

       Permissions are not inherited by the child process created by fork(2)
       and are not preserved across execve(2) (but see NOTES).

       The I/O privilege level for a normal process is 0.

       This call is mostly for the i386 architecture.  On many other
       architectures it does not exist or will always return an error.

RETURN VALUE         top

       On success, zero is returned.  On error, -1 is returned, and errno is
       set appropriately.

ERRORS         top

       EINVAL level is greater than 3.

       ENOSYS This call is unimplemented.

       EPERM  The calling process has insufficient privilege to call iopl();
              the CAP_SYS_RAWIO capability is required to raise the I/O
              privilege level above its current value.

CONFORMING TO         top

       iopl() is Linux-specific and should not be used in programs that are
       intended to be portable.

NOTES         top

       Glibc2 has a prototype both in <sys/io.h> and in <sys/perm.h>.  Avoid
       the latter, it is available on i386 only.

       Prior to Linux 3.7, on some architectures (such as i386), permissions
       were inherited by the child produced by fork(2) and were preserved
       across execve(2).  This behavior was inadvertently changed in Linux
       3.7, and won't be reinstated.

SEE ALSO         top

       ioperm(2), outb(2), capabilities(7)

COLOPHON         top

       This page is part of release 5.07 of the Linux man-pages project.  A
       description of the project, information about reporting bugs, and the
       latest version of this page, can be found at

Linux                            2017-09-15                          IOPL(2)

Pages that refer to this page: afs_syscall(2)break(2)fattach(2)fdetach(2)getmsg(2)getpmsg(2)gtty(2)inb(2)inb_p(2)inl(2)inl_p(2)insb(2)insl(2)insw(2)inw(2)inw_p(2)ioperm(2)isastream(2)lock(2)madvise1(2)mpx(2)outb(2)outb_p(2)outl(2)outl_p(2)outsb(2)outsl(2)outsw(2)outw(2)outw_p(2)phys(2)prof(2)putmsg(2)putpmsg(2)security(2)stty(2)syscalls(2)tuxcall(2)unimplemented(2)vserver(2)systemd.exec(5)capabilities(7)