Merge pull request #16 from FrameworkComputer/kernel-lockdown

JohnAZoidberg · web-flow · commit 14ca5adf9f9f · 2023-11-13T14:38:52.000+08:00
portio: Bail on Linux if kernel is locked down
diff --git a/framework_lib/src/chromium_ec/portio.rs b/framework_lib/src/chromium_ec/portio.rs
@@ -210,7 +210,7 @@ fn init() -> bool {
     }
 
     if !Uid::effective().is_root() {
-        println!("Must be root to use port based I/O for EC communication.");
+        error!("Must be root to use port based I/O for EC communication.");
         *init = Initialized::Failed;
         return false;
     }
@@ -220,12 +220,21 @@ fn init() -> bool {
             portio_mec::mec_init();
         } else {
             // 8 for request/response header, 0xFF for response
-            ioperm(EC_LPC_ADDR_HOST_ARGS as u64, 8 + 0xFF, 1);
-
-            ioperm(EC_LPC_ADDR_HOST_CMD as u64, 1, 1);
-            ioperm(EC_LPC_ADDR_HOST_DATA as u64, 1, 1);
-
-            ioperm(NPC_MEMMAP_OFFSET as u64, super::EC_MEMMAP_SIZE as u64, 1);
+            let res = ioperm(EC_LPC_ADDR_HOST_ARGS as u64, 8 + 0xFF, 1);
+            if res != 0 {
+                error!(
+                    "ioperm failed. portio driver is likely block by Linux kernel lockdown mode"
+                );
+                return false;
+            }
+
+            let res = ioperm(EC_LPC_ADDR_HOST_CMD as u64, 1, 1);
+            assert_eq!(res, 0);
+            let res = ioperm(EC_LPC_ADDR_HOST_DATA as u64, 1, 1);
+            assert_eq!(res, 0);
+
+            let res = ioperm(NPC_MEMMAP_OFFSET as u64, super::EC_MEMMAP_SIZE as u64, 1);
+            assert_eq!(res, 0);
         }
     }
     *init = Initialized::Succeeded;
