>>>>> "Brett" == Brett Lymn <blymn@awadi.com.au> writes:

Brett> ... if a permission request is made for an I/O location
Brett> off the end of the table you specified in the map length field of the
Brett> TSS then the access is allowed.

This is incorrect; my reference [1] says that ports which have no bitmap
position (i.e. their bit offset into the bitmap is beyond the end of
the bitmap) are protected from access.

Brett> I think a system call would be the best way....

There's one already, as part of sysarch().  See i386_{set,get}_ioperm(2).

As Chris Demetriou has pointed out in other mail, the i386_iopl() call
(and by implication i386_get_ioperm() also) probably should be disabled
when securelevel > 0.

==John

[1] Nelson, Ross. Microsoft's 80386/80486 Programming Guide, 2nd
Edition.  Microsoft Press, Redmond, WA, 1991.