From 51519c53e02925468634b28fcb89fa5a3c9e888a Mon Sep 17 00:00:00 2001
From: Luke Gorrie <luke@snabb.co>
Date: Mon, 23 Mar 2015 17:04:21 +0100
Subject: [PATCH] memory/pci: Explicitly check for root access when needed

Use ljsyscall's geteuid() via a new library function:

    lib.root_check()
---
 src/core/clib.h          | 3 ---
 src/core/lib.lua         | 9 +++++++++
 src/core/memory.lua      | 1 +
 src/lib/hardware/pci.lua | 7 +++++++
 4 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/src/core/clib.h b/src/core/clib.h
index b0acee7f14..226d978ecd 100644
--- a/src/core/clib.h
+++ b/src/core/clib.h
@@ -61,6 +61,3 @@ uint16_t ntohs(uint16_t);
 uint32_t htonl(uint32_t);
 uint32_t ntohl(uint32_t);
 
-// geteuid(2) - get effective user identity
-int geteuid();
-
diff --git a/src/core/lib.lua b/src/core/lib.lua
index 8c82a90f86..4640ab51d5 100644
--- a/src/core/lib.lua
+++ b/src/core/lib.lua
@@ -3,6 +3,7 @@ module(...,package.seeall)
 local ffi = require("ffi")
 local C = ffi.C
 local getopt = require("lib.lua.alt_getopt")
+local syscall = require("syscall")
 require("core.clib_h")
 
 -- Returns true if x and y are structurally similar (isomorphic).
@@ -419,6 +420,14 @@ function have_module (name)
    end
 end
 
+-- Exit with an error if we are not running as root.
+function root_check (message)
+   if syscall.geteuid() ~= 0 then
+      print(message or "error: must run as root")
+      main.exit(1)
+   end
+end
+
 function selftest ()
    print("selftest: lib")
    print("Testing equal")
diff --git a/src/core/memory.lua b/src/core/memory.lua
index 37e8ddaf1f..2d3067fbf4 100644
--- a/src/core/memory.lua
+++ b/src/core/memory.lua
@@ -61,6 +61,7 @@ function allocate_hugetlb_chunk ()
 end
 
 function reserve_new_page ()
+   lib.root_check("error: must run as root to allocate memory for DMA")
    set_hugepages(get_hugepages() + 1)
 end
 
diff --git a/src/lib/hardware/pci.lua b/src/lib/hardware/pci.lua
index e46bdd96f6..9730da33be 100644
--- a/src/lib/hardware/pci.lua
+++ b/src/lib/hardware/pci.lua
@@ -71,6 +71,7 @@ end
 --- Force Linux to release the device with `pciaddress`.
 --- The corresponding network interface (e.g. `eth0`) will disappear.
 function unbind_device_from_linux (pciaddress)
+   root_check()
     local p = path(pciaddress).."/driver/unbind"
     if lib.can_write(p) then
         lib.writefile(path(pciaddress).."/driver/unbind", pciaddress)
@@ -82,6 +83,7 @@ end
 --   Pointer for memory-mapped access.
 --   File descriptor for the open sysfs resource file.
 function map_pci_memory (device, n)
+   root_check()
    local filepath = path(device).."/resource"..n
    local fd = C.open_pci_resource(filepath)
    assert(fd >= 0)
@@ -98,6 +100,7 @@ end
 --- Enable or disable PCI bus mastering. DMA only works when bus
 --- mastering is enabled.
 function set_bus_master (device, enable)
+   root_check()
    local fd = C.open_pcie_config(path(device).."/config")
    local value = ffi.new("uint16_t[1]")
    assert(C.pread(fd, value, 2, 0x4) == 2)
@@ -110,6 +113,10 @@ function set_bus_master (device, enable)
    C.close(fd)
 end
 
+function root_check ()
+   lib.root_check("error: must run as root to access PCI devices")
+end
+
 --- ### Selftest
 ---
 --- PCI selftest scans for available devices and performs our driver's