Provided by: manpages-dev_2.17-1_all bug

NAME

       mprotect - control allowable accesses to a region of memory

SYNOPSIS

       #include <sys/mman.h>

       int mprotect(const void *addr, size_t len, int prot);

DESCRIPTION

       The function mprotect() specifies the desired protection for the memory
       page(s) containing part or all of the interval  [addr,addr+len-1].   If
       an  access  is  disallowed  by  the  protection  given  it, the program
       receives a SIGSEGV.

       prot is a bitwise-or of the following values:

       PROT_NONE  The memory cannot be accessed at all.

       PROT_READ  The memory can be read.

       PROT_WRITE The memory can be written to.

       PROT_EXEC  The memory can contain executing code.

       The new protection replaces any existing protection.  For  example,  if
       the memory had previously been marked PROT_READ, and mprotect() is then
       called with prot PROT_WRITE, it will no longer be readable.

RETURN VALUE

       On success, mprotect() returns zero.  On error,  -1  is  returned,  and
       errno is set appropriately.

ERRORS

       EACCES The  memory  cannot  be  given  the  specified access.  This can
              happen, for example, if you mmap(2) a file  to  which  you  have
              read-only access, then ask mprotect() to mark it PROT_WRITE.

       EFAULT The memory cannot be accessed.

       EINVAL addr is not a valid pointer, or not a multiple of PAGESIZE.

       ENOMEM Internal kernel structures could not be allocated.  Or: addreses
              in the range [addr, addr+len] are invalid for the address  space
              of  the  process,  or  specify  one  or  more pages that are not
              mapped.

EXAMPLE

       #include <stdio.h>
       #include <stdlib.h>
       #include <errno.h>
       #include <sys/mman.h>

       #include <limits.h>    /* for PAGESIZE */
       #ifndef PAGESIZE
       #define PAGESIZE 4096
       #endif

       int
       main(void)
       {
           char *p;
           char c;

           /* Allocate a buffer; it will have the default
              protection of PROT_READ|PROT_WRITE. */
           p = malloc(1024+PAGESIZE-1);
           if (!p) {
               perror("Couldn’t malloc(1024)");
               exit(errno);
           }

           /* Align to a multiple of PAGESIZE, assumed to be a power of two */
           p = (char *)(((int) p + PAGESIZE-1) & ~(PAGESIZE-1));

           c = p[666];         /* Read; ok */
           p[666] = 42;        /* Write; ok */

           /* Mark the buffer read-only. */
           if (mprotect(p, 1024, PROT_READ)) {
               perror("Couldn’t mprotect");
               exit(errno);
           }

           c = p[666];         /* Read; ok */
           p[666] = 42;        /* Write; program dies on SIGSEGV */

           exit(0);
       }

CONFORMING TO

       SVr4, POSIX.1b (formerly POSIX.4).  SVr4 defines  an  additional  error
       code  EAGAIN.  The SVr4 error conditions don’t map neatly onto Linux’s.
       POSIX says that mprotect() can  be  used  only  on  regions  of  memory
       obtained from mmap(2).

NOTES

       On  Linux  it  is  always  legal to call mprotect() on any address in a
       process’ address space  (except  for  the  kernel  vsyscall  area).  In
       particular  it  can  be  used  to  change  existing code mappings to be
       writable.

       Whether  PROT_EXEC  has  any  effect  different   from   PROT_READ   is
       architecture and kernel version dependent.

SEE ALSO

       mmap(2)