Seth Woolley's Man Viewer

mprotect(2) - mprotect, mprotect - control allowable accesses to a region of memory - man 2 mprotect

([section] manual, -k keyword, -K [section] search, -f whatis)
man plain no title

MPROTECT(2)                Linux Programmer's Manual               MPROTECT(2)



NAME
       mprotect - control allowable accesses to a region of memory

SYNOPSIS
       #include <sys/mman.h>

       int mprotect(const void *addr, size_t len, int prot);

DESCRIPTION
       The  function  mprotect specifies the desired protection for the memory
       page(s) containing part or all of the interval  [addr,addr+len-1].   If
       an  access(2,5)  is  disallowed  by  the  protection  given  it, the program
       receives a SIGSEGV.

       prot is a bitwise-or of the following values:

       PROT_NONE  The memory cannot be accessed at all.

       PROT_READ  The memory can be read.

       PROT_WRITE The memory can be written to.

       PROT_EXEC  The memory can contain executing code.

       The new protection replaces any existing protection.  For  example,  if(3,n)
       the  memory  had previously been marked PROT_READ, and mprotect is then
       called with prot PROT_WRITE, it will no longer be readable.

RETURN VALUE
       On success, mprotect returns zero.  On error(8,n), -1 is returned, and errno
       is set(7,n,1 builtins) appropriately.

ERRORS
       EACCES The  memory cannot be given the specified access.  This can hap-
              pen, for example, if(3,n) you mmap(2) a file(1,n) to which you have  read-
              only access(2,5), then ask mprotect to mark it PROT_WRITE.

       EFAULT The memory cannot be accessed.

       EINVAL addr is not a valid pointer, or not a multiple of PAGESIZE.

       ENOMEM Internal kernel structures could not be allocated.

EXAMPLE
       #include <stdio.h>
       #include <stdlib.h>
       #include <errno.h>
       #include <sys/mman.h>

       #include <limits.h>    /* for PAGESIZE */
       #ifndef PAGESIZE
       #define PAGESIZE 4096
       #endif

       int
       main(void)
       {
           char *p;
           char c;

           /* Allocate a buffer; it will have the default
              protection of PROT_READ|PROT_WRITE. */
           p = malloc(1024+PAGESIZE-1);
           if(3,n) (!p) {
               perror(1,3)("Couldn't malloc(1024)");
               exit(3,n,1 builtins)(errno);
           }

           /* Align to a multiple of PAGESIZE, assumed to be a power of two */
           p = (char *)(((int) p + PAGESIZE-1) & ~(PAGESIZE-1));

           c = p[666];         /* Read; ok */
           p[666] = 42;        /* Write; ok */

           /* Mark the buffer read-only. */
           if(3,n) (mprotect(p, 1024, PROT_READ)) {
               perror(1,3)("Couldn't mprotect");
               exit(3,n,1 builtins)(errno);
           }

           c = p[666];         /* Read; ok */
           p[666] = 42;        /* Write; program dies on SIGSEGV */

           exit(3,n,1 builtins)(0);
       }

CONFORMING TO
       SVr4,  POSIX.1b  (formerly  POSIX.4).  SVr4 defines an additional error(8,n)
       code EAGAIN. The SVr4 error(8,n) conditions don't map neatly  onto  Linux's.
       POSIX says that mprotect can be used only on regions of memory obtained
       from mmap(2).

NOTES
       On Linux it is always legal to  call  mprotect  on  any  address  in(1,8)  a
       process'  address  space (except for the kernel vsyscall area). In par-
       ticular it can be used to change existing code mappings to be writable.

       Whether  PROT_EXEC has any effect different from PROT_READ is architec-
       ture and kernel version(1,3,5) dependent.

SEE ALSO
       mmap(2)



Linux 2.4                         2003-08-24                       MPROTECT(2)

References for this manual (incoming links)