mprotect(2) [netbsd man page]
MPROTECT(2) BSD System Calls Manual MPROTECT(2) NAME
mprotect -- control the protection of pages LIBRARY
Standard C Library (libc, -lc) SYNOPSIS
#include <sys/mman.h> int mprotect(void *addr, size_t len, int prot); DESCRIPTION
The mprotect() system call changes the specified pages to have protection prot. Not all implementations will guarantee protection on a page basis; the granularity of protection changes may be as large as an entire region. The protections (region accessibility) are specified in the prot argument by OR'ing the following values: PROT_EXEC Pages may be executed. PROT_READ Pages may be read. PROT_WRITE Pages may be written. PROT_NONE No permissions. RETURN VALUES
Upon successful completion, a value of 0 is returned. Otherwise, a value of -1 is returned and errno is set to indicate the error. ERRORS
[EACCES] A memory protection violation occurred, or the PROT_EXEC flag was attempted on pages which belong to a filesystem mounted with the NOEXEC flag. [EINVAL] An invalid memory range, or invalid parameters were provided. [ENOMEM] A resource shortage occurred while internally calling uvm_map_protect(9). SEE ALSO
madvise(2), mincore(2), msync(2), munmap(2) HISTORY
The mprotect() function first appeared in 4.4BSD. BSD
April 3, 2011 BSD
Check Out this Related Man Page
MPROTECT(2) Linux Programmer's Manual MPROTECT(2) NAME
mprotect - control allowable accesses to a region of memory SYNOPSIS
#include <sys/mman.h> int mprotect(const void *addr, size_t len, int prot); DESCRIPTION
mprotect controls how a section of memory may be accessed. If an access is disallowed by the protection given it, the program receives a SIGSEGV. prot is a bitwise-or of the following values: PROT_NONE The memory cannot be accessed at all. PROT_READ The memory can be read. PROT_WRITE The memory can be written to. PROT_EXEC The memory can contain executing code. The new protection replaces any existing protection. For example, if the memory had previously been marked PROT_READ, and mprotect is then called with prot PROT_WRITE, it will no longer be readable. RETURN VALUE
On success, mprotect returns zero. On error, -1 is returned, and errno is set appropriately. ERRORS
EINVAL addr is not a valid pointer, or not a multiple of PAGESIZE. EFAULT The memory cannot be accessed. EACCES The memory cannot be given the specified access. This can happen, for example, if you mmap(2) a file to which you have read-only access, then ask mprotect to mark it PROT_WRITE. ENOMEM Internal kernel structures could not be allocated. EXAMPLE
#include <stdio.h> #include <stdlib.h> #include <errno.h> #include <sys/mman.h> #include <limits.h> /* for PAGESIZE */ #ifndef PAGESIZE #define PAGESIZE 4096 #endif int main(void) { char *p; char c; /* Allocate a buffer; it will have the default protection of PROT_READ|PROT_WRITE. */ p = malloc(1024+PAGESIZE-1); if (!p) { perror("Couldn't malloc(1024)"); exit(errno); } /* Align to a multiple of PAGESIZE, assumed to be a power of two */ p = (char *)(((int) p + PAGESIZE-1) & ~(PAGESIZE-1)); c = p[666]; /* Read; ok */ p[666] = 42; /* Write; ok */ /* Mark the buffer read-only. */ if (mprotect(p, 1024, PROT_READ)) { perror("Couldn't mprotect"); exit(errno); } c = p[666]; /* Read; ok */ p[666] = 42; /* Write; program dies on SIGSEGV */ exit(0); } CONFORMING TO
SVr4, POSIX.1b (formerly POSIX.4). SVr4 defines an additional error code EAGAIN. The SVr4 error conditions don't map neatly onto Linux's. POSIX.1b says that mprotect can be used only on regions of memory obtained from mmap(2). SEE ALSO
mmap(2) Linux 2.0 1997-05-31 MPROTECT(2)