NOTE: click here if you get an empty page.

MPROTECT(2)		   Linux Programmer's Manual		   MPROTECT(2)

NAME
       mprotect - control allowable accesses to a region of memory

SYNOPSIS
       #include <sys/mman.h>

       int mprotect(const void *addr, size_t len, int prot);

DESCRIPTION
       The function mprotect() specifies the desired protection for the memory
       page(s) containing part or all of the interval  [addr,addr+len-1].   If
       an  access  is  disallowed  by  the  protection	given  it, the program
       receives a SIGSEGV.

       prot is a bitwise-or of the following values:

       PROT_NONE  The memory cannot be accessed at all.

       PROT_READ  The memory can be read.

       PROT_WRITE The memory can be written to.

       PROT_EXEC  The memory can contain executing code.

       The new protection replaces any existing protection.  For  example,  if
       the memory had previously been marked PROT_READ, and mprotect() is then
       called with prot PROT_WRITE, it will no longer be readable.

RETURN VALUE
       On success, mprotect() returns zero.  On error,	-1  is	returned,  and
       errno is set appropriately.

ERRORS
       EACCES The  memory cannot be given the specified access.	 This can hap-
	      pen, for example, if you mmap(2) a file to which you have	 read-
	      only access, then ask mprotect() to mark it PROT_WRITE.

       EFAULT The memory cannot be accessed.

       EINVAL addr is not a valid pointer, or not a multiple of PAGESIZE.

       ENOMEM Internal	 kernel	  structures  could  not  be  allocated.   Or:
	      addresses	 in the range [addr, addr+len]	are  invalid  for  the
	      address  space of the process, or specify one or more pages that
	      are not mapped.

EXAMPLE
       #include <stdio.h>
       #include <stdlib.h>
       #include <errno.h>
       #include <sys/mman.h>

       #include <limits.h>    /* for PAGESIZE */
       #ifndef PAGESIZE
       #define PAGESIZE 4096
       #endif

       int
       main(void)
       {
	   char *p;
	   char c;

	   /* Allocate a buffer; it will have the default
	      protection of PROT_READ|PROT_WRITE. */
	   p = malloc(1024+PAGESIZE-1);
	   if (!p) {
	       perror("Couldn't malloc(1024)");
	       exit(errno);
	   }

	   /* Align to a multiple of PAGESIZE, assumed to be a power of two */
	   p = (char *)(((int) p + PAGESIZE-1) & ~(PAGESIZE-1));

	   c = p[666];	       /* Read; ok */
	   p[666] = 42;	       /* Write; ok */

	   /* Mark the buffer read-only. */
	   if (mprotect(p, 1024, PROT_READ)) {
	       perror("Couldn't mprotect");
	       exit(errno);
	   }

	   c = p[666];	       /* Read; ok */
	   p[666] = 42;	       /* Write; program dies on SIGSEGV */

	   exit(0);
       }

CONFORMING TO
       SVr4, POSIX.1-2001.  POSIX says that mprotect() can  be	used  only  on
       regions of memory obtained from mmap(2).

NOTES
       On Linux it is always legal to call mprotect() on any address in a pro-
       cess' address space (except for the kernel vsyscall area). In  particu-
       lar it can be used to change existing code mappings to be writable.

       Whether	PROT_EXEC has any effect different from PROT_READ is architec-
       ture and kernel version dependent.

SEE ALSO
       mmap(2)

Linux 2.4			  2003-08-24			   MPROTECT(2)