*** UNIX MANUAL PAGE BROWSER ***

mprotect(2) System Calls Manual mprotect(2) NAME mprotect - Modifies access protections of memory mapping SYNOPSIS #include <sys/mman.h> int mprotect ( void *addr, size_t len, int prot ); The following definitions of the addr parameter do not conform to cur- rent standards and are supported only for backward compatibility: caddr_t addr const void addr STANDARDS Interfaces documented on this reference page conform to industry stan- dards as follows: mprotect(): XPG4-UNIX Refer to the standards(5) reference page for more information about in- dustry standards and associated tags. PARAMETERS Points to the address of the region to be modified. Specifies the length in bytes of the region to be modified. Specifies access permis- sions as any combination of PROT_READ, PROT_WRITE, and PROT_EXEC ORed together, or PROT_NONE. DESCRIPTION The mprotect() function modifies the access protection of a mapped file or shared memory region. The addr and len parameters specify the ad- dress and length in bytes of the region to be modified. The len para- meter must be a multiple of the page size as returned by sysconf(_SC_PAGE_SIZE). If len is not a multiple of the page size as returned by sysconf(_SC_PAGE_SIZE), the length of the region will be rounded up to the next multiple of the page size. The prot parameter specifies the new access protection for the region. The sys/mman.h header file defines the following access options: The mapped region can be read. The mapped region can be written. The mapped region can be executed. The mapped region cannot be accessed. The prot parameter can be PROT_NONE, or any combination of PROT_READ, PROT_WRITE, and PROT_EXEC ORed together. If PROT_NONE is not speci- fied, access permissions may be granted to the region in addition to those explicitly requested, except that write access will not be granted unless PROT_WRITE is specified. If the region is a mapped file which was mapped with MAP_SHARED, the mprotect() function grants read or execute access permission only if the file descriptor used to map the file is open for reading, and grants write access permission only if the file descriptor used to map the file is open for writing. If the region is a mapped file which was mapped with MAP_PRIVATE, the mprotect() function grants read, write, or execute access permission only if the file descriptor used to map the file is open for reading. If the region is a shared memory region which was mapped with MAP_ANONYMOUS, the mprotect() function grants all requested access permissions. The mprotect() function does not modify the access permission of any region which lies outside of the specified region, except that the ef- fect on addresses between the end of the region and the end of the page containing the end of the region is unspecified. If the mprotect() function fails under a condition other than that specified by [EINVAL], the access protection of some of the pages in the range [addr, addr + len] may have been changed. For example, if the error occurs on some page at an addr2, mprotect() may have modified the protections of all whole pages in the range [addr, addr2]. RETURN VALUES Upon successful completion, the mprotect() function returns 0 (zero). Otherwise, mprotect() returns -1 and sets errno to indicate the error. ERRORS The mprotect() function sets errno to the specified values for the fol- lowing conditions: The prot parameter specifies a protection that conflicts with the ac- cess permission set for the underlying file. [Digital] The range [addr, addr + len] includes an invalid address. [Digital] The range [addr, addr + len] includes SystemV shared memory that is not locked. Shared memory must be locked using plock(2), shmctl(2) (with the SHM_LOCK option), or mlock(2) before changing protections. [XPG4-UNIX] Addresses in the range [addr, addr + len] are invalid for the address space of a process, or specify one or more pages which are not mapped. [Digital] A system resource was exhausted or a system limit was exceeded. The most common case occurs when the calling process exceeds the kernel configuration parameter VPAGEMAX. This limit specifies the maximum number of pages per process that can re- side in regions of contiguous virtual address space which have mixed page protections. The system administrator can override the default VPAGEMAX value by specifying the vpagemax nnn option in the system configuration file, then reconfiguring the kernel, and finally rebooting the system. RELATED INFORMATION Functions: getpagesize(2), mmap(2), msync(2), sysconf(3) Standards: standards(5) delim off mprotect(2)