]> git.ipfire.org Git - thirdparty/man-pages.git/blame - man2/mprotect.2
Start of 2.41
[thirdparty/man-pages.git] / man2 / mprotect.2
CommitLineData
fea681da
MK
1.\" -*- nroff -*-
2.\"
3.\" Copyright (C) 1995 Michael Shields <shields@tembel.org>.
4.\"
5.\" Permission is granted to make and distribute verbatim copies of this
6.\" manual provided the copyright notice and this permission notice are
7.\" preserved on all copies.
8.\"
9.\" Permission is granted to copy and distribute modified versions of this
10.\" manual under the conditions for verbatim copying, provided that the
11.\" entire resulting derived work is distributed under the terms of a
12.\" permission notice identical to this one.
13.\"
14.\" Since the Linux kernel and libraries are constantly changing, this
15.\" manual page may be incorrect or out-of-date. The author(s) assume no
16.\" responsibility for errors or omissions, or for damages resulting from
17.\" the use of the information contained herein. The author(s) may not
18.\" have taken the same level of care in the production of this manual,
19.\" which is licensed free of charge, as they might when working
20.\" professionally.
21.\"
22.\" Formatted or processed versions of this manual, if unaccompanied by
23.\" the source, must acknowledge the copyright and author of this work.
24.\"
25.\" Modified 1996-10-22 by Eric S. Raymond <esr@thyrsus.com>
26.\" Modified 1997-05-31 by Andries Brouwer <aeb@cwi.nl>
27.\" Modified 2003-08-24 by Andries Brouwer <aeb@cwi.nl>
28.\" Modified 2004-08-16 by Andi Kleen <ak@muc.de>
29.\"
30.TH MPROTECT 2 2003-08-24 "Linux 2.4" "Linux Programmer's Manual"
31.SH NAME
32mprotect \- control allowable accesses to a region of memory
33.SH SYNOPSIS
34.nf
35.B #include <sys/mman.h>
36.sp
37\fBint mprotect(const void *\fIaddr\fB, size_t \fIlen\fB, int \fIprot\fB);
38.fi
39.SH DESCRIPTION
40The function
e511ffb6 41.BR mprotect ()
fea681da
MK
42specifies the desired protection for the memory page(s) containing
43part or all of the interval [\fIaddr\fP,\fIaddr\fP+\fIlen\fP-1].
44If an access is disallowed by the protection given it, the program receives a
45.BR SIGSEGV .
46.PP
47.I prot
48is a bitwise-or of the following values:
49.TP 1.1i
50.B PROT_NONE
51The memory cannot be accessed at all.
52.TP
53.B PROT_READ
54The memory can be read.
55.TP
56.B PROT_WRITE
57The memory can be written to.
58.TP
59.B PROT_EXEC
60The memory can contain executing code.
61.PP
62The new protection replaces any existing protection. For example, if the
e511ffb6 63memory had previously been marked \fBPROT_READ\fR, and \fBmprotect\fR()
fea681da
MK
64is then called with \fIprot\fR \fBPROT_WRITE\fR, it will no longer
65be readable.
66.SH "RETURN VALUE"
67On success,
e511ffb6 68.BR mprotect ()
fea681da
MK
69returns zero. On error, \-1 is returned, and
70.I errno
71is set appropriately.
72.SH ERRORS
73.TP
74.B EACCES
75The memory cannot be given the specified access. This can happen,
76for example, if you
77.BR mmap (2)
78a file to which you have read-only access, then ask
e511ffb6 79.BR mprotect ()
fea681da
MK
80to mark it
81.BR PROT_WRITE .
82.TP
83.B EFAULT
84The memory cannot be accessed.
85.TP
86.B EINVAL
87\fIaddr\fR is not a valid pointer, or not a multiple of PAGESIZE.
88.TP
89.B ENOMEM
f8ad0aeb 90Internal kernel structures could not be allocated.
c8a55a3d 91Or: addresses in the range
f8ad0aeb
MK
92.RI [ addr ,
93.IR addr + len ]
94are invalid for the address space of the process,
95or specify one or more pages that are not mapped.
fea681da
MK
96.SH EXAMPLE
97.nf
98#include <stdio.h>
99#include <stdlib.h>
100#include <errno.h>
101#include <sys/mman.h>
102
103#include <limits.h> /* for PAGESIZE */
104#ifndef PAGESIZE
105#define PAGESIZE 4096
106#endif
107
108int
109main(void)
110{
111 char *p;
112 char c;
113
114 /* Allocate a buffer; it will have the default
115 protection of PROT_READ|PROT_WRITE. */
116 p = malloc(1024+PAGESIZE-1);
117 if (!p) {
118 perror("Couldn't malloc(1024)");
119 exit(errno);
120 }
121
122 /* Align to a multiple of PAGESIZE, assumed to be a power of two */
123 p = (char *)(((int) p + PAGESIZE-1) & ~(PAGESIZE-1));
124
125 c = p[666]; /* Read; ok */
126 p[666] = 42; /* Write; ok */
127
128 /* Mark the buffer read-only. */
129 if (mprotect(p, 1024, PROT_READ)) {
130 perror("Couldn't mprotect");
131 exit(errno);
132 }
133
134 c = p[666]; /* Read; ok */
135 p[666] = 42; /* Write; program dies on SIGSEGV */
136
137 exit(0);
138}
139.fi
140.SH "CONFORMING TO"
97c1eac8
MK
141SVr4, POSIX.1-2001.
142.\" SVr4 defines an additional error
143.\" code EAGAIN. The SVr4 error conditions don't map neatly onto Linux's.
fea681da 144POSIX says that
e511ffb6 145.BR mprotect ()
fea681da
MK
146can be used only on regions of memory obtained from
147.BR mmap (2).
148.SH NOTES
149On Linux it is always legal to call
e511ffb6 150.BR mprotect ()
fea681da
MK
151on any address in a process' address space (except for the
152kernel vsyscall area). In particular it can be used
153to change existing code mappings to be writable.
154
155Whether
156.B PROT_EXEC
157has any effect different from
158.B PROT_READ
159is architecture and kernel version dependent.
160.SH "SEE ALSO"
161.BR mmap (2)