Content-type: text/html Man page of mprotect

mprotect

Section: System Calls (2)
Index Return to Main Contents
 

NAME

mprotect - Modifies access protections of memory mapping  

SYNOPSIS

#include <sys/mman.h>

int mprotect (        void *addr,
       size_t len,
       int prot );

The following definitions of the addr parameter do not conform to current standards and are supported only for backward compatibility:

      caddr_t addr
       const void addr
 

STANDARDS

Interfaces documented on this reference page conform to industry standards as follows:

mprotect():  XPG4-UNIX

Refer to the standards(5) reference page for more information about industry standards and associated tags.  

PARAMETERS

Points to the address of the region to be modified. Specifies the length in bytes of the region to be modified. Specifies access permissions as any combination of PROT_READ, PROT_WRITE, and PROT_EXEC ORed together, or PROT_NONE.  

DESCRIPTION

The mprotect() function modifies the access protection of a mapped file or shared memory region. The addr and len parameters specify the address and length in bytes of the region to be modified. The len parameter must be a multiple of the page size as returned by sysconf(_SC_PAGE_SIZE). If len is not a multiple of the page size as returned by sysconf(_SC_PAGE_SIZE), the length of the region will be rounded up to the next multiple of the page size.

The prot parameter specifies the new access protection for the region. The sys/mman.h header file defines the following access options: The mapped region can be read. The mapped region can be written. The mapped region can be executed. The mapped region cannot be accessed.

The prot parameter can be PROT_NONE, or any combination of PROT_READ, PROT_WRITE, and PROT_EXEC ORed together. If PROT_NONE is not specified, access permissions may be granted to the region in addition to those explicitly requested, except that write access will not be granted unless PROT_WRITE is specified.

If the region is a mapped file which was mapped with MAP_SHARED, the mprotect() function grants read or execute access permission only if the file descriptor used to map the file is open for reading, and grants write access permission only if the file descriptor used to map the file is open for writing. If the region is a mapped file which was mapped with MAP_PRIVATE, the mprotect() function grants read, write, or execute access permission only if the file descriptor used to map the file is open for reading. If the region is a shared memory region which was mapped with MAP_ANONYMOUS, the mprotect() function grants all requested access permissions.

The mprotect() function does not modify the access permission of any region which lies outside of the specified region, except that the effect on addresses between the end of the region and the end of the page containing the end of the region is unspecified.

If the mprotect() function fails under a condition other than that specified by [EINVAL], the access protection of some of the pages in the range [addr, addr + len] may have been changed. For example, if the error occurs on some page at an addr2, mprotect() may have modified the protections of all whole pages in the range [addr, addr2].  

RETURN VALUES

Upon successful completion, the mprotect() function returns 0 (zero). Otherwise, mprotect() returns -1 and sets errno to indicate the error.  

ERRORS

The mprotect() function sets errno to the specified values for the following conditions:

The prot parameter specifies a protection that conflicts with the access permission set for the underlying file. [Digital]  The range [addr, addr + len] includes an invalid address. [Digital]  The range [addr, addr + len] includes SystemV shared memory that is not locked. Shared memory must be locked using plock(2), shmctl(2) (with the SHM_LOCK option), or mlock(3) before changing protections. [XPG4-UNIX]  Addresses in the range [addr, addr + len] are invalid for the address space of a process, or specify one or more pages which are not mapped.

[Digital]  A system resource was exhausted or a system limit was exceeded. The most common case occurs when the calling process exceeds the kernel configuration parameter VPAGEMAX. This limit specifies the maximum number of pages per process that can reside in regions of contiguous virtual address space which have mixed page protections. The system administrator can override the default VPAGEMAX value by specifying the vpagemax nnn option in the system configuration file, then reconfiguring the kernel, and finally rebooting the system.
 

RELATED INFORMATION

Functions: getpagesize(2), mmap(2), msync(2), sysconf(3)

Standards: standards(5) delim off


 

Index

NAME
SYNOPSIS
STANDARDS
PARAMETERS
DESCRIPTION
RETURN VALUES
ERRORS
RELATED INFORMATION

This document was created by man2html, using the manual pages.
Time: 02:40:17 GMT, October 02, 2010