Index Index for Section 2
Index Alphabetical listing for M 

mprotect(2)


NAME

  mprotect - Modifies access protections of memory mapping


SYNOPSIS

  #include <sys/mman.h>

  int mprotect (
	  void *addr,
	  size_t len,
	  int prot  );

  The following definitions of the addr parameter do not conform to current
  standards and are supported only for backward compatibility:

	  caddr_t addr
	  const void addr


STANDARDS

  Interfaces documented on this reference page conform to industry standards
  as follows:

  mprotect():  XPG4-UNIX

  Refer to the standards(5) reference page for more information about
  industry standards and associated tags.


PARAMETERS

  addr	    Points to the address of the region to be modified.

  len	    Specifies the length in bytes of the region to be modified.

  prot	    Specifies access permissions as any combination of PROT_READ,
	    PROT_WRITE, and PROT_EXEC ORed together, or PROT_NONE.


DESCRIPTION

  The mprotect() function modifies the access protection of a mapped file or
  shared memory region. The addr and len parameters specify the address and
  length in bytes of the region to be modified.	 The len parameter must be a
  multiple of the page size as returned by sysconf(_SC_PAGE_SIZE).  If len is
  not a multiple of the page size as returned by sysconf(_SC_PAGE_SIZE), the
  length of the region will be rounded up to the next multiple of the page
  size.

  The prot parameter specifies the new access protection for the region.  The
  sys/mman.h header file defines the following access options:

  PROT_READ The mapped region can be read.

  PROT_WRITE
	    The mapped region can be written.

  PROT_EXEC The mapped region can be executed.

  PROT_NONE The mapped region cannot be accessed.

  The prot parameter can be PROT_NONE, or any combination of PROT_READ,
  PROT_WRITE, and PROT_EXEC ORed together.  If PROT_NONE is not specified,
  access permissions may be granted to the region in addition to those
  explicitly requested, except that write access will not be granted unless
  PROT_WRITE is specified.

  If the region is a mapped file which was mapped with MAP_SHARED, the
  mprotect() function grants read or execute access permission only if the
  file descriptor used to map the file is open for reading, and grants write
  access permission only if the file descriptor used to map the file is open
  for writing.	If the region is a mapped file which was mapped with
  MAP_PRIVATE, the mprotect() function grants read, write, or execute access
  permission only if the file descriptor used to map the file is open for
  reading.  If the region is a shared memory region which was mapped with
  MAP_ANONYMOUS, the mprotect() function grants all requested access
  permissions.

  The mprotect() function does not modify the access permission of any region
  which lies outside of the specified region, except that the effect on
  addresses between the end of the region and the end of the page containing
  the end of the region is unspecified.

  If the mprotect() function fails under a condition other than that
  specified by [EINVAL], the access protection of some of the pages in the
  range [addr, addr + len] may have been changed.  For example, if the error
  occurs on some page at an addr2, mprotect() may have modified the
  protections of all whole pages in the range [addr, addr2].


RETURN VALUES

  Upon successful completion, the mprotect() function returns 0 (zero).
  Otherwise, mprotect() returns -1 and sets errno to indicate the error.


ERRORS

  The mprotect() function sets errno to the specified values for the
  following conditions:

  [EACCES]  The prot parameter specifies a protection that conflicts with the
	    access permission set for the underlying file.

  [EFAULT]  [Digital]  The range [addr, addr + len] includes an invalid
	    address.

  [EINVAL]  [Digital]  The range [addr, addr + len] includes SystemV shared
	    memory that is not locked.	Shared memory must be locked using
	    plock(2), shmctl(2) (with the SHM_LOCK option), or mlock(3)
	    before changing protections.

  [ENOMEM]  [XPG4-UNIX]	 Addresses in the range [addr, addr + len] are
	    invalid for the address space of a process, or specify one or
	    more pages which are not mapped.

	    [Digital]  A system resource was exhausted or a system limit was
	    exceeded.  The most common case occurs when the calling process
	    exceeds the kernel configuration parameter VPAGEMAX.  This limit
	    specifies the maximum number of pages per process that can reside
	    in regions of contiguous virtual address space which have mixed
	    page protections.  The system administrator can override the
	    default VPAGEMAX value by specifying the vpagemax nnn option in
	    the system configuration file, then reconfiguring the kernel, and
	    finally rebooting the system.





RELATED INFORMATION

  Functions: getpagesize(2), mmap(2), msync(2), sysconf(3)

  Standards: standards(5)