mprotect
Hurricane Electric Internet Services
NAME
mprotect - control allowable accesses to a region of mem-
ory
SYNOPSIS
#include <sys/mman.h>
int mprotect(caddr_t addr, size_t *len, int prot);
DESCRIPTION
mprotect controls how a section of memory may be accessed.
If an access is disallowed by the protection given it, the
program receives a SIGSEGV.
prot is a bitwise-or of the following values:
PROT_NONE
The memory cannot be accessed at all.
PROT_READ
The memory can be read.
PROT_WRITE
The memory can be written to.
PROT_EXEC
The memory can contain executing code.
The new protection replaces any existing protection. For
example, if the memory had previously been marked
PROT_READ, and mprotect is then called with prot
PROT_WRITE, it will no longer be readable.
RETURN VALUE
On success, mprotect returns zero. On error, -1 is
returned, and errno is set appropriately.
ERRORS
EINVAL addr is not a valid pointer.
EFAULT The memory cannot be accessed.
EACCES The memory cannot be given the specified access.
This can happen, for example, if you mmap(2) a
file to which you have read-only access, then ask
mprotect to mark it PROT_WRITE.
ENOMEM Internal kernel structures could not be allocated.
EXAMPLE
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <sys/mman.h>
int
main(void)
{
char *p;
char c;
/* Allocate a buffer; it will have the default
protection of PROT_READ|PROT_WRITE. */
p = malloc(1024);
if (!p) {
perror("Couldn't malloc(1024)");
exit(errno);
}
c = p[666]; /* Read; ok */
p[666] = 42; /* Write; ok */
/* Mark the buffer read-only. */
if (mprotect(p, 1024, PROT_READ)) {
perror("Couldn't mprotect");
exit(errno);
}
c = p[666]; /* Read; ok */
p[666] = 42; /* Write; program dies on SIGSEGV */
exit(0);
}
SEE ALSO
mmap(2)
Hurricane Electric Internet Services
Copyright (C) 1998
Hurricane Electric.
All Rights Reserved.