NAME
mprotect —
control the protection of
pages
LIBRARY
library “libc”
SYNOPSIS
#include
<sys/mman.h>
int
mprotect(void
*addr, size_t len,
int prot);
DESCRIPTION
Themprotect()
system call changes the specified pages to have protection
prot. Not all implementations will guarantee protection
on a page basis; the granularity of protection changes may be as large as an
entire region. A region is the virtual address space defined by the start and
end addresses of a struct vm_map_entry.
Currently these protection bits are known, which can be combined, OR'd together:
PROT_NONE- No permissions at all.
PROT_READ- The pages can be read.
PROT_WRITE- The pages can be written.
PROT_EXEC- The pages can be executed.
In addition to these protection flags,
FreeBSD provides the ability to set the maximum
protection of a region (which prevents mprotect from
upgrading the permissions). This is accomplished by
or'ing one or more
PROT_ values wrapped in the
PROT_MAX() macro into the prot
argument.
RETURN VALUES
The mprotect() function returns the
value 0 if successful; otherwise the value -1 is returned and
the global variable errno is set to indicate the
error.
ERRORS
The mprotect() system call will fail
if:
- [
EACCES] - The calling process was not allowed to change the protection to the value specified by the prot argument.
- [
EINVAL] - The virtual address range specified by the addr and len arguments is not valid.
- [
EINVAL] - The prot argument contains unhandled bits.
- [
ENOTSUP] - The prot argument contains permissions which are not a subset of the specified maximum permissions.
SEE ALSO
HISTORY
The mprotect() system call was first
documented in 4.2BSD and first appeared in
4.4BSD.
The PROT_MAX functionality was introduced
in FreeBSD 13.