control the protection of
*addr, size_t len,
system call sets the access protections for the pages that contain the
address range addr through addr
+ len - 1 (inclusive). If len is
0, no action is taken on the page that contains
The protections (region accessibility) are specified in the
prot argument. It should either be
PROT_NONE (no permissions) or the bitwise OR of one
or more of the following values:
- Pages may be executed.
- Pages may be read.
- Pages may be written.
Not all implementations will guarantee protection on a page basis;
the granularity of protection changes may be as large as an entire region.
Nor will all implementations guarantee to give exactly the requested
permissions; more permissions may be granted than requested by
prot. However, if
was not specified then the page will not be writable.
Upon successful completion, the value 0 is returned; otherwise the value -1 is returned and the global variable errno is set to indicate the error.
mprotect() will fail if:
- The process does not have sufficient access to the underlying memory object to provide the requested protection.
- The process has locked future pages with
mlockall(MCL_FUTURE), a page being protected is not currently accessible, and making it accessible and locked would exceed process or system limits.
- The accesses requested in the prot argument are not
allowed. In particular,
PROT_EXECmappings are not permitted in most binaries (see
kern.wxabortin sysctl 3 for more information).
- The prot argument is invalid or the specified address range would wrap around.
madvise(2), mincore(2), msync(2), munmap(2)
mprotect() function conforms to
IEEE Std 1003.1-2008 (“POSIX.1”).
mprotect() function first appeared in
The OpenBSD implementation of
mprotect() does not require
addr to be page-aligned, although other