#include <sys/mman.h>

       int mprotect(void *addr, size_t len, int prot);

       mprotect()  changes protection for the calling process's memory page(s)
       containing  any  part  of   the   address   range   in   the   interval
       [addr, addr+len-1].  addr must be aligned to a page boundary.

       If the calling process tries to access memory in a manner that violates
       the protection, then the kernel generates  a  SIGSEGV  signal  for  the

       prot  is  either  PROT_NONE  or a bitwise-or of the other values in the
       following list:

       PROT_NONE  The memory cannot be accessed at all.

       PROT_READ  The memory can be read.

       PROT_WRITE The memory can be modified.

       PROT_EXEC  The memory can be executed.

       On success, mprotect() returns zero.  On error,  -1  is  returned,  and
       errno is set appropriately.

       EACCES The  memory cannot be given the specified access.  This can hap-
              pen, for example, if you mmap(2) a file to which you have  read-
              only access, then ask mprotect() to mark it PROT_WRITE.

       EINVAL addr  is  not  a  valid pointer, or not a multiple of the system
              page size.

       ENOMEM Internal kernel structures could not be allocated.

       ENOMEM Addresses in the range [addr, addr+len-1] are  invalid  for  the
              address  space of the process, or specify one or more pages that
              are not mapped.  (Before kernel 2.4.19,  the  error  EFAULT  was
              incorrectly produced for these cases.)

       SVr4,  POSIX.1-2001.   POSIX  says  that  the behavior of mprotect() is
       unspecified if it is applied  to  a  region  of  memory  that  was  not
       obtained via mmap(2).

       On  Linux it is always permissible to call mprotect() on any address in
       a process's address space (except for the kernel  vsyscall  area).   In
       particular  it  can  be  used  to  change  existing code mappings to be
       The  program  below  allocates four pages of memory, makes the third of
       these pages read-only, and then  executes  a  loop  that  walks  upward
       through the allocated region modifying bytes.

       An example of what we might see when running the program is the follow-

           $ ./a.out
           Start of region:        0x804c000
           Got SIGSEGV at address: 0x804e000

   Program source

       #include <unistd.h>
       #include <signal.h>
       #include <stdio.h>
       #include <malloc.h>
       #include <stdlib.h>
       #include <errno.h>
       #include <sys/mman.h>

       #define handle_error(msg) \
           do { perror(msg); exit(EXIT_FAILURE); } while (0)

       char *buffer;

       static void
       handler(int sig, siginfo_t *si, void *unused)
           printf("Got SIGSEGV at address: 0x%lx\n",
                   (long) si->si_addr);

       main(int argc, char *argv[])
           char *p;
           int pagesize;
           struct sigaction sa;

           sa.sa_flags = SA_SIGINFO;
           sa.sa_sigaction = handler;
           if (sigaction(SIGSEGV, &sa, NULL) == -1)

           pagesize = sysconf(_SC_PAGE_SIZE);
           if (pagesize == -1)

           /* Allocate a buffer aligned on a page boundary;
              initial protection is PROT_READ | PROT_WRITE */

           printf("Loop completed\n");     /* Should never happen */

       mmap(2), sysconf(3)

       This page is part of release 3.54 of the Linux  man-pages  project.   A
       description  of  the project, and information about reporting bugs, can
       be found at

Linux                             2012-08-14                       MPROTECT(2)
Man Pages Copyright Respective Owners. Site Copyright (C) 1994 - 2019 Hurricane Electric. All Rights Reserved.