NAME
vm_protect - change protection of task’s memory

SYNOPSIS
#include <mach.h>

kern_return_t vm_protect(target_task, address, size, set_maximum,
new_protection)
vm_task_t target_task;
vm_address_t address;
vm_size_t size;
boolean_t set_maximum;
vm_prot_t new_protection;

ARGUMENTS
target_task Task whose virtual memory is to be affected.

address Starting address (will be rounded down to a page
boundary).

size Size in bytes of the region for which protection is
to change (will be rounded up to give a page
boundary).

set_maximum If set, make the protection change apply to the
maximum protection associated with this address
range; otherwise, the current protection on this
range is changed. If the maximum protection is
reduced below the current protection, both will be
changed to reflect the new maximum.

new_protection A new protection value for this region; a set of:
VM_PROT_READ, VM_PROT_WRITE, VM_PROT_EXECUTE.

DESCRIPTION
vm_protect changes the protection of some pages of allocated memory
in a task’s address space. In general a protection value allows
the named operation. When memory is first allocated it has all
protection bits on. The exact interpertation of a protection value
is machine dependent. The machines on which Mach is currently
implemented only provide three levels of memory protection: no
access, read and execute access, and read, execute and write
access. On this class of architectures, VM_PROT_WRITE allows read,
execute and write access, VM_PROT_READ or VM_PROT_EXECUTE allows
read and execute access, but not write access.

DIAGNOSTICS
KERN_SUCCESS Memory protected.

KERN_PROTECTION_FAILURE An attempt was made to increase the
current or maximum protection beyond
the existing maximum protection
value.

KERN_INVALID_ADDRESS Illegal or non-allocated address
specified.