Can I write-protect every page in the address space of a Linux process?

Question

I\'m wondering if there\'s a way to write-protect every page in a Linux process\' address space (from inside of the process itself, by way of mprotect()). By \

Answer 1

You recieve ENOMEM from mprotect() if you try to call it on pages that aren't mapped.

Your best bet is to open /proc/self/maps, and read it a line at a time with fgets() to find all the mappings in your process. For each writeable mapping (indicated in the second field) that isn't the stack (indicated in the last field), call mprotect() with the right base address and length (calculated from the start and end addresses in the first field).

Note that you'll need to have your fault handler already set up at this point, because the act of reading the maps file itself will likely cause writes within your address space.

Answer 2

Start simple. Write-protect a few page and make sure your signal handler works for these pages. Then worry about expanding the scope of the protection. For example, you probably do not need to write-protect the code-section: operating systems can implement write-or-execute protection semantics on memory that will prevent code sections from ever being written to:

• http://en.wikipedia.org/wiki/Self-modifying_code#Operating_systems