NAME
mlock - disable paging for some parts of memory
SYNOPSIS
#include <sys/mman.h>
int mlock(const void *addr, size_t len));
DESCRIPTION
mlock disables paging for the memory in the range starting
at addr with length len bytes. All pages which contain a
part of the specified memory range are guaranteed be
resident in RAM when the mlock system call returns success-
fully and they are guaranteed to stay in RAM until the pages
are unlocked by munlock or munlockall, or until the process
terminates or starts another program with exec. Child
processes do not inherit page locks across a fork.
Memory locking has two main applications: real-time algo-
rithms and high-security data processing. Real-time applica-
tions require deterministic timing, and, like scheduling,
paging is one major cause of unexpected program execution
delays. Real-time applications will usually also switch to a
real-time scheduler with sched_setscheduler. Cryptographic
security software often handles critical bytes like pass-
words or secret keys as data structures. As a result of pag-
ing, these secrets could be transfered onto a persistent
swap store medium, where they might be accessible to the
enemy long after the security software has erased the
secrets in RAM and terminated.
Memory locks do not stack, i.e., pages which have been
locked several times by calls to mlock or mlockall will be
unlocked by a single call to munlock for the corresponding
range or by munlockall. Pages which are mapped to several
locations or by several processes stay locked into RAM as
long as they are locked at least at one location or by at
least one process.
On POSIX systems on which mlock and munlock are available,
_POSIX_MEMLOCK_RANGE is defined in <unistd.h> and the value
PAGESIZE from <limits.h> indicates the number of bytes per
page.
RETURN VALUE
On success, mlock returns zero. On error, -1 is returned,
errno is set appropriately, and no changes are made to any
locks in the address space of the process.
ERRORS
ENOMEM Some of the specified address range does not
correspond to mapped pages in the address space of
the process or the process tried to exceed the max-
imum number of allowed locked pages.
EPERM The calling process does not have appropriate
privileges. Only root processes are allowed to lock
pages.
EINVAL len was not a positive number.
CONFORMING TO
POSIX.1b, SVr4. SVr4 documents an additional EAGAIN error
code.
SEE ALSO
munlock(2), mlockall(2), and munlockall(2).