diff options
Diffstat (limited to 'sandbox-seccomp-filter.c')
-rw-r--r-- | sandbox-seccomp-filter.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c index 7b44755cb..840c5232b 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c | |||
@@ -216,10 +216,10 @@ static const struct sock_filter preauth_insns[] = { | |||
216 | SC_ALLOW(__NR_madvise), | 216 | SC_ALLOW(__NR_madvise), |
217 | #endif | 217 | #endif |
218 | #ifdef __NR_mmap | 218 | #ifdef __NR_mmap |
219 | SC_ALLOW(__NR_mmap), | 219 | SC_ALLOW_ARG_MASK(__NR_mmap, 2, PROT_READ|PROT_WRITE|PROT_NONE), |
220 | #endif | 220 | #endif |
221 | #ifdef __NR_mmap2 | 221 | #ifdef __NR_mmap2 |
222 | SC_ALLOW(__NR_mmap2), | 222 | SC_ALLOW_ARG_MASK(__NR_mmap2, 2, PROT_READ|PROT_WRITE|PROT_NONE), |
223 | #endif | 223 | #endif |
224 | #ifdef __NR_mprotect | 224 | #ifdef __NR_mprotect |
225 | SC_ALLOW_ARG_MASK(__NR_mprotect, 2, PROT_READ|PROT_WRITE|PROT_NONE), | 225 | SC_ALLOW_ARG_MASK(__NR_mprotect, 2, PROT_READ|PROT_WRITE|PROT_NONE), |