Index: net-print/cups/files/cupstestppd-seccomp-arm.policy |
diff --git a/net-print/cups/files/cupstestppd-seccomp-arm.policy b/net-print/cups/files/cupstestppd-seccomp-arm.policy |
index f9b624dfd56db81693c8a40dc52fc1a592f89b14..9d31f5b9a4804414809973990d2b0998fbf90475 100644 |
--- a/net-print/cups/files/cupstestppd-seccomp-arm.policy |
+++ b/net-print/cups/files/cupstestppd-seccomp-arm.policy |
@@ -18,10 +18,11 @@ getgid32: 1 |
getuid32: 1 |
lstat: 1 |
lstat64: 1 |
-# Disallow mmap with PROT_EXEC set. The syntax here doesn't |
+# Disallow mmap and mremap with PROT_EXEC set. The syntax here doesn't |
# allow bit negation, so we are using a negated mask as a |
# constant. |
mmap2: arg2 in 0xfffffffb |
+mremap: arg2 in 0xfffffffb |
munmap: 1 |
# Restrict open flags. O_DIRECTORY (0x4000), O_LARGEFILE (0x20000), |
# and O_CLOEXEC (0x80000) aren't symbols minijail knows, so are |