seccomp: Add mremap to policy file

Mremap is used when libdbus call realloc in __dbus_string_compact,
which might happen sometimes.

BUG=chromium:901225
TEST=On a broken DUT
     $ restart cras
     and check if syscall 25 is blocked by seccomp in dmesg

Change-Id: Iaae7dc3e541305af66175bff39fcb481f636c403
Reviewed-on: https://chromium-review.googlesource.com/1314268
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Chih-Yang Hsia <paulhsia@chromium.org>
Reviewed-by: Cheng-Yi Chiang <cychiang@chromium.org>

3 files changed, 3 insertions, 0 deletions

diff --git a/seccomp/cras-seccomp-amd64.policy b/seccomp/cras-seccomp-amd64.policy
index d339b09a..0c1c46fa 100644
--- a/seccomp/cras-seccomp-amd64.policy
+++ b/seccomp/cras-seccomp-amd64.policy
@@ -84,3 +84,4 @@ ioctl: arg1 in 0xffff41ff && arg1 & 0x00004100 || arg1 in 0xffff55ff && arg1 & 0
 getpid: 1
 prlimit64: 1
 tgkill: 1
+mremap: 1
diff --git a/seccomp/cras-seccomp-arm.policy b/seccomp/cras-seccomp-arm.policy
index 6a66b462..3805b62b 100644
--- a/seccomp/cras-seccomp-arm.policy
+++ b/seccomp/cras-seccomp-arm.policy
@@ -90,3 +90,4 @@ ioctl: arg1 in 0xffff41ff && arg1 & 0x00004100 || arg1 in 0xffff55ff && arg1 & 0
 getpid: 1
 prlimit64: 1
 tgkill: 1
+mremap: 1
diff --git a/seccomp/cras-seccomp-arm64.policy b/seccomp/cras-seccomp-arm64.policy
index f73100c4..68eb6056 100644
--- a/seccomp/cras-seccomp-arm64.policy
+++ b/seccomp/cras-seccomp-arm64.policy
@@ -82,3 +82,4 @@ unlinkat: 1
 getpid: 1
 prlimit64: 1
 tgkill: 1
+mremap: 1