CRAS: shm: Use posix_fallocate to avoid SIGBUS

Using ftruncate dose not gracefully fail if /dev/shm space is not
sufficient. Accessing memory from mmap right after the check will
trigger runtime SIGBUS error.

Add fallocate to seccomp policy files.

BUG=chromium:1025680
BUG=chromium:1031140
BUG=chromium:1031904
TEST=Build

Change-Id: Id35e7069300d08dc696e5379daeca8681b14d915
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/adhd/+/1958346
Tested-by: Chih-Yang Hsia <paulhsia@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Chih-Yang Hsia <paulhsia@chromium.org>

3 files changed, 3 insertions, 0 deletions

diff --git a/seccomp/cras-seccomp-amd64.policy b/seccomp/cras-seccomp-amd64.policy
index 44ffc647..c80df2ec 100644
--- a/seccomp/cras-seccomp-amd64.policy
+++ b/seccomp/cras-seccomp-amd64.policy
@@ -39,6 +39,7 @@ unlink: 1
 nanosleep: 1
 pipe: 1
 ftruncate: 1
+fallocate: 1
 mprotect: 1
 connect: 1
 getsockname: 1
diff --git a/seccomp/cras-seccomp-arm.policy b/seccomp/cras-seccomp-arm.policy
index 6078b815..14312007 100644
--- a/seccomp/cras-seccomp-arm.policy
+++ b/seccomp/cras-seccomp-arm.policy
@@ -39,6 +39,7 @@ unlink: 1
 lsetxattr: 1
 rt_sigprocmask: 1
 ftruncate: 1
+fallocate: 1
 futex: 1
 execve: 1
 set_robust_list: 1
diff --git a/seccomp/cras-seccomp-arm64.policy b/seccomp/cras-seccomp-arm64.policy
index 28405147..e3dae97b 100644
--- a/seccomp/cras-seccomp-arm64.policy
+++ b/seccomp/cras-seccomp-arm64.policy
@@ -38,6 +38,7 @@ pipe2: 1
 prctl: arg0 == PR_SET_NAME
 futex: 1
 ftruncate: 1
+fallocate: 1
 connect: 1
 bind: 1
 clock_getres: 1