From 5656c124af2bb956dba19e409a269ca588c685e3 Mon Sep 17 00:00:00 2001
From: Daniel Verkamp <dverkamp@chromium.org>
Date: Mon, 29 Oct 2018 12:41:40 -0700
Subject: [PATCH] devices: block: fix seccomp failures from free()

It looks like free() will sometimes try to open
/proc/sys/vm/overcommit_memory in order to decide whether to return
freed heap memory to the kernel; change the seccomp filter to fail the
open syscalls with an error code (ENOENT) rather than killing the
process.

Also allow madvise to free memory for the same free() codepath.

BUG=chromium:888212
TEST=Run fio loop test on kevin

Change-Id: I1c27b265b822771f76b7d9572d9759476770000e
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1305756
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
---
 seccomp/arm/block_device.policy    | 4 ++++
 seccomp/x86_64/block_device.policy | 6 ++++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/seccomp/arm/block_device.policy b/seccomp/arm/block_device.policy
index 6b1e415c77..44ee9c3dcc 100644
--- a/seccomp/arm/block_device.policy
+++ b/seccomp/arm/block_device.policy
@@ -18,6 +18,7 @@ _llseek: 1
 # negation, thus the manually negated mask constant.
 mmap2: arg2 in 0xfffffffb
 mprotect: arg2 in 0xfffffffb
+madvise: arg2 == MADV_DONTDUMP || arg2 == MADV_DONTNEED
 mremap: 1
 munmap: 1
 read: 1
@@ -41,3 +42,6 @@ epoll_wait: 1
 timerfd_create: 1
 timerfd_gettime: 1
 timerfd_settime: 1
+# libc free() attempts to open /proc/sys/vm/overcommit_memory
+open: return ENOENT
+openat: return ENOENT
diff --git a/seccomp/x86_64/block_device.policy b/seccomp/x86_64/block_device.policy
index c660b3ba77..871a64edcf 100644
--- a/seccomp/x86_64/block_device.policy
+++ b/seccomp/x86_64/block_device.policy
@@ -17,8 +17,7 @@ lseek: 1
 # negation, thus the manually negated mask constant.
 mmap: arg2 in 0xfffffffb
 mprotect: arg2 in 0xfffffffb
-# Allow MADV_DONTDUMP only.
-madvise: arg2 == 0x00000010
+madvise: arg2 == MADV_DONTDUMP || arg2 == MADV_DONTNEED
 mremap: 1
 munmap: 1
 read: 1
@@ -42,3 +41,6 @@ epoll_wait: 1
 timerfd_create: 1
 timerfd_gettime: 1
 timerfd_settime: 1
+# libc free() attempts to open /proc/sys/vm/overcommit_memory
+open: return ENOENT
+openat: return ENOENT