minijail: Allow tmpfs /tmp mount without a chroot.

There's no need to require a chroot to mount a clean tmpfs /tmp.
Also, halve the size of the tmpfs to 64M.

BUG=brillo:439
TEST=Unit tests, security_Minijail pass.
TEST='minijail0 -u nobody -g nobody -t -- mount' shows tmpfs mount.

Change-Id: Iee84160cee0487a0e7e0807b64ba54f6b3980e83
Reviewed-on: https://chromium-review.googlesource.com/255650
Commit-Queue: Jorge Lucangeli Obes <jorgelo@chromium.org>
Trybot-Ready: Jorge Lucangeli Obes <jorgelo@chromium.org>
Tested-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Lee Campbell <leecam@chromium.org>
diff --git a/libminijail.c b/libminijail.c
index 7a18831..65dab2f 100644
--- a/libminijail.c
+++ b/libminijail.c
@@ -620,7 +620,7 @@
 
 int mount_tmp(void)
 {
-	return mount("none", "/tmp", "tmpfs", 0, "size=128M,mode=777");
+	return mount("none", "/tmp", "tmpfs", 0, "size=64M,mode=777");
 }
 
 int remount_readonly(void)
@@ -802,7 +802,7 @@
 	if (j->flags.chroot && enter_chroot(j))
 		pdie("chroot");
 
-	if (j->flags.chroot && j->flags.mount_tmp && mount_tmp())
+	if (j->flags.mount_tmp && mount_tmp())
 		pdie("mount_tmp");
 
 	if (j->flags.readonly && remount_readonly())