[Android] Block __NR_getsockname via EPERM rather than SIGSYS.

[Android] Block __NR_getsockname via EPERM rather than SIGSYS.

While EPERM is not a documented errno return value for getsockname, some systems
issue this syscall and we do not want to permit it. Use EPERM to block it
instead of the baseline-policy SIGSYS so that the process does not crash. (Note
that SELinux would return EACCES for a neverallow getattr on socket files, so
EPERM is a useful differentiator).

This also fixes a bug in the i386 policy that attempts to restrict the
__NR_socketcall arguments. But since those reside in a userspace struct, they
are not safe to consult.

BUG=655300
R=rickyz@chromium.org

Committed: https://crrev.com/1f6acfe7dd08165baad36302b4388248e2854936
Cr-Commit-Position: refs/heads/master@{#430422}

[Robert Sesek, 2016-11-07 23:00:21]

Any thoughts on this? I know we try and avoid not returning non-documented
errno, but we don't really want to allow this.

[rickyz (no longer on Chrome), 2016-11-07 23:01:49]

lgtm

[Robert Sesek, 2016-11-07 23:12:18]

The CQ bit was checked by rsesek@chromium.org

[commit-bot: I haz the power, 2016-11-07 23:12:59]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-11-07 23:50:18]

Committed patchset #1 (id:1)

[commit-bot: I haz the power, 2016-11-07 23:53:39]

Description was changed from

==========
[Android] Block __NR_getsockname via EPERM rather than SIGSYS.

While EPERM is not a documented errno return value for getsockname, some systems
issue this syscall and we do not want to permit it. Use EPERM to block it
instead of the baseline-policy SIGSYS so that the process does not crash. (Note
that SELinux would return EACCES for a neverallow getattr on socket files, so
EPERM is a useful differentiator).

This also fixes a bug in the i386 policy that attempts to restrict the
__NR_socketcall arguments. But since those reside in a userspace struct, they
are not safe to consult.

BUG=655300
R=rickyz@chromium.org
==========

to

==========
[Android] Block __NR_getsockname via EPERM rather than SIGSYS.

While EPERM is not a documented errno return value for getsockname, some systems
issue this syscall and we do not want to permit it. Use EPERM to block it
instead of the baseline-policy SIGSYS so that the process does not crash. (Note
that SELinux would return EACCES for a neverallow getattr on socket files, so
EPERM is a useful differentiator).

This also fixes a bug in the i386 policy that attempts to restrict the
__NR_socketcall arguments. But since those reside in a userspace struct, they
are not safe to consult.

BUG=655300
R=rickyz@chromium.org

Committed: https://crrev.com/1f6acfe7dd08165baad36302b4388248e2854936
Cr-Commit-Position: refs/heads/master@{#430422}
==========

[commit-bot: I haz the power, 2016-11-07 23:53:40]

Patchset 1 (id:??) landed as
https://crrev.com/1f6acfe7dd08165baad36302b4388248e2854936
Cr-Commit-Position: refs/heads/master@{#430422}