Add seccomp workarounds for setresuid/setresgid

[t184256]

When seccomp denies setresuid/setresgid, assume there's nothing we can do but translate them to either a 0 on a no-op or a -EPERM on an actual attempt at changing something.

Disclaimer: I can't honestly say I have a firm grasp of the all, or, rather, any of the intricacies involved, but it seems to fix a bug that irked me for quite a while and I don't see anything obviously wrong with it.

[michalbednarski]

Looks nice, thanks

Usually in Termux proot distros use -0 (fake_id0) extension which handles setresuid, but for cases when you don't want it and application does no-op setresuid your solution looks great

When fake_id0 is enabled handle_seccomp_event_common function will do early-return so your code shouldn't cause problems there

Your change won't affect devices before Android 8 (when seccomp policy for apps was introduced), in that cases there still will be usual -EPERM from setresuid, though I don't know how common that is across your users

[t184256]

Usually in Termux proot distros use -0

Yeah, not mine. Mine uses proot almost exclusively because I don't have the budget to recompile the world to relocate it away from /nix/store. =)

When fake_id0 is enabled handle_seccomp_event_common function will do early-return so your code shouldn't cause problems there

Good to know, I kinda assumed it suppressed all the real calls and seccomp never came into the picture that way. But hey, I did warn I don't fully grasp all of it.

Thanks for your analysis and review!