Reland "[Android] Allow __NR_process_vm_readv under Seccomp."

This is a reland of 7844944f
Original change's description:
> [Android] Allow __NR_process_vm_readv under Seccomp.
> 
> Bug: 766245
> Change-Id: Ic494f526c1b8d15483ca7e9a97d9f044f276c26d
> Reviewed-on: https://chromium-review.googlesource.com/671556
> Reviewed-by: Richard Coles <torne@chromium.org>
> Commit-Queue: Robert Sesek <rsesek@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#502714}

Bug: 766245, 766400
Change-Id: I369421422f8bced50a5577167b5ccb59f9901f3d
Reviewed-on: https://chromium-review.googlesource.com/672643Reviewed-by: Richard Coles <torne@chromium.org>
Commit-Queue: Robert Sesek <rsesek@chromium.org>
Cr-Commit-Position: refs/heads/master@{#502924}

sandbox/linux/seccomp-bpf-helpers/baseline_policy_android.cc

@@ -14,6 +14,7 @@
 #include "build/build_config.h"
 #include "sandbox/linux/bpf_dsl/bpf_dsl.h"
 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h"
+#include "sandbox/linux/system_headers/linux_syscalls.h"
 
 #if defined(__x86_64__)
 #include <asm/prctl.h>
@@ -149,6 +150,13 @@ ResultExpr BaselinePolicyAndroid::EvaluateSyscall(int sysno) const {
            .Else(Error(EPERM));
   }
 
+  // https://crbug.com/766245
+  if (sysno == __NR_process_vm_readv) {
+    const Arg<pid_t> pid(0);
+    return If(pid == policy_pid(), Allow())
+           .Else(Error(EPERM));
+  }
+
   // https://crbug.com/655299
   if (sysno == __NR_clock_getres) {
     return RestrictClockID();