Enforce ioctl command whitelisting on all sockets

Remove the ioctl permission for most socket types. For others, such as
tcp/udp/rawip/unix_dgram/unix_stream set a default unprivileged whitelist
that individual domains may extend (except where neverallowed like
untrusted_app). Enforce via a neverallowxperm rule.

Change-Id: I7cc2021596c8452a518b8213eea8b41141f2f14d
4 files changed
tree: 56604e1888ecc1b1e32d812a6299d7d5113a80b1
  1. audio/
  2. boot_control/
  3. lights/
  4. peripheral/
  5. soc/