simplify faccessat AT_EACCESS path and eliminate resource dependence

now that we're waiting for the exit status of the child process, the
result can be conveyed in the exit status rather than via a pipe.
since the error value might not fit in 7 bits, a table is used to
translate possible meaningful error values to small integers.

fix faccessat AT_EACCESS path not to leave zombie processes

I mistakenly assumed that clone without a signal produced processes
that would not become zombies; however, waitpid with __WCLONE is
required to release their pids.

in faccessat slow path, add close-on-exec to pipe fds

as usual, this is needed to avoid fd leaks. as a better solution, the
use of fds could possibly be replaced with mmap and a futex.

fix uid/gid-setting error in faccessat with AT_EACCESS flag

this fixes an issue reported by Daniel Thau whereby faccessat with the
AT_EACCESS flag did not work in cases where the process is running
suid or sgid but without root privileges. per POSIX, when the process
does not have "appropriate privileges", setuid changes the euid, not
the real uid, and the target uid must be equal to the current real or
saved uid; if this condition is not met, EPERM results. this caused
the faccessat child process to fail.

using the setreuid syscall rather than setuid works. POSIX leaves it
unspecified whether setreuid can set the real user id to the effective
user id on processes without "appropriate privileges", but Linux
allows this; if it's not allowed, there would be no way for this
function to work.

fix missing return value warning in faccessat, minor cleanup

clone will pass the return value of the start function to SYS_exit
anyway; there's no need to call the syscall directly.

block all signals, even implementation-internal ones, in faccessat child

the child process's stack may be insufficient size to support a signal
frame, and there is no reason these signal handlers should run in the
child anyway.

fix faccessat to support AT_EACCESS flag

this is another case of the kernel syscall failing to support flags
where it needs to, leading to horrible workarounds in userspace. this
time the workaround requires changing uid/gid, and that's not safe to
do in the current process. in the worst case, kernel resource limits
might prevent recovering the original values, and then there would be
no way to safely return. so, use the safe but horribly inefficient
alternative: forking. clone is used instead of fork to suppress
signals from the child.

fortunately this worst-case code is only needed when effective and
real ids mismatch, which mainly happens in suid programs.

global cleanup to use the new syscall interface

initial check-in, version 0.5.0