[$] Deferring seccomp decisions to user space

There has been a lot of work in recent years to use BPF to push policydecisions into the kernel. But sometimes, it seems, what is really wantedis a way for a BPF program to punt a decision back to user space. That isthe objective behind this patch set givingthe securecomputing (seccomp) mechanism a way to pass complex decisions to a user-space helper program.