seccomp: split filter prep from check and apply

In preparation for adding seccomp locking, move filter creation away
from where it is checked and applied. This will allow for locking where
no memory allocation is happening. The validation, filter attachment,
and seccomp mode setting can all happen under the future locks.

For extreme defensiveness, I've added a BUG_ON check for the calculated
size of the buffer allocation in case BPF_MAXINSN ever changes, which
shouldn't ever happen. The compiler should actually optimize out this
check since the test above it makes it impossible.

Change-Id: I0522f45e98bf655a6d91905b68a4b6f501fa9936
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Andy Lutomirski <luto@amacapital.net>
Git-commit: b6a12bf4dd762236c7f637b19cfe10a268304b9b
Git-repo: https://www.codeaurora.org/cgit/external/gigabyte/kernel/msm


Signed-off-by: Ravi Kumar Siddojigari <rsiddoji@codeaurora.org>