Combine platform and vendor seccomp policy at runtime

Previously, vendor customization to seccomp policy was combined
with the platform's policy at build time. In order to remove
frameworks dependencies on the device folder, this policy
combination is being moved to runtime.

For mediacodec and mediaextractor, platform seccomp policy specified
in the frameworks will be loaded from /system/etc/seccomp_policy.
Optional vendor customizations must reside in
/vendor/etc/seccomp_policy. If the vendor policy exists, it will be
concatenated to the end of the platform policy and loaded, otherwise
just the platform policy will be loaded.

Bug: 34723744
Test: Dragon, Marlin, Muskie build and boot.
Test: Watch videos on youtube no seccomp violations observed.
Test: For both mediacodec and mediaextractor verify
"cat proc/<pid>/status | grep Seccomp" == Seccomp: 2
Change-Id: I08b79b207785df69add31e4662e2c33fa28b4f4d