seccomp: Disable Speculative Store Bypass mitigation

[sporksmith]

By default, installing a seccomp filter sets the PR_SPEC_FORCE_DISABLE
bit (see prctl(2)). This results in a significant performance penalty.
Meanwhile Shadow is semi-cooperative with its virtual processes; it
doesn't try to protect itself or the system from malicious code. Hence,
it isn't worth paying this overhead.

Here we use the SECCOMP_FILTER_FLAG_SPEC_ALLOW to override this
behavior.

[codecov]

Codecov Report

Merging #1471 (083454c) into main (1381e24) will decrease coverage by 0.01%.
The diff coverage is 0.00%.

@@            Coverage Diff             @@
##             main    #1471      +/-   ##
==========================================
- Coverage   53.71%   53.70%   -0.02%     
==========================================
  Files         137      137              
  Lines       20538    20538              
  Branches     5196     5196              
==========================================
- Hits        11033    11030       -3     
- Misses       6603     6605       +2     
- Partials     2902     2903       +1     

Flag	Coverage Δ
tests	53.70% <0.00%> (-0.02%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
src/lib/shim/shim.c	33.75% <0.00%> (ø)
src/main/host/syscall/mman.c	61.36% <0.00%> (-0.76%)	⬇️
src/main/routing/topology.c	46.71% <0.00%> (-0.27%)	⬇️
src/main/host/descriptor/file.c	33.92% <0.00%> (-0.23%)	⬇️
src/main/host/descriptor/epoll.c	78.98% <0.00%> (+0.38%)	⬆️
src/main/utility/tagged_ptr.c	63.63% <0.00%> (+9.09%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 1381e24...083454c. Read the comment docs.

[robgjansen]

🚀

[robgjansen]

Hmm, I wonder why the testing label got added. That seems like a bug in the PR labeler.