linux/seccomp.h may not be available, and the seccomp mode might not be
listed in /proc/pid/status, so let's not assume those two things are
present.

v2: add a seccomp.h with all the constants we use from linux/seccomp.h
v3: don't do a compile time check for PTRACE_O_SUSPEND_SECCOMP, just let
    ptrace return EINVAL for it; also add a checkskip to skip the
    seccomp_strict test if PTRACE_O_SUSPEND_SECCOMP or linux/seccomp.h
    aren't present.
v4: use criu check --feature instead of checkskip to check whether the
    kernel supports seccomp_suspend

Reported-by: Mr. Jenkins
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Acked-by: Andrew Vagin <avagin@odin.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>