selftests/seccomp: Add a test for the WAIT_KILLABLE_RECV fast reply race

selftests/seccomp: Add a test for the WAIT_KILLABLE_RECV fast reply race

If WAIT_KILLABLE_RECV was specified, and an event is received, the
tracee's syscall is not supposed to be interruptible. This was not properly
ensured if the reply was sent too fast, and an interrupting signal was
received before the reply was processed on the tracee side.

Add a test for this, that consists of:

 - a tracee with a timer that keeps sending it signals while repeatedly
   running a traced syscall in a loop,
 - a tracer that repeatedly handles all syscalls from the tracee in a
   loop, and
 - a shared pipe between both, on which the tracee sends one byte per
   syscall attempted and the tracer reads one byte per syscall handled.

If the syscall for the tracee is restarted after the tracer received the
event for it due to this bug, the tracee will not have sent a second
token on the pipe, which the tracer will notice and fail the test.

The tests also uses SECCOMP_IOCTL_NOTIF_ADDFD with SECCOMP_ADDFD_FLAG_SEND
for the reply, as the fix for the bug has an additional code path
change for handling addfd, which would not be exercised by a simple
SECCOMP_IOCTL_NOTIF_SEND, and it is possible to fix the bug while leaving
the same race intact for the addfd case.

This test is not guaranteed to reproduce the bug on every run, but the
parameters (signal frequency and number of repeated syscalls) have been
chosen so that on my machine this test:

 - takes ~0.8s in the good case (+1s in the failure case), and
 - detects the bug in 999 of 1000 runs.

Signed-off-by: Johannes Nixdorf <johannes@nixdorf.dev>
Link: https://lore.kernel.org/r/20250725-seccomp-races-v2-2-cf8b9d139596@nixdorf.dev
Signed-off-by: Kees Cook <kees@kernel.org>