blob/fileblob: adopt O_TMPFILE, RESOLVE_BENEATH, FICLONE

[mark-kubacki]

By splitting the current implementation of blob/fileblob into _other and _linux we could use some “modern” syscalls and techniques to improve security and performance, thereby making blob/fileblob a first class citizen for use in environments that don't go to Cloud Storage yet. Perhaps driving attention and adoption; and I'd not need to create a separate package, volunteering to implement this.

What is your thinking in general, and regarding the following:

1. O_TMPFILE would do away with going through “traditional” temporary files, such as dot-files, for files that are not fully formed. Upside is, they get discarded automatically.
2. RESOLVE_BENEATH (through unix.Openat2) adds another layer of defence.
3. FICLONE (reflinks, block sharing) would improve copy speed drastically where supported.

Any first invocation would need to atomically flip a flag for the bucket, i. e. its root, to signal either the directory or the kernel don't support that feature.

[vangent]

I think this sounds reasonable as long as the Linux-only functionality is tested via our Travis config (which I think it should be, we have a Linux OS configured).

I am not sure what you mean by "Any first invocation would need to atomically flip a flag for the bucket", isn't this purely determined by the OS? Which of those features might not work on some Linux kernels or some directories?