seccomp flag handling is broken #3582
Description
Looking at the runc seccomp code, it seems that our flag handling (added by #3390) is broken.
This happens because since #2750 runc no longer uses libseccomp-golang's filter.Load(), but rather implements its own loader.
This means, that whatever flags we set using libseccomp-golang's filter.SetXXX() are not being used.
Instead, patchebpf.filterFlags is used to query flags from the filter and set them. Alas, it only supports a subset of currently supported flags.