seccomp: Move copy_seccomp() to no failure path.

Bugzilla: https://bugzilla.redhat.com/2218682

do_seccomp() contains a memory leak which may cause the system to run out of BPF JIT memory, if many seccomp programs are executed.

This backports the upstream commit fixing the memleak. See commit message for a reproducer and more details.

Signed-off-by: Viktor Malik vmalik@redhat.com