CVE-2018-3639 (x86)

As done with seccomp and no_new_privs, also show speculation flaw
mitigation state in /proc/$pid/status.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
[juergh:
 - Context adjustments.
 - Include linux/nospec.h to prevent compilation error.]
Signed-off-by: Juerg Haefliger <juergh@canonical.com>