Move zygote's seccomp setup to post-fork

Before this change, seccomp filter setup is as early as in zygote's main
function.  To make it possible to split app and system server's filter,
this postpone the setup to after fork.  It also starts to call app
specific and system server specific setup function.

In terms of performance since this happens at fork, the measure shows
the overhead is negligible.  Assuming 130 instruction in the BPF, on
walleye, even when running on little core with fixed low frequency, each
setup took about 60.9us on average.  When it runs on big core with
higher frequency, it took about 39.3us.

Test: (cts) -m CtsSecurityTestCases -t android.security.cts.SeccompTest
Bug: 63944145

Change-Id: I748735b478405098beac1e200d911c13ea60e380
Merged-In: I748735b478405098beac1e200d911c13ea60e380