clone(2) and unshare(2): fix pivot_root(2) races

Switch from use of copy_fs_struct() to alloc_fs_struct() + (later)
__copy_fs_struct().  The tricky part is handling CLONE_NEWNS -
there we want to set root/pwd to the corresponding locations
on new namespace.

Once we'd found these locations in new namespace, pivot_root(2) is
not a problem - it won't get called in the new namespace until new
fs_struct gets visible to chroot_fs_refs()).  However, pivot_root(2)
hitting the window between copying root/pwd locations from current->fs
and copying the mount tree would end up with inconsistent situation
in the new namespace.  In other words, in CLONE_NEWNS case we need to
pass an empty fs_struct to copy_mnt_ns() and call __copy_fs_struct()
in there once copy_mnt_ns() has acquired exclusion with pivot_root(2).

In case of CLONE_FS without CLONE_NEWNS we need to delay __copy_fs_struct()
until grabbing tasklist_lock in copy_process() or switching ->fs is
ksys_unshare().

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>