Implement kernel BPF enforcement hooks

[seanwevans]

Motivation

• Enforce sandbox policies in-kernel so unwrapped syscalls (libc/native extensions) cannot bypass Python-level checks.
• Replace test/placeholders with realistic BPF artifacts: LSM hooks for syscall decisions and ring-buffer / per-cgroup accounting for resource watchdog events.
• Make hardened the documented production posture and provide compatibility for test environments that lack full BPF toolchain.

Description

• Replaced pyisolate/bpf/syscall_filter.bpf.c with LSM-based programs that consult pinned maps keyed by bpf_get_current_cgroup_id() and emit denial events to a ring buffer when a decision returns deny.
• Replaced pyisolate/bpf/resource_guard.bpf.c placeholders with a real design using BPF_MAP_TYPE_RINGBUF for resource_events, per-cgroup accounting maps (cgroup_accounting, cgroup_quotas, task_cpu_start), and tracepoint/cgroup hooks to update CPU/RSS/net and emit quota-breach events.
• Updated pyisolate/bpf/manager.py::BPFManager.load to: compile objects, pin under /sys/fs/bpf/pyisolate, use bpftool prog loadall ... autoattach for LSM/tracepoint programs, and run an explicit bpftool cgroup attach ... egress pinned step for kernels/tools that require a concrete cgroup attach.
• Documented hardened as the production default in README.md and clarified dev/compatibility as caller-acknowledged weaker modes.
• Added an opt-in live kernel-enforcement integration test and static checks in tests/test_bpf_kernel_enforcement.py and adjusted unit tests to expect the new bpftool invocation patterns and pinning layout.
• Added small compatibility guards: handle legacy BPFManager.load(strict=...) call sites in the supervisor constructor and avoid leaking test module stubs (restore pyisolate.bpf.manager after metrics test stub).

Testing

• Ran targeted BPF-related tests: pytest -q tests/test_bpf_manager.py tests/test_bpf_manager_extra.py tests/test_bpf_kernel_enforcement.py, which passed in the CI/test environment.
• Performed static validation with python -m py_compile on modified modules which succeeded.
• Attempted to compile the BPF C files with clang -target bpf -O2 -c ... but the environment clang lacks a BPF backend (No available targets are compatible with triple "bpf"), so native object builds were not performed here.
• Ran full test-suite locally; targeted BPF suite passed but there remain 4 failures in unrelated supervisor/policy test ordering and token-handling tests that are not caused by the BPF program logic (noted in logs).

---

Codex Task