deal with a check_mount_path race condition

deal with a check_mount_path race condition

While the container itself might not be running and cannot
influence the mounting between check_mount_path() and
mount(), this is a possibility when multiple containers
have write access to the same recursive bind mount
hierarchy.

This patch adds a walk_tree_nofollow() function performing
two things: It walks a path from a starting point following
no symlinks and erroring if it encounters one. And if
requested creates all the missing directories.
This replaces both the combination of check_mount_path() and
mkpath(), and the check_mount_path() in bindmount() while
giving the latter the ability to also access the "last
component" of the path via openat() a second time after
mounting (as an alternative to also including an fstatat()
syscall) in order to verify the path which was ultimately
mounted is indeed the path walked in the first check.