Update capabilities

[jprendes]

- What I did
The hardcoded list of capabilities was missing some capabilities introduced in kernel 5.8 and 5.9.
This PR changes the code to retrieve the capabilities using gocapability.

- How I did it

• Vendored gocapability/capability in cmd/linuxkit
• Change hardcoded list with code that gets the list using capability.List()

- How to verify it
Builds with images defining org.mobyproject.config with {"capabilities": ["all"], ...} should see CAP_PERFMON, CAP_BPF, and CAP_CHECKPOINT_RESTORE added to their list of capabilities.

- Description for the changelog
Fix missing capabilities in newer kernels

- A picture of a cute animal (not mandatory but encouraged)

[mqasimsarfraz]

@jprendes @dgageot by any chance do you have an idea please if kubernetes/minikube#13742 (comment) was related to this? I am getting an error when trying to run a container with CAP_BPF on docker on Mac.