main/linux-lts: enable Landlock for all architectures
Landlock is a feature to create security sandboxes thanks to 3 new dedicated system calls (available since Linux 5.13). They are designed to be safe to use by any processes, which can only drop their privileges, similarly to seccomp.
The new Landlock LSM is build in the kernel with CONFIG_SECURITY_LANDLOCK but it must also be enabled at boot time, either with the "lsm=" kernel command-line parameter, or by default with the kernel CONFIG_LSM list (as described in the kernel documentation).
As for other stackable LSMs, prepending Landlock to the default LSM list enables users to potentially get more protection by default by letting applications sandbox themselves.