Add `--binfmt_misc` for mounting a `binfmt_misc` filesystem

Since Linux v6.7, unprivileged sandboxes can now create their own binfmt_misc mounts:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=21ca59b365c091d583f36ac753eaa8baf947be6f

It would be useful to add an option to mount one at `/proc/sys/fs/binfmt_misc`, without relying on a `mount` executable being available inside the sandbox.