set /proc/sys/vm/mmap_min_addr to 4096

set /proc/sys/vm/mmap_min_addr to 4096

This prohibits userland to mmap() page 0 and therefore mitigates
exploits that use NULL-pointer dereference vulnerabilities in the
kernel.

Introduce a sysctl puppet definition for this that can be used to set
other sysctl knobs as well.

Signed-off-by: Peter Palfrader <peter@palfrader.org>