ifnet: Detach BPF descriptors on interface vmove event

When an interface is moving to/from a vnet jail, it may still have BPF
descriptors attached. The userland (e.g. tcpdump) does not get noticed
that the interface is departing and still opens BPF descriptors thus
may result in leaking sensitive traffic (e.g. an interface is moved
back to parent jail but a user is still sniffing traffic over it in
the child jail).

Detach BPF descriptors so that the userland will be signaled.

Reviewed by: ae
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D45727

(cherry picked from commit 1ed9b381d4701fc9f66741256e93b96e22273217)

ifnet: Fix build without BPF

The newly introduced function bpf_ifdetach() is only available when
device bpf is enabled.

Fixes: 1ed9b381d470 ifnet: Detach BPF descriptors on interface vmove event
(cherry picked from commit d8413a1c3ba235a79ae6b8cc35767a861855c7e2)
(cherry picked from commit 2e4eaf3c13d2b5aa76f9759e51e35faf29d56993)