CONFIG_X86_IOPL_IOPERM is also disabled by kernel lockdown

Refers the issue #45

(done while solving the issue #45)

Let's fold the alternative options --debug and --json into --mode parameter:
  -m {verbose,json}, --mode {verbose,json}
  			choose the report mode

That also allows to get rid of 'debug_mode' and 'json_mode' globals.

This work is a prerequisite of solving the issue #45.

That makes the code style much better.

Side note: I was thinking a lot about storing the checking rules
separately in some file format. Finally I decided not to do that because:
 - I want avoid additional parsing (these rules are static anyway);
 - the rules include a lot of special cases and exceptions, which
don't look pretty in any format.

Thanks @HacKurx.

CONFIG_RANDOM_TRUST_BOOTLOADER = FAIL: "y"
CONFIG_SECURITY_LOCKDOWN_LSM = OK
CONFIG_SECURITY_LOCKDOWN_LSM_EARLY = OK
CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY = FAIL: "is not set"

Thanks @HacKurx

Thanks @shamilbi

The "evbug" module records key events and mouse movements in the system log.
Useful for debugging, this is a security threat, its use can be hijacked as a keylogger.

An attacker will be able to retrieve your passwords using this module.

Thanks to:
 - Dmitry Vyukov @dvyukov for the idea
 - Daniel Vetter @danvet for the knowledge

Refers to #32

That makes print_checklist() much better.