hardenedLinuxPackagesFor: Make it possible to delay major updates

This adds an abstraction/hack to update the latest hardened kernel
independent of linux_latest, which is required as the hardened patches
aren't immediately available ([0] currently doesn't exist).
Currently the Linux hardened patches aren't even available for 5.7 which
was released on 2020-05-31 (already 9 days ago!).
Therefore it is required to keep both linuxPackages_latest_hardened and
linuxPackages_latest_xen_dom0_hardened at 5.6 until the patches for 5.7
are released.

This abstraction makes that task more manageable but we should aim for a
better solution to resolve this or at least a cleaner and more robust
implementation (in the sense of better error messages).

[0]: https://github.com/anthraxx/linux-hardened/releases/tag/5.7.1.a