attempt to inject the MM image file for secureboot

this is missing from upstream live-build unfortunately but at least on
ubuntu bases we need it included as the shim.efi will load the mm.efi
when it finds certain Mok related nvars being set MM being the mok
manager for doing key management.

this notably can happen when the user installs ubuntu with proprietary
hardware that requires unsigned kernel modules. to still carry out
secureboot it needs to enroll a custom key. this is done through the MM.
the installation will set a bunch of nvars that get checked by the shim
on the next boot and the shim then starts the mm and the mm will enroll
the key.
if the actual target system shim is never run but instead one directly
boots into another live iso that iso's shim would be the one in need of
running the mok, hence the need for the mm.efi as otherwise our shim
would attempt to load the MM on account of finding Mok related vars and
then falling flat on the face because the mm*.efi file doesn't exist

this is pretty far out as far as unfortunate chains of events go

CCBUG: 426167