RFE: add a method to filter audit events based on audit container identifier

[rgbriggs]

Add a method to filter audit events based on audit container identifier.

Add a u64 field AUDIT_CONTID to be able to specify an audit container identifier to be used to filter audit events.

Depends: #90
Depends: linux-audit/audit-userspace#40
See: https://github.com/linux-audit/audit-kernel/wiki/RFE-Audit-Container-ID

[rgbriggs]

Posted v3 kernel patchset upstream:
https://www.redhat.com/archives/linux-audit/2018-June/msg00048.html
https://lkml.org/lkml/2018/6/6/609

[rgbriggs]

posted v4 kernel patchset upstream:
https://www.redhat.com/archives/linux-audit/2018-July/msg00178.html
https://lkml.org/lkml/2018/7/31/855

[rgbriggs]

Test case v1 PR: linux-audit/audit-testsuite#83

[rgbriggs]

2019-09-18:
post v7:
https://www.redhat.com/archives/linux-audit/2019-September/msg00016.html
https://lkml.org/lkml/2019/9/18/1112