Feature request - mount namespace field in file operation events

[AsafEitani]

Currently on file operation events like magic_write, security_file_open, etc we supply the file path but we don't supply the file mount namespace.
Therefore we cannot know for sure in which mount namespace the file was affected, specifically whether the file was accessed on the host or container.
A simple example is in the building process of a container. Docker will change namespaces to the containers' namespace and will create files, but the events will indicate that those file were created on the host.

WDYT about adding a mount_namespace field to those events and maybe a flag which indicates if the file was accessed on the host (on_host for example)

[yanivagman]

The mount namespace of the calling process is always part of the event's context and can be used for that purpose