container_create: handle cap add/drop ALL

Kubelet can send cap add/drop ALL. Handle that in CRI-O as well.
Also, this PR is re-vendoring runtime-tools to fix capabilities add to
add caps to _all_ caps set **and** fix a shared memory issue (caps set
were initialized with the same slice, if one modifies one slice, it's
reflected on the other slices, the vendoring fixes this as well)

Signed-off-by: Antonio Murdaca <runcom@redhat.com>

test/testdata/container_config.json

@@ -57,7 +57,6 @@
 					"setgid"
 				],
 				"drop_capabilities": [
-					"audit_read"
 				]
 			},
 			"selinux_options": {

test/testdata/container_config_by_imageid.json

@@ -57,7 +57,6 @@
 					"setgid"
 				],
 				"drop_capabilities": [
-					"audit_read"
 				]
 			},
 			"selinux_options": {

test/testdata/container_config_hostport.json

@@ -59,7 +59,6 @@
 					"setgid"
 				],
 				"drop_capabilities": [
-					"audit_read"
 				]
 			},
 			"selinux_options": {

test/testdata/container_config_logging.json

@@ -59,7 +59,6 @@
 					"setgid"
 				],
 				"drop_capabilities": [
-					"audit_read"
 				]
 			},
 			"selinux_options": {

test/testdata/container_config_resolvconf.json

@@ -59,7 +59,6 @@
 					"setgid"
 				],
 				"drop_capabilities": [
-					"audit_read"
 				]
 			},
 			"selinux_options": {

test/testdata/container_config_resolvconf_ro.json

@@ -59,7 +59,6 @@
 					"setgid"
 				],
 				"drop_capabilities": [
-					"audit_read"
 				]
 			},
 			"selinux_options": {

test/testdata/container_config_seccomp.json

@@ -59,7 +59,6 @@
 					"setgid"
 				],
 				"drop_capabilities": [
-					"audit_read"
 				]
 			},
 			"selinux_options": {