Support storing guest UID/GID in user.* xattr

Network filesystems may simply not support user namespace mounts. When NFS + Kerberos is in use, the NFS server checks that the user has a Kerberos ticket for the UID they want to use. Obviously, they won't have a Kerberos ticket for their subordinate UIDs.

This can be solved by using user.* xattrs for all metadata about the file. Virtiofsd can freely manipulate these xattrs, so this makes all host-side permissions problems vanish. The problem of SUID/SGID binaries having to have SUID/SGID dropped when written to can be handled by only allowing such binaries to be written to by their owners, regardless of permissions.