LNet: add multitenant-aware filtered discovery/push views

Add support for multitenant-aware LNet discovery filtering.

When MT groups are configured, discovery responses and pushed ping updates are filtered such that peers only observe server NIDs belonging to the same configured MT visibility domain.

This prevents clients from discovering or learning NIDs belonging to other tenant networks or admin-only networks.

This change introduces:

• Static MT group configuration via module parameters
• Named MT visibility groups, including reserved admin group
• MT-aware filtered ping/discovery views
• MT-aware push payload selection
• Shared discovery seqno handling across MT views
• Preservation of legacy push/update semantics
• Configurable handling for unclassified networks via policy mode (relaxed, forbidden, strict)

Example:

lnet_mt_groups="admin:tcp0;tenant01:tcp1;tenant02:tcp2"
lnet_mt_unclassified_policy="strict" 

 
With the above configuration:

• client peers on tcp1 only discover tcp1 server NIDs
• client peers on tcp2 only discover tcp2 server NIDs
• peers on admin networks observe all server NIDs

Note:

• MT filtering affects both explicit discovery responses and pushed ping/discovery updates
• Primary NID becomes visibility-domain relative under MT filtering
• Existing non-MT behavior remains unchanged when no MT groups are configured
• lnet_mt_unclassified_policy controls discovery visibility for LNet networks which are not part of any configured MT group (only takes effect if some are configured):
  • • • "relaxed": unclassified networks may discover other unclassified networks
      • "strict" unclassified networks only discover server NIDs on the same LNet
      • "forbidden": unclassified networks do not receive discovery informatio