SafeSysctlWhitelist returns the whitelist of safe sysctls and safe sysctl patterns (ending in *).
A sysctl is called safe iff - it is namespaced in the container or the pod - it is isolated, i.e. has no influence on any other pod on the same node.
SysctlsStrategy defines the interface for all sysctl strategies.
func NewMustMatchPatterns(safeWhitelist, allowedUnsafeSysctls, forbiddenSysctls string) SysctlsStrategy
NewMustMatchPatterns creates a new mustMatchPatterns strategy that will provide validation. Passing nil means the default pattern, passing an empty list means to disallow all sysctls.