From c57d268a7843ec7e58ac1e32f06f43b411c070a1 Mon Sep 17 00:00:00 2001
From: Rob Norris <robn@despairlabs.com>
Date: Sun, 25 Aug 2024 16:00:01 +1000
Subject: [PATCH] config: remove HAVE_HAS_CAPABILITY

Sponsored-by: https://despairlabs.com/sponsor/
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Tony Hutter <hutter2@llnl.gov>
Reviewed-by: Tino Reichardt <milky-zfs@mcmilk.de>
Signed-off-by: Rob Norris <robn@despairlabs.com>
Closes #16479
---
 config/kernel-userns-capabilities.m4 | 27 ---------------------------
 config/kernel.m4                     |  2 --
 module/os/linux/zfs/policy.c         |  9 ---------
 3 files changed, 38 deletions(-)

diff --git a/config/kernel-userns-capabilities.m4 b/config/kernel-userns-capabilities.m4
index 026503623..f4e24fb16 100644
--- a/config/kernel-userns-capabilities.m4
+++ b/config/kernel-userns-capabilities.m4
@@ -19,33 +19,6 @@ AC_DEFUN([ZFS_AC_KERNEL_NS_CAPABLE], [
 	])
 ])
 
-dnl #
-dnl # 4.10 API change
-dnl # has_capability() was exported.
-dnl #
-AC_DEFUN([ZFS_AC_KERNEL_SRC_HAS_CAPABILITY], [
-	ZFS_LINUX_TEST_SRC([has_capability], [
-		#include <linux/capability.h>
-	],[
-		struct task_struct *task = NULL;
-		int cap = 0;
-		bool result __attribute__ ((unused));
-
-		result = has_capability(task, cap);
-	])
-])
-
-AC_DEFUN([ZFS_AC_KERNEL_HAS_CAPABILITY], [
-	AC_MSG_CHECKING([whether has_capability() is available])
-	ZFS_LINUX_TEST_RESULT_SYMBOL([has_capability],
-	    [has_capability], [kernel/capability.c], [
-		AC_MSG_RESULT(yes)
-		AC_DEFINE(HAVE_HAS_CAPABILITY, 1, [has_capability() is available])
-	],[
-		AC_MSG_RESULT(no)
-	])
-])
-
 dnl #
 dnl # 2.6.39 API change
 dnl # struct user_namespace was added to struct cred_t as cred->user_ns member
diff --git a/config/kernel.m4 b/config/kernel.m4
index 98479b038..7608f0a44 100644
--- a/config/kernel.m4
+++ b/config/kernel.m4
@@ -98,7 +98,6 @@ AC_DEFUN([ZFS_AC_KERNEL_TEST_SRC], [
 	ZFS_AC_KERNEL_SRC_KUIDGID_T
 	ZFS_AC_KERNEL_SRC_KUID_HELPERS
 	ZFS_AC_KERNEL_SRC_RENAME
-	ZFS_AC_KERNEL_SRC_USERNS_CAPABILITIES
 	ZFS_AC_KERNEL_SRC_TOTALRAM_PAGES_FUNC
 	ZFS_AC_KERNEL_SRC_TOTALHIGH_PAGES
 	ZFS_AC_KERNEL_SRC_PERCPU
@@ -208,7 +207,6 @@ AC_DEFUN([ZFS_AC_KERNEL_TEST_RESULT], [
 	ZFS_AC_KERNEL_KUIDGID_T
 	ZFS_AC_KERNEL_KUID_HELPERS
 	ZFS_AC_KERNEL_RENAME
-	ZFS_AC_KERNEL_USERNS_CAPABILITIES
 	ZFS_AC_KERNEL_TOTALRAM_PAGES_FUNC
 	ZFS_AC_KERNEL_TOTALHIGH_PAGES
 	ZFS_AC_KERNEL_PERCPU
diff --git a/module/os/linux/zfs/policy.c b/module/os/linux/zfs/policy.c
index 5d1b43834..d21bc667b 100644
--- a/module/os/linux/zfs/policy.c
+++ b/module/os/linux/zfs/policy.c
@@ -252,22 +252,13 @@ secpolicy_zfs(const cred_t *cr)
  * Equivalent to secpolicy_zfs(), but works even if the cred_t is not that of
  * the current process.  Takes both cred_t and proc_t so that this can work
  * easily on all platforms.
- *
- * The has_capability() function was first exported in the 4.10 Linux kernel
- * then backported to some LTS kernels.  Prior to this change there was no
- * mechanism to perform this check therefore EACCES is returned when the
- * functionality is not present in the kernel.
  */
 int
 secpolicy_zfs_proc(const cred_t *cr, proc_t *proc)
 {
-#if defined(HAVE_HAS_CAPABILITY)
 	if (!has_capability(proc, CAP_SYS_ADMIN))
 		return (EACCES);
 	return (0);
-#else
-	return (EACCES);
-#endif
 }
 
 void