Linux 4.10 compat: has_capability()

Stock kernels older than 4.10 do not export the has_capability()
function which is required by commit e59a377.  To avoid breaking
the build on older kernels revert to the safe legacy behavior and
return EACCES when privileges cannot be checked.

Reviewed-by: Ryan Moeller <ryan@ixsystems.com>
Reviewed-by: Matt Ahrens <matt@delphix.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #10565
Closes #10573

config/kernel-userns-capabilities.m4

@@ -19,6 +19,33 @@ AC_DEFUN([ZFS_AC_KERNEL_NS_CAPABLE], [
 	])
 ])
 
+dnl #
+dnl # 4.10 API change
+dnl # has_capability() was exported.
+dnl #
+AC_DEFUN([ZFS_AC_KERNEL_SRC_HAS_CAPABILITY], [
+	ZFS_LINUX_TEST_SRC([has_capability], [
+		#include <linux/capability.h>
+	],[
+		struct task_struct *task = NULL;
+		int cap = 0;
+		bool result __attribute__ ((unused));
+
+		result = has_capability(task, cap);
+	])
+])
+
+AC_DEFUN([ZFS_AC_KERNEL_HAS_CAPABILITY], [
+	AC_MSG_CHECKING([whether has_capability() is available])
+	ZFS_LINUX_TEST_RESULT_SYMBOL([has_capability],
+	    [has_capability], [kernel/capability.c], [
+		AC_MSG_RESULT(yes)
+		AC_DEFINE(HAVE_HAS_CAPABILITY, 1, [has_capability() is available])
+	],[
+		AC_MSG_RESULT(no)
+	])
+])
+
 dnl #
 dnl # 2.6.39 API change
 dnl # struct user_namespace was added to struct cred_t as cred->user_ns member
@@ -66,12 +93,14 @@ AC_DEFUN([ZFS_AC_KERNEL_KUID_HAS_MAPPING], [
 
 AC_DEFUN([ZFS_AC_KERNEL_SRC_USERNS_CAPABILITIES], [
 	ZFS_AC_KERNEL_SRC_NS_CAPABLE
+	ZFS_AC_KERNEL_SRC_HAS_CAPABILITY
 	ZFS_AC_KERNEL_SRC_CRED_USER_NS
 	ZFS_AC_KERNEL_SRC_KUID_HAS_MAPPING
 ])
 
 AC_DEFUN([ZFS_AC_KERNEL_USERNS_CAPABILITIES], [
 	ZFS_AC_KERNEL_NS_CAPABLE
+	ZFS_AC_KERNEL_HAS_CAPABILITY
 	ZFS_AC_KERNEL_CRED_USER_NS
 	ZFS_AC_KERNEL_KUID_HAS_MAPPING
 ])