Revert "Temporarily disable CAP_PERFMON, CAP_BPF, and CAP_CHECKPOINT_RESTORE"

Now that runc v1.0.0-rc93 is used, we can revert this temporary workaround

This reverts commit a38b96b8cdc4d345a050b417c4c492b75329e5a6.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

oci/caps/utils.go

@@ -16,18 +16,6 @@ func init() {
 	if last == capability.Cap(63) {
 		last = capability.CAP_BLOCK_SUSPEND
 	}
-	if last > capability.CAP_AUDIT_READ {
-		// Prevents docker from setting CAP_PERFMON, CAP_BPF, and CAP_CHECKPOINT_RESTORE
-		// capabilities on privileged (or CAP_ALL) containers on Kernel 5.8 and up.
-		// While these kernels support these capabilities, the current release of
-		// runc ships with an older version of /gocapability/capability, and does
-		// not know about them, causing an error to be produced.
-		//
-		// FIXME remove once https://github.com/opencontainers/runc/commit/6dfbe9b80707b1ca188255e8def15263348e0f9a
-		//       is included in a runc release and once we stop supporting containerd 1.3.x
-		//       (which ships with runc v1.0.0-rc92)
-		last = capability.CAP_AUDIT_READ
-	}
 	for _, cap := range capability.List() {
 		if cap > last {
 			continue