Privileged / debug capability-setting ptrace operations
These patches add support for setting capabilities via ptrace, using the basic "forging" model (where all capabilities requested by the tracer are derived from the kernel's own root capability). Both setting capability registers and capabilities in memory is supported, see the last two commits for details.
These operations are only provided for privileged debugging, and require setting a sysctl value manually (provisionally called "cheri.ptrace_forge_cap", see the first commit).
Feedback welcome!