nfsd: Use an NFSv4 ACL for the delegation ACE if available

Without this patch, the ACE in a NFSv4 delegation reply is
generated from the file's user mode bits. This is correct
in most situations, but not if the file has certain NFSv4 ACLs.

This patch uses the @OWNER ACE in the NFSv4 ACL if it comes
before any deny ACE and returns a "nil access" ACE if a
deny preceeds the @OWNER.

This change affects few NFSv4 clients, since most clients
ignore the delegation access ACE and it only affects cases
where the NFSv4 server is issuing delegations.

Fixes: 8e2a90ac8089 ("nfscommon: Factor out conversion of ae_perm to NFSv4 ACE flags")