When a use sets umask in login.conf(5) to 027 or 077 a subsequently
fetched /var/db/ntpd.leap-seconds.list will inherit the permissions
allowed by the umask, resulting in a file that may not be readable
ntpd running under the ntp account. This patch adds a umask command
to preempt the umask in login.conf(5) prior to fetching a new copy
of the leap-seconds file.

PR:		261298
Reported by:	Martin Waschbusch <martin@waschbuesch.de>

(cherry picked from commit c6806434)

Before commit 3cec5c77 buf_daemon() went to longer 1s sleep if
numdirtybuffers <= lodirtybuffers.  After that commit new condition
!BIT_EMPTY(BUF_DOMAINS, &bdlodirty) got opposite -- true when one
or more more domains is above lodirtybuffers.  As result, on freshly
booted system with no dirty buffers buf_daemon() wakes up 10 times
per second and probably only 1 time per second when there is actual
work to do.

MFC after:	1 week
Reviewed by:	kib, markj
Tested by:	pho
Differential revision:	https://reviews.freebsd.org/D33890

(cherry picked from commit e76c0108)

This fixes a problem where ctld(8) would refuse to start on boot
with a specific IP address to listen on configured in ctl.conf(5).
It also fixes a problem where ctld(8) would fail to start with
some network interfaces which require a sysctl.conf(5) tweak
to configure them, eg to switch them from InfiniBand to IP mode.

PR:		232397
Reported By:	Mahmoud Al-Qudsi <mqudsi at neosmart.net>
Submitted By:	Jeremy Faulkner <gldisater at gmail.com>

(cherry picked from commit 015351de)

If a disk is already in STANDBY mode, then setting IDLE mode can
actually spin it up.

(cherry picked from commit 15910dc0)

The test tries to connect a socket to a closed port at 127.0.0.1.  It
sets O_NONBLOCK on the socket first and expects to get EINPROGRESS from
connect(2), but this is not guaranteed, ECONNREFUSED is possible.
Handle both cases, and re-enable the test.

PR:		240621
Sponsored by:	The FreeBSD Foundation

(cherry picked from commit 95c75073)

If the UMA zones are not freed, we get warnings about re-using the
sysctl variables associated with the UMA zones, and we're leaking
the other memory associated with the zone structures.  e.g.:

sysctl_warn_reuse: can't re-use a leaf (vm.uma.pass44.size)!
sysctl_warn_reuse: can't re-use a leaf (vm.uma.pass44.flags)!
sysctl_warn_reuse: can't re-use a leaf (vm.uma.pass44.bucket_size)!
sysctl_warn_reuse: can't re-use a leaf (vm.uma.pass44.bucket_size_max)!
sysctl_warn_reuse: can't re-use a leaf (vm.uma.pass44.keg.name)!
sysctl_warn_reuse: can't re-use a leaf (vm.uma.pass44.keg.rsize)!
sysctl_warn_reuse: can't re-use a leaf (vm.uma.pass44.keg.ppera)!
sysctl_warn_reuse: can't re-use a leaf (vm.uma.pass44.keg.ipers)!

Also, correctly clear the PASS_FLAG_ZONE_INPROG flag in
passcreatezone().  The way it was previously done, it would have
had set the flag and cleared all other flags that were set at
that point.

Sponsored by:	Spectra Logic

(cherry picked from commit ca2a7262)

Fix comment documenting checksum block in ip_nat.c. Fastforward doesn't
perform checksum.

(cherry picked from commit 896a0153)

(cherry picked from commit 6af38b34)

Don't assume checksums will be calculated later in fastforward.

(cherry picked from commit 2a646524)

Correct the parameters descriptions for ipf_fix_outcksum and
ipf_fix_incksum.

(cherry picked from commit 4b5c0c9b)

(cherry picked from commit dfb1c97a)

It was obtained from musl, and is MIT licensed.

MFC after:	3 days
Sponsored by:	The FreeBSD Foundation

(cherry picked from commit 2e9bc9d1)

Obtained from:	musl c53e9b239418

(cherry picked from commit c6750f07)

Oversight in previous commit: usage() had been turned to accept
an "exitcode" parameter, but it hasn't been used.

(cherry picked from commit 1654b514)

Implement a -v option to usbconfig(8), as a shortcut for the most
frequently needed commands dump_device_desc, dump_curr_config_desc,
and show_ifdrv.

While here, implement a real -h option that has been promised by the
man page.

Use <sysexits.h> to declare the utility return codes.

Reviewed by:	hselasky
Differential Revision:	https://reviews.freebsd.org/D33586

(cherry picked from commit d69b9cc2)

* in usage(), clearly mark -i interface as optional
* both, -u busnum and -a devaddr are optional as well
* various minor man page fixes
* clearly mark those two commands that actually use -i ifaceidx
* remove unused bitfield tag got_iface
* fix indentation level according to review comment

Differential Revision:	https://reviews.freebsd.org/D33579/
Reviewed by:	hselasky

(cherry picked from commit cae1884d)

This makes option handling consistent with other utilities as well as
Posix rules. By that, it's no longer important whether option name and
its argument are separated by a space or not, so -d5.3 works the same
as -d 5.3.

Also, recognize either /dev/ugen or ugen as prefix to the -d argument.

Note that this removes the undocumented feature that allowed to
specify multiple -d n.m options interleaved with commands referring to
that particular device in a single run.

(cherry picked from commit ae450e6d)

In an earlier version of the revision that created that sysctl (D20519)
the sysctl was gated by INVARIANTS, so the test had to check for it.
But in the committed version it is always available.

(cherry picked from commit 19ab3610)

fusefs: move common code from forget.cc to utils.cc

(cherry picked from commit 8d99a6b9)

fusefs: fix .. lookups when the parent has been reclaimed.

By default, FUSE file systems are assumed not to support lookups for "."
and "..".  They must opt-in to that.  To cope with this limitation, the
fusefs kernel module caches every fuse vnode's parent's inode number,
and uses that during VOP_LOOKUP for "..".  But if the parent's vnode has
been reclaimed that won't be possible.  Previously we paniced in this
situation.  Now, we'll return ESTALE instead.  Or, if the file system
has opted into ".." lookups, we'll just do that instead.

This commit also fixes VOP_LOOKUP to respect the cache timeout for ".."
lookups, if the FUSE file system specified a finite timeout.

PR:		259974
Reviewed by:	pfg
Differential Revision: https://reviews.freebsd.org/D33239

(cherry picked from commit 1613087a)

VOPs like VOP_SETATTR can change a file's size, with the vnode
exclusively locked.  But VOPs like VOP_LOOKUP look up the file size from
the server without the vnode locked.  So a race is possible.  For
example:

1) One thread calls VOP_SETATTR to truncate a file.  It locks the vnode
   and sends FUSE_SETATTR to the server.
2) A second thread calls VOP_LOOKUP and fetches the file's attributes from
   the server.  Then it blocks trying to acquire the vnode lock.
3) FUSE_SETATTR returns and the first thread releases the vnode lock.
4) The second thread acquires the vnode lock and caches the file's
   attributes, which are now out-of-date.

Fix this race by recording a timestamp in the vnode of the last time
that its filesize was modified.  Check that timestamp during VOP_LOOKUP
and VFS_VGET.  If it's newer than the time at which FUSE_LOOKUP was
issued to the server, ignore the attributes returned by FUSE_LOOKUP.

PR:		259071
Reported by:	Agata <chogata@moosefs.pro>
Reviewed by:	pfg
Differential Revision: https://reviews.freebsd.org/D33158

(cherry picked from commit 13d593a5)

(cherry picked from commit 43a5ec4e)

(cherry picked from commit ba94a954)

PR:	261051

(cherry picked from commit 6d06bc68)

PR:		260949
Reported by:	Graham Perrin <grahamperrin@gmail.com>
MFC after:	3 days

(cherry picked from commit 6853ef66)

supposedly having too many segments, when lld 11 links it. Such kernels
should load just fine.

Note that we may still do some tweaking of our kernel linker scripts, to
lower the number of segments, although the exact benefit is not entirely
clear.

PR:		252459

(cherry picked from commit 05c312a3)

(cherry picked from commit ace33703)

Like IPv4 NAT frb_natv4in, add a corresponding IPv6 NAT SDT probe called
frb_natv6in.

(cherry picked from commit 6b54d2f4)