usr.sbin: Automated cleanup of cdefs and other formatting

Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.

Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/
Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/
Remove /\n+#if.*\n#endif.*\n+/
Remove /^#if.*\n#endif.*\n/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/

Sponsored by: Netflix

Remove $FreeBSD$: one-line .c pattern

Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/

spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD

The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.

Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix

various: general adoption of SPDX licensing ID tags.

Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

No functional change intended.

A new jail(8) with a configuration file, to replace the work currently done
by /etc/rc.d/jail.

Create the altix project branch. The altix project will add support
for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting
is a two-module system, consisting of a base compute module and a
CPU expansion module. SGI's NUMAFlex architecture can be an excellent
platform to test CPU affinity and NUMA-aware features in FreeBSD.

In ugidfw(8), print the rule number and rule contents (as parsed and then
regenerated in libugidfw) rather than simply printing that the rule was
added with only the number. This makes ugidfw(8) behave a bit more like
ipfw(8), and also means that the administrator sees how the rule was
interpreted once uids/gids/etc were processed.

Obtained from: TrustedBSD Project

- Import the HEAD csup code which is the basis for the cvsmode work.

Add some new options to mac_bsdestended. We can now match on:

subject: ranges of uid, ranges of gid, jail id
objects: ranges of uid, ranges of gid, filesystem,
object is suid, object is sgid, object matches subject uid/gid
object type

We can also negate individual conditions. The ruleset language is
a superset of the previous language, so old rules should continue
to work.

These changes require a change to the API between libugidfw and the
mac_bsdextended module. Add a version number, so we can tell if
we're running mismatched versions.

Update man pages to reflect changes, add extra test cases to
test_ugidfw.c and add a shell script that checks that the the
module seems to do what we expect.

Suggestions from: rwatson, trhodes
Reviewed by: trhodes
MFC after: 2 months

Fixing an off-by-one error which results in 'ugidfw list' to complain about
"Data error in security.mac.bsdextended.rules.N: Unknown error: 0."

Reviewed by: rwatson
MFC after: 3 days

Add prototypes and remove unused variables for WARNS=6 compliance. Add
'usage: ' in front of usage string. Use warnx(3) instead of fprintf in error
messages to get progname prepended.

Remove unnecessary include of vnode.h.

Requested by: phk

Add an 'add' command to ugidfw(8), which permits specifying a new
rule without explicitly specifying a new rule number.

Update copyrights, remove license clause three.

Obtained from: TrustedBSD Project
Sponsored by: DARPA, McAfee Research

Introduce support for Mandatory Access Control and extensible
kernel access control.

Provide ugidfw, a utility to manage the ruleset provided by
mac_bsdextended. Similar to ipfw, only for uids/gids and files.

Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs