(Note that the new revision also changed permission from 400 r-------- to 600 rw-------, and umask from 377 to 177, because the non-root user needs write permission to modify the inode).

Fix issues pointed out by cem@

Thanks for the review, please take another look.

(Note that the refactor is not really needed, but I don't have strong opinion here).

Thanks!

Looks reasonable to me.

I think the proposed change actually does change the code behavior slightly.

I like the direction in general.

Looks fine to me, but I no longer have the hardware to actually test the changes, iXsystems may be able to help with that.

I'm mostly in favor of the change (smaller kernel size, etc.), but since we are removing driver from GENERIC, it's better if we can provide a mechanism to load the driver on demand, or a binary update can easily brick the system...

Why are we making this change? It was somewhat intentional to not enable SASL by default (to reduce attack surface, e.g. CVE-2019-13565), is this functionality being used by a lot of consumers?

LGTM.

Landed as rS351480.

Would like a different @releng member to take a look if possible, but the change looks reasonable to me.

Remove unused field.

Fix accounting for NumFree.

Fixed a couple of bugs.

Remove D21408 portion of change.

@markj -- do you have some suggestion on how should we test subr_compressor.c changes?

PTAL.

Fix subr_compressor.c.

In D21186#463637, @ota_j.email.ne.jp wrote:

The change looks reasonable based on PPP protocol and comparison to existing zlib code.
I didn't know ng_deflate was for ppp.
I was curious how others implemented and found that NetBSD, OpenBSD, and Linux uses Z_PACKET_FLUSH as well, interestingly.
I never looked at ppp implementation and didn't know all others have same base code along with modified zlib.
I am no longer sure if Z_PACKET_FLUSH was FreeBSD original implementation.