MFC r352304, r352540

r352304:
No longer mlock() ntpd pages by default in memory thus allowing its
pages to page as necessary.

To restore historic BSD behaviour add the following to ntp.conf:
rlimit memlock 32

Discussed on: freebsd-current@ between Sept 6-9, 2019
Reported by: Users using ASLR with stack gap != 0
Reviewed by: ian, kib, rgrimes (all previous versions)
Differential Revision: https://reviews.freebsd.org/D21581

r352540:
Follow up on r352304 which disabled default mlockall() at startup.
Unfortunately though the original tarball supports this in ./configure
(for Linux), to fully support disabling of mlockall() by default requires
a little extra help otherwise the following is logged in syslog:

Cannot set RLIMIT_MEMLOCK: Operation not permitted