Many recent AMD SoCs need to have their NVMe placed into D3cold at suspend
time to properly resume. Other machines break when we do that. To solve
this dilemma, Microsoft introduced a "StorageD3Enable" ACPI property that
tells us what to do. Note that despite its name, this property seems to
be relevant for PCI devices that aren't storage related as well.
Implement support in our ACPI code to choose between D3hot and D3cold and
use the "StorageD3Enable" property to make that decision. This should fix
machines that no longer resume properly after the (somewhat) recent
improvements to S0ix suspend for AMD laptops.
ok jca@, deraadt@
hoist OPTIND reset from rc.d(8) services to rc.subr(8)
See unbound r1.10 and r.11 for context; in base only unbound and spamlogd
use getopts and the problem is in rc.subr's getopts, parsing options when
the service script is used directly: /etc/rc.d/unbound [-dqf] ...
Reset getopts in rc.subr once for anything that comes afterwards instead of
in every script using it.
'rcctl [-dqf] ...' and netstart are not affected as they run rc.subr in its
own process and use FUNCS_ONLY=1, respectively.
tested by obsd at mulh.net
OK aja
remove special handling of __string/* headers
we had to add special handling for the __string directory because CVS
cannot handle file to directory transitions so we had to move this
directory to __string.d and copy files over at install time, however
when libcxx19 was imported this directory was actually commited, making
rendering the handling of the special directory obsolete, but it was kept
there and it was installing files to the wrong directory
isakmpd: avoid direct ASN1_STRING accesses
Since this transforms notBefore and notAfter into a string to be used in
a keynote assertion, existing libcrypto interfaces aren't directly suitable,
so I kept this mechanical by assigning the data and length fields to local
variables via accessors and replacing tm->data by data and tm->length by
len, only occasionally fixing up whitespace and omitting parentheses.
probably ok beck claudio
Fix vmd reboots broken by my pause barrier changes.
Reported by bluhm@.
Long story is vmd has some complexity in how the decision to "reboot"
a vm process is made. The pause barrier diff clobbered a return
value that bubbled up to a value passed to exit(3) and picked up
by the parent vmd process (the "vmm" process) that determines if a
process exit should result in relaunching the vm process or not.
For now, just stop clobbering the value and don't report the error
returned by pthread_barrier_destroy(3).
Replace trivial uses of ASN1_STRING_data()
Almost entirely mechanical diff that ensures that for read-only accesses
we use the const correct ASN1_STRING_get0_data(). Arguably, in most
places the better fix would be to reach into ASN1_STRING but then we
have to think and bikeshed...
ok beck kenjiro
libcrypto: make most of the BN_* macro pollution internal
This is a first sweep of reducing the number of terribly named macros
in bn.h More can go away. Those we need internally go to bn_local.h.
Annoyingly bn_internal.h uses some of them, so it includes bn_local.h
now. This can be cleaned up later.
ok jsing kenjiro
disable Panel Self Refresh (PSR) in amdgpu
PSR is a power saving feature, previously enabled for
DCN >= 3.1.2 (YELLOW CARP / Rembrandt).
Disabling PSR avoids a problem encountered by robert@ on a
ThinkPad X13 Gen 6 (21RM) with GC 11.5.2, DCN 3.5.0.
If a reboot was attempted after X started, the machine would hang.
robert has patiently tried many PSR related patches, but nothing
besides disabling PSR entirely has helped.
convert PerSourcePenalties to using floating point time, allowing
penalties to be less than a second. This is useful if you need to
penalise things you expect to occur at >=1 QPS.
feedback dtucker / deraadt; ok deraadt@
Add convtime_double() that converts a string interval, such
as "3w2d4h5m10.5s", into a floating point number of seconds.
Reimplement the existing convtime() function using convtime_double()
(it just drops the fractional seconds)
lots of feedback deraadt@ / dtucker@; ok deraadt@
rpki-client: turn CCR into a proper CMS citizen
Using an EncapsulatedContentInfo was a hack which arose out of the
desire of having an OID next to the stuff we really care about.
Russ Housley pointed out that an EncapsulatedContentInfo is never
really used at the top level and that CMS (of course) has a proper
mechanism for this. (The absence of signers also makes this original
choice dubious, see last paragraph before RFC 5652, section 5.2.1.)
So, switch to a ContentInfo and fix another encoding issue, namely
using a naked OID instead of a CMS DigestAlgorithmIdentifier.
In addition to CCR becoming a plain CMS object, the code becomes
simpler overall despite the DigestAlgorithmIdentifier adding some
complexity. The big win is that the opaque OCTET STRING wrapping
the CCR SEQUENCE and the manual DER wrangling can go away.
Russ confirmed by decoding a detailed example that this produces
the appropriate DER matching the changes in the ASN.1 in
[15 lines not shown]
