git: b00faab970c0 - stable/14 - stand: add a mechanism to avoid env var propagation to kenv

From: Kyle Evans <kevans_at_FreeBSD.org>
Date: Sun, 12 Apr 2026 13:44:11 UTC 
The branch stable/14 has been updated by kevans:

URL: https://cgit.FreeBSD.org/src/commit/?id=b00faab970c0e867b2c8197d7bb14abbb492932e

commit b00faab970c0e867b2c8197d7bb14abbb492932e
Author:     Kyle Evans <kevans@FreeBSD.org>
AuthorDate: 2025-08-22 03:48:14 +0000
Commit:     Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2026-04-12 13:43:38 +0000

    stand: add a mechanism to avoid env var propagation to kenv
    
    Our only user of this at the moment is teken.{fg,bg}_color.  These are
    special because teken is a library common to both the kernel and the
    loader, and we want to avoid having special vars to control the loader
    vs. the kernel.  Ideally, if a user wants a different set of console
    colors, then they set the appropriate teken variable and it
    Just Works(TM) everywhere.  We can't just avoid setting the env vars,
    because we specifically want to install a hook to adjust how loader is
    drawn.
    
    This allows us to avoid breaking a kernel config(5) that has some
    default teken colors set with our defaults.  That's a valid
    configuration, even if it might seem weird that they don't want to set
    colors in both loader and the kernel -- they may not anticipate spending
    any time in loader, and thus prefer to just let it do its default
    behavior.
    
    NOKENV is expected to be unset if the value is overwritten, rather than
    acting as a persistent marker that we do not want the value to persist
    under any circumstance.  We can always add another flag bit later for
    persistence if we find a use for that, but most variables are fine to
    carry over.  This is mostly needed for environment variables that we
    really just want to set a hook for.
    
    Future work could expand this to break it out to the scripted
    interfaces.  We have discussed some options like a new built-in command,
    or adding a flag to the existing `set` command, but haven't really come
    up with a concrete plan to avoid confusion.
    
    Reviewed by:    imp
    
    (cherry picked from commit 510e473ff3a6d4620c603c1b9ba06fb2bf5745fd)
---
 stand/common/gfx_fb.c     |  9 ++++++++-
 stand/common/modinfo.c    |  2 ++
 stand/libsa/environment.c | 17 ++++++++++++++---
 stand/libsa/stand.h       |  1 +
 4 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/stand/common/gfx_fb.c b/stand/common/gfx_fb.c
index 687c081a1d5d..92abaed91f6b 100644
--- a/stand/common/gfx_fb.c
+++ b/stand/common/gfx_fb.c
@@ -233,6 +233,7 @@ gfx_fb_evalcolor(const char *envname, teken_color_t *cattr,
 {
 	const char *ptr;
 	char env[10];
+	int eflags = EV_VOLATILE | EV_NOKENV;
 	bool from_env = false;
 
 	ptr = getenv(envname);
@@ -248,10 +249,16 @@ gfx_fb_evalcolor(const char *envname, teken_color_t *cattr,
 		if (unsetenv(envname) != 0)
 			return (true);
 		from_env = true;
+
+		/*
+		 * If we're carrying over an existing value, we *do* want that
+		 * to propagate to the kenv.
+		 */
+		eflags &= ~EV_NOKENV;
 	}
 
 	snprintf(env, sizeof(env), "%d", *cattr);
-	env_setenv(envname, EV_VOLATILE, env, sethook, unsethook);
+	env_setenv(envname, eflags, env, sethook, unsethook);
 
 	return (from_env);
 }
diff --git a/stand/common/modinfo.c b/stand/common/modinfo.c
index 381bd9dfd719..8c65bea2e759 100644
--- a/stand/common/modinfo.c
+++ b/stand/common/modinfo.c
@@ -167,6 +167,8 @@ md_copyenv(vm_offset_t start)
 
 	/* Traverse the environment. */
 	for (ep = environ; ep != NULL; ep = ep->ev_next) {
+		if ((ep->ev_flags & EV_NOKENV) != 0)
+			continue;
 		len = strlen(ep->ev_name);
 		if ((size_t)archsw.arch_copyin(ep->ev_name, addr, len) != len)
 			break;
diff --git a/stand/libsa/environment.c b/stand/libsa/environment.c
index 95ee1718f8d4..d139249a8e84 100644
--- a/stand/libsa/environment.c
+++ b/stand/libsa/environment.c
@@ -65,6 +65,17 @@ env_setenv(const char *name, int flags, const void *value,
 	struct env_var	*ev, *curr, *last;
 
 	if ((ev = env_getenv(name)) != NULL) {
+		/*
+		 * If the new value doesn't have NOKENV set, we'll drop the flag
+		 * if it's set on the entry so that the override propagates
+		 * correctly.  We do this *before* sending it to the hook in
+		 * case the hook declines to operate on it (e.g., because the
+		 * value matches what was already set) -- we would still want
+		 * the explicitly set value to propagate.
+		 */
+		if (!(flags & EV_NOKENV))
+			ev->ev_flags &= ~EV_NOKENV;
+
 		/*
 		 * If there's a set hook, let it do the work
 		 * (unless we are working for one already).
@@ -77,7 +88,6 @@ env_setenv(const char *name, int flags, const void *value,
 			free(ev->ev_value);
 		ev->ev_value = NULL;
 		ev->ev_flags &= ~EV_DYNAMIC;
-
 	} else {
 
 		/*
@@ -123,12 +133,13 @@ env_setenv(const char *name, int flags, const void *value,
 	/* If we have a new value, use it */
 	if (flags & EV_VOLATILE) {
 		ev->ev_value = strdup(value);
-		ev->ev_flags |= EV_DYNAMIC;
+		flags |= EV_DYNAMIC;
 	} else {
 		ev->ev_value = (char *)value;
-		ev->ev_flags |= flags & EV_DYNAMIC;
 	}
 
+	ev->ev_flags |= flags & (EV_DYNAMIC | EV_NOKENV);
+
 	return (0);
 }
 
diff --git a/stand/libsa/stand.h b/stand/libsa/stand.h
index 260defa3a33d..553f965e0ccd 100644
--- a/stand/libsa/stand.h
+++ b/stand/libsa/stand.h
@@ -339,6 +339,7 @@ extern int	pager_file(const char *fname);
 #define EV_DYNAMIC	(1<<0)		/* value was dynamically allocated, free if changed/unset */
 #define EV_VOLATILE	(1<<1)		/* value is volatile, make a copy of it */
 #define EV_NOHOOK	(1<<2)		/* don't call hook when setting */
+#define EV_NOKENV	(1<<3)		/* don't add to kenv (loader-only) */
 
 struct env_var;
 typedef char	*(ev_format_t)(struct env_var *ev);