git: ef70a18d88e6 - stable/12 - kern: add an option for preserving the early kenv
Kyle Evans
kevans at FreeBSD.org
Thu Aug 26 06:44:02 UTC 2021
The branch stable/12 has been updated by kevans:
URL: https://cgit.FreeBSD.org/src/commit/?id=ef70a18d88e65879a78992dd6c5e3fc7a1cdb225
commit ef70a18d88e65879a78992dd6c5e3fc7a1cdb225
Author: Kyle Evans <kevans at FreeBSD.org>
AuthorDate: 2021-06-20 19:29:31 +0000
Commit: Kyle Evans <kevans at FreeBSD.org>
CommitDate: 2021-08-26 06:40:38 +0000
kern: add an option for preserving the early kenv
Some downstream configurations do not store secrets in the
early (loader/static) environments and desire a way to preserve these
for diagnostic reasons. Provide an option to do so.
(cherry picked from commit 7a129c973b5ba0fa916dfa658d523bec66dbd02d)
---
sys/conf/options | 8 ++++++++
sys/kern/kern_environment.c | 4 ++++
2 files changed, 12 insertions(+)
diff --git a/sys/conf/options b/sys/conf/options
index 561e2574b964..b2c3eebacf70 100644
--- a/sys/conf/options
+++ b/sys/conf/options
@@ -1028,3 +1028,11 @@ NVME_USE_NVD opt_nvme.h
# amdsbwd options
AMDSBWD_DEBUG opt_amdsbwd.h
+
+# kenv options
+# The early kernel environment (loader environment, config(8)-provided static)
+# is typically cleared after the dynamic environment comes up to ensure that
+# we're not inadvertently holding on to 'secret' values in these stale envs.
+# This option is insecure except in controlled environments where the static
+# environment's contents are known to be safe.
+PRESERVE_EARLY_KENV opt_global.h
diff --git a/sys/kern/kern_environment.c b/sys/kern/kern_environment.c
index 761113f108ec..f37fce450cd9 100644
--- a/sys/kern/kern_environment.c
+++ b/sys/kern/kern_environment.c
@@ -368,7 +368,11 @@ init_dynamic_kenv_from(char *init_env, int *curpos)
kenvp[i] = malloc(len, M_KENV, M_WAITOK);
strcpy(kenvp[i++], cp);
sanitize:
+#ifdef PRESERVE_EARLY_KENV
+ continue;
+#else
explicit_bzero(cp, len - 1);
+#endif
}
*curpos = i;
}
More information about the dev-commits-src-all
mailing list