svn commit: r335745 - stable/11/sys/kern

[Kyle Evans]

Author: kevans
Date: Wed Jun 27 21:22:48 2018
New Revision: 335745
URL: https://svnweb.freebsd.org/changeset/base/335745

Log:
  MFC r332395 (ian): Use explicit_bzero() when cleaning values out of the kenv
  
  Sometimes the values contain geli passphrases being communicated from
  loader(8) to the kernel, and some day the compiler may decide to start
  eliding calls to memset() for a pointer which is not dereferenced again
  before being passed to free().

Modified:
  stable/11/sys/kern/kern_environment.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/kern/kern_environment.c
==============================================================================
--- stable/11/sys/kern/kern_environment.c	Wed Jun 27 21:22:00 2018	(r335744)
+++ stable/11/sys/kern/kern_environment.c	Wed Jun 27 21:22:48 2018	(r335745)
@@ -288,7 +288,7 @@ init_dynamic_kenv(void *data __unused)
 			if (i < KENV_SIZE) {
 				kenvp[i] = malloc(len, M_KENV, M_WAITOK);
 				strcpy(kenvp[i++], cp);
-				memset(cp, 0, strlen(cp));
+				explicit_bzero(cp, strlen(cp));
 			} else
 				printf(
 				"WARNING: too many kenv strings, ignoring %s\n",
@@ -307,7 +307,7 @@ freeenv(char *env)
 {
 
 	if (dynamic_kenv && env != NULL) {
-		memset(env, 0, strlen(env));
+		explicit_bzero(env, strlen(env));
 		free(env, M_KENV);
 	}
 }
@@ -485,7 +485,7 @@ kern_unsetenv(const char *name)
 			kenvp[i++] = kenvp[j];
 		kenvp[i] = NULL;
 		mtx_unlock(&kenv_lock);
-		memset(oldenv, 0, strlen(oldenv));
+		explicit_bzero(oldenv, strlen(oldenv));
 		free(oldenv, M_KENV);
 		return (0);
 	}