diff options
author | Kyle Evans <kevans@FreeBSD.org> | 2021-06-20 19:29:31 +0000 |
---|---|---|
committer | Kyle Evans <kevans@FreeBSD.org> | 2021-07-19 04:05:48 +0000 |
commit | 7a129c973b5ba0fa916dfa658d523bec66dbd02d (patch) | |
tree | 198d64b5a995411511682782b088d31ebe05e766 | |
parent | 46438b5366f9405beb6f76474a5aae822352f012 (diff) | |
download | src-7a129c973b5ba0fa916dfa658d523bec66dbd02d.tar.gz src-7a129c973b5ba0fa916dfa658d523bec66dbd02d.zip |
kern: add an option for preserving the early kenv
Some downstream configurations do not store secrets in the
early (loader/static) environments and desire a way to preserve these
for diagnostic reasons. Provide an option to do so.
Reviewed by: imp, jhb (earlier version)
Differential Revision: https://reviews.freebsd.org/D30834
-rw-r--r-- | sys/conf/options | 8 | ||||
-rw-r--r-- | sys/kern/kern_environment.c | 4 |
2 files changed, 12 insertions, 0 deletions
diff --git a/sys/conf/options b/sys/conf/options index 882460fbf35b..774850158221 100644 --- a/sys/conf/options +++ b/sys/conf/options @@ -1021,3 +1021,11 @@ IICHID_DEBUG opt_hid.h IICHID_SAMPLING opt_hid.h HKBD_DFLT_KEYMAP opt_hkbd.h HIDRAW_MAKE_UHID_ALIAS opt_hid.h + +# kenv options +# The early kernel environment (loader environment, config(8)-provided static) +# is typically cleared after the dynamic environment comes up to ensure that +# we're not inadvertently holding on to 'secret' values in these stale envs. +# This option is insecure except in controlled environments where the static +# environment's contents are known to be safe. +PRESERVE_EARLY_KENV opt_global.h diff --git a/sys/kern/kern_environment.c b/sys/kern/kern_environment.c index 54992e6594ed..8dc345559e95 100644 --- a/sys/kern/kern_environment.c +++ b/sys/kern/kern_environment.c @@ -365,7 +365,11 @@ init_dynamic_kenv_from(char *init_env, int *curpos) kenvp[i] = malloc(len, M_KENV, M_WAITOK); strcpy(kenvp[i++], cp); sanitize: +#ifdef PRESERVE_EARLY_KENV + continue; +#else explicit_bzero(cp, len - 1); +#endif } *curpos = i; } |