From nobody Tue Jun  3 04:51:21 2025
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4bBJH65BBRz5y1Q0;
	Tue, 03 Jun 2025 04:52:34 +0000 (UTC)
	(envelope-from sjg@juniper.net)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "*.pphosted.com", Issuer "Sectigo RSA Organization Validation Secure Server CA" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4bBJH62WpKz4MfD;
	Tue, 03 Jun 2025 04:52:34 +0000 (UTC)
	(envelope-from sjg@juniper.net)
Authentication-Results: mx1.freebsd.org;
	none
Received: from pps.filterd (m0108163.ppops.net [127.0.0.1])
	by mx0b-00273201.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 5533IEEK010191;
	Mon, 2 Jun 2025 21:52:33 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=
	cc:content-id:content-type:date:from:in-reply-to:message-id
	:mime-version:references:subject:to; s=PPS1017; bh=N5CxEwtr+i9Ri
	/P177jpOg3WCVKVY9SNi9e/7616sGg=; b=YVmxUDH5RHyNjtyEJ0oUxfOJgs795
	JViQtxFq+InQ4VMv2uNdRQguzOyyI6T3UJvPyDP1JOARNg2ChWpT4ycuVQ313+Re
	JWMgAu1L80YmVDBbg0IVMk21Z2Hn196W2eR1xcWpiOeiTdz9RdXpJaklKsLjT7Uw
	jVK8LfRf3rl3XPVQSFj6XnujrOPxcNgchwgiRq4EUcbe0AMee0k2mbcs82moqh2b
	RaeEJxseFcxt3feDpdbjaJzBb/3QGbHeiL3Nx6WPWTxmy1FLMww0Blp6aDwF1STO
	KFdjMJ8VhAIaBe9l7bL/wZW8NRgyiBnZtEQkgiTBgvlpTsiEmwlFFlAbg==
Received: from cy7pr03cu001.outbound.protection.outlook.com (mail-westcentralusazon11022143.outbound.protection.outlook.com [40.93.200.143])
	by mx0b-00273201.pphosted.com (PPS) with ESMTPS id 471g9g97vw-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Mon, 02 Jun 2025 21:52:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=YAi3yHsOVZwBzBLsz91YPMGQqkFGZHJDv/LVWRKNapFYGZCYoXo6OvF8/9IlQdP4+VEBqOKagJxuLAcAlorBhuUA85yG0UbhxmgtfBHSYY3TZZpILKmdYH35BzajDB+X2pPribqpaPk1xdx86SwaQ7x/zpQ/kYqco7RHiLMHtWRloYEtU66m1H7ksd8ob5vU/RTCHd8AlCYhCTfKMTj5QrurwFGgknb0RATv1/6++sjkDxwaXLE/a2cyjKLRoiFceSf5A+fA9Lrr5E/TzrbKzv00GWQOqBOnKRZoUKGE5Di1vbxB3xXLo25qmCm2Qonzl/DPv5nziFS/kDrM6gPAig==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=N5CxEwtr+i9Ri/P177jpOg3WCVKVY9SNi9e/7616sGg=;
 b=ux2LP+HDWnAolxcHSAY8t7qxFBS7gQ1EioyDylO1f7Cifp1TlTm3xYfB9SM71kGhweCwLAS224DyOeCWJqdDS7/mODiI1t0HYl1yNw7ejubY8lYoeknwokQrzyvYx7FYARrSIN7OVVybaCu/bquvHhkPoXjHyIjvkVd0mUH+wDszgRA0GmLccGYPFHVx/QqjmIa5YZETFfUaI0ikaCITEx9H5BsmxD5L71Oope8TS4bPmgmlXfce/oYY3q968ZM/aUjLiVbDNjNX3SG8aS2+EUp7jO8ix4ED/8J0OqDDIGt+3ii1JapOerOSlbC7oE468mBevAHaTl30Fc7vUm6B1A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=softfail (sender ip
 is 66.129.239.15) smtp.rcpttodomain=freebsd.org smtp.mailfrom=juniper.net;
 dmarc=fail (p=reject sp=reject pct=100) action=oreject
 header.from=juniper.net; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net;
 s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=N5CxEwtr+i9Ri/P177jpOg3WCVKVY9SNi9e/7616sGg=;
 b=E8w6tUe0QXx14L3Z9qSCr4dQNhdo02yoirw/51g3/QqlGwKxbgBQE5IeQMflGqjUjVyuLotJwQyXLyv4AEfVHB4QdStgNKgsQg707vHn1uRxFtP+tlPGiNAibS2WFa+l60T/WXmvRP11RhwQhyrMqgJ3DImrNQCZppmwhqEZxe4=
Received: from CY5PR19CA0120.namprd19.prod.outlook.com (2603:10b6:930:64::10)
 by CY8PR05MB9524.namprd05.prod.outlook.com (2603:10b6:930:9f::5) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8769.37; Tue, 3 Jun
 2025 04:52:29 +0000
Received: from DS3PEPF000099D6.namprd04.prod.outlook.com
 (2603:10b6:930:64:cafe::1f) by CY5PR19CA0120.outlook.office365.com
 (2603:10b6:930:64::10) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.8792.19 via Frontend Transport; Tue,
 3 Jun 2025 04:52:29 +0000
X-MS-Exchange-Authentication-Results: spf=softfail (sender IP is
 66.129.239.15) smtp.mailfrom=juniper.net; dkim=none (message not signed)
 header.d=none;dmarc=fail action=oreject header.from=juniper.net;
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning
 juniper.net discourages use of 66.129.239.15 as permitted sender)
Received: from p-exchfe-eqx-02.jnpr.net (66.129.239.15) by
 DS3PEPF000099D6.mail.protection.outlook.com (10.167.17.7) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.8792.29 via Frontend Transport; Tue, 3 Jun 2025 04:52:29 +0000
Received: from p-exchbe-eqx-01.jnpr.net (10.104.9.14) by
 p-exchfe-eqx-02.jnpr.net (10.104.9.17) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.1544.14; Mon, 2 Jun 2025 23:52:28 -0500
Received: from p-exchbe-eqx-02.jnpr.net (10.104.9.15) by
 p-exchbe-eqx-01.jnpr.net (10.104.9.14) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.1544.14; Mon, 2 Jun 2025 23:52:28 -0500
Received: from kaos.jnpr.net (10.104.20.6) by p-exchbe-eqx-02.jnpr.net
 (10.104.9.15) with Microsoft SMTP Server id 15.2.1544.14 via Frontend
 Transport; Mon, 2 Jun 2025 23:52:28 -0500
Received: by kaos.jnpr.net (Postfix, from userid 1377)
	id 1E2367DD8F; Mon, 02 Jun 2025 21:51:21 -0700 (PDT)
Received: from kaos.jnpr.net (localhost [127.0.0.1])
	by kaos.jnpr.net (Postfix) with ESMTP id 1A5707DBE6;
	Mon, 02 Jun 2025 21:51:21 -0700 (PDT)
To: Kyle Evans <kevans@FreeBSD.org>
CC: <src-committers@FreeBSD.org>, <dev-commits-src-all@FreeBSD.org>,
        <dev-commits-src-main@FreeBSD.org>, <sjg@juniper.net>
Subject: Re: git: 61d77e6c0095 - main - loader: allow for exceptions to restricted settings.
In-Reply-To: <24533e37-2396-40ef-ba84-a5339b811527@FreeBSD.org>
References: <202506020549.5525nuDu054998@gitrepo.freebsd.org> <24533e37-2396-40ef-ba84-a5339b811527@FreeBSD.org>
Comments: In-reply-to: Kyle Evans <kevans@FreeBSD.org>
   message dated "Mon, 02 Jun 2025 11:14:54 -0500."
From: "Simon J. Gerraty" <sjg@juniper.net>
X-Mailer: MH-E 8.6+git; nmh 1.8; Emacs 30.1
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-main@freebsd.org
Sender: owner-dev-commits-src-main@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <73229.1748926281.1@kaos.jnpr.net>
Date: Mon, 2 Jun 2025 21:51:21 -0700
Message-ID: <74857.1748926281@kaos.jnpr.net>
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DS3PEPF000099D6:EE_|CY8PR05MB9524:EE_
X-MS-Office365-Filtering-Correlation-Id: a87702a0-ddbe-48f6-2df7-08dda25a71ae
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam:
	BCL:0;ARA:13230040|82310400026|1800799024|376014|36860700013;
X-Microsoft-Antispam-Message-Info:
	=?us-ascii?Q?CeTpEfHI2TQhRhxvIoE/M4PQM2Yuh6+QTQ0rFT2TB/430d99jWD5/iYOS5VD?=
 =?us-ascii?Q?irvtVU31/R8L2n/+0inMh91jY4UESVYKCmMPx3S1U9Rtkb26qX5yargUdSey?=
 =?us-ascii?Q?xMq2PSExKsZxSrqA9reQP3CIbyvcXvfMHLw/6/wm4xy2XlEncvrr5EgqWQ6h?=
 =?us-ascii?Q?0chyC3XUa8LzhpyJWcRHqO8DC0JLbuQYe4SRmdHvAe4Av/l6WoZ/lu/5G5ft?=
 =?us-ascii?Q?MlL4J5xxCxeqnZKWjwVRtPPJC5oSaNMSqWdcDWtRmr6REGFB/yeYgRacxdYe?=
 =?us-ascii?Q?XiVCnTpRR74kB6XQPFec5vAO9VPaCtkb9W8uEMnXvLtGGrzv9hCIEu8oPf8K?=
 =?us-ascii?Q?W1Z1YeD2HYtk0qowUCATqlSPQpOxfgMg2S5AyvzWEYF4SNMeqv2OmLTSS48E?=
 =?us-ascii?Q?WjVgdL64ooOq4qZBgDA05fletFj5MToN8HQn32WDBzMzGMOPUiO1s3Gxzkeq?=
 =?us-ascii?Q?LcsOLUM9uzjERgI5Kep9PmEI8C2OOQFBj3tkpJOPcTiyk0F+Tq5PHiQTOzDt?=
 =?us-ascii?Q?I5fmFBzTve+bm/Gycx8YfzFICWwq2W6YxSfYNd39JJ8A075AOcXdeWwDkPMK?=
 =?us-ascii?Q?zO9cJigXBH0whATifAEKfw+JlaLCQl4IXL/oKs9yYhnsKwmVoBWylJDO1pj8?=
 =?us-ascii?Q?ShCC9bkwVDd40iYVKHBLWFRipZwSp07WfX5HFvXS79IW3LwYQxZ4LAc5eCL7?=
 =?us-ascii?Q?9HfQaAXAcPlJGTajim2xms2XszO74WmQXNhwK/WgsKAZ0vvas6P1lFeHzjr1?=
 =?us-ascii?Q?2ua8lXBOqVsLaOoQMDhrfwXfyVuO2zQaCDkkakWCO+NHBoyFB5tkW7Ueykno?=
 =?us-ascii?Q?XABah4oArRZzIlb0zixg5m1VjBTHtN/OFC3QzZmiX6xmNaBGMMtWEfFCIUvp?=
 =?us-ascii?Q?eFBAICimw5cSPj8HcvAL7zKIq8XvJLTodC5tJNsB83E8oouEszSsa5iXOjcV?=
 =?us-ascii?Q?pWH3yBHZwhAxeG2sHgJkbawy6KoVFa1xAd1aXitzjolnZ62tSpNwQpTQs0/l?=
 =?us-ascii?Q?gZNdTME6Y1G+5nlwfjkCUXnXQUMwp5zVEYFTvNbtPVoqkzBtOSLSySJr0Ueh?=
 =?us-ascii?Q?BNQjpi6i1t5POXEaRekDfsUiWJddLvqNnXzn1fJB6s0oNPcKsekqTKAhBpUs?=
 =?us-ascii?Q?YrO3Vc58dMmL5tfvmI5Tn1L3wsIRQPsA4JLFd05hZr9k+Bdd1tI5LXxBszug?=
 =?us-ascii?Q?JJE52t3Yjv7FDVR6WcpUKmiex27PqLTxkdz0aD+tlMFlyL4chpQoHro1Do4V?=
 =?us-ascii?Q?FG2APZvmfJs2ptegA3j1VIsKY+PZpgjHuAOnINIpywFCiR5Lz5gCfogBxHJs?=
 =?us-ascii?Q?weSYB2siWEtOpNvfwqCfvUo+KFSFoiPJHtHEIsJiyoRXNrPx8y3KMPQ4804o?=
 =?us-ascii?Q?rC040jSVpTj9ZmYcQTaH+VNnBtuPUj6ExgVIl0uCxmvFPdyBBmPAdlWrs3ly?=
 =?us-ascii?Q?HfVYPAHf3cvS+kJ5qJiojS3lKK3ZKOQpIKcvlsnWQG9/BJTcxMmcsANMMHdf?=
 =?us-ascii?Q?SgCqiE4cC1BNbJ1JVht3xpUPwq/BhPFAwbZV?=
X-Forefront-Antispam-Report:
	CIP:66.129.239.15;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:p-exchfe-eqx-02.jnpr.net;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(1800799024)(376014)(36860700013);DIR:OUT;SFP:1102;
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Jun 2025 04:52:29.3581
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: a87702a0-ddbe-48f6-2df7-08dda25a71ae
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4;Ip=[66.129.239.15];Helo=[p-exchfe-eqx-02.jnpr.net]
X-MS-Exchange-CrossTenant-AuthSource:
	DS3PEPF000099D6.namprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR05MB9524
X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwNjAzMDAzOSBTYWx0ZWRfX4GfwrhYlyGev
 HPoXZ+GxuSNdgF2IT3Hmy+nCtz3mYFWzpY69/4+2Egu01Dr1hVou9IoYa8CBMtlsSBFdasM+O6g
 c0lgz9p2H3HGc57FBe66fH58Uo51cugxuWUt05Dkh/sLsnaI4sTlzaBbqM7YrUwdSZmz2u6kn63
 yde9dvT/pHpV2tMXZJkHGJ5wiD66RYdnatF920VQoGuOZeGigd5h3k3A++3DRmwr3Q6/uSRjS8B
 /YiM5UFGhhNRQvGT4+3eZ5vDlTCocws/pkm3YCWKaWHv6Ne6mou6E/zhls1xs9v0M0o00OPSkCi
 K12xZ4dDQeKc8N3GbmVoBBdDiT4Er0nWkVkJyIflM2/oq93nLYneH0JrQLBhRPZUmVIUvJBt2jy
 mu6TAq4qGigcg91RJVD8qFoJ2jOP7ug2pui3BmwicHdHZQZD7M4SA7X4moyiNSzMGDG8XLW7
X-Authority-Analysis: v=2.4 cv=T4WMT+KQ c=1 sm=1 tr=0 ts=683e7f91 cx=c_pps
 a=XzbKjAwluEe2BiTfzbY/Fg==:117 a=YQU41r7WENJiSYrYYNJVsQ==:17
 a=6eWqkTHjU83fiwn7nKZWdM+Sl24=:19 a=h8e1o3o8w34MuCiiGQrqVE4VwXA=:19
 a=wKuvFiaSGQ0qltdbU6+NXLB8nM8=:19 a=Ol13hO9ccFRV9qXi2t6ftBPywas=:19
 a=kj9zAlcOel0A:10 a=6IFa9wvqVegA:10 a=s63m1ICgrNkA:10 a=rhJc5-LppCAA:10
 a=6I5d2MoRAAAA:8 a=oCoyOCdvH2_wyBxJuYwA:9 a=CjuIK1q_8ugA:10 a=ZXulRonScM0A:10
X-Proofpoint-GUID: x0iyNGgW5jQ125Dog0qV1ULuB37YnlVi
X-Proofpoint-ORIG-GUID: x0iyNGgW5jQ125Dog0qV1ULuB37YnlVi
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.293,Aquarius:18.0.1099,Hydra:6.0.736,FMLib:17.12.80.40
 definitions=2025-06-03_01,2025-06-02_01,2025-03-28_01
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam
 score=0 bulkscore=0 impostorscore=0 malwarescore=0 adultscore=0 spamscore=0
 phishscore=0 lowpriorityscore=0 priorityscore=1501 suspectscore=0
 clxscore=1015 mlxlogscore=890 mlxscore=0 classifier=spam authscore=0
 authtc=n/a authcc= route=outbound adjust=0 reason=mlx scancount=1
 engine=8.19.0-2505280000 definitions=main-2506030039
X-Rspamd-Queue-Id: 4bBJH62WpKz4MfD
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:22843, ipnet:67.231.152.0/24, country:US]

Kyle Evans <kevans@FreeBSD.org> wrote:
> >      loader: allow for exceptions to restricted settings.
> >
> >      We restrict what an unverified loader.conf etc can set,
> >      and the same restrictions are applied to interactive input.
> >      We need to allow for exceptions (eg boot_verbose).
> >      It is best if any allowed settings match up to '='.
> >
> >      If we do not allow it to be set, do not allow it to be unset
> >
> >      Reviewed by:    stevek
> >      Sponsored by:   Juniper Networks, Inc.
> > ---
> Long-term, we should probably work out something that can work for
> lualoader, too.  We use setenv() there directly rather than adding a
> layer of indirection through the command-line parser.

Ideally this sort of list should be configurable via a .4th or .lua
file (verified of course ;-)

But if you use setenv directly - that would have to be where the
restrictions are implemented?  Indirection can solve many problems.