From owner-svn-src-all@freebsd.org Tue Feb 5 15:34:56 2019 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 72EA814BD262; Tue, 5 Feb 2019 15:34:56 +0000 (UTC) (envelope-from bde@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0C3D18038B; Tue, 5 Feb 2019 15:34:56 +0000 (UTC) (envelope-from bde@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D7C951FE22; Tue, 5 Feb 2019 15:34:55 +0000 (UTC) (envelope-from bde@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x15FYtE3066606; Tue, 5 Feb 2019 15:34:55 GMT (envelope-from bde@FreeBSD.org) Received: (from bde@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x15FYtZU066605; Tue, 5 Feb 2019 15:34:55 GMT (envelope-from bde@FreeBSD.org) Message-Id: <201902051534.x15FYtZU066605@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: bde set sender to bde@FreeBSD.org using -f From: Bruce Evans Date: Tue, 5 Feb 2019 15:34:55 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r343777 - head/sys/kern X-SVN-Group: head X-SVN-Commit-Author: bde X-SVN-Commit-Paths: head/sys/kern X-SVN-Commit-Revision: 343777 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 0C3D18038B X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.98 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.98)[-0.984,0]; NEURAL_HAM_LONG(-1.00)[-0.999,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Feb 2019 15:34:56 -0000 Author: bde Date: Tue Feb 5 15:34:55 2019 New Revision: 343777 URL: https://svnweb.freebsd.org/changeset/base/343777 Log: Fix zapping of static hints and env in init_static_kenv(). Environments are terminated by 2 NULs, but only 1 NUL was zapped. Zapping only 1 NUL just splits the first string into an empty string and a corrupted string. All other strings in static hints and env remained live early in the boot when they were supposed to be disabled. Support calling init_static_kenv() very early in the boot, so as to use the env very early in the boot. Then the pointer to the loader env may change after the first call due to enabling paging or otherwise remapping the pointer. Another call is needed to register the change. Don't use the previous pointer in this (or any) later call. Reviewed by: kib Modified: head/sys/kern/kern_environment.c Modified: head/sys/kern/kern_environment.c ============================================================================== --- head/sys/kern/kern_environment.c Tue Feb 5 15:05:22 2019 (r343776) +++ head/sys/kern/kern_environment.c Tue Feb 5 15:34:55 2019 (r343777) @@ -250,7 +250,24 @@ init_static_kenv(char *buf, size_t len) char *eval; KASSERT(!dynamic_kenv, ("kenv: dynamic_kenv already initialized")); + /* + * We may be called twice, with the second call needed to relocate + * md_envp after enabling paging. md_envp is then garbage if it is + * not null and the relocation will move it. Discard it so as to + * not crash using its old value in our first call to kern_getenv(). + * + * The second call gives the same environment as the first except + * in silly configurations where the static env disables itself. + * + * Other env calls don't handle possibly-garbage pointers, so must + * not be made between enabling paging and calling here. + */ + md_envp = NULL; + md_env_len = 0; + md_env_pos = 0; + + /* * Give the static environment a chance to disable the loader(8) * environment first. This is done with loader_env.disabled=1. * @@ -275,12 +292,16 @@ init_static_kenv(char *buf, size_t len) md_env_pos = 0; eval = kern_getenv("static_env.disabled"); - if (eval != NULL && strcmp(eval, "1") == 0) - *kern_envp = '\0'; + if (eval != NULL && strcmp(eval, "1") == 0) { + kern_envp[0] = '\0'; + kern_envp[1] = '\0'; + } } eval = kern_getenv("static_hints.disabled"); - if (eval != NULL && strcmp(eval, "1") == 0) - *static_hints = '\0'; + if (eval != NULL && strcmp(eval, "1") == 0) { + static_hints[0] = '\0'; + static_hints[1] = '\0'; + } } static void