From: Peng Fan <peng.fan@oss.nxp.com>
To: Heiko Schocher <hs@nabladev.com>
Cc: U-Boot Mailing List <u-boot@lists.denx.de>,
Fabio Estevam <festevam@gmail.com>,
Adrian Freihofer <adrian.freihofer@siemens.com>,
Alexander Sverdlin <alexander.sverdlin@siemens.com>,
Marek Vasut <marek.vasut+renesas@mailbox.org>,
Simon Glass <sjg@chromium.org>, Tom Rini <trini@konsulko.com>,
Walter Schweizer <walter.schweizer@siemens.com>
Subject: Re: [PATCH v1 11/11] siemens: capricorn: protect environment
Date: Mon, 26 Jan 2026 09:24:41 +0800 [thread overview]
Message-ID: <aXbCWebLaRhqWr16@shlinux89> (raw)
In-Reply-To: <20260124055452.8799-12-hs@nabladev.com>
On Sat, Jan 24, 2026 at 06:54:52AM +0100, Heiko Schocher wrote:
>From: Adrian Freihofer <adrian.freihofer@siemens.com>
>
>With ENV_WRITEABLE_LIST only specific environment variables lisetd in
>CFG_ENV_FLAGS_LIST_STATIC are read from the u-boot environment storage.
>All other environment variables are set to default values and are not
>written back to the storage.
>
>The u-boot environment usually stays for the lifetime of the product.
>There is no A/B copy mechanism as for the firmware itself. That means
>that incompatible changes to environment variables in future u-boot
>versions may lead to serious issues if the old environment is used with
>a new u-boot version or vice versa.
>
>Having this protection in place ensures that only a limited set of
>environment variables are persisted across u-boot versions. All the
>macros not listed in CFG_ENV_FLAGS_LIST_STATIC are now part of the
>u-boot binary which is redundant and immutable. This guarantees that
>the u-boot version and the default values of these environment variables
>are always in sync and cannot be changed at runtime.
>
>ustate and rastate are not relevant for u-boot itself. ustate is used
>by swupdate which persists the transaction state in the environment.
>rastate is a similar variable used by another user space application.
>
>Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
>Signed-off-by: Heiko Schocher <hs@nabladev.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
prev parent reply other threads:[~2026-01-26 1:24 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-24 5:54 [PATCH v1 00/11] imx8qxp: siemens: small board updates Heiko Schocher
2026-01-24 5:54 ` [PATCH v1 01/11] arm: dts: capricorn: pinctrl_usdhc1 cleanup Heiko Schocher
2026-01-26 1:12 ` Peng Fan
2026-01-24 5:54 ` [PATCH v1 02/11] siemens: capricorn: set max-frequency for usdhc1 Heiko Schocher
2026-01-26 1:14 ` Peng Fan
2026-01-24 5:54 ` [PATCH v1 03/11] arm: dts: capricorn: remove pinctrl_usdhc2 Heiko Schocher
2026-01-26 1:15 ` Peng Fan
2026-01-24 5:54 ` [PATCH v1 04/11] arm: dts: capricorn: move fec2 config Heiko Schocher
2026-01-26 1:18 ` Peng Fan
2026-01-24 5:54 ` [PATCH v1 05/11] imx8qxp_capricorn config: add wget command Heiko Schocher
2026-01-26 1:17 ` Peng Fan
2026-01-24 5:54 ` [PATCH v1 06/11] capricorn: config: add bootcounter command Heiko Schocher
2026-01-26 1:22 ` Peng Fan
2026-01-26 5:20 ` Heiko Schocher
2026-01-24 5:54 ` [PATCH v1 07/11] siemens: capricorn: add logic to U-Boot to avoid zig-zag boot Heiko Schocher
2026-01-26 1:29 ` Peng Fan
2026-01-26 5:30 ` Heiko Schocher
2026-01-24 5:54 ` [PATCH v1 08/11] siemens: capricorn: always detect emmc device Heiko Schocher
2026-01-26 1:18 ` Peng Fan
2026-01-24 5:54 ` [PATCH v1 09/11] siemens: capricorn: fix fallback bootm call for fitImage Heiko Schocher
2026-01-26 1:31 ` Peng Fan
2026-01-24 5:54 ` [PATCH v1 10/11] siemens: capricorn: rework bootcmd environment variables Heiko Schocher
2026-01-26 1:32 ` Peng Fan
2026-01-24 5:54 ` [PATCH v1 11/11] siemens: capricorn: protect environment Heiko Schocher
2026-01-26 1:24 ` Peng Fan [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aXbCWebLaRhqWr16@shlinux89 \
--to=peng.fan@oss.nxp.com \
--cc=adrian.freihofer@siemens.com \
--cc=alexander.sverdlin@siemens.com \
--cc=festevam@gmail.com \
--cc=hs@nabladev.com \
--cc=marek.vasut+renesas@mailbox.org \
--cc=sjg@chromium.org \
--cc=trini@konsulko.com \
--cc=u-boot@lists.denx.de \
--cc=walter.schweizer@siemens.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.