Re: [PATCH v1 11/11] siemens: capricorn: protect environment

public inbox for u-boot@lists.denx.de
 help / color / mirror / Atom feed

From: Peng Fan <peng.fan@oss.nxp.com>
To: Heiko Schocher <hs@nabladev.com>
Cc: U-Boot Mailing List <u-boot@lists.denx.de>,
	Fabio Estevam <festevam@gmail.com>,
	Adrian Freihofer <adrian.freihofer@siemens.com>,
	Alexander Sverdlin <alexander.sverdlin@siemens.com>,
	Marek Vasut <marek.vasut+renesas@mailbox.org>,
	Simon Glass <sjg@chromium.org>, Tom Rini <trini@konsulko.com>,
	Walter Schweizer <walter.schweizer@siemens.com>
Subject: Re: [PATCH v1 11/11] siemens: capricorn: protect environment
Date: Mon, 26 Jan 2026 09:24:41 +0800	[thread overview]
Message-ID: <aXbCWebLaRhqWr16@shlinux89> (raw)
In-Reply-To: <20260124055452.8799-12-hs@nabladev.com>

On Sat, Jan 24, 2026 at 06:54:52AM +0100, Heiko Schocher wrote:
>From: Adrian Freihofer <adrian.freihofer@siemens.com>
>
>With ENV_WRITEABLE_LIST only specific environment variables lisetd in
>CFG_ENV_FLAGS_LIST_STATIC are read from the u-boot environment storage.
>All other environment variables are set to default values and are not
>written back to the storage.
>
>The u-boot environment usually stays for the lifetime of the product.
>There is no A/B copy mechanism as for the firmware itself. That means
>that incompatible changes to environment variables in future u-boot
>versions may lead to serious issues if the old environment is used with
>a new u-boot version or vice versa.
>
>Having this protection in place ensures that only a limited set of
>environment variables are persisted across u-boot versions. All the
>macros not listed in CFG_ENV_FLAGS_LIST_STATIC are now part of the
>u-boot binary which is redundant and immutable. This guarantees that
>the u-boot version and the default values of these environment variables
>are always in sync and cannot be changed at runtime.
>
>ustate and rastate are not relevant for u-boot itself. ustate is used
>by swupdate which persists the transaction state in the environment.
>rastate is a similar variable used by another user space application.
>
>Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
>Signed-off-by: Heiko Schocher <hs@nabladev.com>

Reviewed-by: Peng Fan <peng.fan@nxp.com>

     prev parent reply	other threads:[~2026-01-26  1:24 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-01-24  5:54 [PATCH v1 00/11] imx8qxp: siemens: small board updates Heiko Schocher
2026-01-24  5:54 ` [PATCH v1 01/11] arm: dts: capricorn: pinctrl_usdhc1 cleanup Heiko Schocher
2026-01-26  1:12   ` Peng Fan
2026-01-24  5:54 ` [PATCH v1 02/11] siemens: capricorn: set max-frequency for usdhc1 Heiko Schocher
2026-01-26  1:14   ` Peng Fan
2026-01-24  5:54 ` [PATCH v1 03/11] arm: dts: capricorn: remove pinctrl_usdhc2 Heiko Schocher
2026-01-26  1:15   ` Peng Fan
2026-01-24  5:54 ` [PATCH v1 04/11] arm: dts: capricorn: move fec2 config Heiko Schocher
2026-01-26  1:18   ` Peng Fan
2026-01-24  5:54 ` [PATCH v1 05/11] imx8qxp_capricorn config: add wget command Heiko Schocher
2026-01-26  1:17   ` Peng Fan
2026-01-24  5:54 ` [PATCH v1 06/11] capricorn: config: add bootcounter command Heiko Schocher
2026-01-26  1:22   ` Peng Fan
2026-01-26  5:20     ` Heiko Schocher
2026-01-24  5:54 ` [PATCH v1 07/11] siemens: capricorn: add logic to U-Boot to avoid zig-zag boot Heiko Schocher
2026-01-26  1:29   ` Peng Fan
2026-01-26  5:30     ` Heiko Schocher
2026-01-24  5:54 ` [PATCH v1 08/11] siemens: capricorn: always detect emmc device Heiko Schocher
2026-01-26  1:18   ` Peng Fan
2026-01-24  5:54 ` [PATCH v1 09/11] siemens: capricorn: fix fallback bootm call for fitImage Heiko Schocher
2026-01-26  1:31   ` Peng Fan
2026-01-24  5:54 ` [PATCH v1 10/11] siemens: capricorn: rework bootcmd environment variables Heiko Schocher
2026-01-26  1:32   ` Peng Fan
2026-01-24  5:54 ` [PATCH v1 11/11] siemens: capricorn: protect environment Heiko Schocher
2026-01-26  1:24   ` Peng Fan [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=aXbCWebLaRhqWr16@shlinux89 \
    --to=peng.fan@oss.nxp.com \
    --cc=adrian.freihofer@siemens.com \
    --cc=alexander.sverdlin@siemens.com \
    --cc=festevam@gmail.com \
    --cc=hs@nabladev.com \
    --cc=marek.vasut+renesas@mailbox.org \
    --cc=sjg@chromium.org \
    --cc=trini@konsulko.com \
    --cc=u-boot@lists.denx.de \
    --cc=walter.schweizer@siemens.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox