Hi everybody!
I'm wondering what the correct / official way of setting a "read-only"
environment variable is.
It's simple enough to declare some #define CONFIG_ENV_FLAGS_LIST_STATIC
"myvar:sr" to begin with, but this backfires - i.e. prevents write
access - as soon as I try to set a value programmatically via setenv()
(from within U-Boot code). A workaround is to use the "write-once" flag
instead, but this leaves an undesired loop-hole in case "myvar" is
supposed to remain empty/unset - where "write-once" would still allow
the user to set a value interactively.
U-Boot already has a clear distinction between programmatic access via
setenv(), resulting in _do_env_set(..., H_PROGRAMMATIC), and user
interaction (from U-Boot prompt or scripts) ending up as
_do_env_set(..., H_INTERACTIVE). Looking at env_flags_validate() in
env_flags.c I notice that it handles H_FORCE, but doesn't make any use
of H_PROGRAMMATIC.
The second (and more basic) question therefore is: Is programmatic
access from within U-Boot via setenv() supposed to always respect the
flags of variables (when even the user might possibly circumvent them
with "setenv -f" resulting in H_FORCE), or might it be more sensible to
allow all 'internal' setenv() access, disregarding any flags (treating
H_PROGRAMMATIC as "always force")? I'm aware that changing this
behaviour might have broad consequences.
The use case I have in mind is "locking down" (user) access to the fel_*
variables used by sunxi - see
http://git.denx.de/?p=u-boot.git;a=blob;f=board/sunxi/board.c;h=2d5335f9531c27da59b8b4f9311ccf2a0199859a;hb=HEAD#l568
. The questions/discussion in
http://lists.denx.de/pipermail/u-boot/2015-September/227611.html might
also be relevant.
Regards, B. Nortmann
_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
http://lists.denx.de/mailman/listinfo/u-boot
