summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarek Vasut <marex@denx.de>2020-07-07 20:51:38 +0200
committerTom Rini <trini@konsulko.com>2020-07-31 10:13:00 -0400
commit47f3b1f243acfe755340753c5d467ba781618fa6 (patch)
tree472b24b571e8a94bcafddb581f8b5f6e8bad1269
parent890feecaab72a630eac3344443e053173f4ad02f (diff)
downloadu-boot-47f3b1f243acfe755340753c5d467ba781618fa6.tar.gz
env: Add option to only ever append environment
Add configuration option which prevents the environment hash table to be ever cleared and reloaded with different content. This is useful in case the first environment loaded into the hash table contains e.g. sensitive content which must not be dropped or reloaded. Signed-off-by: Marek Vasut <marex@denx.de> Reviewed-by: Tom Rini <trini@konsulko.com>
-rw-r--r--env/Kconfig9
-rw-r--r--env/env.c2
-rw-r--r--lib/hashtable.c4
3 files changed, 15 insertions, 0 deletions
diff --git a/env/Kconfig b/env/Kconfig
index dcc525d4ed..1cae1edf6a 100644
--- a/env/Kconfig
+++ b/env/Kconfig
@@ -614,6 +614,15 @@ config DELAY_ENVIRONMENT
later by U-Boot code. With CONFIG_OF_CONTROL this is instead
controlled by the value of /config/load-environment.
+config ENV_APPEND
+ bool "Always append the environment with new data"
+ default n
+ help
+ If defined, the environment hash table is only ever appended with new
+ data, but the existing hash table can never be dropped and reloaded
+ with newly imported data. This may be used in combination with static
+ flags to e.g. to protect variables which must not be modified.
+
config ENV_ACCESS_IGNORE_FORCE
bool "Block forced environment operations"
default n
diff --git a/env/env.c b/env/env.c
index 2af2fae23c..42c7d8155e 100644
--- a/env/env.c
+++ b/env/env.c
@@ -201,7 +201,9 @@ int env_load(void)
printf("OK\n");
gd->env_load_prio = prio;
+#if !CONFIG_IS_ENABLED(ENV_APPEND)
return 0;
+#endif
} else if (ret == -ENOMSG) {
/* Handle "bad CRC" case */
if (best_prio == -1)
diff --git a/lib/hashtable.c b/lib/hashtable.c
index 7b6781bc35..ef834badc5 100644
--- a/lib/hashtable.c
+++ b/lib/hashtable.c
@@ -826,6 +826,10 @@ int himport_r(struct hsearch_data *htab,
if (nvars)
memcpy(localvars, vars, sizeof(vars[0]) * nvars);
+#if CONFIG_IS_ENABLED(ENV_APPEND)
+ flag |= H_NOCLEAR;
+#endif
+
if ((flag & H_NOCLEAR) == 0 && !nvars) {
/* Destroy old hash table if one exists */
debug("Destroy Hash Table: %p table = %p\n", htab,