On Wed, Jun 03, 2020 at 02:01:11AM +0200, Marek Vasut wrote:
This option marks any U-Boot variable which does not have explicit 'w' writeable flag set as read-only. This way the environment can be locked down and only variables explicitly configured to be writeable can ever be changed by either 'env import', 'env set' or loading user environment from environment storage.
Signed-off-by: Marek Vasut marex@denx.de
[snip]
static const char env_flags_vartype_rep[] = "sdxb" ENV_FLAGS_NET_VARTYPE_REPS; -static const char env_flags_varaccess_rep[] = "aroc"; +static const char env_flags_varaccess_rep[] =
- "aroc" ENV_FLAGS_WRITEABLE_VARACCESS_REPS;
nit: I think this is an example of why going a tiny bit past 80 chars wide improves readability. If inclined and someone else asks for a v2, go ahead.
I think all of the code itself is fine, but it's complex enough in a complex area I'm not adding my own Reviewed-by.
What I would ask for is to add some tests to test/py/tests/test_env.py for what we can test for. Thanks!