[U-Boot] [PATCH] omap5: Allow use of a plain text env file
For production systems it is better to use script images since they are protected by checksums and carry valuable information like name and timestamp. Also, you can't validate the content passed to env import.
But for development, it is easier to use the env import command and plain text files instead of script-images.
Since both OMAP5evm/uevm boards are used primarily for development, we allow U-Boot to load env var from a text file in case that an boot.scr script-image is not present.
The variable uenvcmd (if existent) will be executed (using run) after uEnv.txt was loaded. If uenvcmd doesn't exist the default boot sequence will be started.
Inspired by commit: d70f54808dfa83b574e1239c3eccbcf3317343e1 (omap4: allow the use of a plain text env file instead boot scripts)
Signed-off-by: Nishanth Menon nm@ti.com --- include/configs/omap5_common.h | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/include/configs/omap5_common.h b/include/configs/omap5_common.h index af97564..3174423 100644 --- a/include/configs/omap5_common.h +++ b/include/configs/omap5_common.h @@ -155,6 +155,9 @@ "loadbootscript=fatload mmc ${mmcdev} ${loadaddr} boot.scr\0" \ "bootscript=echo Running bootscript from mmc${mmcdev} ...; " \ "source ${loadaddr}\0" \ + "loadbootenv=fatload mmc ${mmcdev} ${loadaddr} uEnv.txt\0" \ + "importbootenv=echo Importing environment from mmc${mmcdev} ...; " \ + "env import -t ${loadaddr} ${filesize}\0" \ "loaduimage=fatload mmc ${mmcdev} ${loadaddr} uImage\0" \ "mmcboot=echo Booting from mmc${mmcdev} ...; " \ "run mmcargs; " \ @@ -165,9 +168,16 @@ "if run loadbootscript; then " \ "run bootscript; " \ "else " \ - "if run loaduimage; then " \ - "run mmcboot; " \ - "fi; " \ + "if run loadbootenv; then " \ + "run importbootenv; " \ + "fi;" \ + "if test -n ${uenvcmd}; then " \ + "echo Running uenvcmd ...;" \ + "run uenvcmd;" \ + "fi;" \ + "fi;" \ + "if run loaduimage; then " \ + "run mmcboot; " \ "fi; " \ "fi"
Dear Nishanth Menon,
In message 1363992223-1628-1-git-send-email-nm@ti.com you wrote:
For production systems it is better to use script images since they are protected by checksums and carry valuable information like name and timestamp. Also, you can't validate the content passed to env import.
But for development, it is easier to use the env import command and plain text files instead of script-images.
Be careful here. There are some subtle, but important differences.
With a script image, you are basically running standard commands, which includes certain tests and limitations. With "env import", you are just importing a set of environment settings, without further tests for permissions, etc.
For example, think if data like your MAC address or board serial number are important to you, or if you are willing to have any user overwrite these with arbitrary data.
Best regards,
Wolfgang Denk
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03/22/2013 08:23 PM, Wolfgang Denk wrote:
Dear Nishanth Menon,
In message 1363992223-1628-1-git-send-email-nm@ti.com you wrote:
For production systems it is better to use script images since they are protected by checksums and carry valuable information like name and timestamp. Also, you can't validate the content passed to env import.
But for development, it is easier to use the env import command and plain text files instead of script-images.
Be careful here. There are some subtle, but important differences.
With a script image, you are basically running standard commands, which includes certain tests and limitations. With "env import", you are just importing a set of environment settings, without further tests for permissions, etc.
For example, think if data like your MAC address or board serial number are important to you, or if you are willing to have any user overwrite these with arbitrary data.
Right. What I really want to see happen, and hope to find some time to play with, is moving this almost identical in 3+ boards BOOTCOMMAND into something that can be included and is commented enough to make such risks clear. For all of these development platforms that ship with example filesystems with no-password remote ssh root login, it's just another secure-me spot, but indeed, there is a risk of leakage into production systems if such things aren't clear. This came from the beagle boards where it's really useful for a developer-focused board (edit a plain text file, and have things just update and work? yay).
- -- Tom
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03/22/2013 06:43 PM, Nishanth Menon wrote:
For production systems it is better to use script images since they are protected by checksums and carry valuable information like name and timestamp. Also, you can't validate the content passed to env import.
But for development, it is easier to use the env import command and plain text files instead of script-images.
Since both OMAP5evm/uevm boards are used primarily for development, we allow U-Boot to load env var from a text file in case that an boot.scr script-image is not present.
The variable uenvcmd (if existent) will be executed (using run) after uEnv.txt was loaded. If uenvcmd doesn't exist the default boot sequence will be started.
Inspired by commit: d70f54808dfa83b574e1239c3eccbcf3317343e1 (omap4: allow the use of a plain text env file instead boot scripts)
Signed-off-by: Nishanth Menon nm@ti.com
OK, Sricharan is also working on something like this, with a few other changes as well (Use zImage, load fdt). I suspect we'll be taking that in.
- -- Tom
On 03/22/2013 08:03 PM, Tom Rini wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03/22/2013 06:43 PM, Nishanth Menon wrote:
For production systems it is better to use script images since they are protected by checksums and carry valuable information like name and timestamp. Also, you can't validate the content passed to env import.
But for development, it is easier to use the env import command and plain text files instead of script-images.
Since both OMAP5evm/uevm boards are used primarily for development, we allow U-Boot to load env var from a text file in case that an boot.scr script-image is not present.
The variable uenvcmd (if existent) will be executed (using run) after uEnv.txt was loaded. If uenvcmd doesn't exist the default boot sequence will be started.
Inspired by commit: d70f54808dfa83b574e1239c3eccbcf3317343e1 (omap4: allow the use of a plain text env file instead boot scripts)
Signed-off-by: Nishanth Menon nm@ti.com
OK, Sricharan is also working on something like this, with a few other changes as well (Use zImage, load fdt). I suspect we'll be taking that in.
is there a patch posted in u-boot list? or at least an ETA when we might be able to see such a patch? Regards, Nishanth Menon
Hi Nishanth,
On Saturday 23 March 2013 08:57 PM, Nishanth Menon wrote:
On 03/22/2013 08:03 PM, Tom Rini wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03/22/2013 06:43 PM, Nishanth Menon wrote:
For production systems it is better to use script images since they are protected by checksums and carry valuable information like name and timestamp. Also, you can't validate the content passed to env import.
But for development, it is easier to use the env import command and plain text files instead of script-images.
Since both OMAP5evm/uevm boards are used primarily for development, we allow U-Boot to load env var from a text file in case that an boot.scr script-image is not present.
The variable uenvcmd (if existent) will be executed (using run) after uEnv.txt was loaded. If uenvcmd doesn't exist the default boot sequence will be started.
Inspired by commit: d70f54808dfa83b574e1239c3eccbcf3317343e1 (omap4: allow the use of a plain text env file instead boot scripts)
Signed-off-by: Nishanth Menon nm@ti.com
OK, Sricharan is also working on something like this, with a few other changes as well (Use zImage, load fdt). I suspect we'll be taking that in.
is there a patch posted in u-boot list? or at least an ETA when we might be able to see such a patch? Regards, Nishanth Menon
I added this in the series.
http://www.mail-archive.com/u-boot@lists.denx.de/msg109030.html
Regards, Sricharan
On 03/23/2013 11:20 PM, Sricharan R wrote:
Hi Nishanth,
On Saturday 23 March 2013 08:57 PM, Nishanth Menon wrote:
On 03/22/2013 08:03 PM, Tom Rini wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03/22/2013 06:43 PM, Nishanth Menon wrote:
For production systems it is better to use script images since they are protected by checksums and carry valuable information like name and timestamp. Also, you can't validate the content passed to env import.
But for development, it is easier to use the env import command and plain text files instead of script-images.
Since both OMAP5evm/uevm boards are used primarily for development, we allow U-Boot to load env var from a text file in case that an boot.scr script-image is not present.
The variable uenvcmd (if existent) will be executed (using run) after uEnv.txt was loaded. If uenvcmd doesn't exist the default boot sequence will be started.
Inspired by commit: d70f54808dfa83b574e1239c3eccbcf3317343e1 (omap4: allow the use of a plain text env file instead boot scripts)
Signed-off-by: Nishanth Menon nm@ti.com
OK, Sricharan is also working on something like this, with a few other changes as well (Use zImage, load fdt). I suspect we'll be taking that in.
is there a patch posted in u-boot list? or at least an ETA when we might be able to see such a patch? Regards, Nishanth Menon
I added this in the series.
http://www.mail-archive.com/u-boot@lists.denx.de/msg109030.html
thanks. Regards, Nishanth Menon
On Monday 25 March 2013 08:09 AM, Nishanth Menon wrote:
On 03/23/2013 11:20 PM, Sricharan R wrote:
Hi Nishanth,
On Saturday 23 March 2013 08:57 PM, Nishanth Menon wrote:
On 03/22/2013 08:03 PM, Tom Rini wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03/22/2013 06:43 PM, Nishanth Menon wrote:
For production systems it is better to use script images since they are protected by checksums and carry valuable information like name and timestamp. Also, you can't validate the content passed to env import.
But for development, it is easier to use the env import command and plain text files instead of script-images.
Since both OMAP5evm/uevm boards are used primarily for development, we allow U-Boot to load env var from a text file in case that an boot.scr script-image is not present.
The variable uenvcmd (if existent) will be executed (using run) after uEnv.txt was loaded. If uenvcmd doesn't exist the default boot sequence will be started.
Inspired by commit: d70f54808dfa83b574e1239c3eccbcf3317343e1 (omap4: allow the use of a plain text env file instead boot scripts)
Signed-off-by: Nishanth Menon nm@ti.com In fac
OK, Sricharan is also working on something like this, with a few other changes as well (Use zImage, load fdt). I suspect we'll be taking that in.
is there a patch posted in u-boot list? or at least an ETA when we might be able to see such a patch? Regards, Nishanth Menon
I added this in the series.
http://www.mail-archive.com/u-boot@lists.denx.de/msg109030.htmlthanks. Regards, Nishanth Menon
In fact i added my version of this patch. Same functional change. I will add your patch instead of mine, given that you posted before mine.
Regards, Sricharan
participants (5)
-
Nishanth Menon -
Nishanth Menon -
Sricharan R -
Tom Rini -
Wolfgang Denk