From patchwork Wed May 6 17:38:42 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ovidiu Panait X-Patchwork-Id: 245207 List-Id: U-Boot discussion From: ovidiu.panait at windriver.com (Ovidiu Panait) Date: Wed, 6 May 2020 20:38:42 +0300 Subject: [PATCH 1/6] env: Convert CONFIG_DELAY_ENVIRONMENT to Kconfig Message-ID: <20200506173847.35635-1-ovidiu.panait@windriver.com> This converts ad-hoc CONFIG_DELAY_ENVIRONMENT to Kconfig. Signed-off-by: Ovidiu Panait --- env/Kconfig | 12 ++++++++++++ scripts/config_whitelist.txt | 1 - 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/env/Kconfig b/env/Kconfig index af63ac52f7..ed94e83ec1 100644 --- a/env/Kconfig +++ b/env/Kconfig @@ -592,6 +592,18 @@ config ENV_VARS_UBOOT_RUNTIME_CONFIG run-time determined information about the hardware to the environment. These will be named board_name, board_rev. +config DELAY_ENVIRONMENT + bool "Delay environment loading" + depends on !OF_CONTROL + help + Enable this to inhibit loading the environment during board + initialization. This can address the security risk of untrusted data + being used during boot. Normally the environment is loaded when the + board is initialised so that it is available to U-Boot. This inhibits + that so that the environment is not available until explicitly loaded + later by U-Boot code. With CONFIG_OF_CONTROL this is instead + controlled by the value of /config/load-environment. + if SPL_ENV_SUPPORT config SPL_ENV_IS_NOWHERE bool "SPL Environment is not stored" diff --git a/scripts/config_whitelist.txt b/scripts/config_whitelist.txt index 19c9218060..bc086363ca 100644 --- a/scripts/config_whitelist.txt +++ b/scripts/config_whitelist.txt @@ -306,7 +306,6 @@ CONFIG_DEFAULT CONFIG_DEFAULT_CONSOLE CONFIG_DEFAULT_IMMR CONFIG_DEF_HWCONFIG -CONFIG_DELAY_ENVIRONMENT CONFIG_DESIGNWARE_ETH CONFIG_DEVELOP CONFIG_DEVICE_TREE_LIST