[1/6] env: Convert CONFIG_DELAY_ENVIRONMENT to Kconfig

Message ID	20200506173847.35635-1-ovidiu.panait@windriver.com
State	Accepted
Commit	b8879f207405ff55c91bc1ad68ea9245c1fd168c
Headers	show List-Id: U-Boot discussion <u-boot.lists.denx.de> From: ovidiu.panait at windriver.com (Ovidiu Panait) Date: Wed, 6 May 2020 20:38:42 +0300 Subject: [PATCH 1/6] env: Convert CONFIG_DELAY_ENVIRONMENT to Kconfig Message-ID: <20200506173847.35635-1-ovidiu.panait@windriver.com>
Series	[1/6] env: Convert CONFIG_DELAY_ENVIRONMENT to Kconfig \| expand [1/6] env: Convert CONFIG_DELAY_ENVIRONMENT to Kconfig [2/6] board_r: env: Use IS_ENABLED() instead of #ifdefs [3/6] board_r: Introduce CONFIG_PCI_INIT_R Kconfig option [4/6] qemu_arm64_defconfig: Enable CONFIG_PCI_INIT_R [5/6] qemu_arm_defconfig: Enable CONFIG_PCI_INIT_R [6/6] qemu-x86*_defconfig: Enable CONFIG_PCI_INIT_R

Message ID

20200506173847.35635-1-ovidiu.panait@windriver.com

State

Accepted

Commit

b8879f207405ff55c91bc1ad68ea9245c1fd168c

Headers

List-Id: U-Boot discussion <u-boot.lists.denx.de>
From: ovidiu.panait at windriver.com (Ovidiu Panait)
Date: Wed, 6 May 2020 20:38:42 +0300
Subject: [PATCH 1/6] env: Convert CONFIG_DELAY_ENVIRONMENT to Kconfig
Message-ID: <20200506173847.35635-1-ovidiu.panait@windriver.com>

Series

[1/6] env: Convert CONFIG_DELAY_ENVIRONMENT to Kconfig | expand

Commit Message

Ovidiu Panait May 6, 2020, 5:38 p.m. UTC

This converts ad-hoc CONFIG_DELAY_ENVIRONMENT to Kconfig.

Signed-off-by: Ovidiu Panait <ovidiu.panait at windriver.com>
---
 env/Kconfig                  | 12 ++++++++++++
 scripts/config_whitelist.txt |  1 -
 2 files changed, 12 insertions(+), 1 deletion(-)

Comments

Tom Rini May 16, 2020, 1:45 a.m. UTC | #1

On Wed, May 06, 2020 at 08:38:42PM +0300, Ovidiu Panait wrote:

> This converts ad-hoc CONFIG_DELAY_ENVIRONMENT to Kconfig.
> 
> Signed-off-by: Ovidiu Panait <ovidiu.panait at windriver.com>

Applied to u-boot/master, thanks!

diff --git a/env/Kconfig b/env/Kconfig
index af63ac52f7..ed94e83ec1 100644
--- a/env/Kconfig
+++ b/env/Kconfig
@@ -592,6 +592,18 @@  config ENV_VARS_UBOOT_RUNTIME_CONFIG
 	  run-time determined information about the hardware to the
 	  environment.  These will be named board_name, board_rev.
 
+config DELAY_ENVIRONMENT
+	bool "Delay environment loading"
+	depends on !OF_CONTROL
+	help
+	  Enable this to inhibit loading the environment during board
+	  initialization. This can address the security risk of untrusted data
+	  being used during boot. Normally the environment is loaded when the
+	  board is initialised so that it is available to U-Boot. This inhibits
+	  that so that the environment is not available until explicitly loaded
+	  later by U-Boot code. With CONFIG_OF_CONTROL this is instead
+	  controlled by the value of /config/load-environment.
+
 if SPL_ENV_SUPPORT
 config SPL_ENV_IS_NOWHERE
 	bool "SPL Environment is not stored"
diff --git a/scripts/config_whitelist.txt b/scripts/config_whitelist.txt
index 19c9218060..bc086363ca 100644
--- a/scripts/config_whitelist.txt
+++ b/scripts/config_whitelist.txt
@@ -306,7 +306,6 @@  CONFIG_DEFAULT
 CONFIG_DEFAULT_CONSOLE
 CONFIG_DEFAULT_IMMR
 CONFIG_DEF_HWCONFIG
-CONFIG_DELAY_ENVIRONMENT
 CONFIG_DESIGNWARE_ETH
 CONFIG_DEVELOP
 CONFIG_DEVICE_TREE_LIST

[1/6] env: Convert CONFIG_DELAY_ENVIRONMENT to Kconfig

Commit Message

Comments

Patch