@@ -604,6 +604,15 @@ config DELAY_ENVIRONMENT
later by U-Boot code. With CONFIG_OF_CONTROL this is instead
controlled by the value of /config/load-environment.
+config ENV_APPEND
+ bool "Always append the environment with new data"
+ default n
+ help
+ If defined, the environment hash table is only ever appended with new
+ data, but the existing hash table can never be dropped and reloaded
+ with newly imported data. This may be used in combination with static
+ flags to e.g. to protect variables which must not be modified.
+
config ENV_ACCESS_IGNORE_FORCE
bool "Block forced environment operations"
default n
@@ -204,7 +204,9 @@ int env_load(void)
ret = drv->load();
if (!ret) {
printf("OK\n");
+#if !CONFIG_IS_ENABLED(ENV_APPEND)
return 0;
+#endif
} else if (ret == -ENOMSG) {
/* Handle "bad CRC" case */
if (best_prio == -1)
@@ -822,6 +822,10 @@ int himport_r(struct hsearch_data *htab,
if (nvars)
memcpy(localvars, vars, sizeof(vars[0]) * nvars);
+#if CONFIG_IS_ENABLED(ENV_APPEND)
+ flag |= H_NOCLEAR;
+#endif
+
if ((flag & H_NOCLEAR) == 0 && !nvars) {
/* Destroy old hash table if one exists */
debug("Destroy Hash Table: %p table = %p\n", htab,
Add configuration option which prevents the environment hash table to be ever cleared and reloaded with different content. This is useful in case the first environment loaded into the hash table contains e.g. sensitive content which must not be dropped or reloaded. Signed-off-by: Marek Vasut <marex at denx.de> --- env/Kconfig | 9 +++++++++ env/env.c | 2 ++ lib/hashtable.c | 4 ++++ 3 files changed, 15 insertions(+)