Message ID | 1363992223-1628-1-git-send-email-nm@ti.com |
---|---|
State | Superseded |
Delegated to: | Tom Rini |
Headers | show |
Dear Nishanth Menon, In message <1363992223-1628-1-git-send-email-nm@ti.com> you wrote: > For production systems it is better to use script images since > they are protected by checksums and carry valuable information > like name and timestamp. Also, you can't validate the content > passed to env import. > > But for development, it is easier to use the env import command and > plain text files instead of script-images. Be careful here. There are some subtle, but important differences. With a script image, you are basically running standard commands, which includes certain tests and limitations. With "env import", you are just importing a set of environment settings, without further tests for permissions, etc. For example, think if data like your MAC address or board serial number are important to you, or if you are willing to have any user overwrite these with arbitrary data. Best regards, Wolfgang Denk
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/22/2013 06:43 PM, Nishanth Menon wrote: > For production systems it is better to use script images since they > are protected by checksums and carry valuable information like name > and timestamp. Also, you can't validate the content passed to env > import. > > But for development, it is easier to use the env import command > and plain text files instead of script-images. > > Since both OMAP5evm/uevm boards are used primarily for > development, we allow U-Boot to load env var from a text file in > case that an boot.scr script-image is not present. > > The variable uenvcmd (if existent) will be executed (using run) > after uEnv.txt was loaded. If uenvcmd doesn't exist the default > boot sequence will be started. > > Inspired by commit: d70f54808dfa83b574e1239c3eccbcf3317343e1 > (omap4: allow the use of a plain text env file instead boot > scripts) > > Signed-off-by: Nishanth Menon <nm@ti.com> OK, Sricharan is also working on something like this, with a few other changes as well (Use zImage, load fdt). I suspect we'll be taking that in. - -- Tom -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRTP9zAAoJENk4IS6UOR1WtFcP/2f9sqpaf9lyUQNNLN0IjV8v 3Bk1ykqcduRb4RElnnr/7g2EFu3MEdXYiZm8Rh7AN1ByFc69Zf5iGZFmZ3N2ZSRe UGNR2i2tYCdft1SFUHsbxopfwfmGddWDosxHbcbvYgTpwKelABdw8TURHK8DIyx9 gWcwBygAKz1dQrCFljZW4Ev8v0ORQiJq++eMUO6SS0zxmr4D5hVorvt0xrzs91r5 J7igypwLM6mX1Lpz/1P3Sf5IC2ZeK6hsvbiuE1FAFsnc0K14DU+MvFa9lDCq/RO1 Jfz5LTAbBE36J5+sSkiNouw3fdRbPAZ/noqYRLHGu4GQKACJzp0/dwJrlZUJ7Fvq MnT+OPbB/WxEM8y12JD1WbJWKnee5oL1zB24N/pwc24VALwBrlhgLn7wzzp7uk1+ VHgihciomPkzxDk9toCx1IAtYlOoabC5pPeB83AJ3JpCv5J1HnuUqG7UABc2BSn/ xrVKV+qVAjP1DKLOJ84MST0jcjhjp9XyVo8+MXgfxi66UuUMjatUdB4RyXvJfJfF Ooqze4jxkFAq9G9PKp5t0TFbPgWVwYZYEleyp7ClGTMMLrHcbFDQ2vCHoQPJaeaT wEng+cz350zY1tezj2JwE91cn9L+NUYvSxfV+SgXuasCtmyI86ziFgGBE2Juyk/P MwBBZPuF58cSbGK4Z1bp =0lCX -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/22/2013 08:23 PM, Wolfgang Denk wrote: > Dear Nishanth Menon, > > In message <1363992223-1628-1-git-send-email-nm@ti.com> you wrote: >> For production systems it is better to use script images since >> they are protected by checksums and carry valuable information >> like name and timestamp. Also, you can't validate the content >> passed to env import. >> >> But for development, it is easier to use the env import command >> and plain text files instead of script-images. > > Be careful here. There are some subtle, but important > differences. > > With a script image, you are basically running standard commands, > which includes certain tests and limitations. With "env import", > you are just importing a set of environment settings, without > further tests for permissions, etc. > > For example, think if data like your MAC address or board serial > number are important to you, or if you are willing to have any > user overwrite these with arbitrary data. Right. What I really want to see happen, and hope to find some time to play with, is moving this almost identical in 3+ boards BOOTCOMMAND into something that can be included and is commented enough to make such risks clear. For all of these development platforms that ship with example filesystems with no-password remote ssh root login, it's just another secure-me spot, but indeed, there is a risk of leakage into production systems if such things aren't clear. This came from the beagle boards where it's really useful for a developer-focused board (edit a plain text file, and have things just update and work? yay). - -- Tom -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRTQA0AAoJENk4IS6UOR1WkgYP+wejXFLki/bR78vlDa2ThqhS mdz9sdBIhuL/Hh7BqM+nmF1C9CMSNffF83dIvtqtu0VdnYd9k+68UOQSc6Xnru4Z KQHa5TR5qqPOsb8IVkR+q7ZcK6YNAYwAPHpTIdeSbtD7Wlh0lrZc4soPgxu8nG8t Hcm5ASFr3222yIQUARgaih/V2erOSfPLBxcnV4yc/VhNZ7czRwOka97cV2dZrQeI Oelp3s1BE9/7eKOLR+CDl7M2jKylJrQTuj9LOWjwGLvaxX03IIABclPimXCvbK6D nKtS1edaUQ+ife+rNOp3U4b5XZ4FB3L2zLpUQS2YujXHVyKg2cqvtw2FLiYTUAgd 0xagQt9SncXyQ7j6YxHJNrkIGS649XZN+jS1k4qSk32IPUY+r7bYSMjC3tYzoO9J x8tgv53paU4R8H4oJIO52aCrXLA+lPXzFsurIFY8qf0Eg3gkTBZf2obu9o/Lm+II d+O9cqrmwPhhhJifrdxON1NFiJEQbR/ltwCAQq2JqPy21FSwP1eOtN532ITcQfIo cm1SXg4wA6YpbY2DNBr2RaLqEf0n4feO1XOuiivkcsPDSHV38PxTbvqxVanRWnFg TJHfFkVl/L7E6wJxZGUlVGEMsyZ3crZV9+0qCjcH+UvXPPzQ7oKtGekHF0fGilwP d/CM3nRLIfEDiZptNWCj =3C1D -----END PGP SIGNATURE-----
On 03/22/2013 08:03 PM, Tom Rini wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 03/22/2013 06:43 PM, Nishanth Menon wrote: >> For production systems it is better to use script images since they >> are protected by checksums and carry valuable information like name >> and timestamp. Also, you can't validate the content passed to env >> import. >> >> But for development, it is easier to use the env import command >> and plain text files instead of script-images. >> >> Since both OMAP5evm/uevm boards are used primarily for >> development, we allow U-Boot to load env var from a text file in >> case that an boot.scr script-image is not present. >> >> The variable uenvcmd (if existent) will be executed (using run) >> after uEnv.txt was loaded. If uenvcmd doesn't exist the default >> boot sequence will be started. >> >> Inspired by commit: d70f54808dfa83b574e1239c3eccbcf3317343e1 >> (omap4: allow the use of a plain text env file instead boot >> scripts) >> >> Signed-off-by: Nishanth Menon <nm@ti.com> > > OK, Sricharan is also working on something like this, with a few other > changes as well (Use zImage, load fdt). I suspect we'll be taking > that in. is there a patch posted in u-boot list? or at least an ETA when we might be able to see such a patch? Regards, Nishanth Menon
Hi Nishanth, On Saturday 23 March 2013 08:57 PM, Nishanth Menon wrote: > On 03/22/2013 08:03 PM, Tom Rini wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On 03/22/2013 06:43 PM, Nishanth Menon wrote: >>> For production systems it is better to use script images since they >>> are protected by checksums and carry valuable information like name >>> and timestamp. Also, you can't validate the content passed to env >>> import. >>> >>> But for development, it is easier to use the env import command >>> and plain text files instead of script-images. >>> >>> Since both OMAP5evm/uevm boards are used primarily for >>> development, we allow U-Boot to load env var from a text file in >>> case that an boot.scr script-image is not present. >>> >>> The variable uenvcmd (if existent) will be executed (using run) >>> after uEnv.txt was loaded. If uenvcmd doesn't exist the default >>> boot sequence will be started. >>> >>> Inspired by commit: d70f54808dfa83b574e1239c3eccbcf3317343e1 >>> (omap4: allow the use of a plain text env file instead boot >>> scripts) >>> >>> Signed-off-by: Nishanth Menon <nm@ti.com> >> >> OK, Sricharan is also working on something like this, with a few other >> changes as well (Use zImage, load fdt). I suspect we'll be taking >> that in. > is there a patch posted in u-boot list? or at least an ETA when we might be able to see such a patch? > Regards, > Nishanth Menon > I added this in the series. http://www.mail-archive.com/u-boot@lists.denx.de/msg109030.html Regards, Sricharan
On 03/23/2013 11:20 PM, Sricharan R wrote: > Hi Nishanth, > > On Saturday 23 March 2013 08:57 PM, Nishanth Menon wrote: >> On 03/22/2013 08:03 PM, Tom Rini wrote: >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> On 03/22/2013 06:43 PM, Nishanth Menon wrote: >>>> For production systems it is better to use script images since they >>>> are protected by checksums and carry valuable information like name >>>> and timestamp. Also, you can't validate the content passed to env >>>> import. >>>> >>>> But for development, it is easier to use the env import command >>>> and plain text files instead of script-images. >>>> >>>> Since both OMAP5evm/uevm boards are used primarily for >>>> development, we allow U-Boot to load env var from a text file in >>>> case that an boot.scr script-image is not present. >>>> >>>> The variable uenvcmd (if existent) will be executed (using run) >>>> after uEnv.txt was loaded. If uenvcmd doesn't exist the default >>>> boot sequence will be started. >>>> >>>> Inspired by commit: d70f54808dfa83b574e1239c3eccbcf3317343e1 >>>> (omap4: allow the use of a plain text env file instead boot >>>> scripts) >>>> >>>> Signed-off-by: Nishanth Menon <nm@ti.com> >>> >>> OK, Sricharan is also working on something like this, with a few other >>> changes as well (Use zImage, load fdt). I suspect we'll be taking >>> that in. >> is there a patch posted in u-boot list? or at least an ETA when we might be able to see such a patch? >> Regards, >> Nishanth Menon >> > I added this in the series. > > http://www.mail-archive.com/u-boot@lists.denx.de/msg109030.html thanks. Regards, Nishanth Menon
On Monday 25 March 2013 08:09 AM, Nishanth Menon wrote: > On 03/23/2013 11:20 PM, Sricharan R wrote: >> Hi Nishanth, >> >> On Saturday 23 March 2013 08:57 PM, Nishanth Menon wrote: >>> On 03/22/2013 08:03 PM, Tom Rini wrote: >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> On 03/22/2013 06:43 PM, Nishanth Menon wrote: >>>>> For production systems it is better to use script images since they >>>>> are protected by checksums and carry valuable information like name >>>>> and timestamp. Also, you can't validate the content passed to env >>>>> import. >>>>> >>>>> But for development, it is easier to use the env import command >>>>> and plain text files instead of script-images. >>>>> >>>>> Since both OMAP5evm/uevm boards are used primarily for >>>>> development, we allow U-Boot to load env var from a text file in >>>>> case that an boot.scr script-image is not present. >>>>> >>>>> The variable uenvcmd (if existent) will be executed (using run) >>>>> after uEnv.txt was loaded. If uenvcmd doesn't exist the default >>>>> boot sequence will be started. >>>>> >>>>> Inspired by commit: d70f54808dfa83b574e1239c3eccbcf3317343e1 >>>>> (omap4: allow the use of a plain text env file instead boot >>>>> scripts) >>>>> >>>>> Signed-off-by: Nishanth Menon <nm@ti.com> In fac >>>> >>>> OK, Sricharan is also working on something like this, with a few other >>>> changes as well (Use zImage, load fdt). I suspect we'll be taking >>>> that in. >>> is there a patch posted in u-boot list? or at least an ETA when we might be able to see such a patch? >>> Regards, >>> Nishanth Menon >>> >> I added this in the series. >> >> http://www.mail-archive.com/u-boot@lists.denx.de/msg109030.html > thanks. > Regards, > Nishanth Menon > In fact i added my version of this patch. Same functional change. I will add your patch instead of mine, given that you posted before mine. Regards, Sricharan
diff --git a/include/configs/omap5_common.h b/include/configs/omap5_common.h index af97564..3174423 100644 --- a/include/configs/omap5_common.h +++ b/include/configs/omap5_common.h @@ -155,6 +155,9 @@ "loadbootscript=fatload mmc ${mmcdev} ${loadaddr} boot.scr\0" \ "bootscript=echo Running bootscript from mmc${mmcdev} ...; " \ "source ${loadaddr}\0" \ + "loadbootenv=fatload mmc ${mmcdev} ${loadaddr} uEnv.txt\0" \ + "importbootenv=echo Importing environment from mmc${mmcdev} ...; " \ + "env import -t ${loadaddr} ${filesize}\0" \ "loaduimage=fatload mmc ${mmcdev} ${loadaddr} uImage\0" \ "mmcboot=echo Booting from mmc${mmcdev} ...; " \ "run mmcargs; " \ @@ -165,9 +168,16 @@ "if run loadbootscript; then " \ "run bootscript; " \ "else " \ - "if run loaduimage; then " \ - "run mmcboot; " \ - "fi; " \ + "if run loadbootenv; then " \ + "run importbootenv; " \ + "fi;" \ + "if test -n ${uenvcmd}; then " \ + "echo Running uenvcmd ...;" \ + "run uenvcmd;" \ + "fi;" \ + "fi;" \ + "if run loaduimage; then " \ + "run mmcboot; " \ "fi; " \ "fi"
For production systems it is better to use script images since they are protected by checksums and carry valuable information like name and timestamp. Also, you can't validate the content passed to env import. But for development, it is easier to use the env import command and plain text files instead of script-images. Since both OMAP5evm/uevm boards are used primarily for development, we allow U-Boot to load env var from a text file in case that an boot.scr script-image is not present. The variable uenvcmd (if existent) will be executed (using run) after uEnv.txt was loaded. If uenvcmd doesn't exist the default boot sequence will be started. Inspired by commit: d70f54808dfa83b574e1239c3eccbcf3317343e1 (omap4: allow the use of a plain text env file instead boot scripts) Signed-off-by: Nishanth Menon <nm@ti.com> --- include/configs/omap5_common.h | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-)