[U-Boot] [RFC] setenv() and variable flags, especially "read-only"

[Bernhard Nortmann <bernhard.nortmann@web.de>]

Hi everybody!

I'm wondering what the correct / official way of setting a "read-only" 
environment variable is.

It's simple enough to declare some #define CONFIG_ENV_FLAGS_LIST_STATIC 
"myvar:sr" to begin with, but this backfires - i.e. prevents write 
access - as soon as I try to set a value programmatically via setenv() 
(from within U-Boot code). A workaround is to use the "write-once" flag 
instead, but this leaves an undesired loop-hole in case "myvar" is 
supposed to remain empty/unset - where "write-once" would still allow 
the user to set a value interactively.

U-Boot already has a clear distinction between programmatic access via 
setenv(), resulting in _do_env_set(..., H_PROGRAMMATIC), and user 
interaction (from U-Boot prompt or scripts) ending up as 
_do_env_set(..., H_INTERACTIVE). Looking at env_flags_validate() in 
env_flags.c I notice that it handles H_FORCE, but doesn't make any use 
of H_PROGRAMMATIC.

The second (and more basic) question therefore is: Is programmatic 
access from within U-Boot via setenv() supposed to always respect the 
flags of variables (when even the user might possibly circumvent them 
with "setenv -f" resulting in H_FORCE), or might it be more sensible to 
allow all 'internal' setenv() access, disregarding any flags (treating 
H_PROGRAMMATIC as "always force")? I'm aware that changing this 
behaviour might have broad consequences.

The use case I have in mind is "locking down" (user) access to the fel_* 
variables used by sunxi - see 
http://git.denx.de/?p=u-boot.git;a=blob;f=board/sunxi/board.c;h=2d5335f9531c27da59b8b4f9311ccf2a0199859a;hb=HEAD#l568 
. The questions/discussion in 
http://lists.denx.de/pipermail/u-boot/2015-September/227611.html might 
also be relevant.

Regards, B. Nortmann