U-Boot environment management from userspace
Vernon Mauery
vernon.mauery at linux.intel.com
Wed May 29 04:40:18 AEST 2019
Reading U-Boot environment variables from userspace is not difficult,
but to do it in a standard way, (fw_printenv), it requires a fork and
exec. We don't have any permissions problems because reading from the
MTD partition is not restricted. It might be nice, however to have these
variables exported on D-Bus so that a fork/exec is not necessary, just a
property fetch.
But writing is a different story. That requires root privileges. To
architect with a separation of privileges mechanism, this should
probably be running as a daemon or service that could be spawned via
D-Bus or something so that ipmid doesn't need root permission to set a
U-Boot variable.
I see a couple of options:
1) Shoehorn U-Boot variables into the settings daemon so they just show
up as settings. I am not sure on the details of how this would be done,
but it might work.
2) Create yet another daemon that would provide a R/W interface
(probably just using the D-Bus properties interface) that would act as a
manager of U-Boot environment variables. It might even be able to place
an inotify watch to get notified when an external process (fw_setenv)
modifies the environment (like from a script or something) so the D-Bus
properties could send out a PropertiesChanged notification.
3) Use a one-shot service that parses the 'instance' to extract a
variable name and variable value. Then the variable could be activated
by launching ubootenv at foo=bar.service. This would require some fancy
parameter encoding to make it all work correctly to avoid string
injections.
Am I the only one that has a need for this or is there a wider audience
that would benefit?
Does anyone else already have a solution for this or an opinion on what
path might be the best?
--Vernon
More information about the openbmc
mailing list