[PATCH v1 11/11] siemens: capricorn: protect environment

[Peng Fan]

On Sat, Jan 24, 2026 at 06:54:52AM +0100, Heiko Schocher wrote:
>From: Adrian Freihofer <adrian.freihofer at siemens.com>
>
>With ENV_WRITEABLE_LIST only specific environment variables lisetd in
>CFG_ENV_FLAGS_LIST_STATIC are read from the u-boot environment storage.
>All other environment variables are set to default values and are not
>written back to the storage.
>
>The u-boot environment usually stays for the lifetime of the product.
>There is no A/B copy mechanism as for the firmware itself. That means
>that incompatible changes to environment variables in future u-boot
>versions may lead to serious issues if the old environment is used with
>a new u-boot version or vice versa.
>
>Having this protection in place ensures that only a limited set of
>environment variables are persisted across u-boot versions. All the
>macros not listed in CFG_ENV_FLAGS_LIST_STATIC are now part of the
>u-boot binary which is redundant and immutable. This guarantees that
>the u-boot version and the default values of these environment variables
>are always in sync and cannot be changed at runtime.
>
>ustate and rastate are not relevant for u-boot itself. ustate is used
>by swupdate which persists the transaction state in the environment.
>rastate is a similar variable used by another user space application.
>
>Signed-off-by: Adrian Freihofer <adrian.freihofer at siemens.com>
>Signed-off-by: Heiko Schocher <hs at nabladev.com>

Reviewed-by: Peng Fan <peng.fan at nxp.com>