u-boot/api
Wolfgang Denk 54841ab50c Make sure that argv[] argument pointers are not modified.
The hush shell dynamically allocates (and re-allocates) memory for the
argument strings in the "char *argv[]" argument vector passed to
commands.  Any code that modifies these pointers will cause serious
corruption of the malloc data structures and crash U-Boot, so make
sure the compiler can check that no such modifications are being done
by changing the code into "char * const argv[]".

This modification is the result of debugging a strange crash caused
after adding a new command, which used the following argument
processing code which has been working perfectly fine in all Unix
systems since version 6 - but not so in U-Boot:

int main (int argc, char **argv)
{
	while (--argc > 0 && **++argv == '-') {
/* ====> */	while (*++*argv) {
			switch (**argv) {
			case 'd':
				debug++;
				break;
			...
			default:
				usage ();
			}
		}
	}
	...
}

The line marked "====>" will corrupt the malloc data structures and
usually cause U-Boot to crash when the next command gets executed by
the shell.  With the modification, the compiler will prevent this with
an
	error: increment of read-only location '*argv'

N.B.: The code above can be trivially rewritten like this:

	while (--argc > 0 && **++argv == '-') {
		char *arg = *argv;
		while (*++arg) {
			switch (*arg) {
			...

Signed-off-by: Wolfgang Denk <wd@denx.de>
Acked-by: Mike Frysinger <vapier@gentoo.org>
2010-07-04 23:55:42 +02:00
..
api_net.c api: remove un-needed ifdef CONFIG_API already handle by the Makefile 2009-05-15 22:13:01 +02:00
api_platform-arm.c api: Fix broken build on ARM. 2009-07-23 00:10:53 +02:00
api_platform-powerpc.c Move arch/ppc to arch/powerpc 2010-04-21 23:42:38 +02:00
api_private.h API for external applications. 2008-01-09 19:39:36 +01:00
api_storage.c api: remove un-needed ifdef CONFIG_API already handle by the Makefile 2009-05-15 22:13:01 +02:00
api.c Make sure that argv[] argument pointers are not modified. 2010-07-04 23:55:42 +02:00
Makefile API: Convert conditional building to the new scheme. 2008-01-29 16:57:38 +01:00
README Coding Style cleanup; update CHANGELOG 2008-01-10 00:55:14 +01:00

U-Boot machine/arch independent API for external apps
=====================================================

1.  Main assumptions

  - there is a single entry point (syscall) to the API

  - per current design the syscall is a C-callable function in the U-Boot
    text, which might evolve into a real syscall using machine exception trap
    once this initial version proves functional

  - the consumer app is responsible for producing appropriate context (call
    number and arguments)

  - upon entry, the syscall dispatches the call to other (existing) U-Boot
    functional areas like networking or storage operations

  - consumer application will recognize the API is available by searching
    a specified (assumed by convention) range of address space for the
    signature

  - the U-Boot integral part of the API is meant to be thin and non-intrusive,
    leaving as much processing as possible on the consumer application side,
    for example it doesn't keep states, but relies on hints from the app and
    so on

  - optional (CONFIG_API)


2. Calls

  - console related (getc, putc, tstc etc.)
  - system (reset, platform info)
  - time (delay, current)
  - env vars (enumerate all, get, set)
  - devices (enumerate all, open, close, read, write); currently two classes
    of devices are recognized and supported: network and storage (ide, scsi,
    usb etc.)


3. Structure overview

  - core API, integral part of U-Boot, mandatory
    - implements the single entry point (mimics UNIX syscall)

  - glue
    - entry point at the consumer side, allows to make syscall, mandatory
      part

    - helper conveniency wrappers so that consumer app does not have to use
      the syscall directly, but in a more friendly manner (a la libc calls),
      optional part

  - consumer application
    - calls directly, or leverages the provided glue mid-layer