Your interest in u-boot hacking has helped motivate me to do something I've wanted to do for a while - and which I described in general terms already.
So if you get my latest gnubee/v5.6 kernel, and may latest gnubee-tools, and run
make firmware-gbpc1u-5.6
This firmware image doesn't have various recovery and installation tools, but it is enough to boot most configs.
It also doesn't contain lots of modules (sound, netfilter etc) but you usually only need them first-boot anyway.
Consequently it is less than 16MB.
The kernel in this firmware partitions the 32MB flash differently - The normal uboot, env, factory, firmware partitions still exist in the first 16MB (the 'firmware' partition is smaller)..
There is a second set of these 4 partitions in the second 16MB.
Finally, the kernel has a small hack so that when you 'reboot -f', the flash is configured so that "3-byte address reads" (as generated by the MT7621 during boot) read from the second half of the flash.
The net result is that if you copy a new u-boot into /dev/mtd4 and reboot, it will boot using that new u--boot. But if you power-cycle, it will boot using the normal u-boot.
Also, I've fixed some issues with the GnuBee u-boot so you can build it with newer gcc.
So on you gnubee you can:
apt-get install libncurses5-dev zlib1g-dev
cd GnuBee_PCx_uboot
cd uboot-5.x.x.x
cp ../profiles/GB-PCx/GB-PCx-config-900MHz .config
make menuconfig # Just exit and save
make -j4 CROSS_COMPILE=/usr/bin/ # takes about 1 minute - lots of warnings.
flashcp -v uboot.bin /dev/mtd4
reboot -f
and this will boot using your newly compiled u-boot.
What I would really like to do longer term is to modify the u-boot so that if the press-button isn't pressed and if the u--boot- env contains suitable instructions, then it immediately chains to a boot loader somewhere else in flash (maybe at the end).
Then we could leave the main u-boot otherwise untouched and largely ignore it except when something goes wrong. All interesting functionality can be added to the secondary u-boot which can be updated freely, with the assurance that (as long as you have physical access to the gnubee), it is easy to unbrick and start again.