[image] Implicitly trust first embedded image

iPXE when used as a NIC option ROM can sometimes be reloaded by the UEFI/BIOS and any pre-initialised memory will remain loaded. When the imgtrust command is run it sets `require_trusted_images'. Upon reloading, iPXE tries to load the first embedded image but fails as it is not marked trusted. Setting this flag ensures that imgtrust with the first embedded script is reentrant. Signed-off-by: Joe Groocock <jgroocock@cloudflare.com>
author: Joe Groocock <jgroocock@cloudflare.com> 2019-12-19 13:08:50 +0000
committer: Michael Brown <mcb30@ipxe.org> 2021-01-27 12:42:31 +0000
commit: 8488c989cc109efc8eead4a089d773848d092d02 (patch)
tree: 55c4320cb2efb2c09c52cc95335293507930a512
parent: b9de7e6eda04cecaff6735a60c7fe7f488fdccf1 (diff)
download: ipxe-8488c989cc109efc8eead4a089d773848d092d02.zip
ipxe-8488c989cc109efc8eead4a089d773848d092d02.tar.gz
ipxe-8488c989cc109efc8eead4a089d773848d092d02.tar.bz2
1 files changed, 3 insertions, 0 deletions
diff --git a/src/image/embedded.c b/src/image/embedded.c
index 376e5d2..3c4bee6 100644
--- a/src/image/embedded.c
+++ b/src/image/embedded.c
@@ -83,6 +83,9 @@ static void embedded_init ( void ) {
 		      image->name, strerror ( rc ) );
 		return;
 	}
+
+	/* Trust the selected image implicitly */
+	image_trust ( image );
 }
 
 /** Embedded image initialisation function */
author	Joe Groocock <jgroocock@cloudflare.com>	2019-12-19 13:08:50 +0000
committer	Michael Brown <mcb30@ipxe.org>	2021-01-27 12:42:31 +0000
commit	8488c989cc109efc8eead4a089d773848d092d02 (patch)
tree	55c4320cb2efb2c09c52cc95335293507930a512
parent	b9de7e6eda04cecaff6735a60c7fe7f488fdccf1 (diff)
download	ipxe-8488c989cc109efc8eead4a089d773848d092d02.zip ipxe-8488c989cc109efc8eead4a089d773848d092d02.tar.gz ipxe-8488c989cc109efc8eead4a089d773848d092d02.tar.bz2