[image] Add concept of trusted images

Trusted images may always be executed. Untrusted images may be executed only if the current image trust requirement allows untrusted images. Images can be marked as trusted using image_trust(), and marked as untrusted using image_untrust(). The current image trust requirement can be changed using image_set_trust(). It is possible to make the change permanent, in which case any future attempts to change the image trust requirement will fail. Signed-off-by: Michael Brown <mcb30@ipxe.org>
author: Michael Brown <mcb30@ipxe.org> 2012-03-22 13:39:45 +0000
committer: Michael Brown <mcb30@ipxe.org> 2012-03-22 16:16:02 +0000
commit: 97dcc824bf298788e37f6869417662b0b9d16102 (patch)
tree: 60d81bbd91a751e02c6b139887eae33dafe33a7c /src/usr
parent: efb0c7fce4f9dd8e782209a84221088ee39bce67 (diff)
download: ipxe-97dcc824bf298788e37f6869417662b0b9d16102.zip
ipxe-97dcc824bf298788e37f6869417662b0b9d16102.tar.gz
ipxe-97dcc824bf298788e37f6869417662b0b9d16102.tar.bz2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/usr/imgmgmt.c b/src/usr/imgmgmt.c
index e323dd0..5901141 100644
--- a/src/usr/imgmgmt.c
+++ b/src/usr/imgmgmt.c
@@ -140,6 +140,8 @@ void imgstat ( struct image *image ) {
 	printf ( "%s : %zd bytes", image->name, image->len );
 	if ( image->type )
 		printf ( " [%s]", image->type->name );
+	if ( image->flags & IMAGE_TRUSTED )
+		printf ( " [TRUSTED]" );
 	if ( image->flags & IMAGE_SELECTED )
 		printf ( " [SELECTED]" );
 	if ( image->cmdline )
author	Michael Brown <mcb30@ipxe.org>	2012-03-22 13:39:45 +0000
committer	Michael Brown <mcb30@ipxe.org>	2012-03-22 16:16:02 +0000
commit	97dcc824bf298788e37f6869417662b0b9d16102 (patch)
tree	60d81bbd91a751e02c6b139887eae33dafe33a7c /src/usr
parent	efb0c7fce4f9dd8e782209a84221088ee39bce67 (diff)
download	ipxe-97dcc824bf298788e37f6869417662b0b9d16102.zip ipxe-97dcc824bf298788e37f6869417662b0b9d16102.tar.gz ipxe-97dcc824bf298788e37f6869417662b0b9d16102.tar.bz2