From 8488c989cc109efc8eead4a089d773848d092d02 Mon Sep 17 00:00:00 2001 From: Joe Groocock Date: Thu, 19 Dec 2019 13:08:50 +0000 Subject: [PATCH] [image] Implicitly trust first embedded image iPXE when used as a NIC option ROM can sometimes be reloaded by the UEFI/BIOS and any pre-initialised memory will remain loaded. When the imgtrust command is run it sets `require_trusted_images'. Upon reloading, iPXE tries to load the first embedded image but fails as it is not marked trusted. Setting this flag ensures that imgtrust with the first embedded script is reentrant. Signed-off-by: Joe Groocock --- src/image/embedded.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/image/embedded.c b/src/image/embedded.c index 376e5d299..3c4bee655 100644 --- a/src/image/embedded.c +++ b/src/image/embedded.c @@ -83,6 +83,9 @@ static void embedded_init ( void ) { image->name, strerror ( rc ) ); return; } + + /* Trust the selected image implicitly */ + image_trust ( image ); } /** Embedded image initialisation function */