[crypto] Allow trusted certificates to be stored in non-volatile options

The intention of the existing code (as documented in its own comments)
is that it should be possible to override the list of trusted root
certificates using a "trust" setting held in non-volatile stored
options.  However, the rootcert_init() function currently executes
before any devices have been probed, and so will not be able to
retrieve any such non-volatile stored options.

Fix by executing rootcert_init() only after devices have been probed.
Since startup functions may be executed multiple times (unlike
initialisation functions), add an explicit flag to preserve the
property that rootcert_init() should run only once.

As before, if an explicit root of trust is specified at build time,
then any runtime "trust" setting will be ignored.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

diff --git a/src/crypto/rootcert.c b/src/crypto/rootcert.c
index 00ea1647e8a49fdb39aefde4a0c42d53a8d4bd03..f7b9dcfb7b21ed4f54563f0286b98ad816e27dde 100644 (file)
--- a/src/crypto/rootcert.c
+++ b/src/crypto/rootcert.c
@@ -93,13 +93,14 @@ struct x509_root root_certificates = {
  * a rebuild.
  */
 static void rootcert_init ( void ) {
+       static int initialised;
        void *external = NULL;
        int len;
 
        /* Allow trusted root certificates to be overridden only if
         * not explicitly specified at build time.
         */
-       if ( ALLOW_TRUST_OVERRIDE ) {
+       if ( ALLOW_TRUST_OVERRIDE && ( ! initialised ) ) {
 
                /* Fetch copy of "trust" setting, if it exists.  This
                 * memory will never be freed.
@@ -109,6 +110,9 @@ static void rootcert_init ( void ) {
                        root_certificates.fingerprints = external;
                        root_certificates.count = ( len / FINGERPRINT_LEN );
                }
+
+               /* Prevent subsequent modifications */
+               initialised = 1;
        }
 
        DBGC ( &root_certificates, "ROOTCERT using %d %s certificate(s):\n",
@@ -118,6 +122,6 @@ static void rootcert_init ( void ) {
 }
 
 /** Root certificate initialiser */
-struct init_fn rootcert_init_fn __init_fn ( INIT_LATE ) = {
-       .initialise = rootcert_init,
+struct startup_fn rootcert_startup_fn __startup_fn ( STARTUP_LATE ) = {
+       .startup = rootcert_init,
 };