[image] Implicitly trust first embedded image

iPXE when used as a NIC option ROM can sometimes be reloaded by the
UEFI/BIOS and any pre-initialised memory will remain loaded. When the
imgtrust command is run it sets `require_trusted_images'. Upon
reloading, iPXE tries to load the first embedded image but fails as it
is not marked trusted.

Setting this flag ensures that imgtrust with the first embedded script
is reentrant.

Signed-off-by: Joe Groocock <jgroocock@cloudflare.com>

diff --git a/src/image/embedded.c b/src/image/embedded.c
index 376e5d299ffb7971fad4db3b783f4389a503262b..3c4bee65520219d2d1024b253362836ff1045c0b 100644 (file)
--- a/src/image/embedded.c
+++ b/src/image/embedded.c
@@ -83,6 +83,9 @@ static void embedded_init ( void ) {
                      image->name, strerror ( rc ) );
                return;
        }
+
+       /* Trust the selected image implicitly */
+       image_trust ( image );
 }
 
 /** Embedded image initialisation function */