[image] Propagate trust flag to extracted archive images

An extracted image is wholly derived from the original archive image. If the original archive image has been verified and marked as trusted, then this trust logically extends to any image extracted from it. Signed-off-by: Michael Brown <mcb30@ipxe.org>
author: Michael Brown <mcb30@ipxe.org> 2021-05-12 14:13:01 +0100
committer: Michael Brown <mcb30@ipxe.org> 2021-05-12 14:14:52 +0100
commit: 62f732207e7cbd226a11b85581c2c33e1e6be409 (patch)
tree: 1ebd47d4da4e1d358254c1967244668ffd6fd35e
parent: 191f8825cbd17a6819545e5633287e3d934039b6 (diff)
download: ipxe-62f732207e7cbd226a11b85581c2c33e1e6be409.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/src/core/archive.c b/src/core/archive.c
index 7ef86bd9a..bb62c7e47 100644
--- a/src/core/archive.c
+++ b/src/core/archive.c
@@ -82,6 +82,10 @@ int image_extract ( struct image *image, const char *name,
 	if ( ( rc = register_image ( *extracted ) ) != 0 )
 		goto err_register;
 
+	/* Propagate trust flag */
+	if ( image->flags & IMAGE_TRUSTED )
+		image_trust ( *extracted );
+
 	/* Drop local reference to image */
 	image_put ( *extracted );
author	Michael Brown <mcb30@ipxe.org>	2021-05-12 14:13:01 +0100
committer	Michael Brown <mcb30@ipxe.org>	2021-05-12 14:14:52 +0100
commit	62f732207e7cbd226a11b85581c2c33e1e6be409 (patch)
tree	1ebd47d4da4e1d358254c1967244668ffd6fd35e
parent	191f8825cbd17a6819545e5633287e3d934039b6 (diff)
download	ipxe-62f732207e7cbd226a11b85581c2c33e1e6be409.tar.gz