diff options
| author | Michael Brown | 2016-03-20 18:26:09 +0100 |
|---|---|---|
| committer | Michael Brown | 2016-03-20 18:26:09 +0100 |
| commit | 0141ea3a773aea7a2f4e81b2b2143c85683cc21c (patch) | |
| tree | 9c12c6ed4744bbe441516346494e535a717cd20c /src/drivers/infiniband | |
| parent | [qib7322] Add missing iounmap() (diff) | |
| download | ipxe-0141ea3a773aea7a2f4e81b2b2143c85683cc21c.tar.gz ipxe-0141ea3a773aea7a2f4e81b2b2143c85683cc21c.tar.xz ipxe-0141ea3a773aea7a2f4e81b2b2143c85683cc21c.zip | |
[crypto] Allow trusted certificates to be stored in non-volatile options
The intention of the existing code (as documented in its own comments)
is that it should be possible to override the list of trusted root
certificates using a "trust" setting held in non-volatile stored
options. However, the rootcert_init() function currently executes
before any devices have been probed, and so will not be able to
retrieve any such non-volatile stored options.
Fix by executing rootcert_init() only after devices have been probed.
Since startup functions may be executed multiple times (unlike
initialisation functions), add an explicit flag to preserve the
property that rootcert_init() should run only once.
As before, if an explicit root of trust is specified at build time,
then any runtime "trust" setting will be ignored.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/drivers/infiniband')
0 files changed, 0 insertions, 0 deletions