From 97dcc824bf298788e37f6869417662b0b9d16102 Mon Sep 17 00:00:00 2001
From: Michael Brown
Date: Thu, 22 Mar 2012 13:39:45 +0000
Subject: [image] Add concept of trusted images

Trusted images may always be executed.  Untrusted images may be
executed only if the current image trust requirement allows untrusted
images.

Images can be marked as trusted using image_trust(), and marked as
untrusted using image_untrust().

The current image trust requirement can be changed using
image_set_trust().  It is possible to make the change permanent, in
which case any future attempts to change the image trust requirement
will fail.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
---
 src/usr/imgmgmt.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/usr')

diff --git a/src/usr/imgmgmt.c b/src/usr/imgmgmt.c
index e323dd0c5..59011415b 100644
--- a/src/usr/imgmgmt.c
+++ b/src/usr/imgmgmt.c
@@ -140,6 +140,8 @@ void imgstat ( struct image *image ) {
 	printf ( "%s : %zd bytes", image->name, image->len );
 	if ( image->type )
 		printf ( " [%s]", image->type->name );
+	if ( image->flags & IMAGE_TRUSTED )
+		printf ( " [TRUSTED]" );
 	if ( image->flags & IMAGE_SELECTED )
 		printf ( " [SELECTED]" );
 	if ( image->cmdline )
-- 
cgit v1.2.3-55-g7522