On 9/18/19 5:05 AM, Dandan Bi wrote: > For the LoadImage() boot service, with EFI_SECURITY_VIOLATION retval, > the Image was loaded and an ImageHandle was created with a valid > EFI_LOADED_IMAGE_PROTOCOL, but the image can not be started right now. > This follows UEFI Spec. > > But if the caller of LoadImage() doesn't have the option to defer > the execution of an image, we can not treat EFI_SECURITY_VIOLATION > like any other LoadImage() error, we should unload image for the > EFI_SECURITY_VIOLATION to avoid resource leak. > > This patch is to do error handling for EFI_SECURITY_VIOLATION explicitly > for the caller in PlatformDriOverrideDxe which don't have the policy to > defer the execution of the image. > > Cc: Jian J Wang <jian.j.w...@intel.com> > Cc: Hao A Wu <hao.a...@intel.com> > Cc: Liming Gao <liming....@intel.com> > Cc: Laszlo Ersek <ler...@redhat.com> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1992 > Signed-off-by: Dandan Bi <dandan...@intel.com> > --- > .../PlatformDriOverrideDxe/PlatDriOverrideLib.c | 11 ++++++++++- > 1 file changed, 10 insertions(+), 1 deletion(-) > > diff --git > a/MdeModulePkg/Universal/PlatformDriOverrideDxe/PlatDriOverrideLib.c > b/MdeModulePkg/Universal/PlatformDriOverrideDxe/PlatDriOverrideLib.c > index 2d3736b468..f91f038b7a 100644 > --- a/MdeModulePkg/Universal/PlatformDriOverrideDxe/PlatDriOverrideLib.c > +++ b/MdeModulePkg/Universal/PlatformDriOverrideDxe/PlatDriOverrideLib.c > @@ -1,9 +1,9 @@ > /** @file > Implementation of the shared functions to do the platform driver vverride > mapping. > > - Copyright (c) 2007 - 2018, Intel Corporation. All rights reserved.<BR> > + Copyright (c) 2007 - 2019, Intel Corporation. All rights reserved.<BR> > SPDX-License-Identifier: BSD-2-Clause-Patent > > **/ > > #include "InternalPlatDriOverrideDxe.h" > @@ -1484,10 +1484,19 @@ GetDriverFromMapping ( > ); > ASSERT (DriverBinding != NULL); > DriverImageInfo->ImageHandle = ImageHandle; > } > } else { > + // > + // With EFI_SECURITY_VIOLATION retval, the Image was loaded > and an ImageHandle was created > + // with a valid EFI_LOADED_IMAGE_PROTOCOL, but the image can > not be started right now. > + // If the caller doesn't have the option to defer the > execution of an image, we should > + // unload image for the EFI_SECURITY_VIOLATION to avoid > resource leak. > + // > + if (Status == EFI_SECURITY_VIOLATION) { > + gBS->UnloadImage (ImageHandle); > + } > DriverImageInfo->UnLoadable = TRUE; > DriverImageInfo->ImageHandle = NULL; > } > } > } >
Reviewed-by: Philippe Mathieu-Daude <phi...@redhat.com> -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#47915): https://edk2.groups.io/g/devel/message/47915 Mute This Topic: https://groups.io/mt/34184009/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
