From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: dandan.bi@intel.com)
Received: from mga18.intel.com (mga18.intel.com [134.134.136.126])
 by groups.io with SMTP; Tue, 24 Sep 2019 18:56:05 -0700
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga007.fm.intel.com ([10.253.24.52])
  by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 24 Sep 2019 18:56:05 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.64,546,1559545200"; 
   d="scan'208";a="189536971"
Received: from fmsmsx105.amr.corp.intel.com ([10.18.124.203])
  by fmsmga007.fm.intel.com with ESMTP; 24 Sep 2019 18:56:04 -0700
Received: from fmsmsx112.amr.corp.intel.com (10.18.116.6) by
 FMSMSX105.amr.corp.intel.com (10.18.124.203) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Tue, 24 Sep 2019 18:56:04 -0700
Received: from shsmsx154.ccr.corp.intel.com (10.239.6.54) by
 FMSMSX112.amr.corp.intel.com (10.18.116.6) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Tue, 24 Sep 2019 18:56:04 -0700
Received: from shsmsx104.ccr.corp.intel.com ([169.254.5.32]) by
 SHSMSX154.ccr.corp.intel.com ([169.254.7.195]) with mapi id 14.03.0439.000;
 Wed, 25 Sep 2019 09:56:02 +0800
From: "Dandan Bi" <dandan.bi@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>, "Wu, Hao A"
	<hao.a.wu@intel.com>
CC: Leif Lindholm <leif.lindholm@linaro.org>, Ard Biesheuvel
	<ard.biesheuvel@linaro.org>, "Wang, Jian J" <jian.j.wang@intel.com>, "Ni,
 Ray" <ray.ni@intel.com>, "Gao, Liming" <liming.gao@intel.com>, "Gao, Zhichao"
	<zhichao.gao@intel.com>, Laszlo Ersek <lersek@redhat.com>, "Philippe
 Mathieu-Daude" <philmd@redhat.com>, "Bi, Dandan" <dandan.bi@intel.com>
Subject: Re: [edk2-devel] [patch v3 0/5] Unload image on EFI_SECURITY_VIOLATION
Thread-Topic: [edk2-devel] [patch v3 0/5] Unload image on
 EFI_SECURITY_VIOLATION
Thread-Index: AQHVctp0VXiXJuAeu0KmEKWfjdjsOac7olxA
Date: Wed, 25 Sep 2019 01:56:01 +0000
Message-ID: <3C0D5C461C9E904E8F62152F6274C0BB40C5F796@SHSMSX104.ccr.corp.intel.com>
References: <15C762418138FF70.23104@groups.io>
In-Reply-To: <15C762418138FF70.23104@groups.io>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Return-Path: dandan.bi@intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi Hao,

Could you help to push this V3 patch series?


Thanks,
Dandan
> -----Original Message-----
> From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of
> Dandan Bi
> Sent: Tuesday, September 24, 2019 9:17 PM
> To: devel@edk2.groups.io
> Cc: Leif Lindholm <leif.lindholm@linaro.org>; Ard Biesheuvel
> <ard.biesheuvel@linaro.org>; Wang, Jian J <jian.j.wang@intel.com>; Wu,
> Hao A <hao.a.wu@intel.com>; Ni, Ray <ray.ni@intel.com>; Gao, Liming
> <liming.gao@intel.com>; Gao, Zhichao <zhichao.gao@intel.com>; Laszlo
> Ersek <lersek@redhat.com>; Philippe Mathieu-Daude <philmd@redhat.com>
> Subject: [edk2-devel] [patch v3 0/5] Unload image on
> EFI_SECURITY_VIOLATION
>=20
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1992
>=20
> v2:
> Just enahnce the code error handling logic in patch 3.
> Other patches are the same and pick up the Acked-by and Reviewed-by in
> other patches.
>=20
> v2:
> (1) Just separate the patch in MdeModulePkg into module level, the chang=
es
> in EmbeddedPkg and ShellPkg are the same with V1.
> (2) Drop the update in PciBusDxe module in MdeModulePkg since with
> EFI_SECURITY_VIOLATION returned, the image may be used later.
>=20
>=20
> For the LoadImage() boot service, with EFI_SECURITY_VIOLATION retval, th=
e
> Image was loaded and an ImageHandle was created with a valid
> EFI_LOADED_IMAGE_PROTOCOL, but the image can not be started right now.
> This follows UEFI Spec.
>=20
> But if the caller of LoadImage() doesn't have the option to defer the
> execution of an image, we can not treat EFI_SECURITY_VIOLATION like any
> other LoadImage() error, we should unload image for the
> EFI_SECURITY_VIOLATION to avoid resource leak.
>=20
> This patch is to do error handling for EFI_SECURITY_VIOLATION explicitly=
 for
> the callers in edk2 which don't have the policy to defer the execution o=
f the
> image.
>=20
> Cc: Leif Lindholm <leif.lindholm@linaro.org>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao A Wu <hao.a.wu@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Zhichao Gao <zhichao.gao@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Philippe Mathieu-Daude <philmd@redhat.com> Dandan Bi (3):
>   EmbeddedPkg: Unload image on EFI_SECURITY_VIOLATION
>   MdeModulePkg/DxeCapsuleLibFmp: Unload image on
> EFI_SECURITY_VIOLATION
>   MdeModulePkg/UefiBootManager: Unload image on
> EFI_SECURITY_VIOLATION
>   MdeModulePkg/PlatformDriOverride: Unload image on
>     EFI_SECURITY_VIOLATION
>   ShellPkg: Unload image on EFI_SECURITY_VIOLATION
>=20
>  .../AndroidFastboot/Arm/BootAndroidBootImg.c         |  9 +++++++++
>  .../Library/AndroidBootImgLib/AndroidBootImgLib.c    | 12 ++++++++++++
>  .../Library/DxeCapsuleLibFmp/DxeCapsuleLib.c         |  9 +++++++++
>  MdeModulePkg/Library/UefiBootManagerLib/BmBoot.c     |  9 +++++++++
>  .../Library/UefiBootManagerLib/BmLoadOption.c        | 14 ++++++++++++-=
-
>  MdeModulePkg/Library/UefiBootManagerLib/BmMisc.c     | 14
> ++++++++++++--
>  .../PlatformDriOverrideDxe/PlatDriOverrideLib.c      | 11 ++++++++++-
>  ShellPkg/Application/Shell/ShellManParser.c          |  9 +++++++++
>  .../Library/UefiShellDebug1CommandsLib/LoadPciRom.c  | 11 ++++++++++-
>  ShellPkg/Library/UefiShellLevel2CommandsLib/Load.c   | 11 ++++++++++-
>  10 files changed, 98 insertions(+), 5 deletions(-)
>=20
> --
> 2.18.0.windows.1
>=20
>=20
>=20