From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: hao.a.wu@intel.com) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by groups.io with SMTP; Tue, 17 Sep 2019 20:23:56 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Sep 2019 20:23:55 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,519,1559545200"; d="scan'208";a="211710427" Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202]) by fmsmga004.fm.intel.com with ESMTP; 17 Sep 2019 20:23:55 -0700 Received: from shsmsx151.ccr.corp.intel.com (10.239.6.50) by fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 17 Sep 2019 20:23:55 -0700 Received: from shsmsx104.ccr.corp.intel.com ([169.254.5.32]) by SHSMSX151.ccr.corp.intel.com ([169.254.3.53]) with mapi id 14.03.0439.000; Wed, 18 Sep 2019 11:23:53 +0800 From: "Wu, Hao A" To: "devel@edk2.groups.io" , "Bi, Dandan" CC: "Wang, Jian J" , "Gao, Liming" , Laszlo Ersek Subject: Re: [edk2-devel] [patch v2 2/5] MdeModulePkg/DxeCapsuleLibFmp: Unload image on EFI_SECURITY_VIOLATION Thread-Topic: [edk2-devel] [patch v2 2/5] MdeModulePkg/DxeCapsuleLibFmp: Unload image on EFI_SECURITY_VIOLATION Thread-Index: AQHVbc4W8Hw7Un2HukqboiUv6G6q+6cwxTnA Date: Wed, 18 Sep 2019 03:23:52 +0000 Message-ID: References: <20190918030557.55256-1-dandan.bi@intel.com> <20190918030557.55256-3-dandan.bi@intel.com> In-Reply-To: <20190918030557.55256-3-dandan.bi@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Return-Path: hao.a.wu@intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable > -----Original Message----- > From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of > Dandan Bi > Sent: Wednesday, September 18, 2019 11:06 AM > To: devel@edk2.groups.io > Cc: Wang, Jian J; Wu, Hao A; Gao, Liming; Laszlo Ersek > Subject: [edk2-devel] [patch v2 2/5] MdeModulePkg/DxeCapsuleLibFmp: > Unload image on EFI_SECURITY_VIOLATION >=20 > For the LoadImage() boot service, with EFI_SECURITY_VIOLATION retval, > the Image was loaded and an ImageHandle was created with a valid > EFI_LOADED_IMAGE_PROTOCOL, but the image can not be started right now. > This follows UEFI Spec. >=20 > But if the caller of LoadImage() doesn't have the option to defer > the execution of an image, we can not treat EFI_SECURITY_VIOLATION > like any other LoadImage() error, we should unload image for the > EFI_SECURITY_VIOLATION to avoid resource leak. >=20 > This patch is to do error handling for EFI_SECURITY_VIOLATION explicitly > for the callers in DxeCapsuleLibFmp which don't have the policy to defer > the execution of the image. >=20 > Cc: Jian J Wang > Cc: Hao A Wu > Cc: Liming Gao > Cc: Laszlo Ersek > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1992 > Signed-off-by: Dandan Bi > --- > MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c | 9 +++++++++ > 1 file changed, 9 insertions(+) >=20 > diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c > b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c > index 95aa9de087..5dda561a04 100644 > --- a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c > +++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.c > @@ -1028,10 +1028,19 @@ StartFmpImage ( > ImageSize, > &ImageHandle > ); > DEBUG((DEBUG_INFO, "FmpCapsule: LoadImage - %r\n", Status)); > if (EFI_ERROR(Status)) { > + // > + // With EFI_SECURITY_VIOLATION retval, the Image was loaded and an > ImageHandle was created > + // with a valid EFI_LOADED_IMAGE_PROTOCOL, but the image can not be > started right now. > + // If the caller doesn't have the option to defer the execution of = an > image, we should > + // unload image for the EFI_SECURITY_VIOLATION to avoid resource le= ak. > + // > + if (Status =3D=3D EFI_SECURITY_VIOLATION) { > + gBS->UnloadImage (ImageHandle); > + } Reviewed-by: Hao A Wu Best Regards, Hao Wu > FreePool(DriverDevicePath); > return Status; > } >=20 > DEBUG((DEBUG_INFO, "FmpCapsule: StartImage ...\n")); > -- > 2.18.0.windows.1 >=20 >=20 >=20