> -----Original Message----- > From: Bi, Dandan > Sent: Wednesday, September 25, 2019 9:56 AM > To: devel@edk2.groups.io; Wu, Hao A > Cc: Leif Lindholm; Ard Biesheuvel; Wang, Jian J; Ni, Ray; Gao, Liming; Gao, > Zhichao; Laszlo Ersek; Philippe Mathieu-Daude; Bi, Dandan > Subject: RE: [edk2-devel] [patch v3 0/5] Unload image on > EFI_SECURITY_VIOLATION > > Hi Hao, > > Could you help to push this V3 patch series?
The series has been pushed via commits 590c9d5828..c671c9106c. Best Regards, Hao Wu > > > Thanks, > Dandan > > -----Original Message----- > > From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of > > Dandan Bi > > Sent: Tuesday, September 24, 2019 9:17 PM > > To: devel@edk2.groups.io > > Cc: Leif Lindholm <leif.lindh...@linaro.org>; Ard Biesheuvel > > <ard.biesheu...@linaro.org>; Wang, Jian J <jian.j.w...@intel.com>; Wu, > > Hao A <hao.a...@intel.com>; Ni, Ray <ray...@intel.com>; Gao, Liming > > <liming....@intel.com>; Gao, Zhichao <zhichao....@intel.com>; Laszlo > > Ersek <ler...@redhat.com>; Philippe Mathieu-Daude > <phi...@redhat.com> > > Subject: [edk2-devel] [patch v3 0/5] Unload image on > > EFI_SECURITY_VIOLATION > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1992 > > > > v2: > > Just enahnce the code error handling logic in patch 3. > > Other patches are the same and pick up the Acked-by and Reviewed-by in > > other patches. > > > > v2: > > (1) Just separate the patch in MdeModulePkg into module level, the > changes > > in EmbeddedPkg and ShellPkg are the same with V1. > > (2) Drop the update in PciBusDxe module in MdeModulePkg since with > > EFI_SECURITY_VIOLATION returned, the image may be used later. > > > > > > For the LoadImage() boot service, with EFI_SECURITY_VIOLATION retval, > the > > Image was loaded and an ImageHandle was created with a valid > > EFI_LOADED_IMAGE_PROTOCOL, but the image can not be started right > now. > > This follows UEFI Spec. > > > > But if the caller of LoadImage() doesn't have the option to defer the > > execution of an image, we can not treat EFI_SECURITY_VIOLATION like any > > other LoadImage() error, we should unload image for the > > EFI_SECURITY_VIOLATION to avoid resource leak. > > > > This patch is to do error handling for EFI_SECURITY_VIOLATION explicitly > for > > the callers in edk2 which don't have the policy to defer the execution of > the > > image. > > > > Cc: Leif Lindholm <leif.lindh...@linaro.org> > > Cc: Ard Biesheuvel <ard.biesheu...@linaro.org> > > Cc: Jian J Wang <jian.j.w...@intel.com> > > Cc: Hao A Wu <hao.a...@intel.com> > > Cc: Ray Ni <ray...@intel.com> > > Cc: Liming Gao <liming....@intel.com> > > Cc: Zhichao Gao <zhichao....@intel.com> > > Cc: Laszlo Ersek <ler...@redhat.com> > > Cc: Philippe Mathieu-Daude <phi...@redhat.com> Dandan Bi (3): > > EmbeddedPkg: Unload image on EFI_SECURITY_VIOLATION > > MdeModulePkg/DxeCapsuleLibFmp: Unload image on > > EFI_SECURITY_VIOLATION > > MdeModulePkg/UefiBootManager: Unload image on > > EFI_SECURITY_VIOLATION > > MdeModulePkg/PlatformDriOverride: Unload image on > > EFI_SECURITY_VIOLATION > > ShellPkg: Unload image on EFI_SECURITY_VIOLATION > > > > .../AndroidFastboot/Arm/BootAndroidBootImg.c | 9 +++++++++ > > .../Library/AndroidBootImgLib/AndroidBootImgLib.c | 12 ++++++++++++ > > .../Library/DxeCapsuleLibFmp/DxeCapsuleLib.c | 9 +++++++++ > > MdeModulePkg/Library/UefiBootManagerLib/BmBoot.c | 9 +++++++++ > > .../Library/UefiBootManagerLib/BmLoadOption.c | 14 ++++++++++++-- > > MdeModulePkg/Library/UefiBootManagerLib/BmMisc.c | 14 > > ++++++++++++-- > > .../PlatformDriOverrideDxe/PlatDriOverrideLib.c | 11 ++++++++++- > > ShellPkg/Application/Shell/ShellManParser.c | 9 +++++++++ > > .../Library/UefiShellDebug1CommandsLib/LoadPciRom.c | 11 ++++++++++- > > ShellPkg/Library/UefiShellLevel2CommandsLib/Load.c | 11 ++++++++++- > > 10 files changed, 98 insertions(+), 5 deletions(-) > > > > -- > > 2.18.0.windows.1 > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#48004): https://edk2.groups.io/g/devel/message/48004 Mute This Topic: https://groups.io/mt/34275917/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
