git.ipfire.org Git - thirdparty/ipxe.git/commit

author	Michael Brown <mcb30@ipxe.org>
	Thu, 4 Jun 2020 21:24:21 +0000 (22:24 +0100)
committer	Michael Brown <mcb30@ipxe.org>
	Thu, 4 Jun 2020 21:40:35 +0000 (22:40 +0100)
commit	18d2162f642fb0e879d5188e7d319add3744b85b
tree	a9be9c8bc5600e3b0e558847b384807c08548f3d	tree
parent	d68befef1ad2cd2c68d631c99157bd9ae4c79bee	commit \| diff

[efi] Work around UEFI specification bug in LoadImage

iPXE currently assumes that any error returned from LoadImage()
indicates that the image was not loaded. This assumption was correct
at the time the code was written and remained correct for UEFI
specifications up to and including version 2.1.

In version 2.3, the UEFI specification broke API and ABI compatibility
by defining that a return value of EFI_SECURITY_VIOLATION would now
indicate that the image had been loaded and a valid image handle had
been created, but that the image should not be started.

The wording in version 2.2 is ambiguous, and does not define whether
or not a return value of EFI_SECURITY_VIOLATION indicates that a valid
image handle has been created.

Attempt to work around all of these incompatible and partially
undefined APIs by calling UnloadImage if we get a return value of
EFI_SECURITY_VIOLATION. Minimise the risk of passing an uninitialised
pointer to UnloadImage by setting ImageHandle to NULL prior to calling
LoadImage.

Signed-off-by: Michael Brown <mcb30@ipxe.org>