[efi] Work around UEFI specification bug in LoadImage for SAN boot

As described in the previous commit, work around a UEFI specification
bug that necessitates calling UnloadImage if the return value from
LoadImage is EFI_SECURITY_VIOLATION.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

diff --git a/src/interface/efi/efi_block.c b/src/interface/efi/efi_block.c
index 91f830a11a6e52072e2cdc625ea8d36e978f78aa..64d1e1980bbdc5ad93c3f2d8c98c14fd62133dc0 100644 (file)
--- a/src/interface/efi/efi_block.c
+++ b/src/interface/efi/efi_block.c
@@ -594,11 +594,14 @@ static int efi_block_boot_image ( struct san_device *sandev, EFI_HANDLE handle,
               sandev->drive, efi_devpath_text ( boot_path ) );
 
        /* Try loading boot image from this device */
+       *image = NULL;
        if ( ( efirc = bs->LoadImage ( FALSE, efi_image_handle, boot_path,
                                       NULL, 0, image ) ) != 0 ) {
                rc = -EEFI ( efirc );
                DBGC ( sandev, "EFIBLK %#02x could not load image: %s\n",
                       sandev->drive, strerror ( rc ) );
+               if ( efirc == EFI_SECURITY_VIOLATION )
+                       bs->UnloadImage ( *image );
                goto err_load_image;
        }