ShellPkg: Unload image on EFI_SECURITY_VIOLATION

[mirror_edk2.git] / ShellPkg / Library / UefiShellLevel2CommandsLib / Load.c

diff --git a/ShellPkg/Library/UefiShellLevel2CommandsLib/Load.c b/ShellPkg/Library/UefiShellLevel2CommandsLib/Load.c
index 6a94b48c86d3d353764f6d0cb6f4e426e6cbcd95..b6e7c952fae9a580f10473891215aaa6fee8cff2 100644 (file)
--- a/ShellPkg/Library/UefiShellLevel2CommandsLib/Load.c
+++ b/ShellPkg/Library/UefiShellLevel2CommandsLib/Load.c
@@ -2,7 +2,7 @@
   Main file for attrib shell level 2 function.\r
 \r
   (C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>\r
-  Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r
+  Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR>\r
   SPDX-License-Identifier: BSD-2-Clause-Patent\r
 \r
 **/\r
@@ -112,6 +112,15 @@ LoadDriver(
     &LoadedDriverHandle);\r
 \r
   if (EFI_ERROR(Status)) {\r
+    //\r
+    // With EFI_SECURITY_VIOLATION retval, the Image was loaded and an ImageHandle was created\r
+    // with a valid EFI_LOADED_IMAGE_PROTOCOL, but the image can not be started right now.\r
+    // If the caller doesn't have the option to defer the execution of an image, we should\r
+    // unload image for the EFI_SECURITY_VIOLATION to avoid resource leak.\r
+    //\r
+    if (Status == EFI_SECURITY_VIOLATION) {\r
+      gBS->UnloadImage (LoadedDriverHandle);\r
+    }\r
     ShellPrintHiiEx(-1, -1, NULL, STRING_TOKEN (STR_LOAD_NOT_IMAGE), gShellLevel2HiiHandle, FileName, Status);\r
   } else {\r
     //\r