/** @file\r
Core image handling services to load and unload PeImage.\r
\r
-Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at\r
//\r
GLOBAL_REMOVE_IF_UNREFERENCED UINT64 *mDxeCodeMemoryRangeUsageBitMap=NULL;\r
\r
+typedef struct {\r
+ UINT16 MachineType;\r
+ CHAR16 *MachineTypeName;\r
+} MACHINE_TYPE_INFO;\r
+\r
+//\r
+// EBC machine is not listed in this table, because EBC is in the default supported scopes of other machine type.\r
+//\r
+GLOBAL_REMOVE_IF_UNREFERENCED MACHINE_TYPE_INFO mMachineTypeInfo[] = {\r
+ {EFI_IMAGE_MACHINE_IA32, L"IA32"},\r
+ {EFI_IMAGE_MACHINE_IA64, L"IA64"},\r
+ {EFI_IMAGE_MACHINE_X64, L"X64"},\r
+ {EFI_IMAGE_MACHINE_ARMTHUMB_MIXED, L"ARM"}\r
+};\r
+\r
+UINT16 mDxeCoreImageMachineType = 0;\r
+\r
+/**\r
+ Return machine type name.\r
+\r
+ @param MachineType The machine type\r
+\r
+ @return machine type name\r
+**/\r
+CHAR16 *\r
+GetMachineTypeName (\r
+ UINT16 MachineType\r
+ )\r
+{\r
+ UINTN Index;\r
+ \r
+ for (Index = 0; Index < sizeof(mMachineTypeInfo)/sizeof(mMachineTypeInfo[0]); Index++) {\r
+ if (mMachineTypeInfo[Index].MachineType == MachineType) {\r
+ return mMachineTypeInfo[Index].MachineTypeName;\r
+ }\r
+ }\r
+\r
+ return L"<Unknown>";\r
+}\r
+\r
/**\r
Add the Image Services to EFI Boot Services Table and install the protocol\r
interfaces for this image.\r
//\r
// Fill in DXE globals\r
//\r
+ mDxeCoreImageMachineType = PeCoffLoaderGetMachineType (Image->Info.ImageBase);\r
gDxeCoreImageHandle = Image->Handle;\r
gDxeCoreLoadedImage = &Image->Info;\r
\r
UINTN EndPosition;\r
IMAGE_FILE_HANDLE *FHand;\r
\r
+ if (UserHandle == NULL || ReadSize == NULL || Buffer == NULL) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ if (MAX_ADDRESS - Offset < *ReadSize) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
FHand = (IMAGE_FILE_HANDLE *)UserHandle;\r
ASSERT (FHand->Signature == IMAGE_FILE_HANDLE_SIGNATURE);\r
\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
- \r
+ if (Size != sizeof (EFI_IMAGE_SECTION_HEADER)) {\r
+ return EFI_NOT_FOUND;\r
+ }\r
+\r
Status = EFI_NOT_FOUND;\r
\r
if ((SectionHeader.Characteristics & EFI_IMAGE_SCN_CNT_CODE) == 0) {\r
// The PE/COFF loader can support loading image types that can be executed.\r
// If we loaded an image type that we can not execute return EFI_UNSUPORTED.\r
//\r
+ DEBUG ((EFI_D_ERROR, "Image type %s can't be loaded ", GetMachineTypeName(Image->ImageContext.Machine)));\r
+ DEBUG ((EFI_D_ERROR, "on %s UEFI system.\n", GetMachineTypeName(mDxeCoreImageMachineType)));\r
return EFI_UNSUPPORTED;\r
}\r
}\r
UINTN OpenInfoCount;\r
UINTN OpenInfoIndex;\r
\r
+ HandleBuffer = NULL;\r
+ ProtocolGuidArray = NULL;\r
+\r
if (Image->Ebc != NULL) {\r
//\r
// If EBC protocol exists we must perform cleanups for this image.\r
protocol for loading the file.\r
@retval EFI_OUT_OF_RESOURCES Image was not loaded due to insufficient\r
resources.\r
+ @retval EFI_LOAD_ERROR Image was not loaded because the image format was corrupt or not\r
+ understood.\r
+ @retval EFI_DEVICE_ERROR Image was not loaded because the device returned a read error.\r
+ @retval EFI_ACCESS_DENIED Image was not loaded because the platform policy prohibits the \r
+ image from being loaded. NULL is returned in *ImageHandle.\r
+ @retval EFI_SECURITY_VIOLATION Image was loaded and an ImageHandle was created with a \r
+ valid EFI_LOADED_IMAGE_PROTOCOL. However, the current \r
+ platform policy specifies that the image should not be started.\r
\r
**/\r
EFI_STATUS\r
EFI_DEVICE_PATH_PROTOCOL *OriginalFilePath;\r
EFI_DEVICE_PATH_PROTOCOL *HandleFilePath;\r
UINTN FilePathSize;\r
+ BOOLEAN ImageIsFromFv;\r
\r
SecurityStatus = EFI_SUCCESS;\r
\r
DeviceHandle = NULL;\r
Status = EFI_SUCCESS;\r
AuthenticationStatus = 0;\r
+ ImageIsFromFv = FALSE;\r
+\r
//\r
// If the caller passed a copy of the file, then just use it\r
//\r
if (SourceBuffer != NULL) {\r
FHand.Source = SourceBuffer;\r
FHand.SourceSize = SourceSize;\r
- CoreLocateDevicePath (&gEfiDevicePathProtocolGuid, &HandleFilePath, &DeviceHandle);\r
+ Status = CoreLocateDevicePath (&gEfiDevicePathProtocolGuid, &HandleFilePath, &DeviceHandle);\r
+ if (EFI_ERROR (Status)) {\r
+ DeviceHandle = NULL;\r
+ }\r
if (SourceSize > 0) {\r
Status = EFI_SUCCESS;\r
} else {\r
//\r
FHand.FreeBuffer = TRUE;\r
Status = CoreLocateDevicePath (&gEfiFirmwareVolume2ProtocolGuid, &HandleFilePath, &DeviceHandle);\r
- if (EFI_ERROR (Status)) {\r
+ if (!EFI_ERROR (Status)) {\r
+ ImageIsFromFv = TRUE;\r
+ } else {\r
HandleFilePath = FilePath;\r
Status = CoreLocateDevicePath (&gEfiSimpleFileSystemProtocolGuid, &HandleFilePath, &DeviceHandle);\r
if (EFI_ERROR (Status)) {\r
}\r
}\r
\r
- if (Status == EFI_ALREADY_STARTED) {\r
+ if (EFI_ERROR (Status)) {\r
Image = NULL;\r
goto Done;\r
- } else if (EFI_ERROR (Status)) {\r
- return Status;\r
}\r
\r
- //\r
- // Verify the Authentication Status through the Security Architectural Protocol\r
- //\r
- if ((gSecurity != NULL) && (OriginalFilePath != NULL)) {\r
+ if (gSecurity2 != NULL) {\r
+ //\r
+ // Verify File Authentication through the Security2 Architectural Protocol\r
+ //\r
+ SecurityStatus = gSecurity2->FileAuthentication (\r
+ gSecurity2,\r
+ OriginalFilePath,\r
+ FHand.Source,\r
+ FHand.SourceSize,\r
+ BootPolicy\r
+ );\r
+ if (!EFI_ERROR (SecurityStatus) && ImageIsFromFv) {\r
+ //\r
+ // When Security2 is installed, Security Architectural Protocol must be published.\r
+ //\r
+ ASSERT (gSecurity != NULL);\r
+\r
+ //\r
+ // Verify the Authentication Status through the Security Architectural Protocol\r
+ // Only on images that have been read using Firmware Volume protocol.\r
+ //\r
+ SecurityStatus = gSecurity->FileAuthenticationState (\r
+ gSecurity,\r
+ AuthenticationStatus,\r
+ OriginalFilePath\r
+ );\r
+ }\r
+ } else if ((gSecurity != NULL) && (OriginalFilePath != NULL)) {\r
+ //\r
+ // Verify the Authentication Status through the Security Architectural Protocol\r
+ //\r
SecurityStatus = gSecurity->FileAuthenticationState (\r
gSecurity,\r
AuthenticationStatus,\r
OriginalFilePath\r
);\r
- if (EFI_ERROR (SecurityStatus) && SecurityStatus != EFI_SECURITY_VIOLATION) {\r
- Status = SecurityStatus;\r
- Image = NULL;\r
- goto Done;\r
- }\r
}\r
\r
+ //\r
+ // Check Security Status.\r
+ //\r
+ if (EFI_ERROR (SecurityStatus) && SecurityStatus != EFI_SECURITY_VIOLATION) {\r
+ if (SecurityStatus == EFI_ACCESS_DENIED) {\r
+ //\r
+ // Image was not loaded because the platform policy prohibits the image from being loaded.\r
+ // It's the only place we could meet EFI_ACCESS_DENIED.\r
+ //\r
+ *ImageHandle = NULL;\r
+ }\r
+ Status = SecurityStatus;\r
+ Image = NULL;\r
+ goto Done;\r
+ }\r
\r
//\r
// Allocate a new image structure\r
//\r
Image = AllocateZeroPool (sizeof(LOADED_IMAGE_PRIVATE_DATA));\r
if (Image == NULL) {\r
- return EFI_OUT_OF_RESOURCES;\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Done;\r
}\r
\r
//\r
if (EFI_ERROR (Status)) {\r
if (Image != NULL) {\r
CoreUnloadAndCloseImage (Image, (BOOLEAN)(DstBuffer == 0));\r
- *ImageHandle = NULL;\r
+ Image = NULL;\r
}\r
} else if (EFI_ERROR (SecurityStatus)) {\r
Status = SecurityStatus;\r
}\r
\r
+ //\r
+ // Track the return status from LoadImage.\r
+ //\r
+ if (Image != NULL) {\r
+ Image->LoadImageStatus = Status;\r
+ }\r
+\r
return Status;\r
}\r
\r
protocol for loading the file.\r
@retval EFI_OUT_OF_RESOURCES Image was not loaded due to insufficient\r
resources.\r
+ @retval EFI_LOAD_ERROR Image was not loaded because the image format was corrupt or not\r
+ understood.\r
+ @retval EFI_DEVICE_ERROR Image was not loaded because the device returned a read error.\r
+ @retval EFI_ACCESS_DENIED Image was not loaded because the platform policy prohibits the \r
+ image from being loaded. NULL is returned in *ImageHandle.\r
+ @retval EFI_SECURITY_VIOLATION Image was loaded and an ImageHandle was created with a \r
+ valid EFI_LOADED_IMAGE_PROTOCOL. However, the current \r
+ platform policy specifies that the image should not be started.\r
\r
**/\r
EFI_STATUS\r
{\r
EFI_STATUS Status;\r
UINT64 Tick;\r
+ EFI_HANDLE Handle;\r
\r
Tick = 0;\r
PERF_CODE (\r
EFI_LOAD_PE_IMAGE_ATTRIBUTE_RUNTIME_REGISTRATION | EFI_LOAD_PE_IMAGE_ATTRIBUTE_DEBUG_IMAGE_INFO_TABLE_REGISTRATION\r
);\r
\r
- PERF_START (*ImageHandle, "LoadImage:", NULL, Tick);\r
- PERF_END (*ImageHandle, "LoadImage:", NULL, 0);\r
+ Handle = NULL; \r
+ if (!EFI_ERROR (Status)) {\r
+ //\r
+ // ImageHandle will be valid only Status is success. \r
+ //\r
+ Handle = *ImageHandle;\r
+ }\r
+\r
+ PERF_START (Handle, "LoadImage:", NULL, Tick);\r
+ PERF_END (Handle, "LoadImage:", NULL, 0);\r
\r
return Status;\r
}\r
protocol for loading the file.\r
@retval EFI_OUT_OF_RESOURCES Image was not loaded due to insufficient\r
resources.\r
+ @retval EFI_LOAD_ERROR Image was not loaded because the image format was corrupt or not\r
+ understood.\r
+ @retval EFI_DEVICE_ERROR Image was not loaded because the device returned a read error.\r
+ @retval EFI_ACCESS_DENIED Image was not loaded because the platform policy prohibits the \r
+ image from being loaded. NULL is returned in *ImageHandle.\r
+ @retval EFI_SECURITY_VIOLATION Image was loaded and an ImageHandle was created with a \r
+ valid EFI_LOADED_IMAGE_PROTOCOL. However, the current \r
+ platform policy specifies that the image should not be started.\r
\r
**/\r
EFI_STATUS\r
IN UINT32 Attribute\r
)\r
{\r
- return CoreLoadImageCommon (\r
+ EFI_STATUS Status;\r
+ UINT64 Tick;\r
+ EFI_HANDLE Handle;\r
+\r
+ Tick = 0;\r
+ PERF_CODE (\r
+ Tick = GetPerformanceCounter ();\r
+ );\r
+\r
+ Status = CoreLoadImageCommon (\r
TRUE,\r
ParentImageHandle,\r
FilePath,\r
EntryPoint,\r
Attribute\r
);\r
+\r
+ Handle = NULL; \r
+ if (!EFI_ERROR (Status)) {\r
+ //\r
+ // ImageHandle will be valid only Status is success. \r
+ //\r
+ Handle = *ImageHandle;\r
+ }\r
+\r
+ PERF_START (Handle, "LoadImage:", NULL, Tick);\r
+ PERF_END (Handle, "LoadImage:", NULL, 0);\r
+\r
+ return Status;\r
}\r
\r
\r
@param ImageHandle Handle of image to be started.\r
@param ExitDataSize Pointer of the size to ExitData\r
@param ExitData Pointer to a pointer to a data buffer that\r
- includes a Null-terminated Unicode string,\r
+ includes a Null-terminated string,\r
optionally followed by additional binary data.\r
The string is a description that the caller may\r
use to further indicate the reason for the\r
\r
@retval EFI_INVALID_PARAMETER Invalid parameter\r
@retval EFI_OUT_OF_RESOURCES No enough buffer to allocate\r
+ @retval EFI_SECURITY_VIOLATION The current platform policy specifies that the image should not be started.\r
@retval EFI_SUCCESS Successfully transfer control to the image's\r
entry point.\r
\r
LOADED_IMAGE_PRIVATE_DATA *LastImage;\r
UINT64 HandleDatabaseKey;\r
UINTN SetJumpFlag;\r
+ UINT64 Tick;\r
+ EFI_HANDLE Handle;\r
+\r
+ Tick = 0;\r
+ Handle = ImageHandle;\r
\r
Image = CoreLoadedImageInfo (ImageHandle);\r
if (Image == NULL || Image->Started) {\r
return EFI_INVALID_PARAMETER;\r
}\r
+ if (EFI_ERROR (Image->LoadImageStatus)) {\r
+ return Image->LoadImageStatus;\r
+ }\r
\r
//\r
// The image to be started must have the machine type supported by DxeCore.\r
//\r
- ASSERT (EFI_IMAGE_MACHINE_TYPE_SUPPORTED (Image->Machine));\r
if (!EFI_IMAGE_MACHINE_TYPE_SUPPORTED (Image->Machine)) {\r
+ //\r
+ // Do not ASSERT here, because image might be loaded via EFI_IMAGE_MACHINE_CROSS_TYPE_SUPPORTED\r
+ // But it can not be started.\r
+ //\r
+ DEBUG ((EFI_D_ERROR, "Image type %s can't be started ", GetMachineTypeName(Image->Machine)));\r
+ DEBUG ((EFI_D_ERROR, "on %s UEFI system.\n", GetMachineTypeName(mDxeCoreImageMachineType)));\r
return EFI_UNSUPPORTED;\r
}\r
\r
- //\r
- // Don't profile Objects or invalid start requests\r
- //\r
- PERF_START (ImageHandle, "StartImage:", NULL, 0);\r
+ PERF_CODE (\r
+ Tick = GetPerformanceCounter ();\r
+ );\r
\r
\r
//\r
//\r
Image->JumpBuffer = AllocatePool (sizeof (BASE_LIBRARY_JUMP_BUFFER) + BASE_LIBRARY_JUMP_BUFFER_ALIGNMENT);\r
if (Image->JumpBuffer == NULL) {\r
- PERF_END (ImageHandle, "StartImage:", NULL, 0);\r
+ //\r
+ // Image may be unloaded after return with failure,\r
+ // then ImageHandle may be invalid, so use NULL handle to record perf log.\r
+ //\r
+ PERF_START (NULL, "StartImage:", NULL, Tick);\r
+ PERF_END (NULL, "StartImage:", NULL, 0);\r
return EFI_OUT_OF_RESOURCES;\r
}\r
Image->JumpContext = ALIGN_POINTER (Image->JumpBuffer, BASE_LIBRARY_JUMP_BUFFER_ALIGNMENT);\r
// Subsequent calls to LongJump() cause a non-zero value to be returned by SetJump().\r
//\r
if (SetJumpFlag == 0) {\r
+ RegisterMemoryProfileImage (Image, (Image->ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION ? EFI_FV_FILETYPE_APPLICATION : EFI_FV_FILETYPE_DRIVER));\r
//\r
// Call the image's entry point\r
//\r
//\r
if (EFI_ERROR (Image->Status) || Image->Type == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION) {\r
CoreUnloadAndCloseImage (Image, TRUE);\r
+ //\r
+ // ImageHandle may be invalid after the image is unloaded, so use NULL handle to record perf log.\r
+ //\r
+ Handle = NULL;\r
}\r
\r
//\r
// Done\r
//\r
- PERF_END (ImageHandle, "StartImage:", NULL, 0);\r
+ PERF_START (Handle, "StartImage:", NULL, Tick);\r
+ PERF_END (Handle, "StartImage:", NULL, 0);\r
return Status;\r
}\r
\r
Status = EFI_INVALID_PARAMETER;\r
goto Done;\r
}\r
+ UnregisterMemoryProfileImage (Image);\r
\r
if (Image->Started) {\r
//\r
projects / mirror_edk2.git / blobdiff