ShellPkg: Unload image on EFI_SECURITY_VIOLATION

[mirror_edk2.git] / ShellPkg / Library / UefiShellDebug1CommandsLib / LoadPciRom.c

diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/LoadPciRom.c b/ShellPkg/Library/UefiShellDebug1CommandsLib/LoadPciRom.c
index 1b169d0d3c7de4aa8d4ea7194fc34ec85c79f655..5b6cba17f30387a4b834e124772c4f6e9676c6a0 100644 (file)
--- a/ShellPkg/Library/UefiShellDebug1CommandsLib/LoadPciRom.c
+++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/LoadPciRom.c
@@ -2,7 +2,7 @@
   Main file for LoadPciRom shell Debug1 function.\r
 \r
   (C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>\r
-  Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.<BR>\r
+  Copyright (c) 2005 - 2019, Intel Corporation. All rights reserved.<BR>\r
   SPDX-License-Identifier: BSD-2-Clause-Patent\r
 \r
 **/\r
@@ -334,6 +334,15 @@ LoadEfiDriversFromRomImage (
                         &ImageHandle\r
                        );\r
           if (EFI_ERROR (Status)) {\r
+            //\r
+            // With EFI_SECURITY_VIOLATION retval, the Image was loaded and an ImageHandle was created\r
+            // with a valid EFI_LOADED_IMAGE_PROTOCOL, but the image can not be started right now.\r
+            // If the caller doesn't have the option to defer the execution of an image, we should\r
+            // unload image for the EFI_SECURITY_VIOLATION to avoid resource leak.\r
+            //\r
+            if (Status == EFI_SECURITY_VIOLATION) {\r
+              gBS->UnloadImage (ImageHandle);\r
+            }\r
             ShellPrintHiiEx(-1, -1, NULL, STRING_TOKEN (STR_LOADPCIROM_LOAD_FAIL), gShellDebug1HiiHandle, L"loadpcirom", FileName, ImageIndex);\r
 //            PrintToken (STRING_TOKEN (STR_LOADPCIROM_LOAD_IMAGE_ERROR), HiiHandle, ImageIndex, Status);\r
           } else {\r