When an image fails Secure Boot validation, LoadImage() returns
EFI_SECURITY_VIOLATION if the platform policy is
DEFER_EXECUTE_ON_SECURITY_VIOLATION.
If the platform policy is DENY_EXECUTE_ON_SECURITY_VIOLATION, then
LoadImage() returns EFI_ACCESS_DENIED (and the image does not remain
loaded).
(Before <https://bugzilla.tianocore.org/show_bug.cgi?id=2129>, this
difference would be masked, as DxeImageVerificationLib would incorrectly
return EFI_SECURITY_VIOLATION for DENY_EXECUTE_ON_SECURITY_VIOLATION as
well.)
In X86QemuLoadImageLib, proceed to the legacy Linux/x86 Boot Protocol upon
seeing EFI_ACCESS_DENIED too.
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2785
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <
20200605235242.32442-1-lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
\r
case EFI_SECURITY_VIOLATION:\r
//\r
- // We are running with UEFI secure boot enabled, and the image failed to\r
- // authenticate. For compatibility reasons, we fall back to the legacy\r
- // loader in this case. Since the image has been loaded, we need to unload\r
- // it before proceeding\r
+ // Since the image has been loaded, we need to unload it before proceeding\r
+ // to the EFI_ACCESS_DENIED case below.\r
//\r
gBS->UnloadImage (KernelImageHandle);\r
//\r
// Fall through\r
//\r
+ case EFI_ACCESS_DENIED:\r
+ //\r
+ // We are running with UEFI secure boot enabled, and the image failed to\r
+ // authenticate. For compatibility reasons, we fall back to the legacy\r
+ // loader in this case.\r
+ //\r
+ // Fall through\r
+ //\r
case EFI_UNSUPPORTED:\r
//\r
// The image is not natively supported or cross-type supported. Let's try\r
projects / mirror_edk2.git / commitdiff