|
@@ -229,8 +229,8 @@ static int efi_image_exec ( struct image *image ) {
|
229
|
229
|
/* Start the image */
|
230
|
230
|
if ( ( efirc = bs->StartImage ( handle, NULL, NULL ) ) != 0 ) {
|
231
|
231
|
rc = -EEFI_START ( efirc );
|
232
|
|
- DBGC ( image, "EFIIMAGE %p returned with status %s\n",
|
233
|
|
- image, strerror ( rc ) );
|
|
232
|
+ DBGC ( image, "EFIIMAGE %p could not start (or returned with "
|
|
233
|
+ "error): %s\n", image, strerror ( rc ) );
|
234
|
234
|
goto err_start_image;
|
235
|
235
|
}
|
236
|
236
|
|
|
@@ -240,14 +240,22 @@ static int efi_image_exec ( struct image *image ) {
|
240
|
240
|
err_start_image:
|
241
|
241
|
efi_snp_claim();
|
242
|
242
|
err_open_protocol:
|
243
|
|
- /* Unload the image. We can't leave it loaded, because we
|
244
|
|
- * have no "unload" operation.
|
|
243
|
+ /* If there was no error, then the image must have been
|
|
244
|
+ * started and returned successfully. It either unloaded
|
|
245
|
+ * itself, or it intended to remain loaded (e.g. it was a
|
|
246
|
+ * driver). We therefore do not unload successful images.
|
|
247
|
+ *
|
|
248
|
+ * If there was an error, attempt to unload the image. This
|
|
249
|
+ * may not work. In particular, there is no way to tell
|
|
250
|
+ * whether an error returned from StartImage() was due to
|
|
251
|
+ * being unable to start the image (in which case we probably
|
|
252
|
+ * should call UnloadImage()), or due to the image itself
|
|
253
|
+ * returning an error (in which case we probably should not
|
|
254
|
+ * call UnloadImage()). We therefore ignore any failures from
|
|
255
|
+ * the UnloadImage() call itself.
|
245
|
256
|
*/
|
246
|
|
- if ( ( efirc = bs->UnloadImage ( handle ) ) != 0 ) {
|
247
|
|
- rc = -EEFI ( efirc );
|
248
|
|
- DBGC ( image, "EFIIMAGE %p could not unload: %s\n",
|
249
|
|
- image, strerror ( rc ) );
|
250
|
|
- }
|
|
257
|
+ if ( rc != 0 )
|
|
258
|
+ bs->UnloadImage ( handle );
|
251
|
259
|
err_load_image:
|
252
|
260
|
free ( cmdline );
|
253
|
261
|
err_cmdline:
|