[PATCH 2/2] efi: payload: bootm: fix potential double-unload for image

[Ahmad Fatoum]

efi_execute_image() already takes care to unload the image if it returns,
so adapt the single caller that tries to unload the image again
accordingly.

Cc: Chali Anis <chalianis1 at gmail.com>
Signed-off-by: Ahmad Fatoum <a.fatoum at pengutronix.de>
---
 efi/payload/bootm.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/efi/payload/bootm.c b/efi/payload/bootm.c
index aba643b2c59d..801c0202ae83 100644
--- a/efi/payload/bootm.c
+++ b/efi/payload/bootm.c
@@ -235,6 +235,7 @@ static int do_bootm_efi_stub(struct image_data *data)
 {
 	struct efi_loaded_image *loaded_image;
 	void *fdt = NULL, *initrd = NULL;
+	bool image_freed = false;
 	efi_handle_t handle;
 	enum filetype type;
 	int ret;
@@ -257,6 +258,13 @@ static int do_bootm_efi_stub(struct image_data *data)
 		goto unload_ramdisk;
 
 	ret = efi_execute_image(handle, loaded_image, type);
+
+	/* efi_execute_image takes care to unload the image on error,
+	 * so we set image_freed and fall through to freeing ramdisk
+	 * and oftree.
+	 */
+	image_freed = true;
+
 unload_ramdisk:
 	if (initrd) {
 		efi_initrd_unregister();
@@ -265,7 +273,8 @@ static int do_bootm_efi_stub(struct image_data *data)
 unload_oftree:
 	efi_unload_fdt(fdt);
 unload_os:
-	BS->unload_image(handle);
+	if (!image_freed)
+		BS->unload_image(handle);
 
 	return ret;
 }
-- 
2.47.3