efi_loader: notification with TPL_APPLICATION not allowed

The UEFI specification requires event notification levels to be
> TPL_APPLICATION and <= TPL_HIGH_LEVEL.

With the patch the CreateEvent() and CreatedEventEx() services are changed
to check that the notification level is not TPL_APPLICATION.

Reference:
UEFI Specification 2.8 Errata B, table 27 "TPL Restrictions",
"Event Notification Levels"

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index 18ca967..ce658a8 100644 (file)
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -687,8 +687,15 @@ efi_status_t efi_create_event(uint32_t type, efi_uintn_t notify_tpl,
                return EFI_INVALID_PARAMETER;
        }
 
+       /*
+        * The UEFI specification requires event notification levels to be
+        * > TPL_APPLICATION and <= TPL_HIGH_LEVEL.
+        *
+        * Parameter NotifyTpl should not be checked if it is not used.
+        */
        if ((type & (EVT_NOTIFY_WAIT | EVT_NOTIFY_SIGNAL)) &&
-           (!notify_function || is_valid_tpl(notify_tpl) != EFI_SUCCESS))
+           (!notify_function || is_valid_tpl(notify_tpl) != EFI_SUCCESS ||
+            notify_tpl == TPL_APPLICATION))
                return EFI_INVALID_PARAMETER;
 
        ret = efi_allocate_pool(pool_type, sizeof(struct efi_event),