Ring3: Added EFI_MEMORY_USER attribute.

acidanthera · Jan 9, 2024 · 81e5198 · 81e5198
1 parent c22e277
commit 81e5198
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 6 deletions.
diff --git a/MdeModulePkg/Core/Dxe/Image/Image.c b/MdeModulePkg/Core/Dxe/Image/Image.c
@@ -828,7 +828,7 @@ CoreLoadPeImage (
   if (DstBufAlocated) {
     ZeroMem ((VOID *)(UINTN)BufferAddress, EFI_PAGES_TO_SIZE (Image->NumberOfPages));
     FreeAlignedPages ((VOID *)(UINTN)BufferAddress, Image->NumberOfPages);
-    Image->ImageBasePage             = 0;
+    Image->ImageBasePage = 0;
   }
 
   if (RelocationData != NULL) {

diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
@@ -93,7 +93,8 @@ SetUefiImageMemoryAttributes (
 **/
 VOID
 SetUefiImageProtectionAttributes (
-  IN UEFI_IMAGE_RECORD        *ImageRecord
+  IN UEFI_IMAGE_RECORD        *ImageRecord,
+  IN BOOLEAN                  IsUser
   )
 {
   UEFI_IMAGE_RECORD_SEGMENT       *ImageRecordSegment;
@@ -106,7 +107,7 @@ SetUefiImageProtectionAttributes (
     SetUefiImageMemoryAttributes (
       SectionAddress,
       ImageRecordSegment->Size,
-      ImageRecordSegment->Attributes
+      IsUser ? ImageRecordSegment->Attributes | (UINT32)EFI_MEMORY_USER : ImageRecordSegment->Attributes
       );
 
     SectionAddress += ImageRecordSegment->Size;
@@ -229,7 +230,11 @@ ProtectUefiImage (
     //
     // CPU ARCH present. Update memory attribute directly.
     //
-    SetUefiImageProtectionAttributes (ImageRecord);
+    if (AsciiStrStr (PdbPointer, "Ntfs") != NULL) {
+      SetUefiImageProtectionAttributes (ImageRecord, TRUE);
+    } else {
+      SetUefiImageProtectionAttributes (ImageRecord, FALSE);
+    }
   }
 
 Finish:
@@ -660,7 +665,7 @@ MemoryProtectionCpuArchProtocolNotify (
     //
     // CPU ARCH present. Update memory attribute directly.
     //
-    SetUefiImageProtectionAttributes (ImageRecord);
+    SetUefiImageProtectionAttributes (ImageRecord, FALSE);
   }
 
 Done:

diff --git a/MdePkg/Include/Uefi/UefiSpec.h b/MdePkg/Include/Uefi/UefiSpec.h
@@ -105,6 +105,12 @@ typedef enum {
 //
 #define EFI_MEMORY_CPU_CRYPTO  0x0000000000080000ULL
 
+//
+// If this flag is set, the memory region contains user code or data.
+// If this flag is clear, the memory region contains supervisor code or data.
+//
+#define EFI_MEMORY_USER  0x0000000000100000ULL
+
 //
 // Runtime memory attribute
 //
@@ -115,7 +121,7 @@ typedef enum {
 //
 #define EFI_CACHE_ATTRIBUTE_MASK   (EFI_MEMORY_UC | EFI_MEMORY_WC | EFI_MEMORY_WT | EFI_MEMORY_WB | EFI_MEMORY_UCE | EFI_MEMORY_WP)
 #define EFI_MEMORY_ACCESS_MASK     (EFI_MEMORY_RP | EFI_MEMORY_XP | EFI_MEMORY_RO)
-#define EFI_MEMORY_ATTRIBUTE_MASK  (EFI_MEMORY_ACCESS_MASK | EFI_MEMORY_SP | EFI_MEMORY_CPU_CRYPTO)
+#define EFI_MEMORY_ATTRIBUTE_MASK  (EFI_MEMORY_ACCESS_MASK | EFI_MEMORY_SP | EFI_MEMORY_CPU_CRYPTO | EFI_MEMORY_USER)
 
 ///
 /// Memory descriptor version number.

diff --git a/UefiCpuPkg/Library/CpuArchLib/CpuPageTable.c b/UefiCpuPkg/Library/CpuArchLib/CpuPageTable.c
@@ -467,6 +467,27 @@ ConvertPageEntryAttribute (
     }
   }
 
+  if ((Attributes & EFI_MEMORY_USER) != 0) {
+    switch (PageAction) {
+      case PageActionAssign:
+      case PageActionSet:
+        NewPageEntry |= IA32_PG_U;
+        break;
+      case PageActionClear:
+        NewPageEntry &= ~(UINT64)IA32_PG_U;
+        break;
+    }
+  } else {
+    switch (PageAction) {
+      case PageActionAssign:
+        NewPageEntry &= ~(UINT64)IA32_PG_U;
+        break;
+      case PageActionSet:
+      case PageActionClear:
+        break;
+    }
+  }
+
   GetPagingDetails (&PagingContext->ContextData, NULL, &PageAttributes);
 
   if ((*PageAttributes & PAGE_TABLE_LIB_PAGING_CONTEXT_IA32_X64_ATTRIBUTES_XD_ACTIVATED) != 0) {