SysCall: Disabled global pages, set User page table attibutes in

paging syscalls.
2024-11-29 11:35:26 +03:00 · 2024-11-29 11:35:26 +03:00 · 58038f62ad
parent 7720181673
commit 58038f62ad
2 changed files with 22 additions and 2 deletions
--- a/MdeModulePkg/Core/Dxe/SysCall/BootServices.c
+++ b/MdeModulePkg/Core/Dxe/SysCall/BootServices.c
@ -605,6 +605,14 @@ CallBootService (
      *(EFI_PHYSICAL_ADDRESS *)UserRsp->Arguments[4] = (EFI_PHYSICAL_ADDRESS)Argument4;
      ForbidSupervisorAccessToUserMemory ();

+      gCpu->SetUserMemoryAttributes (
+              gCpu,
+              gUserPageTable,
+              Argument4,
+              EFI_PAGES_TO_SIZE (CoreRbp->Argument3),
+              EFI_MEMORY_USER
+              );
+
      return Status;

    case SysCallFreePages:
@ -617,6 +625,14 @@ CallBootService (
      gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument2 + CoreRbp->Argument1 * EFI_PAGE_SIZE - 1), &Attributes);
      ASSERT ((Attributes & EFI_MEMORY_USER) != 0);

+      gCpu->SetUserMemoryAttributes (
+              gCpu,
+              gUserPageTable,
+              CoreRbp->Argument2,
+              EFI_PAGES_TO_SIZE (CoreRbp->Argument1),
+              EFI_MEMORY_RP
+              );
+
      return gBS->FreePages (
                    *(EFI_PHYSICAL_ADDRESS *)&CoreRbp->Argument2,
                    CoreRbp->Argument1
--- a/MdeModulePkg/Core/Dxe/SysCall/X64/InitializeMsr.c
+++ b/MdeModulePkg/Core/Dxe/SysCall/X64/InitializeMsr.c
@ -188,8 +188,12 @@ InitializeMsr (
  Ebx = 0;
  Edx = 0;

-  // The Intel-64 and IA-32 architectures also allow for global pages when the PGE flag (bit 7) is 1 in CR4.
-  // PGE must be zero.
+  //
+  // Forbid global pages.
+  //
+  Cr4.UintN    = AsmReadCr4 ();
+  Cr4.Bits.PGE = 0;
+  AsmWriteCr4 (Cr4.UintN);

  //
  // Forbid supervisor-mode accesses to any user-mode pages.