From 58038f62add41f5fe2eaacd55f493c8efd2cf099 Mon Sep 17 00:00:00 2001
From: Mikhail Krichanov <mikhailkrichanov@gmail.com>
Date: Fri, 29 Nov 2024 11:35:26 +0300
Subject: [PATCH] SysCall: Disabled global pages, set User page table attibutes
 in paging syscalls.

---
 MdeModulePkg/Core/Dxe/SysCall/BootServices.c     | 16 ++++++++++++++++
 .../Core/Dxe/SysCall/X64/InitializeMsr.c         |  8 ++++++--
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/MdeModulePkg/Core/Dxe/SysCall/BootServices.c b/MdeModulePkg/Core/Dxe/SysCall/BootServices.c
index aafdf60412..fbd32c8926 100644
--- a/MdeModulePkg/Core/Dxe/SysCall/BootServices.c
+++ b/MdeModulePkg/Core/Dxe/SysCall/BootServices.c
@@ -605,6 +605,14 @@ CallBootService (
       *(EFI_PHYSICAL_ADDRESS *)UserRsp->Arguments[4] = (EFI_PHYSICAL_ADDRESS)Argument4;
       ForbidSupervisorAccessToUserMemory ();
 
+      gCpu->SetUserMemoryAttributes (
+              gCpu,
+              gUserPageTable,
+              Argument4,
+              EFI_PAGES_TO_SIZE (CoreRbp->Argument3),
+              EFI_MEMORY_USER
+              );
+
       return Status;
 
     case SysCallFreePages:
@@ -617,6 +625,14 @@ CallBootService (
       gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(CoreRbp->Argument2 + CoreRbp->Argument1 * EFI_PAGE_SIZE - 1), &Attributes);
       ASSERT ((Attributes & EFI_MEMORY_USER) != 0);
 
+      gCpu->SetUserMemoryAttributes (
+              gCpu,
+              gUserPageTable,
+              CoreRbp->Argument2,
+              EFI_PAGES_TO_SIZE (CoreRbp->Argument1),
+              EFI_MEMORY_RP
+              );
+
       return gBS->FreePages (
                     *(EFI_PHYSICAL_ADDRESS *)&CoreRbp->Argument2,
                     CoreRbp->Argument1
diff --git a/MdeModulePkg/Core/Dxe/SysCall/X64/InitializeMsr.c b/MdeModulePkg/Core/Dxe/SysCall/X64/InitializeMsr.c
index fd7f39ef39..af451fe547 100644
--- a/MdeModulePkg/Core/Dxe/SysCall/X64/InitializeMsr.c
+++ b/MdeModulePkg/Core/Dxe/SysCall/X64/InitializeMsr.c
@@ -188,8 +188,12 @@ InitializeMsr (
   Ebx = 0;
   Edx = 0;
 
-  // The Intel-64 and IA-32 architectures also allow for global pages when the PGE flag (bit 7) is 1 in CR4.
-  // PGE must be zero.
+  //
+  // Forbid global pages.
+  //
+  Cr4.UintN    = AsmReadCr4 ();
+  Cr4.Bits.PGE = 0;
+  AsmWriteCr4 (Cr4.UintN);
 
   //
   // Forbid supervisor-mode accesses to any user-mode pages.