Ring3: Added EFI_MEMORY_USER attribute.

MdeModulePkg/Core/Dxe/Image/Image.c

@@ -828,7 +828,7 @@ Done:
   if (DstBufAlocated) {
     ZeroMem ((VOID *)(UINTN)BufferAddress, EFI_PAGES_TO_SIZE (Image->NumberOfPages));
     FreeAlignedPages ((VOID *)(UINTN)BufferAddress, Image->NumberOfPages);
-    Image->ImageBasePage             = 0;
+    Image->ImageBasePage = 0;
   }
 
   if (RelocationData != NULL) {

MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c

@@ -94,7 +94,8 @@ SetUefiImageMemoryAttributes (
 **/
 VOID
 SetUefiImageProtectionAttributes (
-  IN UEFI_IMAGE_RECORD  *ImageRecord
+  IN UEFI_IMAGE_RECORD  *ImageRecord,
+  IN BOOLEAN            IsUser
   )
 {
   UEFI_IMAGE_RECORD_SEGMENT  *ImageRecordSegment;
@@ -107,7 +108,7 @@ SetUefiImageProtectionAttributes (
     SetUefiImageMemoryAttributes (
       SectionAddress,
       ImageRecordSegment->Size,
-      ImageRecordSegment->Attributes
+      IsUser ? ImageRecordSegment->Attributes | (UINT32)EFI_MEMORY_USER : ImageRecordSegment->Attributes
       );
 
     SectionAddress += ImageRecordSegment->Size;
@@ -231,7 +232,11 @@ ProtectUefiImage (
     //
     // CPU ARCH present. Update memory attribute directly.
     //
-    SetUefiImageProtectionAttributes (ImageRecord);
+    if (AsciiStrStr (PdbPointer, "Ntfs") != NULL) {
+      SetUefiImageProtectionAttributes (ImageRecord, TRUE);
+    } else {
+      SetUefiImageProtectionAttributes (ImageRecord, FALSE);
+    }
   }
 
 Finish:
@@ -663,7 +668,7 @@ MemoryProtectionCpuArchProtocolNotify (
     //
     // CPU ARCH present. Update memory attribute directly.
     //
-    SetUefiImageProtectionAttributes (ImageRecord);
+    SetUefiImageProtectionAttributes (ImageRecord, FALSE);
   }
 
 Done:

MdePkg/Include/Uefi/UefiSpec.h

@@ -105,6 +105,12 @@ typedef enum {
 //
 #define EFI_MEMORY_CPU_CRYPTO  0x0000000000080000ULL
 
+//
+// If this flag is set, the memory region contains user code or data.
+// If this flag is clear, the memory region contains supervisor code or data.
+//
+#define EFI_MEMORY_USER  0x0000000000100000ULL
+
 //
 // Runtime memory attribute
 //
@@ -130,7 +136,7 @@ typedef enum {
 //
 #define EFI_CACHE_ATTRIBUTE_MASK   (EFI_MEMORY_UC | EFI_MEMORY_WC | EFI_MEMORY_WT | EFI_MEMORY_WB | EFI_MEMORY_UCE | EFI_MEMORY_WP)
 #define EFI_MEMORY_ACCESS_MASK     (EFI_MEMORY_RP | EFI_MEMORY_XP | EFI_MEMORY_RO)
-#define EFI_MEMORY_ATTRIBUTE_MASK  (EFI_MEMORY_ACCESS_MASK | EFI_MEMORY_SP | EFI_MEMORY_CPU_CRYPTO)
+#define EFI_MEMORY_ATTRIBUTE_MASK  (EFI_MEMORY_ACCESS_MASK | EFI_MEMORY_SP | EFI_MEMORY_CPU_CRYPTO | EFI_MEMORY_USER)
 
 ///
 /// Memory descriptor version number.

UefiCpuPkg/Library/CpuArchLib/CpuPageTable.c

@@ -467,6 +467,27 @@ ConvertPageEntryAttribute (
     }
   }
 
+  if ((Attributes & EFI_MEMORY_USER) != 0) {
+    switch (PageAction) {
+      case PageActionAssign:
+      case PageActionSet:
+        NewPageEntry |= IA32_PG_U;
+        break;
+      case PageActionClear:
+        NewPageEntry &= ~(UINT64)IA32_PG_U;
+        break;
+    }
+  } else {
+    switch (PageAction) {
+      case PageActionAssign:
+        NewPageEntry &= ~(UINT64)IA32_PG_U;
+        break;
+      case PageActionSet:
+      case PageActionClear:
+        break;
+    }
+  }
+
   GetPagingDetails (&PagingContext->ContextData, NULL, &PageAttributes);
 
   if ((*PageAttributes & PAGE_TABLE_LIB_PAGING_CONTEXT_IA32_X64_ATTRIBUTES_XD_ACTIVATED) != 0) {