diff --git a/MdeModulePkg/Core/Dxe/DxeRing3/Ring3UefiBootServices.c b/MdeModulePkg/Core/Dxe/DxeRing3/Ring3UefiBootServices.c index fc15ffd278..47010db29b 100644 --- a/MdeModulePkg/Core/Dxe/DxeRing3/Ring3UefiBootServices.c +++ b/MdeModulePkg/Core/Dxe/DxeRing3/Ring3UefiBootServices.c @@ -77,7 +77,19 @@ Ring3AllocatePool ( OUT VOID **Buffer ) { - return EFI_UNSUPPORTED; + EFI_STATUS Status; + + Status = SysCall ( + SysCallAllocatePool, + PoolType, + Size, + Buffer + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Ring3: Failed to allocate %d bytes.\n", Size)); + } + + return Status; } EFI_STATUS diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c index 9a24006ee0..2bf6d5aee8 100644 --- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c @@ -310,6 +310,9 @@ GetPermissionAttributeForMemoryType ( ) { UINT64 TestBit; + UINT64 Attributes; + + Attributes = 0; if ((UINT32)MemoryType >= MEMORY_TYPE_OS_RESERVED_MIN) { TestBit = BIT63; @@ -320,10 +323,14 @@ GetPermissionAttributeForMemoryType ( } if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & TestBit) != 0) { - return EFI_MEMORY_XP; - } else { - return 0; + Attributes |= EFI_MEMORY_XP; } + + if (MemoryType == EfiRing3MemoryType) { + Attributes |= EFI_MEMORY_USER; + } + + return Attributes; } /** diff --git a/MdeModulePkg/Core/Dxe/SysCall/BootServices.c b/MdeModulePkg/Core/Dxe/SysCall/BootServices.c index dcf07e66ee..4ae6c6d5ad 100644 --- a/MdeModulePkg/Core/Dxe/SysCall/BootServices.c +++ b/MdeModulePkg/Core/Dxe/SysCall/BootServices.c @@ -203,6 +203,21 @@ CallBootService ( return Status; + case SysCallAllocatePool: + // + // Argument 1: EFI_MEMORY_TYPE PoolType + // Argument 2: UINTN Size + // Argument 3: VOID **Buffer + // + DisableSMAP (); + Status = gBS->AllocatePool ( + EfiRing3MemoryType, + CoreRbp->Argument2, + (VOID **)CoreRbp->Argument3 + ); + EnableSMAP (); + + return Status; default: break; } diff --git a/MdePkg/Include/Uefi/UefiMultiPhase.h b/MdePkg/Include/Uefi/UefiMultiPhase.h index 7884913371..a7a6213954 100644 --- a/MdePkg/Include/Uefi/UefiMultiPhase.h +++ b/MdePkg/Include/Uefi/UefiMultiPhase.h @@ -108,6 +108,10 @@ typedef enum { /// by a corresponding call to the underlying isolation architecture. /// EfiUnacceptedMemoryType, + /// + /// Memory allocated for (by) Ring3 Images. + /// + EfiRing3MemoryType, EfiMaxMemoryType } EFI_MEMORY_TYPE; diff --git a/MdePkg/Include/Uefi/UefiSpec.h b/MdePkg/Include/Uefi/UefiSpec.h index 7a793bb885..56d6bee0fa 100644 --- a/MdePkg/Include/Uefi/UefiSpec.h +++ b/MdePkg/Include/Uefi/UefiSpec.h @@ -2014,10 +2014,11 @@ typedef struct { } EFI_BOOT_SERVICES; typedef enum { - SysCallReturnToCore = 0, - SysCallLocateProtocol = 1, - SysCallOpenProtocol = 2, - SysCallInstallMultipleProtocolInterfaces = 3, + SysCallReturnToCore, // Must always be zero for CoreBootServices.nasm. + SysCallLocateProtocol, + SysCallOpenProtocol, + SysCallInstallMultipleProtocolInterfaces, + SysCallAllocatePool, SysCallMax } SYS_CALL_TYPE;