diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c index ca7e4f4d3b..e489a2a89e 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c +++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c @@ -245,7 +245,8 @@ DxeMain ( EFI_VECTOR_HANDOFF_INFO *VectorInfoList; EFI_VECTOR_HANDOFF_INFO *VectorInfo; - gRing3Data = NULL; + gRing3Data = NULL; + gUserPageTable = 0; // // Setup Stack Guard diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c index 2a271bf889..eaa10d62a1 100644 --- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c @@ -909,6 +909,7 @@ ApplyMemoryProtectionPolicy ( { UINT64 OldAttributes; UINT64 NewAttributes; + UINT64 CurrentAttributes; // // The policy configured in PcdDxeNxMemoryProtectionPolicy @@ -964,11 +965,27 @@ ApplyMemoryProtectionPolicy ( NewAttributes = GetPermissionAttributeForMemoryType (NewType); if (OldType != EfiMaxMemoryType) { + // + // AllocatePages + // OldAttributes = GetPermissionAttributeForMemoryType (OldType); if (OldAttributes == NewAttributes) { // policy is the same between OldType and NewType return EFI_SUCCESS; } + + if ((gUserPageTable != 0) && (NewType == EfiRing3MemoryType)) { + gCpu->SetUserMemoryAttributes (gCpu, gUserPageTable, Memory, Length, NewAttributes); + } + } else { + // + // FreePages + // + gCpu->GetMemoryAttributes (gCpu, Memory, &CurrentAttributes); + + if ((gUserPageTable != 0) && ((CurrentAttributes & EFI_MEMORY_USER) != 0)) { + gCpu->SetUserMemoryAttributes (gCpu, gUserPageTable, Memory, Length, EFI_MEMORY_RP); + } } return gCpu->SetMemoryAttributes (gCpu, Memory, Length, NewAttributes); diff --git a/UefiCpuPkg/Library/CpuArchLib/CpuPageTable.c b/UefiCpuPkg/Library/CpuArchLib/CpuPageTable.c index ddc4da3c82..d24b9fb551 100644 --- a/UefiCpuPkg/Library/CpuArchLib/CpuPageTable.c +++ b/UefiCpuPkg/Library/CpuArchLib/CpuPageTable.c @@ -421,6 +421,7 @@ CpuGetMemoryAttributes ( PageEntry = GetPageTableEntry (&PagingContext, Address, &PageAttribute); if (PageEntry == NULL) { + *Attributes = 0; return EFI_NOT_FOUND; }