Ring3: Added comments and sanity checks.

acidanthera · Feb 3, 2025 · d8ae7a1 · d8ae7a1
1 parent 8671f61
commit d8ae7a1
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 2 deletions.
diff --git a/MdeModulePkg/Core/Dxe/DxeRing3/Ring3UefiBootServices.c b/MdeModulePkg/Core/Dxe/DxeRing3/Ring3UefiBootServices.c
@@ -67,8 +67,6 @@ FixInterface (
 
     LoadedImage = (EFI_LOADED_IMAGE_PROTOCOL *)*Interface;
 
-    // TODO: Copy User changes to Core? Resembles InstallMultipleProtocolInterfaces().
-
     LoadedImage->Unload = NULL;
 
   } else if (CompareGuid (Protocol, &gEfiBlockIoProtocolGuid)) {

diff --git a/MdeModulePkg/Core/Dxe/Image/Image.c b/MdeModulePkg/Core/Dxe/Image/Image.c
@@ -1350,6 +1350,9 @@ CoreLoadImageCommon (
   Image->IsUserImage       = (FileAttributes & EFI_FV_FILE_ATTRIB_USER) != 0;
 
   if ((!PcdGetBool (PcdEnableUserSpace)) && Image->IsUserImage && mDxeRing3) {
+    //
+    // Do not load DxeRing3 driver, if UserSpace is disabled.
+    //
     mDxeRing3 = FALSE;
     Status    = EFI_NOT_STARTED;
     goto Done;
@@ -1974,6 +1977,10 @@ CoreUnloadImage (
     //
     Status = EFI_UNSUPPORTED;
     if (Image->Info.Unload != NULL) {
+      //
+      // TODO: If Image->IsUserImage, use FindInterface() to locate UserSpace
+      // EFI_LOADED_IMAGE_PROTOCOL->Unload() and GoToRing3().
+      //
       Status = Image->Info.Unload (ImageHandle);
     }
   } else {

diff --git a/MdeModulePkg/Core/Dxe/SysCall/AARCH64/InitializeAARCH64.c b/MdeModulePkg/Core/Dxe/SysCall/AARCH64/InitializeAARCH64.c
@@ -37,11 +37,18 @@ SysCallBootService (
 {
   EFI_STATUS  Status;
   UINTN       *UserArguments;
+  UINT64      Attributes;
 
   ArmEnableInterrupts ();
 
+  gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)Context.SystemContextAArch64->SP_EL0, &Attributes);
+  ASSERT ((Attributes & EFI_MEMORY_USER) != 0);
+
   UserArguments = (UINTN *)(Context.SystemContextAArch64->SP_EL0 - 7 * sizeof (UINTN));
 
+  gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(UINTN)UserArguments, &Attributes);
+  ASSERT ((Attributes & EFI_MEMORY_USER) != 0);
+
   AllowSupervisorAccessToUserMemory ();
   //
   // First 6 arguments are passed through X2-X7 and copied to Core stack,

diff --git a/MdeModulePkg/Core/Dxe/SysCall/ARM/InitializeARM.c b/MdeModulePkg/Core/Dxe/SysCall/ARM/InitializeARM.c
@@ -38,6 +38,7 @@ SysCallBootService (
   UINT8       Type;
   UINT8       NumberOfArguments;
   UINTN       *UserArguments;
+  UINT64      Attributes;
 
   ArmEnableInterrupts ();
 
@@ -52,6 +53,9 @@ SysCallBootService (
     ++NumberOfArguments;
   }
 
+  gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)Context.SystemContextArm->SP, &Attributes);
+  ASSERT ((Attributes & EFI_MEMORY_USER) != 0);
+
   AllowSupervisorAccessToUserMemory ();
   if (Type == SysCallFreePages) {
     //
@@ -61,6 +65,9 @@ SysCallBootService (
     //
     UserArguments = (UINTN *)(Context.SystemContextArm->SP - 2 * sizeof (UINTN));
 
+    gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(UINTN)UserArguments, &Attributes);
+    ASSERT ((Attributes & EFI_MEMORY_USER) != 0);
+
     CopyMem (
       (VOID *)UserArguments,
       (VOID *)&(Context.SystemContextArm->R1),
@@ -73,6 +80,9 @@ SysCallBootService (
     //
     UserArguments = (UINTN *)(Context.SystemContextArm->SP - 3 * sizeof (UINTN));
 
+    gCpu->GetMemoryAttributes (gCpu, (EFI_PHYSICAL_ADDRESS)(UINTN)UserArguments, &Attributes);
+    ASSERT ((Attributes & EFI_MEMORY_USER) != 0);
+
     CopyMem (
       (VOID *)UserArguments,
       (VOID *)&(Context.SystemContextArm->R1),