MdeModulePkg/Core/Dxe: free page 0 after disabling NULL pointer detection

To solve access issue reported by BZ1885, page 0 will be allocated to
avoid misuses if NULL pointer detection is enabled. It should be better
to be freed after EndOfDxe if BIT7 of PcdNullPointerDetectionPropertyMask
is set, because NULL pointer detection is no longer available after
EndOfDxe and there will be no access conflict.

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1885
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>

diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
index 7a24bd078157aabdf29ba5aca068e16b6469a127..47edf86dfbf300e602993fa42fcb0ecf48b7b6e2 100644 (file)
--- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
+++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
@@ -1094,6 +1094,11 @@ DisableNullDetectionAtTheEndOfDxe (
             );\r
   ASSERT_EFI_ERROR (Status);\r
 \r
+  //\r
+  // Page 0 might have be allocated to avoid misuses. Free it here anyway.\r
+  //\r
+  CoreFreePages (0, 1);\r
+\r
   CoreCloseEvent (Event);\r
   DEBUG ((DEBUG_INFO, "DisableNullDetectionAtTheEndOfDxe(): end\r\n"));\r
 \r