[CHERRY-PICK] MdeModulePkg: Don't Allow Guard Pages to Cross Bin Boundaries

[os-d]

Description

Currently, the DXE page allocator does not ensure that guard page allocations stay within the bin that it is attempting to allocate within. As a result, S4 resume is jeopardized by bins expanding due to guard pages, either into other bins or out of bins. This is caught by a new assert in CoreGetMemoryMap() to ensure the bins are correct.

This fixes this by changing the internal heap guard API to return the adjusted size and start address of a proposed allocation. The page allocator then can ensure that the adjusted allocation still fits within the bin it is attempting to allocate within; if not, it will search for another descriptor.

(cherry picked from edk2 commit 0f2dc7558713f1774bb7317e9fdcd371fcbb10cc)

• Impacts functionality?
• Impacts security?
• Breaking change?
• Includes tests?
• Includes documentation?

How This Was Tested

On OvmfPkg and a physical Intel system.

Integration Instructions

N/A.

[mu-automation]

✅ QEMU Validation Passed

Source Dependencies

Repository	Commit
mu_basecore	b2a03d3
mu_tiano_platforms	c7453e8

Results

Platform	Target	Build	Boot	Overall Boot Time	Build Logs	Boot Logs
Q35	DEBUG	✅ success	✅ success	0m 19s	Build Logs	Boot Logs
SBSA	DEBUG	✅ success	✅ success	0m 30s	Build Logs	Boot Logs

Workflow run: https://github.com/microsoft/mu_basecore/actions/runs/24849449116

This comment was automatically generated by the Mu QEMU PR Validation workflow.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
⚠️ Please upload report for BASE (release/202511@53527a0). Learn more about missing BASE report.

Additional details and impacted files

@@                Coverage Diff                @@
##             release/202511    #1774   +/-   ##
=================================================
  Coverage                  ?    1.84%           
=================================================
  Files                     ?     1151           
  Lines                     ?   376642           
  Branches                  ?     3196           
=================================================
  Hits                      ?     6936           
  Misses                    ?   369650           
  Partials                  ?       56           

Flag	Coverage Δ
FmpDevicePkg	9.53% <ø> (?)
MdeModulePkg	1.58% <ø> (?)
NetworkPkg	0.55% <ø> (?)
PolicyServicePkg	30.42% <ø> (?)
SecurityPkg	1.59% <ø> (?)
UefiCpuPkg	4.78% <ø> (?)
UnitTestFrameworkPkg	11.70% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.