diff options
| author | Sandrine Bailleux <sandrine.bailleux@arm.com> | 2016-06-14 17:01:00 +0100 |
|---|---|---|
| committer | Sandrine Bailleux <sandrine.bailleux@arm.com> | 2016-07-08 14:55:11 +0100 |
| commit | 91fad6551ee3e5529f9b442cd4a084251cdebe1d (patch) | |
| tree | 1efb697c92c26e93b662216809a2af1f28c0a724 /common | |
| parent | 84aaf559618f7323e4e053215ab558bb540beffc (diff) | |
ARM CSS platforms: Map flash as execute-never by default
On ARM CSS platforms, the whole flash used to be mapped as executable.
This is not required, given that the flash is used to store the BL1
and FIP images and:
- The FIP is not executed in place, its images are copied to RAM
and executed from there.
- BL1 is executed in place from flash but only its code needs to be
mapped as executable and platform code takes care of re-mapping
BL1's read-only section as executable.
Therefore, this patch now maps the flash as non-executable by default
on these platforms. This increases security by restricting the
executable region to what is strictly needed.
This patch also adds some comments to clarify the memory mapping
attributes on these platforms.
Change-Id: I4db3c145508bea1f43fbe0f6dcd551e1aec1ecd3
Diffstat (limited to 'common')
0 files changed, 0 insertions, 0 deletions