[PATCH v3] ARM: xip: Use correct symbol for end of ROM marker

[Nicolas Pitre]

On Mon, 16 Nov 2015, Russell King - ARM Linux wrote:

> Nico,
> 
> As you originally created the XIP stuff, I hope you can remember
> the details - can you check this patch please?
> 
> I'm thinking that we need a new symbol around here:
> 
> #ifdef CONFIG_XIP_KERNEL
>         __data_loc = ALIGN(4);          /* location in binary */
> 					<=== here
>         . = PAGE_OFFSET + TEXT_OFFSET;
> #else
> 
> to denote the end of the XIP kernel image which must remain
> accessible after boot.  We don't need the data sections because
> they will have been copied to RAM, and we probably don't want to
> keep those exposed (it's potentially useful for attackers.)

The _etext symbol is already used for that purpose.

Now we round it up to the next section mapping which might leave quite a 
lot of data content exposed in ROM.  But given it is more or less the 
same data present in RAM except for those bits that are modified at run 
time, I don't see what an attacker would gain from the data in ROM   
that cannot already be obtained from kernel RAM.  If the section mapping 
extends to part of the ROM that is no longer kernel data then maybe this 
would expose sensitive data.  Is that what you're worried about?


Nicolas