ti: k3: common: Enable SEPARATE_CODE_AND_RODATA by default
This should be more secure and looks a bit cleaner.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Change-Id: Ie5eaf0234b211ba02631cf5eab5faa1402a34461
diff --git a/plat/ti/k3/common/k3_bl31_setup.c b/plat/ti/k3/common/k3_bl31_setup.c
index 69ecbfc..66ce9a7 100644
--- a/plat/ti/k3/common/k3_bl31_setup.c
+++ b/plat/ti/k3/common/k3_bl31_setup.c
@@ -99,7 +99,7 @@
void bl31_plat_arch_setup(void)
{
const mmap_region_t bl_regions[] = {
- MAP_REGION_FLAT(BL31_BASE, BL31_END - BL31_BASE,
+ MAP_REGION_FLAT(BL31_START, BL31_END - BL31_START,
MT_MEMORY | MT_RW | MT_SECURE),
MAP_REGION_FLAT(BL_CODE_BASE, BL_CODE_END - BL_CODE_BASE,
MT_CODE | MT_SECURE),
diff --git a/plat/ti/k3/common/plat_common.mk b/plat/ti/k3/common/plat_common.mk
index c91a035..29fcafd 100644
--- a/plat/ti/k3/common/plat_common.mk
+++ b/plat/ti/k3/common/plat_common.mk
@@ -22,6 +22,9 @@
ERRATA_A53_843419 := 1
ERRATA_A53_855873 := 1
+# Split out RO data into a non-executable section
+SEPARATE_CODE_AND_RODATA := 1
+
# Leave the caches enabled on core powerdown path
TI_AM65X_WORKAROUND := 1
$(eval $(call add_define,TI_AM65X_WORKAROUND))
diff --git a/plat/ti/k3/include/platform_def.h b/plat/ti/k3/include/platform_def.h
index c768b50..68fdae7 100644
--- a/plat/ti/k3/include/platform_def.h
+++ b/plat/ti/k3/include/platform_def.h
@@ -82,7 +82,6 @@
#define BL31_BASE SEC_SRAM_BASE
#define BL31_SIZE SEC_SRAM_SIZE
#define BL31_LIMIT (BL31_BASE + BL31_SIZE)
-#define BL31_PROGBITS_LIMIT BL31_LIMIT
/*
* Defines the maximum number of translation tables that are allocated by the