Re: [RFC][PATCH] AArch64: use movz/movk instead of literal pools in start.S

[Szabolcs Nagy <szabolcs dot nagy at arm dot com>]

On 07/09/17 12:43, Florian Weimer wrote:
>> eXecute-Only Memory (XOM) is a protection mechanism against some ROP
>> attacks. XOM sets the code as executable and unreadable, so the
>> access to any data, like literal pools, in the code section causes
>> the fault with XOM. The compiler can disable literal pools for C
>> source files, but not for assembly files, so I use movz/movk instead
>> of literal pools in start.S for XOM.
> 
> Isn't the main goal of XOM to make it more difficult for the
> legitimate device owner to view running machine code?
> 
> | Execute-only memory allows you to protect your intellectual property
> | by preventing executable code being read by users. For example, you
> | can place firmware in execute-only memory and load user code and
> | drivers separately. Placing the firmware in execute-only memory
> | prevents users from trivially reading the code.
> 
> <http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0471m/chr1368698326509.html>
> 
> I don't think it's in the interests of the GNU projet to support such
> a thing.
> 

even if that's the main use of xom, there might be other uses
and removing data from text might have other uses than xom
(reduce rop gadget possibility?) so i don't think this should
be a problem (the gnu project already supports gazillion
features that can do harm).