2.22 Building applications for execute-only memory

Placing code in execute-only memory prevents users from trivially reading that code.

To build an application with code in execute-only memory:

Procedure

  1. Compile your C or C++ code or assemble your ARM assembly code using the --execute_only option
    armcc -c --execute_only test.c -o test.o

    The --execute_only option prevents the compiler from generating any data accesses to the code sections.

    To keep code and data in separate sections, the compiler disables the placement of literal pools inline with code.

    Compiled code sections have the EXECONLY attribute:

    AREA ||.text||, CODE, EXECONLY, ALIGN=1

    The assembler faults any attempts to define data in an EXECONLY code section.

  2. Specify the memory map to the linker using either of the following:
    • The +XO selector in a scatter file.

    • The armlink --xo-base option on the command-line.

    armlink --xo-base=0x8000 test.o -o test.axf

    The XO execution region is placed in a separate load region from the RO, RW, and ZI execution regions.

    Note:

    If you do not specify --xo-base, then by default:

    • The XO execution region is placed immediately before the RO execution region, at address 0x8000.
    • All execution regions are in the same load region.
Non-ConfidentialPDF file icon PDF versionARM DUI0471M
Copyright © 2010-2016 ARM Limited or its affiliates. All rights reserved.