ARM CSS platforms: Map flash as execute-never by default

ARM CSS platforms: Map flash as execute-never by default

On ARM CSS platforms, the whole flash used to be mapped as executable.
This is not required, given that the flash is used to store the BL1
and FIP images and:

 - The FIP is not executed in place, its images are copied to RAM
   and executed from there.

 - BL1 is executed in place from flash but only its code needs to be
   mapped as executable and platform code takes care of re-mapping
   BL1's read-only section as executable.

Therefore, this patch now maps the flash as non-executable by default
on these platforms. This increases security by restricting the
executable region to what is strictly needed.

This patch also adds some comments to clarify the memory mapping
attributes on these platforms.

Change-Id: I4db3c145508bea1f43fbe0f6dcd551e1aec1ecd3