[PATCH v2025.09.y 16/49] ARM: i.MX8M: romapi: skip zero_page_access() if MMU is disabled

Fri, 19 Dec 2025 02:38:00 -0800 

imx8m_get_bootrom_log() anticipates three situations in which it can be
called:

  1) From PBL running in EL3
  2) From barebox proper running in EL2
  3) From barebox proper hacked to run in EL3 without TF-A

No board makes use of situation 3), but it's occasionally useful
in debugging. To handle that last case, commit b0d0ac502c49
("ARM: i.MX8M: bootrom: access OCRAM directly if running in EL3")
remaps the zero page as it would overlay the BootROM, which is located
at physical address 0.

This worked fine for a while, because zero page control was not
available in the PBL, but this changed with commit
99944ef03dc1 ("ARM: mmu: provide zero page control in PBL") leading to
buggy behavior for situation 1): zero_page_access() would now remap the
zero page, even though barebox never initialized the TTBR.

This was observed to crash TF-A (presumably, because when it unmasks
exceptions) on an i.MX8MP.

Fix by only calling zero_page_access/faulting when our newly dynamic
zero_page_remappable() returns true.

Fixes: 99944ef03dc1 ("ARM: mmu: provide zero page control in PBL")
Reported-by: Holger Assmann <[email protected]>
Signed-off-by: Ahmad Fatoum <[email protected]>
Link: https://lore.barebox.org/[email protected]
Signed-off-by: Sascha Hauer <[email protected]>
(cherry picked from commit 3b47d3cc24a1fbece237aef93932bf2ec88058fc)
Signed-off-by: Ahmad Fatoum <[email protected]>
---
 arch/arm/mach-imx/romapi.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/arch/arm/mach-imx/romapi.c b/arch/arm/mach-imx/romapi.c
index a4143d372ae8..eaaadc661cc8 100644
--- a/arch/arm/mach-imx/romapi.c
+++ b/arch/arm/mach-imx/romapi.c
@@ -237,14 +237,19 @@ int imx93_romapi_load_image(void *adr)
 const u32 *imx8m_get_bootrom_log(void)
 {
        if (current_el() == 3) {
+               bool remap_zero_page = zero_page_remappable();
                ulong *rom_log_addr_offset = (void *)0x9e0;
                ulong rom_log_addr;
 
                OPTIMIZER_HIDE_VAR(rom_log_addr_offset);
 
-               zero_page_access();
+               if (remap_zero_page)
+                       zero_page_access();
+
                rom_log_addr = *rom_log_addr_offset;
-               zero_page_faulting();
+
+               if (remap_zero_page)
+                       zero_page_faulting();
 
                if (rom_log_addr < MX8M_OCRAM_BASE_ADDR ||
                    rom_log_addr >= MX8M_OCRAM_BASE_ADDR + MX8M_OCRAM_MAX_SIZE 
||
-- 
2.47.3

Reply via email to