From f674c13945a72ccc9304f32b471574b76a393d7d Mon Sep 17 00:00:00 2001 From: Yureka Date: Sat, 24 Jan 2026 09:55:43 +0100 Subject: [PATCH 1/3] smp: add CPU_START_OFF for T8132 Signed-off-by: Yureka --- src/smp.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/smp.c b/src/smp.c index a0a41fdc5..df5f80967 100644 --- a/src/smp.c +++ b/src/smp.c @@ -267,6 +267,7 @@ void smp_start_secondaries(void) break; case T8112: case T8122: + case T8132: cpu_start_off = CPU_START_OFF_T8112; break; case T6020: From 3a80f4ce3b2e13c92e30d8ea0731d32f8f04764d Mon Sep 17 00:00:00 2001 From: Yureka Date: Sat, 24 Jan 2026 09:55:38 +0100 Subject: [PATCH 2/3] proxyclient: only write rvbar if needed Signed-off-by: Yureka --- proxyclient/m1n1/hv/__init__.py | 9 +++++++++ proxyclient/tools/chainload.py | 11 ++++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/proxyclient/m1n1/hv/__init__.py b/proxyclient/m1n1/hv/__init__.py index 7e27ebe2b..7bebd9675 100644 --- a/proxyclient/m1n1/hv/__init__.py +++ b/proxyclient/m1n1/hv/__init__.py @@ -1786,6 +1786,15 @@ def remove_oslog(node): continue addr, size = cpu.cpu_impl_reg print(f" {cpu.name}: [0x{addr:x}] = 0x{rvbar:x}") + # On some platforms (M4) iBoot already sets this + # to the m1n1 entrypoint and locks the register. + # Skip the write if the value is already correct. + val = self.p.read64(addr) + if val & 0xfffffffff000 == rvbar: + continue + if val & 1: + print(f"{hex(val & 0xfffffffff000)} != {hex(rvbar)}") + print("The cpu_impl_reg is already locked, this might fail...") self.p.write64(addr, rvbar) def _load_macho_symbols(self): diff --git a/proxyclient/tools/chainload.py b/proxyclient/tools/chainload.py index 38e936851..a92f714b0 100755 --- a/proxyclient/tools/chainload.py +++ b/proxyclient/tools/chainload.py @@ -100,7 +100,16 @@ def remove_oslog(node): continue addr, size = cpu.cpu_impl_reg print(f" {cpu.name}: [0x{addr:x}] = 0x{rvbar:x}") - p.write64(addr, rvbar) + + val = p.read64(addr) + locked = val & 1 + do_write = val & 0xfffffffff000 != rvbar + + if locked and do_write: + raise Exception("RVBAR is locked and does not already contain start address") + + if do_write: + p.write64(addr, rvbar) u.push_adt() From 00b30b9e59382778cee8ace0a916ddd12634f844 Mon Sep 17 00:00:00 2001 From: Yureka Date: Sat, 24 Jan 2026 09:55:49 +0100 Subject: [PATCH 3/3] smp: only write rvbar if needed Signed-off-by: Yureka --- src/smp.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/src/smp.c b/src/smp.c index df5f80967..d16504a4b 100644 --- a/src/smp.c +++ b/src/smp.c @@ -123,6 +123,15 @@ static void smp_start_cpu(int index, int die, int cluster, int core, u64 impl, u printf("Starting CPU %d (%d:%d:%d)... ", index, die, cluster, core); + u64 rvbar_value = read64(impl); + bool rvbar_locked = rvbar_value & 1; + bool write_rvbar = (rvbar_value & 0xfffffffff000) != (u64)_vectors_start; + if (rvbar_locked && write_rvbar) { + printf("RVBAR is locked and does not already contain start address:\n 0x%lx != 0x%lx\n", + rvbar_value, (u64)_vectors_start); + return; + } + memset(&spin_table[index], 0, sizeof(struct spin_table)); target_cpu = index; @@ -140,7 +149,9 @@ static void smp_start_cpu(int index, int die, int cluster, int core, u64 impl, u sysop("dsb sy"); - write64(impl, (u64)_vectors_start); + if (write_rvbar) { + write64(impl, (u64)_vectors_start); + } cpu_start_base += die * PMGR_DIE_OFFSET;