10 #include <sys/types.h>
14 #include "stlink/mmap.h"
15 #include "stlink/logging.h"
21 /* todo: stm32l15xxx flash memory, pm0062 manual */
23 /* stm32f FPEC flash controller interface, pm0063 manual */
24 // TODO - all of this needs to be abstracted out....
25 // STM32F05x is identical, based on RM0091 (DM00031936, Doc ID 018940 Rev 2, August 2012)
26 #define FLASH_REGS_ADDR 0x40022000
27 #define FLASH_REGS_SIZE 0x28
29 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
30 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
31 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
32 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
33 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
34 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
35 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
37 // For STM32F05x, the RDPTR_KEY may be wrong, but as it is not used anywhere...
38 #define FLASH_RDPTR_KEY 0x00a5
39 #define FLASH_KEY1 0x45670123
40 #define FLASH_KEY2 0xcdef89ab
42 #define FLASH_SR_BSY 0
43 #define FLASH_SR_EOP 5
46 #define FLASH_CR_PER 1
47 #define FLASH_CR_MER 2
48 #define FLASH_CR_STRT 6
49 #define FLASH_CR_LOCK 7
52 //32L = 32F1 same CoreID as 32F4!
53 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
54 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
55 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
56 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
57 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
58 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
59 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
60 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
61 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
62 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
63 #define FLASH_L1_FPRG 10
64 #define FLASH_L1_PROG 3
66 //32L4 register base is at FLASH_REGS_ADDR (0x40022000)
67 #define STM32L4_FLASH_KEYR (FLASH_REGS_ADDR + 0x08)
68 #define STM32L4_FLASH_SR (FLASH_REGS_ADDR + 0x10)
69 #define STM32L4_FLASH_CR (FLASH_REGS_ADDR + 0x14)
70 #define STM32L4_FLASH_OPTR (FLASH_REGS_ADDR + 0x20)
72 #define STM32L4_FLASH_SR_BSY 16
73 #define STM32L4_FLASH_SR_ERRMASK 0x3f8 /* SR [9:3] */
75 #define STM32L4_FLASH_CR_LOCK 31 /* Lock control register */
76 #define STM32L4_FLASH_CR_PG 0 /* Program */
77 #define STM32L4_FLASH_CR_PER 1 /* Page erase */
78 #define STM32L4_FLASH_CR_MER1 2 /* Bank 1 erase */
79 #define STM32L4_FLASH_CR_MER2 15 /* Bank 2 erase */
80 #define STM32L4_FLASH_CR_STRT 16 /* Start command */
81 #define STM32L4_FLASH_CR_BKER 11 /* Bank select for page erase */
82 #define STM32L4_FLASH_CR_PNB 3 /* Page number (8 bits) */
83 // Bits requesting flash operations (useful when we want to clear them)
84 #define STM32L4_FLASH_CR_OPBITS \
85 ((1lu<<STM32L4_FLASH_CR_PG) | (1lu<<STM32L4_FLASH_CR_PER) \
86 | (1lu<<STM32L4_FLASH_CR_MER1) | (1lu<<STM32L4_FLASH_CR_MER1))
87 // Page is fully specified by BKER and PNB
88 #define STM32L4_FLASH_CR_PAGEMASK (0x1fflu << STM32L4_FLASH_CR_PNB)
90 #define STM32L4_FLASH_OPTR_DUALBANK 21
92 //STM32L0x flash register base and offsets
94 // RM0090 - DM00031020.pdf
95 #define STM32L0_FLASH_REGS_ADDR ((uint32_t)0x40022000)
96 #define FLASH_ACR_OFF ((uint32_t) 0x00)
97 #define FLASH_PECR_OFF ((uint32_t) 0x04)
98 #define FLASH_PDKEYR_OFF ((uint32_t) 0x08)
99 #define FLASH_PEKEYR_OFF ((uint32_t) 0x0c)
100 #define FLASH_PRGKEYR_OFF ((uint32_t) 0x10)
101 #define FLASH_OPTKEYR_OFF ((uint32_t) 0x14)
102 #define FLASH_SR_OFF ((uint32_t) 0x18)
103 #define FLASH_OBR_OFF ((uint32_t) 0x1c)
104 #define FLASH_WRPR_OFF ((uint32_t) 0x20)
109 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
110 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
111 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
112 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
113 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
114 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
115 #define FLASH_F4_CR_STRT 16
116 #define FLASH_F4_CR_LOCK 31
117 #define FLASH_F4_CR_SER 1
118 #define FLASH_F4_CR_SNB 3
119 #define FLASH_F4_CR_SNB_MASK 0xf8
120 #define FLASH_F4_SR_BSY 16
122 #define L1_WRITE_BLOCK_SIZE 0x80
123 #define L0_WRITE_BLOCK_SIZE 0x40
125 void write_uint32(unsigned char* buf, uint32_t ui) {
126 if (!is_bigendian()) { // le -> le (don't swap)
127 buf[0] = ((unsigned char*) &ui)[0];
128 buf[1] = ((unsigned char*) &ui)[1];
129 buf[2] = ((unsigned char*) &ui)[2];
130 buf[3] = ((unsigned char*) &ui)[3];
132 buf[0] = ((unsigned char*) &ui)[3];
133 buf[1] = ((unsigned char*) &ui)[2];
134 buf[2] = ((unsigned char*) &ui)[1];
135 buf[3] = ((unsigned char*) &ui)[0];
139 void write_uint16(unsigned char* buf, uint16_t ui) {
140 if (!is_bigendian()) { // le -> le (don't swap)
141 buf[0] = ((unsigned char*) &ui)[0];
142 buf[1] = ((unsigned char*) &ui)[1];
144 buf[0] = ((unsigned char*) &ui)[1];
145 buf[1] = ((unsigned char*) &ui)[0];
149 uint32_t read_uint32(const unsigned char *c, const int pt) {
151 char *p = (char *) &ui;
153 if (!is_bigendian()) { // le -> le (don't swap)
167 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
169 stlink_read_debug32(sl, FLASH_WRPR, &rdp);
173 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
175 stlink_read_debug32(sl, FLASH_WRPR, &wrpr);
179 static inline uint32_t read_flash_obr(stlink_t *sl) {
181 stlink_read_debug32(sl, FLASH_OBR, &obr);
185 static inline uint32_t read_flash_cr(stlink_t *sl) {
188 if (sl->flash_type == FLASH_TYPE_F4)
190 else if (sl->flash_type == FLASH_TYPE_L4)
191 reg = STM32L4_FLASH_CR;
195 stlink_read_debug32(sl, reg, &res);
198 fprintf(stdout, "CR:0x%x\n", res);
203 static inline unsigned int is_flash_locked(stlink_t *sl) {
204 /* return non zero for true */
205 uint32_t cr_lock_shift, cr = read_flash_cr(sl);
207 if (sl->flash_type == FLASH_TYPE_F4)
208 cr_lock_shift = FLASH_F4_CR_LOCK;
209 else if (sl->flash_type == FLASH_TYPE_L4)
210 cr_lock_shift = STM32L4_FLASH_CR_LOCK;
212 cr_lock_shift = FLASH_CR_LOCK;
214 return cr & (1 << cr_lock_shift);
217 static void unlock_flash(stlink_t *sl) {
219 /* the unlock sequence consists of 2 write cycles where
220 2 key values are written to the FLASH_KEYR register.
221 an invalid sequence results in a definitive lock of
222 the FPEC block until next reset.
224 if (sl->flash_type == FLASH_TYPE_F4)
225 key_reg = FLASH_F4_KEYR;
226 else if (sl->flash_type == FLASH_TYPE_L4)
227 key_reg = STM32L4_FLASH_KEYR;
229 key_reg = FLASH_KEYR;
231 stlink_write_debug32(sl, key_reg, FLASH_KEY1);
232 stlink_write_debug32(sl, key_reg, FLASH_KEY2);
235 static int unlock_flash_if(stlink_t *sl) {
236 /* unlock flash if already locked */
238 if (is_flash_locked(sl)) {
240 if (is_flash_locked(sl)) {
241 WLOG("Failed to unlock flash!\n");
245 DLOG("Successfully unlocked flash\n");
249 static void lock_flash(stlink_t *sl) {
250 uint32_t cr_lock_shift, cr_reg, n;
252 if (sl->flash_type == FLASH_TYPE_F4) {
253 cr_reg = FLASH_F4_CR;
254 cr_lock_shift = FLASH_F4_CR_LOCK;
255 } else if (sl->flash_type == FLASH_TYPE_L4) {
256 cr_reg = STM32L4_FLASH_CR;
257 cr_lock_shift = STM32L4_FLASH_CR_LOCK;
260 cr_lock_shift = FLASH_CR_LOCK;
263 n = read_flash_cr(sl) | (1 << cr_lock_shift);
264 stlink_write_debug32(sl, cr_reg, n);
268 static void set_flash_cr_pg(stlink_t *sl) {
271 x = read_flash_cr(sl);
273 if (sl->flash_type == FLASH_TYPE_F4) {
274 cr_reg = FLASH_F4_CR;
275 x |= 1 << FLASH_CR_PG;
276 } else if (sl->flash_type == FLASH_TYPE_L4) {
277 cr_reg = STM32L4_FLASH_CR;
278 x &= ~STM32L4_FLASH_CR_OPBITS;
279 x |= 1 << STM32L4_FLASH_CR_PG;
282 x = 1 << FLASH_CR_PG;
285 stlink_write_debug32(sl, cr_reg, x);
288 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
291 if (sl->flash_type == FLASH_TYPE_F4)
292 cr_reg = FLASH_F4_CR;
293 else if (sl->flash_type == FLASH_TYPE_L4)
294 cr_reg = STM32L4_FLASH_CR;
298 n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
299 stlink_write_debug32(sl, cr_reg, n);
302 static void set_flash_cr_per(stlink_t *sl) {
303 const uint32_t n = 1 << FLASH_CR_PER;
304 stlink_write_debug32(sl, FLASH_CR, n);
307 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
308 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
309 stlink_write_debug32(sl, FLASH_CR, n);
312 static void set_flash_cr_mer(stlink_t *sl) {
313 uint32_t val, cr_reg, cr_mer;
315 if (sl->flash_type == FLASH_TYPE_F4) {
316 cr_reg = FLASH_F4_CR;
317 cr_mer = 1 << FLASH_CR_MER;
318 } else if (sl->flash_type == FLASH_TYPE_L4) {
319 cr_reg = STM32L4_FLASH_CR;
320 cr_mer = (1 << STM32L4_FLASH_CR_MER1) | (1 << STM32L4_FLASH_CR_MER2);
323 cr_mer = 1 << FLASH_CR_MER;
326 stlink_read_debug32(sl, cr_reg, &val);
328 stlink_write_debug32(sl, cr_reg, val);
331 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
332 uint32_t val, cr_reg, cr_mer;
334 if (sl->flash_type == FLASH_TYPE_F4) {
335 cr_reg = FLASH_F4_CR;
336 cr_mer = 1 << FLASH_CR_MER;
337 } else if (sl->flash_type == FLASH_TYPE_L4) {
338 cr_reg = STM32L4_FLASH_CR;
339 cr_mer = (1 << STM32L4_FLASH_CR_MER1) | (1 << STM32L4_FLASH_CR_MER2);
342 cr_mer = 1 << FLASH_CR_MER;
345 stlink_read_debug32(sl, cr_reg, &val);
347 stlink_write_debug32(sl, cr_reg, val);
350 static void set_flash_cr_strt(stlink_t *sl) {
351 uint32_t val, cr_reg, cr_strt;
353 if (sl->flash_type == FLASH_TYPE_F4) {
354 cr_reg = FLASH_F4_CR;
355 cr_strt = 1 << FLASH_F4_CR_STRT;
356 } else if (sl->flash_type == FLASH_TYPE_L4) {
357 cr_reg = STM32L4_FLASH_CR;
358 cr_strt = 1 << STM32L4_FLASH_CR_STRT;
361 cr_strt = 1 << FLASH_CR_STRT;
364 stlink_read_debug32(sl, cr_reg, &val);
366 stlink_write_debug32(sl, cr_reg, val);
369 static inline uint32_t read_flash_acr(stlink_t *sl) {
371 stlink_read_debug32(sl, FLASH_ACR, &acr);
375 static inline uint32_t read_flash_sr(stlink_t *sl) {
376 uint32_t res, sr_reg;
378 if (sl->flash_type == FLASH_TYPE_F4)
379 sr_reg = FLASH_F4_SR;
380 else if (sl->flash_type == FLASH_TYPE_L4)
381 sr_reg = STM32L4_FLASH_SR;
385 stlink_read_debug32(sl, sr_reg, &res);
390 static inline unsigned int is_flash_busy(stlink_t *sl) {
391 uint32_t sr_busy_shift;
393 if (sl->flash_type == FLASH_TYPE_F4)
394 sr_busy_shift = FLASH_F4_SR_BSY;
395 else if (sl->flash_type == FLASH_TYPE_L4)
396 sr_busy_shift = STM32L4_FLASH_SR_BSY;
398 sr_busy_shift = FLASH_SR_BSY;
400 return read_flash_sr(sl) & (1 << sr_busy_shift);
403 static void wait_flash_busy(stlink_t *sl) {
404 /* todo: add some delays here */
405 while (is_flash_busy(sl))
409 static void wait_flash_busy_progress(stlink_t *sl) {
411 fprintf(stdout, "Mass erasing");
413 while (is_flash_busy(sl)) {
417 fprintf(stdout, ".");
421 fprintf(stdout, "\n");
424 static inline unsigned int is_flash_eop(stlink_t *sl) {
425 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
428 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
429 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
430 stlink_write_debug32(sl, FLASH_SR, n);
433 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
434 /* todo: add some delays here */
435 while (is_flash_eop(sl) == 0)
439 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
440 stlink_write_debug32(sl, FLASH_AR, n);
443 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
444 uint32_t x = read_flash_cr(sl);
448 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
450 stlink_write_debug32(sl, FLASH_F4_CR, x);
454 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
455 uint32_t x = read_flash_cr(sl);
456 x &= ~FLASH_F4_CR_SNB_MASK;
457 x |= (n << FLASH_F4_CR_SNB);
458 x |= (1 << FLASH_F4_CR_SER);
460 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
462 stlink_write_debug32(sl, FLASH_F4_CR, x);
465 static inline void write_flash_cr_bker_pnb(stlink_t *sl, uint32_t n) {
466 stlink_write_debug32(sl, STM32L4_FLASH_SR, 0xFFFFFFFF & ~(1<<STM32L4_FLASH_SR_BSY));
467 uint32_t x = read_flash_cr(sl);
468 x &=~ STM32L4_FLASH_CR_OPBITS;
469 x &=~ STM32L4_FLASH_CR_PAGEMASK;
470 x &= ~(1<<STM32L4_FLASH_CR_MER1);
471 x &= ~(1<<STM32L4_FLASH_CR_MER2);
472 x |= (n << STM32L4_FLASH_CR_PNB);
473 x |= (1lu << STM32L4_FLASH_CR_PER);
475 fprintf(stdout, "BKER:PNB:0x%x 0x%x\n", x, n);
477 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
480 // Delegates to the backends...
482 void stlink_close(stlink_t *sl) {
483 DLOG("*** stlink_close ***\n");
486 sl->backend->close(sl);
490 int stlink_exit_debug_mode(stlink_t *sl) {
493 DLOG("*** stlink_exit_debug_mode ***\n");
494 ret = stlink_write_debug32(sl, DHCSR, DBGKEY);
498 return sl->backend->exit_debug_mode(sl);
501 int stlink_enter_swd_mode(stlink_t *sl) {
502 DLOG("*** stlink_enter_swd_mode ***\n");
503 return sl->backend->enter_swd_mode(sl);
506 // Force the core into the debug mode -> halted state.
507 int stlink_force_debug(stlink_t *sl) {
508 DLOG("*** stlink_force_debug_mode ***\n");
509 return sl->backend->force_debug(sl);
512 int stlink_exit_dfu_mode(stlink_t *sl) {
513 DLOG("*** stlink_exit_dfu_mode ***\n");
514 return sl->backend->exit_dfu_mode(sl);
517 int stlink_core_id(stlink_t *sl) {
520 DLOG("*** stlink_core_id ***\n");
521 ret = sl->backend->core_id(sl);
523 ELOG("Failed to read core_id\n");
527 stlink_print_data(sl);
528 DLOG("core_id = 0x%08x\n", sl->core_id);
532 int stlink_chip_id(stlink_t *sl, uint32_t *chip_id) {
535 ret = stlink_read_debug32(sl, 0xE0042000, chip_id);
540 ret = stlink_read_debug32(sl, 0x40015800, chip_id); //Try Corex M0 DBGMCU_IDCODE register address
546 * Cortex m3 tech ref manual, CPUID register description
547 * @param sl stlink context
548 * @param cpuid pointer to the result object
550 int stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
553 if (stlink_read_debug32(sl, CM3_REG_CPUID, &raw))
556 cpuid->implementer_id = (raw >> 24) & 0x7f;
557 cpuid->variant = (raw >> 20) & 0xf;
558 cpuid->part = (raw >> 4) & 0xfff;
559 cpuid->revision = raw & 0xf;
564 * reads and decodes the flash parameters, as dynamically as possible
566 * @return 0 for success, or -1 for unsupported core type.
568 int stlink_load_device_params(stlink_t *sl) {
569 ILOG("Loading device parameters....\n");
570 struct stlink_chipid_params *params = NULL;
575 stlink_chip_id(sl, &chip_id);
576 sl->chip_id = chip_id & 0xfff;
577 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
578 if (sl->chip_id == 0x411) {
580 stlink_read_debug32(sl, 0xE000ED00, &cpuid);
581 if ((cpuid & 0xfff0) == 0xc240)
585 params = stlink_chipid_get_params(sl->chip_id);
586 if (params == NULL) {
587 WLOG("unknown chip id! %#x\n", chip_id);
591 if (params->flash_type == FLASH_TYPE_UNKNOWN) {
592 WLOG("Invalid flash type, please check device declaration\n");
596 // These are fixed...
597 sl->flash_base = STM32_FLASH_BASE;
598 sl->sram_base = STM32_SRAM_BASE;
599 stlink_read_debug32(sl,(params->flash_size_reg) & ~3, &flash_size);
600 if (params->flash_size_reg & 2)
601 flash_size = flash_size >>16;
602 flash_size = flash_size & 0xffff;
604 if ((sl->chip_id == STLINK_CHIPID_STM32_L1_MEDIUM || sl->chip_id == STLINK_CHIPID_STM32_L1_MEDIUM_PLUS) && ( flash_size == 0 )) {
605 sl->flash_size = 128 * 1024;
606 } else if (sl->chip_id == STLINK_CHIPID_STM32_L1_CAT2) {
607 sl->flash_size = (flash_size & 0xff) * 1024;
608 } else if ((sl->chip_id & 0xFFF) == STLINK_CHIPID_STM32_L1_HIGH) {
609 // 0 is 384k and 1 is 256k
610 if ( flash_size == 0 ) {
611 sl->flash_size = 384 * 1024;
613 sl->flash_size = 256 * 1024;
616 sl->flash_size = flash_size * 1024;
618 sl->flash_type = params->flash_type;
619 sl->flash_pgsz = params->flash_pagesize;
620 sl->sram_size = params->sram_size;
621 sl->sys_base = params->bootrom_base;
622 sl->sys_size = params->bootrom_size;
624 //medium and low devices have the same chipid. ram size depends on flash size.
625 //STM32F100xx datasheet Doc ID 16455 Table 2
626 if(sl->chip_id == STLINK_CHIPID_STM32_F1_VL_MEDIUM_LOW && sl->flash_size < 64 * 1024){
627 sl->sram_size = 0x1000;
630 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
631 // TODO make note of variable page size here.....
632 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
633 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
638 int stlink_reset(stlink_t *sl) {
639 DLOG("*** stlink_reset ***\n");
640 return sl->backend->reset(sl);
643 int stlink_jtag_reset(stlink_t *sl, int value) {
644 DLOG("*** stlink_jtag_reset ***\n");
645 return sl->backend->jtag_reset(sl, value);
648 int stlink_run(stlink_t *sl) {
649 DLOG("*** stlink_run ***\n");
650 return sl->backend->run(sl);
653 int stlink_status(stlink_t *sl) {
656 DLOG("*** stlink_status ***\n");
657 ret = sl->backend->status(sl);
658 stlink_core_stat(sl);
664 * Decode the version bits, originally from -sg, verified with usb
665 * @param sl stlink context, assumed to contain valid data in the buffer
666 * @param slv output parsed version object
668 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
669 uint32_t b0 = sl->q_buf[0]; //lsb
670 uint32_t b1 = sl->q_buf[1];
671 uint32_t b2 = sl->q_buf[2];
672 uint32_t b3 = sl->q_buf[3];
673 uint32_t b4 = sl->q_buf[4];
674 uint32_t b5 = sl->q_buf[5]; //msb
676 // b0 b1 || b2 b3 | b4 b5
677 // 4b | 6b | 6b || 2B | 2B
678 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
680 slv->stlink_v = (b0 & 0xf0) >> 4;
681 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
682 slv->swim_v = b1 & 0x3f;
683 slv->st_vid = (b3 << 8) | b2;
684 slv->stlink_pid = (b5 << 8) | b4;
688 int stlink_version(stlink_t *sl) {
689 DLOG("*** looking up stlink version\n");
690 if (sl->backend->version(sl))
693 _parse_version(sl, &sl->version);
695 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
696 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
697 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
698 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
699 DLOG("swim version = 0x%x\n", sl->version.swim_v);
700 if (sl->version.jtag_v == 0) {
701 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
703 if (sl->version.swim_v == 0) {
704 DLOG(" notice: the firmware doesn't support a swim interface\n");
710 int stlink_target_voltage(stlink_t *sl) {
712 DLOG("*** reading target voltage\n");
713 if (sl->backend->target_voltage != NULL) {
714 voltage = sl->backend->target_voltage(sl);
716 DLOG("target voltage = %ldmV\n", voltage);
718 DLOG("error reading target voltage\n");
721 DLOG("reading voltage not supported by backend\n");
726 int stlink_read_debug32(stlink_t *sl, uint32_t addr, uint32_t *data) {
729 ret = sl->backend->read_debug32(sl, addr, data);
731 DLOG("*** stlink_read_debug32 %x is %#x\n", *data, addr);
736 int stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
737 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
738 return sl->backend->write_debug32(sl, addr, data);
741 int stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
742 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
744 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
747 return sl->backend->write_mem32(sl, addr, len);
750 int stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
751 DLOG("*** stlink_read_mem32 ***\n");
752 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
753 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
757 return sl->backend->read_mem32(sl, addr, len);
760 int stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
761 DLOG("*** stlink_write_mem8 ***\n");
762 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
763 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
767 return sl->backend->write_mem8(sl, addr, len);
770 int stlink_read_all_regs(stlink_t *sl, reg *regp) {
771 DLOG("*** stlink_read_all_regs ***\n");
772 return sl->backend->read_all_regs(sl, regp);
775 int stlink_read_all_unsupported_regs(stlink_t *sl, reg *regp) {
776 DLOG("*** stlink_read_all_unsupported_regs ***\n");
777 return sl->backend->read_all_unsupported_regs(sl, regp);
780 int stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
781 DLOG("*** stlink_write_reg\n");
782 return sl->backend->write_reg(sl, reg, idx);
785 int stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
786 DLOG("*** stlink_read_reg\n");
787 DLOG(" (%d) ***\n", r_idx);
789 if (r_idx > 20 || r_idx < 0) {
790 fprintf(stderr, "Error: register index must be in [0..20]\n");
794 return sl->backend->read_reg(sl, r_idx, regp);
797 int stlink_read_unsupported_reg(stlink_t *sl, int r_idx, reg *regp) {
800 DLOG("*** stlink_read_unsupported_reg\n");
801 DLOG(" (%d) ***\n", r_idx);
803 /* Convert to values used by DCRSR */
804 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
806 } else if (r_idx == 0x40) { /* FPSCR */
808 } else if (r_idx >= 0x20 && r_idx < 0x40) {
809 r_convert = 0x40 + (r_idx - 0x20);
811 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
815 return sl->backend->read_unsupported_reg(sl, r_convert, regp);
818 int stlink_write_unsupported_reg(stlink_t *sl, uint32_t val, int r_idx, reg *regp) {
821 DLOG("*** stlink_write_unsupported_reg\n");
822 DLOG(" (%d) ***\n", r_idx);
824 /* Convert to values used by DCRSR */
825 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
826 r_convert = r_idx; /* The backend function handles this */
827 } else if (r_idx == 0x40) { /* FPSCR */
829 } else if (r_idx >= 0x20 && r_idx < 0x40) {
830 r_convert = 0x40 + (r_idx - 0x20);
832 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
836 return sl->backend->write_unsupported_reg(sl, val, r_convert, regp);
839 unsigned int is_core_halted(stlink_t *sl) {
840 /* return non zero if core is halted */
842 return sl->q_buf[0] == STLINK_CORE_HALTED;
845 int stlink_step(stlink_t *sl) {
846 DLOG("*** stlink_step ***\n");
847 return sl->backend->step(sl);
850 int stlink_current_mode(stlink_t *sl) {
851 int mode = sl->backend->current_mode(sl);
853 case STLINK_DEV_DFU_MODE:
854 DLOG("stlink current mode: dfu\n");
856 case STLINK_DEV_DEBUG_MODE:
857 DLOG("stlink current mode: debug (jtag or swd)\n");
859 case STLINK_DEV_MASS_MODE:
860 DLOG("stlink current mode: mass\n");
863 DLOG("stlink mode: unknown!\n");
864 return STLINK_DEV_UNKNOWN_MODE;
870 // End of delegates.... Common code below here...
873 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
875 // #define is_bigendian() ( (*(char*)&i) == 0 )
877 inline unsigned int is_bigendian(void) {
878 static volatile const unsigned int i = 1;
879 return *(volatile const char*) &i == 0;
882 uint16_t read_uint16(const unsigned char *c, const int pt) {
884 char *p = (char *) &ui;
886 if (!is_bigendian()) { // le -> le (don't swap)
896 // same as above with entrypoint.
898 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
899 stlink_write_reg(sl, addr, 15); /* pc register */
903 while (is_core_halted(sl) == 0)
907 void stlink_core_stat(stlink_t *sl) {
911 switch (sl->q_buf[0]) {
912 case STLINK_CORE_RUNNING:
913 sl->core_stat = STLINK_CORE_RUNNING;
914 DLOG(" core status: running\n");
916 case STLINK_CORE_HALTED:
917 sl->core_stat = STLINK_CORE_HALTED;
918 DLOG(" core status: halted\n");
921 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
922 fprintf(stderr, " core status: unknown\n");
926 void stlink_print_data(stlink_t * sl) {
927 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
930 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
932 for (int i = 0; i < sl->q_len; i++) {
935 if (sl->q_data_dir == Q_DATA_OUT)
936 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
938 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
941 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
943 fputs("\n\n", stdout);
946 /* memory mapped file */
948 typedef struct mapped_file {
953 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
955 static int map_file(mapped_file_t* mf, const char* path) {
959 const int fd = open(path, O_RDONLY | O_BINARY);
961 fprintf(stderr, "open(%s) == -1\n", path);
965 if (fstat(fd, &st) == -1) {
966 fprintf(stderr, "fstat() == -1\n");
970 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
971 if (mf->base == MAP_FAILED) {
972 fprintf(stderr, "mmap() == MAP_FAILED\n");
976 mf->len = st.st_size;
987 static void unmap_file(mapped_file_t * mf) {
988 munmap((void*) mf->base, mf->len);
989 mf->base = (unsigned char*) MAP_FAILED;
993 /* Limit the block size to compare to 0x1800
994 Anything larger will stall the STLINK2
995 Maybe STLINK V1 needs smaller value!*/
996 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
998 size_t n_cmp = sl->flash_pgsz;
1002 for (off = 0; off < mf->len; off += n_cmp) {
1003 size_t aligned_size;
1005 /* adjust last page size */
1006 size_t cmp_size = n_cmp;
1007 if ((off + n_cmp) > mf->len)
1008 cmp_size = mf->len - off;
1010 aligned_size = cmp_size;
1011 if (aligned_size & (4 - 1))
1012 aligned_size = (cmp_size + 4) & ~(4 - 1);
1014 stlink_read_mem32(sl, addr + off, aligned_size);
1016 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
1023 int stlink_fwrite_sram
1024 (stlink_t * sl, const char* path, stm32_addr_t addr) {
1025 /* write the file in sram at addr */
1030 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1034 if (map_file(&mf, path) == -1) {
1035 fprintf(stderr, "map_file() == -1\n");
1039 /* check addr range is inside the sram */
1040 if (addr < sl->sram_base) {
1041 fprintf(stderr, "addr too low\n");
1043 } else if ((addr + mf.len) < addr) {
1044 fprintf(stderr, "addr overruns\n");
1046 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
1047 fprintf(stderr, "addr too high\n");
1049 } else if (addr & 3) {
1051 fprintf(stderr, "unaligned addr\n");
1061 /* do the copy by 1k blocks */
1062 for (off = 0; off < len; off += 1024) {
1064 if ((off + size) > len)
1067 memcpy(sl->q_buf, mf.base + off, size);
1069 /* round size if needed */
1073 stlink_write_mem32(sl, addr + off, size);
1077 memcpy(sl->q_buf, mf.base + len, mf.len - len);
1078 stlink_write_mem8(sl, addr + len, mf.len - len);
1081 /* check the file ha been written */
1082 if (check_file(sl, &mf, addr) == -1) {
1083 fprintf(stderr, "check_file() == -1\n");
1090 stlink_read_debug32(sl, addr, &val);
1091 stlink_write_reg(sl, val, 13);
1092 /* Set PC to the reset routine*/
1093 stlink_read_debug32(sl, addr + 4, &val);
1094 stlink_write_reg(sl, val, 15);
1102 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
1103 /* read size bytes from addr to file */
1108 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
1110 fprintf(stderr, "open(%s) == -1\n", path);
1115 size = sl->flash_size;
1117 if (size > sl->flash_size)
1118 size = sl->flash_size;
1120 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1121 for (off = 0; off < size; off += cmp_size) {
1122 size_t aligned_size;
1124 /* adjust last page size */
1125 if ((off + cmp_size) > size)
1126 cmp_size = size - off;
1128 aligned_size = cmp_size;
1129 if (aligned_size & (4 - 1))
1130 aligned_size = (cmp_size + 4) & ~(4 - 1);
1132 stlink_read_mem32(sl, addr + off, aligned_size);
1134 if (write(fd, sl->q_buf, sl->q_len) != (ssize_t) aligned_size) {
1135 fprintf(stderr, "write() != aligned_size\n");
1149 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
1150 /* write the buffer right after the loader */
1151 size_t chunk = size & ~0x3;
1152 size_t rem = size & 0x3;
1154 memcpy(sl->q_buf, buf, chunk);
1155 stlink_write_mem32(sl, fl->buf_addr, chunk);
1158 memcpy(sl->q_buf, buf+chunk, rem);
1159 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
1164 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
1165 uint32_t offset = 0;
1166 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1167 if (flashaddr >= 0x100000) {
1169 flashaddr -= 0x100000;
1171 if (flashaddr<0x4000) return (offset + 0);
1172 else if(flashaddr<0x8000) return(offset + 1);
1173 else if(flashaddr<0xc000) return(offset + 2);
1174 else if(flashaddr<0x10000) return(offset + 3);
1175 else if(flashaddr<0x20000) return(offset + 4);
1176 else return offset + (flashaddr/0x20000) +4;
1180 uint32_t calculate_F7_sectornum(uint32_t flashaddr){
1181 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1182 if(flashaddr<0x20000) return(flashaddr/0x8000);
1183 else if(flashaddr<0x40000) return(4);
1184 else return(flashaddr/0x40000) +4;
1188 // Returns BKER:PNB for the given page address
1189 uint32_t calculate_L4_page(stlink_t *sl, uint32_t flashaddr) {
1192 stlink_read_debug32(sl, STM32L4_FLASH_OPTR, &flashopt);
1193 flashaddr -= STM32_FLASH_BASE;
1194 if (flashopt & (1lu << STM32L4_FLASH_OPTR_DUALBANK)) {
1195 uint32_t banksize = sl->flash_size / 2;
1196 if (flashaddr >= banksize) {
1197 flashaddr -= banksize;
1201 // For 1MB chips without the dual-bank option set, the page address will
1202 // overflow into the BKER bit, which gives us the correct bank:page value.
1203 return bker | flashaddr/sl->flash_pgsz;
1206 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
1207 if ((sl->chip_id == STLINK_CHIPID_STM32_F2) || (sl->chip_id == STLINK_CHIPID_STM32_F4) || (sl->chip_id == STLINK_CHIPID_STM32_F4_DE) ||
1208 (sl->chip_id == STLINK_CHIPID_STM32_F4_LP) || (sl->chip_id == STLINK_CHIPID_STM32_F4_HD) || (sl->chip_id == STLINK_CHIPID_STM32_F411RE) ||
1209 (sl->chip_id == STLINK_CHIPID_STM32_F446) || (sl->chip_id == STLINK_CHIPID_STM32_F4_DSI)) {
1210 uint32_t sector=calculate_F4_sectornum(flashaddr);
1214 if (sector<4) sl->flash_pgsz=0x4000;
1215 else if(sector<5) sl->flash_pgsz=0x10000;
1216 else sl->flash_pgsz=0x20000;
1218 else if (sl->chip_id == STLINK_CHIPID_STM32_F7) {
1219 uint32_t sector=calculate_F7_sectornum(flashaddr);
1220 if (sector<4) sl->flash_pgsz=0x8000;
1221 else if(sector<5) sl->flash_pgsz=0x20000;
1222 else sl->flash_pgsz=0x40000;
1224 return (sl->flash_pgsz);
1228 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
1229 * @param sl stlink context
1230 * @param flashaddr an address in the flash page to erase
1231 * @return 0 on success -ve on failure
1233 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
1235 if (sl->flash_type == FLASH_TYPE_F4 || sl->flash_type == FLASH_TYPE_L4) {
1236 /* wait for ongoing op to finish */
1237 wait_flash_busy(sl);
1239 /* unlock if locked */
1240 unlock_flash_if(sl);
1242 /* select the page to erase */
1243 if (sl->chip_id == STLINK_CHIPID_STM32_L4) {
1244 // calculate the actual bank+page from the address
1245 uint32_t page = calculate_L4_page(sl, flashaddr);
1247 fprintf(stderr, "EraseFlash - Page:0x%x Size:0x%x ", page, stlink_calculate_pagesize(sl, flashaddr));
1249 write_flash_cr_bker_pnb(sl, page);
1250 } else if (sl->chip_id == STLINK_CHIPID_STM32_F7) {
1251 // calculate the actual page from the address
1252 uint32_t sector=calculate_F7_sectornum(flashaddr);
1254 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x ", sector, stlink_calculate_pagesize(sl, flashaddr));
1256 write_flash_cr_snb(sl, sector);
1258 // calculate the actual page from the address
1259 uint32_t sector=calculate_F4_sectornum(flashaddr);
1261 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x ", sector, stlink_calculate_pagesize(sl, flashaddr));
1263 //the SNB values for flash sectors in the second bank do not directly follow the values for the first bank on 2mb devices...
1264 if (sector >= 12) sector += 4;
1266 write_flash_cr_snb(sl, sector);
1269 /* start erase operation */
1270 set_flash_cr_strt(sl);
1272 /* wait for completion */
1273 wait_flash_busy(sl);
1275 /* relock the flash */
1276 //todo: fails to program if this is in
1279 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
1281 } else if (sl->flash_type == FLASH_TYPE_L0) {
1284 uint32_t flash_regs_base;
1285 if (sl->chip_id == STLINK_CHIPID_STM32_L0 || sl->chip_id == STLINK_CHIPID_STM32_L0_CAT5 || sl->chip_id == STLINK_CHIPID_STM32_L0_CAT2) {
1286 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1288 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1291 /* check if the locks are set */
1292 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1293 if((val & (1<<0))||(val & (1<<1))) {
1294 /* disable pecr protection */
1295 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1296 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1298 /* check pecr.pelock is cleared */
1299 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1300 if (val & (1 << 0)) {
1301 WLOG("pecr.pelock not clear (%#x)\n", val);
1305 /* unlock program memory */
1306 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1307 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1309 /* check pecr.prglock is cleared */
1310 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1311 if (val & (1 << 1)) {
1312 WLOG("pecr.prglock not clear (%#x)\n", val);
1317 /* set pecr.{erase,prog} */
1318 val |= (1 << 9) | (1 << 3);
1319 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1320 #if 0 /* fix_to_be_confirmed */
1322 /* wait for sr.busy to be cleared
1323 * MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1324 * wrong and we do not need to wait here for clearing the busy bit.
1325 * TEXANE: ok, if experience says so and it works for you, we comment
1326 * it. If someone has a problem, please drop an email.
1329 stlink_read_debug32(sl, STM32L_FLASH_SR, &val)
1330 } while((val & (1 << 0)) != 0);
1332 #endif /* fix_to_be_confirmed */
1334 /* write 0 to the first word of the page to be erased */
1335 stlink_write_debug32(sl, flashaddr, 0);
1337 /* MP: It is better to wait for clearing the busy bit after issuing
1338 page erase command, even though PM0062 recommends to wait before it.
1339 Test shows that a few iterations is performed in the following loop
1340 before busy bit is cleared.*/
1342 stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF, &val);
1343 } while ((val & (1 << 0)) != 0);
1345 /* reset lock bits */
1346 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1347 val |= (1 << 0) | (1 << 1) | (1 << 2);
1348 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1349 } else if (sl->flash_type == FLASH_TYPE_F0) {
1350 /* wait for ongoing op to finish */
1351 wait_flash_busy(sl);
1353 /* unlock if locked */
1354 unlock_flash_if(sl);
1356 /* set the page erase bit */
1357 set_flash_cr_per(sl);
1359 /* select the page to erase */
1360 write_flash_ar(sl, flashaddr);
1362 /* start erase operation, reset by hw with bsy bit */
1363 set_flash_cr_strt(sl);
1365 /* wait for completion */
1366 wait_flash_busy(sl);
1368 /* relock the flash */
1371 WLOG("unknown coreid %x, page erase failed\n", sl->core_id);
1375 /* todo: verify the erased page */
1380 int stlink_erase_flash_mass(stlink_t *sl) {
1381 if (sl->flash_type == FLASH_TYPE_L0) {
1382 /* erase each page */
1383 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1384 for (i = 0; i < num_pages; i++) {
1385 /* addr must be an addr inside the page */
1386 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1387 if (stlink_erase_flash_page(sl, addr) == -1) {
1388 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1391 fprintf(stdout,"-> Flash page at %5d/%5d erased\n", i, num_pages);
1394 fprintf(stdout, "\n");
1396 /* wait for ongoing op to finish */
1397 wait_flash_busy(sl);
1399 /* unlock if locked */
1400 unlock_flash_if(sl);
1402 /* set the mass erase bit */
1403 set_flash_cr_mer(sl);
1405 /* start erase operation, reset by hw with bsy bit */
1406 set_flash_cr_strt(sl);
1408 /* wait for completion */
1409 wait_flash_busy_progress(sl);
1411 /* relock the flash */
1414 /* todo: verify the erased memory */
1419 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1422 /* allocate the loader in sram */
1423 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1424 WLOG("Failed to write flash loader to sram!\n");
1428 /* allocate a one page buffer in sram right after loader */
1429 fl->buf_addr = fl->loader_addr + size;
1430 ILOG("Successfully loaded flash loader in sram\n");
1434 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1435 /* from openocd, contrib/loaders/flash/stm32.s */
1436 static const uint8_t loader_code_stm32vl[] = {
1437 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1438 0x1c, 0x44, /* add r4, r3 */
1439 /* write_half_word: */
1440 0x01, 0x23, /* movs r3, #0x01 */
1441 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1442 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1443 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1445 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1446 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1447 0xfb, 0xd0, /* beq busy */
1448 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1449 0x01, 0xd1, /* bne exit */
1450 0x01, 0x3a, /* subs r2, r2, #0x01 */
1451 0xf0, 0xd1, /* bne write_half_word */
1453 0x00, 0xbe, /* bkpt #0x00 */
1454 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1457 /* flashloaders/stm32f0.s -- thumb1 only, same sequence as for STM32VL, bank ignored */
1458 static const uint8_t loader_code_stm32f0[] = {
1461 * These two NOPs here are a safety precaution, added by Pekka Nikander
1462 * while debugging the STM32F05x support. They may not be needed, but
1463 * there were strange problems with simpler programs, like a program
1464 * that had just a breakpoint or a program that first moved zero to register r2
1465 * and then had a breakpoint. So, it appears safest to have these two nops.
1467 * Feel free to remove them, if you dare, but then please do test the result
1468 * rigorously. Also, if you remove these, it may be a good idea first to
1469 * #if 0 them out, with a comment when these were taken out, and to remove
1470 * these only a few months later... But YMMV.
1472 0x00, 0x30, // nop /* add r0,#0 */
1473 0x00, 0x30, // nop /* add r0,#0 */
1475 0x0A, 0x4C, // ldr r4, STM32_FLASH_BASE
1476 0x01, 0x25, // mov r5, #1 /* FLASH_CR_PG, FLASH_SR_BUSY */
1477 0x04, 0x26, // mov r6, #4 /* PGERR */
1479 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1480 0x2B, 0x43, // orr r3, r5
1481 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR |= FLASH_CR_PG */
1482 0x03, 0x88, // ldrh r3, [r0] /* r3 = *sram */
1483 0x0B, 0x80, // strh r3, [r1] /* *flash = r3 */
1485 0xE3, 0x68, // ldr r3, [r4, #12] /* FLASH->SR */
1486 0x2B, 0x42, // tst r3, r5 /* FLASH_SR_BUSY */
1487 0xFC, 0xD0, // beq busy
1489 0x33, 0x42, // tst r3, r6 /* PGERR */
1490 0x04, 0xD1, // bne exit
1492 0x02, 0x30, // add r0, r0, #2 /* sram += 2 */
1493 0x02, 0x31, // add r1, r1, #2 /* flash += 2 */
1494 0x01, 0x3A, // sub r2, r2, #0x01 /* count-- */
1495 0x00, 0x2A, // cmp r2, #0
1496 0xF0, 0xD1, // bne write_half_word
1498 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1499 0xAB, 0x43, // bic r3, r5
1500 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR &= ~FLASH_CR_PG */
1501 0x00, 0xBE, // bkpt #0x00
1502 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1505 static const uint8_t loader_code_stm32l[] = {
1506 // flashloaders/stm32lx.s
1508 0x04, 0xe0, // b test_done ; Go to compare
1510 0x04, 0x68, // ldr r4, [r0] ; Load one word from address in r0
1511 0x0c, 0x60, // str r4, [r1] ; Store the word to address in r1
1512 0x04, 0x30, // adds r0, #4 ; Increment r0
1513 0x04, 0x31, // adds r1, #4 ; Increment r1
1514 0x01, 0x3a, // subs r2, #1 ; Decrement r2
1516 0x00, 0x2a, // cmp r2, #0 ; Compare r2 to 0
1517 0xf8, 0xd8, // bhi write_word ; Loop if above 0
1518 0x00, 0xbe, // bkpt #0x00 ; Set breakpoint to exit
1522 static const uint8_t loader_code_stm32f4[] = {
1523 // flashloaders/stm32f4.s
1532 0x14, 0xf0, 0x01, 0x0f,
1534 0x00, 0xf1, 0x04, 0x00,
1535 0x01, 0xf1, 0x04, 0x01,
1536 0xa2, 0xf1, 0x01, 0x02,
1541 0x00, 0x3c, 0x02, 0x40,
1544 static const uint8_t loader_code_stm32f4_lv[] = {
1545 // flashloaders/stm32f4lv.s
1554 0x14, 0xf0, 0x01, 0x0f,
1556 0x00, 0xf1, 0x01, 0x00,
1557 0x01, 0xf1, 0x01, 0x01,
1558 0xa2, 0xf1, 0x01, 0x02,
1564 0x00, 0x3c, 0x02, 0x40,
1567 static const uint8_t loader_code_stm32l4[] = {
1568 // flashloaders/stm32l4.s
1569 0x08, 0x4b, // start: ldr r3, [pc, #32] ; <flash_base>
1570 0x72, 0xb1, // next: cbz r2, <done>
1571 0x04, 0x68, // ldr r4, [r0, #0]
1572 0x45, 0x68, // ldr r5, [r0, #4]
1573 0x0c, 0x60, // str r4, [r1, #0]
1574 0x4d, 0x60, // str r5, [r1, #4]
1575 0x5c, 0x8a, // wait: ldrh r4, [r3, #18]
1576 0x14, 0xf0, 0x01, 0x0f, // tst.w r4, #1
1577 0xfb, 0xd1, // bne.n <wait>
1578 0x00, 0xf1, 0x08, 0x00, // add.w r0, r0, #8
1579 0x01, 0xf1, 0x08, 0x01, // add.w r1, r1, #8
1580 0xa2, 0xf1, 0x01, 0x02, // sub.w r2, r2, #1
1581 0xef, 0xe7, // b.n <next>
1582 0x00, 0xbe, // done: bkpt 0x0000
1583 0x00, 0x20, 0x02, 0x40 // flash_base: .word 0x40022000
1586 static const uint8_t loader_code_stm32f7[] = {
1591 0xbf, 0xf3, 0x4f, 0x8f, // DSB Memory barrier for in order flash write
1593 0x14, 0xf0, 0x01, 0x0f,
1595 0x00, 0xf1, 0x04, 0x00,
1596 0x01, 0xf1, 0x04, 0x01,
1597 0xa2, 0xf1, 0x01, 0x02,
1599 0x00, 0xbe, // bkpt #0x00
1600 0x00, 0x3c, 0x02, 0x40,
1603 const uint8_t* loader_code;
1606 if (sl->chip_id == STLINK_CHIPID_STM32_L1_MEDIUM || sl->chip_id == STLINK_CHIPID_STM32_L1_CAT2
1607 || sl->chip_id == STLINK_CHIPID_STM32_L1_MEDIUM_PLUS || sl->chip_id == STLINK_CHIPID_STM32_L1_HIGH
1608 || sl->chip_id == STLINK_CHIPID_STM32_L152_RE
1609 || sl->chip_id == STLINK_CHIPID_STM32_L0 || sl->chip_id == STLINK_CHIPID_STM32_L0_CAT5 || sl->chip_id == STLINK_CHIPID_STM32_L0_CAT2) { /* stm32l */
1610 loader_code = loader_code_stm32l;
1611 loader_size = sizeof(loader_code_stm32l);
1612 } else if (sl->core_id == STM32VL_CORE_ID
1613 || sl->chip_id == STLINK_CHIPID_STM32_F3
1614 || sl->chip_id == STLINK_CHIPID_STM32_F3_SMALL
1615 || sl->chip_id == STLINK_CHIPID_STM32_F303_HIGH
1616 || sl->chip_id == STLINK_CHIPID_STM32_F37x
1617 || sl->chip_id == STLINK_CHIPID_STM32_F334) {
1618 loader_code = loader_code_stm32vl;
1619 loader_size = sizeof(loader_code_stm32vl);
1620 } else if (sl->chip_id == STLINK_CHIPID_STM32_F2 || sl->chip_id == STLINK_CHIPID_STM32_F4 || (sl->chip_id == STLINK_CHIPID_STM32_F4_DE) ||
1621 sl->chip_id == STLINK_CHIPID_STM32_F4_LP || sl->chip_id == STLINK_CHIPID_STM32_F4_HD || (sl->chip_id == STLINK_CHIPID_STM32_F411RE) ||
1622 (sl->chip_id == STLINK_CHIPID_STM32_F446) || (sl->chip_id == STLINK_CHIPID_STM32_F4_DSI)){
1623 int voltage = stlink_target_voltage(sl);
1624 if (voltage == -1) {
1625 printf("Failed to read Target voltage\n");
1627 } else if (voltage > 2700) {
1628 loader_code = loader_code_stm32f4;
1629 loader_size = sizeof(loader_code_stm32f4);
1631 loader_code = loader_code_stm32f4_lv;
1632 loader_size = sizeof(loader_code_stm32f4_lv);
1634 } else if (sl->chip_id == STLINK_CHIPID_STM32_F7){
1635 loader_code = loader_code_stm32f7;
1636 loader_size = sizeof(loader_code_stm32f7);
1637 } else if (sl->chip_id == STLINK_CHIPID_STM32_F0 || sl->chip_id == STLINK_CHIPID_STM32_F04 || sl->chip_id == STLINK_CHIPID_STM32_F0_CAN || sl->chip_id == STLINK_CHIPID_STM32_F0_SMALL || sl->chip_id == STLINK_CHIPID_STM32_F09X) {
1638 loader_code = loader_code_stm32f0;
1639 loader_size = sizeof(loader_code_stm32f0);
1640 } else if (sl->chip_id == STLINK_CHIPID_STM32_L4) {
1641 loader_code = loader_code_stm32l4;
1642 loader_size = sizeof(loader_code_stm32l4);
1644 ELOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1648 memcpy(sl->q_buf, loader_code, loader_size);
1649 stlink_write_mem32(sl, sl->sram_base, loader_size);
1651 *addr = sl->sram_base;
1652 *size = loader_size;
1658 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1659 /* check the contents of path are at addr */
1662 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1664 if (map_file(&mf, path) == -1)
1667 res = check_file(sl, &mf, addr);
1675 * Verify addr..addr+len is binary identical to base...base+len
1676 * @param sl stlink context
1677 * @param address stm device address
1678 * @param data host side buffer to check against
1679 * @param length how much
1680 * @return 0 for success, -ve for failure
1682 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1684 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1685 ILOG("Starting verification of write complete\n");
1686 for (off = 0; off < length; off += cmp_size) {
1687 size_t aligned_size;
1689 /* adjust last page size */
1690 if ((off + cmp_size) > length)
1691 cmp_size = length - off;
1693 aligned_size = cmp_size;
1694 if (aligned_size & (4 - 1))
1695 aligned_size = (cmp_size + 4) & ~(4 - 1);
1697 stlink_read_mem32(sl, address + off, aligned_size);
1699 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1700 ELOG("Verification of flash failed at offset: %zd\n", off);
1704 ILOG("Flash written and verified! jolly good!\n");
1709 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len, uint32_t pagesize)
1712 unsigned int num_half_pages = len / pagesize;
1714 uint32_t flash_regs_base;
1717 if (sl->chip_id == STLINK_CHIPID_STM32_L0 || sl->chip_id == STLINK_CHIPID_STM32_L0_CAT5 || sl->chip_id == STLINK_CHIPID_STM32_L0_CAT2) {
1718 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1720 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1723 ILOG("Starting Half page flash write for STM32L core id\n");
1724 /* flash loader initialization */
1725 if (init_flash_loader(sl, &fl) == -1) {
1726 WLOG("init_flash_loader() == -1\n");
1729 /* Unlock already done */
1730 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1731 val |= (1 << FLASH_L1_FPRG);
1732 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1734 val |= (1 << FLASH_L1_PROG);
1735 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1737 stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF, &val);
1738 } while ((val & (1 << 0)) != 0);
1740 for (count = 0; count < num_half_pages; count ++) {
1741 if (run_flash_loader(sl, &fl, addr + count * pagesize, base + count * pagesize, pagesize) == -1) {
1742 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * pagesize);
1743 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1744 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1745 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1748 /* wait for sr.busy to be cleared */
1749 if (sl->verbose >= 1) {
1750 /* show progress. writing procedure is slow
1751 and previous errors are misleading */
1752 fprintf(stdout, "\r%3u/%u halfpages written", count + 1, num_half_pages);
1756 stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF, &val);
1757 } while ((val & (1 << 0)) != 0);
1759 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1760 val &= ~(1 << FLASH_L1_PROG);
1761 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1762 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1763 val &= ~(1 << FLASH_L1_FPRG);
1764 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1769 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len, uint8_t eraseonly) {
1772 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1773 len, len, addr, addr);
1774 /* check addr range is inside the flash */
1775 stlink_calculate_pagesize(sl, addr);
1776 if (addr < sl->flash_base) {
1777 ELOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1779 } else if ((addr + len) < addr) {
1780 ELOG("addr overruns\n");
1782 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1783 ELOG("addr too high\n");
1785 } else if (addr & 1) {
1786 ELOG("unaligned addr 0x%x\n", addr);
1788 } else if (len & 1) {
1789 WLOG("unaligned len 0x%x -- padding with zero\n", len);
1791 } else if (addr & (sl->flash_pgsz - 1)) {
1792 ELOG("addr not a multiple of pagesize, not supported\n");
1796 // Make sure we've loaded the context with the chip details
1798 /* erase each page */
1800 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1801 /* addr must be an addr inside the page */
1802 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1803 ELOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1806 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1807 (unsigned long)addr + off);
1811 fprintf(stdout,"\n");
1812 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1813 page_count, sl->flash_pgsz, sl->flash_pgsz);
1818 if ((sl->flash_type == FLASH_TYPE_F4) || (sl->flash_type == FLASH_TYPE_L4)) {
1819 /* todo: check write operation */
1821 ILOG("Starting Flash write for F2/F4/L4\n");
1822 /* flash loader initialization */
1823 if (init_flash_loader(sl, &fl) == -1) {
1824 ELOG("init_flash_loader() == -1\n");
1828 /* First unlock the cr */
1829 unlock_flash_if(sl);
1831 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1832 if (sl->chip_id != STLINK_CHIPID_STM32_L4) {
1833 /* set parallelisim to 32 bit*/
1834 int voltage = stlink_target_voltage(sl);
1835 if (voltage == -1) {
1836 printf("Failed to read Target voltage\n");
1838 } else if (voltage > 2700) {
1839 printf("enabling 32-bit flash writes\n");
1840 write_flash_cr_psiz(sl, 2);
1842 printf("Target voltage (%d mV) too low for 32-bit flash, using 8-bit flash writes\n", voltage);
1843 write_flash_cr_psiz(sl, 0);
1846 /* L4 does not have a byte-write mode */
1847 int voltage = stlink_target_voltage(sl);
1848 if (voltage == -1) {
1849 printf("Failed to read Target voltage\n");
1851 } else if (voltage < 1710) {
1852 printf("Target voltage (%d mV) too low for flash writes!\n", voltage);
1857 /* set programming mode */
1858 set_flash_cr_pg(sl);
1860 for(off = 0; off < len;) {
1861 size_t size = len - off > 0x8000 ? 0x8000 : len - off;
1863 printf("size: %zu\n", size);
1865 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1866 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1878 else if (sl->flash_type == FLASH_TYPE_L0) {
1879 /* use fast word write. todo: half page. */
1881 uint32_t flash_regs_base;
1884 if (sl->chip_id == STLINK_CHIPID_STM32_L0 || sl->chip_id == STLINK_CHIPID_STM32_L0_CAT5 || sl->chip_id == STLINK_CHIPID_STM32_L0_CAT2) {
1885 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1886 pagesize = L0_WRITE_BLOCK_SIZE;
1888 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1889 pagesize = L1_WRITE_BLOCK_SIZE;
1892 /* todo: check write operation */
1894 /* disable pecr protection */
1895 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1896 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1898 /* check pecr.pelock is cleared */
1899 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1900 if (val & (1 << 0)) {
1901 fprintf(stderr, "pecr.pelock not clear\n");
1905 /* unlock program memory */
1906 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1907 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1909 /* check pecr.prglock is cleared */
1910 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1911 if (val & (1 << 1)) {
1912 fprintf(stderr, "pecr.prglock not clear\n");
1916 if (len > pagesize) {
1917 if (stm32l1_write_half_pages(sl, addr, base, len, pagesize) == -1) {
1918 /* This may happen on a blank device! */
1919 WLOG("\nwrite_half_pages failed == -1\n");
1921 off = (len / pagesize)*pagesize;
1925 /* write remainingword in program memory */
1926 for ( ; off < len; off += sizeof(uint32_t)) {
1929 fprintf(stdout, "\r");
1931 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1932 fprintf(stdout, "\r%3zd/%3zd pages written",
1933 off/sl->flash_pgsz, len/sl->flash_pgsz);
1937 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1938 stlink_write_debug32(sl, addr + off, data);
1940 /* wait for sr.busy to be cleared */
1942 stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF, &val);
1943 } while ((val & (1 << 0)) != 0);
1945 /* todo: check redo write operation */
1948 fprintf(stdout, "\n");
1949 /* reset lock bits */
1950 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1951 val |= (1 << 0) | (1 << 1) | (1 << 2);
1952 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1953 } else if (sl->flash_type == FLASH_TYPE_F0) {
1954 ILOG("Starting Flash write for VL/F0/F3 core id\n");
1955 /* flash loader initialization */
1956 if (init_flash_loader(sl, &fl) == -1) {
1957 ELOG("init_flash_loader() == -1\n");
1961 int write_block_count = 0;
1962 for (off = 0; off < len; off += sl->flash_pgsz) {
1963 /* adjust last write size */
1964 size_t size = sl->flash_pgsz;
1965 if ((off + sl->flash_pgsz) > len) size = len - off;
1967 /* unlock and set programming mode */
1968 unlock_flash_if(sl);
1969 set_flash_cr_pg(sl);
1970 //DLOG("Finished setting flash cr pg, running loader!\n");
1971 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1972 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1976 if (sl->verbose >= 1) {
1977 /* show progress. writing procedure is slow
1978 and previous errors are misleading */
1979 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
1983 fprintf(stdout, "\n");
1985 ELOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1989 return stlink_verify_write_flash(sl, addr, base, len);
1993 * Write the given binary file into flash at address "addr"
1995 * @param path readable file path, should be binary image
1996 * @param addr where to start writing
1997 * @return 0 on success, -ve on failure.
1999 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
2000 /* write the file in flash at addr */
2002 unsigned int num_empty, index, val;
2003 unsigned char erased_pattern;
2004 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
2006 if (map_file(&mf, path) == -1) {
2007 ELOG("map_file() == -1\n");
2011 if (sl->flash_type == FLASH_TYPE_L0)
2012 erased_pattern = 0x00;
2014 erased_pattern = 0xff;
2017 for(num_empty = 0; num_empty != mf.len; ++num_empty) {
2018 if (mf.base[--index] != erased_pattern) {
2022 /* Round down to words */
2023 num_empty -= (num_empty & 3);
2024 if(num_empty != 0) {
2025 ILOG("Ignoring %d bytes of 0x%02x at end of file\n", num_empty, erased_pattern);
2027 err = stlink_write_flash(sl, addr, mf.base, num_empty == mf.len? mf.len : mf.len - num_empty, num_empty == mf.len);
2029 stlink_read_debug32(sl, addr, &val);
2030 stlink_write_reg(sl, val, 13);
2031 /* Set PC to the reset routine*/
2032 stlink_read_debug32(sl, addr + 4, &val);
2033 stlink_write_reg(sl, val, 15);
2039 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
2045 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
2046 // FIXME This can never return -1
2047 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
2049 ELOG("write_buffer_to_sram() == -1\n");
2053 if (sl->flash_type == FLASH_TYPE_F0) {
2054 count = size / sizeof(uint16_t);
2055 if (size % sizeof(uint16_t))
2057 } else if (sl->flash_type == FLASH_TYPE_F4 || sl->flash_type == FLASH_TYPE_L0) {
2058 count = size / sizeof(uint32_t);
2059 if (size % sizeof(uint32_t))
2061 } else if (sl->flash_type == FLASH_TYPE_L4) {
2062 count = size / sizeof(uint64_t);
2063 if (size % sizeof(uint64_t))
2068 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
2069 stlink_write_reg(sl, target, 1); /* target */
2070 stlink_write_reg(sl, count, 2); /* count */
2071 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input), only used on F0, but armless fopr others */
2072 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2077 #define WAIT_ROUNDS 10000
2078 /* wait until done (reaches breakpoint) */
2079 for (i = 0; i < WAIT_ROUNDS; i++) {
2081 if (is_core_halted(sl))
2085 if (i >= WAIT_ROUNDS) {
2086 ELOG("flash loader run error\n");
2090 /* check written byte count */
2091 stlink_read_reg(sl, 2, &rr);
2093 fprintf(stderr, "write error, count == %u\n", rr.r[2]);