disable cfi_write_words(). Broken for spansion, fallback

[fw/openocd] / src / flash / cfi.c

/***************************************************************************\r
 *   Copyright (C) 2005, 2007 by Dominic Rath                              *\r
 *   Dominic.Rath@gmx.de                                                   *\r
 *                                                                         *\r
 *   This program is free software; you can redistribute it and/or modify  *\r
 *   it under the terms of the GNU General Public License as published by  *\r
 *   the Free Software Foundation; either version 2 of the License, or     *\r
 *   (at your option) any later version.                                   *\r
 *                                                                         *\r
 *   This program is distributed in the hope that it will be useful,       *\r
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of        *\r
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         *\r
 *   GNU General Public License for more details.                          *\r
 *                                                                         *\r
 *   You should have received a copy of the GNU General Public License     *\r
 *   along with this program; if not, write to the                         *\r
 *   Free Software Foundation, Inc.,                                       *\r
 *   59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.             *\r
 ***************************************************************************/\r
#ifdef HAVE_CONFIG_H\r
#include "config.h"\r
#endif\r
\r
#include "replacements.h"\r
\r
#include "cfi.h"\r
\r
#include "flash.h"\r
#include "target.h"\r
#include "log.h"\r
#include "armv4_5.h"\r
#include "algorithm.h"\r
#include "binarybuffer.h"\r
#include "types.h"\r
\r
#include <stdlib.h>\r
#include <string.h>\r
#include <unistd.h>\r
\r
int cfi_register_commands(struct command_context_s *cmd_ctx);\r
int cfi_flash_bank_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc, struct flash_bank_s *bank);\r
int cfi_erase(struct flash_bank_s *bank, int first, int last);\r
int cfi_protect(struct flash_bank_s *bank, int set, int first, int last);\r
int cfi_write(struct flash_bank_s *bank, u8 *buffer, u32 offset, u32 count);\r
int cfi_probe(struct flash_bank_s *bank);\r
int cfi_auto_probe(struct flash_bank_s *bank);\r
int cfi_erase_check(struct flash_bank_s *bank);\r
int cfi_protect_check(struct flash_bank_s *bank);\r
int cfi_info(struct flash_bank_s *bank, char *buf, int buf_size);\r
\r
int cfi_handle_part_id_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);\r
\r
#define CFI_MAX_BUS_WIDTH       4\r
#define CFI_MAX_CHIP_WIDTH      4\r
\r
/* defines internal maximum size for code fragment in cfi_intel_write_block() */\r
#define CFI_MAX_INTEL_CODESIZE 256\r
\r
flash_driver_t cfi_flash =\r
{\r
        .name = "cfi",\r
        .register_commands = cfi_register_commands,\r
        .flash_bank_command = cfi_flash_bank_command,\r
        .erase = cfi_erase,\r
        .protect = cfi_protect,\r
        .write = cfi_write,\r
        .probe = cfi_probe,\r
        .auto_probe = cfi_auto_probe,\r
        .erase_check = cfi_erase_check,\r
        .protect_check = cfi_protect_check,\r
        .info = cfi_info\r
};\r
\r
cfi_unlock_addresses_t cfi_unlock_addresses[] =\r
{\r
        [CFI_UNLOCK_555_2AA] = { .unlock1 = 0x555, .unlock2 = 0x2aa },\r
        [CFI_UNLOCK_5555_2AAA] = { .unlock1 = 0x5555, .unlock2 = 0x2aaa },\r
};\r
\r
/* CFI fixups foward declarations */\r
void cfi_fixup_non_cfi(flash_bank_t *flash, void *param);\r
void cfi_fixup_0002_erase_regions(flash_bank_t *flash, void *param);\r
void cfi_fixup_0002_unlock_addresses(flash_bank_t *flash, void *param);\r
void cfi_fixup_atmel_reversed_erase_regions(flash_bank_t *flash, void *param);\r
\r
/* fixup after identifying JEDEC manufactuer and ID */\r
cfi_fixup_t cfi_jedec_fixups[] = {\r
        {CFI_MFR_SST, 0x00D4, cfi_fixup_non_cfi, NULL},\r
        {CFI_MFR_SST, 0x00D5, cfi_fixup_non_cfi, NULL},\r
        {CFI_MFR_SST, 0x00D6, cfi_fixup_non_cfi, NULL},\r
        {CFI_MFR_SST, 0x00D7, cfi_fixup_non_cfi, NULL},\r
        {CFI_MFR_SST, 0x2780, cfi_fixup_non_cfi, NULL},\r
        {CFI_MFR_ST, 0x00D5, cfi_fixup_non_cfi, NULL},\r
        {CFI_MFR_ST, 0x00D6, cfi_fixup_non_cfi, NULL},\r
        {CFI_MFR_AMD, 0x2223, cfi_fixup_non_cfi, NULL},\r
        {CFI_MFR_AMD, 0x22ab, cfi_fixup_non_cfi, NULL},\r
        {0, 0, NULL, NULL}\r
};\r
\r
/* fixup after reading cmdset 0002 primary query table */\r
cfi_fixup_t cfi_0002_fixups[] = {\r
        {CFI_MFR_SST, 0x00D4, cfi_fixup_0002_unlock_addresses, &cfi_unlock_addresses[CFI_UNLOCK_5555_2AAA]},\r
        {CFI_MFR_SST, 0x00D5, cfi_fixup_0002_unlock_addresses, &cfi_unlock_addresses[CFI_UNLOCK_5555_2AAA]},\r
        {CFI_MFR_SST, 0x00D6, cfi_fixup_0002_unlock_addresses, &cfi_unlock_addresses[CFI_UNLOCK_5555_2AAA]},\r
        {CFI_MFR_SST, 0x00D7, cfi_fixup_0002_unlock_addresses, &cfi_unlock_addresses[CFI_UNLOCK_5555_2AAA]},\r
        {CFI_MFR_SST, 0x2780, cfi_fixup_0002_unlock_addresses, &cfi_unlock_addresses[CFI_UNLOCK_5555_2AAA]},\r
        {CFI_MFR_ATMEL, 0x00C8, cfi_fixup_atmel_reversed_erase_regions, NULL},\r
        {CFI_MFR_ANY, CFI_ID_ANY, cfi_fixup_0002_erase_regions, NULL},\r
        {0, 0, NULL, NULL}\r
};\r
\r
/* fixup after reading cmdset 0001 primary query table */\r
cfi_fixup_t cfi_0001_fixups[] = {\r
        {0, 0, NULL, NULL}\r
};\r
\r
void cfi_fixup(flash_bank_t *bank, cfi_fixup_t *fixups)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_fixup_t *f;\r
\r
        for (f = fixups; f->fixup; f++)\r
        {\r
                if (((f->mfr == CFI_MFR_ANY) || (f->mfr == cfi_info->manufacturer)) &&\r
                        ((f->id  == CFI_ID_ANY)  || (f->id  == cfi_info->device_id)))\r
                {\r
                        f->fixup(bank, f->param);\r
                }\r
        }\r
}\r
\r
inline u32 flash_address(flash_bank_t *bank, int sector, u32 offset)\r
{\r
        /* while the sector list isn't built, only accesses to sector 0 work */\r
        if (sector == 0)\r
                return bank->base + offset * bank->bus_width;\r
        else\r
        {\r
                if (!bank->sectors)\r
                {\r
                        ERROR("BUG: sector list not yet built");\r
                        exit(-1);\r
                }\r
                return bank->base + bank->sectors[sector].offset + offset * bank->bus_width;\r
        }\r
\r
}\r
\r
void cfi_command(flash_bank_t *bank, u8 cmd, u8 *cmd_buf)\r
{\r
        int i;\r
\r
        /* clear whole buffer, to ensure bits that exceed the bus_width\r
         * are set to zero\r
         */\r
        for (i = 0; i < CFI_MAX_BUS_WIDTH; i++)\r
                cmd_buf[i] = 0;\r
\r
        if (bank->target->endianness == TARGET_LITTLE_ENDIAN)\r
        {\r
                for (i = bank->bus_width; i > 0; i--)\r
                {\r
                        *cmd_buf++ = (i & (bank->chip_width - 1)) ? 0x0 : cmd;\r
                }\r
        }\r
        else\r
        {\r
                for (i = 1; i <= bank->bus_width; i++)\r
                {\r
                        *cmd_buf++ = (i & (bank->chip_width - 1)) ? 0x0 : cmd;\r
                }\r
        }\r
}\r
\r
/* read unsigned 8-bit value from the bank\r
 * flash banks are expected to be made of similar chips\r
 * the query result should be the same for all\r
 */\r
u8 cfi_query_u8(flash_bank_t *bank, int sector, u32 offset)\r
{\r
        target_t *target = bank->target;\r
        u8 data[CFI_MAX_BUS_WIDTH];\r
\r
        target->type->read_memory(target, flash_address(bank, sector, offset), bank->bus_width, 1, data);\r
\r
        if (bank->target->endianness == TARGET_LITTLE_ENDIAN)\r
                return data[0];\r
        else\r
                return data[bank->bus_width - 1];\r
}\r
\r
/* read unsigned 8-bit value from the bank\r
 * in case of a bank made of multiple chips,\r
 * the individual values are ORed\r
 */\r
u8 cfi_get_u8(flash_bank_t *bank, int sector, u32 offset)\r
{\r
        target_t *target = bank->target;\r
        u8 data[CFI_MAX_BUS_WIDTH];\r
        int i;\r
\r
        target->type->read_memory(target, flash_address(bank, sector, offset), bank->bus_width, 1, data);\r
\r
        if (bank->target->endianness == TARGET_LITTLE_ENDIAN)\r
        {\r
                for (i = 0; i < bank->bus_width / bank->chip_width; i++)\r
                        data[0] |= data[i];\r
\r
                return data[0];\r
        }\r
        else\r
        {\r
                u8 value = 0;\r
                for (i = 0; i < bank->bus_width / bank->chip_width; i++)\r
                        value |= data[bank->bus_width - 1 - i];\r
\r
                return value;\r
        }\r
}\r
\r
u16 cfi_query_u16(flash_bank_t *bank, int sector, u32 offset)\r
{\r
        target_t *target = bank->target;\r
        u8 data[CFI_MAX_BUS_WIDTH * 2];\r
\r
        target->type->read_memory(target, flash_address(bank, sector, offset), bank->bus_width, 2, data);\r
\r
        if (bank->target->endianness == TARGET_LITTLE_ENDIAN)\r
                return data[0] | data[bank->bus_width] << 8;\r
        else\r
                return data[bank->bus_width - 1] | data[(2 * bank->bus_width) - 1] << 8;\r
}\r
\r
u32 cfi_query_u32(flash_bank_t *bank, int sector, u32 offset)\r
{\r
        target_t *target = bank->target;\r
        u8 data[CFI_MAX_BUS_WIDTH * 4];\r
\r
        target->type->read_memory(target, flash_address(bank, sector, offset), bank->bus_width, 4, data);\r
\r
        if (bank->target->endianness == TARGET_LITTLE_ENDIAN)\r
                return data[0] | data[bank->bus_width] << 8 | data[bank->bus_width * 2] << 16 | data[bank->bus_width * 3] << 24;\r
        else\r
                return data[bank->bus_width - 1] | data[(2* bank->bus_width) - 1] << 8 |\r
                                data[(3 * bank->bus_width) - 1] << 16 | data[(4 * bank->bus_width) - 1] << 24;\r
}\r
\r
void cfi_intel_clear_status_register(flash_bank_t *bank)\r
{\r
        target_t *target = bank->target;\r
        u8 command[8];\r
\r
        if (target->state != TARGET_HALTED)\r
        {\r
                ERROR("BUG: attempted to clear status register while target wasn't halted");\r
                exit(-1);\r
        }\r
\r
        cfi_command(bank, 0x50, command);\r
        target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
}\r
\r
u8 cfi_intel_wait_status_busy(flash_bank_t *bank, int timeout)\r
{\r
        u8 status;\r
\r
        while ((!((status = cfi_get_u8(bank, 0, 0x0)) & 0x80)) && (timeout-- > 0))\r
        {\r
                DEBUG("status: 0x%x", status);\r
                usleep(1000);\r
        }\r
\r
        /* mask out bit 0 (reserved) */\r
        status = status & 0xfe;\r
\r
        DEBUG("status: 0x%x", status);\r
\r
        if ((status & 0x80) != 0x80)\r
        {\r
                ERROR("timeout while waiting for WSM to become ready");\r
        }\r
        else if (status != 0x80)\r
        {\r
                ERROR("status register: 0x%x", status);\r
                if (status & 0x2)\r
                        ERROR("Block Lock-Bit Detected, Operation Abort");\r
                if (status & 0x4)\r
                        ERROR("Program suspended");\r
                if (status & 0x8)\r
                        ERROR("Low Programming Voltage Detected, Operation Aborted");\r
                if (status & 0x10)\r
                        ERROR("Program Error / Error in Setting Lock-Bit");\r
                if (status & 0x20)\r
                        ERROR("Error in Block Erasure or Clear Lock-Bits");\r
                if (status & 0x40)\r
                        ERROR("Block Erase Suspended");\r
\r
                cfi_intel_clear_status_register(bank);\r
        }\r
\r
        return status;\r
}\r
\r
int cfi_spansion_wait_status_busy(flash_bank_t *bank, int timeout)\r
{\r
        u8 status, oldstatus;\r
\r
        oldstatus = cfi_get_u8(bank, 0, 0x0);\r
\r
        do {\r
                status = cfi_get_u8(bank, 0, 0x0);\r
                if ((status ^ oldstatus) & 0x40) {\r
                        if (status & 0x20) {\r
                                oldstatus = cfi_get_u8(bank, 0, 0x0);\r
                                status = cfi_get_u8(bank, 0, 0x0);\r
                                if ((status ^ oldstatus) & 0x40) {\r
                                        ERROR("dq5 timeout, status: 0x%x", status);\r
                                        return(ERROR_FLASH_OPERATION_FAILED);\r
                                } else {\r
                                        DEBUG("status: 0x%x", status);\r
                                        return(ERROR_OK);\r
                                }\r
                        }\r
                } else {\r
                        DEBUG("status: 0x%x", status);\r
                        return(ERROR_OK);\r
                }\r
\r
                oldstatus = status;\r
                usleep(1000);\r
        } while (timeout-- > 0);\r
\r
        ERROR("timeout, status: 0x%x", status);\r
\r
        return(ERROR_FLASH_BUSY);\r
}\r
\r
int cfi_read_intel_pri_ext(flash_bank_t *bank)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_intel_pri_ext_t *pri_ext = malloc(sizeof(cfi_intel_pri_ext_t));\r
        target_t *target = bank->target;\r
        u8 command[8];\r
\r
        cfi_info->pri_ext = pri_ext;\r
\r
        pri_ext->pri[0] = cfi_query_u8(bank, 0, cfi_info->pri_addr + 0);\r
        pri_ext->pri[1] = cfi_query_u8(bank, 0, cfi_info->pri_addr + 1);\r
        pri_ext->pri[2] = cfi_query_u8(bank, 0, cfi_info->pri_addr + 2);\r
\r
        if ((pri_ext->pri[0] != 'P') || (pri_ext->pri[1] != 'R') || (pri_ext->pri[2] != 'I'))\r
        {\r
                cfi_command(bank, 0xf0, command);\r
                target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
                cfi_command(bank, 0xff, command);\r
                target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
                return ERROR_FLASH_BANK_INVALID;\r
        }\r
\r
        pri_ext->major_version = cfi_query_u8(bank, 0, cfi_info->pri_addr + 3);\r
        pri_ext->minor_version = cfi_query_u8(bank, 0, cfi_info->pri_addr + 4);\r
\r
        DEBUG("pri: '%c%c%c', version: %c.%c", pri_ext->pri[0], pri_ext->pri[1], pri_ext->pri[2], pri_ext->major_version, pri_ext->minor_version);\r
\r
        pri_ext->feature_support = cfi_query_u32(bank, 0, cfi_info->pri_addr + 5);\r
        pri_ext->suspend_cmd_support = cfi_query_u8(bank, 0, cfi_info->pri_addr + 9);\r
        pri_ext->blk_status_reg_mask = cfi_query_u16(bank, 0, cfi_info->pri_addr + 0xa);\r
\r
        DEBUG("feature_support: 0x%x, suspend_cmd_support: 0x%x, blk_status_reg_mask: 0x%x", pri_ext->feature_support, pri_ext->suspend_cmd_support, pri_ext->blk_status_reg_mask);\r
\r
        pri_ext->vcc_optimal = cfi_query_u8(bank, 0, cfi_info->pri_addr + 0xc);\r
        pri_ext->vpp_optimal = cfi_query_u8(bank, 0, cfi_info->pri_addr + 0xd);\r
\r
        DEBUG("Vcc opt: %1.1x.%1.1x, Vpp opt: %1.1x.%1.1x",\r
                  (pri_ext->vcc_optimal & 0xf0) >> 4, pri_ext->vcc_optimal & 0x0f,\r
                  (pri_ext->vpp_optimal & 0xf0) >> 4, pri_ext->vpp_optimal & 0x0f);\r
\r
        pri_ext->num_protection_fields = cfi_query_u8(bank, 0, cfi_info->pri_addr + 0xe);\r
        if (pri_ext->num_protection_fields != 1)\r
        {\r
                WARNING("expected one protection register field, but found %i", pri_ext->num_protection_fields);\r
        }\r
\r
        pri_ext->prot_reg_addr = cfi_query_u16(bank, 0, cfi_info->pri_addr + 0xf);\r
        pri_ext->fact_prot_reg_size = cfi_query_u8(bank, 0, cfi_info->pri_addr + 0x11);\r
        pri_ext->user_prot_reg_size = cfi_query_u8(bank, 0, cfi_info->pri_addr + 0x12);\r
\r
        DEBUG("protection_fields: %i, prot_reg_addr: 0x%x, factory pre-programmed: %i, user programmable: %i", pri_ext->num_protection_fields, pri_ext->prot_reg_addr, 1 << pri_ext->fact_prot_reg_size, 1 << pri_ext->user_prot_reg_size);\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_read_spansion_pri_ext(flash_bank_t *bank)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_spansion_pri_ext_t *pri_ext = malloc(sizeof(cfi_spansion_pri_ext_t));\r
        target_t *target = bank->target;\r
        u8 command[8];\r
\r
        cfi_info->pri_ext = pri_ext;\r
\r
        pri_ext->pri[0] = cfi_query_u8(bank, 0, cfi_info->pri_addr + 0);\r
        pri_ext->pri[1] = cfi_query_u8(bank, 0, cfi_info->pri_addr + 1);\r
        pri_ext->pri[2] = cfi_query_u8(bank, 0, cfi_info->pri_addr + 2);\r
\r
        if ((pri_ext->pri[0] != 'P') || (pri_ext->pri[1] != 'R') || (pri_ext->pri[2] != 'I'))\r
        {\r
                cfi_command(bank, 0xf0, command);\r
                target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
                return ERROR_FLASH_BANK_INVALID;\r
        }\r
\r
        pri_ext->major_version = cfi_query_u8(bank, 0, cfi_info->pri_addr + 3);\r
        pri_ext->minor_version = cfi_query_u8(bank, 0, cfi_info->pri_addr + 4);\r
\r
        DEBUG("pri: '%c%c%c', version: %c.%c", pri_ext->pri[0], pri_ext->pri[1], pri_ext->pri[2], pri_ext->major_version, pri_ext->minor_version);\r
\r
        pri_ext->SiliconRevision = cfi_query_u8(bank, 0, cfi_info->pri_addr + 5);\r
        pri_ext->EraseSuspend    = cfi_query_u8(bank, 0, cfi_info->pri_addr + 6);\r
        pri_ext->BlkProt         = cfi_query_u8(bank, 0, cfi_info->pri_addr + 7);\r
        pri_ext->TmpBlkUnprotect = cfi_query_u8(bank, 0, cfi_info->pri_addr + 8);\r
        pri_ext->BlkProtUnprot   = cfi_query_u8(bank, 0, cfi_info->pri_addr + 9);\r
        pri_ext->SimultaneousOps = cfi_query_u8(bank, 0, cfi_info->pri_addr + 10);\r
        pri_ext->BurstMode       = cfi_query_u8(bank, 0, cfi_info->pri_addr + 11);\r
        pri_ext->PageMode        = cfi_query_u8(bank, 0, cfi_info->pri_addr + 12);\r
        pri_ext->VppMin          = cfi_query_u8(bank, 0, cfi_info->pri_addr + 13);\r
        pri_ext->VppMax          = cfi_query_u8(bank, 0, cfi_info->pri_addr + 14);\r
        pri_ext->TopBottom       = cfi_query_u8(bank, 0, cfi_info->pri_addr + 15);\r
\r
        DEBUG("Silicon Revision: 0x%x, Erase Suspend: 0x%x, Block protect: 0x%x", pri_ext->SiliconRevision,\r
              pri_ext->EraseSuspend, pri_ext->BlkProt);\r
\r
        DEBUG("Temporary Unprotect: 0x%x, Block Protect Scheme: 0x%x, Simultaneous Ops: 0x%x", pri_ext->TmpBlkUnprotect,\r
              pri_ext->BlkProtUnprot, pri_ext->SimultaneousOps);\r
\r
        DEBUG("Burst Mode: 0x%x, Page Mode: 0x%x, ", pri_ext->BurstMode, pri_ext->PageMode);\r
\r
\r
        DEBUG("Vpp min: %2.2d.%1.1d, Vpp max: %2.2d.%1.1x",\r
                  (pri_ext->VppMin & 0xf0) >> 4, pri_ext->VppMin & 0x0f,\r
                  (pri_ext->VppMax & 0xf0) >> 4, pri_ext->VppMax & 0x0f);\r
\r
        DEBUG("WP# protection 0x%x", pri_ext->TopBottom);\r
\r
        /* default values for implementation specific workarounds */\r
        pri_ext->_unlock1 = cfi_unlock_addresses[CFI_UNLOCK_555_2AA].unlock1;\r
        pri_ext->_unlock2 = cfi_unlock_addresses[CFI_UNLOCK_555_2AA].unlock2;\r
        pri_ext->_reversed_geometry = 0;\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_read_atmel_pri_ext(flash_bank_t *bank)\r
{\r
        cfi_atmel_pri_ext_t atmel_pri_ext;\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_spansion_pri_ext_t *pri_ext = malloc(sizeof(cfi_spansion_pri_ext_t));\r
        target_t *target = bank->target;\r
        u8 command[8];\r
\r
        /* ATMEL devices use the same CFI primary command set (0x2) as AMD/Spansion,\r
         * but a different primary extended query table.\r
         * We read the atmel table, and prepare a valid AMD/Spansion query table.\r
         */\r
\r
        memset(pri_ext, 0, sizeof(cfi_spansion_pri_ext_t));\r
\r
        cfi_info->pri_ext = pri_ext;\r
\r
        atmel_pri_ext.pri[0] = cfi_query_u8(bank, 0, cfi_info->pri_addr + 0);\r
        atmel_pri_ext.pri[1] = cfi_query_u8(bank, 0, cfi_info->pri_addr + 1);\r
        atmel_pri_ext.pri[2] = cfi_query_u8(bank, 0, cfi_info->pri_addr + 2);\r
\r
        if ((atmel_pri_ext.pri[0] != 'P') || (atmel_pri_ext.pri[1] != 'R') || (atmel_pri_ext.pri[2] != 'I'))\r
        {\r
                cfi_command(bank, 0xf0, command);\r
                target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
                return ERROR_FLASH_BANK_INVALID;\r
        }\r
\r
        pri_ext->pri[0] = atmel_pri_ext.pri[0];\r
        pri_ext->pri[1] = atmel_pri_ext.pri[1];\r
        pri_ext->pri[2] = atmel_pri_ext.pri[2];\r
\r
        atmel_pri_ext.major_version = cfi_query_u8(bank, 0, cfi_info->pri_addr + 3);\r
        atmel_pri_ext.minor_version = cfi_query_u8(bank, 0, cfi_info->pri_addr + 4);\r
\r
        DEBUG("pri: '%c%c%c', version: %c.%c", atmel_pri_ext.pri[0], atmel_pri_ext.pri[1], atmel_pri_ext.pri[2], atmel_pri_ext.major_version, atmel_pri_ext.minor_version);\r
\r
        pri_ext->major_version = atmel_pri_ext.major_version;\r
        pri_ext->minor_version = atmel_pri_ext.minor_version;\r
\r
        atmel_pri_ext.features = cfi_query_u8(bank, 0, cfi_info->pri_addr + 5);\r
        atmel_pri_ext.bottom_boot = cfi_query_u8(bank, 0, cfi_info->pri_addr + 6);\r
        atmel_pri_ext.burst_mode = cfi_query_u8(bank, 0, cfi_info->pri_addr + 7);\r
        atmel_pri_ext.page_mode = cfi_query_u8(bank, 0, cfi_info->pri_addr + 8);\r
\r
        DEBUG("features: 0x%2.2x, bottom_boot: 0x%2.2x, burst_mode: 0x%2.2x, page_mode: 0x%2.2x",\r
                atmel_pri_ext.features, atmel_pri_ext.bottom_boot, atmel_pri_ext.burst_mode, atmel_pri_ext.page_mode);\r
\r
        if (atmel_pri_ext.features & 0x02)\r
                pri_ext->EraseSuspend = 2;\r
\r
        if (atmel_pri_ext.bottom_boot)\r
                pri_ext->TopBottom = 2;\r
        else\r
                pri_ext->TopBottom = 3;\r
\r
        pri_ext->_unlock1 = cfi_unlock_addresses[CFI_UNLOCK_555_2AA].unlock1;\r
        pri_ext->_unlock2 = cfi_unlock_addresses[CFI_UNLOCK_555_2AA].unlock2;\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_read_0002_pri_ext(flash_bank_t *bank)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
\r
        if (cfi_info->manufacturer == CFI_MFR_ATMEL)\r
        {\r
                return cfi_read_atmel_pri_ext(bank);\r
        }\r
        else\r
        {\r
                return cfi_read_spansion_pri_ext(bank);\r
        }\r
}\r
\r
int cfi_spansion_info(struct flash_bank_s *bank, char *buf, int buf_size)\r
{\r
        int printed;\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_spansion_pri_ext_t *pri_ext = cfi_info->pri_ext;\r
\r
        printed = snprintf(buf, buf_size, "\nSpansion primary algorithm extend information:\n");\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        printed = snprintf(buf, buf_size, "pri: '%c%c%c', version: %c.%c\n", pri_ext->pri[0],\r
                           pri_ext->pri[1], pri_ext->pri[2],\r
                           pri_ext->major_version, pri_ext->minor_version);\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        printed = snprintf(buf, buf_size, "Silicon Rev.: 0x%x, Address Sensitive unlock: 0x%x\n",\r
                           (pri_ext->SiliconRevision) >> 2,\r
                           (pri_ext->SiliconRevision) & 0x03);\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        printed = snprintf(buf, buf_size, "Erase Suspend: 0x%x, Sector Protect: 0x%x\n",\r
                           pri_ext->EraseSuspend,\r
                           pri_ext->BlkProt);\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        printed = snprintf(buf, buf_size, "VppMin: %2.2d.%1.1x, VppMax: %2.2d.%1.1x\n",\r
                (pri_ext->VppMin & 0xf0) >> 4, pri_ext->VppMin & 0x0f,\r
                (pri_ext->VppMax & 0xf0) >> 4, pri_ext->VppMax & 0x0f);\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_intel_info(struct flash_bank_s *bank, char *buf, int buf_size)\r
{\r
        int printed;\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_intel_pri_ext_t *pri_ext = cfi_info->pri_ext;\r
\r
        printed = snprintf(buf, buf_size, "\nintel primary algorithm extend information:\n");\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        printed = snprintf(buf, buf_size, "pri: '%c%c%c', version: %c.%c\n", pri_ext->pri[0], pri_ext->pri[1], pri_ext->pri[2], pri_ext->major_version, pri_ext->minor_version);\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        printed = snprintf(buf, buf_size, "feature_support: 0x%x, suspend_cmd_support: 0x%x, blk_status_reg_mask: 0x%x\n", pri_ext->feature_support, pri_ext->suspend_cmd_support, pri_ext->blk_status_reg_mask);\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        printed = snprintf(buf, buf_size, "Vcc opt: %1.1x.%1.1x, Vpp opt: %1.1x.%1.1x\n",\r
                (pri_ext->vcc_optimal & 0xf0) >> 4, pri_ext->vcc_optimal & 0x0f,\r
                (pri_ext->vpp_optimal & 0xf0) >> 4, pri_ext->vpp_optimal & 0x0f);\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        printed = snprintf(buf, buf_size, "protection_fields: %i, prot_reg_addr: 0x%x, factory pre-programmed: %i, user programmable: %i\n", pri_ext->num_protection_fields, pri_ext->prot_reg_addr, 1 << pri_ext->fact_prot_reg_size, 1 << pri_ext->user_prot_reg_size);\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_register_commands(struct command_context_s *cmd_ctx)\r
{\r
        /*command_t *cfi_cmd = */\r
        register_command(cmd_ctx, NULL, "cfi", NULL, COMMAND_ANY, "flash bank cfi <base> <size> <chip_width> <bus_width> <targetNum> [jedec_probe/x16_as_x8]");\r
        /*\r
        register_command(cmd_ctx, cfi_cmd, "part_id", cfi_handle_part_id_command, COMMAND_EXEC,\r
                                         "print part id of cfi flash bank <num>");\r
        */\r
        return ERROR_OK;\r
}\r
\r
/* flash_bank cfi <base> <size> <chip_width> <bus_width> <target#> [options]\r
 */\r
int cfi_flash_bank_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc, struct flash_bank_s *bank)\r
{\r
        cfi_flash_bank_t *cfi_info;\r
        int i;\r
\r
        if (argc < 6)\r
        {\r
                WARNING("incomplete flash_bank cfi configuration");\r
                return ERROR_FLASH_BANK_INVALID;\r
        }\r
\r
        if ((strtoul(args[4], NULL, 0) > CFI_MAX_CHIP_WIDTH)\r
                || (strtoul(args[3], NULL, 0) > CFI_MAX_BUS_WIDTH))\r
        {\r
                ERROR("chip and bus width have to specified in bytes");\r
                return ERROR_FLASH_BANK_INVALID;\r
        }\r
\r
        cfi_info = malloc(sizeof(cfi_flash_bank_t));\r
        cfi_info->probed = 0;\r
        bank->driver_priv = cfi_info;\r
\r
        cfi_info->write_algorithm = NULL;\r
        cfi_info->erase_check_algorithm = NULL;\r
\r
        cfi_info->x16_as_x8 = 0;\r
        cfi_info->jedec_probe = 0;\r
        cfi_info->not_cfi = 0;\r
\r
        for (i = 6; i < argc; i++)\r
        {\r
                if (strcmp(args[i], "x16_as_x8") == 0)\r
                {\r
                        cfi_info->x16_as_x8 = 1;\r
                }\r
                else if (strcmp(args[i], "jedec_probe") == 0)\r
                {\r
                        cfi_info->jedec_probe = 1;\r
                }\r
        }\r
\r
        cfi_info->write_algorithm = NULL;\r
\r
        /* bank wasn't probed yet */\r
        cfi_info->qry[0] = -1;\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_intel_erase(struct flash_bank_s *bank, int first, int last)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        target_t *target = bank->target;\r
        u8 command[8];\r
        int i;\r
\r
        cfi_intel_clear_status_register(bank);\r
\r
        for (i = first; i <= last; i++)\r
        {\r
                cfi_command(bank, 0x20, command);\r
                target->type->write_memory(target, flash_address(bank, i, 0x0), bank->bus_width, 1, command);\r
\r
                cfi_command(bank, 0xd0, command);\r
                target->type->write_memory(target, flash_address(bank, i, 0x0), bank->bus_width, 1, command);\r
\r
                if (cfi_intel_wait_status_busy(bank, 1000 * (1 << cfi_info->block_erase_timeout_typ)) == 0x80)\r
                        bank->sectors[i].is_erased = 1;\r
                else\r
                {\r
                        cfi_command(bank, 0xff, command);\r
                        target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
\r
                        ERROR("couldn't erase block %i of flash bank at base 0x%x", i, bank->base);\r
                        return ERROR_FLASH_OPERATION_FAILED;\r
                }\r
        }\r
\r
        cfi_command(bank, 0xff, command);\r
        target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_spansion_erase(struct flash_bank_s *bank, int first, int last)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_spansion_pri_ext_t *pri_ext = cfi_info->pri_ext;\r
        target_t *target = bank->target;\r
        u8 command[8];\r
        int i;\r
\r
        for (i = first; i <= last; i++)\r
        {\r
                cfi_command(bank, 0xaa, command);\r
                target->type->write_memory(target, flash_address(bank, 0, pri_ext->_unlock1), bank->bus_width, 1, command);\r
\r
                cfi_command(bank, 0x55, command);\r
                target->type->write_memory(target, flash_address(bank, 0, pri_ext->_unlock2), bank->bus_width, 1, command);\r
\r
                cfi_command(bank, 0x80, command);\r
                target->type->write_memory(target, flash_address(bank, 0, pri_ext->_unlock1), bank->bus_width, 1, command);\r
\r
                cfi_command(bank, 0xaa, command);\r
                target->type->write_memory(target, flash_address(bank, 0, pri_ext->_unlock1), bank->bus_width, 1, command);\r
\r
                cfi_command(bank, 0x55, command);\r
                target->type->write_memory(target, flash_address(bank, 0, pri_ext->_unlock2), bank->bus_width, 1, command);\r
\r
                cfi_command(bank, 0x30, command);\r
                target->type->write_memory(target, flash_address(bank, i, 0x0), bank->bus_width, 1, command);\r
\r
                if (cfi_spansion_wait_status_busy(bank, 1000 * (1 << cfi_info->block_erase_timeout_typ)) == ERROR_OK)\r
                        bank->sectors[i].is_erased = 1;\r
                else\r
                {\r
                        cfi_command(bank, 0xf0, command);\r
                        target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
\r
                        ERROR("couldn't erase block %i of flash bank at base 0x%x", i, bank->base);\r
                        return ERROR_FLASH_OPERATION_FAILED;\r
                }\r
        }\r
\r
        cfi_command(bank, 0xf0, command);\r
        target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_erase(struct flash_bank_s *bank, int first, int last)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
\r
        if (bank->target->state != TARGET_HALTED)\r
        {\r
                return ERROR_TARGET_NOT_HALTED;\r
        }\r
\r
        if ((first < 0) || (last < first) || (last >= bank->num_sectors))\r
        {\r
                return ERROR_FLASH_SECTOR_INVALID;\r
        }\r
\r
        if (cfi_info->qry[0] != 'Q')\r
                return ERROR_FLASH_BANK_NOT_PROBED;\r
\r
        switch(cfi_info->pri_id)\r
        {\r
                case 1:\r
                case 3:\r
                        return cfi_intel_erase(bank, first, last);\r
                        break;\r
                case 2:\r
                        return cfi_spansion_erase(bank, first, last);\r
                        break;\r
                default:\r
                        ERROR("cfi primary command set %i unsupported", cfi_info->pri_id);\r
                        break;\r
        }\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_intel_protect(struct flash_bank_s *bank, int set, int first, int last)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_intel_pri_ext_t *pri_ext = cfi_info->pri_ext;\r
        target_t *target = bank->target;\r
        u8 command[8];\r
        int retry = 0;\r
        int i;\r
\r
        /* if the device supports neither legacy lock/unlock (bit 3) nor\r
         * instant individual block locking (bit 5).\r
         */\r
        if (!(pri_ext->feature_support & 0x28))\r
                return ERROR_FLASH_OPERATION_FAILED;\r
\r
        cfi_intel_clear_status_register(bank);\r
\r
        for (i = first; i <= last; i++)\r
        {\r
                cfi_command(bank, 0x60, command);\r
                DEBUG("address: 0x%4.4x, command: 0x%4.4x", flash_address(bank, i, 0x0), target_buffer_get_u32(target, command));\r
                target->type->write_memory(target, flash_address(bank, i, 0x0), bank->bus_width, 1, command);\r
                if (set)\r
                {\r
                        cfi_command(bank, 0x01, command);\r
                        DEBUG("address: 0x%4.4x, command: 0x%4.4x", flash_address(bank, i, 0x0), target_buffer_get_u32(target, command));\r
                        target->type->write_memory(target, flash_address(bank, i, 0x0), bank->bus_width, 1, command);\r
                        bank->sectors[i].is_protected = 1;\r
                }\r
                else\r
                {\r
                        cfi_command(bank, 0xd0, command);\r
                        DEBUG("address: 0x%4.4x, command: 0x%4.4x", flash_address(bank, i, 0x0), target_buffer_get_u32(target, command));\r
                        target->type->write_memory(target, flash_address(bank, i, 0x0), bank->bus_width, 1, command);\r
                        bank->sectors[i].is_protected = 0;\r
                }\r
\r
                /* instant individual block locking doesn't require reading of the status register */\r
                if (!(pri_ext->feature_support & 0x20))\r
                {\r
                        /* Clear lock bits operation may take up to 1.4s */\r
                        cfi_intel_wait_status_busy(bank, 1400);\r
                }\r
                else\r
                {\r
                        u8 block_status;\r
                        /* read block lock bit, to verify status */\r
                        cfi_command(bank, 0x90, command);\r
                        target->type->write_memory(target, flash_address(bank, 0, 0x55), bank->bus_width, 1, command);\r
                        block_status = cfi_get_u8(bank, i, 0x2);\r
\r
                        if ((block_status & 0x1) != set)\r
                        {\r
                                ERROR("couldn't change block lock status (set = %i, block_status = 0x%2.2x)", set, block_status);\r
                                cfi_command(bank, 0x70, command);\r
                                target->type->write_memory(target, flash_address(bank, 0, 0x55), bank->bus_width, 1, command);\r
                                cfi_intel_wait_status_busy(bank, 10);\r
\r
                                if (retry > 10)\r
                                        return ERROR_FLASH_OPERATION_FAILED;\r
                                else\r
                                {\r
                                        i--;\r
                                        retry++;\r
                                }\r
                        }\r
                }\r
        }\r
\r
        /* if the device doesn't support individual block lock bits set/clear,\r
         * all blocks have been unlocked in parallel, so we set those that should be protected\r
         */\r
        if ((!set) && (!(pri_ext->feature_support & 0x20)))\r
        {\r
                for (i = 0; i < bank->num_sectors; i++)\r
                {\r
                        if (bank->sectors[i].is_protected == 1)\r
                        {\r
                                cfi_intel_clear_status_register(bank);\r
\r
                                cfi_command(bank, 0x60, command);\r
                                target->type->write_memory(target, flash_address(bank, i, 0x0), bank->bus_width, 1, command);\r
\r
                                cfi_command(bank, 0x01, command);\r
                                target->type->write_memory(target, flash_address(bank, i, 0x0), bank->bus_width, 1, command);\r
\r
                                cfi_intel_wait_status_busy(bank, 100);\r
                        }\r
                }\r
        }\r
\r
        cfi_command(bank, 0xff, command);\r
        target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_protect(struct flash_bank_s *bank, int set, int first, int last)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
\r
        if (bank->target->state != TARGET_HALTED)\r
        {\r
                return ERROR_TARGET_NOT_HALTED;\r
        }\r
\r
        if ((first < 0) || (last < first) || (last >= bank->num_sectors))\r
        {\r
                return ERROR_FLASH_SECTOR_INVALID;\r
        }\r
\r
        if (cfi_info->qry[0] != 'Q')\r
                return ERROR_FLASH_BANK_NOT_PROBED;\r
\r
        switch(cfi_info->pri_id)\r
        {\r
                case 1:\r
                case 3:\r
                        cfi_intel_protect(bank, set, first, last);\r
                        break;\r
                default:\r
                        ERROR("cfi primary command set %i unsupported", cfi_info->pri_id);\r
                        break;\r
        }\r
\r
        return ERROR_OK;\r
}\r
\r
/* FIXME Replace this by a simple memcpy() - still unsure about sideeffects */\r
static void cfi_add_byte(struct flash_bank_s *bank, u8 *word, u8 byte)\r
{\r
        //target_t *target = bank->target;\r
\r
        int i;\r
\r
        // NOTE:\r
        // The data to flash must not be changed in endian! We write a bytestrem in\r
        // target byte order already. Only the control and status byte lane of the flash\r
        // WSM is interpreted by the CPU in different ways, when read a u16 or u32\r
        // word (data seems to be in the upper or lower byte lane for u16 accesses).\r
\r
        //if (target->endianness == TARGET_LITTLE_ENDIAN)\r
        //{\r
                /* shift bytes */\r
                for (i = 0; i < bank->bus_width - 1; i++)\r
                        word[i] = word[i + 1];\r
                word[bank->bus_width - 1] = byte;\r
        //}\r
        //else\r
        //{\r
        //      /* shift bytes */\r
        //      for (i = bank->bus_width - 1; i > 0; i--)\r
        //              word[i] = word[i - 1];\r
        //      word[0] = byte;\r
        //}\r
}\r
\r
/* Convert code image to target endian */\r
/* FIXME create general block conversion fcts in target.c?) */ static\r
void cfi_fix_code_endian(target_t *target, u32 *dest, const u32 *src, u32 count)\r
{\r
        u32 i;\r
        for (i=0; i< count; i++)\r
        {\r
                target_buffer_set_u32(target, (u8*)dest, *src);\r
                dest++;\r
                src++;\r
        }\r
}\r
\r
int cfi_intel_write_block(struct flash_bank_s *bank, u8 *buffer, u32 address, u32 count)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        target_t *target = bank->target;\r
        reg_param_t reg_params[7];\r
        armv4_5_algorithm_t armv4_5_info;\r
        working_area_t *source;\r
        u32 buffer_size = 32768;\r
        u8 write_command_buf[CFI_MAX_BUS_WIDTH];\r
        u8 busy_pattern_buf[CFI_MAX_BUS_WIDTH];\r
        u8 error_pattern_buf[CFI_MAX_BUS_WIDTH];\r
        u32 write_command_val, busy_pattern_val, error_pattern_val;\r
\r
        /* algorithm register usage:\r
         * r0: source address (in RAM)\r
         * r1: target address (in Flash)\r
         * r2: count\r
         * r3: flash write command\r
         * r4: status byte (returned to host)\r
         * r5: busy test pattern\r
         * r6: error test pattern\r
         */\r
\r
        static const u32 word_32_code[] = {\r
                0xe4904004,   /* loop:  ldr r4, [r0], #4 */\r
                0xe5813000,   /*                str r3, [r1] */\r
                0xe5814000,   /*                str r4, [r1] */\r
                0xe5914000,   /* busy:  ldr r4, [r1] */\r
                0xe0047005,   /*                and r7, r4, r5 */\r
                0xe1570005,   /*                cmp r7, r5 */\r
                0x1afffffb,   /*                bne busy */\r
                0xe1140006,   /*                tst r4, r6 */\r
                0x1a000003,   /*                bne done */\r
                0xe2522001,   /*                subs r2, r2, #1 */\r
                0x0a000001,   /*                beq done */\r
                0xe2811004,   /*                add r1, r1 #4 */\r
                0xeafffff2,   /*                b loop */\r
                0xeafffffe    /* done:  b -2 */\r
        };\r
\r
        static const u32 word_16_code[] = {\r
                0xe0d040b2,   /* loop:  ldrh r4, [r0], #2 */\r
                0xe1c130b0,   /*                strh r3, [r1] */\r
                0xe1c140b0,   /*                strh r4, [r1] */\r
                0xe1d140b0,   /* busy   ldrh r4, [r1] */\r
                0xe0047005,   /*                and r7, r4, r5 */\r
                0xe1570005,   /*                cmp r7, r5 */\r
                0x1afffffb,   /*                bne busy */\r
                0xe1140006,   /*                tst r4, r6 */\r
                0x1a000003,   /*                bne done */\r
                0xe2522001,   /*                subs r2, r2, #1 */\r
                0x0a000001,   /*                beq done */\r
                0xe2811002,   /*                add r1, r1 #2 */\r
                0xeafffff2,   /*                b loop */\r
                0xeafffffe    /* done:  b -2 */\r
        };\r
\r
        static const u32 word_8_code[] = {\r
                0xe4d04001,   /* loop:  ldrb r4, [r0], #1 */\r
                0xe5c13000,   /*                strb r3, [r1] */\r
                0xe5c14000,   /*                strb r4, [r1] */\r
                0xe5d14000,   /* busy   ldrb r4, [r1] */\r
                0xe0047005,   /*                and r7, r4, r5 */\r
                0xe1570005,   /*                cmp r7, r5 */\r
                0x1afffffb,   /*                bne busy */\r
                0xe1140006,   /*                tst r4, r6 */\r
                0x1a000003,   /*                bne done */\r
                0xe2522001,   /*                subs r2, r2, #1 */\r
                0x0a000001,   /*                beq done */\r
                0xe2811001,   /*                add r1, r1 #1 */\r
                0xeafffff2,   /*                b loop */\r
                0xeafffffe    /* done:  b -2 */\r
        };\r
        u32 target_code[CFI_MAX_INTEL_CODESIZE];\r
        const u32 *target_code_src;\r
        int target_code_size;\r
        int retval = ERROR_OK;\r
\r
\r
        cfi_intel_clear_status_register(bank);\r
\r
        armv4_5_info.common_magic = ARMV4_5_COMMON_MAGIC;\r
        armv4_5_info.core_mode = ARMV4_5_MODE_SVC;\r
        armv4_5_info.core_state = ARMV4_5_STATE_ARM;\r
\r
        /* If we are setting up the write_algorith, we need target_code_src */\r
        /* if not we only need target_code_size.                                                                                                                */\r
        /*                                                                                                                                                                                                                                                                      */\r
        /* However, we don't want to create multiple code paths, so we                  */\r
        /* do the unecessary evaluation of target_code_src, which the                   */\r
        /* compiler will probably nicely optimize away if not needed                            */\r
\r
        /* prepare algorithm code for target endian */\r
        switch (bank->bus_width)\r
        {\r
        case 1 :\r
                target_code_src = word_8_code;\r
                target_code_size = sizeof(word_8_code);\r
                break;\r
        case 2 :\r
                target_code_src = word_16_code;\r
                target_code_size = sizeof(word_16_code);\r
                break;\r
        case 4 :\r
                target_code_src = word_32_code;\r
                target_code_size = sizeof(word_32_code);\r
                break;\r
        default:\r
                ERROR("Unsupported bank buswidth %d, can't do block memory writes", bank->bus_width);\r
                return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;\r
        }\r
\r
        /* flash write code */\r
        if (!cfi_info->write_algorithm)\r
        {\r
                if ( target_code_size > sizeof(target_code) )\r
                {\r
                        WARNING("Internal error - target code buffer to small. Increase CFI_MAX_INTEL_CODESIZE and recompile.");\r
                        return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;\r
                }\r
                cfi_fix_code_endian(target, target_code, target_code_src, target_code_size);\r
\r
                /* Get memory for block write handler */\r
                retval = target_alloc_working_area(target, target_code_size, &cfi_info->write_algorithm);\r
                if (retval != ERROR_OK)\r
                {\r
                        WARNING("No working area available, can't do block memory writes");\r
                        return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;\r
                };\r
\r
                /* write algorithm code to working area */\r
                retval = target_write_buffer(target, cfi_info->write_algorithm->address, target_code_size, (u8*)target_code);\r
                if (retval != ERROR_OK)\r
                {\r
                        ERROR("Unable to write block write code to target");\r
                        goto cleanup;\r
                }\r
        }\r
\r
        /* Get a workspace buffer for the data to flash starting with 32k size.\r
           Half size until buffer would be smaller 256 Bytem then fail back */\r
        /* FIXME Why 256 bytes, why not 32 bytes (smallest flash write page */\r
        while (target_alloc_working_area(target, buffer_size, &source) != ERROR_OK)\r
        {\r
                buffer_size /= 2;\r
                if (buffer_size <= 256)\r
                {\r
                        WARNING("no large enough working area available, can't do block memory writes");\r
                        retval = ERROR_TARGET_RESOURCE_NOT_AVAILABLE;\r
                        goto cleanup;\r
                }\r
        };\r
\r
        /* setup algo registers */\r
        init_reg_param(&reg_params[0], "r0", 32, PARAM_OUT);\r
        init_reg_param(&reg_params[1], "r1", 32, PARAM_OUT);\r
        init_reg_param(&reg_params[2], "r2", 32, PARAM_OUT);\r
        init_reg_param(&reg_params[3], "r3", 32, PARAM_OUT);\r
        init_reg_param(&reg_params[4], "r4", 32, PARAM_IN);\r
        init_reg_param(&reg_params[5], "r5", 32, PARAM_OUT);\r
        init_reg_param(&reg_params[6], "r6", 32, PARAM_OUT);\r
\r
        /* prepare command and status register patterns */\r
        cfi_command(bank, 0x40, write_command_buf);\r
        cfi_command(bank, 0x80, busy_pattern_buf);\r
        cfi_command(bank, 0x7e, error_pattern_buf);\r
\r
        switch (bank->bus_width)\r
        {\r
        case 1 :\r
                write_command_val = write_command_buf[0];\r
                busy_pattern_val = busy_pattern_buf[0];\r
                error_pattern_val = error_pattern_buf[0];\r
                break;\r
        case 2 :\r
                write_command_val = target_buffer_get_u16(target, write_command_buf);\r
                busy_pattern_val = target_buffer_get_u16(target, busy_pattern_buf);\r
                error_pattern_val = target_buffer_get_u16(target, error_pattern_buf);\r
                break;\r
        case 4 :\r
                write_command_val = target_buffer_get_u32(target, write_command_buf);\r
                busy_pattern_val = target_buffer_get_u32(target, busy_pattern_buf);\r
                error_pattern_val = target_buffer_get_u32(target, error_pattern_buf);\r
                break;\r
        default :\r
                ERROR("Unsupported bank buswidth %d, can't do block memory writes", bank->bus_width);\r
                retval = ERROR_TARGET_RESOURCE_NOT_AVAILABLE;\r
                goto cleanup;\r
        }\r
\r
        INFO("Using target buffer at 0x%08x and of size 0x%04x", source->address, buffer_size );\r
\r
        /* Programming main loop */\r
        while (count > 0)\r
        {\r
                u32 thisrun_count = (count > buffer_size) ? buffer_size : count;\r
                u32 wsm_error;\r
\r
                target_write_buffer(target, source->address, thisrun_count, buffer);\r
\r
                buf_set_u32(reg_params[0].value, 0, 32, source->address);\r
                buf_set_u32(reg_params[1].value, 0, 32, address);\r
                buf_set_u32(reg_params[2].value, 0, 32, thisrun_count / bank->bus_width);\r
\r
                buf_set_u32(reg_params[3].value, 0, 32, write_command_val);\r
                buf_set_u32(reg_params[5].value, 0, 32, busy_pattern_val);\r
                buf_set_u32(reg_params[6].value, 0, 32, error_pattern_val);\r
\r
                INFO("Write 0x%04x bytes to flash at 0x%08x", thisrun_count, address );\r
\r
                /* Execute algorithm, assume breakpoint for last instruction */\r
                retval = target->type->run_algorithm(target, 0, NULL, 7, reg_params,\r
                        cfi_info->write_algorithm->address,\r
                        cfi_info->write_algorithm->address + target_code_size - sizeof(u32),\r
                        10000, /* 10s should be enough for max. 32k of data */\r
                        &armv4_5_info);\r
\r
                /* On failure try a fall back to direct word writes */\r
                if (retval != ERROR_OK)\r
                {\r
                        cfi_intel_clear_status_register(bank);\r
                        ERROR("Execution of flash algorythm failed. Can't fall back. Please report.");\r
                        retval = ERROR_FLASH_OPERATION_FAILED;\r
                        //retval = ERROR_TARGET_RESOURCE_NOT_AVAILABLE;\r
                        // FIXME To allow fall back or recovery, we must save the actual status\r
                        //       somewhere, so that a higher level code can start recovery.\r
                        goto cleanup;\r
                }\r
\r
                /* Check return value from algo code */\r
                wsm_error = buf_get_u32(reg_params[4].value, 0, 32) & error_pattern_val;\r
                if (wsm_error)\r
                {\r
                        /* read status register (outputs debug inforation) */\r
                        cfi_intel_wait_status_busy(bank, 100);\r
                        cfi_intel_clear_status_register(bank);\r
                        retval = ERROR_FLASH_OPERATION_FAILED;\r
                        goto cleanup;\r
                }\r
\r
                buffer += thisrun_count;\r
                address += thisrun_count;\r
                count -= thisrun_count;\r
        }\r
\r
        /* free up resources */\r
cleanup:\r
        if (source)\r
                target_free_working_area(target, source);\r
\r
        if (cfi_info->write_algorithm)\r
        {\r
                target_free_working_area(target, cfi_info->write_algorithm);\r
                cfi_info->write_algorithm = NULL;\r
        }\r
\r
        destroy_reg_param(&reg_params[0]);\r
        destroy_reg_param(&reg_params[1]);\r
        destroy_reg_param(&reg_params[2]);\r
        destroy_reg_param(&reg_params[3]);\r
        destroy_reg_param(&reg_params[4]);\r
        destroy_reg_param(&reg_params[5]);\r
        destroy_reg_param(&reg_params[6]);\r
\r
        return retval;\r
}\r
\r
int cfi_spansion_write_block(struct flash_bank_s *bank, u8 *buffer, u32 address, u32 count)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_spansion_pri_ext_t *pri_ext = cfi_info->pri_ext;\r
        target_t *target = bank->target;\r
        reg_param_t reg_params[10];\r
        armv4_5_algorithm_t armv4_5_info;\r
        working_area_t *source;\r
        u32 buffer_size = 32768;\r
        u8 write_command[CFI_MAX_BUS_WIDTH];\r
        u32 status;\r
        int i;\r
        int retval;\r
        int exit_code = ERROR_OK;\r
\r
        /* input parameters - */\r
        /*      R0 = source address */\r
        /*      R1 = destination address */\r
        /*      R2 = number of writes */\r
        /*      R3 = flash write command */\r
        /*      R4 = constant to mask DQ7 bits (also used for Dq5 with shift) */\r
        /* output parameters - */\r
        /*      R5 = 0x80 ok 0x00 bad */\r
        /* temp registers - */\r
        /*      R6 = value read from flash to test status */\r
        /*      R7 = holding register */\r
        /* unlock registers - */\r
        /*  R8 = unlock1_addr */\r
        /*  R9 = unlock1_cmd */\r
        /*  R10 = unlock2_addr */\r
        /*  R11 = unlock2_cmd */\r
\r
        u32 word_32_code[] = {\r
                                                /* 00008100 <sp_32_code>:               */\r
                0xe4905004,             /* ldr  r5, [r0], #4                    */\r
                0xe5889000,     /* str  r9, [r8]                                */\r
                0xe58ab000,     /* str  r11, [r10]                              */\r
                0xe5883000,     /* str  r3, [r8]                                */\r
                0xe5815000,     /* str  r5, [r1]                                */\r
                0xe1a00000,     /* nop                                                  */\r
                                                /*                                                              */\r
                                                /* 00008110 <sp_32_busy>:               */\r
                0xe5916000,     /* ldr  r6, [r1]                                */\r
                0xe0257006,     /* eor  r7, r5, r6                              */\r
                0xe0147007,     /* ands r7, r4, r7                              */\r
                0x0a000007,     /* beq  8140 <sp_32_cont> ; b if DQ7 == Data7 */\r
                0xe0166124,     /* ands r6, r6, r4, lsr #2              */\r
                0x0afffff9,     /* beq  8110 <sp_32_busy> ;     b if DQ5 low */\r
                0xe5916000,     /* ldr  r6, [r1]                                */\r
                0xe0257006,     /* eor  r7, r5, r6                              */\r
                0xe0147007,     /* ands r7, r4, r7                              */\r
                0x0a000001,     /* beq  8140 <sp_32_cont> ; b if DQ7 == Data7 */\r
                0xe3a05000,     /* mov  r5, #0  ; 0x0 - return 0x00, error */\r
                0x1a000004,     /* bne  8154 <sp_32_done>               */\r
                                                /*                                                              */\r
                                /* 00008140 <sp_32_cont>:                               */\r
                0xe2522001,     /* subs r2, r2, #1      ; 0x1           */\r
                0x03a05080,     /* moveq        r5, #128        ; 0x80  */\r
                0x0a000001,     /* beq  8154 <sp_32_done>               */\r
                0xe2811004,     /* add  r1, r1, #4      ; 0x4           */\r
                0xeaffffe8,     /* b    8100 <sp_32_code>               */\r
                                                /*                                                              */\r
                                                /* 00008154 <sp_32_done>:               */\r
                0xeafffffe              /* b    8154 <sp_32_done>               */\r
                };\r
\r
                u32 word_16_code[] = {\r
                                /* 00008158 <sp_16_code>:              */\r
                0xe0d050b2,     /* ldrh r5, [r0], #2               */\r
                0xe1c890b0,     /* strh r9, [r8]                                */\r
                0xe1cab0b0,     /* strh r11, [r10]                              */\r
                0xe1c830b0,     /* strh r3, [r8]                                */\r
                0xe1c150b0,     /* strh r5, [r1]                       */\r
                0xe1a00000,     /* nop                  (mov r0,r0)    */\r
                                /*                                     */\r
                                /* 00008168 <sp_16_busy>:              */\r
                0xe1d160b0,     /* ldrh r6, [r1]                       */\r
                0xe0257006,     /* eor  r7, r5, r6                     */\r
                0xe0147007,     /* ands r7, r4, r7                     */\r
                0x0a000007,     /* beq  8198 <sp_16_cont>              */\r
                0xe0166124,     /* ands r6, r6, r4, lsr #2             */\r
                0x0afffff9,     /* beq  8168 <sp_16_busy>              */\r
                0xe1d160b0,     /* ldrh r6, [r1]                       */\r
                0xe0257006,     /* eor  r7, r5, r6                     */\r
                0xe0147007,     /* ands r7, r4, r7                     */\r
                0x0a000001,     /* beq  8198 <sp_16_cont>              */\r
                0xe3a05000,     /* mov  r5, #0  ; 0x0                  */\r
                0x1a000004,     /* bne  81ac <sp_16_done>              */\r
                                /*                                     */\r
                                /* 00008198 <sp_16_cont>:              */\r
                0xe2522001,     /* subs r2, r2, #1      ; 0x1          */\r
                0x03a05080,     /* moveq        r5, #128        ; 0x80 */\r
                0x0a000001,     /* beq  81ac <sp_16_done>              */\r
                0xe2811002,     /* add  r1, r1, #2      ; 0x2          */\r
                0xeaffffe8,     /* b    8158 <sp_16_code>              */\r
                                /*                                     */\r
                                /* 000081ac <sp_16_done>:              */\r
                0xeafffffe      /* b    81ac <sp_16_done>              */\r
                };\r
\r
                u32 word_8_code[] = {\r
                                /* 000081b0 <sp_16_code_end>:          */\r
                0xe4d05001,     /* ldrb r5, [r0], #1                   */\r
                0xe5c89000,     /* strb r9, [r8]                                */\r
                0xe5cab000,     /* strb r11, [r10]                              */\r
                0xe5c83000,     /* strb r3, [r8]                                */\r
                0xe5c15000,     /* strb r5, [r1]                       */\r
                0xe1a00000,     /* nop                  (mov r0,r0)    */\r
                                /*                                     */\r
                                /* 000081c0 <sp_8_busy>:               */\r
                0xe5d16000,     /* ldrb r6, [r1]                       */\r
                0xe0257006,     /* eor  r7, r5, r6                     */\r
                0xe0147007,     /* ands r7, r4, r7                     */\r
                0x0a000007,     /* beq  81f0 <sp_8_cont>               */\r
                0xe0166124,     /* ands r6, r6, r4, lsr #2             */\r
                0x0afffff9,     /* beq  81c0 <sp_8_busy>               */\r
                0xe5d16000,     /* ldrb r6, [r1]                       */\r
                0xe0257006,     /* eor  r7, r5, r6                     */\r
                0xe0147007,     /* ands r7, r4, r7                     */\r
                0x0a000001,     /* beq  81f0 <sp_8_cont>               */\r
                0xe3a05000,     /* mov  r5, #0  ; 0x0                  */\r
                0x1a000004,     /* bne  8204 <sp_8_done>               */\r
                                /*                                     */\r
                                /* 000081f0 <sp_8_cont>:               */\r
                0xe2522001,     /* subs r2, r2, #1      ; 0x1          */\r
                0x03a05080,     /* moveq        r5, #128        ; 0x80 */\r
                0x0a000001,     /* beq  8204 <sp_8_done>               */\r
                0xe2811001,     /* add  r1, r1, #1      ; 0x1          */\r
                0xeaffffe8,     /* b    81b0 <sp_16_code_end>          */\r
                                /*                                     */\r
                                /* 00008204 <sp_8_done>:               */\r
                0xeafffffe      /* b    8204 <sp_8_done>               */\r
        };\r
\r
        armv4_5_info.common_magic = ARMV4_5_COMMON_MAGIC;\r
        armv4_5_info.core_mode = ARMV4_5_MODE_SVC;\r
        armv4_5_info.core_state = ARMV4_5_STATE_ARM;\r
\r
        /* flash write code */\r
        if (!cfi_info->write_algorithm)\r
        {\r
                u8 *code_p;\r
\r
                /* convert bus-width dependent algorithm code to correct endiannes */\r
                if (bank->bus_width == 1)\r
                {\r
                        code_p = malloc(24 * 4);\r
\r
                        for (i = 0; i < 24; i++)\r
                                target_buffer_set_u32(target, code_p + (i*4), word_8_code[i]);\r
                }\r
                else if (bank->bus_width == 2)\r
                {\r
                        code_p = malloc(24 * 4);\r
\r
                        for (i = 0; i < 24; i++)\r
                                target_buffer_set_u32(target, code_p + (i*4), word_16_code[i]);\r
                }\r
                else if (bank->bus_width == 4)\r
                {\r
                        code_p = malloc(24 * 4);\r
\r
                        for (i = 0; i < 24; i++)\r
                                target_buffer_set_u32(target, code_p + (i*4), word_32_code[i]);\r
                }\r
                else\r
                {\r
                        return ERROR_FLASH_OPERATION_FAILED;\r
                }\r
\r
                /* allocate working area */\r
                if (target_alloc_working_area(target, 24 * 4,\r
                        &cfi_info->write_algorithm) != ERROR_OK)\r
                {\r
                        WARNING("no working area available, can't do block memory writes");\r
                        return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;\r
                }\r
\r
                /* write algorithm code to working area */\r
                target_write_buffer(target, cfi_info->write_algorithm->address, 24 * 4, code_p);\r
\r
                free(code_p);\r
        }\r
\r
        while (target_alloc_working_area(target, buffer_size, &source) != ERROR_OK)\r
        {\r
                buffer_size /= 2;\r
                if (buffer_size <= 256)\r
                {\r
                        /* if we already allocated the writing code, but failed to get a buffer, free the algorithm */\r
                        if (cfi_info->write_algorithm)\r
                                target_free_working_area(target, cfi_info->write_algorithm);\r
\r
                        WARNING("not enough working area available, can't do block memory writes");\r
                        return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;\r
                }\r
        };\r
\r
        init_reg_param(&reg_params[0], "r0", 32, PARAM_OUT);\r
        init_reg_param(&reg_params[1], "r1", 32, PARAM_OUT);\r
        init_reg_param(&reg_params[2], "r2", 32, PARAM_OUT);\r
        init_reg_param(&reg_params[3], "r3", 32, PARAM_OUT);\r
        init_reg_param(&reg_params[4], "r4", 32, PARAM_OUT);\r
        init_reg_param(&reg_params[5], "r5", 32, PARAM_IN);\r
        init_reg_param(&reg_params[6], "r8", 32, PARAM_OUT);\r
        init_reg_param(&reg_params[7], "r9", 32, PARAM_OUT);\r
        init_reg_param(&reg_params[8], "r10", 32, PARAM_OUT);\r
        init_reg_param(&reg_params[9], "r11", 32, PARAM_OUT);\r
\r
        while (count > 0)\r
        {\r
                u32 thisrun_count = (count > buffer_size) ? buffer_size : count;\r
\r
                target_write_buffer(target, source->address, thisrun_count, buffer);\r
\r
                buf_set_u32(reg_params[0].value, 0, 32, source->address);\r
                buf_set_u32(reg_params[1].value, 0, 32, address);\r
                buf_set_u32(reg_params[2].value, 0, 32, thisrun_count / bank->bus_width);\r
                cfi_command(bank, 0xA0, write_command);\r
                buf_set_u32(reg_params[3].value, 0, 32, buf_get_u32(write_command, 0, 32));\r
                cfi_command(bank, 0x80, write_command);\r
                buf_set_u32(reg_params[4].value, 0, 32, buf_get_u32(write_command, 0, 32));\r
                buf_set_u32(reg_params[6].value, 0, 32, flash_address(bank, 0, pri_ext->_unlock1));\r
                buf_set_u32(reg_params[7].value, 0, 32, 0xaa);\r
                buf_set_u32(reg_params[8].value, 0, 32, flash_address(bank, 0, pri_ext->_unlock2));\r
                buf_set_u32(reg_params[9].value, 0, 32, 0x55);\r
\r
                retval = target->type->run_algorithm(target, 0, NULL, 10, reg_params,\r
                                                     cfi_info->write_algorithm->address,\r
                                                     cfi_info->write_algorithm->address + ((24 * 4) - 4),\r
                                                     10000, &armv4_5_info);\r
\r
                status = buf_get_u32(reg_params[5].value, 0, 32);\r
\r
                if ((retval != ERROR_OK) || status != 0x80)\r
                {\r
                        DEBUG("status: 0x%x", status);\r
                        exit_code = ERROR_FLASH_OPERATION_FAILED;\r
                        break;\r
                }\r
\r
                buffer += thisrun_count;\r
                address += thisrun_count;\r
                count -= thisrun_count;\r
        }\r
\r
        target_free_working_area(target, source);\r
\r
        destroy_reg_param(&reg_params[0]);\r
        destroy_reg_param(&reg_params[1]);\r
        destroy_reg_param(&reg_params[2]);\r
        destroy_reg_param(&reg_params[3]);\r
        destroy_reg_param(&reg_params[4]);\r
        destroy_reg_param(&reg_params[5]);\r
        destroy_reg_param(&reg_params[6]);\r
        destroy_reg_param(&reg_params[7]);\r
        destroy_reg_param(&reg_params[8]);\r
        destroy_reg_param(&reg_params[9]);\r
\r
        return exit_code;\r
}\r
\r
int cfi_intel_write_word(struct flash_bank_s *bank, u8 *word, u32 address)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        target_t *target = bank->target;\r
        u8 command[8];\r
\r
        cfi_intel_clear_status_register(bank);\r
        cfi_command(bank, 0x40, command);\r
        target->type->write_memory(target, address, bank->bus_width, 1, command);\r
\r
        target->type->write_memory(target, address, bank->bus_width, 1, word);\r
\r
        if (cfi_intel_wait_status_busy(bank, 1000 * (1 << cfi_info->word_write_timeout_max)) != 0x80)\r
        {\r
                cfi_command(bank, 0xff, command);\r
                target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
\r
                ERROR("couldn't write word at base 0x%x, address %x", bank->base, address);\r
                return ERROR_FLASH_OPERATION_FAILED;\r
        }\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_intel_write_words(struct flash_bank_s *bank, u8 *word, u32 wordcount, u32 address)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        target_t *target = bank->target;\r
        u8 command[8];\r
\r
        /* Calculate buffer size and boundary mask */\r
        u32 buffersize = 1UL << cfi_info->max_buf_write_size;\r
        u32 buffermask = buffersize-1;\r
        u32 bufferwsize;\r
\r
        /* Check for valid range */\r
        if (address & buffermask)\r
        {\r
                ERROR("Write address at base 0x%x, address %x not aligned to 2^%d boundary", bank->base, address, cfi_info->max_buf_write_size);\r
                return ERROR_FLASH_OPERATION_FAILED;\r
        }\r
        switch(bank->chip_width)\r
        {\r
        case 4 : bufferwsize = buffersize / 4; break;\r
        case 2 : bufferwsize = buffersize / 2; break;\r
        case 1 : bufferwsize = buffersize; break;\r
        default:\r
                ERROR("Unsupported chip width %d", bank->chip_width);\r
                return ERROR_FLASH_OPERATION_FAILED;\r
        }\r
\r
        /* Check for valid size */\r
        if (wordcount > bufferwsize)\r
        {\r
                ERROR("Number of data words %d exceeds available buffersize %d", wordcount, buffersize);\r
                return ERROR_FLASH_OPERATION_FAILED;\r
        }\r
\r
        /* Write to flash buffer */\r
        cfi_intel_clear_status_register(bank);\r
\r
        /* Initiate buffer operation _*/\r
        cfi_command(bank, 0xE8, command);\r
        target->type->write_memory(target, address, bank->bus_width, 1, command);\r
        if (cfi_intel_wait_status_busy(bank, 1000 * (1 << cfi_info->buf_write_timeout_max)) != 0x80)\r
        {\r
                cfi_command(bank, 0xff, command);\r
                target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
\r
                ERROR("couldn't start buffer write operation at base 0x%x, address %x", bank->base, address);\r
                return ERROR_FLASH_OPERATION_FAILED;\r
        }\r
\r
        /* Write buffer wordcount-1 and data words */\r
        cfi_command(bank, bufferwsize-1, command);\r
        target->type->write_memory(target, address, bank->bus_width, 1, command);\r
\r
        target->type->write_memory(target, address, bank->bus_width, bufferwsize, word);\r
\r
        /* Commit write operation */\r
        cfi_command(bank, 0xd0, command);\r
        target->type->write_memory(target, address, bank->bus_width, 1, command);\r
        if (cfi_intel_wait_status_busy(bank, 1000 * (1 << cfi_info->buf_write_timeout_max)) != 0x80)\r
        {\r
                cfi_command(bank, 0xff, command);\r
                target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
\r
                ERROR("Buffer write at base 0x%x, address %x failed.", bank->base, address);\r
                return ERROR_FLASH_OPERATION_FAILED;\r
        }\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_spansion_write_word(struct flash_bank_s *bank, u8 *word, u32 address)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_spansion_pri_ext_t *pri_ext = cfi_info->pri_ext;\r
        target_t *target = bank->target;\r
        u8 command[8];\r
\r
        cfi_command(bank, 0xaa, command);\r
        target->type->write_memory(target, flash_address(bank, 0, pri_ext->_unlock1), bank->bus_width, 1, command);\r
\r
        cfi_command(bank, 0x55, command);\r
        target->type->write_memory(target, flash_address(bank, 0, pri_ext->_unlock2), bank->bus_width, 1, command);\r
\r
        cfi_command(bank, 0xa0, command);\r
        target->type->write_memory(target, flash_address(bank, 0, pri_ext->_unlock1), bank->bus_width, 1, command);\r
\r
        target->type->write_memory(target, address, bank->bus_width, 1, word);\r
\r
        if (cfi_spansion_wait_status_busy(bank, 1000 * (1 << cfi_info->word_write_timeout_max)) != ERROR_OK)\r
        {\r
                cfi_command(bank, 0xf0, command);\r
                target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
\r
                ERROR("couldn't write word at base 0x%x, address %x", bank->base, address);\r
                return ERROR_FLASH_OPERATION_FAILED;\r
        }\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_write_word(struct flash_bank_s *bank, u8 *word, u32 address)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
\r
        switch(cfi_info->pri_id)\r
        {\r
                case 1:\r
                case 3:\r
                        return cfi_intel_write_word(bank, word, address);\r
                        break;\r
                case 2:\r
                        return cfi_spansion_write_word(bank, word, address);\r
                        break;\r
                default:\r
                        ERROR("cfi primary command set %i unsupported", cfi_info->pri_id);\r
                        break;\r
        }\r
\r
        return ERROR_FLASH_OPERATION_FAILED;\r
}\r
\r
int cfi_write_words(struct flash_bank_s *bank, u8 *word, u32 wordcount, u32 address)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
\r
        switch(cfi_info->pri_id)\r
        {\r
                case 1:\r
                case 3:\r
                        return cfi_intel_write_words(bank, word, wordcount, address);\r
                        break;\r
                case 2:\r
                        //return cfi_spansion_write_words(bank, word, address);\r
                        ERROR("cfi primary command set %i unimplemented - FIXME", cfi_info->pri_id);\r
                        break;\r
                default:\r
                        ERROR("cfi primary command set %i unsupported", cfi_info->pri_id);\r
                        break;\r
        }\r
\r
        return ERROR_FLASH_OPERATION_FAILED;\r
}\r
\r
int cfi_write(struct flash_bank_s *bank, u8 *buffer, u32 offset, u32 count)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        target_t *target = bank->target;\r
        u32 address = bank->base + offset;      /* address of first byte to be programmed */\r
        u32 write_p, copy_p;\r
        int align;      /* number of unaligned bytes */\r
        int blk_count; /* number of bus_width bytes for block copy */\r
        u8 current_word[CFI_MAX_BUS_WIDTH * 4]; /* word (bus_width size) currently being programmed */\r
        int i;\r
        int retval;\r
\r
        if (bank->target->state != TARGET_HALTED)\r
        {\r
                return ERROR_TARGET_NOT_HALTED;\r
        }\r
\r
        if (offset + count > bank->size)\r
                return ERROR_FLASH_DST_OUT_OF_BANK;\r
\r
        if (cfi_info->qry[0] != 'Q')\r
                return ERROR_FLASH_BANK_NOT_PROBED;\r
\r
        /* start at the first byte of the first word (bus_width size) */\r
        write_p = address & ~(bank->bus_width - 1);\r
        if ((align = address - write_p) != 0)\r
        {\r
                INFO("Fixup %d unaligned head bytes", align );\r
\r
                for (i = 0; i < bank->bus_width; i++)\r
                        current_word[i] = 0;\r
                copy_p = write_p;\r
\r
                /* copy bytes before the first write address */\r
                for (i = 0; i < align; ++i, ++copy_p)\r
                {\r
                        u8 byte;\r
                        target->type->read_memory(target, copy_p, 1, 1, &byte);\r
                        cfi_add_byte(bank, current_word, byte);\r
                }\r
\r
                /* add bytes from the buffer */\r
                for (; (i < bank->bus_width) && (count > 0); i++)\r
                {\r
                        cfi_add_byte(bank, current_word, *buffer++);\r
                        count--;\r
                        copy_p++;\r
                }\r
\r
                /* if the buffer is already finished, copy bytes after the last write address */\r
                for (; (count == 0) && (i < bank->bus_width); ++i, ++copy_p)\r
                {\r
                        u8 byte;\r
                        target->type->read_memory(target, copy_p, 1, 1, &byte);\r
                        cfi_add_byte(bank, current_word, byte);\r
                }\r
\r
                retval = cfi_write_word(bank, current_word, write_p);\r
                if (retval != ERROR_OK)\r
                        return retval;\r
                write_p = copy_p;\r
        }\r
\r
        /* handle blocks of bus_size aligned bytes */\r
        blk_count = count & ~(bank->bus_width - 1); /* round down, leave tail bytes */\r
        switch(cfi_info->pri_id)\r
        {\r
                /* try block writes (fails without working area) */\r
                case 1:\r
                case 3:\r
                        retval = cfi_intel_write_block(bank, buffer, write_p, blk_count);\r
                        break;\r
                case 2:\r
                        retval = cfi_spansion_write_block(bank, buffer, write_p, blk_count);\r
                        break;\r
                default:\r
                        ERROR("cfi primary command set %i unsupported", cfi_info->pri_id);\r
                        retval = ERROR_FLASH_OPERATION_FAILED;\r
                        break;\r
        }\r
        if (retval == ERROR_OK)\r
        {\r
                /* Increment pointers and decrease count on succesful block write */\r
                buffer += blk_count;\r
                write_p += blk_count;\r
                count -= blk_count;\r
        }\r
        else\r
        {\r
                if (retval == ERROR_TARGET_RESOURCE_NOT_AVAILABLE)\r
                {\r
                        u32 buffersize = 1UL << cfi_info->max_buf_write_size;\r
                        u32 buffermask = buffersize-1;\r
                        u32 bufferwsize;\r
\r
                        switch(bank->chip_width)\r
                        {\r
                        case 4 : bufferwsize = buffersize / 4; break;\r
                        case 2 : bufferwsize = buffersize / 2; break;\r
                        case 1 : bufferwsize = buffersize; break;\r
                        default:\r
                                ERROR("Unsupported chip width %d", bank->chip_width);\r
                                return ERROR_FLASH_OPERATION_FAILED;\r
                        }\r
\r
                        /* fall back to memory writes */\r
                        while (count > bank->bus_width)\r
                        {\r
                                if ((write_p & 0xff) == 0)\r
                                {\r
                                        INFO("Programming at %08x, count %08x bytes remaining", write_p, count);\r
                                }\r
#if 0\r
                                /* NB! this is broken for spansion! */\r
                                if ((count > bufferwsize) && !(write_p & buffermask))\r
                                {\r
                                        retval = cfi_write_words(bank, buffer, bufferwsize, write_p);\r
                                        if (retval != ERROR_OK)\r
                                                return retval;\r
\r
                                        buffer += buffersize;\r
                                        write_p += buffersize;\r
                                        count -= buffersize;\r
                                }\r
                                else\r
#endif\r
                                {\r
                                        for (i = 0; i < bank->bus_width; i++)\r
                                                current_word[i] = 0;\r
\r
                                        for (i = 0; i < bank->bus_width; i++)\r
                                        {\r
                                                cfi_add_byte(bank, current_word, *buffer++);\r
                                        }\r
\r
                                        retval = cfi_write_word(bank, current_word, write_p);\r
                                        if (retval != ERROR_OK)\r
                                                return retval;\r
\r
                                        write_p += bank->bus_width;\r
                                        count -= bank->bus_width;\r
                                }\r
                        }\r
                }\r
                else\r
                        return retval;\r
        }\r
\r
        /* return to read array mode, so we can read from flash again for padding */\r
        cfi_command(bank, 0xf0, current_word);\r
        target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, current_word);\r
        cfi_command(bank, 0xff, current_word);\r
        target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, current_word);\r
\r
        /* handle unaligned tail bytes */\r
        if (count > 0)\r
        {\r
                INFO("Fixup %d unaligned tail bytes", count );\r
\r
                copy_p = write_p;\r
                for (i = 0; i < bank->bus_width; i++)\r
                        current_word[i] = 0;\r
\r
                for (i = 0; (i < bank->bus_width) && (count > 0); ++i, ++copy_p)\r
                {\r
                        cfi_add_byte(bank, current_word, *buffer++);\r
                        count--;\r
                }\r
                for (; i < bank->bus_width; ++i, ++copy_p)\r
                {\r
                        u8 byte;\r
                        target->type->read_memory(target, copy_p, 1, 1, &byte);\r
                        cfi_add_byte(bank, current_word, byte);\r
                }\r
                retval = cfi_write_word(bank, current_word, write_p);\r
                if (retval != ERROR_OK)\r
                        return retval;\r
        }\r
\r
        /* return to read array mode */\r
        cfi_command(bank, 0xf0, current_word);\r
        target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, current_word);\r
        cfi_command(bank, 0xff, current_word);\r
        target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, current_word);\r
\r
        return ERROR_OK;\r
}\r
\r
void cfi_fixup_atmel_reversed_erase_regions(flash_bank_t *bank, void *param)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_spansion_pri_ext_t *pri_ext = cfi_info->pri_ext;\r
\r
        pri_ext->_reversed_geometry = 1;\r
}\r
\r
void cfi_fixup_0002_erase_regions(flash_bank_t *bank, void *param)\r
{\r
        int i;\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_spansion_pri_ext_t *pri_ext = cfi_info->pri_ext;\r
\r
        if ((pri_ext->_reversed_geometry) || (pri_ext->TopBottom == 3))\r
        {\r
                DEBUG("swapping reversed erase region information on cmdset 0002 device");\r
\r
                for (i = 0; i < cfi_info->num_erase_regions / 2; i++)\r
                {\r
                        int j = (cfi_info->num_erase_regions - 1) - i;\r
                        u32 swap;\r
\r
                        swap = cfi_info->erase_region_info[i];\r
                        cfi_info->erase_region_info[i] = cfi_info->erase_region_info[j];\r
                        cfi_info->erase_region_info[j] = swap;\r
                }\r
        }\r
}\r
\r
void cfi_fixup_0002_unlock_addresses(flash_bank_t *bank, void *param)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_spansion_pri_ext_t *pri_ext = cfi_info->pri_ext;\r
        cfi_unlock_addresses_t *unlock_addresses = param;\r
\r
        pri_ext->_unlock1 = unlock_addresses->unlock1;\r
        pri_ext->_unlock2 = unlock_addresses->unlock2;\r
}\r
\r
int cfi_probe(struct flash_bank_s *bank)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        target_t *target = bank->target;\r
        u8 command[8];\r
        int num_sectors = 0;\r
        int i;\r
        int sector = 0;\r
        u32 offset = 0;\r
        u32 unlock1 = 0x555;\r
        u32 unlock2 = 0x2aa;\r
\r
        cfi_info->probed = 0;\r
\r
        /* JEDEC standard JESD21C uses 0x5555 and 0x2aaa as unlock addresses,\r
         * while CFI compatible AMD/Spansion flashes use 0x555 and 0x2aa\r
         */\r
        if (cfi_info->jedec_probe)\r
        {\r
                unlock1 = 0x5555;\r
                unlock2 = 0x2aaa;\r
        }\r
\r
        /* switch to read identifier codes mode ("AUTOSELECT") */\r
        cfi_command(bank, 0xaa, command);\r
        target->type->write_memory(target, flash_address(bank, 0, unlock1), bank->bus_width, 1, command);\r
        cfi_command(bank, 0x55, command);\r
        target->type->write_memory(target, flash_address(bank, 0, unlock2), bank->bus_width, 1, command);\r
        cfi_command(bank, 0x90, command);\r
        target->type->write_memory(target, flash_address(bank, 0, unlock1), bank->bus_width, 1, command);\r
\r
        if (bank->chip_width == 1)\r
        {\r
                u8 manufacturer, device_id;\r
                target_read_u8(target, bank->base + 0x0, &manufacturer);\r
                target_read_u8(target, bank->base + 0x1, &device_id);\r
                cfi_info->manufacturer = manufacturer;\r
                cfi_info->device_id = device_id;\r
        }\r
        else if (bank->chip_width == 2)\r
        {\r
                target_read_u16(target, bank->base + 0x0, &cfi_info->manufacturer);\r
                target_read_u16(target, bank->base + 0x2, &cfi_info->device_id);\r
        }\r
\r
        /* switch back to read array mode */\r
        cfi_command(bank, 0xf0, command);\r
        target->type->write_memory(target, flash_address(bank, 0, 0x00), bank->bus_width, 1, command);\r
        cfi_command(bank, 0xff, command);\r
        target->type->write_memory(target, flash_address(bank, 0, 0x00), bank->bus_width, 1, command);\r
\r
        cfi_fixup(bank, cfi_jedec_fixups);\r
\r
        /* query only if this is a CFI compatible flash,\r
         * otherwise the relevant info has already been filled in\r
         */\r
        if (cfi_info->not_cfi == 0)\r
        {\r
                /* enter CFI query mode\r
                 * according to JEDEC Standard No. 68.01,\r
                 * a single bus sequence with address = 0x55, data = 0x98 should put\r
                 * the device into CFI query mode.\r
                 *\r
                 * SST flashes clearly violate this, and we will consider them incompatbile for now\r
                 */\r
                cfi_command(bank, 0x98, command);\r
                target->type->write_memory(target, flash_address(bank, 0, 0x55), bank->bus_width, 1, command);\r
\r
                cfi_info->qry[0] = cfi_query_u8(bank, 0, 0x10);\r
                cfi_info->qry[1] = cfi_query_u8(bank, 0, 0x11);\r
                cfi_info->qry[2] = cfi_query_u8(bank, 0, 0x12);\r
\r
                DEBUG("CFI qry returned: 0x%2.2x 0x%2.2x 0x%2.2x", cfi_info->qry[0], cfi_info->qry[1], cfi_info->qry[2]);\r
\r
                if ((cfi_info->qry[0] != 'Q') || (cfi_info->qry[1] != 'R') || (cfi_info->qry[2] != 'Y'))\r
                {\r
                        cfi_command(bank, 0xf0, command);\r
                        target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
                        cfi_command(bank, 0xff, command);\r
                        target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
                        return ERROR_FLASH_BANK_INVALID;\r
                }\r
\r
                cfi_info->pri_id = cfi_query_u16(bank, 0, 0x13);\r
                cfi_info->pri_addr = cfi_query_u16(bank, 0, 0x15);\r
                cfi_info->alt_id = cfi_query_u16(bank, 0, 0x17);\r
                cfi_info->alt_addr = cfi_query_u16(bank, 0, 0x19);\r
\r
                DEBUG("qry: '%c%c%c', pri_id: 0x%4.4x, pri_addr: 0x%4.4x, alt_id: 0x%4.4x, alt_addr: 0x%4.4x", cfi_info->qry[0], cfi_info->qry[1], cfi_info->qry[2], cfi_info->pri_id, cfi_info->pri_addr, cfi_info->alt_id, cfi_info->alt_addr);\r
\r
                cfi_info->vcc_min = cfi_query_u8(bank, 0, 0x1b);\r
                cfi_info->vcc_max = cfi_query_u8(bank, 0, 0x1c);\r
                cfi_info->vpp_min = cfi_query_u8(bank, 0, 0x1d);\r
                cfi_info->vpp_max = cfi_query_u8(bank, 0, 0x1e);\r
                cfi_info->word_write_timeout_typ = cfi_query_u8(bank, 0, 0x1f);\r
                cfi_info->buf_write_timeout_typ = cfi_query_u8(bank, 0, 0x20);\r
                cfi_info->block_erase_timeout_typ = cfi_query_u8(bank, 0, 0x21);\r
                cfi_info->chip_erase_timeout_typ = cfi_query_u8(bank, 0, 0x22);\r
                cfi_info->word_write_timeout_max = cfi_query_u8(bank, 0, 0x23);\r
                cfi_info->buf_write_timeout_max = cfi_query_u8(bank, 0, 0x24);\r
                cfi_info->block_erase_timeout_max = cfi_query_u8(bank, 0, 0x25);\r
                cfi_info->chip_erase_timeout_max = cfi_query_u8(bank, 0, 0x26);\r
\r
                DEBUG("Vcc min: %1.1x.%1.1x, Vcc max: %1.1x.%1.1x, Vpp min: %1.1x.%1.1x, Vpp max: %1.1x.%1.1x",\r
                        (cfi_info->vcc_min & 0xf0) >> 4, cfi_info->vcc_min & 0x0f,\r
                        (cfi_info->vcc_max & 0xf0) >> 4, cfi_info->vcc_max & 0x0f,\r
                        (cfi_info->vpp_min & 0xf0) >> 4, cfi_info->vpp_min & 0x0f,\r
                        (cfi_info->vpp_max & 0xf0) >> 4, cfi_info->vpp_max & 0x0f);\r
                DEBUG("typ. word write timeout: %u, typ. buf write timeout: %u, typ. block erase timeout: %u, typ. chip erase timeout: %u", 1 << cfi_info->word_write_timeout_typ, 1 << cfi_info->buf_write_timeout_typ,\r
                        1 << cfi_info->block_erase_timeout_typ, 1 << cfi_info->chip_erase_timeout_typ);\r
                DEBUG("max. word write timeout: %u, max. buf write timeout: %u, max. block erase timeout: %u, max. chip erase timeout: %u", (1 << cfi_info->word_write_timeout_max) * (1 << cfi_info->word_write_timeout_typ),\r
                        (1 << cfi_info->buf_write_timeout_max) * (1 << cfi_info->buf_write_timeout_typ),\r
                        (1 << cfi_info->block_erase_timeout_max) * (1 << cfi_info->block_erase_timeout_typ),\r
                        (1 << cfi_info->chip_erase_timeout_max) * (1 << cfi_info->chip_erase_timeout_typ));\r
\r
                cfi_info->dev_size = cfi_query_u8(bank, 0, 0x27);\r
                cfi_info->interface_desc = cfi_query_u16(bank, 0, 0x28);\r
                cfi_info->max_buf_write_size = cfi_query_u16(bank, 0, 0x2a);\r
                cfi_info->num_erase_regions = cfi_query_u8(bank, 0, 0x2c);\r
\r
                DEBUG("size: 0x%x, interface desc: %i, max buffer write size: %x", 1 << cfi_info->dev_size, cfi_info->interface_desc, (1 << cfi_info->max_buf_write_size));\r
\r
                if (((1 << cfi_info->dev_size) * bank->bus_width / bank->chip_width) != bank->size)\r
                {\r
                        WARNING("configuration specifies 0x%x size, but a 0x%x size flash was found", bank->size, 1 << cfi_info->dev_size);\r
                }\r
\r
                if (cfi_info->num_erase_regions)\r
                {\r
                        cfi_info->erase_region_info = malloc(4 * cfi_info->num_erase_regions);\r
                        for (i = 0; i < cfi_info->num_erase_regions; i++)\r
                        {\r
                                cfi_info->erase_region_info[i] = cfi_query_u32(bank, 0, 0x2d + (4 * i));\r
                                DEBUG("erase region[%i]: %i blocks of size 0x%x", i, (cfi_info->erase_region_info[i] & 0xffff) + 1, (cfi_info->erase_region_info[i] >> 16) * 256);\r
                        }\r
                }\r
                else\r
                {\r
                        cfi_info->erase_region_info = NULL;\r
                }\r
\r
                /* We need to read the primary algorithm extended query table before calculating\r
                 * the sector layout to be able to apply fixups\r
                 */\r
                switch(cfi_info->pri_id)\r
                {\r
                        /* Intel command set (standard and extended) */\r
                        case 0x0001:\r
                        case 0x0003:\r
                                cfi_read_intel_pri_ext(bank);\r
                                break;\r
                        /* AMD/Spansion, Atmel, ... command set */\r
                        case 0x0002:\r
                                cfi_read_0002_pri_ext(bank);\r
                                break;\r
                        default:\r
                                ERROR("cfi primary command set %i unsupported", cfi_info->pri_id);\r
                                break;\r
                }\r
\r
                /* return to read array mode\r
                 * we use both reset commands, as some Intel flashes fail to recognize the 0xF0 command\r
                 */\r
                cfi_command(bank, 0xf0, command);\r
                target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
                cfi_command(bank, 0xff, command);\r
                target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
        }\r
\r
        /* apply fixups depending on the primary command set */\r
        switch(cfi_info->pri_id)\r
        {\r
                /* Intel command set (standard and extended) */\r
                case 0x0001:\r
                case 0x0003:\r
                        cfi_fixup(bank, cfi_0001_fixups);\r
                        break;\r
                /* AMD/Spansion, Atmel, ... command set */\r
                case 0x0002:\r
                        cfi_fixup(bank, cfi_0002_fixups);\r
                        break;\r
                default:\r
                        ERROR("cfi primary command set %i unsupported", cfi_info->pri_id);\r
                        break;\r
        }\r
\r
        if (cfi_info->num_erase_regions == 0)\r
        {\r
                /* a device might have only one erase block, spanning the whole device */\r
                bank->num_sectors = 1;\r
                bank->sectors = malloc(sizeof(flash_sector_t));\r
\r
                bank->sectors[sector].offset = 0x0;\r
                bank->sectors[sector].size = bank->size;\r
                bank->sectors[sector].is_erased = -1;\r
                bank->sectors[sector].is_protected = -1;\r
        }\r
        else\r
        {\r
                for (i = 0; i < cfi_info->num_erase_regions; i++)\r
                {\r
                        num_sectors += (cfi_info->erase_region_info[i] & 0xffff) + 1;\r
                }\r
\r
                bank->num_sectors = num_sectors;\r
                bank->sectors = malloc(sizeof(flash_sector_t) * num_sectors);\r
\r
                for (i = 0; i < cfi_info->num_erase_regions; i++)\r
                {\r
                        int j;\r
                        for (j = 0; j < (cfi_info->erase_region_info[i] & 0xffff) + 1; j++)\r
                        {\r
                                bank->sectors[sector].offset = offset;\r
                                bank->sectors[sector].size = ((cfi_info->erase_region_info[i] >> 16) * 256) * bank->bus_width / bank->chip_width;\r
                                offset += bank->sectors[sector].size;\r
                                bank->sectors[sector].is_erased = -1;\r
                                bank->sectors[sector].is_protected = -1;\r
                                sector++;\r
                        }\r
                }\r
        }\r
        \r
        cfi_info->probed = 1;\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_auto_probe(struct flash_bank_s *bank)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        if (cfi_info->probed)\r
                return ERROR_OK;\r
        return cfi_probe(bank);\r
}\r
\r
int cfi_erase_check(struct flash_bank_s *bank)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        target_t *target = bank->target;\r
        int i;\r
        int retval;\r
\r
        if (!cfi_info->erase_check_algorithm)\r
        {\r
                u32 erase_check_code[] =\r
                {\r
                        0xe4d03001,     /* ldrb r3, [r0], #1    */\r
                        0xe0022003, /* and r2, r2, r3           */\r
                        0xe2511001, /* subs r1, r1, #1          */\r
                        0x1afffffb,     /* b -4                                 */\r
                        0xeafffffe      /* b 0                                  */\r
                };\r
\r
                /* make sure we have a working area */\r
                if (target_alloc_working_area(target, 20, &cfi_info->erase_check_algorithm) != ERROR_OK)\r
                {\r
                        WARNING("no working area available, falling back to slow memory reads");\r
                }\r
                else\r
                {\r
                        u8 erase_check_code_buf[5 * 4];\r
\r
                        for (i = 0; i < 5; i++)\r
                                target_buffer_set_u32(target, erase_check_code_buf + (i*4), erase_check_code[i]);\r
\r
                        /* write algorithm code to working area */\r
                        target->type->write_memory(target, cfi_info->erase_check_algorithm->address, 4, 5, erase_check_code_buf);\r
                }\r
        }\r
\r
        if (!cfi_info->erase_check_algorithm)\r
        {\r
                u32 *buffer = malloc(4096);\r
\r
                for (i = 0; i < bank->num_sectors; i++)\r
                {\r
                        u32 address = bank->base + bank->sectors[i].offset;\r
                        u32 size = bank->sectors[i].size;\r
                        u32 check = 0xffffffffU;\r
                        int erased = 1;\r
\r
                        while (size > 0)\r
                        {\r
                                u32 thisrun_size = (size > 4096) ? 4096 : size;\r
                                int j;\r
\r
                                target->type->read_memory(target, address, 4, thisrun_size / 4, (u8*)buffer);\r
\r
                                for (j = 0; j < thisrun_size / 4; j++)\r
                                        check &= buffer[j];\r
\r
                                if (check != 0xffffffff)\r
                                {\r
                                        erased = 0;\r
                                        break;\r
                                }\r
\r
                                size -= thisrun_size;\r
                                address += thisrun_size;\r
                        }\r
\r
                        bank->sectors[i].is_erased = erased;\r
                }\r
\r
                free(buffer);\r
        }\r
        else\r
        {\r
                for (i = 0; i < bank->num_sectors; i++)\r
                {\r
                        u32 address = bank->base + bank->sectors[i].offset;\r
                        u32 size = bank->sectors[i].size;\r
\r
                        reg_param_t reg_params[3];\r
                        armv4_5_algorithm_t armv4_5_info;\r
\r
                        armv4_5_info.common_magic = ARMV4_5_COMMON_MAGIC;\r
                        armv4_5_info.core_mode = ARMV4_5_MODE_SVC;\r
                        armv4_5_info.core_state = ARMV4_5_STATE_ARM;\r
\r
                        init_reg_param(&reg_params[0], "r0", 32, PARAM_OUT);\r
                        buf_set_u32(reg_params[0].value, 0, 32, address);\r
\r
                        init_reg_param(&reg_params[1], "r1", 32, PARAM_OUT);\r
                        buf_set_u32(reg_params[1].value, 0, 32, size);\r
\r
                        init_reg_param(&reg_params[2], "r2", 32, PARAM_IN_OUT);\r
                        buf_set_u32(reg_params[2].value, 0, 32, 0xff);\r
\r
                        if ((retval = target->type->run_algorithm(target, 0, NULL, 3, reg_params, cfi_info->erase_check_algorithm->address, cfi_info->erase_check_algorithm->address + 0x10, 10000, &armv4_5_info)) != ERROR_OK)\r
                                return ERROR_FLASH_OPERATION_FAILED;\r
\r
                        if (buf_get_u32(reg_params[2].value, 0, 32) == 0xff)\r
                                bank->sectors[i].is_erased = 1;\r
                        else\r
                                bank->sectors[i].is_erased = 0;\r
\r
                        destroy_reg_param(&reg_params[0]);\r
                        destroy_reg_param(&reg_params[1]);\r
                        destroy_reg_param(&reg_params[2]);\r
                }\r
        }\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_intel_protect_check(struct flash_bank_s *bank)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_intel_pri_ext_t *pri_ext = cfi_info->pri_ext;\r
        target_t *target = bank->target;\r
        u8 command[CFI_MAX_BUS_WIDTH];\r
        int i;\r
\r
        /* check if block lock bits are supported on this device */\r
        if (!(pri_ext->blk_status_reg_mask & 0x1))\r
                return ERROR_FLASH_OPERATION_FAILED;\r
\r
        cfi_command(bank, 0x90, command);\r
        target->type->write_memory(target, flash_address(bank, 0, 0x55), bank->bus_width, 1, command);\r
\r
        for (i = 0; i < bank->num_sectors; i++)\r
        {\r
                u8 block_status = cfi_get_u8(bank, i, 0x2);\r
\r
                if (block_status & 1)\r
                        bank->sectors[i].is_protected = 1;\r
                else\r
                        bank->sectors[i].is_protected = 0;\r
        }\r
\r
        cfi_command(bank, 0xff, command);\r
        target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_spansion_protect_check(struct flash_bank_s *bank)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
        cfi_spansion_pri_ext_t *pri_ext = cfi_info->pri_ext;\r
        target_t *target = bank->target;\r
        u8 command[8];\r
        int i;\r
\r
        cfi_command(bank, 0xaa, command);\r
        target->type->write_memory(target, flash_address(bank, 0, pri_ext->_unlock1), bank->bus_width, 1, command);\r
\r
        cfi_command(bank, 0x55, command);\r
        target->type->write_memory(target, flash_address(bank, 0, pri_ext->_unlock2), bank->bus_width, 1, command);\r
\r
        cfi_command(bank, 0x90, command);\r
        target->type->write_memory(target, flash_address(bank, 0, pri_ext->_unlock1), bank->bus_width, 1, command);\r
\r
        for (i = 0; i < bank->num_sectors; i++)\r
        {\r
                u8 block_status = cfi_get_u8(bank, i, 0x2);\r
\r
                if (block_status & 1)\r
                        bank->sectors[i].is_protected = 1;\r
                else\r
                        bank->sectors[i].is_protected = 0;\r
        }\r
\r
        cfi_command(bank, 0xf0, command);\r
        target->type->write_memory(target, flash_address(bank, 0, 0x0), bank->bus_width, 1, command);\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_protect_check(struct flash_bank_s *bank)\r
{\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
\r
        if (cfi_info->qry[0] != 'Q')\r
                return ERROR_FLASH_BANK_NOT_PROBED;\r
\r
        switch(cfi_info->pri_id)\r
        {\r
                case 1:\r
                case 3:\r
                        return cfi_intel_protect_check(bank);\r
                        break;\r
                case 2:\r
                        return cfi_spansion_protect_check(bank);\r
                        break;\r
                default:\r
                        ERROR("cfi primary command set %i unsupported", cfi_info->pri_id);\r
                        break;\r
        }\r
\r
        return ERROR_OK;\r
}\r
\r
int cfi_info(struct flash_bank_s *bank, char *buf, int buf_size)\r
{\r
        int printed;\r
        cfi_flash_bank_t *cfi_info = bank->driver_priv;\r
\r
        if (cfi_info->qry[0] == (char)-1)\r
        {\r
                printed = snprintf(buf, buf_size, "\ncfi flash bank not probed yet\n");\r
                return ERROR_OK;\r
        }\r
\r
        printed = snprintf(buf, buf_size, "\ncfi information:\n");\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        printed = snprintf(buf, buf_size, "\nmfr: 0x%4.4x, id:0x%4.4x\n",\r
                cfi_info->manufacturer, cfi_info->device_id);\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        printed = snprintf(buf, buf_size, "qry: '%c%c%c', pri_id: 0x%4.4x, pri_addr: 0x%4.4x, alt_id: 0x%4.4x, alt_addr: 0x%4.4x\n", cfi_info->qry[0], cfi_info->qry[1], cfi_info->qry[2], cfi_info->pri_id, cfi_info->pri_addr, cfi_info->alt_id, cfi_info->alt_addr);\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        printed = snprintf(buf, buf_size, "Vcc min: %1.1x.%1.1x, Vcc max: %1.1x.%1.1x, Vpp min: %1.1x.%1.1x, Vpp max: %1.1x.%1.1x\n", (cfi_info->vcc_min & 0xf0) >> 4, cfi_info->vcc_min & 0x0f,\r
        (cfi_info->vcc_max & 0xf0) >> 4, cfi_info->vcc_max & 0x0f,\r
        (cfi_info->vpp_min & 0xf0) >> 4, cfi_info->vpp_min & 0x0f,\r
        (cfi_info->vpp_max & 0xf0) >> 4, cfi_info->vpp_max & 0x0f);\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        printed = snprintf(buf, buf_size, "typ. word write timeout: %u, typ. buf write timeout: %u, typ. block erase timeout: %u, typ. chip erase timeout: %u\n", 1 << cfi_info->word_write_timeout_typ, 1 << cfi_info->buf_write_timeout_typ,\r
                  1 << cfi_info->block_erase_timeout_typ, 1 << cfi_info->chip_erase_timeout_typ);\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        printed = snprintf(buf, buf_size, "max. word write timeout: %u, max. buf write timeout: %u, max. block erase timeout: %u, max. chip erase timeout: %u\n", (1 << cfi_info->word_write_timeout_max) * (1 << cfi_info->word_write_timeout_typ),\r
                  (1 << cfi_info->buf_write_timeout_max) * (1 << cfi_info->buf_write_timeout_typ),\r
                  (1 << cfi_info->block_erase_timeout_max) * (1 << cfi_info->block_erase_timeout_typ),\r
                  (1 << cfi_info->chip_erase_timeout_max) * (1 << cfi_info->chip_erase_timeout_typ));\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        printed = snprintf(buf, buf_size, "size: 0x%x, interface desc: %i, max buffer write size: %x\n", 1 << cfi_info->dev_size, cfi_info->interface_desc, cfi_info->max_buf_write_size);\r
        buf += printed;\r
        buf_size -= printed;\r
\r
        switch(cfi_info->pri_id)\r
        {\r
                case 1:\r
                case 3:\r
                        cfi_intel_info(bank, buf, buf_size);\r
                        break;\r
                case 2:\r
                        cfi_spansion_info(bank, buf, buf_size);\r
                        break;\r
                default:\r
                        ERROR("cfi primary command set %i unsupported", cfi_info->pri_id);\r
                        break;\r
        }\r
\r
        return ERROR_OK;\r
}\r