1 /***************************************************************************
2 * Copyright (C) 2009 by *
3 * Rolf Meeser <rolfm_9dq@yahoo.de> *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
29 #include "binarybuffer.h"
36 /* Some flash constants */
37 #define FLASH_PAGE_SIZE 512 /* bytes */
38 #define FLASH_ERASE_TIME 100000 /* microseconds */
39 #define FLASH_PROGRAM_TIME 1000 /* microseconds */
41 /* Chip ID / Feature Registers */
42 #define CHIPID 0xE0000000 /* Chip ID */
43 #define FEAT0 0xE0000100 /* Chip feature 0 */
44 #define FEAT1 0xE0000104 /* Chip feature 1 */
45 #define FEAT2 0xE0000108 /* Chip feature 2 (contains flash size indicator) */
46 #define FEAT3 0xE000010C /* Chip feature 3 */
48 #define EXPECTED_CHIPID 0x209CE02B /* Chip ID of all LPC2900 devices */
50 /* Flash/EEPROM Control Registers */
51 #define FCTR 0x20200000 /* Flash control */
52 #define FPTR 0x20200008 /* Flash program-time */
53 #define FTCTR 0x2020000C /* Flash test control */
54 #define FBWST 0x20200010 /* Flash bridge wait-state */
55 #define FCRA 0x2020001C /* Flash clock divider */
56 #define FMSSTART 0x20200020 /* Flash Built-In Selft Test start address */
57 #define FMSSTOP 0x20200024 /* Flash Built-In Selft Test stop address */
58 #define FMS16 0x20200028 /* Flash 16-bit signature */
59 #define FMSW0 0x2020002C /* Flash 128-bit signature Word 0 */
60 #define FMSW1 0x20200030 /* Flash 128-bit signature Word 1 */
61 #define FMSW2 0x20200034 /* Flash 128-bit signature Word 2 */
62 #define FMSW3 0x20200038 /* Flash 128-bit signature Word 3 */
64 #define EECMD 0x20200080 /* EEPROM command */
65 #define EEADDR 0x20200084 /* EEPROM address */
66 #define EEWDATA 0x20200088 /* EEPROM write data */
67 #define EERDATA 0x2020008C /* EEPROM read data */
68 #define EEWSTATE 0x20200090 /* EEPROM wait state */
69 #define EECLKDIV 0x20200094 /* EEPROM clock divider */
70 #define EEPWRDWN 0x20200098 /* EEPROM power-down/start */
71 #define EEMSSTART 0x2020009C /* EEPROM BIST start address */
72 #define EEMSSTOP 0x202000A0 /* EEPROM BIST stop address */
73 #define EEMSSIG 0x202000A4 /* EEPROM 24-bit BIST signature */
75 #define INT_CLR_ENABLE 0x20200FD8 /* Flash/EEPROM interrupt clear enable */
76 #define INT_SET_ENABLE 0x20200FDC /* Flash/EEPROM interrupt set enable */
77 #define INT_STATUS 0x20200FE0 /* Flash/EEPROM interrupt status */
78 #define INT_ENABLE 0x20200FE4 /* Flash/EEPROM interrupt enable */
79 #define INT_CLR_STATUS 0x20200FE8 /* Flash/EEPROM interrupt clear status */
80 #define INT_SET_STATUS 0x20200FEC /* Flash/EEPROM interrupt set status */
82 /* Interrupt sources */
83 #define INTSRC_END_OF_PROG (1 << 28)
84 #define INTSRC_END_OF_BIST (1 << 27)
85 #define INTSRC_END_OF_RDWR (1 << 26)
86 #define INTSRC_END_OF_MISR (1 << 2)
87 #define INTSRC_END_OF_BURN (1 << 1)
88 #define INTSRC_END_OF_ERASE (1 << 0)
92 #define FCTR_FS_LOADREQ (1 << 15)
93 #define FCTR_FS_CACHECLR (1 << 14)
94 #define FCTR_FS_CACHEBYP (1 << 13)
95 #define FCTR_FS_PROGREQ (1 << 12)
96 #define FCTR_FS_RLS (1 << 11)
97 #define FCTR_FS_PDL (1 << 10)
98 #define FCTR_FS_PD (1 << 9)
99 #define FCTR_FS_WPB (1 << 7)
100 #define FCTR_FS_ISS (1 << 6)
101 #define FCTR_FS_RLD (1 << 5)
102 #define FCTR_FS_DCR (1 << 4)
103 #define FCTR_FS_WEB (1 << 2)
104 #define FCTR_FS_WRE (1 << 1)
105 #define FCTR_FS_CS (1 << 0)
107 #define FPTR_EN_T (1 << 15)
109 #define FTCTR_FS_BYPASS_R (1 << 29)
110 #define FTCTR_FS_BYPASS_W (1 << 28)
112 #define FMSSTOP_MISR_START (1 << 17)
114 #define EEMSSTOP_STRTBIST (1 << 31)
117 #define ISS_CUSTOMER_START1 (0x830)
118 #define ISS_CUSTOMER_END1 (0xA00)
119 #define ISS_CUSTOMER_SIZE1 (ISS_CUSTOMER_END1 - ISS_CUSTOMER_START1)
120 #define ISS_CUSTOMER_NWORDS1 (ISS_CUSTOMER_SIZE1 / 4)
121 #define ISS_CUSTOMER_START2 (0xA40)
122 #define ISS_CUSTOMER_END2 (0xC00)
123 #define ISS_CUSTOMER_SIZE2 (ISS_CUSTOMER_END2 - ISS_CUSTOMER_START2)
124 #define ISS_CUSTOMER_NWORDS2 (ISS_CUSTOMER_SIZE2 / 4)
125 #define ISS_CUSTOMER_SIZE (ISS_CUSTOMER_SIZE1 + ISS_CUSTOMER_SIZE2)
130 * Private data for \c lpc2900 flash driver.
132 struct lpc2900_flash_bank
135 * Holds the value read from CHIPID register.
136 * The driver will not load if the chipid doesn't match the expected
137 * value of 0x209CE02B of the LPC2900 family. A probe will only be done
138 * if the chipid does not yet contain the expected value.
143 * String holding device name.
144 * This string is set by the probe function to the type number of the
145 * device. It takes the form "LPC29xx".
150 * System clock frequency.
151 * Holds the clock frequency in Hz, as passed by the configuration file
152 * to the <tt>flash bank</tt> command.
154 uint32_t clk_sys_fmc;
157 * Flag to indicate that dangerous operations are possible.
158 * This flag can be set by passing the correct password to the
159 * <tt>lpc2900 password</tt> command. If set, other dangerous commands,
160 * which operate on the index sector, can be executed.
165 * Maximum contiguous block of internal SRAM (bytes).
166 * Autodetected by the driver. Not the total amount of SRAM, only the
167 * the largest \em contiguous block!
169 uint32_t max_ram_block;
174 static uint32_t lpc2900_wait_status(flash_bank_t *bank, uint32_t mask, int timeout);
175 static void lpc2900_setup(struct flash_bank_s *bank);
176 static uint32_t lpc2900_is_ready(struct flash_bank_s *bank);
177 static uint32_t lpc2900_read_security_status(struct flash_bank_s *bank);
178 static uint32_t lpc2900_run_bist128(struct flash_bank_s *bank,
179 uint32_t addr_from, uint32_t addr_to,
180 uint32_t (*signature)[4] );
181 static uint32_t lpc2900_address2sector(struct flash_bank_s *bank, uint32_t offset);
182 static uint32_t lpc2900_calc_tr( uint32_t clock, uint32_t time );
185 /*********************** Helper functions **************************/
189 * Wait for an event in mask to occur in INT_STATUS.
191 * Return when an event occurs, or after a timeout.
193 * @param[in] bank Pointer to the flash bank descriptor
194 * @param[in] mask Mask to be used for INT_STATUS
195 * @param[in] timeout Timeout in ms
197 static uint32_t lpc2900_wait_status( flash_bank_t *bank,
202 target_t *target = bank->target;
209 target_read_u32(target, INT_STATUS, &int_status);
211 while( ((int_status & mask) == 0) && (timeout != 0) );
215 LOG_DEBUG("Timeout!");
216 return ERROR_FLASH_OPERATION_FAILED;
225 * Set up the flash for erase/program operations.
227 * Enable the flash, and set the correct CRA clock of 66 kHz.
229 * @param bank Pointer to the flash bank descriptor
231 static void lpc2900_setup( struct flash_bank_s *bank )
234 struct lpc2900_flash_bank *lpc2900_info = bank->driver_priv;
237 /* Power up the flash block */
238 target_write_u32( bank->target, FCTR, FCTR_FS_WEB | FCTR_FS_CS );
241 fcra = (lpc2900_info->clk_sys_fmc / (3 * 66000)) - 1;
242 target_write_u32( bank->target, FCRA, fcra );
248 * Check if device is ready.
250 * Check if device is ready for flash operation:
251 * Must have been successfully probed.
254 static uint32_t lpc2900_is_ready( struct flash_bank_s *bank )
256 struct lpc2900_flash_bank *lpc2900_info = bank->driver_priv;
258 if( lpc2900_info->chipid != EXPECTED_CHIPID )
260 return ERROR_FLASH_BANK_NOT_PROBED;
263 if( bank->target->state != TARGET_HALTED )
265 LOG_ERROR( "Target not halted" );
266 return ERROR_TARGET_NOT_HALTED;
274 * Read the status of sector security from the index sector.
276 * @param bank Pointer to the flash bank descriptor
278 static uint32_t lpc2900_read_security_status( struct flash_bank_s *bank )
281 if( (status = lpc2900_is_ready( bank )) != ERROR_OK )
286 target_t *target = bank->target;
288 /* Enable ISS access */
289 target_write_u32(target, FCTR, FCTR_FS_CS | FCTR_FS_WEB | FCTR_FS_ISS);
291 /* Read the relevant block of memory from the ISS sector */
292 uint32_t iss_secured_field[ 0x230/16 ][ 4 ];
293 target_read_memory(target, bank->base + 0xC00, 4, 0x230/4,
294 (uint8_t *)iss_secured_field);
296 /* Disable ISS access */
297 target_write_u32(target, FCTR, FCTR_FS_CS | FCTR_FS_WEB);
299 /* Check status of each sector. Note that the sector numbering in the LPC2900
300 * is different from the logical sector numbers used in OpenOCD!
301 * Refer to the user manual for details.
303 * All zeros (16x 0x00) are treated as a secured sector (is_protected = 1)
304 * All ones (16x 0xFF) are treated as a non-secured sector (is_protected = 0)
305 * Anything else is undefined (is_protected = -1). This is treated as
306 * a protected sector!
310 for( sector = 0; sector < bank->num_sectors; sector++ )
312 /* Convert logical sector number to physical sector number */
317 else if( sector <= 7 )
326 bank->sectors[sector].is_protected = -1;
329 (iss_secured_field[index][0] == 0x00000000) &&
330 (iss_secured_field[index][1] == 0x00000000) &&
331 (iss_secured_field[index][2] == 0x00000000) &&
332 (iss_secured_field[index][3] == 0x00000000) )
334 bank->sectors[sector].is_protected = 1;
338 (iss_secured_field[index][0] == 0xFFFFFFFF) &&
339 (iss_secured_field[index][1] == 0xFFFFFFFF) &&
340 (iss_secured_field[index][2] == 0xFFFFFFFF) &&
341 (iss_secured_field[index][3] == 0xFFFFFFFF) )
343 bank->sectors[sector].is_protected = 0;
352 * Use BIST to calculate a 128-bit hash value over a range of flash.
354 * @param bank Pointer to the flash bank descriptor
359 static uint32_t lpc2900_run_bist128(struct flash_bank_s *bank,
362 uint32_t (*signature)[4] )
364 target_t *target = bank->target;
366 /* Clear END_OF_MISR interrupt status */
367 target_write_u32( target, INT_CLR_STATUS, INTSRC_END_OF_MISR );
370 target_write_u32( target, FMSSTART, addr_from >> 4);
371 /* End address, and issue start command */
372 target_write_u32( target, FMSSTOP, (addr_to >> 4) | FMSSTOP_MISR_START );
374 /* Poll for end of operation. Calculate a reasonable timeout. */
375 if( lpc2900_wait_status( bank, INTSRC_END_OF_MISR, 1000 ) != ERROR_OK )
377 return ERROR_FLASH_OPERATION_FAILED;
380 /* Return the signature */
381 target_read_memory( target, FMSW0, 4, 4, (uint8_t *)signature );
388 * Return sector number for given address.
390 * Return the (logical) sector number for a given relative address.
391 * No sanity check is done. It assumed that the address is valid.
393 * @param bank Pointer to the flash bank descriptor
394 * @param offset Offset address relative to bank start
396 static uint32_t lpc2900_address2sector( struct flash_bank_s *bank,
399 uint32_t address = bank->base + offset;
402 /* Run through all sectors of this bank */
404 for( sector = 0; sector < bank->num_sectors; sector++ )
406 /* Return immediately if address is within the current sector */
407 if( address < (bank->sectors[sector].offset + bank->sectors[sector].size) )
413 /* We should never come here. If we do, return an arbitrary sector number. */
421 * Write one page to the index sector.
423 * @param bank Pointer to the flash bank descriptor
424 * @param pagenum Page number (0...7)
425 * @param page Page array (FLASH_PAGE_SIZE bytes)
427 static int lpc2900_write_index_page( struct flash_bank_s *bank,
429 uint8_t (*page)[FLASH_PAGE_SIZE] )
431 /* Only pages 4...7 are user writable */
432 if ((pagenum < 4) || (pagenum > 7))
434 LOG_ERROR("Refuse to burn index sector page %d", pagenum);
435 return ERROR_COMMAND_ARGUMENT_INVALID;
438 /* Get target, and check if it's halted */
439 target_t *target = bank->target;
440 if( target->state != TARGET_HALTED )
442 LOG_ERROR( "Target not halted" );
443 return ERROR_TARGET_NOT_HALTED;
447 struct lpc2900_flash_bank *lpc2900_info = bank->driver_priv;
449 /* Enable flash block and set the correct CRA clock of 66 kHz */
450 lpc2900_setup( bank );
452 /* Un-protect the index sector */
453 target_write_u32( target, bank->base, 0 );
454 target_write_u32( target, FCTR,
455 FCTR_FS_LOADREQ | FCTR_FS_WPB | FCTR_FS_ISS |
456 FCTR_FS_WEB | FCTR_FS_WRE | FCTR_FS_CS );
458 /* Set latch load mode */
459 target_write_u32( target, FCTR,
460 FCTR_FS_ISS | FCTR_FS_WEB | FCTR_FS_WRE | FCTR_FS_CS );
462 /* Write whole page to flash data latches */
463 if( target_write_memory( target,
464 bank->base + pagenum * FLASH_PAGE_SIZE,
465 4, FLASH_PAGE_SIZE / 4, (uint8_t *)page) != ERROR_OK )
467 LOG_ERROR("Index sector write failed @ page %d", pagenum);
468 target_write_u32( target, FCTR, FCTR_FS_CS | FCTR_FS_WEB );
470 return ERROR_FLASH_OPERATION_FAILED;
473 /* Clear END_OF_BURN interrupt status */
474 target_write_u32( target, INT_CLR_STATUS, INTSRC_END_OF_BURN );
476 /* Set the program/erase time to FLASH_PROGRAM_TIME */
477 target_write_u32(target, FPTR,
478 FPTR_EN_T | lpc2900_calc_tr( lpc2900_info->clk_sys_fmc,
479 FLASH_PROGRAM_TIME ));
481 /* Trigger flash write */
482 target_write_u32( target, FCTR,
483 FCTR_FS_PROGREQ | FCTR_FS_ISS |
484 FCTR_FS_WPB | FCTR_FS_WRE | FCTR_FS_CS );
486 /* Wait for the end of the write operation. If it's not over after one
487 * second, something went dreadfully wrong... :-(
489 if (lpc2900_wait_status(bank, INTSRC_END_OF_BURN, 1000) != ERROR_OK)
491 LOG_ERROR("Index sector write failed @ page %d", pagenum);
492 target_write_u32(target, FCTR, FCTR_FS_CS | FCTR_FS_WEB);
494 return ERROR_FLASH_OPERATION_FAILED;
497 target_write_u32( target, FCTR, FCTR_FS_CS | FCTR_FS_WEB );
505 * Calculate FPTR.TR register value for desired program/erase time.
507 * @param clock System clock in Hz
508 * @param time Program/erase time in µs
510 static uint32_t lpc2900_calc_tr( uint32_t clock, uint32_t time )
512 /* ((time[µs]/1e6) * f[Hz]) + 511
513 * FPTR.TR = -------------------------------
519 uint32_t tr_val = (uint32_t)((((time / 1e6) * clock) + 511.0) / 512.0);
525 /*********************** Private flash commands **************************/
529 * Command to determine the signature of the whole flash.
531 * Uses the Built-In-Self-Test (BIST) to generate a 128-bit hash value
532 * of the flash content.
534 COMMAND_HANDLER(lpc2900_handle_signature_command)
537 uint32_t signature[4];
542 LOG_WARNING( "Too few arguments. Call: lpc2900 signature <bank#>" );
543 return ERROR_FLASH_BANK_INVALID;
547 int retval = flash_command_get_bank_by_num(cmd_ctx, args[0], &bank);
548 if (ERROR_OK != retval)
551 if( bank->target->state != TARGET_HALTED )
553 LOG_ERROR( "Target not halted" );
554 return ERROR_TARGET_NOT_HALTED;
557 /* Run BIST over whole flash range */
558 if( (status = lpc2900_run_bist128( bank,
560 bank->base + (bank->size - 1),
567 command_print( cmd_ctx, "signature: 0x%8.8" PRIx32
571 signature[3], signature[2], signature[1], signature[0] );
579 * Store customer info in file.
581 * Read customer info from index sector, and store that block of data into
582 * a disk file. The format is binary.
584 COMMAND_HANDLER(lpc2900_handle_read_custom_command)
588 return ERROR_COMMAND_SYNTAX_ERROR;
592 int retval = flash_command_get_bank_by_num(cmd_ctx, args[0], &bank);
593 if (ERROR_OK != retval)
596 struct lpc2900_flash_bank *lpc2900_info = bank->driver_priv;
597 lpc2900_info->risky = 0;
599 /* Get target, and check if it's halted */
600 target_t *target = bank->target;
601 if( target->state != TARGET_HALTED )
603 LOG_ERROR( "Target not halted" );
604 return ERROR_TARGET_NOT_HALTED;
607 /* Storage for customer info. Read in two parts */
608 uint32_t customer[ ISS_CUSTOMER_NWORDS1 + ISS_CUSTOMER_NWORDS2 ];
610 /* Enable access to index sector */
611 target_write_u32( target, FCTR, FCTR_FS_CS | FCTR_FS_WEB | FCTR_FS_ISS );
614 target_read_memory( target, bank->base+ISS_CUSTOMER_START1, 4,
615 ISS_CUSTOMER_NWORDS1,
616 (uint8_t *)&customer[0] );
617 target_read_memory( target, bank->base+ISS_CUSTOMER_START2, 4,
618 ISS_CUSTOMER_NWORDS2,
619 (uint8_t *)&customer[ISS_CUSTOMER_NWORDS1] );
621 /* Deactivate access to index sector */
622 target_write_u32( target, FCTR, FCTR_FS_CS | FCTR_FS_WEB );
624 /* Try and open the file */
625 struct fileio fileio;
626 const char *filename = args[1];
627 int ret = fileio_open( &fileio, filename, FILEIO_WRITE, FILEIO_BINARY );
628 if( ret != ERROR_OK )
630 LOG_WARNING( "Could not open file %s", filename );
635 ret = fileio_write( &fileio, sizeof(customer),
636 (const uint8_t *)customer, &nwritten );
637 if( ret != ERROR_OK )
639 LOG_ERROR( "Write operation to file %s failed", filename );
640 fileio_close( &fileio );
644 fileio_close( &fileio );
653 * Enter password to enable potentially dangerous options.
655 COMMAND_HANDLER(lpc2900_handle_password_command)
659 return ERROR_COMMAND_SYNTAX_ERROR;
663 int retval = flash_command_get_bank_by_num(cmd_ctx, args[0], &bank);
664 if (ERROR_OK != retval)
667 struct lpc2900_flash_bank *lpc2900_info = bank->driver_priv;
669 #define ISS_PASSWORD "I_know_what_I_am_doing"
671 lpc2900_info->risky = !strcmp( args[1], ISS_PASSWORD );
673 if( !lpc2900_info->risky )
675 command_print(cmd_ctx, "Wrong password (use '%s')", ISS_PASSWORD);
676 return ERROR_COMMAND_ARGUMENT_INVALID;
679 command_print(cmd_ctx,
680 "Potentially dangerous operation allowed in next command!");
688 * Write customer info from file to the index sector.
690 COMMAND_HANDLER(lpc2900_handle_write_custom_command)
694 return ERROR_COMMAND_SYNTAX_ERROR;
698 int retval = flash_command_get_bank_by_num(cmd_ctx, args[0], &bank);
699 if (ERROR_OK != retval)
702 struct lpc2900_flash_bank *lpc2900_info = bank->driver_priv;
704 /* Check if command execution is allowed. */
705 if( !lpc2900_info->risky )
707 command_print( cmd_ctx, "Command execution not allowed!" );
708 return ERROR_COMMAND_ARGUMENT_INVALID;
710 lpc2900_info->risky = 0;
712 /* Get target, and check if it's halted */
713 target_t *target = bank->target;
714 if (target->state != TARGET_HALTED)
716 LOG_ERROR("Target not halted");
717 return ERROR_TARGET_NOT_HALTED;
720 /* The image will always start at offset 0 */
722 image.base_address_set = 1;
723 image.base_address = 0;
724 image.start_address_set = 0;
726 const char *filename = args[1];
727 const char *type = (argc >= 3) ? args[2] : NULL;
728 retval = image_open(&image, filename, type);
729 if (retval != ERROR_OK)
734 /* Do a sanity check: The image must be exactly the size of the customer
735 programmable area. Any other size is rejected. */
736 if( image.num_sections != 1 )
738 LOG_ERROR("Only one section allowed in image file.");
739 return ERROR_COMMAND_SYNTAX_ERROR;
741 if( (image.sections[0].base_address != 0) ||
742 (image.sections[0].size != ISS_CUSTOMER_SIZE) )
744 LOG_ERROR("Incorrect image file size. Expected %d, "
746 ISS_CUSTOMER_SIZE, image.sections[0].size);
747 return ERROR_COMMAND_SYNTAX_ERROR;
750 /* Well boys, I reckon this is it... */
752 /* Customer info is split into two blocks in pages 4 and 5. */
753 uint8_t page[FLASH_PAGE_SIZE];
756 uint32_t offset = ISS_CUSTOMER_START1 % FLASH_PAGE_SIZE;
757 memset( page, 0xff, FLASH_PAGE_SIZE );
759 retval = image_read_section( &image, 0, 0,
760 ISS_CUSTOMER_SIZE1, &page[offset], &size_read);
761 if( retval != ERROR_OK )
763 LOG_ERROR("couldn't read from file '%s'", filename);
767 if( (retval = lpc2900_write_index_page( bank, 4, &page )) != ERROR_OK )
774 offset = ISS_CUSTOMER_START2 % FLASH_PAGE_SIZE;
775 memset( page, 0xff, FLASH_PAGE_SIZE );
776 retval = image_read_section( &image, 0, ISS_CUSTOMER_SIZE1,
777 ISS_CUSTOMER_SIZE2, &page[offset], &size_read);
778 if( retval != ERROR_OK )
780 LOG_ERROR("couldn't read from file '%s'", filename);
784 if( (retval = lpc2900_write_index_page( bank, 5, &page )) != ERROR_OK )
798 * Activate 'sector security' for a range of sectors.
800 COMMAND_HANDLER(lpc2900_handle_secure_sector_command)
804 return ERROR_COMMAND_SYNTAX_ERROR;
807 /* Get the bank descriptor */
809 int retval = flash_command_get_bank_by_num(cmd_ctx, args[0], &bank);
810 if (ERROR_OK != retval)
813 struct lpc2900_flash_bank *lpc2900_info = bank->driver_priv;
815 /* Check if command execution is allowed. */
816 if( !lpc2900_info->risky )
818 command_print( cmd_ctx, "Command execution not allowed! "
819 "(use 'password' command first)");
820 return ERROR_COMMAND_ARGUMENT_INVALID;
822 lpc2900_info->risky = 0;
824 /* Read sector range, and do a sanity check. */
826 COMMAND_PARSE_NUMBER(int, args[1], first);
827 COMMAND_PARSE_NUMBER(int, args[2], last);
828 if( (first >= bank->num_sectors) ||
829 (last >= bank->num_sectors) ||
832 command_print( cmd_ctx, "Illegal sector range" );
833 return ERROR_COMMAND_ARGUMENT_INVALID;
836 uint8_t page[FLASH_PAGE_SIZE];
839 /* Sectors in page 6 */
840 if( (first <= 4) || (last >= 8) )
842 memset( &page, 0xff, FLASH_PAGE_SIZE );
843 for( sector = first; sector <= last; sector++ )
847 memset( &page[0xB0 + 16*sector], 0, 16 );
849 else if( sector >= 8 )
851 memset( &page[0x00 + 16*(sector - 8)], 0, 16 );
855 if( (retval = lpc2900_write_index_page( bank, 6, &page )) != ERROR_OK )
857 LOG_ERROR("failed to update index sector page 6");
862 /* Sectors in page 7 */
863 if( (first <= 7) && (last >= 5) )
865 memset( &page, 0xff, FLASH_PAGE_SIZE );
866 for( sector = first; sector <= last; sector++ )
868 if( (sector >= 5) && (sector <= 7) )
870 memset( &page[0x00 + 16*(sector - 5)], 0, 16 );
874 if( (retval = lpc2900_write_index_page( bank, 7, &page )) != ERROR_OK )
876 LOG_ERROR("failed to update index sector page 7");
881 command_print( cmd_ctx,
882 "Sectors security will become effective after next power cycle");
884 /* Update the sector security status */
885 if ( lpc2900_read_security_status(bank) != ERROR_OK )
887 LOG_ERROR( "Cannot determine sector security status" );
888 return ERROR_FLASH_OPERATION_FAILED;
897 * Activate JTAG protection.
899 COMMAND_HANDLER(lpc2900_handle_secure_jtag_command)
903 return ERROR_COMMAND_SYNTAX_ERROR;
906 /* Get the bank descriptor */
908 int retval = flash_command_get_bank_by_num(cmd_ctx, args[0], &bank);
909 if (ERROR_OK != retval)
912 struct lpc2900_flash_bank *lpc2900_info = bank->driver_priv;
914 /* Check if command execution is allowed. */
915 if( !lpc2900_info->risky )
917 command_print( cmd_ctx, "Command execution not allowed! "
918 "(use 'password' command first)");
919 return ERROR_COMMAND_ARGUMENT_INVALID;
921 lpc2900_info->risky = 0;
924 uint8_t page[FLASH_PAGE_SIZE];
925 memset( &page, 0xff, FLASH_PAGE_SIZE );
928 /* Insert "soft" protection word */
929 page[0x30 + 15] = 0x7F;
930 page[0x30 + 11] = 0x7F;
931 page[0x30 + 7] = 0x7F;
932 page[0x30 + 3] = 0x7F;
934 /* Write to page 5 */
935 if( (retval = lpc2900_write_index_page( bank, 5, &page ))
938 LOG_ERROR("failed to update index sector page 5");
942 LOG_INFO("JTAG security set. Good bye!");
949 /*********************** Flash interface functions **************************/
953 * Register private command handlers.
955 static int lpc2900_register_commands(struct command_context_s *cmd_ctx)
957 command_t *lpc2900_cmd = register_command(cmd_ctx, NULL, "lpc2900",
958 NULL, COMMAND_ANY, NULL);
964 lpc2900_handle_signature_command,
967 "print device signature of flash bank");
973 lpc2900_handle_read_custom_command,
975 "<bank> <filename> | "
976 "read customer information from index sector to file");
982 lpc2900_handle_password_command,
984 "<bank> <password> | "
985 "enter password to enable 'dangerous' options");
991 lpc2900_handle_write_custom_command,
993 "<bank> <filename> [<type>] | "
994 "write customer info from file to index sector");
1000 lpc2900_handle_secure_sector_command,
1002 "<bank> <first> <last> | "
1003 "activate sector security for a range of sectors");
1009 lpc2900_handle_secure_jtag_command,
1012 "activate JTAG security");
1018 /// Evaluate flash bank command.
1019 FLASH_BANK_COMMAND_HANDLER(lpc2900_flash_bank_command)
1021 struct lpc2900_flash_bank *lpc2900_info;
1025 LOG_WARNING("incomplete flash_bank LPC2900 configuration");
1026 return ERROR_FLASH_BANK_INVALID;
1029 lpc2900_info = malloc(sizeof(struct lpc2900_flash_bank));
1030 bank->driver_priv = lpc2900_info;
1033 * Reject it if we can't meet the requirements for program time
1034 * (if clock too slow), or for erase time (clock too fast).
1036 uint32_t clk_sys_fmc;
1037 COMMAND_PARSE_NUMBER(u32, args[6], clk_sys_fmc);
1038 lpc2900_info->clk_sys_fmc = clk_sys_fmc * 1000;
1040 uint32_t clock_limit;
1041 /* Check program time limit */
1042 clock_limit = 512000000l / FLASH_PROGRAM_TIME;
1043 if (lpc2900_info->clk_sys_fmc < clock_limit)
1045 LOG_WARNING("flash clock must be at least %" PRIu32 " kHz",
1046 (clock_limit / 1000));
1047 return ERROR_FLASH_BANK_INVALID;
1050 /* Check erase time limit */
1051 clock_limit = (uint32_t)((32767.0 * 512.0 * 1e6) / FLASH_ERASE_TIME);
1052 if (lpc2900_info->clk_sys_fmc > clock_limit)
1054 LOG_WARNING("flash clock must be a maximum of %" PRIu32" kHz",
1055 (clock_limit / 1000));
1056 return ERROR_FLASH_BANK_INVALID;
1059 /* Chip ID will be obtained by probing the device later */
1060 lpc2900_info->chipid = 0;
1069 * @param bank Pointer to the flash bank descriptor
1070 * @param first First sector to be erased
1071 * @param last Last sector (including) to be erased
1073 static int lpc2900_erase(struct flash_bank_s *bank, int first, int last)
1077 int last_unsecured_sector;
1078 target_t *target = bank->target;
1079 struct lpc2900_flash_bank *lpc2900_info = bank->driver_priv;
1082 status = lpc2900_is_ready(bank);
1083 if (status != ERROR_OK)
1088 /* Sanity check on sector range */
1089 if ((first < 0) || (last < first) || (last >= bank->num_sectors))
1091 LOG_INFO("Bad sector range");
1092 return ERROR_FLASH_SECTOR_INVALID;
1095 /* Update the info about secured sectors */
1096 lpc2900_read_security_status( bank );
1098 /* The selected sector range might include secured sectors. An attempt
1099 * to erase such a sector will cause the erase to fail also for unsecured
1100 * sectors. It is necessary to determine the last unsecured sector now,
1101 * because we have to treat the last relevant sector in the list in
1104 last_unsecured_sector = -1;
1105 for (sector = first; sector <= last; sector++)
1107 if ( !bank->sectors[sector].is_protected )
1109 last_unsecured_sector = sector;
1113 /* Exit now, in case of the rare constellation where all sectors in range
1114 * are secured. This is regarded a success, since erasing/programming of
1115 * secured sectors shall be handled transparently.
1117 if ( last_unsecured_sector == -1 )
1122 /* Enable flash block and set the correct CRA clock of 66 kHz */
1123 lpc2900_setup(bank);
1125 /* Clear END_OF_ERASE interrupt status */
1126 target_write_u32(target, INT_CLR_STATUS, INTSRC_END_OF_ERASE);
1128 /* Set the program/erase timer to FLASH_ERASE_TIME */
1129 target_write_u32(target, FPTR,
1130 FPTR_EN_T | lpc2900_calc_tr( lpc2900_info->clk_sys_fmc,
1131 FLASH_ERASE_TIME ));
1133 /* Sectors are marked for erasure, then erased all together */
1134 for (sector = first; sector <= last_unsecured_sector; sector++)
1136 /* Only mark sectors that aren't secured. Any attempt to erase a group
1137 * of sectors will fail if any single one of them is secured!
1139 if ( !bank->sectors[sector].is_protected )
1141 /* Unprotect the sector */
1142 target_write_u32(target, bank->sectors[sector].offset, 0);
1143 target_write_u32(target, FCTR,
1144 FCTR_FS_LOADREQ | FCTR_FS_WPB |
1145 FCTR_FS_WEB | FCTR_FS_WRE | FCTR_FS_CS);
1147 /* Mark the sector for erasure. The last sector in the list
1148 triggers the erasure. */
1149 target_write_u32(target, bank->sectors[sector].offset, 0);
1150 if ( sector == last_unsecured_sector )
1152 target_write_u32(target, FCTR,
1153 FCTR_FS_PROGREQ | FCTR_FS_WPB | FCTR_FS_CS);
1157 target_write_u32(target, FCTR,
1158 FCTR_FS_LOADREQ | FCTR_FS_WPB |
1159 FCTR_FS_WEB | FCTR_FS_CS);
1164 /* Wait for the end of the erase operation. If it's not over after two seconds,
1165 * something went dreadfully wrong... :-(
1167 if( lpc2900_wait_status(bank, INTSRC_END_OF_ERASE, 2000) != ERROR_OK )
1169 return ERROR_FLASH_OPERATION_FAILED;
1172 /* Normal flash operating mode */
1173 target_write_u32(target, FCTR, FCTR_FS_CS | FCTR_FS_WEB);
1180 static int lpc2900_protect(struct flash_bank_s *bank, int set, int first, int last)
1182 /* This command is not supported.
1183 * "Protection" in LPC2900 terms is handled transparently. Sectors will
1184 * automatically be unprotected as needed.
1185 * Instead we use the concept of sector security. A secured sector is shown
1186 * as "protected" in OpenOCD. Sector security is a permanent feature, and
1187 * cannot be disabled once activated.
1195 * Write data to flash.
1197 * @param bank Pointer to the flash bank descriptor
1198 * @param buffer Buffer with data
1199 * @param offset Start address (relative to bank start)
1200 * @param count Number of bytes to be programmed
1202 static int lpc2900_write(struct flash_bank_s *bank, uint8_t *buffer,
1203 uint32_t offset, uint32_t count)
1205 uint8_t page[FLASH_PAGE_SIZE];
1208 target_t *target = bank->target;
1209 struct lpc2900_flash_bank *lpc2900_info = bank->driver_priv;
1213 static const uint32_t write_target_code[] = {
1214 /* Set auto latch mode: FCTR=CS|WRE|WEB */
1215 0xe3a0a007, /* loop mov r10, #0x007 */
1216 0xe583a000, /* str r10,[r3,#0] */
1218 /* Load complete page into latches */
1219 0xe3a06020, /* mov r6,#(512/16) */
1220 0xe8b00f00, /* next ldmia r0!,{r8-r11} */
1221 0xe8a10f00, /* stmia r1!,{r8-r11} */
1222 0xe2566001, /* subs r6,#1 */
1223 0x1afffffb, /* bne next */
1225 /* Clear END_OF_BURN interrupt status */
1226 0xe3a0a002, /* mov r10,#(1 << 1) */
1227 0xe583afe8, /* str r10,[r3,#0xfe8] */
1229 /* Set the erase time to FLASH_PROGRAM_TIME */
1230 0xe5834008, /* str r4,[r3,#8] */
1232 /* Trigger flash write
1233 FCTR = CS | WRE | WPB | PROGREQ */
1234 0xe3a0a083, /* mov r10,#0x83 */
1235 0xe38aaa01, /* orr r10,#0x1000 */
1236 0xe583a000, /* str r10,[r3,#0] */
1238 /* Wait for end of burn */
1239 0xe593afe0, /* wait ldr r10,[r3,#0xfe0] */
1240 0xe21aa002, /* ands r10,#(1 << 1) */
1241 0x0afffffc, /* beq wait */
1244 0xe2522001, /* subs r2,#1 */
1245 0x1affffed, /* bne loop */
1247 0xeafffffe /* done b done */
1251 status = lpc2900_is_ready(bank);
1252 if (status != ERROR_OK)
1257 /* Enable flash block and set the correct CRA clock of 66 kHz */
1258 lpc2900_setup(bank);
1260 /* Update the info about secured sectors */
1261 lpc2900_read_security_status( bank );
1263 /* Unprotect all involved sectors */
1264 for (sector = 0; sector < bank->num_sectors; sector++)
1266 /* Start address in or before this sector? */
1267 /* End address in or behind this sector? */
1268 if ( ((bank->base + offset) <
1269 (bank->sectors[sector].offset + bank->sectors[sector].size)) &&
1270 ((bank->base + (offset + count - 1)) >= bank->sectors[sector].offset) )
1272 /* This sector is involved and needs to be unprotected.
1273 * Don't do it for secured sectors.
1275 if ( !bank->sectors[sector].is_protected )
1277 target_write_u32(target, bank->sectors[sector].offset, 0);
1278 target_write_u32(target, FCTR,
1279 FCTR_FS_LOADREQ | FCTR_FS_WPB |
1280 FCTR_FS_WEB | FCTR_FS_WRE | FCTR_FS_CS);
1285 /* Set the program/erase time to FLASH_PROGRAM_TIME */
1286 uint32_t prog_time = FPTR_EN_T | lpc2900_calc_tr( lpc2900_info->clk_sys_fmc,
1287 FLASH_PROGRAM_TIME );
1289 /* If there is a working area of reasonable size, use it to program via
1290 a target algorithm. If not, fall back to host programming. */
1292 /* We need some room for target code. */
1293 uint32_t target_code_size = sizeof(write_target_code);
1295 /* Try working area allocation. Start with a large buffer, and try with
1296 reduced size if that fails. */
1297 struct working_area *warea;
1298 uint32_t buffer_size = lpc2900_info->max_ram_block - 1 * KiB;
1299 while( (retval = target_alloc_working_area(target,
1300 buffer_size + target_code_size,
1301 &warea)) != ERROR_OK )
1303 /* Try a smaller buffer now, and stop if it's too small. */
1304 buffer_size -= 1 * KiB;
1305 if (buffer_size < 2 * KiB)
1307 LOG_INFO( "no (large enough) working area"
1308 ", falling back to host mode" );
1316 struct reg_param reg_params[5];
1317 struct armv4_5_algorithm armv4_5_info;
1319 /* We can use target mode. Download the algorithm. */
1320 retval = target_write_buffer( target,
1321 (warea->address)+buffer_size,
1323 (uint8_t *)write_target_code);
1324 if (retval != ERROR_OK)
1326 LOG_ERROR("Unable to write block write code to target");
1327 target_free_all_working_areas(target);
1328 return ERROR_FLASH_OPERATION_FAILED;
1331 init_reg_param(®_params[0], "r0", 32, PARAM_OUT);
1332 init_reg_param(®_params[1], "r1", 32, PARAM_OUT);
1333 init_reg_param(®_params[2], "r2", 32, PARAM_OUT);
1334 init_reg_param(®_params[3], "r3", 32, PARAM_OUT);
1335 init_reg_param(®_params[4], "r4", 32, PARAM_OUT);
1337 /* Write to flash in large blocks */
1338 while ( count != 0 )
1340 uint32_t this_npages;
1341 uint8_t *this_buffer;
1342 int start_sector = lpc2900_address2sector( bank, offset );
1344 /* First page / last page / rest */
1345 if( offset % FLASH_PAGE_SIZE )
1347 /* Block doesn't start on page boundary.
1348 Burn first partial page separately. */
1349 memset( &page, 0xff, sizeof(page) );
1350 memcpy( &page[offset % FLASH_PAGE_SIZE],
1352 FLASH_PAGE_SIZE - (offset % FLASH_PAGE_SIZE) );
1354 this_buffer = &page[0];
1355 count = count + (offset % FLASH_PAGE_SIZE);
1356 offset = offset - (offset % FLASH_PAGE_SIZE);
1358 else if( count < FLASH_PAGE_SIZE )
1360 /* Download last incomplete page separately. */
1361 memset( &page, 0xff, sizeof(page) );
1362 memcpy( &page, buffer, count );
1364 this_buffer = &page[0];
1365 count = FLASH_PAGE_SIZE;
1369 /* Download as many full pages as possible */
1370 this_npages = (count < buffer_size) ?
1371 count / FLASH_PAGE_SIZE :
1372 buffer_size / FLASH_PAGE_SIZE;
1373 this_buffer = buffer;
1375 /* Make sure we stop at the next secured sector */
1376 int sector = start_sector + 1;
1377 while( sector < bank->num_sectors )
1380 if( bank->sectors[sector].is_protected )
1382 /* Is that next sector within the current block? */
1383 if( (bank->sectors[sector].offset - bank->base) <
1384 (offset + (this_npages * FLASH_PAGE_SIZE)) )
1386 /* Yes! Split the block */
1388 (bank->sectors[sector].offset - bank->base - offset)
1398 /* Skip the current sector if it is secured */
1399 if (bank->sectors[start_sector].is_protected)
1401 LOG_DEBUG("Skip secured sector %d",
1404 /* Stop if this is the last sector */
1405 if (start_sector == bank->num_sectors - 1)
1411 uint32_t nskip = bank->sectors[start_sector].size -
1412 (offset % bank->sectors[start_sector].size);
1415 count = (count >= nskip) ? (count - nskip) : 0;
1419 /* Execute buffer download */
1420 if ((retval = target_write_buffer(target,
1422 this_npages * FLASH_PAGE_SIZE,
1423 this_buffer)) != ERROR_OK)
1425 LOG_ERROR("Unable to write data to target");
1426 target_free_all_working_areas(target);
1427 return ERROR_FLASH_OPERATION_FAILED;
1430 /* Prepare registers */
1431 buf_set_u32(reg_params[0].value, 0, 32, warea->address);
1432 buf_set_u32(reg_params[1].value, 0, 32, offset);
1433 buf_set_u32(reg_params[2].value, 0, 32, this_npages);
1434 buf_set_u32(reg_params[3].value, 0, 32, FCTR);
1435 buf_set_u32(reg_params[4].value, 0, 32, FPTR_EN_T | prog_time);
1437 /* Execute algorithm, assume breakpoint for last instruction */
1438 armv4_5_info.common_magic = ARMV4_5_COMMON_MAGIC;
1439 armv4_5_info.core_mode = ARMV4_5_MODE_SVC;
1440 armv4_5_info.core_state = ARMV4_5_STATE_ARM;
1442 retval = target_run_algorithm(target, 0, NULL, 5, reg_params,
1443 (warea->address) + buffer_size,
1444 (warea->address) + buffer_size + target_code_size - 4,
1445 10000, /* 10s should be enough for max. 16 KiB of data */
1448 if (retval != ERROR_OK)
1450 LOG_ERROR("Execution of flash algorithm failed.");
1451 target_free_all_working_areas(target);
1452 retval = ERROR_FLASH_OPERATION_FAILED;
1456 count -= this_npages * FLASH_PAGE_SIZE;
1457 buffer += this_npages * FLASH_PAGE_SIZE;
1458 offset += this_npages * FLASH_PAGE_SIZE;
1461 /* Free all resources */
1462 destroy_reg_param(®_params[0]);
1463 destroy_reg_param(®_params[1]);
1464 destroy_reg_param(®_params[2]);
1465 destroy_reg_param(®_params[3]);
1466 destroy_reg_param(®_params[4]);
1467 target_free_all_working_areas(target);
1471 /* Write to flash memory page-wise */
1472 while ( count != 0 )
1474 /* How many bytes do we copy this time? */
1475 num_bytes = (count >= FLASH_PAGE_SIZE) ?
1476 FLASH_PAGE_SIZE - (offset % FLASH_PAGE_SIZE) :
1479 /* Don't do anything with it if the page is in a secured sector. */
1480 if ( !bank->sectors[lpc2900_address2sector(bank, offset)].is_protected )
1482 /* Set latch load mode */
1483 target_write_u32(target, FCTR,
1484 FCTR_FS_CS | FCTR_FS_WRE | FCTR_FS_WEB);
1486 /* Always clear the buffer (a little overhead, but who cares) */
1487 memset(page, 0xFF, FLASH_PAGE_SIZE);
1489 /* Copy them to the buffer */
1490 memcpy( &page[offset % FLASH_PAGE_SIZE],
1491 &buffer[offset % FLASH_PAGE_SIZE],
1494 /* Write whole page to flash data latches */
1495 if (target_write_memory(
1497 bank->base + (offset - (offset % FLASH_PAGE_SIZE)),
1498 4, FLASH_PAGE_SIZE / 4, page) != ERROR_OK)
1500 LOG_ERROR("Write failed @ 0x%8.8" PRIx32, offset);
1501 target_write_u32(target, FCTR, FCTR_FS_CS | FCTR_FS_WEB);
1503 return ERROR_FLASH_OPERATION_FAILED;
1506 /* Clear END_OF_BURN interrupt status */
1507 target_write_u32(target, INT_CLR_STATUS, INTSRC_END_OF_BURN);
1509 /* Set the programming time */
1510 target_write_u32(target, FPTR, FPTR_EN_T | prog_time);
1512 /* Trigger flash write */
1513 target_write_u32(target, FCTR,
1514 FCTR_FS_CS | FCTR_FS_WRE | FCTR_FS_WPB | FCTR_FS_PROGREQ);
1516 /* Wait for the end of the write operation. If it's not over
1517 * after one second, something went dreadfully wrong... :-(
1519 if (lpc2900_wait_status(bank, INTSRC_END_OF_BURN, 1000) != ERROR_OK)
1521 LOG_ERROR("Write failed @ 0x%8.8" PRIx32, offset);
1522 target_write_u32(target, FCTR, FCTR_FS_CS | FCTR_FS_WEB);
1524 return ERROR_FLASH_OPERATION_FAILED;
1528 /* Update pointers and counters */
1529 offset += num_bytes;
1530 buffer += num_bytes;
1537 /* Normal flash operating mode */
1538 target_write_u32(target, FCTR, FCTR_FS_CS | FCTR_FS_WEB);
1545 * Try and identify the device.
1547 * Determine type number and its memory layout.
1549 * @param bank Pointer to the flash bank descriptor
1551 static int lpc2900_probe(struct flash_bank_s *bank)
1553 struct lpc2900_flash_bank *lpc2900_info = bank->driver_priv;
1554 target_t *target = bank->target;
1559 if (target->state != TARGET_HALTED)
1561 LOG_ERROR("Target not halted");
1562 return ERROR_TARGET_NOT_HALTED;
1565 /* We want to do this only once. Check if we already have a valid CHIPID,
1566 * because then we will have already successfully probed the device.
1568 if (lpc2900_info->chipid == EXPECTED_CHIPID)
1573 /* Probing starts with reading the CHIPID register. We will continue only
1574 * if this identifies as an LPC2900 device.
1576 target_read_u32(target, CHIPID, &lpc2900_info->chipid);
1578 if (lpc2900_info->chipid != EXPECTED_CHIPID)
1580 LOG_WARNING("Device is not an LPC29xx");
1581 return ERROR_FLASH_OPERATION_FAILED;
1584 /* It's an LPC29xx device. Now read the feature register FEAT0...FEAT3. */
1585 uint32_t feat0, feat1, feat2, feat3;
1586 target_read_u32(target, FEAT0, &feat0);
1587 target_read_u32(target, FEAT1, &feat1);
1588 target_read_u32(target, FEAT2, &feat2);
1589 target_read_u32(target, FEAT3, &feat3);
1592 bank->base = 0x20000000;
1594 /* Determine flash layout from FEAT2 register */
1595 uint32_t num_64k_sectors = (feat2 >> 16) & 0xFF;
1596 uint32_t num_8k_sectors = (feat2 >> 0) & 0xFF;
1597 bank->num_sectors = num_64k_sectors + num_8k_sectors;
1598 bank->size = KiB * (64 * num_64k_sectors + 8 * num_8k_sectors);
1600 /* Determine maximum contiguous RAM block */
1601 lpc2900_info->max_ram_block = 16 * KiB;
1602 if( (feat1 & 0x30) == 0x30 )
1604 lpc2900_info->max_ram_block = 32 * KiB;
1605 if( (feat1 & 0x0C) == 0x0C )
1607 lpc2900_info->max_ram_block = 48 * KiB;
1611 /* Determine package code and ITCM size */
1612 uint32_t package_code = feat0 & 0x0F;
1613 uint32_t itcm_code = (feat1 >> 16) & 0x1F;
1615 /* Determine the exact type number. */
1617 if ( (package_code == 4) && (itcm_code == 5) )
1619 /* Old LPC2917 or LPC2919 (non-/01 devices) */
1620 lpc2900_info->target_name = (bank->size == 768*KiB) ? "LPC2919" : "LPC2917";
1624 if ( package_code == 2 )
1626 /* 100-pin package */
1627 if ( bank->size == 128*KiB )
1629 lpc2900_info->target_name = "LPC2921";
1631 else if ( bank->size == 256*KiB )
1633 lpc2900_info->target_name = "LPC2923";
1635 else if ( bank->size == 512*KiB )
1637 lpc2900_info->target_name = "LPC2925";
1644 else if ( package_code == 4 )
1646 /* 144-pin package */
1647 if ( (bank->size == 512*KiB) && (feat3 == 0xFFFFFCF0) )
1649 lpc2900_info->target_name = "LPC2917/01";
1651 else if ( (bank->size == 512*KiB) && (feat3 == 0xFFFFFFF1) )
1653 lpc2900_info->target_name = "LPC2927";
1655 else if ( (bank->size == 768*KiB) && (feat3 == 0xFFFFFCF8) )
1657 lpc2900_info->target_name = "LPC2919/01";
1659 else if ( (bank->size == 768*KiB) && (feat3 == 0xFFFFFFF9) )
1661 lpc2900_info->target_name = "LPC2929";
1668 else if ( package_code == 5 )
1670 /* 208-pin package */
1671 lpc2900_info->target_name = (bank->size == 0) ? "LPC2930" : "LPC2939";
1681 LOG_WARNING("Unknown LPC29xx derivative");
1682 return ERROR_FLASH_OPERATION_FAILED;
1685 /* Show detected device */
1686 LOG_INFO("Flash bank %d"
1687 ": Device %s, %" PRIu32
1688 " KiB in %d sectors",
1690 lpc2900_info->target_name, bank->size / KiB,
1693 /* Flashless devices cannot be handled */
1694 if ( bank->num_sectors == 0 )
1696 LOG_WARNING("Flashless device cannot be handled");
1697 return ERROR_FLASH_OPERATION_FAILED;
1701 * These are logical sector numbers. When doing real flash operations,
1702 * the logical flash number are translated into the physical flash numbers
1705 bank->sectors = malloc(sizeof(struct flash_sector) * bank->num_sectors);
1708 for (i = 0; i < bank->num_sectors; i++)
1710 bank->sectors[i].offset = offset;
1711 bank->sectors[i].is_erased = -1;
1712 bank->sectors[i].is_protected = -1;
1716 bank->sectors[i].size = 8 * KiB;
1720 bank->sectors[i].size = 64 * KiB;
1724 /* We shouldn't come here. But there might be a new part out there
1725 * that has more than 19 sectors. Politely ask for a fix then.
1727 bank->sectors[i].size = 0;
1728 LOG_ERROR("Never heard about sector %d", i);
1731 offset += bank->sectors[i].size;
1734 /* Read sector security status */
1735 if ( lpc2900_read_security_status(bank) != ERROR_OK )
1737 LOG_ERROR("Cannot determine sector security status");
1738 return ERROR_FLASH_OPERATION_FAILED;
1746 * Run a blank check for each sector.
1748 * For speed reasons, the device isn't read word by word.
1749 * A hash value is calculated by the hardware ("BIST") for each sector.
1750 * This value is then compared against the known hash of an empty sector.
1752 * @param bank Pointer to the flash bank descriptor
1754 static int lpc2900_erase_check(struct flash_bank_s *bank)
1756 uint32_t status = lpc2900_is_ready(bank);
1757 if (status != ERROR_OK)
1759 LOG_INFO("Processor not halted/not probed");
1763 /* Use the BIST (Built-In Selft Test) to generate a signature of each flash
1764 * sector. Compare against the expected signature of an empty sector.
1767 for ( sector = 0; sector < bank->num_sectors; sector++ )
1769 uint32_t signature[4];
1770 if ( (status = lpc2900_run_bist128( bank,
1771 bank->sectors[sector].offset,
1772 bank->sectors[sector].offset +
1773 (bank->sectors[sector].size - 1),
1774 &signature)) != ERROR_OK )
1779 /* The expected signatures for an empty sector are different
1780 * for 8 KiB and 64 KiB sectors.
1782 if ( bank->sectors[sector].size == 8*KiB )
1784 bank->sectors[sector].is_erased =
1785 (signature[3] == 0x01ABAAAA) &&
1786 (signature[2] == 0xAAAAAAAA) &&
1787 (signature[1] == 0xAAAAAAAA) &&
1788 (signature[0] == 0xAAA00AAA);
1790 if ( bank->sectors[sector].size == 64*KiB )
1792 bank->sectors[sector].is_erased =
1793 (signature[3] == 0x11801222) &&
1794 (signature[2] == 0xB88844FF) &&
1795 (signature[1] == 0x11A22008) &&
1796 (signature[0] == 0x2B1BFE44);
1805 * Get protection (sector security) status.
1807 * Determine the status of "sector security" for each sector.
1808 * A secured sector is one that can never be erased/programmed again.
1810 * @param bank Pointer to the flash bank descriptor
1812 static int lpc2900_protect_check(struct flash_bank_s *bank)
1814 return lpc2900_read_security_status(bank);
1819 * Print info about the driver (not the device).
1821 * @param bank Pointer to the flash bank descriptor
1822 * @param buf Buffer to take the string
1823 * @param buf_size Maximum number of characters that the buffer can take
1825 static int lpc2900_info(struct flash_bank_s *bank, char *buf, int buf_size)
1827 snprintf(buf, buf_size, "lpc2900 flash driver");
1833 struct flash_driver lpc2900_flash =
1836 .register_commands = lpc2900_register_commands,
1837 .flash_bank_command = lpc2900_flash_bank_command,
1838 .erase = lpc2900_erase,
1839 .protect = lpc2900_protect,
1840 .write = lpc2900_write,
1841 .probe = lpc2900_probe,
1842 .auto_probe = lpc2900_probe,
1843 .erase_check = lpc2900_erase_check,
1844 .protect_check = lpc2900_protect_check,
1845 .info = lpc2900_info
projects / fw / openocd / blob