1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
24 #include "replacements.h"
32 #include "algorithm.h"
33 #include "binarybuffer.h"
39 static u32 bank1start = 0x00080000;
41 int str9x_register_commands(struct command_context_s *cmd_ctx);
42 int str9x_flash_bank_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc, struct flash_bank_s *bank);
43 int str9x_erase(struct flash_bank_s *bank, int first, int last);
44 int str9x_protect(struct flash_bank_s *bank, int set, int first, int last);
45 int str9x_write(struct flash_bank_s *bank, u8 *buffer, u32 offset, u32 count);
46 int str9x_probe(struct flash_bank_s *bank);
47 int str9x_handle_part_id_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
48 int str9x_protect_check(struct flash_bank_s *bank);
49 int str9x_info(struct flash_bank_s *bank, char *buf, int buf_size);
51 int str9x_handle_flash_config_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
53 flash_driver_t str9x_flash =
56 .register_commands = str9x_register_commands,
57 .flash_bank_command = str9x_flash_bank_command,
59 .protect = str9x_protect,
62 .auto_probe = str9x_probe,
63 .erase_check = default_flash_blank_check,
64 .protect_check = str9x_protect_check,
68 int str9x_register_commands(struct command_context_s *cmd_ctx)
70 command_t *str9x_cmd = register_command(cmd_ctx, NULL, "str9x", NULL, COMMAND_ANY, NULL);
72 register_command(cmd_ctx, str9x_cmd, "flash_config", str9x_handle_flash_config_command, COMMAND_EXEC,
73 "configure str9 flash controller");
78 int str9x_build_block_list(struct flash_bank_s *bank)
80 str9x_flash_bank_t *str9x_info = bank->driver_priv;
84 int b0_sectors = 0, b1_sectors = 0;
87 /* set if we have large flash str9 */
88 str9x_info->variant = 0;
89 str9x_info->bank1 = 0;
100 bank1start = 0x00100000;
101 str9x_info->variant = 1;
105 bank1start = 0x00200000;
106 str9x_info->variant = 1;
110 str9x_info->variant = 1;
111 str9x_info->bank1 = 1;
113 bank1start = bank->base;
116 str9x_info->bank1 = 1;
118 bank1start = bank->base;
121 LOG_ERROR("BUG: unknown bank->size encountered");
125 num_sectors = b0_sectors + b1_sectors;
127 bank->num_sectors = num_sectors;
128 bank->sectors = malloc(sizeof(flash_sector_t) * num_sectors);
129 str9x_info->sector_bits = malloc(sizeof(u32) * num_sectors);
133 for (i = 0; i < b0_sectors; i++)
135 bank->sectors[num_sectors].offset = offset;
136 bank->sectors[num_sectors].size = 0x10000;
137 offset += bank->sectors[i].size;
138 bank->sectors[num_sectors].is_erased = -1;
139 bank->sectors[num_sectors].is_protected = 1;
140 str9x_info->sector_bits[num_sectors++] = (1<<i);
143 for (i = 0; i < b1_sectors; i++)
145 bank->sectors[num_sectors].offset = offset;
146 bank->sectors[num_sectors].size = str9x_info->variant == 0 ? 0x2000 : 0x4000;
147 offset += bank->sectors[i].size;
148 bank->sectors[num_sectors].is_erased = -1;
149 bank->sectors[num_sectors].is_protected = 1;
150 if (str9x_info->variant)
151 str9x_info->sector_bits[num_sectors++] = (1<<i);
153 str9x_info->sector_bits[num_sectors++] = (1<<(i+8));
159 /* flash bank str9x <base> <size> 0 0 <target#>
161 int str9x_flash_bank_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc, struct flash_bank_s *bank)
163 str9x_flash_bank_t *str9x_info;
167 LOG_WARNING("incomplete flash_bank str9x configuration");
168 return ERROR_FLASH_BANK_INVALID;
171 str9x_info = malloc(sizeof(str9x_flash_bank_t));
172 bank->driver_priv = str9x_info;
174 str9x_build_block_list(bank);
176 str9x_info->write_algorithm = NULL;
181 int str9x_protect_check(struct flash_bank_s *bank)
183 str9x_flash_bank_t *str9x_info = bank->driver_priv;
184 target_t *target = bank->target;
190 if (bank->target->state != TARGET_HALTED)
192 return ERROR_TARGET_NOT_HALTED;
195 /* read level one protection */
197 if (str9x_info->variant)
199 if (str9x_info->bank1)
201 adr = bank1start + 0x18;
202 target_write_u16(target, adr, 0x90);
203 target_read_u16(target, adr, (u16*)&status);
207 adr = bank1start + 0x14;
208 target_write_u16(target, adr, 0x90);
209 target_read_u32(target, adr, &status);
214 adr = bank1start + 0x10;
215 target_write_u16(target, adr, 0x90);
216 target_read_u16(target, adr, (u16*)&status);
219 /* read array command */
220 target_write_u16(target, adr, 0xFF);
222 for (i = 0; i < bank->num_sectors; i++)
224 if (status & str9x_info->sector_bits[i])
225 bank->sectors[i].is_protected = 1;
227 bank->sectors[i].is_protected = 0;
233 int str9x_erase(struct flash_bank_s *bank, int first, int last)
235 target_t *target = bank->target;
240 if (bank->target->state != TARGET_HALTED)
242 return ERROR_TARGET_NOT_HALTED;
245 for (i = first; i <= last; i++)
247 adr = bank->base + bank->sectors[i].offset;
250 target_write_u16(target, adr, 0x20);
251 target_write_u16(target, adr, 0xD0);
254 target_write_u16(target, adr, 0x70);
257 target_read_u8(target, adr, &status);
263 /* clear status, also clear read array */
264 target_write_u16(target, adr, 0x50);
266 /* read array command */
267 target_write_u16(target, adr, 0xFF);
271 LOG_ERROR("error erasing flash bank, status: 0x%x", status);
272 return ERROR_FLASH_OPERATION_FAILED;
276 for (i = first; i <= last; i++)
277 bank->sectors[i].is_erased = 1;
282 int str9x_protect(struct flash_bank_s *bank, int set, int first, int last)
284 target_t *target = bank->target;
289 if (bank->target->state != TARGET_HALTED)
291 return ERROR_TARGET_NOT_HALTED;
294 for (i = first; i <= last; i++)
296 /* Level One Protection */
298 adr = bank->base + bank->sectors[i].offset;
300 target_write_u16(target, adr, 0x60);
302 target_write_u16(target, adr, 0x01);
304 target_write_u16(target, adr, 0xD0);
307 target_read_u8(target, adr, &status);
309 /* clear status, also clear read array */
310 target_write_u16(target, adr, 0x50);
312 /* read array command */
313 target_write_u16(target, adr, 0xFF);
319 int str9x_write_block(struct flash_bank_s *bank, u8 *buffer, u32 offset, u32 count)
321 str9x_flash_bank_t *str9x_info = bank->driver_priv;
322 target_t *target = bank->target;
323 u32 buffer_size = 8192;
324 working_area_t *source;
325 u32 address = bank->base + offset;
326 reg_param_t reg_params[4];
327 armv4_5_algorithm_t armv4_5_info;
328 int retval = ERROR_OK;
330 u32 str9x_flash_write_code[] = {
332 0xe3c14003, /* bic r4, r1, #3 */
333 0xe3a03040, /* mov r3, #0x40 */
334 0xe1c430b0, /* strh r3, [r4, #0] */
335 0xe0d030b2, /* ldrh r3, [r0], #2 */
336 0xe0c130b2, /* strh r3, [r1], #2 */
337 0xe3a03070, /* mov r3, #0x70 */
338 0xe1c430b0, /* strh r3, [r4, #0] */
340 0xe5d43000, /* ldrb r3, [r4, #0] */
341 0xe3130080, /* tst r3, #0x80 */
342 0x0afffffc, /* beq busy */
343 0xe3a05050, /* mov r5, #0x50 */
344 0xe1c450b0, /* strh r5, [r4, #0] */
345 0xe3a050ff, /* mov r5, #0xFF */
346 0xe1c450b0, /* strh r5, [r4, #0] */
347 0xe3130012, /* tst r3, #0x12 */
348 0x1a000001, /* bne exit */
349 0xe2522001, /* subs r2, r2, #1 */
350 0x1affffed, /* bne write */
352 0xeafffffe, /* b exit */
355 /* flash write code */
356 if (target_alloc_working_area(target, 4 * 19, &str9x_info->write_algorithm) != ERROR_OK)
358 LOG_WARNING("no working area available, can't do block memory writes");
359 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
362 target_write_buffer(target, str9x_info->write_algorithm->address, 19 * 4, (u8*)str9x_flash_write_code);
365 while (target_alloc_working_area(target, buffer_size, &source) != ERROR_OK)
368 if (buffer_size <= 256)
370 /* if we already allocated the writing code, but failed to get a buffer, free the algorithm */
371 if (str9x_info->write_algorithm)
372 target_free_working_area(target, str9x_info->write_algorithm);
374 LOG_WARNING("no large enough working area available, can't do block memory writes");
375 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
379 armv4_5_info.common_magic = ARMV4_5_COMMON_MAGIC;
380 armv4_5_info.core_mode = ARMV4_5_MODE_SVC;
381 armv4_5_info.core_state = ARMV4_5_STATE_ARM;
383 init_reg_param(®_params[0], "r0", 32, PARAM_OUT);
384 init_reg_param(®_params[1], "r1", 32, PARAM_OUT);
385 init_reg_param(®_params[2], "r2", 32, PARAM_OUT);
386 init_reg_param(®_params[3], "r3", 32, PARAM_IN);
390 u32 thisrun_count = (count > (buffer_size / 2)) ? (buffer_size / 2) : count;
392 target_write_buffer(target, source->address, thisrun_count * 2, buffer);
394 buf_set_u32(reg_params[0].value, 0, 32, source->address);
395 buf_set_u32(reg_params[1].value, 0, 32, address);
396 buf_set_u32(reg_params[2].value, 0, 32, thisrun_count);
398 if ((retval = target->type->run_algorithm(target, 0, NULL, 4, reg_params, str9x_info->write_algorithm->address, str9x_info->write_algorithm->address + (18 * 4), 10000, &armv4_5_info)) != ERROR_OK)
400 target_free_working_area(target, source);
401 target_free_working_area(target, str9x_info->write_algorithm);
402 LOG_ERROR("error executing str9x flash write algorithm");
406 if (buf_get_u32(reg_params[3].value, 0, 32) != 0x80)
408 retval = ERROR_FLASH_OPERATION_FAILED;
412 buffer += thisrun_count * 2;
413 address += thisrun_count * 2;
414 count -= thisrun_count;
417 target_free_working_area(target, source);
418 target_free_working_area(target, str9x_info->write_algorithm);
420 destroy_reg_param(®_params[0]);
421 destroy_reg_param(®_params[1]);
422 destroy_reg_param(®_params[2]);
423 destroy_reg_param(®_params[3]);
428 int str9x_write(struct flash_bank_s *bank, u8 *buffer, u32 offset, u32 count)
430 target_t *target = bank->target;
431 u32 words_remaining = (count / 2);
432 u32 bytes_remaining = (count & 0x00000001);
433 u32 address = bank->base + offset;
434 u32 bytes_written = 0;
437 u32 check_address = offset;
441 if (bank->target->state != TARGET_HALTED)
443 return ERROR_TARGET_NOT_HALTED;
448 LOG_WARNING("offset 0x%x breaks required 2-byte alignment", offset);
449 return ERROR_FLASH_DST_BREAKS_ALIGNMENT;
452 for (i = 0; i < bank->num_sectors; i++)
454 u32 sec_start = bank->sectors[i].offset;
455 u32 sec_end = sec_start + bank->sectors[i].size;
457 /* check if destination falls within the current sector */
458 if ((check_address >= sec_start) && (check_address < sec_end))
460 /* check if destination ends in the current sector */
461 if (offset + count < sec_end)
462 check_address = offset + count;
464 check_address = sec_end;
468 if (check_address != offset + count)
469 return ERROR_FLASH_DST_OUT_OF_BANK;
471 /* multiple half words (2-byte) to be programmed? */
472 if (words_remaining > 0)
474 /* try using a block write */
475 if ((retval = str9x_write_block(bank, buffer, offset, words_remaining)) != ERROR_OK)
477 if (retval == ERROR_TARGET_RESOURCE_NOT_AVAILABLE)
479 /* if block write failed (no sufficient working area),
480 * we use normal (slow) single dword accesses */
481 LOG_WARNING("couldn't use block writes, falling back to single memory accesses");
483 else if (retval == ERROR_FLASH_OPERATION_FAILED)
485 LOG_ERROR("flash writing failed with error code: 0x%x", retval);
486 return ERROR_FLASH_OPERATION_FAILED;
491 buffer += words_remaining * 2;
492 address += words_remaining * 2;
497 while (words_remaining > 0)
499 bank_adr = address & ~0x03;
501 /* write data command */
502 target_write_u16(target, bank_adr, 0x40);
503 target->type->write_memory(target, address, 2, 1, buffer + bytes_written);
505 /* get status command */
506 target_write_u16(target, bank_adr, 0x70);
509 target_read_u8(target, bank_adr, &status);
515 /* clear status reg and read array */
516 target_write_u16(target, bank_adr, 0x50);
517 target_write_u16(target, bank_adr, 0xFF);
520 return ERROR_FLASH_OPERATION_FAILED;
521 else if (status & 0x02)
522 return ERROR_FLASH_OPERATION_FAILED;
531 u8 last_halfword[2] = {0xff, 0xff};
534 while(bytes_remaining > 0)
536 last_halfword[i++] = *(buffer + bytes_written);
541 bank_adr = address & ~0x03;
543 /* write data comamnd */
544 target_write_u16(target, bank_adr, 0x40);
545 target->type->write_memory(target, address, 2, 1, last_halfword);
547 /* query status command */
548 target_write_u16(target, bank_adr, 0x70);
551 target_read_u8(target, bank_adr, &status);
557 /* clear status reg and read array */
558 target_write_u16(target, bank_adr, 0x50);
559 target_write_u16(target, bank_adr, 0xFF);
562 return ERROR_FLASH_OPERATION_FAILED;
563 else if (status & 0x02)
564 return ERROR_FLASH_OPERATION_FAILED;
570 int str9x_probe(struct flash_bank_s *bank)
575 int str9x_handle_part_id_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
580 int str9x_info(struct flash_bank_s *bank, char *buf, int buf_size)
582 snprintf(buf, buf_size, "str9x flash driver info" );
586 int str9x_handle_flash_config_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
588 str9x_flash_bank_t *str9x_info;
590 target_t *target = NULL;
594 return ERROR_COMMAND_SYNTAX_ERROR;
597 bank = get_flash_bank_by_num(strtoul(args[0], NULL, 0));
600 command_print(cmd_ctx, "flash bank '#%s' is out of bounds", args[0]);
604 str9x_info = bank->driver_priv;
606 target = bank->target;
608 if (bank->target->state != TARGET_HALTED)
610 return ERROR_TARGET_NOT_HALTED;
613 /* config flash controller */
614 target_write_u32(target, FLASH_BBSR, strtoul(args[1], NULL, 0));
615 target_write_u32(target, FLASH_NBBSR, strtoul(args[2], NULL, 0));
616 target_write_u32(target, FLASH_BBADR, (strtoul(args[3], NULL, 0) >> 2));
617 target_write_u32(target, FLASH_NBBADR, (strtoul(args[4], NULL, 0) >> 2));
619 /* set bit 18 instruction TCM order as per flash programming manual */
620 arm966e_write_cp15(target, 62, 0x40000);
622 /* enable flash bank 1 */
623 target_write_u32(target, FLASH_CR, 0x18);
projects / fw / openocd / blob