1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * Copyright (C) 2008 Rob Brown, Lou Deluxe *
9 * rob@cobbleware.com, lou.openocd012@fixit.nospammail.net *
11 * This program is free software; you can redistribute it and/or modify *
12 * it under the terms of the GNU General Public License as published by *
13 * the Free Software Foundation; either version 2 of the License, or *
14 * (at your option) any later version. *
16 * This program is distributed in the hope that it will be useful, *
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
19 * GNU General Public License for more details. *
21 * You should have received a copy of the GNU General Public License *
22 * along with this program. If not, see <http://www.gnu.org/licenses/>. *
23 ***************************************************************************/
29 /* project specific includes */
30 #include <jtag/interface.h>
31 #include <jtag/commands.h>
32 #include "helper/replacements.h"
34 #include "rlink_st7.h"
35 #include "rlink_ep1_cmd.h"
36 #include "rlink_dtc_cmd.h"
37 #include "libusb_helper.h"
39 /* This feature is made useless by running the DTC all the time. When automatic, the LED is on
40 *whenever the DTC is running. Otherwise, USB messages are sent to turn it on and off. */
41 #undef AUTOMATIC_BUSY_LED
43 /* This feature may require derating the speed due to reduced hold time. */
44 #undef USE_HARDWARE_SHIFTER_FOR_TMS
46 #define INTERFACE_NAME "RLink"
48 #define USB_IDVENDOR (0x138e)
49 #define USB_IDPRODUCT (0x9000)
51 #define USB_EP1OUT_ADDR (0x01)
52 #define USB_EP1OUT_SIZE (16)
53 #define USB_EP1IN_ADDR (USB_EP1OUT_ADDR | 0x80)
54 #define USB_EP1IN_SIZE (USB_EP1OUT_SIZE)
56 #define USB_EP2OUT_ADDR (0x02)
57 #define USB_EP2OUT_SIZE (64)
58 #define USB_EP2IN_ADDR (USB_EP2OUT_ADDR | 0x80)
59 #define USB_EP2IN_SIZE (USB_EP2OUT_SIZE)
60 #define USB_EP2BANK_SIZE (512)
62 #define USB_TIMEOUT_MS (3 * 1000)
64 #define DTC_STATUS_POLL_BYTE (ST7_USB_BUF_EP0OUT + 0xff)
66 #define ST7_PD_NBUSY_LED ST7_PD0
67 #define ST7_PD_NRUN_LED ST7_PD1
68 /* low enables VPP at adapter header, high connects it to GND instead */
69 #define ST7_PD_VPP_SEL ST7_PD6
70 /* low: VPP = 12v, high: VPP <= 5v */
71 #define ST7_PD_VPP_SHDN ST7_PD7
73 /* These pins are connected together */
74 #define ST7_PE_ADAPTER_SENSE_IN ST7_PE3
75 #define ST7_PE_ADAPTER_SENSE_OUT ST7_PE4
77 /* Symbolic mapping between port pins and numbered IO lines */
78 #define ST7_PA_IO1 ST7_PA1
79 #define ST7_PA_IO2 ST7_PA2
80 #define ST7_PA_IO4 ST7_PA4
81 #define ST7_PA_IO8 ST7_PA6
82 #define ST7_PA_IO10 ST7_PA7
83 #define ST7_PB_IO5 ST7_PB5
84 #define ST7_PC_IO9 ST7_PC1
85 #define ST7_PC_IO3 ST7_PC2
86 #define ST7_PC_IO7 ST7_PC3
87 #define ST7_PE_IO6 ST7_PE5
89 /* Symbolic mapping between numbered IO lines and adapter signals */
90 #define ST7_PA_RTCK ST7_PA_IO0
91 #define ST7_PA_NTRST ST7_PA_IO1
92 #define ST7_PC_TDI ST7_PC_IO3
93 #define ST7_PA_DBGRQ ST7_PA_IO4
94 #define ST7_PB_NSRST ST7_PB_IO5
95 #define ST7_PE_TMS ST7_PE_IO6
96 #define ST7_PC_TCK ST7_PC_IO7
97 #define ST7_PC_TDO ST7_PC_IO9
98 #define ST7_PA_DBGACK ST7_PA_IO10
100 static struct libusb_device_handle *hdev;
103 * ep1 commands are up to USB_EP1OUT_SIZE bytes in length.
104 * This function takes care of zeroing the unused bytes before sending the packet.
105 * Any reply packet is not handled by this function.
107 static int ep1_generic_commandl(struct libusb_device_handle *hdev_param, size_t length, ...)
109 uint8_t usb_buffer[USB_EP1OUT_SIZE];
110 uint8_t *usb_buffer_p;
115 if (length > sizeof(usb_buffer))
116 length = sizeof(usb_buffer);
118 usb_buffer_p = usb_buffer;
120 va_start(ap, length);
122 *usb_buffer_p++ = va_arg(ap, int);
129 sizeof(usb_buffer) - (usb_buffer_p - usb_buffer)
132 usb_ret = jtag_libusb_bulk_write(
135 (char *)usb_buffer, sizeof(usb_buffer),
140 if (usb_ret != ERROR_OK)
146 static ssize_t ep1_memory_read(
147 struct libusb_device_handle *hdev_param, uint16_t addr,
148 size_t length, uint8_t *buffer)
150 uint8_t usb_buffer[USB_EP1OUT_SIZE];
156 usb_buffer[0] = EP1_CMD_MEMORY_READ;
160 sizeof(usb_buffer) - 4
167 if (remain > sizeof(usb_buffer))
168 length = sizeof(usb_buffer);
172 usb_buffer[1] = addr >> 8;
173 usb_buffer[2] = addr;
174 usb_buffer[3] = length;
176 usb_ret = jtag_libusb_bulk_write(
177 hdev_param, USB_EP1OUT_ADDR,
178 (char *)usb_buffer, sizeof(usb_buffer),
183 if (usb_ret != ERROR_OK || transferred < (int)sizeof(usb_buffer))
186 usb_ret = jtag_libusb_bulk_read(
187 hdev_param, USB_EP1IN_ADDR,
188 (char *)buffer, length,
193 if (usb_ret != ERROR_OK || transferred < (int)length)
206 static ssize_t ep1_memory_write(struct libusb_device_handle *hdev_param, uint16_t addr,
207 size_t length, uint8_t const *buffer)
209 uint8_t usb_buffer[USB_EP1OUT_SIZE];
214 usb_buffer[0] = EP1_CMD_MEMORY_WRITE;
220 if (remain > (sizeof(usb_buffer) - 4))
221 length = (sizeof(usb_buffer) - 4);
225 usb_buffer[1] = addr >> 8;
226 usb_buffer[2] = addr;
227 usb_buffer[3] = length;
234 usb_buffer + 4 + length,
236 sizeof(usb_buffer) - 4 - length
241 usb_ret = jtag_libusb_bulk_write(
242 hdev_param, USB_EP1OUT_ADDR,
243 (char *)usb_buffer, sizeof(usb_buffer),
248 if (usb_ret != ERROR_OK || transferred < (int)sizeof(usb_buffer))
262 static ssize_t ep1_memory_writel(struct libusb_device_handle *hdev_param, uint16_t addr,
265 uint8_t buffer[USB_EP1OUT_SIZE - 4];
270 if (length > sizeof(buffer))
271 length = sizeof(buffer);
276 va_start(ap, length);
278 *buffer_p++ = va_arg(ap, int);
282 return ep1_memory_write(hdev_param, addr, length, buffer);
286 #define DTCLOAD_COMMENT (0)
287 #define DTCLOAD_ENTRY (1)
288 #define DTCLOAD_LOAD (2)
289 #define DTCLOAD_RUN (3)
290 #define DTCLOAD_LUT_START (4)
291 #define DTCLOAD_LUT (5)
293 #define DTC_LOAD_BUFFER ST7_USB_BUF_EP2UIDO
295 /* This gets set by the DTC loader */
296 static uint8_t dtc_entry_download;
298 /* The buffer is specially formatted to represent a valid image to load into the DTC. */
299 static int dtc_load_from_buffer(struct libusb_device_handle *hdev_param, const uint8_t *buffer,
308 struct header_s *header;
309 uint8_t lut_start = 0xc0;
311 dtc_entry_download = 0;
313 /* Stop the DTC before loading anything. */
314 usb_err = ep1_generic_commandl(
322 if (length < sizeof(*header)) {
323 LOG_ERROR("Malformed DTC image");
327 header = (struct header_s *)buffer;
328 buffer += sizeof(*header);
329 length -= sizeof(*header);
331 if (length < (size_t)header->length + 1) {
332 LOG_ERROR("Malformed DTC image");
336 switch (header->type) {
337 case DTCLOAD_COMMENT:
341 /* store entry addresses somewhere */
342 if (!strncmp("download", (char *)buffer + 1, 8))
343 dtc_entry_download = buffer[0];
347 /* Send the DTC program to ST7 RAM. */
348 usb_err = ep1_memory_write(
351 header->length + 1, buffer
356 /* Load it into the DTC. */
357 usb_err = ep1_generic_commandl(
360 (DTC_LOAD_BUFFER >> 8),
369 usb_err = ep1_generic_commandl(
380 case DTCLOAD_LUT_START:
381 lut_start = buffer[0];
385 usb_err = ep1_memory_write(
387 ST7_USB_BUF_EP0OUT + lut_start,
388 header->length + 1, buffer
395 LOG_ERROR("Invalid DTC image record type: 0x%02x", header->type);
400 buffer += (header->length + 1);
401 length -= (header->length + 1);
408 * Start the DTC running in download mode (waiting for 512 byte command packets on ep2).
410 static int dtc_start_download(void)
416 /* set up for download mode and make sure EP2 is set up to transmit */
417 usb_err = ep1_generic_commandl(
422 EP1_CMD_SET_DOWNLOAD,
423 EP1_CMD_MEMORY_READ, /* read EP2TXR for its data toggle */
431 /* read back ep2txr */
432 usb_err = jtag_libusb_bulk_read(
433 hdev, USB_EP1IN_ADDR,
438 if (usb_err != ERROR_OK)
441 usb_err = ep1_generic_commandl(
444 EP1_CMD_MEMORY_WRITE, /* preinitialize poll byte */
445 DTC_STATUS_POLL_BYTE >> 8,
446 DTC_STATUS_POLL_BYTE,
449 EP1_CMD_MEMORY_WRITE, /* set EP2IN to return data */
453 (ep2txr & ST7_EP2TXR_DTOG_TX) | ST7_EP2TXR_STAT_VALID,
454 EP1_CMD_DTC_CALL, /* start running the DTC */
456 EP1_CMD_DTC_GET_CACHED_STATUS
461 /* wait for completion */
462 usb_err = jtag_libusb_bulk_read(
463 hdev, USB_EP1IN_ADDR,
472 static int dtc_run_download(
473 struct libusb_device_handle *hdev_param,
474 uint8_t *command_buffer,
475 int command_buffer_size,
476 uint8_t *reply_buffer,
477 int reply_buffer_size
485 LOG_DEBUG("%d/%d", command_buffer_size, reply_buffer_size);
487 usb_err = jtag_libusb_bulk_write(
490 (char *)command_buffer, USB_EP2BANK_SIZE,
498 /* Wait for DTC to finish running command buffer */
500 usb_err = ep1_generic_commandl(
504 DTC_STATUS_POLL_BYTE >> 8,
505 DTC_STATUS_POLL_BYTE,
511 usb_err = jtag_libusb_bulk_read(
521 if (dtc_status & 0x01)
525 LOG_ERROR("too many retries waiting for DTC status");
526 return LIBUSB_ERROR_TIMEOUT;
531 if (reply_buffer && reply_buffer_size) {
532 usb_err = jtag_libusb_bulk_read(
535 (char *)reply_buffer, reply_buffer_size,
540 if (usb_err != ERROR_OK || transferred < reply_buffer_size) {
541 LOG_ERROR("Read of endpoint 2 returned %d, expected %d",
542 usb_err, reply_buffer_size
552 * The dtc reply queue is a singly linked list that describes what to do
553 * with the reply packet that comes from the DTC. Only SCAN_IN and SCAN_IO generate
557 struct dtc_reply_queue_entry {
558 struct dtc_reply_queue_entry *next;
559 struct jtag_command *cmd; /* the command that resulted in this entry */
562 uint8_t *buffer; /* the scan buffer */
563 int size; /* size of the scan buffer in bits */
564 int offset; /* how many bits were already done before this? */
565 int length; /* how many bits are processed in this operation? */
566 enum scan_type type; /* SCAN_IN/SCAN_OUT/SCAN_IO */
572 * The dtc_queue consists of a buffer of pending commands and a reply queue.
573 * rlink_scan and tap_state_run add to the command buffer and maybe to the reply queue.
577 struct dtc_reply_queue_entry *rq_head;
578 struct dtc_reply_queue_entry *rq_tail;
580 uint32_t reply_index;
581 uint8_t cmd_buffer[USB_EP2BANK_SIZE];
585 * The tap state queue is for accumulating TAP state changes without needlessly
586 * flushing the dtc_queue. When it fills or is run, it adds the accumulated bytes to
595 static int dtc_queue_init(void)
597 dtc_queue.rq_head = NULL;
598 dtc_queue.rq_tail = NULL;
599 dtc_queue.cmd_index = 0;
600 dtc_queue.reply_index = 0;
604 static inline struct dtc_reply_queue_entry *dtc_queue_enqueue_reply(
605 enum scan_type type, uint8_t *buffer, int size, int offset,
606 int length, struct jtag_command *cmd)
608 struct dtc_reply_queue_entry *rq_entry;
610 rq_entry = malloc(sizeof(struct dtc_reply_queue_entry));
612 rq_entry->scan.type = type;
613 rq_entry->scan.buffer = buffer;
614 rq_entry->scan.size = size;
615 rq_entry->scan.offset = offset;
616 rq_entry->scan.length = length;
618 rq_entry->next = NULL;
620 if (!dtc_queue.rq_head)
621 dtc_queue.rq_head = rq_entry;
623 dtc_queue.rq_tail->next = rq_entry;
625 dtc_queue.rq_tail = rq_entry;
632 * Running the queue means that any pending command buffer is run
633 * and any reply data dealt with. The command buffer is then cleared for subsequent processing.
634 * The queue is automatically run by append when it is necessary to get space for the append.
637 static int dtc_queue_run(void)
639 struct dtc_reply_queue_entry *rq_p, *rq_next;
644 uint8_t *dtc_p, *tdo_p;
645 uint8_t dtc_mask, tdo_mask;
646 uint8_t reply_buffer[USB_EP2IN_SIZE];
648 assert((dtc_queue.rq_head != 0) == (dtc_queue.reply_index > 0));
649 assert(dtc_queue.cmd_index < USB_EP2BANK_SIZE);
650 assert(dtc_queue.reply_index <= USB_EP2IN_SIZE);
654 if (dtc_queue.cmd_index < 1)
657 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] = DTC_CMD_STOP;
659 usb_err = dtc_run_download(hdev,
660 dtc_queue.cmd_buffer, dtc_queue.cmd_index,
661 reply_buffer, sizeof(reply_buffer)
664 LOG_ERROR("dtc_run_download: %s", libusb_error_name(usb_err));
668 if (dtc_queue.rq_head) {
669 /* process the reply, which empties the reply queue and frees its entries */
670 dtc_p = reply_buffer;
672 /* The rigamarole with the masks and doing it bit-by-bit is due to the fact that the
673 *scan buffer is LSb-first and the DTC code is MSb-first for hardware reasons. It
674 *was that or craft a function to do the reversal, and that wouldn't work with
675 *bit-stuffing (supplying extra bits to use mostly byte operations), or any other
676 *scheme which would throw the byte alignment off. */
679 rq_p = dtc_queue.rq_head;
683 tdo_p = rq_p->scan.buffer + (rq_p->scan.offset / 8);
684 tdo_mask = 1 << (rq_p->scan.offset % 8);
687 bit_cnt = rq_p->scan.length;
691 dtc_mask = 1 << (8 - 1);
698 if (*dtc_p & dtc_mask)
706 dtc_mask = 1 << (8 - 1);
716 /* extra bits or last bit */
719 if ((rq_p->scan.type == SCAN_IN) && (
720 rq_p->scan.offset != rq_p->scan.size - 1
722 /* extra bits were sent as a full byte with padding on the
724 dtc_mask = 1 << (8 - 1);
726 dtc_mask = 1 << (bit_cnt - 1);
749 if ((rq_p->scan.offset + rq_p->scan.length) >= rq_p->scan.size) {
750 /* feed scan buffer back into openocd and free it */
751 if (jtag_read_buffer(rq_p->scan.buffer,
752 rq_p->cmd->cmd.scan) != ERROR_OK)
753 retval = ERROR_JTAG_QUEUE_FAILED;
754 free(rq_p->scan.buffer);
757 rq_next = rq_p->next;
760 dtc_queue.rq_head = NULL;
761 dtc_queue.rq_tail = NULL;
764 /* reset state for new appends */
765 dtc_queue.cmd_index = 0;
766 dtc_queue.reply_index = 0;
771 /* runs the queue if it cannot take reserved_cmd bytes of command data
772 * or reserved_reply bytes of reply data */
773 static int dtc_queue_run_if_full(int reserved_cmd, int reserved_reply)
775 /* reserve one additional byte for the STOP cmd appended during run */
776 if (dtc_queue.cmd_index + reserved_cmd + 1 > USB_EP2BANK_SIZE)
777 return dtc_queue_run();
779 if (dtc_queue.reply_index + reserved_reply > USB_EP2IN_SIZE)
780 return dtc_queue_run();
785 static int tap_state_queue_init(void)
787 tap_state_queue.length = 0;
788 tap_state_queue.buffer = 0;
792 static int tap_state_queue_run(void)
800 if (!tap_state_queue.length)
804 for (i = tap_state_queue.length; i--; ) {
807 if (tap_state_queue.buffer & 1)
809 if ((bits >= 8) || !i) {
810 byte_param <<= (8 - bits);
812 /* make sure there's room for two cmd bytes */
813 dtc_queue_run_if_full(2, 0);
815 #ifdef USE_HARDWARE_SHIFTER_FOR_TMS
817 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
818 DTC_CMD_SHIFT_TMS_BYTES(1);
821 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
822 DTC_CMD_SHIFT_TMS_BITS(bits);
823 #ifdef USE_HARDWARE_SHIFTER_FOR_TMS
827 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
835 tap_state_queue.buffer >>= 1;
837 retval = tap_state_queue_init();
841 static int tap_state_queue_append(uint8_t tms)
845 if (tap_state_queue.length >= sizeof(tap_state_queue.buffer) * 8) {
846 retval = tap_state_queue_run();
852 tap_state_queue.buffer |= (1 << tap_state_queue.length);
853 tap_state_queue.length++;
858 static void rlink_end_state(tap_state_t state)
860 if (tap_is_state_stable(state))
861 tap_set_end_state(state);
863 LOG_ERROR("BUG: %i is not a valid end state", state);
868 static void rlink_state_move(void)
872 uint8_t tms_scan = tap_get_tms_path(tap_get_state(), tap_get_end_state());
873 int tms_count = tap_get_tms_path_len(tap_get_state(), tap_get_end_state());
875 for (i = 0; i < tms_count; i++) {
876 tms = (tms_scan >> i) & 1;
877 tap_state_queue_append(tms);
880 tap_set_state(tap_get_end_state());
883 static void rlink_path_move(struct pathmove_command *cmd)
885 int num_states = cmd->num_states;
891 if (tap_state_transition(tap_get_state(), false) == cmd->path[state_count])
893 else if (tap_state_transition(tap_get_state(), true) == cmd->path[state_count])
896 LOG_ERROR("BUG: %s -> %s isn't a valid TAP transition",
897 tap_state_name(tap_get_state()),
898 tap_state_name(cmd->path[state_count]));
902 tap_state_queue_append(tms);
904 tap_set_state(cmd->path[state_count]);
909 tap_set_end_state(tap_get_state());
912 static void rlink_runtest(int num_cycles)
916 tap_state_t saved_end_state = tap_get_end_state();
918 /* only do a state_move when we're not already in RTI */
919 if (tap_get_state() != TAP_IDLE) {
920 rlink_end_state(TAP_IDLE);
924 /* execute num_cycles */
925 for (i = 0; i < num_cycles; i++)
926 tap_state_queue_append(0);
928 /* finish in end_state */
929 rlink_end_state(saved_end_state);
930 if (tap_get_state() != tap_get_end_state())
934 /* (1) assert or (0) deassert reset lines */
935 static void rlink_reset(int trst, int srst)
941 /* Read port A for bit op */
942 usb_err = ep1_generic_commandl(
950 LOG_ERROR("%s", libusb_error_name(usb_err));
954 usb_err = jtag_libusb_bulk_read(
955 hdev, USB_EP1IN_ADDR,
960 if (usb_err != ERROR_OK || transferred < 1) {
961 LOG_ERROR("%s", libusb_error_name(usb_err));
966 bitmap &= ~ST7_PA_NTRST;
968 bitmap |= ST7_PA_NTRST;
970 /* Write port A and read port B for bit op
971 * port B has no OR, and we want to emulate open drain on NSRST, so we initialize DR to 0
972 *and assert NSRST by setting DDR to 1. */
973 usb_err = ep1_generic_commandl(
975 EP1_CMD_MEMORY_WRITE,
986 LOG_ERROR("%s", libusb_error_name(usb_err));
990 usb_err = jtag_libusb_bulk_read(
991 hdev, USB_EP1IN_ADDR,
996 if (usb_err != ERROR_OK || transferred < 1) {
997 LOG_ERROR("%s", libusb_error_name(usb_err));
1002 bitmap |= ST7_PB_NSRST;
1004 bitmap &= ~ST7_PB_NSRST;
1006 /* write port B and read dummy to ensure completion before returning */
1007 usb_err = ep1_generic_commandl(
1009 EP1_CMD_MEMORY_WRITE,
1014 EP1_CMD_DTC_GET_CACHED_STATUS
1017 LOG_ERROR("%s", libusb_error_name(usb_err));
1021 usb_err = jtag_libusb_bulk_read(
1022 hdev, USB_EP1IN_ADDR,
1027 if (usb_err != ERROR_OK || transferred < 1) {
1028 LOG_ERROR("%s", libusb_error_name(usb_err));
1033 static int rlink_scan(struct jtag_command *cmd, enum scan_type type,
1034 uint8_t *buffer, int scan_size)
1037 tap_state_t saved_end_state;
1045 uint8_t tdi_mask, *tdi_p;
1048 if (scan_size < 1) {
1049 LOG_ERROR("scan_size cannot be less than 1 bit");
1053 ir_scan = cmd->cmd.scan->ir_scan;
1055 /* Move to the proper state before starting to shift TDI/TDO. */
1056 if (!((!ir_scan && (tap_get_state() == TAP_DRSHIFT)) ||
1057 (ir_scan && (tap_get_state() == TAP_IRSHIFT)))) {
1058 saved_end_state = tap_get_end_state();
1059 rlink_end_state(ir_scan ? TAP_IRSHIFT : TAP_DRSHIFT);
1061 rlink_end_state(saved_end_state);
1064 tap_state_queue_run();
1068 printf("scan_size = %d, type = 0x%x\n", scan_size, type);
1072 /* clear unused bits in scan buffer for ease of debugging
1073 * (it makes diffing output easier) */
1074 buffer[scan_size / 8] &= ((1 << ((scan_size - 1) % 8) + 1) - 1);
1076 printf("before scan:");
1077 for (i = 0; i < (scan_size + 7) / 8; i++)
1078 printf(" %02x", buffer[i]);
1083 /* The number of bits that can be shifted as complete bytes */
1084 byte_bits = (int)(scan_size - 1) / 8 * 8;
1085 /* The number of bits left over, not counting the last bit */
1086 extra_bits = (scan_size - 1) - byte_bits;
1092 if (extra_bits && (type == SCAN_OUT)) {
1093 /* Schedule any extra bits into the DTC command buffer, padding as needed
1094 * For SCAN_OUT, this comes before the full bytes so the (leading) padding bits will
1095 *fall off the end */
1097 /* make sure there's room for two cmd bytes */
1098 dtc_queue_run_if_full(2, 0);
1101 dtc_mask = 1 << (extra_bits - 1);
1103 while (extra_bits--) {
1104 if (*tdi_p & tdi_mask)
1110 if (tdi_mask == 0) {
1116 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
1117 DTC_CMD_SHIFT_TDI_BYTES(1);
1119 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] = x;
1122 /* Loop scheduling full bytes into the DTC command buffer */
1124 /* make sure there's room for one (for in scans) or two cmd bytes and
1125 * at least one reply byte for in or inout scans*/
1126 dtc_queue_run_if_full(type == SCAN_IN ? 1 : 2, type != SCAN_OUT ? 1 : 0);
1128 chunk_bits = byte_bits;
1129 /* we can only use up to 16 bytes at a time */
1130 if (chunk_bits > (16 * 8))
1131 chunk_bits = (16 * 8);
1133 if (type != SCAN_IN) {
1134 /* how much is there room for, considering stop and byte op? */
1135 x = (sizeof(dtc_queue.cmd_buffer) - (dtc_queue.cmd_index + 1 + 1)) * 8;
1140 if (type != SCAN_OUT) {
1141 /* how much is there room for in the reply buffer? */
1142 x = (USB_EP2IN_SIZE - dtc_queue.reply_index) * 8;
1147 /* so the loop will end */
1148 byte_bits -= chunk_bits;
1150 if (type != SCAN_OUT) {
1151 if (!dtc_queue_enqueue_reply(type, buffer, scan_size, tdi_bit_offset,
1153 LOG_ERROR("enqueuing DTC reply entry: %s", strerror(errno));
1156 dtc_queue.reply_index += (chunk_bits + 7) / 8;
1158 tdi_bit_offset += chunk_bits;
1161 /* chunk_bits is a multiple of 8, so there are no rounding issues. */
1162 chunk_bytes = chunk_bits / 8;
1166 x = DTC_CMD_SHIFT_TDO_BYTES(chunk_bytes);
1169 x = DTC_CMD_SHIFT_TDI_BYTES(chunk_bytes);
1172 x = DTC_CMD_SHIFT_TDIO_BYTES(chunk_bytes);
1175 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] = x;
1177 if (type != SCAN_IN) {
1179 dtc_mask = 1 << (8 - 1);
1181 while (chunk_bits--) {
1182 if (*tdi_p & tdi_mask)
1186 if (dtc_mask == 0) {
1187 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] = x;
1189 dtc_mask = 1 << (8 - 1);
1193 if (tdi_mask == 0) {
1201 if (extra_bits && (type != SCAN_OUT)) {
1202 /* Schedule any extra bits into the DTC command buffer */
1204 /* make sure there's room for one (for in scans) or two cmd bytes
1205 * and one reply byte */
1206 dtc_queue_run_if_full(type == SCAN_IN ? 1 : 2, 1);
1208 if (!dtc_queue_enqueue_reply(type, buffer, scan_size, tdi_bit_offset,
1210 LOG_ERROR("enqueuing DTC reply entry: %s", strerror(errno));
1214 dtc_queue.reply_index++;
1216 tdi_bit_offset += extra_bits;
1218 if (type == SCAN_IN) {
1219 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
1220 DTC_CMD_SHIFT_TDO_BYTES(1);
1223 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
1224 DTC_CMD_SHIFT_TDIO_BITS(extra_bits);
1227 dtc_mask = 1 << (8 - 1);
1229 while (extra_bits--) {
1230 if (*tdi_p & tdi_mask)
1236 if (tdi_mask == 0) {
1242 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] = x;
1246 /* Schedule the last bit into the DTC command buffer */
1248 /* make sure there's room for one cmd byte and one reply byte
1249 * for in or inout scans*/
1250 dtc_queue_run_if_full(1, type == SCAN_OUT ? 0 : 1);
1252 if (type == SCAN_OUT) {
1253 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
1254 DTC_CMD_SHIFT_TMS_TDI_BIT_PAIR(1, (*tdi_p & tdi_mask), 0);
1257 if (!dtc_queue_enqueue_reply(type, buffer, scan_size, tdi_bit_offset,
1259 LOG_ERROR("enqueuing DTC reply entry: %s", strerror(errno));
1263 dtc_queue.reply_index++;
1265 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
1266 DTC_CMD_SHIFT_TMS_TDI_BIT_PAIR(1, (*tdi_p & tdi_mask), 1);
1269 /* Move to pause state */
1270 tap_state_queue_append(0);
1271 tap_set_state(ir_scan ? TAP_IRPAUSE : TAP_DRPAUSE);
1272 if (tap_get_state() != tap_get_end_state())
1278 static int rlink_execute_queue(void)
1280 struct jtag_command *cmd = jtag_command_queue; /* currently processed command */
1282 enum scan_type type;
1284 int retval, tmp_retval;
1286 /* return ERROR_OK, unless something goes wrong */
1289 #ifndef AUTOMATIC_BUSY_LED
1291 ep1_generic_commandl(hdev, 2,
1292 EP1_CMD_SET_PORTD_LEDS,
1298 switch (cmd->type) {
1300 case JTAG_TLR_RESET:
1306 /* some events, such as resets, need a queue flush to ensure
1308 tap_state_queue_run();
1313 switch (cmd->type) {
1315 LOG_DEBUG_IO("reset trst: %i srst %i",
1316 cmd->cmd.reset->trst,
1317 cmd->cmd.reset->srst);
1318 if ((cmd->cmd.reset->trst == 1) ||
1319 (cmd->cmd.reset->srst &&
1320 (jtag_get_reset_config() & RESET_SRST_PULLS_TRST)))
1321 tap_set_state(TAP_RESET);
1322 rlink_reset(cmd->cmd.reset->trst, cmd->cmd.reset->srst);
1325 LOG_DEBUG_IO("runtest %i cycles, end in %i",
1326 cmd->cmd.runtest->num_cycles,
1327 cmd->cmd.runtest->end_state);
1328 if (cmd->cmd.runtest->end_state != -1)
1329 rlink_end_state(cmd->cmd.runtest->end_state);
1330 rlink_runtest(cmd->cmd.runtest->num_cycles);
1332 case JTAG_TLR_RESET:
1333 LOG_DEBUG_IO("statemove end in %i", cmd->cmd.statemove->end_state);
1334 if (cmd->cmd.statemove->end_state != -1)
1335 rlink_end_state(cmd->cmd.statemove->end_state);
1339 LOG_DEBUG_IO("pathmove: %i states, end in %i",
1340 cmd->cmd.pathmove->num_states,
1341 cmd->cmd.pathmove->path[cmd->cmd.pathmove->num_states - 1]);
1342 rlink_path_move(cmd->cmd.pathmove);
1345 LOG_DEBUG_IO("%s scan end in %i",
1346 (cmd->cmd.scan->ir_scan) ? "IR" : "DR",
1347 cmd->cmd.scan->end_state);
1348 if (cmd->cmd.scan->end_state != -1)
1349 rlink_end_state(cmd->cmd.scan->end_state);
1350 scan_size = jtag_build_buffer(cmd->cmd.scan, &buffer);
1351 type = jtag_scan_type(cmd->cmd.scan);
1352 if (rlink_scan(cmd, type, buffer, scan_size) != ERROR_OK)
1353 retval = ERROR_FAIL;
1356 LOG_DEBUG_IO("sleep %" PRIu32, cmd->cmd.sleep->us);
1357 jtag_sleep(cmd->cmd.sleep->us);
1360 LOG_ERROR("BUG: unknown JTAG command type encountered");
1366 /* Flush the DTC queue to make sure any pending reads have been done before exiting this
1368 tap_state_queue_run();
1369 tmp_retval = dtc_queue_run();
1370 if (tmp_retval != ERROR_OK)
1371 retval = tmp_retval;
1373 #ifndef AUTOMATIC_BUSY_LED
1375 ep1_generic_commandl(hdev, 2,
1376 EP1_CMD_SET_PORTD_LEDS,
1384 /* Using an unindexed table because it is infrequently accessed and it is short. The table must be
1385 *in order of ascending speed (and descending prescaler), as it is scanned in reverse. */
1387 static int rlink_speed(int speed)
1393 speed = rlink_speed_table[rlink_speed_table_size - 1].prescaler;
1396 for (i = rlink_speed_table_size; i--; ) {
1397 if (rlink_speed_table[i].prescaler == speed) {
1398 if (dtc_load_from_buffer(hdev, rlink_speed_table[i].dtc,
1399 rlink_speed_table[i].dtc_size) != 0) {
1401 "An error occurred while trying to load DTC code for speed \"%d\".",
1406 int ret = dtc_start_download();
1408 LOG_ERROR("starting DTC: %s", libusb_error_name(ret));
1416 LOG_ERROR("%d is not a supported speed", speed);
1420 static int rlink_speed_div(int speed, int *khz)
1424 for (i = rlink_speed_table_size; i--; ) {
1425 if (rlink_speed_table[i].prescaler == speed) {
1426 *khz = rlink_speed_table[i].khz;
1431 LOG_ERROR("%d is not a supported speed", speed);
1435 static int rlink_khz(int khz, int *speed)
1440 LOG_ERROR("RCLK not supported");
1444 for (i = rlink_speed_table_size; i--; ) {
1445 if (rlink_speed_table[i].khz <= khz) {
1446 *speed = rlink_speed_table[i].prescaler;
1451 LOG_WARNING("The lowest supported JTAG speed is %d KHz", rlink_speed_table[0].khz);
1452 *speed = rlink_speed_table[0].prescaler;
1456 static int rlink_init(void)
1459 uint8_t reply_buffer[USB_EP1IN_SIZE];
1462 const uint16_t vids[] = { USB_IDVENDOR, 0 };
1463 const uint16_t pids[] = { USB_IDPRODUCT, 0 };
1464 if (jtag_libusb_open(vids, pids, &hdev, NULL) != ERROR_OK)
1467 struct libusb_device_descriptor descriptor;
1468 struct libusb_device *usb_dev = libusb_get_device(hdev);
1469 int r = libusb_get_device_descriptor(usb_dev, &descriptor);
1471 LOG_ERROR("error %d getting device descriptor", r);
1475 if (descriptor.bNumConfigurations > 1) {
1476 LOG_ERROR("Whoops! NumConfigurations is not 1, don't know what to do...");
1479 struct libusb_config_descriptor *config;
1480 libusb_get_config_descriptor(usb_dev, 0, &config);
1481 if (config->bNumInterfaces > 1) {
1482 LOG_ERROR("Whoops! NumInterfaces is not 1, don't know what to do...");
1486 LOG_DEBUG("Opened device, hdev = %p", hdev);
1488 /* usb_set_configuration required under win32 */
1489 libusb_set_configuration(hdev, config->bConfigurationValue);
1493 i = libusb_claim_interface(hdev, 0);
1494 if (i != LIBUSB_SUCCESS) {
1495 LOG_ERROR("usb_claim_interface: %s", libusb_error_name(i));
1496 j = libusb_detach_kernel_driver(hdev, 0);
1497 if (j != LIBUSB_SUCCESS)
1498 LOG_ERROR("detach kernel driver: %s", libusb_error_name(j));
1500 LOG_DEBUG("interface claimed!");
1503 } while (--retries);
1505 if (i != LIBUSB_SUCCESS) {
1506 LOG_ERROR("Initialisation failed.");
1509 if (libusb_set_interface_alt_setting(hdev, 0, 0) != LIBUSB_SUCCESS) {
1510 LOG_ERROR("Failed to set interface.");
1514 /* The device starts out in an unknown state on open. As such,
1515 * result reads time out, and it's not even known whether the
1516 * command was accepted. So, for this first command, we issue
1517 * it repeatedly until its response doesn't time out. Also, if
1518 * sending a command is going to time out, we find that out here.
1520 * It must be possible to open the device in such a way that
1521 * this special magic isn't needed, but, so far, it escapes us.
1523 for (i = 0; i < 5; i++) {
1524 j = ep1_generic_commandl(
1528 if (j < USB_EP1OUT_SIZE) {
1529 LOG_ERROR("USB write error: %s", libusb_error_name(j));
1532 j = jtag_libusb_bulk_read(
1533 hdev, USB_EP1IN_ADDR,
1534 (char *)reply_buffer, sizeof(reply_buffer),
1538 if (j != LIBUSB_ERROR_TIMEOUT)
1542 if (j != ERROR_OK || transferred != (int)sizeof(reply_buffer)) {
1543 LOG_ERROR("USB read error: %s", libusb_error_name(j));
1546 LOG_DEBUG(INTERFACE_NAME " firmware version: %d.%d.%d",
1551 if ((reply_buffer[0] != 0) || (reply_buffer[1] != 0) || (reply_buffer[2] != 3))
1553 "The rlink device is not of the version that the developers have played with. It may or may not work.");
1555 /* Probe port E for adapter presence */
1556 ep1_generic_commandl(
1558 EP1_CMD_MEMORY_WRITE, /* Drive sense pin with 0 */
1563 ST7_PE_ADAPTER_SENSE_OUT, /* DDR */
1564 ST7_PE_ADAPTER_SENSE_OUT, /* OR */
1565 EP1_CMD_MEMORY_READ, /* Read back */
1569 EP1_CMD_MEMORY_WRITE, /* Drive sense pin with 1 */
1573 ST7_PE_ADAPTER_SENSE_OUT
1576 jtag_libusb_bulk_read(
1577 hdev, USB_EP1IN_ADDR,
1578 (char *)reply_buffer, 1,
1583 if ((reply_buffer[0] & ST7_PE_ADAPTER_SENSE_IN) != 0)
1584 LOG_WARNING("target detection problem");
1586 ep1_generic_commandl(
1588 EP1_CMD_MEMORY_READ, /* Read back */
1592 EP1_CMD_MEMORY_WRITE, /* float port E */
1601 jtag_libusb_bulk_read(
1602 hdev, USB_EP1IN_ADDR,
1603 (char *)reply_buffer, 1,
1609 if ((reply_buffer[0] & ST7_PE_ADAPTER_SENSE_IN) == 0)
1610 LOG_WARNING("target not plugged in");
1612 /* float ports A and B */
1613 ep1_generic_commandl(
1615 EP1_CMD_MEMORY_WRITE,
1621 EP1_CMD_MEMORY_WRITE,
1628 /* make sure DTC is stopped, set VPP control, set up ports A and B */
1629 ep1_generic_commandl(
1632 EP1_CMD_SET_PORTD_VPP,
1634 EP1_CMD_MEMORY_WRITE,
1638 ((~(0)) & (ST7_PA_NTRST)),
1640 /* port B has no OR, and we want to emulate open drain on NSRST, so we set DR to 0
1641 *here and later assert NSRST by setting DDR bit to 1. */
1642 EP1_CMD_MEMORY_WRITE,
1649 /* set LED updating mode and make sure they're unlit */
1650 ep1_generic_commandl(
1652 #ifdef AUTOMATIC_BUSY_LED
1657 EP1_CMD_SET_PORTD_LEDS,
1661 tap_state_queue_init();
1668 static int rlink_quit(void)
1670 /* stop DTC and make sure LEDs are off */
1671 ep1_generic_commandl(
1675 EP1_CMD_SET_PORTD_LEDS,
1677 EP1_CMD_SET_PORTD_VPP,
1681 libusb_release_interface(hdev, 0);
1687 static struct jtag_interface rlink_interface = {
1688 .execute_queue = rlink_execute_queue,
1691 struct adapter_driver rlink_adapter_driver = {
1693 .transports = jtag_only,
1697 .speed = rlink_speed,
1699 .speed_div = rlink_speed_div,
1701 .jtag_ops = &rlink_interface,
projects / fw / openocd / blob