10 #include <sys/types.h>
14 #include "stlink-common.h"
15 #include "uglylogging.h"
21 /* todo: stm32l15xxx flash memory, pm0062 manual */
23 /* stm32f FPEC flash controller interface, pm0063 manual */
24 // TODO - all of this needs to be abstracted out....
25 // STM32F05x is identical, based on RM0091 (DM00031936, Doc ID 018940 Rev 2, August 2012)
26 #define FLASH_REGS_ADDR 0x40022000
27 #define FLASH_REGS_SIZE 0x28
29 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
30 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
31 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
32 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
33 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
34 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
35 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
37 // For STM32F05x, the RDPTR_KEY may be wrong, but as it is not used anywhere...
38 #define FLASH_RDPTR_KEY 0x00a5
39 #define FLASH_KEY1 0x45670123
40 #define FLASH_KEY2 0xcdef89ab
42 #define FLASH_SR_BSY 0
43 #define FLASH_SR_EOP 5
46 #define FLASH_CR_PER 1
47 #define FLASH_CR_MER 2
48 #define FLASH_CR_STRT 6
49 #define FLASH_CR_LOCK 7
52 //32L = 32F1 same CoreID as 32F4!
53 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
54 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
55 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
56 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
57 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
58 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
59 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
60 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
61 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
62 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
63 #define FLASH_L1_FPRG 10
64 #define FLASH_L1_PROG 3
66 //32L4 register base is at FLASH_REGS_ADDR (0x40022000)
67 #define STM32L4_FLASH_KEYR (FLASH_REGS_ADDR + 0x08)
68 #define STM32L4_FLASH_SR (FLASH_REGS_ADDR + 0x10)
69 #define STM32L4_FLASH_CR (FLASH_REGS_ADDR + 0x14)
70 #define STM32L4_FLASH_OPTR (FLASH_REGS_ADDR + 0x20)
72 #define STM32L4_FLASH_SR_BSY 16
73 #define STM32L4_FLASH_SR_ERRMASK 0x3f8 /* SR [9:3] */
75 #define STM32L4_FLASH_CR_LOCK 31 /* Lock control register */
76 #define STM32L4_FLASH_CR_PG 0 /* Program */
77 #define STM32L4_FLASH_CR_PER 1 /* Page erase */
78 #define STM32L4_FLASH_CR_MER1 2 /* Bank 1 erase */
79 #define STM32L4_FLASH_CR_MER2 15 /* Bank 2 erase */
80 #define STM32L4_FLASH_CR_STRT 16 /* Start command */
81 #define STM32L4_FLASH_CR_BKER 11 /* Bank select for page erase */
82 #define STM32L4_FLASH_CR_PNB 3 /* Page number (8 bits) */
83 // Bits requesting flash operations (useful when we want to clear them)
84 #define STM32L4_FLASH_CR_OPBITS \
85 ((1lu<<STM32L4_FLASH_CR_PG) | (1lu<<STM32L4_FLASH_CR_PER) \
86 | (1lu<<STM32L4_FLASH_CR_MER1) | (1lu<<STM32L4_FLASH_CR_MER1))
87 // Page is fully specified by BKER and PNB
88 #define STM32L4_FLASH_CR_PAGEMASK (0x1fflu << STM32L4_FLASH_CR_PNB)
90 #define STM32L4_FLASH_OPTR_DUALBANK 21
92 //STM32L0x flash register base and offsets
94 // RM0090 - DM00031020.pdf
95 #define STM32L0_FLASH_REGS_ADDR ((uint32_t)0x40022000)
96 #define FLASH_ACR_OFF ((uint32_t) 0x00)
97 #define FLASH_PECR_OFF ((uint32_t) 0x04)
98 #define FLASH_PDKEYR_OFF ((uint32_t) 0x08)
99 #define FLASH_PEKEYR_OFF ((uint32_t) 0x0c)
100 #define FLASH_PRGKEYR_OFF ((uint32_t) 0x10)
101 #define FLASH_OPTKEYR_OFF ((uint32_t) 0x14)
102 #define FLASH_SR_OFF ((uint32_t) 0x18)
103 #define FLASH_OBR_OFF ((uint32_t) 0x1c)
104 #define FLASH_WRPR_OFF ((uint32_t) 0x20)
109 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
110 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
111 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
112 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
113 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
114 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
115 #define FLASH_F4_CR_STRT 16
116 #define FLASH_F4_CR_LOCK 31
117 #define FLASH_F4_CR_SER 1
118 #define FLASH_F4_CR_SNB 3
119 #define FLASH_F4_CR_SNB_MASK 0xf8
120 #define FLASH_F4_SR_BSY 16
122 #define L1_WRITE_BLOCK_SIZE 0x80
123 #define L0_WRITE_BLOCK_SIZE 0x40
125 void write_uint32(unsigned char* buf, uint32_t ui) {
126 if (!is_bigendian()) { // le -> le (don't swap)
127 buf[0] = ((unsigned char*) &ui)[0];
128 buf[1] = ((unsigned char*) &ui)[1];
129 buf[2] = ((unsigned char*) &ui)[2];
130 buf[3] = ((unsigned char*) &ui)[3];
132 buf[0] = ((unsigned char*) &ui)[3];
133 buf[1] = ((unsigned char*) &ui)[2];
134 buf[2] = ((unsigned char*) &ui)[1];
135 buf[3] = ((unsigned char*) &ui)[0];
139 void write_uint16(unsigned char* buf, uint16_t ui) {
140 if (!is_bigendian()) { // le -> le (don't swap)
141 buf[0] = ((unsigned char*) &ui)[0];
142 buf[1] = ((unsigned char*) &ui)[1];
144 buf[0] = ((unsigned char*) &ui)[1];
145 buf[1] = ((unsigned char*) &ui)[0];
149 uint32_t read_uint32(const unsigned char *c, const int pt) {
151 char *p = (char *) &ui;
153 if (!is_bigendian()) { // le -> le (don't swap)
167 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
168 return stlink_read_debug32(sl, FLASH_WRPR) & 0xff;
171 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
172 return stlink_read_debug32(sl, FLASH_WRPR);
175 static inline uint32_t read_flash_obr(stlink_t *sl) {
176 return stlink_read_debug32(sl, FLASH_OBR);
179 static inline uint32_t read_flash_cr(stlink_t *sl) {
181 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||(sl->chip_id == STM32_CHIPID_F4_DE) ||
182 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
183 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
184 res = stlink_read_debug32(sl, FLASH_F4_CR);
185 else if (sl->chip_id == STM32_CHIPID_L4)
186 res = stlink_read_debug32(sl, STM32L4_FLASH_CR);
188 res = stlink_read_debug32(sl, FLASH_CR);
190 fprintf(stdout, "CR:0x%x\n", res);
195 static inline unsigned int is_flash_locked(stlink_t *sl) {
196 /* return non zero for true */
197 uint32_t cr = read_flash_cr(sl);
199 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
200 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
201 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
202 return cr & (1 << FLASH_F4_CR_LOCK);
203 else if (sl->chip_id == STM32_CHIPID_L4)
204 return cr & (1lu << STM32L4_FLASH_CR_LOCK);
206 return cr & (1 << FLASH_CR_LOCK);
209 static void unlock_flash(stlink_t *sl) {
210 /* the unlock sequence consists of 2 write cycles where
211 2 key values are written to the FLASH_KEYR register.
212 an invalid sequence results in a definitive lock of
213 the FPEC block until next reset.
215 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
216 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
217 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
218 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
219 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
220 } else if (sl->chip_id == STM32_CHIPID_L4) {
221 stlink_write_debug32(sl, STM32L4_FLASH_KEYR, FLASH_KEY1);
222 stlink_write_debug32(sl, STM32L4_FLASH_KEYR, FLASH_KEY2);
224 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
225 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
230 static int unlock_flash_if(stlink_t *sl) {
231 /* unlock flash if already locked */
233 if (is_flash_locked(sl)) {
235 if (is_flash_locked(sl)) {
236 WLOG("Failed to unlock flash!\n");
240 DLOG("Successfully unlocked flash\n");
244 static void lock_flash(stlink_t *sl) {
245 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
246 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
247 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
248 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
249 stlink_write_debug32(sl, FLASH_F4_CR, n);
250 } else if (sl->chip_id == STM32_CHIPID_L4) {
251 const uint32_t n = read_flash_cr(sl) | (1lu << STM32L4_FLASH_CR_LOCK);
252 stlink_write_debug32(sl, STM32L4_FLASH_CR, n);
254 /* write to 1 only. reset by hw at unlock sequence */
255 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
256 stlink_write_debug32(sl, FLASH_CR, n);
261 static void set_flash_cr_pg(stlink_t *sl) {
262 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
263 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
264 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
265 uint32_t x = read_flash_cr(sl);
266 x |= (1 << FLASH_CR_PG);
267 stlink_write_debug32(sl, FLASH_F4_CR, x);
268 } else if (sl->chip_id == STM32_CHIPID_L4) {
269 uint32_t x = read_flash_cr(sl);
270 x &=~ STM32L4_FLASH_CR_OPBITS;
271 x |= (1 << STM32L4_FLASH_CR_PG);
272 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
274 const uint32_t n = 1 << FLASH_CR_PG;
275 stlink_write_debug32(sl, FLASH_CR, n);
279 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
280 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
281 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
282 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
283 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
284 stlink_write_debug32(sl, FLASH_F4_CR, n);
286 stlink_write_debug32(sl, FLASH_CR, n);
289 static void set_flash_cr_per(stlink_t *sl) {
290 const uint32_t n = 1 << FLASH_CR_PER;
291 stlink_write_debug32(sl, FLASH_CR, n);
294 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
295 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
296 stlink_write_debug32(sl, FLASH_CR, n);
299 static void set_flash_cr_mer(stlink_t *sl) {
300 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
301 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
302 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
303 stlink_write_debug32(sl, FLASH_F4_CR,
304 stlink_read_debug32(sl, FLASH_F4_CR) | (1 << FLASH_CR_MER));
305 else if (sl->chip_id == STM32_CHIPID_L4) {
306 uint32_t x = stlink_read_debug32(sl, STM32L4_FLASH_CR);
307 x &=~ STM32L4_FLASH_CR_OPBITS;
308 x |= (1lu << STM32L4_FLASH_CR_MER1) | (1lu << STM32L4_FLASH_CR_MER2);
309 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
311 stlink_write_debug32(sl, FLASH_CR,
312 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_MER));
315 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
316 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
317 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
318 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
319 stlink_write_debug32(sl, FLASH_F4_CR,
320 stlink_read_debug32(sl, FLASH_F4_CR) & ~(1 << FLASH_CR_MER));
322 stlink_write_debug32(sl, FLASH_CR,
323 stlink_read_debug32(sl, FLASH_CR) & ~(1 << FLASH_CR_MER));
326 static void set_flash_cr_strt(stlink_t *sl) {
327 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
328 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
329 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
330 uint32_t x = read_flash_cr(sl);
331 x |= (1 << FLASH_F4_CR_STRT);
332 stlink_write_debug32(sl, FLASH_F4_CR, x);
333 } else if (sl->chip_id == STM32_CHIPID_L4) {
334 uint32_t x = read_flash_cr(sl);
335 x |= (1lu << STM32L4_FLASH_CR_STRT);
336 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
338 stlink_write_debug32(sl, FLASH_CR,
339 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_STRT) );
343 static inline uint32_t read_flash_acr(stlink_t *sl) {
344 return stlink_read_debug32(sl, FLASH_ACR);
347 static inline uint32_t read_flash_sr(stlink_t *sl) {
349 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
350 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
351 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
352 res = stlink_read_debug32(sl, FLASH_F4_SR);
353 else if (sl->chip_id == STM32_CHIPID_L4)
354 res = stlink_read_debug32(sl, STM32L4_FLASH_SR);
356 res = stlink_read_debug32(sl, FLASH_SR);
357 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
361 static inline unsigned int is_flash_busy(stlink_t *sl) {
362 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
363 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
364 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
365 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
366 else if (sl->chip_id == STM32_CHIPID_L4)
367 return read_flash_sr(sl) & (1 << STM32L4_FLASH_SR_BSY);
369 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
372 static void wait_flash_busy(stlink_t *sl) {
373 /* todo: add some delays here */
374 while (is_flash_busy(sl))
378 static void wait_flash_busy_progress(stlink_t *sl) {
380 fprintf(stdout, "Mass erasing");
382 while (is_flash_busy(sl)) {
386 fprintf(stdout, ".");
390 fprintf(stdout, "\n");
393 static inline unsigned int is_flash_eop(stlink_t *sl) {
394 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
397 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
398 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
399 stlink_write_debug32(sl, FLASH_SR, n);
402 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
403 /* todo: add some delays here */
404 while (is_flash_eop(sl) == 0)
408 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
409 stlink_write_debug32(sl, FLASH_AR, n);
412 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
413 uint32_t x = read_flash_cr(sl);
417 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
419 stlink_write_debug32(sl, FLASH_F4_CR, x);
423 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
424 uint32_t x = read_flash_cr(sl);
425 x &= ~FLASH_F4_CR_SNB_MASK;
426 x |= (n << FLASH_F4_CR_SNB);
427 x |= (1 << FLASH_F4_CR_SER);
429 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
431 stlink_write_debug32(sl, FLASH_F4_CR, x);
434 static inline void write_flash_cr_bker_pnb(stlink_t *sl, uint32_t n) {
435 stlink_write_debug32(sl, STM32L4_FLASH_SR, 0xFFFFFFFF & ~(1<<STM32L4_FLASH_SR_BSY));
436 uint32_t x = read_flash_cr(sl);
437 x &=~ STM32L4_FLASH_CR_OPBITS;
438 x &=~ STM32L4_FLASH_CR_PAGEMASK;
439 x &= ~(1<<STM32L4_FLASH_CR_MER1);
440 x &= ~(1<<STM32L4_FLASH_CR_MER2);
441 x |= (n << STM32L4_FLASH_CR_PNB);
442 x |= (1lu << STM32L4_FLASH_CR_PER);
444 fprintf(stdout, "BKER:PNB:0x%x 0x%x\n", x, n);
446 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
449 // Delegates to the backends...
451 void stlink_close(stlink_t *sl) {
452 DLOG("*** stlink_close ***\n");
453 sl->backend->close(sl);
457 void stlink_exit_debug_mode(stlink_t *sl) {
458 DLOG("*** stlink_exit_debug_mode ***\n");
459 stlink_write_debug32(sl, DHCSR, DBGKEY);
460 sl->backend->exit_debug_mode(sl);
463 void stlink_enter_swd_mode(stlink_t *sl) {
464 DLOG("*** stlink_enter_swd_mode ***\n");
465 sl->backend->enter_swd_mode(sl);
468 // Force the core into the debug mode -> halted state.
469 void stlink_force_debug(stlink_t *sl) {
470 DLOG("*** stlink_force_debug_mode ***\n");
471 sl->backend->force_debug(sl);
474 void stlink_exit_dfu_mode(stlink_t *sl) {
475 DLOG("*** stlink_exit_dfu_mode ***\n");
476 sl->backend->exit_dfu_mode(sl);
479 uint32_t stlink_core_id(stlink_t *sl) {
480 DLOG("*** stlink_core_id ***\n");
481 sl->backend->core_id(sl);
483 stlink_print_data(sl);
484 DLOG("core_id = 0x%08x\n", sl->core_id);
488 uint32_t stlink_chip_id(stlink_t *sl) {
489 uint32_t chip_id = stlink_read_debug32(sl, 0xE0042000);
490 if (chip_id == 0) chip_id = stlink_read_debug32(sl, 0x40015800); //Try Corex M0 DBGMCU_IDCODE register address
495 * Cortex m3 tech ref manual, CPUID register description
496 * @param sl stlink context
497 * @param cpuid pointer to the result object
499 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
500 uint32_t raw = stlink_read_debug32(sl, CM3_REG_CPUID);
501 cpuid->implementer_id = (raw >> 24) & 0x7f;
502 cpuid->variant = (raw >> 20) & 0xf;
503 cpuid->part = (raw >> 4) & 0xfff;
504 cpuid->revision = raw & 0xf;
509 * reads and decodes the flash parameters, as dynamically as possible
511 * @return 0 for success, or -1 for unsupported core type.
513 int stlink_load_device_params(stlink_t *sl) {
514 ILOG("Loading device parameters....\n");
515 const chip_params_t *params = NULL;
516 sl->core_id = stlink_core_id(sl);
517 uint32_t chip_id = stlink_chip_id(sl);
520 sl->chip_id = chip_id & 0xfff;
521 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
522 if (sl->chip_id == 0x411) {
523 uint32_t cpuid = stlink_read_debug32(sl, 0xE000ED00);
524 if ((cpuid & 0xfff0) == 0xc240)
528 for (size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
529 if(devices[i].chip_id == sl->chip_id) {
530 params = &devices[i];
534 if (params == NULL) {
535 WLOG("unknown chip id! %#x\n", chip_id);
539 // These are fixed...
540 sl->flash_base = STM32_FLASH_BASE;
541 sl->sram_base = STM32_SRAM_BASE;
542 flash_size = stlink_read_debug32(sl,(params->flash_size_reg) & ~3);
543 if (params->flash_size_reg & 2)
544 flash_size = flash_size >>16;
545 flash_size = flash_size & 0xffff;
547 if ((sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) && ( flash_size == 0 )) {
548 sl->flash_size = 128 * 1024;
549 } else if (sl->chip_id == STM32_CHIPID_L1_CAT2) {
550 sl->flash_size = (flash_size & 0xff) * 1024;
551 } else if ((sl->chip_id & 0xFFF) == STM32_CHIPID_L1_HIGH) {
552 // 0 is 384k and 1 is 256k
553 if ( flash_size == 0 ) {
554 sl->flash_size = 384 * 1024;
556 sl->flash_size = 256 * 1024;
559 sl->flash_size = flash_size * 1024;
561 sl->flash_pgsz = params->flash_pagesize;
562 sl->sram_size = params->sram_size;
563 sl->sys_base = params->bootrom_base;
564 sl->sys_size = params->bootrom_size;
566 //medium and low devices have the same chipid. ram size depends on flash size.
567 //STM32F100xx datasheet Doc ID 16455 Table 2
568 if(sl->chip_id == STM32_CHIPID_F1_VL_MEDIUM_LOW && sl->flash_size < 64 * 1024){
569 sl->sram_size = 0x1000;
572 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
573 // TODO make note of variable page size here.....
574 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
575 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
580 void stlink_reset(stlink_t *sl) {
581 DLOG("*** stlink_reset ***\n");
582 sl->backend->reset(sl);
585 void stlink_jtag_reset(stlink_t *sl, int value) {
586 DLOG("*** stlink_jtag_reset ***\n");
587 sl->backend->jtag_reset(sl, value);
590 void stlink_run(stlink_t *sl) {
591 DLOG("*** stlink_run ***\n");
592 sl->backend->run(sl);
595 void stlink_status(stlink_t *sl) {
596 DLOG("*** stlink_status ***\n");
597 sl->backend->status(sl);
598 stlink_core_stat(sl);
602 * Decode the version bits, originally from -sg, verified with usb
603 * @param sl stlink context, assumed to contain valid data in the buffer
604 * @param slv output parsed version object
606 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
607 uint32_t b0 = sl->q_buf[0]; //lsb
608 uint32_t b1 = sl->q_buf[1];
609 uint32_t b2 = sl->q_buf[2];
610 uint32_t b3 = sl->q_buf[3];
611 uint32_t b4 = sl->q_buf[4];
612 uint32_t b5 = sl->q_buf[5]; //msb
614 // b0 b1 || b2 b3 | b4 b5
615 // 4b | 6b | 6b || 2B | 2B
616 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
618 slv->stlink_v = (b0 & 0xf0) >> 4;
619 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
620 slv->swim_v = b1 & 0x3f;
621 slv->st_vid = (b3 << 8) | b2;
622 slv->stlink_pid = (b5 << 8) | b4;
626 void stlink_version(stlink_t *sl) {
627 DLOG("*** looking up stlink version\n");
628 sl->backend->version(sl);
629 _parse_version(sl, &sl->version);
631 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
632 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
633 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
634 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
635 DLOG("swim version = 0x%x\n", sl->version.swim_v);
636 if (sl->version.jtag_v == 0) {
637 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
639 if (sl->version.swim_v == 0) {
640 DLOG(" notice: the firmware doesn't support a swim interface\n");
644 int stlink_target_voltage(stlink_t *sl) {
646 DLOG("*** reading target voltage\n");
647 if (sl->backend->target_voltage != NULL) {
648 voltage = sl->backend->target_voltage(sl);
650 DLOG("target voltage = %ldmV\n", voltage);
652 DLOG("error reading target voltage\n");
655 DLOG("reading voltage not supported by backend\n");
660 uint32_t stlink_read_debug32(stlink_t *sl, uint32_t addr) {
661 uint32_t data = sl->backend->read_debug32(sl, addr);
662 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
666 void stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
667 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
668 sl->backend->write_debug32(sl, addr, data);
671 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
672 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
674 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
677 sl->backend->write_mem32(sl, addr, len);
680 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
681 DLOG("*** stlink_read_mem32 ***\n");
682 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
683 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
687 sl->backend->read_mem32(sl, addr, len);
690 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
691 DLOG("*** stlink_write_mem8 ***\n");
692 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
693 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
697 sl->backend->write_mem8(sl, addr, len);
700 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
701 DLOG("*** stlink_read_all_regs ***\n");
702 sl->backend->read_all_regs(sl, regp);
705 void stlink_read_all_unsupported_regs(stlink_t *sl, reg *regp) {
706 DLOG("*** stlink_read_all_unsupported_regs ***\n");
707 sl->backend->read_all_unsupported_regs(sl, regp);
710 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
711 DLOG("*** stlink_write_reg\n");
712 sl->backend->write_reg(sl, reg, idx);
715 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
716 DLOG("*** stlink_read_reg\n");
717 DLOG(" (%d) ***\n", r_idx);
719 if (r_idx > 20 || r_idx < 0) {
720 fprintf(stderr, "Error: register index must be in [0..20]\n");
724 sl->backend->read_reg(sl, r_idx, regp);
727 void stlink_read_unsupported_reg(stlink_t *sl, int r_idx, reg *regp) {
730 DLOG("*** stlink_read_unsupported_reg\n");
731 DLOG(" (%d) ***\n", r_idx);
733 /* Convert to values used by DCRSR */
734 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
736 } else if (r_idx == 0x40) { /* FPSCR */
738 } else if (r_idx >= 0x20 && r_idx < 0x40) {
739 r_convert = 0x40 + (r_idx - 0x20);
741 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
745 sl->backend->read_unsupported_reg(sl, r_convert, regp);
748 void stlink_write_unsupported_reg(stlink_t *sl, uint32_t val, int r_idx, reg *regp) {
751 DLOG("*** stlink_write_unsupported_reg\n");
752 DLOG(" (%d) ***\n", r_idx);
754 /* Convert to values used by DCRSR */
755 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
756 r_convert = r_idx; /* The backend function handles this */
757 } else if (r_idx == 0x40) { /* FPSCR */
759 } else if (r_idx >= 0x20 && r_idx < 0x40) {
760 r_convert = 0x40 + (r_idx - 0x20);
762 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
766 sl->backend->write_unsupported_reg(sl, val, r_convert, regp);
769 unsigned int is_core_halted(stlink_t *sl) {
770 /* return non zero if core is halted */
772 return sl->q_buf[0] == STLINK_CORE_HALTED;
775 void stlink_step(stlink_t *sl) {
776 DLOG("*** stlink_step ***\n");
777 sl->backend->step(sl);
780 int stlink_current_mode(stlink_t *sl) {
781 int mode = sl->backend->current_mode(sl);
783 case STLINK_DEV_DFU_MODE:
784 DLOG("stlink current mode: dfu\n");
786 case STLINK_DEV_DEBUG_MODE:
787 DLOG("stlink current mode: debug (jtag or swd)\n");
789 case STLINK_DEV_MASS_MODE:
790 DLOG("stlink current mode: mass\n");
793 DLOG("stlink mode: unknown!\n");
794 return STLINK_DEV_UNKNOWN_MODE;
800 // End of delegates.... Common code below here...
803 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
805 // #define is_bigendian() ( (*(char*)&i) == 0 )
807 inline unsigned int is_bigendian(void) {
808 static volatile const unsigned int i = 1;
809 return *(volatile const char*) &i == 0;
812 uint16_t read_uint16(const unsigned char *c, const int pt) {
814 char *p = (char *) &ui;
816 if (!is_bigendian()) { // le -> le (don't swap)
826 // same as above with entrypoint.
828 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
829 stlink_write_reg(sl, addr, 15); /* pc register */
833 while (is_core_halted(sl) == 0)
837 void stlink_core_stat(stlink_t *sl) {
841 switch (sl->q_buf[0]) {
842 case STLINK_CORE_RUNNING:
843 sl->core_stat = STLINK_CORE_RUNNING;
844 DLOG(" core status: running\n");
846 case STLINK_CORE_HALTED:
847 sl->core_stat = STLINK_CORE_HALTED;
848 DLOG(" core status: halted\n");
851 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
852 fprintf(stderr, " core status: unknown\n");
856 void stlink_print_data(stlink_t * sl) {
857 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
860 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
862 for (int i = 0; i < sl->q_len; i++) {
865 if (sl->q_data_dir == Q_DATA_OUT)
866 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
868 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
871 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
873 fputs("\n\n", stdout);
876 /* memory mapped file */
878 typedef struct mapped_file {
883 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
885 static int map_file(mapped_file_t* mf, const char* path) {
889 const int fd = open(path, O_RDONLY | O_BINARY);
891 fprintf(stderr, "open(%s) == -1\n", path);
895 if (fstat(fd, &st) == -1) {
896 fprintf(stderr, "fstat() == -1\n");
900 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
901 if (mf->base == MAP_FAILED) {
902 fprintf(stderr, "mmap() == MAP_FAILED\n");
906 mf->len = st.st_size;
917 static void unmap_file(mapped_file_t * mf) {
918 munmap((void*) mf->base, mf->len);
919 mf->base = (unsigned char*) MAP_FAILED;
923 /* Limit the block size to compare to 0x1800
924 Anything larger will stall the STLINK2
925 Maybe STLINK V1 needs smaller value!*/
926 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
928 size_t n_cmp = sl->flash_pgsz;
932 for (off = 0; off < mf->len; off += n_cmp) {
935 /* adjust last page size */
936 size_t cmp_size = n_cmp;
937 if ((off + n_cmp) > mf->len)
938 cmp_size = mf->len - off;
940 aligned_size = cmp_size;
941 if (aligned_size & (4 - 1))
942 aligned_size = (cmp_size + 4) & ~(4 - 1);
944 stlink_read_mem32(sl, addr + off, aligned_size);
946 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
953 int stlink_fwrite_sram
954 (stlink_t * sl, const char* path, stm32_addr_t addr) {
955 /* write the file in sram at addr */
960 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
963 if (map_file(&mf, path) == -1) {
964 fprintf(stderr, "map_file() == -1\n");
968 /* check addr range is inside the sram */
969 if (addr < sl->sram_base) {
970 fprintf(stderr, "addr too low\n");
972 } else if ((addr + mf.len) < addr) {
973 fprintf(stderr, "addr overruns\n");
975 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
976 fprintf(stderr, "addr too high\n");
978 } else if (addr & 3) {
980 fprintf(stderr, "unaligned addr\n");
990 /* do the copy by 1k blocks */
991 for (off = 0; off < len; off += 1024) {
993 if ((off + size) > len)
996 memcpy(sl->q_buf, mf.base + off, size);
998 /* round size if needed */
1002 stlink_write_mem32(sl, addr + off, size);
1006 memcpy(sl->q_buf, mf.base + len, mf.len - len);
1007 stlink_write_mem8(sl, addr + len, mf.len - len);
1010 /* check the file ha been written */
1011 if (check_file(sl, &mf, addr) == -1) {
1012 fprintf(stderr, "check_file() == -1\n");
1019 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1020 /* Set PC to the reset routine*/
1021 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1029 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
1030 /* read size bytes from addr to file */
1035 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1036 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1037 || sl->chip_id == STM32_CHIPID_L152_RE) ? 0:0xff;
1039 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
1041 fprintf(stderr, "open(%s) == -1\n", path);
1046 size = sl->flash_size;
1048 if (size > sl->flash_size)
1049 size = sl->flash_size;
1051 /* do the copy by 1k blocks */
1052 for (off = 0; off < size; off += 1024) {
1053 size_t read_size = 1024;
1054 size_t rounded_size;
1056 if ((off + read_size) > size)
1057 read_size = size - off;
1059 /* round size if needed */
1060 rounded_size = read_size;
1061 if (rounded_size & 3)
1062 rounded_size = (rounded_size + 4) & ~(3);
1064 stlink_read_mem32(sl, addr + off, rounded_size);
1066 for(index = 0; index < read_size; index ++) {
1067 if (sl->q_buf[index] == erased_pattern)
1072 if (write(fd, sl->q_buf, read_size) != (ssize_t) read_size) {
1073 fprintf(stderr, "write() != read_size\n");
1078 /* Ignore NULL Bytes at end of file */
1079 if (!ftruncate(fd, size - num_empty)) {
1092 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
1093 /* write the buffer right after the loader */
1094 size_t chunk = size & ~0x3;
1095 size_t rem = size & 0x3;
1097 memcpy(sl->q_buf, buf, chunk);
1098 stlink_write_mem32(sl, fl->buf_addr, chunk);
1101 memcpy(sl->q_buf, buf+chunk, rem);
1102 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
1107 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
1108 uint32_t offset = 0;
1109 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1110 if (flashaddr >= 0x100000) {
1112 flashaddr -= 0x100000;
1114 if (flashaddr<0x4000) return (offset + 0);
1115 else if(flashaddr<0x8000) return(offset + 1);
1116 else if(flashaddr<0xc000) return(offset + 2);
1117 else if(flashaddr<0x10000) return(offset + 3);
1118 else if(flashaddr<0x20000) return(offset + 4);
1119 else return offset + (flashaddr/0x20000) +4;
1123 uint32_t calculate_F7_sectornum(uint32_t flashaddr){
1124 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1125 if(flashaddr<0x20000) return(flashaddr/0x8000);
1126 else if(flashaddr<0x40000) return(4);
1127 else return(flashaddr/0x40000) +4;
1131 // Returns BKER:PNB for the given page address
1132 uint32_t calculate_L4_page(stlink_t *sl, uint32_t flashaddr) {
1134 uint32_t flashopt = stlink_read_debug32(sl, STM32L4_FLASH_OPTR);
1135 flashaddr -= STM32_FLASH_BASE;
1136 if (flashopt & (1lu << STM32L4_FLASH_OPTR_DUALBANK)) {
1137 uint32_t banksize = sl->flash_size / 2;
1138 if (flashaddr > banksize) {
1139 flashaddr -= banksize;
1143 // For 1MB chips without the dual-bank option set, the page address will
1144 // overflow into the BKER bit, which gives us the correct bank:page value.
1145 return bker | flashaddr/sl->flash_pgsz;
1148 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
1149 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1150 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
1151 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1152 uint32_t sector=calculate_F4_sectornum(flashaddr);
1156 if (sector<4) sl->flash_pgsz=0x4000;
1157 else if(sector<5) sl->flash_pgsz=0x10000;
1158 else sl->flash_pgsz=0x20000;
1160 else if (sl->chip_id == STM32_CHIPID_F7) {
1161 uint32_t sector=calculate_F7_sectornum(flashaddr);
1162 if (sector<4) sl->flash_pgsz=0x8000;
1163 else if(sector<5) sl->flash_pgsz=0x20000;
1164 else sl->flash_pgsz=0x40000;
1166 return (sl->flash_pgsz);
1170 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
1171 * @param sl stlink context
1172 * @param flashaddr an address in the flash page to erase
1173 * @return 0 on success -ve on failure
1175 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
1177 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1178 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
1179 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4)|| (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1180 /* wait for ongoing op to finish */
1181 wait_flash_busy(sl);
1183 /* unlock if locked */
1184 unlock_flash_if(sl);
1186 /* select the page to erase */
1187 if (sl->chip_id == STM32_CHIPID_L4) {
1188 // calculate the actual bank+page from the address
1189 uint32_t page = calculate_L4_page(sl, flashaddr);
1191 write_flash_cr_bker_pnb(sl, page);
1192 } else if (sl->chip_id == STM32_CHIPID_F7) {
1193 // calculate the actual page from the address
1194 uint32_t sector=calculate_F7_sectornum(flashaddr);
1196 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1198 write_flash_cr_snb(sl, sector);
1200 // calculate the actual page from the address
1201 uint32_t sector=calculate_F4_sectornum(flashaddr);
1203 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1205 //the SNB values for flash sectors in the second bank do not directly follow the values for the first bank on 2mb devices...
1206 if (sector >= 12) sector += 4;
1208 write_flash_cr_snb(sl, sector);
1211 /* start erase operation */
1212 set_flash_cr_strt(sl);
1214 /* wait for completion */
1215 wait_flash_busy(sl);
1217 /* relock the flash */
1218 //todo: fails to program if this is in
1221 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
1223 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1224 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1225 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1228 uint32_t flash_regs_base;
1229 if (sl->chip_id == STM32_CHIPID_L0) {
1230 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1232 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1235 /* check if the locks are set */
1236 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1237 if((val & (1<<0))||(val & (1<<1))) {
1238 /* disable pecr protection */
1239 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1240 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1242 /* check pecr.pelock is cleared */
1243 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1244 if (val & (1 << 0)) {
1245 WLOG("pecr.pelock not clear (%#x)\n", val);
1249 /* unlock program memory */
1250 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1251 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1253 /* check pecr.prglock is cleared */
1254 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1255 if (val & (1 << 1)) {
1256 WLOG("pecr.prglock not clear (%#x)\n", val);
1261 /* set pecr.{erase,prog} */
1262 val |= (1 << 9) | (1 << 3);
1263 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1264 #if 0 /* fix_to_be_confirmed */
1266 /* wait for sr.busy to be cleared
1267 * MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1268 * wrong and we do not need to wait here for clearing the busy bit.
1269 * TEXANE: ok, if experience says so and it works for you, we comment
1270 * it. If someone has a problem, please drop an email.
1272 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1275 #endif /* fix_to_be_confirmed */
1277 /* write 0 to the first word of the page to be erased */
1278 stlink_write_debug32(sl, flashaddr, 0);
1280 /* MP: It is better to wait for clearing the busy bit after issuing
1281 page erase command, even though PM0062 recommends to wait before it.
1282 Test shows that a few iterations is performed in the following loop
1283 before busy bit is cleared.*/
1284 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0)
1287 /* reset lock bits */
1288 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF)
1289 | (1 << 0) | (1 << 1) | (1 << 2);
1290 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1291 } else if (sl->core_id == STM32VL_CORE_ID
1292 || sl->core_id == STM32F0_CORE_ID
1293 || sl->chip_id == STM32_CHIPID_F3
1294 || sl->chip_id == STM32_CHIPID_F3_SMALL
1295 || sl->chip_id == STM32_CHIPID_F303_HIGH
1296 || sl->chip_id == STM32_CHIPID_F37x
1297 || sl->chip_id == STM32_CHIPID_F334) {
1298 /* wait for ongoing op to finish */
1299 wait_flash_busy(sl);
1301 /* unlock if locked */
1302 unlock_flash_if(sl);
1304 /* set the page erase bit */
1305 set_flash_cr_per(sl);
1307 /* select the page to erase */
1308 write_flash_ar(sl, flashaddr);
1310 /* start erase operation, reset by hw with bsy bit */
1311 set_flash_cr_strt(sl);
1313 /* wait for completion */
1314 wait_flash_busy(sl);
1316 /* relock the flash */
1319 WLOG("unknown coreid %x, page erase failed\n", sl->core_id);
1323 /* todo: verify the erased page */
1328 int stlink_erase_flash_mass(stlink_t *sl) {
1329 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1330 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1331 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1332 /* erase each page */
1333 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1334 for (i = 0; i < num_pages; i++) {
1335 /* addr must be an addr inside the page */
1336 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1337 if (stlink_erase_flash_page(sl, addr) == -1) {
1338 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1341 fprintf(stdout,"\rFlash page at %5d/%5d erased", i, num_pages);
1344 fprintf(stdout, "\n");
1346 /* wait for ongoing op to finish */
1347 wait_flash_busy(sl);
1349 /* unlock if locked */
1350 unlock_flash_if(sl);
1352 /* set the mass erase bit */
1353 set_flash_cr_mer(sl);
1355 /* start erase operation, reset by hw with bsy bit */
1356 set_flash_cr_strt(sl);
1358 /* wait for completion */
1359 wait_flash_busy_progress(sl);
1361 /* relock the flash */
1364 /* todo: verify the erased memory */
1369 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1372 /* allocate the loader in sram */
1373 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1374 WLOG("Failed to write flash loader to sram!\n");
1378 /* allocate a one page buffer in sram right after loader */
1379 fl->buf_addr = fl->loader_addr + size;
1380 ILOG("Successfully loaded flash loader in sram\n");
1384 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1385 /* from openocd, contrib/loaders/flash/stm32.s */
1386 static const uint8_t loader_code_stm32vl[] = {
1387 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1388 0x1c, 0x44, /* add r4, r3 */
1389 /* write_half_word: */
1390 0x01, 0x23, /* movs r3, #0x01 */
1391 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1392 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1393 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1395 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1396 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1397 0xfb, 0xd0, /* beq busy */
1398 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1399 0x01, 0xd1, /* bne exit */
1400 0x01, 0x3a, /* subs r2, r2, #0x01 */
1401 0xf0, 0xd1, /* bne write_half_word */
1403 0x00, 0xbe, /* bkpt #0x00 */
1404 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1407 /* flashloaders/stm32f0.s -- thumb1 only, same sequence as for STM32VL, bank ignored */
1408 static const uint8_t loader_code_stm32f0[] = {
1411 * These two NOPs here are a safety precaution, added by Pekka Nikander
1412 * while debugging the STM32F05x support. They may not be needed, but
1413 * there were strange problems with simpler programs, like a program
1414 * that had just a breakpoint or a program that first moved zero to register r2
1415 * and then had a breakpoint. So, it appears safest to have these two nops.
1417 * Feel free to remove them, if you dare, but then please do test the result
1418 * rigorously. Also, if you remove these, it may be a good idea first to
1419 * #if 0 them out, with a comment when these were taken out, and to remove
1420 * these only a few months later... But YMMV.
1422 0x00, 0x30, // nop /* add r0,#0 */
1423 0x00, 0x30, // nop /* add r0,#0 */
1425 0x0A, 0x4C, // ldr r4, STM32_FLASH_BASE
1426 0x01, 0x25, // mov r5, #1 /* FLASH_CR_PG, FLASH_SR_BUSY */
1427 0x04, 0x26, // mov r6, #4 /* PGERR */
1429 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1430 0x2B, 0x43, // orr r3, r5
1431 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR |= FLASH_CR_PG */
1432 0x03, 0x88, // ldrh r3, [r0] /* r3 = *sram */
1433 0x0B, 0x80, // strh r3, [r1] /* *flash = r3 */
1435 0xE3, 0x68, // ldr r3, [r4, #12] /* FLASH->SR */
1436 0x2B, 0x42, // tst r3, r5 /* FLASH_SR_BUSY */
1437 0xFC, 0xD0, // beq busy
1439 0x33, 0x42, // tst r3, r6 /* PGERR */
1440 0x04, 0xD1, // bne exit
1442 0x02, 0x30, // add r0, r0, #2 /* sram += 2 */
1443 0x02, 0x31, // add r1, r1, #2 /* flash += 2 */
1444 0x01, 0x3A, // sub r2, r2, #0x01 /* count-- */
1445 0x00, 0x2A, // cmp r2, #0
1446 0xF0, 0xD1, // bne write_half_word
1448 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1449 0xAB, 0x43, // bic r3, r5
1450 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR &= ~FLASH_CR_PG */
1451 0x00, 0xBE, // bkpt #0x00
1452 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1455 static const uint8_t loader_code_stm32l[] = {
1457 /* openocd.git/contrib/loaders/flash/stm32lx.S
1458 r0, input, dest addr
1459 r1, input, source addr
1460 r2, input, word count
1461 r3, output, word count
1467 0x51, 0xf8, 0x04, 0xcb,
1468 0x40, 0xf8, 0x04, 0xcb,
1476 static const uint8_t loader_code_stm32l0[] = {
1479 r0, input, dest addr
1480 r1, input, source addr
1481 r2, input, word count
1482 r3, output, word count
1499 static const uint8_t loader_code_stm32f4[] = {
1500 // flashloaders/stm32f4.s
1509 0x14, 0xf0, 0x01, 0x0f,
1511 0x00, 0xf1, 0x04, 0x00,
1512 0x01, 0xf1, 0x04, 0x01,
1513 0xa2, 0xf1, 0x01, 0x02,
1518 0x00, 0x3c, 0x02, 0x40,
1521 static const uint8_t loader_code_stm32f4_lv[] = {
1522 // flashloaders/stm32f4lv.s
1531 0x14, 0xf0, 0x01, 0x0f,
1533 0x00, 0xf1, 0x01, 0x00,
1534 0x01, 0xf1, 0x01, 0x01,
1535 0xa2, 0xf1, 0x01, 0x02,
1541 0x00, 0x3c, 0x02, 0x40,
1544 static const uint8_t loader_code_stm32l4[] = {
1545 // flashloaders/stm32l4.s
1546 0x08, 0x4b, // start: ldr r3, [pc, #32] ; <flash_base>
1547 0x72, 0xb1, // next: cbz r2, <done>
1548 0x04, 0x68, // ldr r4, [r0, #0]
1549 0x45, 0x68, // ldr r5, [r0, #4]
1550 0x0c, 0x60, // str r4, [r1, #0]
1551 0x4d, 0x60, // str r5, [r1, #4]
1552 0x5c, 0x8a, // wait: ldrh r4, [r3, #18]
1553 0x14, 0xf0, 0x01, 0x0f, // tst.w r4, #1
1554 0xfb, 0xd1, // bne.n <wait>
1555 0x00, 0xf1, 0x08, 0x00, // add.w r0, r0, #8
1556 0x01, 0xf1, 0x08, 0x01, // add.w r1, r1, #8
1557 0xa2, 0xf1, 0x02, 0x02, // add.w r2, r2, #2
1558 0xef, 0xe7, // b.n <next>
1559 0x00, 0xbe, // done: bkpt 0x0000
1560 0x00, 0x20, 0x02, 0x40 // flash_base: .word 0x40022000
1563 static const uint8_t loader_code_stm32f7[] = {
1568 0xbf, 0xf3, 0x4f, 0x8f, // DSB Memory barrier for in order flash write
1570 0x14, 0xf0, 0x01, 0x0f,
1572 0x00, 0xf1, 0x04, 0x00,
1573 0x01, 0xf1, 0x04, 0x01,
1574 0xa2, 0xf1, 0x01, 0x02,
1576 0x00, 0xbe, // bkpt #0x00
1577 0x00, 0x3c, 0x02, 0x40,
1580 const uint8_t* loader_code;
1583 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1584 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1585 || sl->chip_id == STM32_CHIPID_L152_RE) { /* stm32l */
1586 loader_code = loader_code_stm32l;
1587 loader_size = sizeof(loader_code_stm32l);
1588 } else if (sl->core_id == STM32VL_CORE_ID
1589 || sl->chip_id == STM32_CHIPID_F3
1590 || sl->chip_id == STM32_CHIPID_F3_SMALL
1591 || sl->chip_id == STM32_CHIPID_F303_HIGH
1592 || sl->chip_id == STM32_CHIPID_F37x
1593 || sl->chip_id == STM32_CHIPID_F334) {
1594 loader_code = loader_code_stm32vl;
1595 loader_size = sizeof(loader_code_stm32vl);
1596 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1597 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
1598 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F4_DSI)){
1599 int voltage = stlink_target_voltage(sl);
1600 if (voltage > 2700) {
1601 loader_code = loader_code_stm32f4;
1602 loader_size = sizeof(loader_code_stm32f4);
1604 loader_code = loader_code_stm32f4_lv;
1605 loader_size = sizeof(loader_code_stm32f4_lv);
1607 } else if (sl->chip_id == STM32_CHIPID_F7){
1608 loader_code = loader_code_stm32f7;
1609 loader_size = sizeof(loader_code_stm32f7);
1610 } else if (sl->chip_id == STM32_CHIPID_F0 || sl->chip_id == STM32_CHIPID_F04 || sl->chip_id == STM32_CHIPID_F0_CAN || sl->chip_id == STM32_CHIPID_F0_SMALL || sl->chip_id == STM32_CHIPID_F09X) {
1611 loader_code = loader_code_stm32f0;
1612 loader_size = sizeof(loader_code_stm32f0);
1613 } else if (sl->chip_id == STM32_CHIPID_L0) {
1614 loader_code = loader_code_stm32l0;
1615 loader_size = sizeof(loader_code_stm32l0);
1616 } else if (sl->chip_id == STM32_CHIPID_L4) {
1617 loader_code = loader_code_stm32l4;
1618 loader_size = sizeof(loader_code_stm32l4);
1620 ELOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1624 memcpy(sl->q_buf, loader_code, loader_size);
1625 stlink_write_mem32(sl, sl->sram_base, loader_size);
1627 *addr = sl->sram_base;
1628 *size = loader_size;
1634 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1635 /* check the contents of path are at addr */
1638 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1640 if (map_file(&mf, path) == -1)
1643 res = check_file(sl, &mf, addr);
1651 * Verify addr..addr+len is binary identical to base...base+len
1652 * @param sl stlink context
1653 * @param address stm device address
1654 * @param data host side buffer to check against
1655 * @param length how much
1656 * @return 0 for success, -ve for failure
1658 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1660 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1661 ILOG("Starting verification of write complete\n");
1662 for (off = 0; off < length; off += cmp_size) {
1663 size_t aligned_size;
1665 /* adjust last page size */
1666 if ((off + cmp_size) > length)
1667 cmp_size = length - off;
1669 aligned_size = cmp_size;
1670 if (aligned_size & (4 - 1))
1671 aligned_size = (cmp_size + 4) & ~(4 - 1);
1673 stlink_read_mem32(sl, address + off, aligned_size);
1675 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1676 ELOG("Verification of flash failed at offset: %zd\n", off);
1680 ILOG("Flash written and verified! jolly good!\n");
1685 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len, uint32_t pagesize)
1688 unsigned int num_half_pages = len / pagesize;
1690 uint32_t flash_regs_base;
1693 if (sl->chip_id == STM32_CHIPID_L0) {
1694 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1696 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1699 ILOG("Starting Half page flash write for STM32L core id\n");
1700 /* flash loader initialization */
1701 if (init_flash_loader(sl, &fl) == -1) {
1702 WLOG("init_flash_loader() == -1\n");
1705 /* Unlock already done */
1706 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1707 val |= (1 << FLASH_L1_FPRG);
1708 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1710 val |= (1 << FLASH_L1_PROG);
1711 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1712 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0) {}
1714 for (count = 0; count < num_half_pages; count ++) {
1715 if (run_flash_loader(sl, &fl, addr + count * pagesize, base + count * pagesize, pagesize) == -1) {
1716 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * pagesize);
1717 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1718 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1719 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1722 /* wait for sr.busy to be cleared */
1723 if (sl->verbose >= 1) {
1724 /* show progress. writing procedure is slow
1725 and previous errors are misleading */
1726 fprintf(stdout, "\r%3u/%u halfpages written", count + 1, num_half_pages);
1729 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0) {
1732 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1733 val &= ~(1 << FLASH_L1_PROG);
1734 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1735 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1736 val &= ~(1 << FLASH_L1_FPRG);
1737 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1742 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len) {
1745 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1746 len, len, addr, addr);
1747 /* check addr range is inside the flash */
1748 stlink_calculate_pagesize(sl, addr);
1749 if (addr < sl->flash_base) {
1750 ELOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1752 } else if ((addr + len) < addr) {
1753 ELOG("addr overruns\n");
1755 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1756 ELOG("addr too high\n");
1758 } else if (addr & 1) {
1759 ELOG("unaligned addr 0x%x\n", addr);
1761 } else if (len & 1) {
1762 WLOG("unaligned len 0x%x -- padding with zero\n", len);
1764 } else if (addr & (sl->flash_pgsz - 1)) {
1765 ELOG("addr not a multiple of pagesize, not supported\n");
1769 // Make sure we've loaded the context with the chip details
1771 /* erase each page */
1773 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1774 /* addr must be an addr inside the page */
1775 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1776 ELOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1779 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1780 (unsigned long)addr + off);
1784 fprintf(stdout,"\n");
1785 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1786 page_count, sl->flash_pgsz, sl->flash_pgsz);
1788 if ((sl->chip_id == STM32_CHIPID_F2) ||
1789 (sl->chip_id == STM32_CHIPID_F4) ||
1790 (sl->chip_id == STM32_CHIPID_F4_DE) ||
1791 (sl->chip_id == STM32_CHIPID_F4_LP) ||
1792 (sl->chip_id == STM32_CHIPID_F4_HD) ||
1793 (sl->chip_id == STM32_CHIPID_F411RE) ||
1794 (sl->chip_id == STM32_CHIPID_F446) ||
1795 (sl->chip_id == STM32_CHIPID_F7) ||
1796 (sl->chip_id == STM32_CHIPID_L4) ||
1797 (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1798 /* todo: check write operation */
1800 ILOG("Starting Flash write for F2/F4/L4\n");
1801 /* flash loader initialization */
1802 if (init_flash_loader(sl, &fl) == -1) {
1803 ELOG("init_flash_loader() == -1\n");
1807 /* First unlock the cr */
1808 unlock_flash_if(sl);
1810 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1811 if (sl->chip_id != STM32_CHIPID_L4) {
1812 /* set parallelisim to 32 bit*/
1813 int voltage = stlink_target_voltage(sl);
1814 if (voltage > 2700) {
1815 printf("enabling 32-bit flash writes\n");
1816 write_flash_cr_psiz(sl, 2);
1818 printf("Target voltage (%d mV) too low for 32-bit flash, using 8-bit flash writes\n", voltage);
1819 write_flash_cr_psiz(sl, 0);
1822 /* L4 does not have a byte-write mode */
1823 int voltage = stlink_target_voltage(sl);
1824 if (voltage < 1710) {
1825 printf("Target voltage (%d mV) too low for flash writes!\n", voltage);
1830 /* set programming mode */
1831 set_flash_cr_pg(sl);
1833 for(off = 0; off < len;) {
1834 size_t size = len - off > 0x8000 ? 0x8000 : len - off;
1836 printf("size: %zu\n", size);
1838 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1839 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1851 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1852 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1853 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1854 /* use fast word write. todo: half page. */
1856 uint32_t flash_regs_base;
1859 if (sl->chip_id == STM32_CHIPID_L0) {
1860 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1861 pagesize = L0_WRITE_BLOCK_SIZE;
1863 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1864 pagesize = L1_WRITE_BLOCK_SIZE;
1867 /* todo: check write operation */
1869 /* disable pecr protection */
1870 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1871 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1873 /* check pecr.pelock is cleared */
1874 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1875 if (val & (1 << 0)) {
1876 fprintf(stderr, "pecr.pelock not clear\n");
1880 /* unlock program memory */
1881 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1882 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1884 /* check pecr.prglock is cleared */
1885 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1886 if (val & (1 << 1)) {
1887 fprintf(stderr, "pecr.prglock not clear\n");
1891 if (len > pagesize) {
1892 if (stm32l1_write_half_pages(sl, addr, base, len, pagesize) == -1) {
1893 /* This may happen on a blank device! */
1894 WLOG("\nwrite_half_pages failed == -1\n");
1896 off = (len / pagesize)*pagesize;
1900 /* write remainingword in program memory */
1901 for ( ; off < len; off += sizeof(uint32_t)) {
1904 fprintf(stdout, "\r");
1906 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1907 fprintf(stdout, "\r%3zd/%3zd pages written",
1908 off/sl->flash_pgsz, len/sl->flash_pgsz);
1912 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1913 stlink_write_debug32(sl, addr + off, data);
1915 /* wait for sr.busy to be cleared */
1916 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0)
1919 /* todo: check redo write operation */
1922 fprintf(stdout, "\n");
1923 /* reset lock bits */
1924 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF)
1925 | (1 << 0) | (1 << 1) | (1 << 2);
1926 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1927 } else if (sl->core_id == STM32VL_CORE_ID ||
1928 sl->core_id == STM32F0_CORE_ID ||
1929 sl->chip_id == STM32_CHIPID_F3 ||
1930 sl->chip_id == STM32_CHIPID_F3_SMALL ||
1931 sl->chip_id == STM32_CHIPID_F303_HIGH ||
1932 sl->chip_id == STM32_CHIPID_F334 ||
1933 sl->chip_id == STM32_CHIPID_F37x) {
1934 ILOG("Starting Flash write for VL/F0/F3 core id\n");
1935 /* flash loader initialization */
1936 if (init_flash_loader(sl, &fl) == -1) {
1937 ELOG("init_flash_loader() == -1\n");
1941 int write_block_count = 0;
1942 for (off = 0; off < len; off += sl->flash_pgsz) {
1943 /* adjust last write size */
1944 size_t size = sl->flash_pgsz;
1945 if ((off + sl->flash_pgsz) > len) size = len - off;
1947 /* unlock and set programming mode */
1948 unlock_flash_if(sl);
1949 set_flash_cr_pg(sl);
1950 //DLOG("Finished setting flash cr pg, running loader!\n");
1951 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1952 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1956 if (sl->verbose >= 1) {
1957 /* show progress. writing procedure is slow
1958 and previous errors are misleading */
1959 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
1963 fprintf(stdout, "\n");
1965 ELOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1969 return stlink_verify_write_flash(sl, addr, base, len);
1973 * Write the given binary file into flash at address "addr"
1975 * @param path readable file path, should be binary image
1976 * @param addr where to start writing
1977 * @return 0 on success, -ve on failure.
1979 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1980 /* write the file in flash at addr */
1982 unsigned int num_empty = 0, index;
1983 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1984 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1985 || sl->chip_id == STM32_CHIPID_L152_RE) ? 0:0xff;
1986 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1987 if (map_file(&mf, path) == -1) {
1988 ELOG("map_file() == -1\n");
1991 for(index = 0; index < mf.len; index ++) {
1992 if (mf.base[index] == erased_pattern)
1997 /* Round down to words */
1998 num_empty -= (num_empty & 3);
1999 if(num_empty != 0) {
2000 ILOG("Ignoring %d bytes of 0x%02x at end of file\n", num_empty, erased_pattern);
2001 mf.len -= num_empty;
2003 err = stlink_write_flash(sl, addr, mf.base, mf.len);
2005 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
2006 /* Set PC to the reset routine*/
2007 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
2013 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
2017 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
2018 // FIXME This can never return -1
2019 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
2021 ELOG("write_buffer_to_sram() == -1\n");
2025 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2026 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2027 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
2029 size_t count = size / sizeof(uint32_t);
2030 if (size % sizeof(uint32_t)) ++count;
2033 stlink_write_reg(sl, target, 0); /* target */
2034 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
2035 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
2036 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2038 } else if (sl->core_id == STM32VL_CORE_ID ||
2039 sl->core_id == STM32F0_CORE_ID ||
2040 sl->chip_id == STM32_CHIPID_F3 ||
2041 sl->chip_id == STM32_CHIPID_F3_SMALL ||
2042 sl->chip_id == STM32_CHIPID_F303_HIGH ||
2043 sl->chip_id == STM32_CHIPID_F37x ||
2044 sl->chip_id == STM32_CHIPID_F334) {
2046 size_t count = size / sizeof(uint16_t);
2047 if (size % sizeof(uint16_t)) ++count;
2050 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
2051 stlink_write_reg(sl, target, 1); /* target */
2052 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
2053 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
2054 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2056 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
2057 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
2058 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
2060 size_t count = size / sizeof(uint32_t);
2061 if (size % sizeof(uint32_t)) ++count;
2062 if (sl->chip_id == STM32_CHIPID_L4) {
2063 if (count % 2) ++count;
2067 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
2068 stlink_write_reg(sl, target, 1); /* target */
2069 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
2070 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2073 fprintf(stderr, "unknown coreid 0x%x, don't know what flash loader to use\n", sl->core_id);
2080 #define WAIT_ROUNDS 10000
2081 /* wait until done (reaches breakpoint) */
2082 for (i = 0; i < WAIT_ROUNDS; i++) {
2084 if (is_core_halted(sl))
2088 if (i >= WAIT_ROUNDS) {
2089 ELOG("flash loader run error\n");
2093 /* check written byte count */
2094 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2095 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2096 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
2098 size_t count = size / sizeof(uint32_t);
2099 if (size % sizeof(uint32_t)) ++count;
2101 stlink_read_reg(sl, 3, &rr);
2102 if (rr.r[3] != count) {
2103 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
2107 } else if (sl->core_id == STM32VL_CORE_ID ||
2108 sl->core_id == STM32F0_CORE_ID ||
2109 sl->chip_id == STM32_CHIPID_F3 ||
2110 sl->chip_id == STM32_CHIPID_F3_SMALL ||
2111 sl->chip_id == STM32_CHIPID_F303_HIGH ||
2112 sl->chip_id == STM32_CHIPID_F37x ||
2113 sl->chip_id == STM32_CHIPID_F334) {
2115 stlink_read_reg(sl, 2, &rr);
2117 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
2121 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
2122 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
2123 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4) ||
2124 (sl->chip_id == STM32_CHIPID_F4_DSI)) {
2126 stlink_read_reg(sl, 2, &rr);
2128 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
2134 fprintf(stderr, "unknown coreid 0x%x, can't check written byte count\n", sl->core_id);