10 #include <sys/types.h>
14 #include "stlink-common.h"
15 #include "uglylogging.h"
21 /* todo: stm32l15xxx flash memory, pm0062 manual */
23 /* stm32f FPEC flash controller interface, pm0063 manual */
24 // TODO - all of this needs to be abstracted out....
25 // STM32F05x is identical, based on RM0091 (DM00031936, Doc ID 018940 Rev 2, August 2012)
26 #define FLASH_REGS_ADDR 0x40022000
27 #define FLASH_REGS_SIZE 0x28
29 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
30 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
31 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
32 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
33 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
34 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
35 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
37 // For STM32F05x, the RDPTR_KEY may be wrong, but as it is not used anywhere...
38 #define FLASH_RDPTR_KEY 0x00a5
39 #define FLASH_KEY1 0x45670123
40 #define FLASH_KEY2 0xcdef89ab
42 #define FLASH_SR_BSY 0
43 #define FLASH_SR_EOP 5
46 #define FLASH_CR_PER 1
47 #define FLASH_CR_MER 2
48 #define FLASH_CR_STRT 6
49 #define FLASH_CR_LOCK 7
52 //32L = 32F1 same CoreID as 32F4!
53 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
54 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
55 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
56 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
57 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
58 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
59 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
60 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
61 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
62 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
63 #define FLASH_L1_FPRG 10
64 #define FLASH_L1_PROG 3
66 //32L4 register base is at FLASH_REGS_ADDR (0x40022000)
67 #define STM32L4_FLASH_KEYR (FLASH_REGS_ADDR + 0x08)
68 #define STM32L4_FLASH_SR (FLASH_REGS_ADDR + 0x10)
69 #define STM32L4_FLASH_CR (FLASH_REGS_ADDR + 0x14)
70 #define STM32L4_FLASH_OPTR (FLASH_REGS_ADDR + 0x20)
72 #define STM32L4_FLASH_SR_BSY 16
73 #define STM32L4_FLASH_SR_ERRMASK 0x3f8 /* SR [9:3] */
75 #define STM32L4_FLASH_CR_LOCK 31 /* Lock control register */
76 #define STM32L4_FLASH_CR_PG 0 /* Program */
77 #define STM32L4_FLASH_CR_PER 1 /* Page erase */
78 #define STM32L4_FLASH_CR_MER1 2 /* Bank 1 erase */
79 #define STM32L4_FLASH_CR_MER2 15 /* Bank 2 erase */
80 #define STM32L4_FLASH_CR_STRT 16 /* Start command */
81 #define STM32L4_FLASH_CR_BKER 11 /* Bank select for page erase */
82 #define STM32L4_FLASH_CR_PNB 3 /* Page number (8 bits) */
83 // Bits requesting flash operations (useful when we want to clear them)
84 #define STM32L4_FLASH_CR_OPBITS \
85 ((1lu<<STM32L4_FLASH_CR_PG) | (1lu<<STM32L4_FLASH_CR_PER) \
86 | (1lu<<STM32L4_FLASH_CR_MER1) | (1lu<<STM32L4_FLASH_CR_MER1))
87 // Page is fully specified by BKER and PNB
88 #define STM32L4_FLASH_CR_PAGEMASK (0x1fflu << STM32L4_FLASH_CR_PNB)
90 #define STM32L4_FLASH_OPTR_DUALBANK 21
92 //STM32L0x flash register base and offsets
94 // RM0090 - DM00031020.pdf
95 #define STM32L0_FLASH_REGS_ADDR ((uint32_t)0x40022000)
96 #define FLASH_ACR_OFF ((uint32_t) 0x00)
97 #define FLASH_PECR_OFF ((uint32_t) 0x04)
98 #define FLASH_PDKEYR_OFF ((uint32_t) 0x08)
99 #define FLASH_PEKEYR_OFF ((uint32_t) 0x0c)
100 #define FLASH_PRGKEYR_OFF ((uint32_t) 0x10)
101 #define FLASH_OPTKEYR_OFF ((uint32_t) 0x14)
102 #define FLASH_SR_OFF ((uint32_t) 0x18)
103 #define FLASH_OBR_OFF ((uint32_t) 0x1c)
104 #define FLASH_WRPR_OFF ((uint32_t) 0x20)
109 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
110 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
111 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
112 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
113 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
114 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
115 #define FLASH_F4_CR_STRT 16
116 #define FLASH_F4_CR_LOCK 31
117 #define FLASH_F4_CR_SER 1
118 #define FLASH_F4_CR_SNB 3
119 #define FLASH_F4_CR_SNB_MASK 0xf8
120 #define FLASH_F4_SR_BSY 16
122 #define L1_WRITE_BLOCK_SIZE 0x80
123 #define L0_WRITE_BLOCK_SIZE 0x40
125 void write_uint32(unsigned char* buf, uint32_t ui) {
126 if (!is_bigendian()) { // le -> le (don't swap)
127 buf[0] = ((unsigned char*) &ui)[0];
128 buf[1] = ((unsigned char*) &ui)[1];
129 buf[2] = ((unsigned char*) &ui)[2];
130 buf[3] = ((unsigned char*) &ui)[3];
132 buf[0] = ((unsigned char*) &ui)[3];
133 buf[1] = ((unsigned char*) &ui)[2];
134 buf[2] = ((unsigned char*) &ui)[1];
135 buf[3] = ((unsigned char*) &ui)[0];
139 void write_uint16(unsigned char* buf, uint16_t ui) {
140 if (!is_bigendian()) { // le -> le (don't swap)
141 buf[0] = ((unsigned char*) &ui)[0];
142 buf[1] = ((unsigned char*) &ui)[1];
144 buf[0] = ((unsigned char*) &ui)[1];
145 buf[1] = ((unsigned char*) &ui)[0];
149 uint32_t read_uint32(const unsigned char *c, const int pt) {
151 char *p = (char *) &ui;
153 if (!is_bigendian()) { // le -> le (don't swap)
167 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
169 stlink_read_debug32(sl, FLASH_WRPR, &rdp);
173 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
175 stlink_read_debug32(sl, FLASH_WRPR, &wrpr);
179 static inline uint32_t read_flash_obr(stlink_t *sl) {
181 stlink_read_debug32(sl, FLASH_OBR, &obr);
185 static inline uint32_t read_flash_cr(stlink_t *sl) {
187 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||(sl->chip_id == STM32_CHIPID_F4_DE) ||
188 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
189 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
190 stlink_read_debug32(sl, FLASH_F4_CR, &res);
191 else if (sl->chip_id == STM32_CHIPID_L4)
192 stlink_read_debug32(sl, STM32L4_FLASH_CR, &res);
194 stlink_read_debug32(sl, FLASH_CR, &res);
196 fprintf(stdout, "CR:0x%x\n", res);
201 static inline unsigned int is_flash_locked(stlink_t *sl) {
202 /* return non zero for true */
203 uint32_t cr = read_flash_cr(sl);
205 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
206 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
207 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
208 return cr & (1 << FLASH_F4_CR_LOCK);
209 else if (sl->chip_id == STM32_CHIPID_L4)
210 return cr & (1lu << STM32L4_FLASH_CR_LOCK);
212 return cr & (1 << FLASH_CR_LOCK);
215 static void unlock_flash(stlink_t *sl) {
216 /* the unlock sequence consists of 2 write cycles where
217 2 key values are written to the FLASH_KEYR register.
218 an invalid sequence results in a definitive lock of
219 the FPEC block until next reset.
221 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
222 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
223 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
224 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
225 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
226 } else if (sl->chip_id == STM32_CHIPID_L4) {
227 stlink_write_debug32(sl, STM32L4_FLASH_KEYR, FLASH_KEY1);
228 stlink_write_debug32(sl, STM32L4_FLASH_KEYR, FLASH_KEY2);
230 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
231 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
236 static int unlock_flash_if(stlink_t *sl) {
237 /* unlock flash if already locked */
239 if (is_flash_locked(sl)) {
241 if (is_flash_locked(sl)) {
242 WLOG("Failed to unlock flash!\n");
246 DLOG("Successfully unlocked flash\n");
250 static void lock_flash(stlink_t *sl) {
251 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
252 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
253 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
254 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
255 stlink_write_debug32(sl, FLASH_F4_CR, n);
256 } else if (sl->chip_id == STM32_CHIPID_L4) {
257 const uint32_t n = read_flash_cr(sl) | (1lu << STM32L4_FLASH_CR_LOCK);
258 stlink_write_debug32(sl, STM32L4_FLASH_CR, n);
260 /* write to 1 only. reset by hw at unlock sequence */
261 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
262 stlink_write_debug32(sl, FLASH_CR, n);
267 static void set_flash_cr_pg(stlink_t *sl) {
268 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
269 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
270 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
271 uint32_t x = read_flash_cr(sl);
272 x |= (1 << FLASH_CR_PG);
273 stlink_write_debug32(sl, FLASH_F4_CR, x);
274 } else if (sl->chip_id == STM32_CHIPID_L4) {
275 uint32_t x = read_flash_cr(sl);
276 x &=~ STM32L4_FLASH_CR_OPBITS;
277 x |= (1 << STM32L4_FLASH_CR_PG);
278 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
280 const uint32_t n = 1 << FLASH_CR_PG;
281 stlink_write_debug32(sl, FLASH_CR, n);
285 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
286 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
287 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
288 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
289 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
290 stlink_write_debug32(sl, FLASH_F4_CR, n);
292 stlink_write_debug32(sl, FLASH_CR, n);
295 static void set_flash_cr_per(stlink_t *sl) {
296 const uint32_t n = 1 << FLASH_CR_PER;
297 stlink_write_debug32(sl, FLASH_CR, n);
300 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
301 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
302 stlink_write_debug32(sl, FLASH_CR, n);
305 static void set_flash_cr_mer(stlink_t *sl) {
307 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
308 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
309 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
310 stlink_read_debug32(sl, FLASH_F4_CR, &val);
311 val |= 1 << FLASH_CR_MER;
312 stlink_write_debug32(sl, FLASH_F4_CR, val);
313 } else if (sl->chip_id == STM32_CHIPID_L4) {
314 stlink_read_debug32(sl, STM32L4_FLASH_CR, &val);
315 val &=~ STM32L4_FLASH_CR_OPBITS;
316 val |= (1lu << STM32L4_FLASH_CR_MER1) | (1lu << STM32L4_FLASH_CR_MER2);
317 stlink_write_debug32(sl, STM32L4_FLASH_CR, val);
319 stlink_read_debug32(sl, FLASH_CR, &val);
320 val |= 1 << FLASH_CR_MER;
321 stlink_write_debug32(sl, FLASH_CR, val);
325 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
327 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
328 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
329 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
330 stlink_read_debug32(sl, FLASH_F4_CR, &val);
331 val &= ~(1 << FLASH_CR_MER);
332 stlink_write_debug32(sl, FLASH_F4_CR, val);
334 stlink_read_debug32(sl, FLASH_CR, &val);
335 val &= ~(1 << FLASH_CR_MER);
336 stlink_write_debug32(sl, FLASH_CR, val);
340 static void set_flash_cr_strt(stlink_t *sl) {
342 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
343 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
344 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
345 val = read_flash_cr(sl);
346 val |= (1 << FLASH_F4_CR_STRT);
347 stlink_write_debug32(sl, FLASH_F4_CR, val);
348 } else if (sl->chip_id == STM32_CHIPID_L4) {
349 val = read_flash_cr(sl);
350 val |= (1lu << STM32L4_FLASH_CR_STRT);
351 stlink_write_debug32(sl, STM32L4_FLASH_CR, val);
353 stlink_read_debug32(sl, FLASH_CR, &val);
354 val |= 1 << FLASH_CR_STRT;
355 stlink_write_debug32(sl, FLASH_CR, val);
359 static inline uint32_t read_flash_acr(stlink_t *sl) {
361 stlink_read_debug32(sl, FLASH_ACR, &acr);
365 static inline uint32_t read_flash_sr(stlink_t *sl) {
367 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
368 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
369 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
370 stlink_read_debug32(sl, FLASH_F4_SR, &res);
371 else if (sl->chip_id == STM32_CHIPID_L4)
372 stlink_read_debug32(sl, STM32L4_FLASH_SR, &res);
374 stlink_read_debug32(sl, FLASH_SR, &res);
375 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
379 static inline unsigned int is_flash_busy(stlink_t *sl) {
380 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
381 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
382 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
383 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
384 else if (sl->chip_id == STM32_CHIPID_L4)
385 return read_flash_sr(sl) & (1 << STM32L4_FLASH_SR_BSY);
387 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
390 static void wait_flash_busy(stlink_t *sl) {
391 /* todo: add some delays here */
392 while (is_flash_busy(sl))
396 static void wait_flash_busy_progress(stlink_t *sl) {
398 fprintf(stdout, "Mass erasing");
400 while (is_flash_busy(sl)) {
404 fprintf(stdout, ".");
408 fprintf(stdout, "\n");
411 static inline unsigned int is_flash_eop(stlink_t *sl) {
412 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
415 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
416 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
417 stlink_write_debug32(sl, FLASH_SR, n);
420 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
421 /* todo: add some delays here */
422 while (is_flash_eop(sl) == 0)
426 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
427 stlink_write_debug32(sl, FLASH_AR, n);
430 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
431 uint32_t x = read_flash_cr(sl);
435 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
437 stlink_write_debug32(sl, FLASH_F4_CR, x);
441 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
442 uint32_t x = read_flash_cr(sl);
443 x &= ~FLASH_F4_CR_SNB_MASK;
444 x |= (n << FLASH_F4_CR_SNB);
445 x |= (1 << FLASH_F4_CR_SER);
447 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
449 stlink_write_debug32(sl, FLASH_F4_CR, x);
452 static inline void write_flash_cr_bker_pnb(stlink_t *sl, uint32_t n) {
453 stlink_write_debug32(sl, STM32L4_FLASH_SR, 0xFFFFFFFF & ~(1<<STM32L4_FLASH_SR_BSY));
454 uint32_t x = read_flash_cr(sl);
455 x &=~ STM32L4_FLASH_CR_OPBITS;
456 x &=~ STM32L4_FLASH_CR_PAGEMASK;
457 x &= ~(1<<STM32L4_FLASH_CR_MER1);
458 x &= ~(1<<STM32L4_FLASH_CR_MER2);
459 x |= (n << STM32L4_FLASH_CR_PNB);
460 x |= (1lu << STM32L4_FLASH_CR_PER);
462 fprintf(stdout, "BKER:PNB:0x%x 0x%x\n", x, n);
464 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
467 // Delegates to the backends...
469 void stlink_close(stlink_t *sl) {
470 DLOG("*** stlink_close ***\n");
471 sl->backend->close(sl);
475 void stlink_exit_debug_mode(stlink_t *sl) {
476 DLOG("*** stlink_exit_debug_mode ***\n");
477 stlink_write_debug32(sl, DHCSR, DBGKEY);
478 sl->backend->exit_debug_mode(sl);
481 void stlink_enter_swd_mode(stlink_t *sl) {
482 DLOG("*** stlink_enter_swd_mode ***\n");
483 sl->backend->enter_swd_mode(sl);
486 // Force the core into the debug mode -> halted state.
487 void stlink_force_debug(stlink_t *sl) {
488 DLOG("*** stlink_force_debug_mode ***\n");
489 sl->backend->force_debug(sl);
492 void stlink_exit_dfu_mode(stlink_t *sl) {
493 DLOG("*** stlink_exit_dfu_mode ***\n");
494 sl->backend->exit_dfu_mode(sl);
497 void stlink_core_id(stlink_t *sl) {
498 DLOG("*** stlink_core_id ***\n");
499 sl->backend->core_id(sl);
501 stlink_print_data(sl);
502 DLOG("core_id = 0x%08x\n", sl->core_id);
506 uint32_t stlink_chip_id(stlink_t *sl) {
508 stlink_read_debug32(sl, 0xE0042000, &chip_id);
510 stlink_read_debug32(sl, 0x40015800, &chip_id); //Try Corex M0 DBGMCU_IDCODE register address
515 * Cortex m3 tech ref manual, CPUID register description
516 * @param sl stlink context
517 * @param cpuid pointer to the result object
519 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
521 stlink_read_debug32(sl, CM3_REG_CPUID, &raw);
522 cpuid->implementer_id = (raw >> 24) & 0x7f;
523 cpuid->variant = (raw >> 20) & 0xf;
524 cpuid->part = (raw >> 4) & 0xfff;
525 cpuid->revision = raw & 0xf;
530 * reads and decodes the flash parameters, as dynamically as possible
532 * @return 0 for success, or -1 for unsupported core type.
534 int stlink_load_device_params(stlink_t *sl) {
535 ILOG("Loading device parameters....\n");
536 const chip_params_t *params = NULL;
538 uint32_t chip_id = stlink_chip_id(sl);
541 sl->chip_id = chip_id & 0xfff;
542 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
543 if (sl->chip_id == 0x411) {
545 stlink_read_debug32(sl, 0xE000ED00, &cpuid);
546 if ((cpuid & 0xfff0) == 0xc240)
550 for (size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
551 if(devices[i].chip_id == sl->chip_id) {
552 params = &devices[i];
556 if (params == NULL) {
557 WLOG("unknown chip id! %#x\n", chip_id);
561 // These are fixed...
562 sl->flash_base = STM32_FLASH_BASE;
563 sl->sram_base = STM32_SRAM_BASE;
564 stlink_read_debug32(sl,(params->flash_size_reg) & ~3, &flash_size);
565 if (params->flash_size_reg & 2)
566 flash_size = flash_size >>16;
567 flash_size = flash_size & 0xffff;
569 if ((sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) && ( flash_size == 0 )) {
570 sl->flash_size = 128 * 1024;
571 } else if (sl->chip_id == STM32_CHIPID_L1_CAT2) {
572 sl->flash_size = (flash_size & 0xff) * 1024;
573 } else if ((sl->chip_id & 0xFFF) == STM32_CHIPID_L1_HIGH) {
574 // 0 is 384k and 1 is 256k
575 if ( flash_size == 0 ) {
576 sl->flash_size = 384 * 1024;
578 sl->flash_size = 256 * 1024;
581 sl->flash_size = flash_size * 1024;
583 sl->flash_pgsz = params->flash_pagesize;
584 sl->sram_size = params->sram_size;
585 sl->sys_base = params->bootrom_base;
586 sl->sys_size = params->bootrom_size;
588 //medium and low devices have the same chipid. ram size depends on flash size.
589 //STM32F100xx datasheet Doc ID 16455 Table 2
590 if(sl->chip_id == STM32_CHIPID_F1_VL_MEDIUM_LOW && sl->flash_size < 64 * 1024){
591 sl->sram_size = 0x1000;
594 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
595 // TODO make note of variable page size here.....
596 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
597 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
602 void stlink_reset(stlink_t *sl) {
603 DLOG("*** stlink_reset ***\n");
604 sl->backend->reset(sl);
607 void stlink_jtag_reset(stlink_t *sl, int value) {
608 DLOG("*** stlink_jtag_reset ***\n");
609 sl->backend->jtag_reset(sl, value);
612 void stlink_run(stlink_t *sl) {
613 DLOG("*** stlink_run ***\n");
614 sl->backend->run(sl);
617 void stlink_status(stlink_t *sl) {
618 DLOG("*** stlink_status ***\n");
619 sl->backend->status(sl);
620 stlink_core_stat(sl);
624 * Decode the version bits, originally from -sg, verified with usb
625 * @param sl stlink context, assumed to contain valid data in the buffer
626 * @param slv output parsed version object
628 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
629 uint32_t b0 = sl->q_buf[0]; //lsb
630 uint32_t b1 = sl->q_buf[1];
631 uint32_t b2 = sl->q_buf[2];
632 uint32_t b3 = sl->q_buf[3];
633 uint32_t b4 = sl->q_buf[4];
634 uint32_t b5 = sl->q_buf[5]; //msb
636 // b0 b1 || b2 b3 | b4 b5
637 // 4b | 6b | 6b || 2B | 2B
638 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
640 slv->stlink_v = (b0 & 0xf0) >> 4;
641 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
642 slv->swim_v = b1 & 0x3f;
643 slv->st_vid = (b3 << 8) | b2;
644 slv->stlink_pid = (b5 << 8) | b4;
648 void stlink_version(stlink_t *sl) {
649 DLOG("*** looking up stlink version\n");
650 sl->backend->version(sl);
651 _parse_version(sl, &sl->version);
653 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
654 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
655 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
656 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
657 DLOG("swim version = 0x%x\n", sl->version.swim_v);
658 if (sl->version.jtag_v == 0) {
659 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
661 if (sl->version.swim_v == 0) {
662 DLOG(" notice: the firmware doesn't support a swim interface\n");
666 int stlink_target_voltage(stlink_t *sl) {
668 DLOG("*** reading target voltage\n");
669 if (sl->backend->target_voltage != NULL) {
670 voltage = sl->backend->target_voltage(sl);
672 DLOG("target voltage = %ldmV\n", voltage);
674 DLOG("error reading target voltage\n");
677 DLOG("reading voltage not supported by backend\n");
682 void stlink_read_debug32(stlink_t *sl, uint32_t addr, uint32_t *data) {
683 sl->backend->read_debug32(sl, addr, data);
684 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
688 void stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
689 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
690 sl->backend->write_debug32(sl, addr, data);
693 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
694 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
696 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
699 sl->backend->write_mem32(sl, addr, len);
702 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
703 DLOG("*** stlink_read_mem32 ***\n");
704 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
705 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
709 sl->backend->read_mem32(sl, addr, len);
712 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
713 DLOG("*** stlink_write_mem8 ***\n");
714 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
715 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
719 sl->backend->write_mem8(sl, addr, len);
722 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
723 DLOG("*** stlink_read_all_regs ***\n");
724 sl->backend->read_all_regs(sl, regp);
727 void stlink_read_all_unsupported_regs(stlink_t *sl, reg *regp) {
728 DLOG("*** stlink_read_all_unsupported_regs ***\n");
729 sl->backend->read_all_unsupported_regs(sl, regp);
732 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
733 DLOG("*** stlink_write_reg\n");
734 sl->backend->write_reg(sl, reg, idx);
737 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
738 DLOG("*** stlink_read_reg\n");
739 DLOG(" (%d) ***\n", r_idx);
741 if (r_idx > 20 || r_idx < 0) {
742 fprintf(stderr, "Error: register index must be in [0..20]\n");
746 sl->backend->read_reg(sl, r_idx, regp);
749 void stlink_read_unsupported_reg(stlink_t *sl, int r_idx, reg *regp) {
752 DLOG("*** stlink_read_unsupported_reg\n");
753 DLOG(" (%d) ***\n", r_idx);
755 /* Convert to values used by DCRSR */
756 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
758 } else if (r_idx == 0x40) { /* FPSCR */
760 } else if (r_idx >= 0x20 && r_idx < 0x40) {
761 r_convert = 0x40 + (r_idx - 0x20);
763 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
767 sl->backend->read_unsupported_reg(sl, r_convert, regp);
770 void stlink_write_unsupported_reg(stlink_t *sl, uint32_t val, int r_idx, reg *regp) {
773 DLOG("*** stlink_write_unsupported_reg\n");
774 DLOG(" (%d) ***\n", r_idx);
776 /* Convert to values used by DCRSR */
777 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
778 r_convert = r_idx; /* The backend function handles this */
779 } else if (r_idx == 0x40) { /* FPSCR */
781 } else if (r_idx >= 0x20 && r_idx < 0x40) {
782 r_convert = 0x40 + (r_idx - 0x20);
784 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
788 sl->backend->write_unsupported_reg(sl, val, r_convert, regp);
791 unsigned int is_core_halted(stlink_t *sl) {
792 /* return non zero if core is halted */
794 return sl->q_buf[0] == STLINK_CORE_HALTED;
797 void stlink_step(stlink_t *sl) {
798 DLOG("*** stlink_step ***\n");
799 sl->backend->step(sl);
802 int stlink_current_mode(stlink_t *sl) {
803 int mode = sl->backend->current_mode(sl);
805 case STLINK_DEV_DFU_MODE:
806 DLOG("stlink current mode: dfu\n");
808 case STLINK_DEV_DEBUG_MODE:
809 DLOG("stlink current mode: debug (jtag or swd)\n");
811 case STLINK_DEV_MASS_MODE:
812 DLOG("stlink current mode: mass\n");
815 DLOG("stlink mode: unknown!\n");
816 return STLINK_DEV_UNKNOWN_MODE;
822 // End of delegates.... Common code below here...
825 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
827 // #define is_bigendian() ( (*(char*)&i) == 0 )
829 inline unsigned int is_bigendian(void) {
830 static volatile const unsigned int i = 1;
831 return *(volatile const char*) &i == 0;
834 uint16_t read_uint16(const unsigned char *c, const int pt) {
836 char *p = (char *) &ui;
838 if (!is_bigendian()) { // le -> le (don't swap)
848 // same as above with entrypoint.
850 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
851 stlink_write_reg(sl, addr, 15); /* pc register */
855 while (is_core_halted(sl) == 0)
859 void stlink_core_stat(stlink_t *sl) {
863 switch (sl->q_buf[0]) {
864 case STLINK_CORE_RUNNING:
865 sl->core_stat = STLINK_CORE_RUNNING;
866 DLOG(" core status: running\n");
868 case STLINK_CORE_HALTED:
869 sl->core_stat = STLINK_CORE_HALTED;
870 DLOG(" core status: halted\n");
873 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
874 fprintf(stderr, " core status: unknown\n");
878 void stlink_print_data(stlink_t * sl) {
879 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
882 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
884 for (int i = 0; i < sl->q_len; i++) {
887 if (sl->q_data_dir == Q_DATA_OUT)
888 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
890 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
893 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
895 fputs("\n\n", stdout);
898 /* memory mapped file */
900 typedef struct mapped_file {
905 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
907 static int map_file(mapped_file_t* mf, const char* path) {
911 const int fd = open(path, O_RDONLY | O_BINARY);
913 fprintf(stderr, "open(%s) == -1\n", path);
917 if (fstat(fd, &st) == -1) {
918 fprintf(stderr, "fstat() == -1\n");
922 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
923 if (mf->base == MAP_FAILED) {
924 fprintf(stderr, "mmap() == MAP_FAILED\n");
928 mf->len = st.st_size;
939 static void unmap_file(mapped_file_t * mf) {
940 munmap((void*) mf->base, mf->len);
941 mf->base = (unsigned char*) MAP_FAILED;
945 /* Limit the block size to compare to 0x1800
946 Anything larger will stall the STLINK2
947 Maybe STLINK V1 needs smaller value!*/
948 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
950 size_t n_cmp = sl->flash_pgsz;
954 for (off = 0; off < mf->len; off += n_cmp) {
957 /* adjust last page size */
958 size_t cmp_size = n_cmp;
959 if ((off + n_cmp) > mf->len)
960 cmp_size = mf->len - off;
962 aligned_size = cmp_size;
963 if (aligned_size & (4 - 1))
964 aligned_size = (cmp_size + 4) & ~(4 - 1);
966 stlink_read_mem32(sl, addr + off, aligned_size);
968 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
975 int stlink_fwrite_sram
976 (stlink_t * sl, const char* path, stm32_addr_t addr) {
977 /* write the file in sram at addr */
982 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
986 if (map_file(&mf, path) == -1) {
987 fprintf(stderr, "map_file() == -1\n");
991 /* check addr range is inside the sram */
992 if (addr < sl->sram_base) {
993 fprintf(stderr, "addr too low\n");
995 } else if ((addr + mf.len) < addr) {
996 fprintf(stderr, "addr overruns\n");
998 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
999 fprintf(stderr, "addr too high\n");
1001 } else if (addr & 3) {
1003 fprintf(stderr, "unaligned addr\n");
1013 /* do the copy by 1k blocks */
1014 for (off = 0; off < len; off += 1024) {
1016 if ((off + size) > len)
1019 memcpy(sl->q_buf, mf.base + off, size);
1021 /* round size if needed */
1025 stlink_write_mem32(sl, addr + off, size);
1029 memcpy(sl->q_buf, mf.base + len, mf.len - len);
1030 stlink_write_mem8(sl, addr + len, mf.len - len);
1033 /* check the file ha been written */
1034 if (check_file(sl, &mf, addr) == -1) {
1035 fprintf(stderr, "check_file() == -1\n");
1042 stlink_read_debug32(sl, addr, &val);
1043 stlink_write_reg(sl, val, 13);
1044 /* Set PC to the reset routine*/
1045 stlink_read_debug32(sl, addr + 4, &val);
1046 stlink_write_reg(sl, val, 15);
1054 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
1055 /* read size bytes from addr to file */
1060 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
1062 fprintf(stderr, "open(%s) == -1\n", path);
1067 size = sl->flash_size;
1069 if (size > sl->flash_size)
1070 size = sl->flash_size;
1072 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1073 for (off = 0; off < size; off += cmp_size) {
1074 size_t aligned_size;
1076 /* adjust last page size */
1077 if ((off + cmp_size) > size)
1078 cmp_size = size - off;
1080 aligned_size = cmp_size;
1081 if (aligned_size & (4 - 1))
1082 aligned_size = (cmp_size + 4) & ~(4 - 1);
1084 stlink_read_mem32(sl, addr + off, aligned_size);
1086 if (write(fd, sl->q_buf, sl->q_len) != (ssize_t) aligned_size) {
1087 fprintf(stderr, "write() != aligned_size\n");
1101 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
1102 /* write the buffer right after the loader */
1103 size_t chunk = size & ~0x3;
1104 size_t rem = size & 0x3;
1106 memcpy(sl->q_buf, buf, chunk);
1107 stlink_write_mem32(sl, fl->buf_addr, chunk);
1110 memcpy(sl->q_buf, buf+chunk, rem);
1111 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
1116 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
1117 uint32_t offset = 0;
1118 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1119 if (flashaddr >= 0x100000) {
1121 flashaddr -= 0x100000;
1123 if (flashaddr<0x4000) return (offset + 0);
1124 else if(flashaddr<0x8000) return(offset + 1);
1125 else if(flashaddr<0xc000) return(offset + 2);
1126 else if(flashaddr<0x10000) return(offset + 3);
1127 else if(flashaddr<0x20000) return(offset + 4);
1128 else return offset + (flashaddr/0x20000) +4;
1132 uint32_t calculate_F7_sectornum(uint32_t flashaddr){
1133 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1134 if(flashaddr<0x20000) return(flashaddr/0x8000);
1135 else if(flashaddr<0x40000) return(4);
1136 else return(flashaddr/0x40000) +4;
1140 // Returns BKER:PNB for the given page address
1141 uint32_t calculate_L4_page(stlink_t *sl, uint32_t flashaddr) {
1144 stlink_read_debug32(sl, STM32L4_FLASH_OPTR, &flashopt);
1145 flashaddr -= STM32_FLASH_BASE;
1146 if (flashopt & (1lu << STM32L4_FLASH_OPTR_DUALBANK)) {
1147 uint32_t banksize = sl->flash_size / 2;
1148 if (flashaddr > banksize) {
1149 flashaddr -= banksize;
1153 // For 1MB chips without the dual-bank option set, the page address will
1154 // overflow into the BKER bit, which gives us the correct bank:page value.
1155 return bker | flashaddr/sl->flash_pgsz;
1158 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
1159 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1160 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
1161 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1162 uint32_t sector=calculate_F4_sectornum(flashaddr);
1166 if (sector<4) sl->flash_pgsz=0x4000;
1167 else if(sector<5) sl->flash_pgsz=0x10000;
1168 else sl->flash_pgsz=0x20000;
1170 else if (sl->chip_id == STM32_CHIPID_F7) {
1171 uint32_t sector=calculate_F7_sectornum(flashaddr);
1172 if (sector<4) sl->flash_pgsz=0x8000;
1173 else if(sector<5) sl->flash_pgsz=0x20000;
1174 else sl->flash_pgsz=0x40000;
1176 return (sl->flash_pgsz);
1180 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
1181 * @param sl stlink context
1182 * @param flashaddr an address in the flash page to erase
1183 * @return 0 on success -ve on failure
1185 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
1187 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1188 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
1189 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4)|| (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1190 /* wait for ongoing op to finish */
1191 wait_flash_busy(sl);
1193 /* unlock if locked */
1194 unlock_flash_if(sl);
1196 /* select the page to erase */
1197 if (sl->chip_id == STM32_CHIPID_L4) {
1198 // calculate the actual bank+page from the address
1199 uint32_t page = calculate_L4_page(sl, flashaddr);
1201 write_flash_cr_bker_pnb(sl, page);
1202 } else if (sl->chip_id == STM32_CHIPID_F7) {
1203 // calculate the actual page from the address
1204 uint32_t sector=calculate_F7_sectornum(flashaddr);
1206 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1208 write_flash_cr_snb(sl, sector);
1210 // calculate the actual page from the address
1211 uint32_t sector=calculate_F4_sectornum(flashaddr);
1213 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1215 //the SNB values for flash sectors in the second bank do not directly follow the values for the first bank on 2mb devices...
1216 if (sector >= 12) sector += 4;
1218 write_flash_cr_snb(sl, sector);
1221 /* start erase operation */
1222 set_flash_cr_strt(sl);
1224 /* wait for completion */
1225 wait_flash_busy(sl);
1227 /* relock the flash */
1228 //todo: fails to program if this is in
1231 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
1233 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1234 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1235 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1238 uint32_t flash_regs_base;
1239 if (sl->chip_id == STM32_CHIPID_L0) {
1240 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1242 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1245 /* check if the locks are set */
1246 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1247 if((val & (1<<0))||(val & (1<<1))) {
1248 /* disable pecr protection */
1249 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1250 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1252 /* check pecr.pelock is cleared */
1253 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1254 if (val & (1 << 0)) {
1255 WLOG("pecr.pelock not clear (%#x)\n", val);
1259 /* unlock program memory */
1260 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1261 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1263 /* check pecr.prglock is cleared */
1264 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1265 if (val & (1 << 1)) {
1266 WLOG("pecr.prglock not clear (%#x)\n", val);
1271 /* set pecr.{erase,prog} */
1272 val |= (1 << 9) | (1 << 3);
1273 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1274 #if 0 /* fix_to_be_confirmed */
1276 /* wait for sr.busy to be cleared
1277 * MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1278 * wrong and we do not need to wait here for clearing the busy bit.
1279 * TEXANE: ok, if experience says so and it works for you, we comment
1280 * it. If someone has a problem, please drop an email.
1283 stlink_read_debug32(sl, STM32L_FLASH_SR, &val)
1284 } while((val & (1 << 0)) != 0);
1286 #endif /* fix_to_be_confirmed */
1288 /* write 0 to the first word of the page to be erased */
1289 stlink_write_debug32(sl, flashaddr, 0);
1291 /* MP: It is better to wait for clearing the busy bit after issuing
1292 page erase command, even though PM0062 recommends to wait before it.
1293 Test shows that a few iterations is performed in the following loop
1294 before busy bit is cleared.*/
1296 stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF, &val);
1297 } while ((val & (1 << 0)) != 0);
1299 /* reset lock bits */
1300 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1301 val |= (1 << 0) | (1 << 1) | (1 << 2);
1302 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1303 } else if (sl->core_id == STM32VL_CORE_ID
1304 || sl->core_id == STM32F0_CORE_ID
1305 || sl->chip_id == STM32_CHIPID_F3
1306 || sl->chip_id == STM32_CHIPID_F3_SMALL
1307 || sl->chip_id == STM32_CHIPID_F303_HIGH
1308 || sl->chip_id == STM32_CHIPID_F37x
1309 || sl->chip_id == STM32_CHIPID_F334) {
1310 /* wait for ongoing op to finish */
1311 wait_flash_busy(sl);
1313 /* unlock if locked */
1314 unlock_flash_if(sl);
1316 /* set the page erase bit */
1317 set_flash_cr_per(sl);
1319 /* select the page to erase */
1320 write_flash_ar(sl, flashaddr);
1322 /* start erase operation, reset by hw with bsy bit */
1323 set_flash_cr_strt(sl);
1325 /* wait for completion */
1326 wait_flash_busy(sl);
1328 /* relock the flash */
1331 WLOG("unknown coreid %x, page erase failed\n", sl->core_id);
1335 /* todo: verify the erased page */
1340 int stlink_erase_flash_mass(stlink_t *sl) {
1341 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1342 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1343 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1344 /* erase each page */
1345 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1346 for (i = 0; i < num_pages; i++) {
1347 /* addr must be an addr inside the page */
1348 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1349 if (stlink_erase_flash_page(sl, addr) == -1) {
1350 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1353 fprintf(stdout,"\rFlash page at %5d/%5d erased", i, num_pages);
1356 fprintf(stdout, "\n");
1358 /* wait for ongoing op to finish */
1359 wait_flash_busy(sl);
1361 /* unlock if locked */
1362 unlock_flash_if(sl);
1364 /* set the mass erase bit */
1365 set_flash_cr_mer(sl);
1367 /* start erase operation, reset by hw with bsy bit */
1368 set_flash_cr_strt(sl);
1370 /* wait for completion */
1371 wait_flash_busy_progress(sl);
1373 /* relock the flash */
1376 /* todo: verify the erased memory */
1381 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1384 /* allocate the loader in sram */
1385 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1386 WLOG("Failed to write flash loader to sram!\n");
1390 /* allocate a one page buffer in sram right after loader */
1391 fl->buf_addr = fl->loader_addr + size;
1392 ILOG("Successfully loaded flash loader in sram\n");
1396 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1397 /* from openocd, contrib/loaders/flash/stm32.s */
1398 static const uint8_t loader_code_stm32vl[] = {
1399 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1400 0x1c, 0x44, /* add r4, r3 */
1401 /* write_half_word: */
1402 0x01, 0x23, /* movs r3, #0x01 */
1403 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1404 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1405 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1407 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1408 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1409 0xfb, 0xd0, /* beq busy */
1410 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1411 0x01, 0xd1, /* bne exit */
1412 0x01, 0x3a, /* subs r2, r2, #0x01 */
1413 0xf0, 0xd1, /* bne write_half_word */
1415 0x00, 0xbe, /* bkpt #0x00 */
1416 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1419 /* flashloaders/stm32f0.s -- thumb1 only, same sequence as for STM32VL, bank ignored */
1420 static const uint8_t loader_code_stm32f0[] = {
1423 * These two NOPs here are a safety precaution, added by Pekka Nikander
1424 * while debugging the STM32F05x support. They may not be needed, but
1425 * there were strange problems with simpler programs, like a program
1426 * that had just a breakpoint or a program that first moved zero to register r2
1427 * and then had a breakpoint. So, it appears safest to have these two nops.
1429 * Feel free to remove them, if you dare, but then please do test the result
1430 * rigorously. Also, if you remove these, it may be a good idea first to
1431 * #if 0 them out, with a comment when these were taken out, and to remove
1432 * these only a few months later... But YMMV.
1434 0x00, 0x30, // nop /* add r0,#0 */
1435 0x00, 0x30, // nop /* add r0,#0 */
1437 0x0A, 0x4C, // ldr r4, STM32_FLASH_BASE
1438 0x01, 0x25, // mov r5, #1 /* FLASH_CR_PG, FLASH_SR_BUSY */
1439 0x04, 0x26, // mov r6, #4 /* PGERR */
1441 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1442 0x2B, 0x43, // orr r3, r5
1443 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR |= FLASH_CR_PG */
1444 0x03, 0x88, // ldrh r3, [r0] /* r3 = *sram */
1445 0x0B, 0x80, // strh r3, [r1] /* *flash = r3 */
1447 0xE3, 0x68, // ldr r3, [r4, #12] /* FLASH->SR */
1448 0x2B, 0x42, // tst r3, r5 /* FLASH_SR_BUSY */
1449 0xFC, 0xD0, // beq busy
1451 0x33, 0x42, // tst r3, r6 /* PGERR */
1452 0x04, 0xD1, // bne exit
1454 0x02, 0x30, // add r0, r0, #2 /* sram += 2 */
1455 0x02, 0x31, // add r1, r1, #2 /* flash += 2 */
1456 0x01, 0x3A, // sub r2, r2, #0x01 /* count-- */
1457 0x00, 0x2A, // cmp r2, #0
1458 0xF0, 0xD1, // bne write_half_word
1460 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1461 0xAB, 0x43, // bic r3, r5
1462 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR &= ~FLASH_CR_PG */
1463 0x00, 0xBE, // bkpt #0x00
1464 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1467 static const uint8_t loader_code_stm32l[] = {
1469 /* openocd.git/contrib/loaders/flash/stm32lx.S
1470 r0, input, dest addr
1471 r1, input, source addr
1472 r2, input, word count
1473 r3, output, word count
1479 0x51, 0xf8, 0x04, 0xcb,
1480 0x40, 0xf8, 0x04, 0xcb,
1488 static const uint8_t loader_code_stm32l0[] = {
1491 r0, input, dest addr
1492 r1, input, source addr
1493 r2, input, word count
1494 r3, output, word count
1511 static const uint8_t loader_code_stm32f4[] = {
1512 // flashloaders/stm32f4.s
1521 0x14, 0xf0, 0x01, 0x0f,
1523 0x00, 0xf1, 0x04, 0x00,
1524 0x01, 0xf1, 0x04, 0x01,
1525 0xa2, 0xf1, 0x01, 0x02,
1530 0x00, 0x3c, 0x02, 0x40,
1533 static const uint8_t loader_code_stm32f4_lv[] = {
1534 // flashloaders/stm32f4lv.s
1543 0x14, 0xf0, 0x01, 0x0f,
1545 0x00, 0xf1, 0x01, 0x00,
1546 0x01, 0xf1, 0x01, 0x01,
1547 0xa2, 0xf1, 0x01, 0x02,
1553 0x00, 0x3c, 0x02, 0x40,
1556 static const uint8_t loader_code_stm32l4[] = {
1557 // flashloaders/stm32l4.s
1558 0x08, 0x4b, // start: ldr r3, [pc, #32] ; <flash_base>
1559 0x72, 0xb1, // next: cbz r2, <done>
1560 0x04, 0x68, // ldr r4, [r0, #0]
1561 0x45, 0x68, // ldr r5, [r0, #4]
1562 0x0c, 0x60, // str r4, [r1, #0]
1563 0x4d, 0x60, // str r5, [r1, #4]
1564 0x5c, 0x8a, // wait: ldrh r4, [r3, #18]
1565 0x14, 0xf0, 0x01, 0x0f, // tst.w r4, #1
1566 0xfb, 0xd1, // bne.n <wait>
1567 0x00, 0xf1, 0x08, 0x00, // add.w r0, r0, #8
1568 0x01, 0xf1, 0x08, 0x01, // add.w r1, r1, #8
1569 0xa2, 0xf1, 0x02, 0x02, // add.w r2, r2, #2
1570 0xef, 0xe7, // b.n <next>
1571 0x00, 0xbe, // done: bkpt 0x0000
1572 0x00, 0x20, 0x02, 0x40 // flash_base: .word 0x40022000
1575 static const uint8_t loader_code_stm32f7[] = {
1580 0xbf, 0xf3, 0x4f, 0x8f, // DSB Memory barrier for in order flash write
1582 0x14, 0xf0, 0x01, 0x0f,
1584 0x00, 0xf1, 0x04, 0x00,
1585 0x01, 0xf1, 0x04, 0x01,
1586 0xa2, 0xf1, 0x01, 0x02,
1588 0x00, 0xbe, // bkpt #0x00
1589 0x00, 0x3c, 0x02, 0x40,
1592 const uint8_t* loader_code;
1595 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1596 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1597 || sl->chip_id == STM32_CHIPID_L152_RE) { /* stm32l */
1598 loader_code = loader_code_stm32l;
1599 loader_size = sizeof(loader_code_stm32l);
1600 } else if (sl->core_id == STM32VL_CORE_ID
1601 || sl->chip_id == STM32_CHIPID_F3
1602 || sl->chip_id == STM32_CHIPID_F3_SMALL
1603 || sl->chip_id == STM32_CHIPID_F303_HIGH
1604 || sl->chip_id == STM32_CHIPID_F37x
1605 || sl->chip_id == STM32_CHIPID_F334) {
1606 loader_code = loader_code_stm32vl;
1607 loader_size = sizeof(loader_code_stm32vl);
1608 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1609 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
1610 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F4_DSI)){
1611 int voltage = stlink_target_voltage(sl);
1612 if (voltage == -1) {
1613 printf("Failed to read Target voltage\n");
1615 } else if (voltage > 2700) {
1616 loader_code = loader_code_stm32f4;
1617 loader_size = sizeof(loader_code_stm32f4);
1619 loader_code = loader_code_stm32f4_lv;
1620 loader_size = sizeof(loader_code_stm32f4_lv);
1622 } else if (sl->chip_id == STM32_CHIPID_F7){
1623 loader_code = loader_code_stm32f7;
1624 loader_size = sizeof(loader_code_stm32f7);
1625 } else if (sl->chip_id == STM32_CHIPID_F0 || sl->chip_id == STM32_CHIPID_F04 || sl->chip_id == STM32_CHIPID_F0_CAN || sl->chip_id == STM32_CHIPID_F0_SMALL || sl->chip_id == STM32_CHIPID_F09X) {
1626 loader_code = loader_code_stm32f0;
1627 loader_size = sizeof(loader_code_stm32f0);
1628 } else if (sl->chip_id == STM32_CHIPID_L0) {
1629 loader_code = loader_code_stm32l0;
1630 loader_size = sizeof(loader_code_stm32l0);
1631 } else if (sl->chip_id == STM32_CHIPID_L4) {
1632 loader_code = loader_code_stm32l4;
1633 loader_size = sizeof(loader_code_stm32l4);
1635 ELOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1639 memcpy(sl->q_buf, loader_code, loader_size);
1640 stlink_write_mem32(sl, sl->sram_base, loader_size);
1642 *addr = sl->sram_base;
1643 *size = loader_size;
1649 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1650 /* check the contents of path are at addr */
1653 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1655 if (map_file(&mf, path) == -1)
1658 res = check_file(sl, &mf, addr);
1666 * Verify addr..addr+len is binary identical to base...base+len
1667 * @param sl stlink context
1668 * @param address stm device address
1669 * @param data host side buffer to check against
1670 * @param length how much
1671 * @return 0 for success, -ve for failure
1673 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1675 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1676 ILOG("Starting verification of write complete\n");
1677 for (off = 0; off < length; off += cmp_size) {
1678 size_t aligned_size;
1680 /* adjust last page size */
1681 if ((off + cmp_size) > length)
1682 cmp_size = length - off;
1684 aligned_size = cmp_size;
1685 if (aligned_size & (4 - 1))
1686 aligned_size = (cmp_size + 4) & ~(4 - 1);
1688 stlink_read_mem32(sl, address + off, aligned_size);
1690 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1691 ELOG("Verification of flash failed at offset: %zd\n", off);
1695 ILOG("Flash written and verified! jolly good!\n");
1700 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len, uint32_t pagesize)
1703 unsigned int num_half_pages = len / pagesize;
1705 uint32_t flash_regs_base;
1708 if (sl->chip_id == STM32_CHIPID_L0) {
1709 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1711 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1714 ILOG("Starting Half page flash write for STM32L core id\n");
1715 /* flash loader initialization */
1716 if (init_flash_loader(sl, &fl) == -1) {
1717 WLOG("init_flash_loader() == -1\n");
1720 /* Unlock already done */
1721 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1722 val |= (1 << FLASH_L1_FPRG);
1723 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1725 val |= (1 << FLASH_L1_PROG);
1726 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1728 stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF, &val);
1729 } while ((val & (1 << 0)) != 0);
1731 for (count = 0; count < num_half_pages; count ++) {
1732 if (run_flash_loader(sl, &fl, addr + count * pagesize, base + count * pagesize, pagesize) == -1) {
1733 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * pagesize);
1734 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1735 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1736 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1739 /* wait for sr.busy to be cleared */
1740 if (sl->verbose >= 1) {
1741 /* show progress. writing procedure is slow
1742 and previous errors are misleading */
1743 fprintf(stdout, "\r%3u/%u halfpages written", count + 1, num_half_pages);
1747 stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF, &val);
1748 } while ((val & (1 << 0)) != 0);
1750 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1751 val &= ~(1 << FLASH_L1_PROG);
1752 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1753 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1754 val &= ~(1 << FLASH_L1_FPRG);
1755 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1760 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len, uint8_t eraseonly) {
1763 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1764 len, len, addr, addr);
1765 /* check addr range is inside the flash */
1766 stlink_calculate_pagesize(sl, addr);
1767 if (addr < sl->flash_base) {
1768 ELOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1770 } else if ((addr + len) < addr) {
1771 ELOG("addr overruns\n");
1773 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1774 ELOG("addr too high\n");
1776 } else if (addr & 1) {
1777 ELOG("unaligned addr 0x%x\n", addr);
1779 } else if (len & 1) {
1780 WLOG("unaligned len 0x%x -- padding with zero\n", len);
1782 } else if (addr & (sl->flash_pgsz - 1)) {
1783 ELOG("addr not a multiple of pagesize, not supported\n");
1787 // Make sure we've loaded the context with the chip details
1789 /* erase each page */
1791 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1792 /* addr must be an addr inside the page */
1793 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1794 ELOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1797 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1798 (unsigned long)addr + off);
1802 fprintf(stdout,"\n");
1803 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1804 page_count, sl->flash_pgsz, sl->flash_pgsz);
1809 if ((sl->chip_id == STM32_CHIPID_F2) ||
1810 (sl->chip_id == STM32_CHIPID_F4) ||
1811 (sl->chip_id == STM32_CHIPID_F4_DE) ||
1812 (sl->chip_id == STM32_CHIPID_F4_LP) ||
1813 (sl->chip_id == STM32_CHIPID_F4_HD) ||
1814 (sl->chip_id == STM32_CHIPID_F411RE) ||
1815 (sl->chip_id == STM32_CHIPID_F446) ||
1816 (sl->chip_id == STM32_CHIPID_F7) ||
1817 (sl->chip_id == STM32_CHIPID_L4) ||
1818 (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1819 /* todo: check write operation */
1821 ILOG("Starting Flash write for F2/F4/L4\n");
1822 /* flash loader initialization */
1823 if (init_flash_loader(sl, &fl) == -1) {
1824 ELOG("init_flash_loader() == -1\n");
1828 /* First unlock the cr */
1829 unlock_flash_if(sl);
1831 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1832 if (sl->chip_id != STM32_CHIPID_L4) {
1833 /* set parallelisim to 32 bit*/
1834 int voltage = stlink_target_voltage(sl);
1835 if (voltage == -1) {
1836 printf("Failed to read Target voltage\n");
1838 } else if (voltage > 2700) {
1839 printf("enabling 32-bit flash writes\n");
1840 write_flash_cr_psiz(sl, 2);
1842 printf("Target voltage (%d mV) too low for 32-bit flash, using 8-bit flash writes\n", voltage);
1843 write_flash_cr_psiz(sl, 0);
1846 /* L4 does not have a byte-write mode */
1847 int voltage = stlink_target_voltage(sl);
1848 if (voltage == -1) {
1849 printf("Failed to read Target voltage\n");
1851 } else if (voltage < 1710) {
1852 printf("Target voltage (%d mV) too low for flash writes!\n", voltage);
1857 /* set programming mode */
1858 set_flash_cr_pg(sl);
1860 for(off = 0; off < len;) {
1861 size_t size = len - off > 0x8000 ? 0x8000 : len - off;
1863 printf("size: %zu\n", size);
1865 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1866 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1878 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1879 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1880 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1881 /* use fast word write. todo: half page. */
1883 uint32_t flash_regs_base;
1886 if (sl->chip_id == STM32_CHIPID_L0) {
1887 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1888 pagesize = L0_WRITE_BLOCK_SIZE;
1890 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1891 pagesize = L1_WRITE_BLOCK_SIZE;
1894 /* todo: check write operation */
1896 /* disable pecr protection */
1897 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1898 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1900 /* check pecr.pelock is cleared */
1901 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1902 if (val & (1 << 0)) {
1903 fprintf(stderr, "pecr.pelock not clear\n");
1907 /* unlock program memory */
1908 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1909 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1911 /* check pecr.prglock is cleared */
1912 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1913 if (val & (1 << 1)) {
1914 fprintf(stderr, "pecr.prglock not clear\n");
1918 if (len > pagesize) {
1919 if (stm32l1_write_half_pages(sl, addr, base, len, pagesize) == -1) {
1920 /* This may happen on a blank device! */
1921 WLOG("\nwrite_half_pages failed == -1\n");
1923 off = (len / pagesize)*pagesize;
1927 /* write remainingword in program memory */
1928 for ( ; off < len; off += sizeof(uint32_t)) {
1931 fprintf(stdout, "\r");
1933 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1934 fprintf(stdout, "\r%3zd/%3zd pages written",
1935 off/sl->flash_pgsz, len/sl->flash_pgsz);
1939 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1940 stlink_write_debug32(sl, addr + off, data);
1942 /* wait for sr.busy to be cleared */
1944 stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF, &val);
1945 } while ((val & (1 << 0)) != 0);
1947 /* todo: check redo write operation */
1950 fprintf(stdout, "\n");
1951 /* reset lock bits */
1952 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1953 val |= (1 << 0) | (1 << 1) | (1 << 2);
1954 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1955 } else if (sl->core_id == STM32VL_CORE_ID ||
1956 sl->core_id == STM32F0_CORE_ID ||
1957 sl->chip_id == STM32_CHIPID_F3 ||
1958 sl->chip_id == STM32_CHIPID_F3_SMALL ||
1959 sl->chip_id == STM32_CHIPID_F303_HIGH ||
1960 sl->chip_id == STM32_CHIPID_F334 ||
1961 sl->chip_id == STM32_CHIPID_F37x) {
1962 ILOG("Starting Flash write for VL/F0/F3 core id\n");
1963 /* flash loader initialization */
1964 if (init_flash_loader(sl, &fl) == -1) {
1965 ELOG("init_flash_loader() == -1\n");
1969 int write_block_count = 0;
1970 for (off = 0; off < len; off += sl->flash_pgsz) {
1971 /* adjust last write size */
1972 size_t size = sl->flash_pgsz;
1973 if ((off + sl->flash_pgsz) > len) size = len - off;
1975 /* unlock and set programming mode */
1976 unlock_flash_if(sl);
1977 set_flash_cr_pg(sl);
1978 //DLOG("Finished setting flash cr pg, running loader!\n");
1979 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1980 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1984 if (sl->verbose >= 1) {
1985 /* show progress. writing procedure is slow
1986 and previous errors are misleading */
1987 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
1991 fprintf(stdout, "\n");
1993 ELOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1997 return stlink_verify_write_flash(sl, addr, base, len);
2001 * Write the given binary file into flash at address "addr"
2003 * @param path readable file path, should be binary image
2004 * @param addr where to start writing
2005 * @return 0 on success, -ve on failure.
2007 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
2008 /* write the file in flash at addr */
2010 unsigned int num_empty, index, val;
2011 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2012 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2013 || sl->chip_id == STM32_CHIPID_L152_RE) ? 0:0xff;
2014 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
2015 if (map_file(&mf, path) == -1) {
2016 ELOG("map_file() == -1\n");
2020 for(num_empty = 0; num_empty != mf.len; ++num_empty) {
2021 if (mf.base[--index] != erased_pattern) {
2025 /* Round down to words */
2026 num_empty -= (num_empty & 3);
2027 if(num_empty != 0) {
2028 ILOG("Ignoring %d bytes of 0x%02x at end of file\n", num_empty, erased_pattern);
2030 err = stlink_write_flash(sl, addr, mf.base, num_empty == mf.len? mf.len : mf.len - num_empty, num_empty == mf.len);
2032 stlink_read_debug32(sl, addr, &val);
2033 stlink_write_reg(sl, val, 13);
2034 /* Set PC to the reset routine*/
2035 stlink_read_debug32(sl, addr + 4, &val);
2036 stlink_write_reg(sl, val, 15);
2042 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
2046 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
2047 // FIXME This can never return -1
2048 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
2050 ELOG("write_buffer_to_sram() == -1\n");
2054 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2055 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2056 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
2058 size_t count = size / sizeof(uint32_t);
2059 if (size % sizeof(uint32_t)) ++count;
2062 stlink_write_reg(sl, target, 0); /* target */
2063 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
2064 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
2065 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2067 } else if (sl->core_id == STM32VL_CORE_ID ||
2068 sl->core_id == STM32F0_CORE_ID ||
2069 sl->chip_id == STM32_CHIPID_F3 ||
2070 sl->chip_id == STM32_CHIPID_F3_SMALL ||
2071 sl->chip_id == STM32_CHIPID_F303_HIGH ||
2072 sl->chip_id == STM32_CHIPID_F37x ||
2073 sl->chip_id == STM32_CHIPID_F334) {
2075 size_t count = size / sizeof(uint16_t);
2076 if (size % sizeof(uint16_t)) ++count;
2079 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
2080 stlink_write_reg(sl, target, 1); /* target */
2081 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
2082 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
2083 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2085 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
2086 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
2087 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
2089 size_t count = size / sizeof(uint32_t);
2090 if (size % sizeof(uint32_t)) ++count;
2091 if (sl->chip_id == STM32_CHIPID_L4) {
2092 if (count % 2) ++count;
2096 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
2097 stlink_write_reg(sl, target, 1); /* target */
2098 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
2099 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2102 fprintf(stderr, "unknown coreid 0x%x, don't know what flash loader to use\n", sl->core_id);
2109 #define WAIT_ROUNDS 10000
2110 /* wait until done (reaches breakpoint) */
2111 for (i = 0; i < WAIT_ROUNDS; i++) {
2113 if (is_core_halted(sl))
2117 if (i >= WAIT_ROUNDS) {
2118 ELOG("flash loader run error\n");
2122 /* check written byte count */
2123 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2124 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2125 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
2127 size_t count = size / sizeof(uint32_t);
2128 if (size % sizeof(uint32_t)) ++count;
2130 stlink_read_reg(sl, 3, &rr);
2131 if (rr.r[3] != count) {
2132 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
2136 } else if (sl->core_id == STM32VL_CORE_ID ||
2137 sl->core_id == STM32F0_CORE_ID ||
2138 sl->chip_id == STM32_CHIPID_F3 ||
2139 sl->chip_id == STM32_CHIPID_F3_SMALL ||
2140 sl->chip_id == STM32_CHIPID_F303_HIGH ||
2141 sl->chip_id == STM32_CHIPID_F37x ||
2142 sl->chip_id == STM32_CHIPID_F334) {
2144 stlink_read_reg(sl, 2, &rr);
2146 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
2150 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
2151 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
2152 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4) ||
2153 (sl->chip_id == STM32_CHIPID_F4_DSI)) {
2155 stlink_read_reg(sl, 2, &rr);
2157 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
2163 fprintf(stderr, "unknown coreid 0x%x, can't check written byte count\n", sl->core_id);