10 #include <sys/types.h>
14 #include "stlink-common.h"
15 #include "uglylogging.h"
22 #define LOG_TAG __FILE__
23 #define DLOG(format, args...) ugly_log(UDEBUG, LOG_TAG, format, ## args)
24 #define ILOG(format, args...) ugly_log(UINFO, LOG_TAG, format, ## args)
25 #define WLOG(format, args...) ugly_log(UWARN, LOG_TAG, format, ## args)
26 #define ELOG(format, args...) ugly_log(UERROR, LOG_TAG, format, ## args)
27 #define fatal(format, args...) ugly_log(UFATAL, LOG_TAG, format, ## args)
29 /* todo: stm32l15xxx flash memory, pm0062 manual */
31 /* stm32f FPEC flash controller interface, pm0063 manual */
32 // TODO - all of this needs to be abstracted out....
33 // STM32F05x is identical, based on RM0091 (DM00031936, Doc ID 018940 Rev 2, August 2012)
34 #define FLASH_REGS_ADDR 0x40022000
35 #define FLASH_REGS_SIZE 0x28
37 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
38 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
39 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
40 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
41 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
42 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
43 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
45 // For STM32F05x, the RDPTR_KEY may be wrong, but as it is not used anywhere...
46 #define FLASH_RDPTR_KEY 0x00a5
47 #define FLASH_KEY1 0x45670123
48 #define FLASH_KEY2 0xcdef89ab
50 #define FLASH_SR_BSY 0
51 #define FLASH_SR_EOP 5
54 #define FLASH_CR_PER 1
55 #define FLASH_CR_MER 2
56 #define FLASH_CR_STRT 6
57 #define FLASH_CR_LOCK 7
60 //32L = 32F1 same CoreID as 32F4!
61 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
62 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
63 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
64 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
65 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
66 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
67 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
68 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
69 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
70 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
71 #define FLASH_L1_FPRG 10
72 #define FLASH_L1_PROG 3
76 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
77 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
78 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
79 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
80 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
81 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
82 #define FLASH_F4_CR_STRT 16
83 #define FLASH_F4_CR_LOCK 31
84 #define FLASH_F4_CR_SER 1
85 #define FLASH_F4_CR_SNB 3
86 #define FLASH_F4_CR_SNB_MASK 0x38
87 #define FLASH_F4_SR_BSY 16
90 void write_uint32(unsigned char* buf, uint32_t ui) {
91 if (!is_bigendian()) { // le -> le (don't swap)
92 buf[0] = ((unsigned char*) &ui)[0];
93 buf[1] = ((unsigned char*) &ui)[1];
94 buf[2] = ((unsigned char*) &ui)[2];
95 buf[3] = ((unsigned char*) &ui)[3];
97 buf[0] = ((unsigned char*) &ui)[3];
98 buf[1] = ((unsigned char*) &ui)[2];
99 buf[2] = ((unsigned char*) &ui)[1];
100 buf[3] = ((unsigned char*) &ui)[0];
104 void write_uint16(unsigned char* buf, uint16_t ui) {
105 if (!is_bigendian()) { // le -> le (don't swap)
106 buf[0] = ((unsigned char*) &ui)[0];
107 buf[1] = ((unsigned char*) &ui)[1];
109 buf[0] = ((unsigned char*) &ui)[1];
110 buf[1] = ((unsigned char*) &ui)[0];
114 uint32_t read_uint32(const unsigned char *c, const int pt) {
116 char *p = (char *) &ui;
118 if (!is_bigendian()) { // le -> le (don't swap)
132 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
133 return stlink_read_debug32(sl, FLASH_WRPR) & 0xff;
136 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
137 return stlink_read_debug32(sl, FLASH_WRPR);
140 static inline uint32_t read_flash_obr(stlink_t *sl) {
141 return stlink_read_debug32(sl, FLASH_OBR);
144 static inline uint32_t read_flash_cr(stlink_t *sl) {
146 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
147 (sl->chip_id == STM32_CHIPID_F4_LP))
148 res = stlink_read_debug32(sl, FLASH_F4_CR);
150 res = stlink_read_debug32(sl, FLASH_CR);
152 fprintf(stdout, "CR:0x%x\n", res);
157 static inline unsigned int is_flash_locked(stlink_t *sl) {
158 /* return non zero for true */
159 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
160 (sl->chip_id == STM32_CHIPID_F4_LP))
161 return read_flash_cr(sl) & (1 << FLASH_F4_CR_LOCK);
163 return read_flash_cr(sl) & (1 << FLASH_CR_LOCK);
166 static void unlock_flash(stlink_t *sl) {
167 /* the unlock sequence consists of 2 write cycles where
168 2 key values are written to the FLASH_KEYR register.
169 an invalid sequence results in a definitive lock of
170 the FPEC block until next reset.
172 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
173 (sl->chip_id == STM32_CHIPID_F4_LP)) {
174 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
175 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
177 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
178 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
183 static int unlock_flash_if(stlink_t *sl) {
184 /* unlock flash if already locked */
186 if (is_flash_locked(sl)) {
188 if (is_flash_locked(sl)) {
189 WLOG("Failed to unlock flash!\n");
193 DLOG("Successfully unlocked flash\n");
197 static void lock_flash(stlink_t *sl) {
198 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
199 (sl->chip_id == STM32_CHIPID_F4_LP)) {
200 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
201 stlink_write_debug32(sl, FLASH_F4_CR, n);
203 /* write to 1 only. reset by hw at unlock sequence */
204 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
205 stlink_write_debug32(sl, FLASH_CR, n);
210 static void set_flash_cr_pg(stlink_t *sl) {
211 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
212 (sl->chip_id == STM32_CHIPID_F4_LP)) {
213 uint32_t x = read_flash_cr(sl);
214 x |= (1 << FLASH_CR_PG);
215 stlink_write_debug32(sl, FLASH_F4_CR, x);
217 const uint32_t n = 1 << FLASH_CR_PG;
218 stlink_write_debug32(sl, FLASH_CR, n);
222 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
223 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
224 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
225 (sl->chip_id == STM32_CHIPID_F4_LP))
226 stlink_write_debug32(sl, FLASH_F4_CR, n);
228 stlink_write_debug32(sl, FLASH_CR, n);
231 static void set_flash_cr_per(stlink_t *sl) {
232 const uint32_t n = 1 << FLASH_CR_PER;
233 stlink_write_debug32(sl, FLASH_CR, n);
236 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
237 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
238 stlink_write_debug32(sl, FLASH_CR, n);
241 static void set_flash_cr_mer(stlink_t *sl) {
242 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
243 (sl->chip_id == STM32_CHIPID_F4_LP))
244 stlink_write_debug32(sl, FLASH_F4_CR,
245 stlink_read_debug32(sl, FLASH_F4_CR) | (1 << FLASH_CR_MER));
247 stlink_write_debug32(sl, FLASH_CR,
248 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_MER));
251 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
252 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
253 (sl->chip_id == STM32_CHIPID_F4_LP))
254 stlink_write_debug32(sl, FLASH_F4_CR,
255 stlink_read_debug32(sl, FLASH_F4_CR) & ~(1 << FLASH_CR_MER));
257 stlink_write_debug32(sl, FLASH_CR,
258 stlink_read_debug32(sl, FLASH_CR) & ~(1 << FLASH_CR_MER));
261 static void set_flash_cr_strt(stlink_t *sl) {
262 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
263 (sl->chip_id == STM32_CHIPID_F4_LP)) {
264 uint32_t x = read_flash_cr(sl);
265 x |= (1 << FLASH_F4_CR_STRT);
266 stlink_write_debug32(sl, FLASH_F4_CR, x);
268 stlink_write_debug32(sl, FLASH_CR,
269 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_STRT) );
273 static inline uint32_t read_flash_acr(stlink_t *sl) {
274 return stlink_read_debug32(sl, FLASH_ACR);
277 static inline uint32_t read_flash_sr(stlink_t *sl) {
279 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
280 (sl->chip_id == STM32_CHIPID_F4_LP))
281 res = stlink_read_debug32(sl, FLASH_F4_SR);
283 res = stlink_read_debug32(sl, FLASH_SR);
284 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
288 static inline unsigned int is_flash_busy(stlink_t *sl) {
289 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
290 (sl->chip_id == STM32_CHIPID_F4_LP))
291 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
293 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
296 static void wait_flash_busy(stlink_t *sl) {
297 /* todo: add some delays here */
298 while (is_flash_busy(sl))
302 static void wait_flash_busy_progress(stlink_t *sl) {
304 fprintf(stdout, "Mass erasing");
306 while (is_flash_busy(sl)) {
310 fprintf(stdout, ".");
314 fprintf(stdout, "\n");
317 static inline unsigned int is_flash_eop(stlink_t *sl) {
318 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
321 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
322 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
323 stlink_write_debug32(sl, FLASH_SR, n);
326 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
327 /* todo: add some delays here */
328 while (is_flash_eop(sl) == 0)
332 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
333 stlink_write_debug32(sl, FLASH_AR, n);
336 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
337 uint32_t x = read_flash_cr(sl);
341 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
343 stlink_write_debug32(sl, FLASH_F4_CR, x);
347 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
348 uint32_t x = read_flash_cr(sl);
349 x &= ~FLASH_F4_CR_SNB_MASK;
350 x |= (n << FLASH_F4_CR_SNB);
351 x |= (1 << FLASH_F4_CR_SER);
353 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
355 stlink_write_debug32(sl, FLASH_F4_CR, x);
360 static void disable_flash_read_protection(stlink_t *sl) {
361 /* erase the option byte area */
368 // Delegates to the backends...
370 void stlink_close(stlink_t *sl) {
371 DLOG("*** stlink_close ***\n");
372 sl->backend->close(sl);
376 void stlink_exit_debug_mode(stlink_t *sl) {
377 DLOG("*** stlink_exit_debug_mode ***\n");
378 stlink_write_debug32(sl, DHCSR, DBGKEY);
379 sl->backend->exit_debug_mode(sl);
382 void stlink_enter_swd_mode(stlink_t *sl) {
383 DLOG("*** stlink_enter_swd_mode ***\n");
384 sl->backend->enter_swd_mode(sl);
387 // Force the core into the debug mode -> halted state.
388 void stlink_force_debug(stlink_t *sl) {
389 DLOG("*** stlink_force_debug_mode ***\n");
390 sl->backend->force_debug(sl);
393 void stlink_exit_dfu_mode(stlink_t *sl) {
394 DLOG("*** stlink_exit_dfu_mode ***\n");
395 sl->backend->exit_dfu_mode(sl);
398 uint32_t stlink_core_id(stlink_t *sl) {
399 DLOG("*** stlink_core_id ***\n");
400 sl->backend->core_id(sl);
402 stlink_print_data(sl);
403 DLOG("core_id = 0x%08x\n", sl->core_id);
407 uint32_t stlink_chip_id(stlink_t *sl) {
408 uint32_t chip_id = stlink_read_debug32(sl, 0xE0042000);
409 if (chip_id == 0) chip_id = stlink_read_debug32(sl, 0x40015800); //Try Corex M0 DBGMCU_IDCODE register address
414 * Cortex m3 tech ref manual, CPUID register description
415 * @param sl stlink context
416 * @param cpuid pointer to the result object
418 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
419 uint32_t raw = stlink_read_debug32(sl, CM3_REG_CPUID);
420 cpuid->implementer_id = (raw >> 24) & 0x7f;
421 cpuid->variant = (raw >> 20) & 0xf;
422 cpuid->part = (raw >> 4) & 0xfff;
423 cpuid->revision = raw & 0xf;
428 * reads and decodes the flash parameters, as dynamically as possible
430 * @return 0 for success, or -1 for unsupported core type.
432 int stlink_load_device_params(stlink_t *sl) {
433 ILOG("Loading device parameters....\n");
434 const chip_params_t *params = NULL;
435 sl->core_id = stlink_core_id(sl);
436 uint32_t chip_id = stlink_chip_id(sl);
438 sl->chip_id = chip_id & 0xfff;
439 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
440 if (sl->chip_id == 0x411) {
441 uint32_t cpuid = stlink_read_debug32(sl, 0xE000ED00);
442 if ((cpuid & 0xfff0) == 0xc240)
446 for (size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
447 if(devices[i].chip_id == sl->chip_id) {
448 params = &devices[i];
452 if (params == NULL) {
453 WLOG("unknown chip id! %#x\n", chip_id);
457 // These are fixed...
458 sl->flash_base = STM32_FLASH_BASE;
459 sl->sram_base = STM32_SRAM_BASE;
461 // read flash size from hardware, if possible...
462 if (sl->chip_id == STM32_CHIPID_F2) {
463 sl->flash_size = 0x100000; /* Use maximum, User must care!*/
464 } else if (sl->chip_id == STM32_CHIPID_F4 ||
465 sl->chip_id == STM32_CHIPID_F4_LP) {
466 sl->flash_size = 0x100000; //todo: RM0090 error; size register same address as unique ID
467 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) {
468 // if the flash size is zero, we assume it is 128k, if not we calculate the real value
469 uint32_t flash_size = stlink_read_debug32(sl,params->flash_size_reg) & 0xffff;
470 if ( flash_size == 0 ) {
471 sl->flash_size = 128 * 1024;
473 sl->flash_size = flash_size * 1024;
475 } else if ((sl->chip_id & 0xFFF) == STM32_CHIPID_L1_HIGH) {
476 uint32_t flash_size = stlink_read_debug32(sl, params->flash_size_reg) & 0x1;
477 // 0 is 384k and 1 is 256k
478 if ( flash_size == 0 ) {
479 sl->flash_size = 384 * 1024;
481 sl->flash_size = 256 * 1024;
484 uint32_t flash_size = stlink_read_debug32(sl, params->flash_size_reg) & 0xffff;
485 sl->flash_size = flash_size * 1024;
487 sl->flash_pgsz = params->flash_pagesize;
488 sl->sram_size = params->sram_size;
489 sl->sys_base = params->bootrom_base;
490 sl->sys_size = params->bootrom_size;
492 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
493 // TODO make note of variable page size here.....
494 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
495 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
500 void stlink_reset(stlink_t *sl) {
501 DLOG("*** stlink_reset ***\n");
502 sl->backend->reset(sl);
505 void stlink_jtag_reset(stlink_t *sl, int value) {
506 DLOG("*** stlink_jtag_reset ***\n");
507 sl->backend->jtag_reset(sl, value);
510 void stlink_run(stlink_t *sl) {
511 DLOG("*** stlink_run ***\n");
512 sl->backend->run(sl);
515 void stlink_status(stlink_t *sl) {
516 DLOG("*** stlink_status ***\n");
517 sl->backend->status(sl);
518 stlink_core_stat(sl);
522 * Decode the version bits, originally from -sg, verified with usb
523 * @param sl stlink context, assumed to contain valid data in the buffer
524 * @param slv output parsed version object
526 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
527 uint32_t b0 = sl->q_buf[0]; //lsb
528 uint32_t b1 = sl->q_buf[1];
529 uint32_t b2 = sl->q_buf[2];
530 uint32_t b3 = sl->q_buf[3];
531 uint32_t b4 = sl->q_buf[4];
532 uint32_t b5 = sl->q_buf[5]; //msb
534 // b0 b1 || b2 b3 | b4 b5
535 // 4b | 6b | 6b || 2B | 2B
536 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
538 slv->stlink_v = (b0 & 0xf0) >> 4;
539 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
540 slv->swim_v = b1 & 0x3f;
541 slv->st_vid = (b3 << 8) | b2;
542 slv->stlink_pid = (b5 << 8) | b4;
546 void stlink_version(stlink_t *sl) {
547 DLOG("*** looking up stlink version\n");
548 sl->backend->version(sl);
549 _parse_version(sl, &sl->version);
551 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
552 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
553 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
554 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
555 DLOG("swim version = 0x%x\n", sl->version.swim_v);
556 if (sl->version.jtag_v == 0) {
557 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
559 if (sl->version.swim_v == 0) {
560 DLOG(" notice: the firmware doesn't support a swim interface\n");
564 uint32_t stlink_read_debug32(stlink_t *sl, uint32_t addr) {
565 uint32_t data = sl->backend->read_debug32(sl, addr);
566 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
570 void stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
571 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
572 sl->backend->write_debug32(sl, addr, data);
575 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
576 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
578 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
581 sl->backend->write_mem32(sl, addr, len);
584 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
585 DLOG("*** stlink_read_mem32 ***\n");
586 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
587 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
591 sl->backend->read_mem32(sl, addr, len);
594 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
595 DLOG("*** stlink_write_mem8 ***\n");
596 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
597 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
601 sl->backend->write_mem8(sl, addr, len);
604 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
605 DLOG("*** stlink_read_all_regs ***\n");
606 sl->backend->read_all_regs(sl, regp);
609 void stlink_read_all_unsupported_regs(stlink_t *sl, reg *regp) {
610 DLOG("*** stlink_read_all_unsupported_regs ***\n");
611 sl->backend->read_all_unsupported_regs(sl, regp);
614 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
615 DLOG("*** stlink_write_reg\n");
616 sl->backend->write_reg(sl, reg, idx);
619 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
620 DLOG("*** stlink_read_reg\n");
621 DLOG(" (%d) ***\n", r_idx);
623 if (r_idx > 20 || r_idx < 0) {
624 fprintf(stderr, "Error: register index must be in [0..20]\n");
628 sl->backend->read_reg(sl, r_idx, regp);
631 void stlink_read_unsupported_reg(stlink_t *sl, int r_idx, reg *regp) {
634 DLOG("*** stlink_read_unsupported_reg\n");
635 DLOG(" (%d) ***\n", r_idx);
637 /* Convert to values used by DCRSR */
638 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
640 } else if (r_idx == 0x40) { /* FPSCR */
642 } else if (r_idx >= 0x20 && r_idx < 0x40) {
643 r_convert = 0x40 + (r_idx - 0x20);
645 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
649 sl->backend->read_unsupported_reg(sl, r_convert, regp);
652 void stlink_write_unsupported_reg(stlink_t *sl, uint32_t val, int r_idx, reg *regp) {
655 DLOG("*** stlink_write_unsupported_reg\n");
656 DLOG(" (%d) ***\n", r_idx);
658 /* Convert to values used by DCRSR */
659 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
660 r_convert = r_idx; /* The backend function handles this */
661 } else if (r_idx == 0x40) { /* FPSCR */
663 } else if (r_idx >= 0x20 && r_idx < 0x40) {
664 r_convert = 0x40 + (r_idx - 0x20);
666 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
670 sl->backend->write_unsupported_reg(sl, val, r_convert, regp);
673 unsigned int is_core_halted(stlink_t *sl) {
674 /* return non zero if core is halted */
676 return sl->q_buf[0] == STLINK_CORE_HALTED;
679 void stlink_step(stlink_t *sl) {
680 DLOG("*** stlink_step ***\n");
681 sl->backend->step(sl);
684 int stlink_current_mode(stlink_t *sl) {
685 int mode = sl->backend->current_mode(sl);
687 case STLINK_DEV_DFU_MODE:
688 DLOG("stlink current mode: dfu\n");
690 case STLINK_DEV_DEBUG_MODE:
691 DLOG("stlink current mode: debug (jtag or swd)\n");
693 case STLINK_DEV_MASS_MODE:
694 DLOG("stlink current mode: mass\n");
697 DLOG("stlink mode: unknown!\n");
698 return STLINK_DEV_UNKNOWN_MODE;
704 // End of delegates.... Common code below here...
707 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
709 // #define is_bigendian() ( (*(char*)&i) == 0 )
711 inline unsigned int is_bigendian(void) {
712 static volatile const unsigned int i = 1;
713 return *(volatile const char*) &i == 0;
716 uint16_t read_uint16(const unsigned char *c, const int pt) {
718 char *p = (char *) &ui;
720 if (!is_bigendian()) { // le -> le (don't swap)
730 // same as above with entrypoint.
732 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
733 stlink_write_reg(sl, addr, 15); /* pc register */
737 while (is_core_halted(sl) == 0)
741 void stlink_core_stat(stlink_t *sl) {
745 switch (sl->q_buf[0]) {
746 case STLINK_CORE_RUNNING:
747 sl->core_stat = STLINK_CORE_RUNNING;
748 DLOG(" core status: running\n");
750 case STLINK_CORE_HALTED:
751 sl->core_stat = STLINK_CORE_HALTED;
752 DLOG(" core status: halted\n");
755 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
756 fprintf(stderr, " core status: unknown\n");
760 void stlink_print_data(stlink_t * sl) {
761 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
764 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
766 for (int i = 0; i < sl->q_len; i++) {
769 if (sl->q_data_dir == Q_DATA_OUT)
770 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
772 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
775 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
777 fputs("\n\n", stdout);
780 /* memory mapped file */
782 typedef struct mapped_file {
787 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
789 static int map_file(mapped_file_t* mf, const char* path) {
793 const int fd = open(path, O_RDONLY | O_BINARY);
795 fprintf(stderr, "open(%s) == -1\n", path);
799 if (fstat(fd, &st) == -1) {
800 fprintf(stderr, "fstat() == -1\n");
804 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
805 if (mf->base == MAP_FAILED) {
806 fprintf(stderr, "mmap() == MAP_FAILED\n");
810 mf->len = st.st_size;
821 static void unmap_file(mapped_file_t * mf) {
822 munmap((void*) mf->base, mf->len);
823 mf->base = (unsigned char*) MAP_FAILED;
827 /* Limit the block size to compare to 0x1800
828 Anything larger will stall the STLINK2
829 Maybe STLINK V1 needs smaller value!*/
830 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
832 size_t n_cmp = sl->flash_pgsz;
836 for (off = 0; off < mf->len; off += n_cmp) {
839 /* adjust last page size */
840 size_t cmp_size = n_cmp;
841 if ((off + n_cmp) > mf->len)
842 cmp_size = mf->len - off;
844 aligned_size = cmp_size;
845 if (aligned_size & (4 - 1))
846 aligned_size = (cmp_size + 4) & ~(4 - 1);
848 stlink_read_mem32(sl, addr + off, aligned_size);
850 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
857 int stlink_fwrite_sram
858 (stlink_t * sl, const char* path, stm32_addr_t addr) {
859 /* write the file in sram at addr */
863 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
866 if (map_file(&mf, path) == -1) {
867 fprintf(stderr, "map_file() == -1\n");
871 /* check addr range is inside the sram */
872 if (addr < sl->sram_base) {
873 fprintf(stderr, "addr too low\n");
875 } else if ((addr + mf.len) < addr) {
876 fprintf(stderr, "addr overruns\n");
878 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
879 fprintf(stderr, "addr too high\n");
881 } else if ((addr & 3) || (mf.len & 3)) {
883 fprintf(stderr, "unaligned addr or size\n");
886 /* do the copy by 1k blocks */
887 for (off = 0; off < mf.len; off += 1024) {
889 if ((off + size) > mf.len)
892 memcpy(sl->q_buf, mf.base + off, size);
894 /* round size if needed */
898 stlink_write_mem32(sl, addr + off, size);
901 /* check the file ha been written */
902 if (check_file(sl, &mf, addr) == -1) {
903 fprintf(stderr, "check_file() == -1\n");
910 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
911 /* Set PC to the reset routine*/
912 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
920 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
921 /* read size bytes from addr to file */
926 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
927 || sl->chip_id == STM32_CHIPID_L1_HIGH) ? 0:0xff;
929 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
931 fprintf(stderr, "open(%s) == -1\n", path);
936 size = sl->flash_size;
938 if (size > sl->flash_size)
939 size = sl->flash_size;
941 /* do the copy by 1k blocks */
942 for (off = 0; off < size; off += 1024) {
943 size_t read_size = 1024;
946 if ((off + read_size) > size)
947 read_size = size - off;
949 /* round size if needed */
950 rounded_size = read_size;
951 if (rounded_size & 3)
952 rounded_size = (rounded_size + 4) & ~(3);
954 stlink_read_mem32(sl, addr + off, rounded_size);
956 for(index = 0; index < read_size; index ++) {
957 if (sl->q_buf[index] == erased_pattern)
962 if (write(fd, sl->q_buf, read_size) != (ssize_t) read_size) {
963 fprintf(stderr, "write() != read_size\n");
968 /* Ignore NULL Bytes at end of file */
969 if (!ftruncate(fd, size - num_empty)) {
982 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
983 /* write the buffer right after the loader */
984 size_t chunk = size & ~0x3;
985 size_t rem = size & 0x3;
987 memcpy(sl->q_buf, buf, chunk);
988 stlink_write_mem32(sl, fl->buf_addr, chunk);
991 memcpy(sl->q_buf, buf+chunk, rem);
992 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
997 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
998 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
999 if (flashaddr<0x4000) return (0);
1000 else if(flashaddr<0x8000) return(1);
1001 else if(flashaddr<0xc000) return(2);
1002 else if(flashaddr<0x10000) return(3);
1003 else if(flashaddr<0x20000) return(4);
1004 else return(flashaddr/0x20000)+4;
1008 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
1009 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
1010 (sl->chip_id == STM32_CHIPID_F4_LP)) {
1011 uint32_t sector=calculate_F4_sectornum(flashaddr);
1012 if (sector<4) sl->flash_pgsz=0x4000;
1013 else if(sector<5) sl->flash_pgsz=0x10000;
1014 else sl->flash_pgsz=0x20000;
1016 return (sl->flash_pgsz);
1020 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
1021 * @param sl stlink context
1022 * @param flashaddr an address in the flash page to erase
1023 * @return 0 on success -ve on failure
1025 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
1027 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
1028 (sl->chip_id == STM32_CHIPID_F4_LP)) {
1029 /* wait for ongoing op to finish */
1030 wait_flash_busy(sl);
1032 /* unlock if locked */
1033 unlock_flash_if(sl);
1035 /* select the page to erase */
1036 // calculate the actual page from the address
1037 uint32_t sector=calculate_F4_sectornum(flashaddr);
1039 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1040 write_flash_cr_snb(sl, sector);
1042 /* start erase operation */
1043 set_flash_cr_strt(sl);
1045 /* wait for completion */
1046 wait_flash_busy(sl);
1048 /* relock the flash */
1049 //todo: fails to program if this is in
1052 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
1054 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1055 || sl->chip_id == STM32_CHIPID_L1_HIGH) {
1059 /* check if the locks are set */
1060 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1061 if((val & (1<<0))||(val & (1<<1))) {
1062 /* disable pecr protection */
1063 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
1064 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
1066 /* check pecr.pelock is cleared */
1067 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1068 if (val & (1 << 0)) {
1069 WLOG("pecr.pelock not clear (%#x)\n", val);
1073 /* unlock program memory */
1074 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
1075 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
1077 /* check pecr.prglock is cleared */
1078 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1079 if (val & (1 << 1)) {
1080 WLOG("pecr.prglock not clear (%#x)\n", val);
1085 /* unused: unlock the option byte block */
1087 stlink_write_debug32(sl, STM32L_FLASH_OPTKEYR, 0xfbead9c8);
1088 stlink_write_debug32(sl, STM32L_FLASH_OPTKEYR, 0x24252627);
1090 /* check pecr.optlock is cleared */
1091 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1092 if (val & (1 << 2)) {
1093 fprintf(stderr, "pecr.prglock not clear\n");
1098 /* set pecr.{erase,prog} */
1099 val |= (1 << 9) | (1 << 3);
1100 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1102 #if 0 /* fix_to_be_confirmed */
1104 /* wait for sr.busy to be cleared
1105 MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1106 wrong and we do not need to wait here for clearing the busy bit.
1107 TEXANE: ok, if experience says so and it works for you, we comment
1108 it. If someone has a problem, please drop an email.
1110 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1113 #endif /* fix_to_be_confirmed */
1115 /* write 0 to the first word of the page to be erased */
1116 stlink_write_debug32(sl, flashaddr, 0);
1118 /* MP: It is better to wait for clearing the busy bit after issuing
1119 page erase command, even though PM0062 recommends to wait before it.
1120 Test shows that a few iterations is performed in the following loop
1121 before busy bit is cleared.*/
1122 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1125 /* reset lock bits */
1126 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1127 | (1 << 0) | (1 << 1) | (1 << 2);
1128 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1129 } else if (sl->core_id == STM32VL_CORE_ID
1130 || sl->core_id == STM32F0_CORE_ID
1131 || sl->chip_id == STM32_CHIPID_F3
1132 || sl->chip_id == STM32_CHIPID_F37x) {
1133 /* wait for ongoing op to finish */
1134 wait_flash_busy(sl);
1136 /* unlock if locked */
1137 unlock_flash_if(sl);
1139 /* set the page erase bit */
1140 set_flash_cr_per(sl);
1142 /* select the page to erase */
1143 write_flash_ar(sl, flashaddr);
1145 /* start erase operation, reset by hw with bsy bit */
1146 set_flash_cr_strt(sl);
1148 /* wait for completion */
1149 wait_flash_busy(sl);
1151 /* relock the flash */
1154 WLOG("unknown coreid %x, page erase failed\n", sl->core_id);
1158 /* todo: verify the erased page */
1163 int stlink_erase_flash_mass(stlink_t *sl) {
1164 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1165 || sl->chip_id == STM32_CHIPID_L1_HIGH) {
1166 /* erase each page */
1167 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1168 for (i = 0; i < num_pages; i++) {
1169 /* addr must be an addr inside the page */
1170 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1171 if (stlink_erase_flash_page(sl, addr) == -1) {
1172 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1175 fprintf(stdout,"\rFlash page at %5d/%5d erased", i, num_pages);
1178 fprintf(stdout, "\n");
1180 /* wait for ongoing op to finish */
1181 wait_flash_busy(sl);
1183 /* unlock if locked */
1184 unlock_flash_if(sl);
1186 /* set the mass erase bit */
1187 set_flash_cr_mer(sl);
1189 /* start erase operation, reset by hw with bsy bit */
1190 set_flash_cr_strt(sl);
1192 /* wait for completion */
1193 wait_flash_busy_progress(sl);
1195 /* relock the flash */
1198 /* todo: verify the erased memory */
1203 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1206 /* allocate the loader in sram */
1207 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1208 WLOG("Failed to write flash loader to sram!\n");
1212 /* allocate a one page buffer in sram right after loader */
1213 fl->buf_addr = fl->loader_addr + size;
1214 ILOG("Successfully loaded flash loader in sram\n");
1218 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1219 /* from openocd, contrib/loaders/flash/stm32.s */
1220 static const uint8_t loader_code_stm32vl[] = {
1221 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1222 0x1c, 0x44, /* add r4, r3 */
1223 /* write_half_word: */
1224 0x01, 0x23, /* movs r3, #0x01 */
1225 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1226 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1227 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1229 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1230 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1231 0xfb, 0xd0, /* beq busy */
1232 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1233 0x01, 0xd1, /* bne exit */
1234 0x01, 0x3a, /* subs r2, r2, #0x01 */
1235 0xf0, 0xd1, /* bne write_half_word */
1237 0x00, 0xbe, /* bkpt #0x00 */
1238 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1241 /* flashloaders/stm32f0.s -- thumb1 only, same sequence as for STM32VL, bank ignored */
1242 static const uint8_t loader_code_stm32f0[] = {
1245 * These two NOPs here are a safety precaution, added by Pekka Nikander
1246 * while debugging the STM32F05x support. They may not be needed, but
1247 * there were strange problems with simpler programs, like a program
1248 * that had just a breakpoint or a program that first moved zero to register r2
1249 * and then had a breakpoint. So, it appears safest to have these two nops.
1251 * Feel free to remove them, if you dare, but then please do test the result
1252 * rigorously. Also, if you remove these, it may be a good idea first to
1253 * #if 0 them out, with a comment when these were taken out, and to remove
1254 * these only a few months later... But YMMV.
1256 0x00, 0x30, // nop /* add r0,#0 */
1257 0x00, 0x30, // nop /* add r0,#0 */
1259 0x0A, 0x4C, // ldr r4, STM32_FLASH_BASE
1260 0x01, 0x25, // mov r5, #1 /* FLASH_CR_PG, FLASH_SR_BUSY */
1261 0x04, 0x26, // mov r6, #4 /* PGERR */
1263 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1264 0x2B, 0x43, // orr r3, r5
1265 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR |= FLASH_CR_PG */
1266 0x03, 0x88, // ldrh r3, [r0] /* r3 = *sram */
1267 0x0B, 0x80, // strh r3, [r1] /* *flash = r3 */
1269 0xE3, 0x68, // ldr r3, [r4, #12] /* FLASH->SR */
1270 0x2B, 0x42, // tst r3, r5 /* FLASH_SR_BUSY */
1271 0xFC, 0xD0, // beq busy
1273 0x33, 0x42, // tst r3, r6 /* PGERR */
1274 0x04, 0xD1, // bne exit
1276 0x02, 0x30, // add r0, r0, #2 /* sram += 2 */
1277 0x02, 0x31, // add r1, r1, #2 /* flash += 2 */
1278 0x01, 0x3A, // sub r2, r2, #0x01 /* count-- */
1279 0x00, 0x2A, // cmp r2, #0
1280 0xF0, 0xD1, // bne write_half_word
1282 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1283 0xAB, 0x43, // bic r3, r5
1284 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR &= ~FLASH_CR_PG */
1285 0x00, 0xBE, // bkpt #0x00
1286 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1289 static const uint8_t loader_code_stm32l[] = {
1291 /* openocd.git/contrib/loaders/flash/stm32lx.S
1292 r0, input, dest addr
1293 r1, input, source addr
1294 r2, input, word count
1295 r3, output, word count
1301 0x51, 0xf8, 0x04, 0xcb,
1302 0x40, 0xf8, 0x04, 0xcb,
1310 static const uint8_t loader_code_stm32f4[] = {
1311 // flashloaders/stm32f4.s
1320 0x14, 0xf0, 0x01, 0x0f,
1322 0x00, 0xf1, 0x04, 0x00,
1323 0x01, 0xf1, 0x04, 0x01,
1324 0xa2, 0xf1, 0x01, 0x02,
1329 0x00, 0x3c, 0x02, 0x40,
1332 const uint8_t* loader_code;
1335 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1336 || sl->chip_id == STM32_CHIPID_L1_HIGH ) { /* stm32l */
1337 loader_code = loader_code_stm32l;
1338 loader_size = sizeof(loader_code_stm32l);
1339 } else if (sl->core_id == STM32VL_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1340 loader_code = loader_code_stm32vl;
1341 loader_size = sizeof(loader_code_stm32vl);
1342 } else if (sl->chip_id == STM32_CHIPID_F2 ||
1343 sl->chip_id == STM32_CHIPID_F4 || sl->chip_id == STM32_CHIPID_F4_LP) {
1344 loader_code = loader_code_stm32f4;
1345 loader_size = sizeof(loader_code_stm32f4);
1346 } else if (sl->chip_id == STM32_CHIPID_F0 || sl->chip_id == STM32_CHIPID_F0_SMALL) {
1347 loader_code = loader_code_stm32f0;
1348 loader_size = sizeof(loader_code_stm32f0);
1350 ELOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1354 memcpy(sl->q_buf, loader_code, loader_size);
1355 stlink_write_mem32(sl, sl->sram_base, loader_size);
1357 *addr = sl->sram_base;
1358 *size = loader_size;
1364 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1365 /* check the contents of path are at addr */
1368 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1370 if (map_file(&mf, path) == -1)
1373 res = check_file(sl, &mf, addr);
1381 * Verify addr..addr+len is binary identical to base...base+len
1382 * @param sl stlink context
1383 * @param address stm device address
1384 * @param data host side buffer to check against
1385 * @param length how much
1386 * @return 0 for success, -ve for failure
1388 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1390 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1391 ILOG("Starting verification of write complete\n");
1392 for (off = 0; off < length; off += cmp_size) {
1393 size_t aligned_size;
1395 /* adjust last page size */
1396 if ((off + cmp_size) > length)
1397 cmp_size = length - off;
1399 aligned_size = cmp_size;
1400 if (aligned_size & (4 - 1))
1401 aligned_size = (cmp_size + 4) & ~(4 - 1);
1403 stlink_read_mem32(sl, address + off, aligned_size);
1405 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1406 ELOG("Verification of flash failed at offset: %zd\n", off);
1410 ILOG("Flash written and verified! jolly good!\n");
1415 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, unsigned num_half_pages)
1421 ILOG("Starting Half page flash write for STM32L core id\n");
1422 /* flash loader initialization */
1423 if (init_flash_loader(sl, &fl) == -1) {
1424 WLOG("init_flash_loader() == -1\n");
1427 /* Unlock already done */
1428 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1429 val |= (1 << FLASH_L1_FPRG);
1430 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1432 val |= (1 << FLASH_L1_PROG);
1433 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1434 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {}
1436 #define L1_WRITE_BLOCK_SIZE 0x80
1437 for (count = 0; count < num_half_pages; count ++) {
1438 if (run_flash_loader(sl, &fl, addr + count * L1_WRITE_BLOCK_SIZE, base + count * L1_WRITE_BLOCK_SIZE, L1_WRITE_BLOCK_SIZE) == -1) {
1439 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * L1_WRITE_BLOCK_SIZE);
1440 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1441 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1442 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1445 /* wait for sr.busy to be cleared */
1446 if (sl->verbose >= 1) {
1447 /* show progress. writing procedure is slow
1448 and previous errors are misleading */
1449 fprintf(stdout, "\r%3u/%u halfpages written", count + 1, num_half_pages);
1452 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {
1455 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1456 val &= ~(1 << FLASH_L1_PROG);
1457 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1458 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1459 val &= ~(1 << FLASH_L1_FPRG);
1460 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1465 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len) {
1468 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1469 len, len, addr, addr);
1470 /* check addr range is inside the flash */
1471 stlink_calculate_pagesize(sl, addr);
1472 if (addr < sl->flash_base) {
1473 ELOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1475 } else if ((addr + len) < addr) {
1476 ELOG("addr overruns\n");
1478 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1479 ELOG("addr too high\n");
1481 } else if (addr & 1) {
1482 ELOG("unaligned addr 0x%x\n", addr);
1484 } else if (len & 1) {
1485 WLOG("unaligned len 0x%x -- padding with zero\n", len);
1487 } else if (addr & (sl->flash_pgsz - 1)) {
1488 ELOG("addr not a multiple of pagesize, not supported\n");
1492 // Make sure we've loaded the context with the chip details
1494 /* erase each page */
1496 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1497 /* addr must be an addr inside the page */
1498 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1499 ELOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1502 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1503 (unsigned long)addr + off);
1507 fprintf(stdout,"\n");
1508 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1509 page_count, sl->flash_pgsz, sl->flash_pgsz);
1511 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
1512 (sl->chip_id == STM32_CHIPID_F4_LP)) {
1513 /* todo: check write operation */
1515 ILOG("Starting Flash write for F2/F4\n");
1516 /* flash loader initialization */
1517 if (init_flash_loader(sl, &fl) == -1) {
1518 ELOG("init_flash_loader() == -1\n");
1522 /* First unlock the cr */
1523 unlock_flash_if(sl);
1525 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1526 /* set parallelisim to 32 bit*/
1527 write_flash_cr_psiz(sl, 2);
1529 /* set programming mode */
1530 set_flash_cr_pg(sl);
1532 for(off = 0; off < len;) {
1533 size_t size = len - off > 0x8000 ? 0x8000 : len - off;
1535 printf("size: %zu\n", size);
1537 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1538 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1546 #define PROGRESS_CHUNK_SIZE 0x1000
1547 /* write a word in program memory */
1548 for (off = 0; off < len; off += sizeof(uint32_t)) {
1550 if (sl->verbose >= 1) {
1551 if ((off & (PROGRESS_CHUNK_SIZE - 1)) == 0) {
1552 /* show progress. writing procedure is slow
1553 and previous errors are misleading */
1554 const uint32_t pgnum = (off / PROGRESS_CHUNK_SIZE)+1;
1555 const uint32_t pgcount = len / PROGRESS_CHUNK_SIZE +1;
1556 fprintf(stdout, "Writing %ukB chunk %u out of %u\n",
1557 PROGRESS_CHUNK_SIZE/1024, pgnum, pgcount);
1561 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1562 stlink_write_debug32(sl, addr + off, data);
1564 /* wait for sr.busy to be cleared */
1565 wait_flash_busy(sl);
1572 #if 0 /* todo: debug mode */
1573 fprintf(stdout, "Final CR:0x%x\n", read_flash_cr(sl));
1578 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1579 || sl->chip_id == STM32_CHIPID_L1_HIGH ) {
1580 /* use fast word write. todo: half page. */
1583 #if 0 /* todo: check write operation */
1585 uint32_t nwrites = sl->flash_pgsz;
1589 #endif /* todo: check write operation */
1591 /* disable pecr protection */
1592 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
1593 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
1595 /* check pecr.pelock is cleared */
1596 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1597 if (val & (1 << 0)) {
1598 fprintf(stderr, "pecr.pelock not clear\n");
1602 /* unlock program memory */
1603 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
1604 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
1606 /* check pecr.prglock is cleared */
1607 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1608 if (val & (1 << 1)) {
1609 fprintf(stderr, "pecr.prglock not clear\n");
1613 if (len > L1_WRITE_BLOCK_SIZE) {
1614 if (stm32l1_write_half_pages(sl, addr, base, len/L1_WRITE_BLOCK_SIZE) == -1) {
1615 /* This may happen on a blank device! */
1616 WLOG("\nwrite_half_pages failed == -1\n");
1618 off = (len /L1_WRITE_BLOCK_SIZE)*L1_WRITE_BLOCK_SIZE;
1622 /* write remainingword in program memory */
1623 for ( ; off < len; off += sizeof(uint32_t)) {
1626 fprintf(stdout, "\r");
1628 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1629 fprintf(stdout, "\r%3zd/%3zd pages written",
1630 off/sl->flash_pgsz, len/sl->flash_pgsz);
1634 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1635 stlink_write_debug32(sl, addr + off, data);
1637 /* wait for sr.busy to be cleared */
1638 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1641 #if 0 /* todo: check redo write operation */
1643 /* check written bytes. todo: should be on a per page basis. */
1644 data = stlink_read_debug32(sl, addr + off);
1645 if (data == *(uint32_t*)(base + off)) {
1646 /* re erase the page and redo the write operation */
1650 /* fail if successive write count too low */
1651 if (nwrites < sl->flash_pgsz) {
1652 fprintf(stderr, "writes operation failure count too high, aborting\n");
1658 /* assume addr aligned */
1659 if (off % sl->flash_pgsz) off &= ~(sl->flash_pgsz - 1);
1662 fprintf(stderr, "invalid write @0x%x(0x%x): 0x%x != 0x%x. retrying.\n",
1663 page, addr + off, read_uint32(base + off, 0), read_uint32(sl->q_buf, 0));
1665 /* reset lock bits */
1666 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1667 | (1 << 0) | (1 << 1) | (1 << 2);
1668 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1670 stlink_erase_flash_page(sl, page);
1675 /* increment successive writes counter */
1678 #endif /* todo: check redo write operation */
1680 fprintf(stdout, "\n");
1681 /* reset lock bits */
1682 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1683 | (1 << 0) | (1 << 1) | (1 << 2);
1684 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1685 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1686 ILOG("Starting Flash write for VL/F0 core id\n");
1687 /* flash loader initialization */
1688 if (init_flash_loader(sl, &fl) == -1) {
1689 ELOG("init_flash_loader() == -1\n");
1693 int write_block_count = 0;
1694 for (off = 0; off < len; off += sl->flash_pgsz) {
1695 /* adjust last write size */
1696 size_t size = sl->flash_pgsz;
1697 if ((off + sl->flash_pgsz) > len) size = len - off;
1699 /* unlock and set programming mode */
1700 unlock_flash_if(sl);
1701 set_flash_cr_pg(sl);
1702 //DLOG("Finished setting flash cr pg, running loader!\n");
1703 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1704 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1708 if (sl->verbose >= 1) {
1709 /* show progress. writing procedure is slow
1710 and previous errors are misleading */
1711 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
1715 fprintf(stdout, "\n");
1717 ELOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1721 return stlink_verify_write_flash(sl, addr, base, len);
1725 * Write the given binary file into flash at address "addr"
1727 * @param path readable file path, should be binary image
1728 * @param addr where to start writing
1729 * @return 0 on success, -ve on failure.
1731 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1732 /* write the file in flash at addr */
1734 unsigned int num_empty = 0, index;
1735 unsigned char erased_pattern =(sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1736 || sl->chip_id == STM32_CHIPID_L1_HIGH )?0:0xff;
1737 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1738 if (map_file(&mf, path) == -1) {
1739 ELOG("map_file() == -1\n");
1742 for(index = 0; index < mf.len; index ++) {
1743 if (mf.base[index] == erased_pattern)
1748 if(num_empty != 0) {
1749 ILOG("Ignoring %d bytes of Zeros at end of file\n",num_empty);
1750 mf.len -= num_empty;
1752 err = stlink_write_flash(sl, addr, mf.base, mf.len);
1754 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1755 /* Set PC to the reset routine*/
1756 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1762 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
1766 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
1767 // FIXME This can never return -1
1768 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
1770 ELOG("write_buffer_to_sram() == -1\n");
1774 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1775 || sl->chip_id == STM32_CHIPID_L1_HIGH ) {
1777 size_t count = size / sizeof(uint32_t);
1778 if (size % sizeof(uint32_t)) ++count;
1781 stlink_write_reg(sl, target, 0); /* target */
1782 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
1783 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1784 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1786 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1788 size_t count = size / sizeof(uint16_t);
1789 if (size % sizeof(uint16_t)) ++count;
1792 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1793 stlink_write_reg(sl, target, 1); /* target */
1794 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
1795 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
1796 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1798 } else if (sl->chip_id == STM32_CHIPID_F2 ||
1799 sl->chip_id == STM32_CHIPID_F4 || sl->chip_id == STM32_CHIPID_F4_LP) {
1801 size_t count = size / sizeof(uint32_t);
1802 if (size % sizeof(uint32_t)) ++count;
1805 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1806 stlink_write_reg(sl, target, 1); /* target */
1807 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1808 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1811 fprintf(stderr, "unknown coreid 0x%x, don't know what flash loader to use\n", sl->core_id);
1818 #define WAIT_ROUNDS 10000
1819 /* wait until done (reaches breakpoint) */
1820 for (i = 0; i < WAIT_ROUNDS; i++) {
1822 if (is_core_halted(sl))
1826 if (i >= WAIT_ROUNDS) {
1827 ELOG("flash loader run error\n");
1831 /* check written byte count */
1832 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1833 || sl->chip_id == STM32_CHIPID_L1_HIGH ) {
1835 size_t count = size / sizeof(uint32_t);
1836 if (size % sizeof(uint32_t)) ++count;
1838 stlink_read_reg(sl, 3, &rr);
1839 if (rr.r[3] != count) {
1840 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
1844 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1846 stlink_read_reg(sl, 2, &rr);
1848 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1852 } else if (sl->chip_id == STM32_CHIPID_F2 ||
1853 sl->chip_id == STM32_CHIPID_F4 || sl->chip_id == STM32_CHIPID_F4_LP) {
1855 stlink_read_reg(sl, 2, &rr);
1857 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1863 fprintf(stderr, "unknown coreid 0x%x, can't check written byte count\n", sl->core_id);