10 #include <sys/types.h>
14 #include "stlink-common.h"
15 #include "uglylogging.h"
21 /* todo: stm32l15xxx flash memory, pm0062 manual */
23 /* stm32f FPEC flash controller interface, pm0063 manual */
24 // TODO - all of this needs to be abstracted out....
25 // STM32F05x is identical, based on RM0091 (DM00031936, Doc ID 018940 Rev 2, August 2012)
26 #define FLASH_REGS_ADDR 0x40022000
27 #define FLASH_REGS_SIZE 0x28
29 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
30 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
31 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
32 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
33 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
34 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
35 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
37 // For STM32F05x, the RDPTR_KEY may be wrong, but as it is not used anywhere...
38 #define FLASH_RDPTR_KEY 0x00a5
39 #define FLASH_KEY1 0x45670123
40 #define FLASH_KEY2 0xcdef89ab
42 #define FLASH_SR_BSY 0
43 #define FLASH_SR_EOP 5
46 #define FLASH_CR_PER 1
47 #define FLASH_CR_MER 2
48 #define FLASH_CR_STRT 6
49 #define FLASH_CR_LOCK 7
52 //32L = 32F1 same CoreID as 32F4!
53 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
54 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
55 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
56 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
57 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
58 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
59 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
60 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
61 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
62 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
63 #define FLASH_L1_FPRG 10
64 #define FLASH_L1_PROG 3
66 //32L4 register base is at FLASH_REGS_ADDR (0x40022000)
67 #define STM32L4_FLASH_KEYR (FLASH_REGS_ADDR + 0x08)
68 #define STM32L4_FLASH_SR (FLASH_REGS_ADDR + 0x10)
69 #define STM32L4_FLASH_CR (FLASH_REGS_ADDR + 0x14)
70 #define STM32L4_FLASH_OPTR (FLASH_REGS_ADDR + 0x20)
72 #define STM32L4_FLASH_SR_BSY 16
73 #define STM32L4_FLASH_SR_ERRMASK 0x3f8 /* SR [9:3] */
75 #define STM32L4_FLASH_CR_LOCK 31 /* Lock control register */
76 #define STM32L4_FLASH_CR_PG 0 /* Program */
77 #define STM32L4_FLASH_CR_PER 1 /* Page erase */
78 #define STM32L4_FLASH_CR_MER1 2 /* Bank 1 erase */
79 #define STM32L4_FLASH_CR_MER2 15 /* Bank 2 erase */
80 #define STM32L4_FLASH_CR_STRT 16 /* Start command */
81 #define STM32L4_FLASH_CR_BKER 11 /* Bank select for page erase */
82 #define STM32L4_FLASH_CR_PNB 3 /* Page number (8 bits) */
83 // Bits requesting flash operations (useful when we want to clear them)
84 #define STM32L4_FLASH_CR_OPBITS \
85 ((1lu<<STM32L4_FLASH_CR_PG) | (1lu<<STM32L4_FLASH_CR_PER) \
86 | (1lu<<STM32L4_FLASH_CR_MER1) | (1lu<<STM32L4_FLASH_CR_MER1))
87 // Page is fully specified by BKER and PNB
88 #define STM32L4_FLASH_CR_PAGEMASK (0x1fflu << STM32L4_FLASH_CR_PNB)
90 #define STM32L4_FLASH_OPTR_DUALBANK 21
92 //STM32L0x flash register base and offsets
94 // RM0090 - DM00031020.pdf
95 #define STM32L0_FLASH_REGS_ADDR ((uint32_t)0x40022000)
96 #define FLASH_ACR_OFF ((uint32_t) 0x00)
97 #define FLASH_PECR_OFF ((uint32_t) 0x04)
98 #define FLASH_PDKEYR_OFF ((uint32_t) 0x08)
99 #define FLASH_PEKEYR_OFF ((uint32_t) 0x0c)
100 #define FLASH_PRGKEYR_OFF ((uint32_t) 0x10)
101 #define FLASH_OPTKEYR_OFF ((uint32_t) 0x14)
102 #define FLASH_SR_OFF ((uint32_t) 0x18)
103 #define FLASH_OBR_OFF ((uint32_t) 0x1c)
104 #define FLASH_WRPR_OFF ((uint32_t) 0x20)
109 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
110 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
111 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
112 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
113 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
114 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
115 #define FLASH_F4_CR_STRT 16
116 #define FLASH_F4_CR_LOCK 31
117 #define FLASH_F4_CR_SER 1
118 #define FLASH_F4_CR_SNB 3
119 #define FLASH_F4_CR_SNB_MASK 0xf8
120 #define FLASH_F4_SR_BSY 16
122 #define L1_WRITE_BLOCK_SIZE 0x80
123 #define L0_WRITE_BLOCK_SIZE 0x40
125 void write_uint32(unsigned char* buf, uint32_t ui) {
126 if (!is_bigendian()) { // le -> le (don't swap)
127 buf[0] = ((unsigned char*) &ui)[0];
128 buf[1] = ((unsigned char*) &ui)[1];
129 buf[2] = ((unsigned char*) &ui)[2];
130 buf[3] = ((unsigned char*) &ui)[3];
132 buf[0] = ((unsigned char*) &ui)[3];
133 buf[1] = ((unsigned char*) &ui)[2];
134 buf[2] = ((unsigned char*) &ui)[1];
135 buf[3] = ((unsigned char*) &ui)[0];
139 void write_uint16(unsigned char* buf, uint16_t ui) {
140 if (!is_bigendian()) { // le -> le (don't swap)
141 buf[0] = ((unsigned char*) &ui)[0];
142 buf[1] = ((unsigned char*) &ui)[1];
144 buf[0] = ((unsigned char*) &ui)[1];
145 buf[1] = ((unsigned char*) &ui)[0];
149 uint32_t read_uint32(const unsigned char *c, const int pt) {
151 char *p = (char *) &ui;
153 if (!is_bigendian()) { // le -> le (don't swap)
167 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
168 return stlink_read_debug32(sl, FLASH_WRPR) & 0xff;
171 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
172 return stlink_read_debug32(sl, FLASH_WRPR);
175 static inline uint32_t read_flash_obr(stlink_t *sl) {
176 return stlink_read_debug32(sl, FLASH_OBR);
179 static inline uint32_t read_flash_cr(stlink_t *sl) {
181 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||(sl->chip_id == STM32_CHIPID_F4_DE) ||
182 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
183 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7))
184 res = stlink_read_debug32(sl, FLASH_F4_CR);
185 else if (sl->chip_id == STM32_CHIPID_L4)
186 res = stlink_read_debug32(sl, STM32L4_FLASH_CR);
188 res = stlink_read_debug32(sl, FLASH_CR);
190 fprintf(stdout, "CR:0x%x\n", res);
195 static inline unsigned int is_flash_locked(stlink_t *sl) {
196 /* return non zero for true */
197 uint32_t cr = read_flash_cr(sl);
199 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
200 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
201 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7))
202 return cr & (1 << FLASH_F4_CR_LOCK);
203 else if (sl->chip_id == STM32_CHIPID_L4)
204 return cr & (1lu << STM32L4_FLASH_CR_LOCK);
206 return cr & (1 << FLASH_CR_LOCK);
209 static void unlock_flash(stlink_t *sl) {
210 /* the unlock sequence consists of 2 write cycles where
211 2 key values are written to the FLASH_KEYR register.
212 an invalid sequence results in a definitive lock of
213 the FPEC block until next reset.
215 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
216 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
217 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7)) {
218 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
219 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
220 } else if (sl->chip_id == STM32_CHIPID_L4) {
221 stlink_write_debug32(sl, STM32L4_FLASH_KEYR, FLASH_KEY1);
222 stlink_write_debug32(sl, STM32L4_FLASH_KEYR, FLASH_KEY2);
224 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
225 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
230 static int unlock_flash_if(stlink_t *sl) {
231 /* unlock flash if already locked */
233 if (is_flash_locked(sl)) {
235 if (is_flash_locked(sl)) {
236 WLOG("Failed to unlock flash!\n");
240 DLOG("Successfully unlocked flash\n");
244 static void lock_flash(stlink_t *sl) {
245 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
246 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
247 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7)) {
248 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
249 stlink_write_debug32(sl, FLASH_F4_CR, n);
250 } else if (sl->chip_id == STM32_CHIPID_L4) {
251 const uint32_t n = read_flash_cr(sl) | (1lu << STM32L4_FLASH_CR_LOCK);
252 stlink_write_debug32(sl, STM32L4_FLASH_CR, n);
254 /* write to 1 only. reset by hw at unlock sequence */
255 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
256 stlink_write_debug32(sl, FLASH_CR, n);
261 static void set_flash_cr_pg(stlink_t *sl) {
262 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
263 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
264 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7)) {
265 uint32_t x = read_flash_cr(sl);
266 x |= (1 << FLASH_CR_PG);
267 stlink_write_debug32(sl, FLASH_F4_CR, x);
268 } else if (sl->chip_id == STM32_CHIPID_L4) {
269 uint32_t x = read_flash_cr(sl);
270 x &=~ STM32L4_FLASH_CR_OPBITS;
271 x |= (1 << STM32L4_FLASH_CR_PG);
272 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
274 const uint32_t n = 1 << FLASH_CR_PG;
275 stlink_write_debug32(sl, FLASH_CR, n);
279 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
280 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
281 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
282 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
283 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7))
284 stlink_write_debug32(sl, FLASH_F4_CR, n);
286 stlink_write_debug32(sl, FLASH_CR, n);
289 static void set_flash_cr_per(stlink_t *sl) {
290 const uint32_t n = 1 << FLASH_CR_PER;
291 stlink_write_debug32(sl, FLASH_CR, n);
294 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
295 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
296 stlink_write_debug32(sl, FLASH_CR, n);
299 static void set_flash_cr_mer(stlink_t *sl) {
300 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
301 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
302 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7))
303 stlink_write_debug32(sl, FLASH_F4_CR,
304 stlink_read_debug32(sl, FLASH_F4_CR) | (1 << FLASH_CR_MER));
305 else if (sl->chip_id == STM32_CHIPID_L4) {
306 uint32_t x = stlink_read_debug32(sl, STM32L4_FLASH_CR);
307 x &=~ STM32L4_FLASH_CR_OPBITS;
308 x |= (1lu << STM32L4_FLASH_CR_MER1) | (1lu << STM32L4_FLASH_CR_MER2);
309 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
311 stlink_write_debug32(sl, FLASH_CR,
312 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_MER));
315 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
316 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
317 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
318 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7))
319 stlink_write_debug32(sl, FLASH_F4_CR,
320 stlink_read_debug32(sl, FLASH_F4_CR) & ~(1 << FLASH_CR_MER));
322 stlink_write_debug32(sl, FLASH_CR,
323 stlink_read_debug32(sl, FLASH_CR) & ~(1 << FLASH_CR_MER));
326 static void set_flash_cr_strt(stlink_t *sl) {
327 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
328 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
329 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7)) {
330 uint32_t x = read_flash_cr(sl);
331 x |= (1 << FLASH_F4_CR_STRT);
332 stlink_write_debug32(sl, FLASH_F4_CR, x);
333 } else if (sl->chip_id == STM32_CHIPID_L4) {
334 uint32_t x = read_flash_cr(sl);
335 x |= (1lu << STM32L4_FLASH_CR_STRT);
336 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
338 stlink_write_debug32(sl, FLASH_CR,
339 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_STRT) );
343 static inline uint32_t read_flash_acr(stlink_t *sl) {
344 return stlink_read_debug32(sl, FLASH_ACR);
347 static inline uint32_t read_flash_sr(stlink_t *sl) {
349 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
350 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
351 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7))
352 res = stlink_read_debug32(sl, FLASH_F4_SR);
353 else if (sl->chip_id == STM32_CHIPID_L4)
354 res = stlink_read_debug32(sl, STM32L4_FLASH_SR);
356 res = stlink_read_debug32(sl, FLASH_SR);
357 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
361 static inline unsigned int is_flash_busy(stlink_t *sl) {
362 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
363 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
364 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7))
365 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
366 else if (sl->chip_id == STM32_CHIPID_L4)
367 return read_flash_sr(sl) & (1 << STM32L4_FLASH_SR_BSY);
369 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
372 static void wait_flash_busy(stlink_t *sl) {
373 /* todo: add some delays here */
374 while (is_flash_busy(sl))
378 static void wait_flash_busy_progress(stlink_t *sl) {
380 fprintf(stdout, "Mass erasing");
382 while (is_flash_busy(sl)) {
386 fprintf(stdout, ".");
390 fprintf(stdout, "\n");
393 static inline unsigned int is_flash_eop(stlink_t *sl) {
394 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
397 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
398 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
399 stlink_write_debug32(sl, FLASH_SR, n);
402 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
403 /* todo: add some delays here */
404 while (is_flash_eop(sl) == 0)
408 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
409 stlink_write_debug32(sl, FLASH_AR, n);
412 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
413 uint32_t x = read_flash_cr(sl);
417 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
419 stlink_write_debug32(sl, FLASH_F4_CR, x);
423 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
424 uint32_t x = read_flash_cr(sl);
425 x &= ~FLASH_F4_CR_SNB_MASK;
426 x |= (n << FLASH_F4_CR_SNB);
427 x |= (1 << FLASH_F4_CR_SER);
429 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
431 stlink_write_debug32(sl, FLASH_F4_CR, x);
434 static inline void write_flash_cr_bker_pnb(stlink_t *sl, uint32_t n) {
435 uint32_t x = read_flash_cr(sl);
436 x &=~ STM32L4_FLASH_CR_OPBITS;
437 x &=~ STM32L4_FLASH_CR_PAGEMASK;
438 x |= (n << STM32L4_FLASH_CR_PNB);
439 x |= (1lu << STM32L4_FLASH_CR_PER);
441 fprintf(stdout, "BKER:PNB:0x%x 0x%x\n", x, n);
443 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
446 // Delegates to the backends...
448 void stlink_close(stlink_t *sl) {
449 DLOG("*** stlink_close ***\n");
450 sl->backend->close(sl);
454 void stlink_exit_debug_mode(stlink_t *sl) {
455 DLOG("*** stlink_exit_debug_mode ***\n");
456 stlink_write_debug32(sl, DHCSR, DBGKEY);
457 sl->backend->exit_debug_mode(sl);
460 void stlink_enter_swd_mode(stlink_t *sl) {
461 DLOG("*** stlink_enter_swd_mode ***\n");
462 sl->backend->enter_swd_mode(sl);
465 // Force the core into the debug mode -> halted state.
466 void stlink_force_debug(stlink_t *sl) {
467 DLOG("*** stlink_force_debug_mode ***\n");
468 sl->backend->force_debug(sl);
471 void stlink_exit_dfu_mode(stlink_t *sl) {
472 DLOG("*** stlink_exit_dfu_mode ***\n");
473 sl->backend->exit_dfu_mode(sl);
476 uint32_t stlink_core_id(stlink_t *sl) {
477 DLOG("*** stlink_core_id ***\n");
478 sl->backend->core_id(sl);
480 stlink_print_data(sl);
481 DLOG("core_id = 0x%08x\n", sl->core_id);
485 uint32_t stlink_chip_id(stlink_t *sl) {
486 uint32_t chip_id = stlink_read_debug32(sl, 0xE0042000);
487 if (chip_id == 0) chip_id = stlink_read_debug32(sl, 0x40015800); //Try Corex M0 DBGMCU_IDCODE register address
492 * Cortex m3 tech ref manual, CPUID register description
493 * @param sl stlink context
494 * @param cpuid pointer to the result object
496 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
497 uint32_t raw = stlink_read_debug32(sl, CM3_REG_CPUID);
498 cpuid->implementer_id = (raw >> 24) & 0x7f;
499 cpuid->variant = (raw >> 20) & 0xf;
500 cpuid->part = (raw >> 4) & 0xfff;
501 cpuid->revision = raw & 0xf;
506 * reads and decodes the flash parameters, as dynamically as possible
508 * @return 0 for success, or -1 for unsupported core type.
510 int stlink_load_device_params(stlink_t *sl) {
511 ILOG("Loading device parameters....\n");
512 const chip_params_t *params = NULL;
513 sl->core_id = stlink_core_id(sl);
514 uint32_t chip_id = stlink_chip_id(sl);
517 sl->chip_id = chip_id & 0xfff;
518 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
519 if (sl->chip_id == 0x411) {
520 uint32_t cpuid = stlink_read_debug32(sl, 0xE000ED00);
521 if ((cpuid & 0xfff0) == 0xc240)
525 for (size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
526 if(devices[i].chip_id == sl->chip_id) {
527 params = &devices[i];
531 if (params == NULL) {
532 WLOG("unknown chip id! %#x\n", chip_id);
536 // These are fixed...
537 sl->flash_base = STM32_FLASH_BASE;
538 sl->sram_base = STM32_SRAM_BASE;
539 flash_size = stlink_read_debug32(sl,(params->flash_size_reg) & ~3);
540 if (params->flash_size_reg & 2)
541 flash_size = flash_size >>16;
542 flash_size = flash_size & 0xffff;
544 if ((sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) && ( flash_size == 0 )) {
545 sl->flash_size = 128 * 1024;
546 } else if (sl->chip_id == STM32_CHIPID_L1_CAT2) {
547 sl->flash_size = (flash_size & 0xff) * 1024;
548 } else if ((sl->chip_id & 0xFFF) == STM32_CHIPID_L1_HIGH) {
549 // 0 is 384k and 1 is 256k
550 if ( flash_size == 0 ) {
551 sl->flash_size = 384 * 1024;
553 sl->flash_size = 256 * 1024;
556 sl->flash_size = flash_size * 1024;
558 sl->flash_pgsz = params->flash_pagesize;
559 sl->sram_size = params->sram_size;
560 sl->sys_base = params->bootrom_base;
561 sl->sys_size = params->bootrom_size;
563 //medium and low devices have the same chipid. ram size depends on flash size.
564 //STM32F100xx datasheet Doc ID 16455 Table 2
565 if(sl->chip_id == STM32_CHIPID_F1_VL_MEDIUM_LOW && sl->flash_size < 64 * 1024){
566 sl->sram_size = 0x1000;
569 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
570 // TODO make note of variable page size here.....
571 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
572 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
577 void stlink_reset(stlink_t *sl) {
578 DLOG("*** stlink_reset ***\n");
579 sl->backend->reset(sl);
582 void stlink_jtag_reset(stlink_t *sl, int value) {
583 DLOG("*** stlink_jtag_reset ***\n");
584 sl->backend->jtag_reset(sl, value);
587 void stlink_run(stlink_t *sl) {
588 DLOG("*** stlink_run ***\n");
589 sl->backend->run(sl);
592 void stlink_status(stlink_t *sl) {
593 DLOG("*** stlink_status ***\n");
594 sl->backend->status(sl);
595 stlink_core_stat(sl);
599 * Decode the version bits, originally from -sg, verified with usb
600 * @param sl stlink context, assumed to contain valid data in the buffer
601 * @param slv output parsed version object
603 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
604 uint32_t b0 = sl->q_buf[0]; //lsb
605 uint32_t b1 = sl->q_buf[1];
606 uint32_t b2 = sl->q_buf[2];
607 uint32_t b3 = sl->q_buf[3];
608 uint32_t b4 = sl->q_buf[4];
609 uint32_t b5 = sl->q_buf[5]; //msb
611 // b0 b1 || b2 b3 | b4 b5
612 // 4b | 6b | 6b || 2B | 2B
613 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
615 slv->stlink_v = (b0 & 0xf0) >> 4;
616 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
617 slv->swim_v = b1 & 0x3f;
618 slv->st_vid = (b3 << 8) | b2;
619 slv->stlink_pid = (b5 << 8) | b4;
623 void stlink_version(stlink_t *sl) {
624 DLOG("*** looking up stlink version\n");
625 sl->backend->version(sl);
626 _parse_version(sl, &sl->version);
628 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
629 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
630 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
631 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
632 DLOG("swim version = 0x%x\n", sl->version.swim_v);
633 if (sl->version.jtag_v == 0) {
634 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
636 if (sl->version.swim_v == 0) {
637 DLOG(" notice: the firmware doesn't support a swim interface\n");
641 int stlink_target_voltage(stlink_t *sl) {
643 DLOG("*** reading target voltage\n");
644 if (sl->backend->target_voltage != NULL) {
645 voltage = sl->backend->target_voltage(sl);
647 DLOG("target voltage = %ldmV\n", voltage);
649 DLOG("error reading target voltage\n");
652 DLOG("reading voltage not supported by backend\n");
657 uint32_t stlink_read_debug32(stlink_t *sl, uint32_t addr) {
658 uint32_t data = sl->backend->read_debug32(sl, addr);
659 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
663 void stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
664 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
665 sl->backend->write_debug32(sl, addr, data);
668 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
669 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
671 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
674 sl->backend->write_mem32(sl, addr, len);
677 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
678 DLOG("*** stlink_read_mem32 ***\n");
679 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
680 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
684 sl->backend->read_mem32(sl, addr, len);
687 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
688 DLOG("*** stlink_write_mem8 ***\n");
689 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
690 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
694 sl->backend->write_mem8(sl, addr, len);
697 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
698 DLOG("*** stlink_read_all_regs ***\n");
699 sl->backend->read_all_regs(sl, regp);
702 void stlink_read_all_unsupported_regs(stlink_t *sl, reg *regp) {
703 DLOG("*** stlink_read_all_unsupported_regs ***\n");
704 sl->backend->read_all_unsupported_regs(sl, regp);
707 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
708 DLOG("*** stlink_write_reg\n");
709 sl->backend->write_reg(sl, reg, idx);
712 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
713 DLOG("*** stlink_read_reg\n");
714 DLOG(" (%d) ***\n", r_idx);
716 if (r_idx > 20 || r_idx < 0) {
717 fprintf(stderr, "Error: register index must be in [0..20]\n");
721 sl->backend->read_reg(sl, r_idx, regp);
724 void stlink_read_unsupported_reg(stlink_t *sl, int r_idx, reg *regp) {
727 DLOG("*** stlink_read_unsupported_reg\n");
728 DLOG(" (%d) ***\n", r_idx);
730 /* Convert to values used by DCRSR */
731 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
733 } else if (r_idx == 0x40) { /* FPSCR */
735 } else if (r_idx >= 0x20 && r_idx < 0x40) {
736 r_convert = 0x40 + (r_idx - 0x20);
738 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
742 sl->backend->read_unsupported_reg(sl, r_convert, regp);
745 void stlink_write_unsupported_reg(stlink_t *sl, uint32_t val, int r_idx, reg *regp) {
748 DLOG("*** stlink_write_unsupported_reg\n");
749 DLOG(" (%d) ***\n", r_idx);
751 /* Convert to values used by DCRSR */
752 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
753 r_convert = r_idx; /* The backend function handles this */
754 } else if (r_idx == 0x40) { /* FPSCR */
756 } else if (r_idx >= 0x20 && r_idx < 0x40) {
757 r_convert = 0x40 + (r_idx - 0x20);
759 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
763 sl->backend->write_unsupported_reg(sl, val, r_convert, regp);
766 unsigned int is_core_halted(stlink_t *sl) {
767 /* return non zero if core is halted */
769 return sl->q_buf[0] == STLINK_CORE_HALTED;
772 void stlink_step(stlink_t *sl) {
773 DLOG("*** stlink_step ***\n");
774 sl->backend->step(sl);
777 int stlink_current_mode(stlink_t *sl) {
778 int mode = sl->backend->current_mode(sl);
780 case STLINK_DEV_DFU_MODE:
781 DLOG("stlink current mode: dfu\n");
783 case STLINK_DEV_DEBUG_MODE:
784 DLOG("stlink current mode: debug (jtag or swd)\n");
786 case STLINK_DEV_MASS_MODE:
787 DLOG("stlink current mode: mass\n");
790 DLOG("stlink mode: unknown!\n");
791 return STLINK_DEV_UNKNOWN_MODE;
797 // End of delegates.... Common code below here...
800 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
802 // #define is_bigendian() ( (*(char*)&i) == 0 )
804 inline unsigned int is_bigendian(void) {
805 static volatile const unsigned int i = 1;
806 return *(volatile const char*) &i == 0;
809 uint16_t read_uint16(const unsigned char *c, const int pt) {
811 char *p = (char *) &ui;
813 if (!is_bigendian()) { // le -> le (don't swap)
823 // same as above with entrypoint.
825 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
826 stlink_write_reg(sl, addr, 15); /* pc register */
830 while (is_core_halted(sl) == 0)
834 void stlink_core_stat(stlink_t *sl) {
838 switch (sl->q_buf[0]) {
839 case STLINK_CORE_RUNNING:
840 sl->core_stat = STLINK_CORE_RUNNING;
841 DLOG(" core status: running\n");
843 case STLINK_CORE_HALTED:
844 sl->core_stat = STLINK_CORE_HALTED;
845 DLOG(" core status: halted\n");
848 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
849 fprintf(stderr, " core status: unknown\n");
853 void stlink_print_data(stlink_t * sl) {
854 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
857 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
859 for (int i = 0; i < sl->q_len; i++) {
862 if (sl->q_data_dir == Q_DATA_OUT)
863 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
865 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
868 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
870 fputs("\n\n", stdout);
873 /* memory mapped file */
875 typedef struct mapped_file {
880 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
882 static int map_file(mapped_file_t* mf, const char* path) {
886 const int fd = open(path, O_RDONLY | O_BINARY);
888 fprintf(stderr, "open(%s) == -1\n", path);
892 if (fstat(fd, &st) == -1) {
893 fprintf(stderr, "fstat() == -1\n");
897 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
898 if (mf->base == MAP_FAILED) {
899 fprintf(stderr, "mmap() == MAP_FAILED\n");
903 mf->len = st.st_size;
914 static void unmap_file(mapped_file_t * mf) {
915 munmap((void*) mf->base, mf->len);
916 mf->base = (unsigned char*) MAP_FAILED;
920 /* Limit the block size to compare to 0x1800
921 Anything larger will stall the STLINK2
922 Maybe STLINK V1 needs smaller value!*/
923 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
925 size_t n_cmp = sl->flash_pgsz;
929 for (off = 0; off < mf->len; off += n_cmp) {
932 /* adjust last page size */
933 size_t cmp_size = n_cmp;
934 if ((off + n_cmp) > mf->len)
935 cmp_size = mf->len - off;
937 aligned_size = cmp_size;
938 if (aligned_size & (4 - 1))
939 aligned_size = (cmp_size + 4) & ~(4 - 1);
941 stlink_read_mem32(sl, addr + off, aligned_size);
943 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
950 int stlink_fwrite_sram
951 (stlink_t * sl, const char* path, stm32_addr_t addr) {
952 /* write the file in sram at addr */
957 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
960 if (map_file(&mf, path) == -1) {
961 fprintf(stderr, "map_file() == -1\n");
965 /* check addr range is inside the sram */
966 if (addr < sl->sram_base) {
967 fprintf(stderr, "addr too low\n");
969 } else if ((addr + mf.len) < addr) {
970 fprintf(stderr, "addr overruns\n");
972 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
973 fprintf(stderr, "addr too high\n");
975 } else if (addr & 3) {
977 fprintf(stderr, "unaligned addr\n");
987 /* do the copy by 1k blocks */
988 for (off = 0; off < len; off += 1024) {
990 if ((off + size) > len)
993 memcpy(sl->q_buf, mf.base + off, size);
995 /* round size if needed */
999 stlink_write_mem32(sl, addr + off, size);
1003 memcpy(sl->q_buf, mf.base + len, mf.len - len);
1004 stlink_write_mem8(sl, addr + len, mf.len - len);
1007 /* check the file ha been written */
1008 if (check_file(sl, &mf, addr) == -1) {
1009 fprintf(stderr, "check_file() == -1\n");
1016 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1017 /* Set PC to the reset routine*/
1018 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1026 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
1027 /* read size bytes from addr to file */
1032 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1033 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1034 || sl->chip_id == STM32_CHIPID_L152_RE) ? 0:0xff;
1036 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
1038 fprintf(stderr, "open(%s) == -1\n", path);
1043 size = sl->flash_size;
1045 if (size > sl->flash_size)
1046 size = sl->flash_size;
1048 /* do the copy by 1k blocks */
1049 for (off = 0; off < size; off += 1024) {
1050 size_t read_size = 1024;
1051 size_t rounded_size;
1053 if ((off + read_size) > size)
1054 read_size = size - off;
1056 /* round size if needed */
1057 rounded_size = read_size;
1058 if (rounded_size & 3)
1059 rounded_size = (rounded_size + 4) & ~(3);
1061 stlink_read_mem32(sl, addr + off, rounded_size);
1063 for(index = 0; index < read_size; index ++) {
1064 if (sl->q_buf[index] == erased_pattern)
1069 if (write(fd, sl->q_buf, read_size) != (ssize_t) read_size) {
1070 fprintf(stderr, "write() != read_size\n");
1075 /* Ignore NULL Bytes at end of file */
1076 if (!ftruncate(fd, size - num_empty)) {
1089 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
1090 /* write the buffer right after the loader */
1091 size_t chunk = size & ~0x3;
1092 size_t rem = size & 0x3;
1094 memcpy(sl->q_buf, buf, chunk);
1095 stlink_write_mem32(sl, fl->buf_addr, chunk);
1098 memcpy(sl->q_buf, buf+chunk, rem);
1099 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
1104 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
1105 uint32_t offset = 0;
1106 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1107 if (flashaddr >= 0x100000) {
1109 flashaddr -= 0x100000;
1111 if (flashaddr<0x4000) return (offset + 0);
1112 else if(flashaddr<0x8000) return(offset + 1);
1113 else if(flashaddr<0xc000) return(offset + 2);
1114 else if(flashaddr<0x10000) return(offset + 3);
1115 else if(flashaddr<0x20000) return(offset + 4);
1116 else return offset + (flashaddr/0x20000) +4;
1120 uint32_t calculate_F7_sectornum(uint32_t flashaddr){
1121 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1122 if(flashaddr<0x20000) return(flashaddr/0x8000);
1123 else if(flashaddr<0x40000) return(4);
1124 else return(flashaddr/0x40000) +4;
1128 // Returns BKER:PNB for the given page address
1129 uint32_t calculate_L4_page(stlink_t *sl, uint32_t flashaddr) {
1131 uint32_t flashopt = stlink_read_debug32(sl, STM32L4_FLASH_OPTR);
1132 flashaddr -= STM32_FLASH_BASE;
1133 if (flashopt & (1lu << STM32L4_FLASH_OPTR_DUALBANK)) {
1134 uint32_t banksize = sl->flash_size / 2;
1135 if (flashaddr > banksize) {
1136 flashaddr -= banksize;
1140 // For 1MB chips without the dual-bank option set, the page address will
1141 // overflow into the BKER bit, which gives us the correct bank:page value.
1142 return bker | flashaddr/sl->flash_pgsz;
1145 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
1146 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1147 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
1148 (sl->chip_id == STM32_CHIPID_F446)) {
1149 uint32_t sector=calculate_F4_sectornum(flashaddr);
1153 if (sector<4) sl->flash_pgsz=0x4000;
1154 else if(sector<5) sl->flash_pgsz=0x10000;
1155 else sl->flash_pgsz=0x20000;
1157 else if (sl->chip_id == STM32_CHIPID_F7) {
1158 uint32_t sector=calculate_F7_sectornum(flashaddr);
1159 if (sector<4) sl->flash_pgsz=0x8000;
1160 else if(sector<5) sl->flash_pgsz=0x20000;
1161 else sl->flash_pgsz=0x40000;
1163 return (sl->flash_pgsz);
1167 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
1168 * @param sl stlink context
1169 * @param flashaddr an address in the flash page to erase
1170 * @return 0 on success -ve on failure
1172 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
1174 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1175 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
1176 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4)) {
1177 /* wait for ongoing op to finish */
1178 wait_flash_busy(sl);
1180 /* unlock if locked */
1181 unlock_flash_if(sl);
1183 /* select the page to erase */
1184 if (sl->chip_id == STM32_CHIPID_L4) {
1185 // calculate the actual bank+page from the address
1186 uint32_t page = calculate_L4_page(sl, flashaddr);
1188 write_flash_cr_bker_pnb(sl, page);
1189 } else if (sl->chip_id == STM32_CHIPID_F7) {
1190 // calculate the actual page from the address
1191 uint32_t sector=calculate_F7_sectornum(flashaddr);
1193 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1195 write_flash_cr_snb(sl, sector);
1197 // calculate the actual page from the address
1198 uint32_t sector=calculate_F4_sectornum(flashaddr);
1200 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1202 //the SNB values for flash sectors in the second bank do not directly follow the values for the first bank on 2mb devices...
1203 if (sector >= 12) sector += 4;
1205 write_flash_cr_snb(sl, sector);
1208 /* start erase operation */
1209 set_flash_cr_strt(sl);
1211 /* wait for completion */
1212 wait_flash_busy(sl);
1214 /* relock the flash */
1215 //todo: fails to program if this is in
1218 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
1220 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1221 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1222 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1225 uint32_t flash_regs_base;
1226 if (sl->chip_id == STM32_CHIPID_L0) {
1227 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1229 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1232 /* check if the locks are set */
1233 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1234 if((val & (1<<0))||(val & (1<<1))) {
1235 /* disable pecr protection */
1236 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1237 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1239 /* check pecr.pelock is cleared */
1240 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1241 if (val & (1 << 0)) {
1242 WLOG("pecr.pelock not clear (%#x)\n", val);
1246 /* unlock program memory */
1247 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1248 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1250 /* check pecr.prglock is cleared */
1251 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1252 if (val & (1 << 1)) {
1253 WLOG("pecr.prglock not clear (%#x)\n", val);
1258 /* set pecr.{erase,prog} */
1259 val |= (1 << 9) | (1 << 3);
1260 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1261 #if 0 /* fix_to_be_confirmed */
1263 /* wait for sr.busy to be cleared
1264 * MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1265 * wrong and we do not need to wait here for clearing the busy bit.
1266 * TEXANE: ok, if experience says so and it works for you, we comment
1267 * it. If someone has a problem, please drop an email.
1269 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1272 #endif /* fix_to_be_confirmed */
1274 /* write 0 to the first word of the page to be erased */
1275 stlink_write_debug32(sl, flashaddr, 0);
1277 /* MP: It is better to wait for clearing the busy bit after issuing
1278 page erase command, even though PM0062 recommends to wait before it.
1279 Test shows that a few iterations is performed in the following loop
1280 before busy bit is cleared.*/
1281 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0)
1284 /* reset lock bits */
1285 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF)
1286 | (1 << 0) | (1 << 1) | (1 << 2);
1287 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1288 } else if (sl->core_id == STM32VL_CORE_ID
1289 || sl->core_id == STM32F0_CORE_ID
1290 || sl->chip_id == STM32_CHIPID_F3
1291 || sl->chip_id == STM32_CHIPID_F303_HIGH
1292 || sl->chip_id == STM32_CHIPID_F37x
1293 || sl->chip_id == STM32_CHIPID_F334) {
1294 /* wait for ongoing op to finish */
1295 wait_flash_busy(sl);
1297 /* unlock if locked */
1298 unlock_flash_if(sl);
1300 /* set the page erase bit */
1301 set_flash_cr_per(sl);
1303 /* select the page to erase */
1304 write_flash_ar(sl, flashaddr);
1306 /* start erase operation, reset by hw with bsy bit */
1307 set_flash_cr_strt(sl);
1309 /* wait for completion */
1310 wait_flash_busy(sl);
1312 /* relock the flash */
1315 WLOG("unknown coreid %x, page erase failed\n", sl->core_id);
1319 /* todo: verify the erased page */
1324 int stlink_erase_flash_mass(stlink_t *sl) {
1325 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1326 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1327 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1328 /* erase each page */
1329 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1330 for (i = 0; i < num_pages; i++) {
1331 /* addr must be an addr inside the page */
1332 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1333 if (stlink_erase_flash_page(sl, addr) == -1) {
1334 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1337 fprintf(stdout,"\rFlash page at %5d/%5d erased", i, num_pages);
1340 fprintf(stdout, "\n");
1342 /* wait for ongoing op to finish */
1343 wait_flash_busy(sl);
1345 /* unlock if locked */
1346 unlock_flash_if(sl);
1348 /* set the mass erase bit */
1349 set_flash_cr_mer(sl);
1351 /* start erase operation, reset by hw with bsy bit */
1352 set_flash_cr_strt(sl);
1354 /* wait for completion */
1355 wait_flash_busy_progress(sl);
1357 /* relock the flash */
1360 /* todo: verify the erased memory */
1365 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1368 /* allocate the loader in sram */
1369 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1370 WLOG("Failed to write flash loader to sram!\n");
1374 /* allocate a one page buffer in sram right after loader */
1375 fl->buf_addr = fl->loader_addr + size;
1376 ILOG("Successfully loaded flash loader in sram\n");
1380 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1381 /* from openocd, contrib/loaders/flash/stm32.s */
1382 static const uint8_t loader_code_stm32vl[] = {
1383 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1384 0x1c, 0x44, /* add r4, r3 */
1385 /* write_half_word: */
1386 0x01, 0x23, /* movs r3, #0x01 */
1387 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1388 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1389 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1391 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1392 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1393 0xfb, 0xd0, /* beq busy */
1394 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1395 0x01, 0xd1, /* bne exit */
1396 0x01, 0x3a, /* subs r2, r2, #0x01 */
1397 0xf0, 0xd1, /* bne write_half_word */
1399 0x00, 0xbe, /* bkpt #0x00 */
1400 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1403 /* flashloaders/stm32f0.s -- thumb1 only, same sequence as for STM32VL, bank ignored */
1404 static const uint8_t loader_code_stm32f0[] = {
1407 * These two NOPs here are a safety precaution, added by Pekka Nikander
1408 * while debugging the STM32F05x support. They may not be needed, but
1409 * there were strange problems with simpler programs, like a program
1410 * that had just a breakpoint or a program that first moved zero to register r2
1411 * and then had a breakpoint. So, it appears safest to have these two nops.
1413 * Feel free to remove them, if you dare, but then please do test the result
1414 * rigorously. Also, if you remove these, it may be a good idea first to
1415 * #if 0 them out, with a comment when these were taken out, and to remove
1416 * these only a few months later... But YMMV.
1418 0x00, 0x30, // nop /* add r0,#0 */
1419 0x00, 0x30, // nop /* add r0,#0 */
1421 0x0A, 0x4C, // ldr r4, STM32_FLASH_BASE
1422 0x01, 0x25, // mov r5, #1 /* FLASH_CR_PG, FLASH_SR_BUSY */
1423 0x04, 0x26, // mov r6, #4 /* PGERR */
1425 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1426 0x2B, 0x43, // orr r3, r5
1427 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR |= FLASH_CR_PG */
1428 0x03, 0x88, // ldrh r3, [r0] /* r3 = *sram */
1429 0x0B, 0x80, // strh r3, [r1] /* *flash = r3 */
1431 0xE3, 0x68, // ldr r3, [r4, #12] /* FLASH->SR */
1432 0x2B, 0x42, // tst r3, r5 /* FLASH_SR_BUSY */
1433 0xFC, 0xD0, // beq busy
1435 0x33, 0x42, // tst r3, r6 /* PGERR */
1436 0x04, 0xD1, // bne exit
1438 0x02, 0x30, // add r0, r0, #2 /* sram += 2 */
1439 0x02, 0x31, // add r1, r1, #2 /* flash += 2 */
1440 0x01, 0x3A, // sub r2, r2, #0x01 /* count-- */
1441 0x00, 0x2A, // cmp r2, #0
1442 0xF0, 0xD1, // bne write_half_word
1444 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1445 0xAB, 0x43, // bic r3, r5
1446 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR &= ~FLASH_CR_PG */
1447 0x00, 0xBE, // bkpt #0x00
1448 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1451 static const uint8_t loader_code_stm32l[] = {
1453 /* openocd.git/contrib/loaders/flash/stm32lx.S
1454 r0, input, dest addr
1455 r1, input, source addr
1456 r2, input, word count
1457 r3, output, word count
1463 0x51, 0xf8, 0x04, 0xcb,
1464 0x40, 0xf8, 0x04, 0xcb,
1472 static const uint8_t loader_code_stm32l0[] = {
1475 r0, input, dest addr
1476 r1, input, source addr
1477 r2, input, word count
1478 r3, output, word count
1495 static const uint8_t loader_code_stm32f4[] = {
1496 // flashloaders/stm32f4.s
1505 0x14, 0xf0, 0x01, 0x0f,
1507 0x00, 0xf1, 0x04, 0x00,
1508 0x01, 0xf1, 0x04, 0x01,
1509 0xa2, 0xf1, 0x01, 0x02,
1514 0x00, 0x3c, 0x02, 0x40,
1517 static const uint8_t loader_code_stm32f4_lv[] = {
1518 // flashloaders/stm32f4lv.s
1527 0x14, 0xf0, 0x01, 0x0f,
1529 0x00, 0xf1, 0x01, 0x00,
1530 0x01, 0xf1, 0x01, 0x01,
1531 0xa2, 0xf1, 0x01, 0x02,
1537 0x00, 0x3c, 0x02, 0x40,
1540 static const uint8_t loader_code_stm32l4[] = {
1541 // flashloaders/stm32l4.s
1542 0x08, 0x4b, // start: ldr r3, [pc, #32] ; <flash_base>
1543 0x72, 0xb1, // next: cbz r2, <done>
1544 0x04, 0x68, // ldr r4, [r0, #0]
1545 0x45, 0x68, // ldr r5, [r0, #4]
1546 0x0c, 0x60, // str r4, [r1, #0]
1547 0x4d, 0x60, // str r5, [r1, #4]
1548 0x5c, 0x8a, // wait: ldrh r4, [r3, #18]
1549 0x14, 0xf0, 0x01, 0x0f, // tst.w r4, #1
1550 0xfb, 0xd1, // bne.n <wait>
1551 0x00, 0xf1, 0x08, 0x00, // add.w r0, r0, #8
1552 0x01, 0xf1, 0x08, 0x01, // add.w r1, r1, #8
1553 0xa2, 0xf1, 0x02, 0x02, // add.w r2, r2, #2
1554 0xef, 0xe7, // b.n <next>
1555 0x00, 0xbe, // done: bkpt 0x0000
1556 0x00, 0x20, 0x02, 0x40 // flash_base: .word 0x40022000
1559 static const uint8_t loader_code_stm32f7[] = {
1564 0xbf, 0xf3, 0x4f, 0x8f, // DSB Memory barrier for in order flash write
1566 0x14, 0xf0, 0x01, 0x0f,
1568 0x00, 0xf1, 0x04, 0x00,
1569 0x01, 0xf1, 0x04, 0x01,
1570 0xa2, 0xf1, 0x01, 0x02,
1572 0x00, 0xbe, // bkpt #0x00
1573 0x00, 0x3c, 0x02, 0x40,
1576 const uint8_t* loader_code;
1579 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1580 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1581 || sl->chip_id == STM32_CHIPID_L152_RE) { /* stm32l */
1582 loader_code = loader_code_stm32l;
1583 loader_size = sizeof(loader_code_stm32l);
1584 } else if (sl->core_id == STM32VL_CORE_ID
1585 || sl->chip_id == STM32_CHIPID_F3
1586 || sl->chip_id == STM32_CHIPID_F303_HIGH
1587 || sl->chip_id == STM32_CHIPID_F37x
1588 || sl->chip_id == STM32_CHIPID_F334) {
1589 loader_code = loader_code_stm32vl;
1590 loader_size = sizeof(loader_code_stm32vl);
1591 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1592 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
1593 (sl->chip_id == STM32_CHIPID_F446)){
1594 int voltage = stlink_target_voltage(sl);
1595 if (voltage > 2700) {
1596 loader_code = loader_code_stm32f4;
1597 loader_size = sizeof(loader_code_stm32f4);
1599 loader_code = loader_code_stm32f4_lv;
1600 loader_size = sizeof(loader_code_stm32f4_lv);
1602 } else if (sl->chip_id == STM32_CHIPID_F7){
1603 loader_code = loader_code_stm32f7;
1604 loader_size = sizeof(loader_code_stm32f7);
1605 } else if (sl->chip_id == STM32_CHIPID_F0 || sl->chip_id == STM32_CHIPID_F04 || sl->chip_id == STM32_CHIPID_F0_CAN || sl->chip_id == STM32_CHIPID_F0_SMALL || sl->chip_id == STM32_CHIPID_F09X) {
1606 loader_code = loader_code_stm32f0;
1607 loader_size = sizeof(loader_code_stm32f0);
1608 } else if (sl->chip_id == STM32_CHIPID_L0) {
1609 loader_code = loader_code_stm32l0;
1610 loader_size = sizeof(loader_code_stm32l0);
1611 } else if (sl->chip_id == STM32_CHIPID_L4) {
1612 loader_code = loader_code_stm32l4;
1613 loader_size = sizeof(loader_code_stm32l4);
1615 ELOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1619 memcpy(sl->q_buf, loader_code, loader_size);
1620 stlink_write_mem32(sl, sl->sram_base, loader_size);
1622 *addr = sl->sram_base;
1623 *size = loader_size;
1629 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1630 /* check the contents of path are at addr */
1633 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1635 if (map_file(&mf, path) == -1)
1638 res = check_file(sl, &mf, addr);
1646 * Verify addr..addr+len is binary identical to base...base+len
1647 * @param sl stlink context
1648 * @param address stm device address
1649 * @param data host side buffer to check against
1650 * @param length how much
1651 * @return 0 for success, -ve for failure
1653 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1655 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1656 ILOG("Starting verification of write complete\n");
1657 for (off = 0; off < length; off += cmp_size) {
1658 size_t aligned_size;
1660 /* adjust last page size */
1661 if ((off + cmp_size) > length)
1662 cmp_size = length - off;
1664 aligned_size = cmp_size;
1665 if (aligned_size & (4 - 1))
1666 aligned_size = (cmp_size + 4) & ~(4 - 1);
1668 stlink_read_mem32(sl, address + off, aligned_size);
1670 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1671 ELOG("Verification of flash failed at offset: %zd\n", off);
1675 ILOG("Flash written and verified! jolly good!\n");
1680 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len, uint32_t pagesize)
1683 unsigned int num_half_pages = len / pagesize;
1685 uint32_t flash_regs_base;
1688 if (sl->chip_id == STM32_CHIPID_L0) {
1689 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1691 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1694 ILOG("Starting Half page flash write for STM32L core id\n");
1695 /* flash loader initialization */
1696 if (init_flash_loader(sl, &fl) == -1) {
1697 WLOG("init_flash_loader() == -1\n");
1700 /* Unlock already done */
1701 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1702 val |= (1 << FLASH_L1_FPRG);
1703 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1705 val |= (1 << FLASH_L1_PROG);
1706 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1707 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0) {}
1709 for (count = 0; count < num_half_pages; count ++) {
1710 if (run_flash_loader(sl, &fl, addr + count * pagesize, base + count * pagesize, pagesize) == -1) {
1711 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * pagesize);
1712 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1713 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1714 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1717 /* wait for sr.busy to be cleared */
1718 if (sl->verbose >= 1) {
1719 /* show progress. writing procedure is slow
1720 and previous errors are misleading */
1721 fprintf(stdout, "\r%3u/%u halfpages written", count + 1, num_half_pages);
1724 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0) {
1727 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1728 val &= ~(1 << FLASH_L1_PROG);
1729 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1730 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1731 val &= ~(1 << FLASH_L1_FPRG);
1732 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1737 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len) {
1740 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1741 len, len, addr, addr);
1742 /* check addr range is inside the flash */
1743 stlink_calculate_pagesize(sl, addr);
1744 if (addr < sl->flash_base) {
1745 ELOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1747 } else if ((addr + len) < addr) {
1748 ELOG("addr overruns\n");
1750 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1751 ELOG("addr too high\n");
1753 } else if (addr & 1) {
1754 ELOG("unaligned addr 0x%x\n", addr);
1756 } else if (len & 1) {
1757 WLOG("unaligned len 0x%x -- padding with zero\n", len);
1759 } else if (addr & (sl->flash_pgsz - 1)) {
1760 ELOG("addr not a multiple of pagesize, not supported\n");
1764 // Make sure we've loaded the context with the chip details
1766 /* erase each page */
1768 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1769 /* addr must be an addr inside the page */
1770 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1771 ELOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1774 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1775 (unsigned long)addr + off);
1779 fprintf(stdout,"\n");
1780 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1781 page_count, sl->flash_pgsz, sl->flash_pgsz);
1783 if ((sl->chip_id == STM32_CHIPID_F2) ||
1784 (sl->chip_id == STM32_CHIPID_F4) ||
1785 (sl->chip_id == STM32_CHIPID_F4_DE) ||
1786 (sl->chip_id == STM32_CHIPID_F4_LP) ||
1787 (sl->chip_id == STM32_CHIPID_F4_HD) ||
1788 (sl->chip_id == STM32_CHIPID_F411RE) ||
1789 (sl->chip_id == STM32_CHIPID_F446) ||
1790 (sl->chip_id == STM32_CHIPID_F7) ||
1791 (sl->chip_id == STM32_CHIPID_L4)) {
1792 /* todo: check write operation */
1794 ILOG("Starting Flash write for F2/F4/L4\n");
1795 /* flash loader initialization */
1796 if (init_flash_loader(sl, &fl) == -1) {
1797 ELOG("init_flash_loader() == -1\n");
1801 /* First unlock the cr */
1802 unlock_flash_if(sl);
1804 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1805 if (sl->chip_id != STM32_CHIPID_L4) {
1806 /* set parallelisim to 32 bit*/
1807 int voltage = stlink_target_voltage(sl);
1808 if (voltage > 2700) {
1809 printf("enabling 32-bit flash writes\n");
1810 write_flash_cr_psiz(sl, 2);
1812 printf("Target voltage (%d mV) too low for 32-bit flash, using 8-bit flash writes\n", voltage);
1813 write_flash_cr_psiz(sl, 0);
1816 /* L4 does not have a byte-write mode */
1817 int voltage = stlink_target_voltage(sl);
1818 if (voltage <= 2700) {
1819 printf("Target voltage (%d mV) too low for flash writes!\n", voltage);
1824 /* set programming mode */
1825 set_flash_cr_pg(sl);
1827 for(off = 0; off < len;) {
1828 size_t size = len - off > 0x8000 ? 0x8000 : len - off;
1830 printf("size: %zu\n", size);
1832 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1833 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1845 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1846 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1847 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1848 /* use fast word write. todo: half page. */
1850 uint32_t flash_regs_base;
1853 if (sl->chip_id == STM32_CHIPID_L0) {
1854 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1855 pagesize = L0_WRITE_BLOCK_SIZE;
1857 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1858 pagesize = L1_WRITE_BLOCK_SIZE;
1861 /* todo: check write operation */
1863 /* disable pecr protection */
1864 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1865 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1867 /* check pecr.pelock is cleared */
1868 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1869 if (val & (1 << 0)) {
1870 fprintf(stderr, "pecr.pelock not clear\n");
1874 /* unlock program memory */
1875 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1876 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1878 /* check pecr.prglock is cleared */
1879 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1880 if (val & (1 << 1)) {
1881 fprintf(stderr, "pecr.prglock not clear\n");
1885 if (len > pagesize) {
1886 if (stm32l1_write_half_pages(sl, addr, base, len, pagesize) == -1) {
1887 /* This may happen on a blank device! */
1888 WLOG("\nwrite_half_pages failed == -1\n");
1890 off = (len / pagesize)*pagesize;
1894 /* write remainingword in program memory */
1895 for ( ; off < len; off += sizeof(uint32_t)) {
1898 fprintf(stdout, "\r");
1900 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1901 fprintf(stdout, "\r%3zd/%3zd pages written",
1902 off/sl->flash_pgsz, len/sl->flash_pgsz);
1906 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1907 stlink_write_debug32(sl, addr + off, data);
1909 /* wait for sr.busy to be cleared */
1910 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0)
1913 /* todo: check redo write operation */
1916 fprintf(stdout, "\n");
1917 /* reset lock bits */
1918 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF)
1919 | (1 << 0) | (1 << 1) | (1 << 2);
1920 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1921 } else if (sl->core_id == STM32VL_CORE_ID ||
1922 sl->core_id == STM32F0_CORE_ID ||
1923 sl->chip_id == STM32_CHIPID_F3 ||
1924 sl->chip_id == STM32_CHIPID_F303_HIGH ||
1925 sl->chip_id == STM32_CHIPID_F334 ||
1926 sl->chip_id == STM32_CHIPID_F37x) {
1927 ILOG("Starting Flash write for VL/F0/F3 core id\n");
1928 /* flash loader initialization */
1929 if (init_flash_loader(sl, &fl) == -1) {
1930 ELOG("init_flash_loader() == -1\n");
1934 int write_block_count = 0;
1935 for (off = 0; off < len; off += sl->flash_pgsz) {
1936 /* adjust last write size */
1937 size_t size = sl->flash_pgsz;
1938 if ((off + sl->flash_pgsz) > len) size = len - off;
1940 /* unlock and set programming mode */
1941 unlock_flash_if(sl);
1942 set_flash_cr_pg(sl);
1943 //DLOG("Finished setting flash cr pg, running loader!\n");
1944 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1945 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1949 if (sl->verbose >= 1) {
1950 /* show progress. writing procedure is slow
1951 and previous errors are misleading */
1952 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
1956 fprintf(stdout, "\n");
1958 ELOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1962 return stlink_verify_write_flash(sl, addr, base, len);
1966 * Write the given binary file into flash at address "addr"
1968 * @param path readable file path, should be binary image
1969 * @param addr where to start writing
1970 * @return 0 on success, -ve on failure.
1972 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1973 /* write the file in flash at addr */
1975 unsigned int num_empty = 0, index;
1976 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1977 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1978 || sl->chip_id == STM32_CHIPID_L152_RE) ? 0:0xff;
1979 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1980 if (map_file(&mf, path) == -1) {
1981 ELOG("map_file() == -1\n");
1984 for(index = 0; index < mf.len; index ++) {
1985 if (mf.base[index] == erased_pattern)
1990 /* Round down to words */
1991 num_empty -= (num_empty & 3);
1992 if(num_empty != 0) {
1993 ILOG("Ignoring %d bytes of 0x%02x at end of file\n", num_empty, erased_pattern);
1994 mf.len -= num_empty;
1996 err = stlink_write_flash(sl, addr, mf.base, mf.len);
1998 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1999 /* Set PC to the reset routine*/
2000 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
2006 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
2010 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
2011 // FIXME This can never return -1
2012 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
2014 ELOG("write_buffer_to_sram() == -1\n");
2018 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2019 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2020 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
2022 size_t count = size / sizeof(uint32_t);
2023 if (size % sizeof(uint32_t)) ++count;
2026 stlink_write_reg(sl, target, 0); /* target */
2027 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
2028 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
2029 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2031 } else if (sl->core_id == STM32VL_CORE_ID ||
2032 sl->core_id == STM32F0_CORE_ID ||
2033 sl->chip_id == STM32_CHIPID_F3 ||
2034 sl->chip_id == STM32_CHIPID_F303_HIGH ||
2035 sl->chip_id == STM32_CHIPID_F37x ||
2036 sl->chip_id == STM32_CHIPID_F334) {
2038 size_t count = size / sizeof(uint16_t);
2039 if (size % sizeof(uint16_t)) ++count;
2042 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
2043 stlink_write_reg(sl, target, 1); /* target */
2044 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
2045 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
2046 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2048 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
2049 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
2050 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4)) {
2052 size_t count = size / sizeof(uint32_t);
2053 if (size % sizeof(uint32_t)) ++count;
2054 if (sl->chip_id == STM32_CHIPID_L4) {
2055 if (count % 2) ++count;
2059 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
2060 stlink_write_reg(sl, target, 1); /* target */
2061 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
2062 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2065 fprintf(stderr, "unknown coreid 0x%x, don't know what flash loader to use\n", sl->core_id);
2072 #define WAIT_ROUNDS 10000
2073 /* wait until done (reaches breakpoint) */
2074 for (i = 0; i < WAIT_ROUNDS; i++) {
2076 if (is_core_halted(sl))
2080 if (i >= WAIT_ROUNDS) {
2081 ELOG("flash loader run error\n");
2085 /* check written byte count */
2086 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2087 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2088 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
2090 size_t count = size / sizeof(uint32_t);
2091 if (size % sizeof(uint32_t)) ++count;
2093 stlink_read_reg(sl, 3, &rr);
2094 if (rr.r[3] != count) {
2095 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
2099 } else if (sl->core_id == STM32VL_CORE_ID ||
2100 sl->core_id == STM32F0_CORE_ID ||
2101 sl->chip_id == STM32_CHIPID_F3 ||
2102 sl->chip_id == STM32_CHIPID_F303_HIGH ||
2103 sl->chip_id == STM32_CHIPID_F37x ||
2104 sl->chip_id == STM32_CHIPID_F334) {
2106 stlink_read_reg(sl, 2, &rr);
2108 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
2112 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
2113 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
2114 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4)) {
2116 stlink_read_reg(sl, 2, &rr);
2118 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
2124 fprintf(stderr, "unknown coreid 0x%x, can't check written byte count\n", sl->core_id);
projects / fw / stlink / blob