10 #include <sys/types.h>
14 #include "stlink-common.h"
15 #include "uglylogging.h"
21 /* todo: stm32l15xxx flash memory, pm0062 manual */
23 /* stm32f FPEC flash controller interface, pm0063 manual */
24 // TODO - all of this needs to be abstracted out....
25 // STM32F05x is identical, based on RM0091 (DM00031936, Doc ID 018940 Rev 2, August 2012)
26 #define FLASH_REGS_ADDR 0x40022000
27 #define FLASH_REGS_SIZE 0x28
29 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
30 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
31 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
32 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
33 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
34 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
35 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
37 // For STM32F05x, the RDPTR_KEY may be wrong, but as it is not used anywhere...
38 #define FLASH_RDPTR_KEY 0x00a5
39 #define FLASH_KEY1 0x45670123
40 #define FLASH_KEY2 0xcdef89ab
42 #define FLASH_SR_BSY 0
43 #define FLASH_SR_EOP 5
46 #define FLASH_CR_PER 1
47 #define FLASH_CR_MER 2
48 #define FLASH_CR_STRT 6
49 #define FLASH_CR_LOCK 7
52 //32L = 32F1 same CoreID as 32F4!
53 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
54 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
55 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
56 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
57 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
58 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
59 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
60 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
61 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
62 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
63 #define FLASH_L1_FPRG 10
64 #define FLASH_L1_PROG 3
66 //32L4 register base is at FLASH_REGS_ADDR (0x40022000)
67 #define STM32L4_FLASH_KEYR (FLASH_REGS_ADDR + 0x08)
68 #define STM32L4_FLASH_SR (FLASH_REGS_ADDR + 0x10)
69 #define STM32L4_FLASH_CR (FLASH_REGS_ADDR + 0x14)
70 #define STM32L4_FLASH_OPTR (FLASH_REGS_ADDR + 0x20)
72 #define STM32L4_FLASH_SR_BSY 16
73 #define STM32L4_FLASH_SR_ERRMASK 0x3f8 /* SR [9:3] */
75 #define STM32L4_FLASH_CR_LOCK 31 /* Lock control register */
76 #define STM32L4_FLASH_CR_PG 0 /* Program */
77 #define STM32L4_FLASH_CR_PER 1 /* Page erase */
78 #define STM32L4_FLASH_CR_MER1 2 /* Bank 1 erase */
79 #define STM32L4_FLASH_CR_MER2 15 /* Bank 2 erase */
80 #define STM32L4_FLASH_CR_STRT 16 /* Start command */
81 #define STM32L4_FLASH_CR_BKER 11 /* Bank select for page erase */
82 #define STM32L4_FLASH_CR_PNB 3 /* Page number (8 bits) */
83 // Bits requesting flash operations (useful when we want to clear them)
84 #define STM32L4_FLASH_CR_OPBITS \
85 ((1lu<<STM32L4_FLASH_CR_PG) | (1lu<<STM32L4_FLASH_CR_PER) \
86 | (1lu<<STM32L4_FLASH_CR_MER1) | (1lu<<STM32L4_FLASH_CR_MER1))
87 // Page is fully specified by BKER and PNB
88 #define STM32L4_FLASH_CR_PAGEMASK (0x1fflu << STM32L4_FLASH_CR_PNB)
90 #define STM32L4_FLASH_OPTR_DUALBANK 21
92 //STM32L0x flash register base and offsets
94 // RM0090 - DM00031020.pdf
95 #define STM32L0_FLASH_REGS_ADDR ((uint32_t)0x40022000)
96 #define FLASH_ACR_OFF ((uint32_t) 0x00)
97 #define FLASH_PECR_OFF ((uint32_t) 0x04)
98 #define FLASH_PDKEYR_OFF ((uint32_t) 0x08)
99 #define FLASH_PEKEYR_OFF ((uint32_t) 0x0c)
100 #define FLASH_PRGKEYR_OFF ((uint32_t) 0x10)
101 #define FLASH_OPTKEYR_OFF ((uint32_t) 0x14)
102 #define FLASH_SR_OFF ((uint32_t) 0x18)
103 #define FLASH_OBR_OFF ((uint32_t) 0x1c)
104 #define FLASH_WRPR_OFF ((uint32_t) 0x20)
109 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
110 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
111 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
112 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
113 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
114 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
115 #define FLASH_F4_CR_STRT 16
116 #define FLASH_F4_CR_LOCK 31
117 #define FLASH_F4_CR_SER 1
118 #define FLASH_F4_CR_SNB 3
119 #define FLASH_F4_CR_SNB_MASK 0xf8
120 #define FLASH_F4_SR_BSY 16
122 #define L1_WRITE_BLOCK_SIZE 0x80
123 #define L0_WRITE_BLOCK_SIZE 0x40
125 void write_uint32(unsigned char* buf, uint32_t ui) {
126 if (!is_bigendian()) { // le -> le (don't swap)
127 buf[0] = ((unsigned char*) &ui)[0];
128 buf[1] = ((unsigned char*) &ui)[1];
129 buf[2] = ((unsigned char*) &ui)[2];
130 buf[3] = ((unsigned char*) &ui)[3];
132 buf[0] = ((unsigned char*) &ui)[3];
133 buf[1] = ((unsigned char*) &ui)[2];
134 buf[2] = ((unsigned char*) &ui)[1];
135 buf[3] = ((unsigned char*) &ui)[0];
139 void write_uint16(unsigned char* buf, uint16_t ui) {
140 if (!is_bigendian()) { // le -> le (don't swap)
141 buf[0] = ((unsigned char*) &ui)[0];
142 buf[1] = ((unsigned char*) &ui)[1];
144 buf[0] = ((unsigned char*) &ui)[1];
145 buf[1] = ((unsigned char*) &ui)[0];
149 uint32_t read_uint32(const unsigned char *c, const int pt) {
151 char *p = (char *) &ui;
153 if (!is_bigendian()) { // le -> le (don't swap)
167 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
168 return stlink_read_debug32(sl, FLASH_WRPR) & 0xff;
171 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
172 return stlink_read_debug32(sl, FLASH_WRPR);
175 static inline uint32_t read_flash_obr(stlink_t *sl) {
176 return stlink_read_debug32(sl, FLASH_OBR);
179 static inline uint32_t read_flash_cr(stlink_t *sl) {
181 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||(sl->chip_id == STM32_CHIPID_F4_DE) ||
182 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
183 (sl->chip_id == STM32_CHIPID_F446))
184 res = stlink_read_debug32(sl, FLASH_F4_CR);
185 else if (sl->chip_id == STM32_CHIPID_L4)
186 res = stlink_read_debug32(sl, STM32L4_FLASH_CR);
188 res = stlink_read_debug32(sl, FLASH_CR);
190 fprintf(stdout, "CR:0x%x\n", res);
195 static inline unsigned int is_flash_locked(stlink_t *sl) {
196 /* return non zero for true */
197 uint32_t cr = read_flash_cr(sl);
199 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
200 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
201 (sl->chip_id == STM32_CHIPID_F446))
202 return cr & (1 << FLASH_F4_CR_LOCK);
203 else if (sl->chip_id == STM32_CHIPID_L4)
204 return cr & (1lu << STM32L4_FLASH_CR_LOCK);
206 return cr & (1 << FLASH_CR_LOCK);
209 static void unlock_flash(stlink_t *sl) {
210 /* the unlock sequence consists of 2 write cycles where
211 2 key values are written to the FLASH_KEYR register.
212 an invalid sequence results in a definitive lock of
213 the FPEC block until next reset.
215 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
216 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
217 (sl->chip_id == STM32_CHIPID_F446)) {
218 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
219 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
220 } else if (sl->chip_id == STM32_CHIPID_L4) {
221 stlink_write_debug32(sl, STM32L4_FLASH_KEYR, FLASH_KEY1);
222 stlink_write_debug32(sl, STM32L4_FLASH_KEYR, FLASH_KEY2);
224 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
225 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
230 static int unlock_flash_if(stlink_t *sl) {
231 /* unlock flash if already locked */
233 if (is_flash_locked(sl)) {
235 if (is_flash_locked(sl)) {
236 WLOG("Failed to unlock flash!\n");
240 DLOG("Successfully unlocked flash\n");
244 static void lock_flash(stlink_t *sl) {
245 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
246 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
247 (sl->chip_id == STM32_CHIPID_F446)) {
248 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
249 stlink_write_debug32(sl, FLASH_F4_CR, n);
250 } else if (sl->chip_id == STM32_CHIPID_L4) {
251 const uint32_t n = read_flash_cr(sl) | (1lu << STM32L4_FLASH_CR_LOCK);
252 stlink_write_debug32(sl, STM32L4_FLASH_CR, n);
254 /* write to 1 only. reset by hw at unlock sequence */
255 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
256 stlink_write_debug32(sl, FLASH_CR, n);
261 static void set_flash_cr_pg(stlink_t *sl) {
262 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
263 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
264 (sl->chip_id == STM32_CHIPID_F446)) {
265 uint32_t x = read_flash_cr(sl);
266 x |= (1 << FLASH_CR_PG);
267 stlink_write_debug32(sl, FLASH_F4_CR, x);
268 } else if (sl->chip_id == STM32_CHIPID_L4) {
269 uint32_t x = read_flash_cr(sl);
270 x &=~ STM32L4_FLASH_CR_OPBITS;
271 x |= (1 << STM32L4_FLASH_CR_PG);
272 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
274 const uint32_t n = 1 << FLASH_CR_PG;
275 stlink_write_debug32(sl, FLASH_CR, n);
279 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
280 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
281 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
282 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
283 (sl->chip_id == STM32_CHIPID_F446))
284 stlink_write_debug32(sl, FLASH_F4_CR, n);
286 stlink_write_debug32(sl, FLASH_CR, n);
289 static void set_flash_cr_per(stlink_t *sl) {
290 const uint32_t n = 1 << FLASH_CR_PER;
291 stlink_write_debug32(sl, FLASH_CR, n);
294 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
295 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
296 stlink_write_debug32(sl, FLASH_CR, n);
299 static void set_flash_cr_mer(stlink_t *sl) {
300 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
301 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
302 (sl->chip_id == STM32_CHIPID_F446))
303 stlink_write_debug32(sl, FLASH_F4_CR,
304 stlink_read_debug32(sl, FLASH_F4_CR) | (1 << FLASH_CR_MER));
305 else if (sl->chip_id == STM32_CHIPID_L4) {
306 uint32_t x = stlink_read_debug32(sl, STM32L4_FLASH_CR);
307 x &=~ STM32L4_FLASH_CR_OPBITS;
308 x |= (1lu << STM32L4_FLASH_CR_MER1) | (1lu << STM32L4_FLASH_CR_MER2);
309 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
311 stlink_write_debug32(sl, FLASH_CR,
312 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_MER));
315 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
316 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
317 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
318 (sl->chip_id == STM32_CHIPID_F446))
319 stlink_write_debug32(sl, FLASH_F4_CR,
320 stlink_read_debug32(sl, FLASH_F4_CR) & ~(1 << FLASH_CR_MER));
322 stlink_write_debug32(sl, FLASH_CR,
323 stlink_read_debug32(sl, FLASH_CR) & ~(1 << FLASH_CR_MER));
326 static void set_flash_cr_strt(stlink_t *sl) {
327 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
328 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
329 (sl->chip_id == STM32_CHIPID_F446)) {
330 uint32_t x = read_flash_cr(sl);
331 x |= (1 << FLASH_F4_CR_STRT);
332 stlink_write_debug32(sl, FLASH_F4_CR, x);
333 } else if (sl->chip_id == STM32_CHIPID_L4) {
334 uint32_t x = read_flash_cr(sl);
335 x |= (1lu << STM32L4_FLASH_CR_STRT);
336 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
338 stlink_write_debug32(sl, FLASH_CR,
339 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_STRT) );
343 static inline uint32_t read_flash_acr(stlink_t *sl) {
344 return stlink_read_debug32(sl, FLASH_ACR);
347 static inline uint32_t read_flash_sr(stlink_t *sl) {
349 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
350 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
351 (sl->chip_id == STM32_CHIPID_F446))
352 res = stlink_read_debug32(sl, FLASH_F4_SR);
353 else if (sl->chip_id == STM32_CHIPID_L4)
354 res = stlink_read_debug32(sl, STM32L4_FLASH_SR);
356 res = stlink_read_debug32(sl, FLASH_SR);
357 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
361 static inline unsigned int is_flash_busy(stlink_t *sl) {
362 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
363 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
364 (sl->chip_id == STM32_CHIPID_F446))
365 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
366 else if (sl->chip_id == STM32_CHIPID_L4)
367 return read_flash_sr(sl) & (1 << STM32L4_FLASH_SR_BSY);
369 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
372 static void wait_flash_busy(stlink_t *sl) {
373 /* todo: add some delays here */
374 while (is_flash_busy(sl))
378 static void wait_flash_busy_progress(stlink_t *sl) {
380 fprintf(stdout, "Mass erasing");
382 while (is_flash_busy(sl)) {
386 fprintf(stdout, ".");
390 fprintf(stdout, "\n");
393 static inline unsigned int is_flash_eop(stlink_t *sl) {
394 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
397 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
398 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
399 stlink_write_debug32(sl, FLASH_SR, n);
402 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
403 /* todo: add some delays here */
404 while (is_flash_eop(sl) == 0)
408 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
409 stlink_write_debug32(sl, FLASH_AR, n);
412 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
413 uint32_t x = read_flash_cr(sl);
417 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
419 stlink_write_debug32(sl, FLASH_F4_CR, x);
423 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
424 uint32_t x = read_flash_cr(sl);
425 x &= ~FLASH_F4_CR_SNB_MASK;
426 x |= (n << FLASH_F4_CR_SNB);
427 x |= (1 << FLASH_F4_CR_SER);
429 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
431 stlink_write_debug32(sl, FLASH_F4_CR, x);
434 static inline void write_flash_cr_bker_pnb(stlink_t *sl, uint32_t n) {
435 uint32_t x = read_flash_cr(sl);
436 x &=~ STM32L4_FLASH_CR_OPBITS;
437 x &=~ STM32L4_FLASH_CR_PAGEMASK;
438 x |= (n << STM32L4_FLASH_CR_PNB);
439 x |= (1lu << STM32L4_FLASH_CR_PER);
441 fprintf(stdout, "BKER:PNB:0x%x 0x%x\n", x, n);
443 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
446 // Delegates to the backends...
448 void stlink_close(stlink_t *sl) {
449 DLOG("*** stlink_close ***\n");
450 sl->backend->close(sl);
454 void stlink_exit_debug_mode(stlink_t *sl) {
455 DLOG("*** stlink_exit_debug_mode ***\n");
456 stlink_write_debug32(sl, DHCSR, DBGKEY);
457 sl->backend->exit_debug_mode(sl);
460 void stlink_enter_swd_mode(stlink_t *sl) {
461 DLOG("*** stlink_enter_swd_mode ***\n");
462 sl->backend->enter_swd_mode(sl);
465 // Force the core into the debug mode -> halted state.
466 void stlink_force_debug(stlink_t *sl) {
467 DLOG("*** stlink_force_debug_mode ***\n");
468 sl->backend->force_debug(sl);
471 void stlink_exit_dfu_mode(stlink_t *sl) {
472 DLOG("*** stlink_exit_dfu_mode ***\n");
473 sl->backend->exit_dfu_mode(sl);
476 uint32_t stlink_core_id(stlink_t *sl) {
477 DLOG("*** stlink_core_id ***\n");
478 sl->backend->core_id(sl);
480 stlink_print_data(sl);
481 DLOG("core_id = 0x%08x\n", sl->core_id);
485 uint32_t stlink_chip_id(stlink_t *sl) {
486 uint32_t chip_id = stlink_read_debug32(sl, 0xE0042000);
487 if (chip_id == 0) chip_id = stlink_read_debug32(sl, 0x40015800); //Try Corex M0 DBGMCU_IDCODE register address
492 * Cortex m3 tech ref manual, CPUID register description
493 * @param sl stlink context
494 * @param cpuid pointer to the result object
496 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
497 uint32_t raw = stlink_read_debug32(sl, CM3_REG_CPUID);
498 cpuid->implementer_id = (raw >> 24) & 0x7f;
499 cpuid->variant = (raw >> 20) & 0xf;
500 cpuid->part = (raw >> 4) & 0xfff;
501 cpuid->revision = raw & 0xf;
506 * reads and decodes the flash parameters, as dynamically as possible
508 * @return 0 for success, or -1 for unsupported core type.
510 int stlink_load_device_params(stlink_t *sl) {
511 ILOG("Loading device parameters....\n");
512 const chip_params_t *params = NULL;
513 sl->core_id = stlink_core_id(sl);
514 uint32_t chip_id = stlink_chip_id(sl);
517 sl->chip_id = chip_id & 0xfff;
518 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
519 if (sl->chip_id == 0x411) {
520 uint32_t cpuid = stlink_read_debug32(sl, 0xE000ED00);
521 if ((cpuid & 0xfff0) == 0xc240)
525 for (size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
526 if(devices[i].chip_id == sl->chip_id) {
527 params = &devices[i];
531 if (params == NULL) {
532 WLOG("unknown chip id! %#x\n", chip_id);
536 // These are fixed...
537 sl->flash_base = STM32_FLASH_BASE;
538 sl->sram_base = STM32_SRAM_BASE;
539 flash_size = stlink_read_debug32(sl,(params->flash_size_reg) & ~3);
540 if (params->flash_size_reg & 2)
541 flash_size = flash_size >>16;
542 flash_size = flash_size & 0xffff;
544 if ((sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) && ( flash_size == 0 )) {
545 sl->flash_size = 128 * 1024;
546 } else if (sl->chip_id == STM32_CHIPID_L1_CAT2) {
547 sl->flash_size = (flash_size & 0xff) * 1024;
548 } else if ((sl->chip_id & 0xFFF) == STM32_CHIPID_L1_HIGH) {
549 // 0 is 384k and 1 is 256k
550 if ( flash_size == 0 ) {
551 sl->flash_size = 384 * 1024;
553 sl->flash_size = 256 * 1024;
556 sl->flash_size = flash_size * 1024;
558 sl->flash_pgsz = params->flash_pagesize;
559 sl->sram_size = params->sram_size;
560 sl->sys_base = params->bootrom_base;
561 sl->sys_size = params->bootrom_size;
563 //medium and low devices have the same chipid. ram size depends on flash size.
564 //STM32F100xx datasheet Doc ID 16455 Table 2
565 if(sl->chip_id == STM32_CHIPID_F1_VL_MEDIUM_LOW && sl->flash_size < 64 * 1024){
566 sl->sram_size = 0x1000;
569 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
570 // TODO make note of variable page size here.....
571 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
572 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
577 void stlink_reset(stlink_t *sl) {
578 DLOG("*** stlink_reset ***\n");
579 sl->backend->reset(sl);
582 void stlink_jtag_reset(stlink_t *sl, int value) {
583 DLOG("*** stlink_jtag_reset ***\n");
584 sl->backend->jtag_reset(sl, value);
587 void stlink_run(stlink_t *sl) {
588 DLOG("*** stlink_run ***\n");
589 sl->backend->run(sl);
592 void stlink_status(stlink_t *sl) {
593 DLOG("*** stlink_status ***\n");
594 sl->backend->status(sl);
595 stlink_core_stat(sl);
599 * Decode the version bits, originally from -sg, verified with usb
600 * @param sl stlink context, assumed to contain valid data in the buffer
601 * @param slv output parsed version object
603 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
604 uint32_t b0 = sl->q_buf[0]; //lsb
605 uint32_t b1 = sl->q_buf[1];
606 uint32_t b2 = sl->q_buf[2];
607 uint32_t b3 = sl->q_buf[3];
608 uint32_t b4 = sl->q_buf[4];
609 uint32_t b5 = sl->q_buf[5]; //msb
611 // b0 b1 || b2 b3 | b4 b5
612 // 4b | 6b | 6b || 2B | 2B
613 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
615 slv->stlink_v = (b0 & 0xf0) >> 4;
616 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
617 slv->swim_v = b1 & 0x3f;
618 slv->st_vid = (b3 << 8) | b2;
619 slv->stlink_pid = (b5 << 8) | b4;
623 void stlink_version(stlink_t *sl) {
624 DLOG("*** looking up stlink version\n");
625 sl->backend->version(sl);
626 _parse_version(sl, &sl->version);
628 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
629 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
630 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
631 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
632 DLOG("swim version = 0x%x\n", sl->version.swim_v);
633 if (sl->version.jtag_v == 0) {
634 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
636 if (sl->version.swim_v == 0) {
637 DLOG(" notice: the firmware doesn't support a swim interface\n");
641 int stlink_target_voltage(stlink_t *sl) {
643 DLOG("*** reading target voltage\n");
644 if (sl->backend->target_voltage != NULL) {
645 voltage = sl->backend->target_voltage(sl);
647 DLOG("target voltage = %ldmV\n", voltage);
649 DLOG("error reading target voltage\n");
652 DLOG("reading voltage not supported by backend\n");
657 uint32_t stlink_read_debug32(stlink_t *sl, uint32_t addr) {
658 uint32_t data = sl->backend->read_debug32(sl, addr);
659 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
663 void stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
664 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
665 sl->backend->write_debug32(sl, addr, data);
668 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
669 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
671 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
674 sl->backend->write_mem32(sl, addr, len);
677 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
678 DLOG("*** stlink_read_mem32 ***\n");
679 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
680 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
684 sl->backend->read_mem32(sl, addr, len);
687 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
688 DLOG("*** stlink_write_mem8 ***\n");
689 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
690 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
694 sl->backend->write_mem8(sl, addr, len);
697 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
698 DLOG("*** stlink_read_all_regs ***\n");
699 sl->backend->read_all_regs(sl, regp);
702 void stlink_read_all_unsupported_regs(stlink_t *sl, reg *regp) {
703 DLOG("*** stlink_read_all_unsupported_regs ***\n");
704 sl->backend->read_all_unsupported_regs(sl, regp);
707 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
708 DLOG("*** stlink_write_reg\n");
709 sl->backend->write_reg(sl, reg, idx);
712 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
713 DLOG("*** stlink_read_reg\n");
714 DLOG(" (%d) ***\n", r_idx);
716 if (r_idx > 20 || r_idx < 0) {
717 fprintf(stderr, "Error: register index must be in [0..20]\n");
721 sl->backend->read_reg(sl, r_idx, regp);
724 void stlink_read_unsupported_reg(stlink_t *sl, int r_idx, reg *regp) {
727 DLOG("*** stlink_read_unsupported_reg\n");
728 DLOG(" (%d) ***\n", r_idx);
730 /* Convert to values used by DCRSR */
731 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
733 } else if (r_idx == 0x40) { /* FPSCR */
735 } else if (r_idx >= 0x20 && r_idx < 0x40) {
736 r_convert = 0x40 + (r_idx - 0x20);
738 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
742 sl->backend->read_unsupported_reg(sl, r_convert, regp);
745 void stlink_write_unsupported_reg(stlink_t *sl, uint32_t val, int r_idx, reg *regp) {
748 DLOG("*** stlink_write_unsupported_reg\n");
749 DLOG(" (%d) ***\n", r_idx);
751 /* Convert to values used by DCRSR */
752 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
753 r_convert = r_idx; /* The backend function handles this */
754 } else if (r_idx == 0x40) { /* FPSCR */
756 } else if (r_idx >= 0x20 && r_idx < 0x40) {
757 r_convert = 0x40 + (r_idx - 0x20);
759 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
763 sl->backend->write_unsupported_reg(sl, val, r_convert, regp);
766 unsigned int is_core_halted(stlink_t *sl) {
767 /* return non zero if core is halted */
769 return sl->q_buf[0] == STLINK_CORE_HALTED;
772 void stlink_step(stlink_t *sl) {
773 DLOG("*** stlink_step ***\n");
774 sl->backend->step(sl);
777 int stlink_current_mode(stlink_t *sl) {
778 int mode = sl->backend->current_mode(sl);
780 case STLINK_DEV_DFU_MODE:
781 DLOG("stlink current mode: dfu\n");
783 case STLINK_DEV_DEBUG_MODE:
784 DLOG("stlink current mode: debug (jtag or swd)\n");
786 case STLINK_DEV_MASS_MODE:
787 DLOG("stlink current mode: mass\n");
790 DLOG("stlink mode: unknown!\n");
791 return STLINK_DEV_UNKNOWN_MODE;
797 // End of delegates.... Common code below here...
800 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
802 // #define is_bigendian() ( (*(char*)&i) == 0 )
804 inline unsigned int is_bigendian(void) {
805 static volatile const unsigned int i = 1;
806 return *(volatile const char*) &i == 0;
809 uint16_t read_uint16(const unsigned char *c, const int pt) {
811 char *p = (char *) &ui;
813 if (!is_bigendian()) { // le -> le (don't swap)
823 // same as above with entrypoint.
825 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
826 stlink_write_reg(sl, addr, 15); /* pc register */
830 while (is_core_halted(sl) == 0)
834 void stlink_core_stat(stlink_t *sl) {
838 switch (sl->q_buf[0]) {
839 case STLINK_CORE_RUNNING:
840 sl->core_stat = STLINK_CORE_RUNNING;
841 DLOG(" core status: running\n");
843 case STLINK_CORE_HALTED:
844 sl->core_stat = STLINK_CORE_HALTED;
845 DLOG(" core status: halted\n");
848 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
849 fprintf(stderr, " core status: unknown\n");
853 void stlink_print_data(stlink_t * sl) {
854 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
857 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
859 for (int i = 0; i < sl->q_len; i++) {
862 if (sl->q_data_dir == Q_DATA_OUT)
863 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
865 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
868 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
870 fputs("\n\n", stdout);
873 /* memory mapped file */
875 typedef struct mapped_file {
880 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
882 static int map_file(mapped_file_t* mf, const char* path) {
886 const int fd = open(path, O_RDONLY | O_BINARY);
888 fprintf(stderr, "open(%s) == -1\n", path);
892 if (fstat(fd, &st) == -1) {
893 fprintf(stderr, "fstat() == -1\n");
897 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
898 if (mf->base == MAP_FAILED) {
899 fprintf(stderr, "mmap() == MAP_FAILED\n");
903 mf->len = st.st_size;
914 static void unmap_file(mapped_file_t * mf) {
915 munmap((void*) mf->base, mf->len);
916 mf->base = (unsigned char*) MAP_FAILED;
920 /* Limit the block size to compare to 0x1800
921 Anything larger will stall the STLINK2
922 Maybe STLINK V1 needs smaller value!*/
923 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
925 size_t n_cmp = sl->flash_pgsz;
929 for (off = 0; off < mf->len; off += n_cmp) {
932 /* adjust last page size */
933 size_t cmp_size = n_cmp;
934 if ((off + n_cmp) > mf->len)
935 cmp_size = mf->len - off;
937 aligned_size = cmp_size;
938 if (aligned_size & (4 - 1))
939 aligned_size = (cmp_size + 4) & ~(4 - 1);
941 stlink_read_mem32(sl, addr + off, aligned_size);
943 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
950 int stlink_fwrite_sram
951 (stlink_t * sl, const char* path, stm32_addr_t addr) {
952 /* write the file in sram at addr */
956 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
959 if (map_file(&mf, path) == -1) {
960 fprintf(stderr, "map_file() == -1\n");
964 /* check addr range is inside the sram */
965 if (addr < sl->sram_base) {
966 fprintf(stderr, "addr too low\n");
968 } else if ((addr + mf.len) < addr) {
969 fprintf(stderr, "addr overruns\n");
971 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
972 fprintf(stderr, "addr too high\n");
974 } else if ((addr & 3) || (mf.len & 3)) {
976 fprintf(stderr, "unaligned addr or size\n");
979 /* do the copy by 1k blocks */
980 for (off = 0; off < mf.len; off += 1024) {
982 if ((off + size) > mf.len)
985 memcpy(sl->q_buf, mf.base + off, size);
987 /* round size if needed */
991 stlink_write_mem32(sl, addr + off, size);
994 /* check the file ha been written */
995 if (check_file(sl, &mf, addr) == -1) {
996 fprintf(stderr, "check_file() == -1\n");
1003 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1004 /* Set PC to the reset routine*/
1005 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1013 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
1014 /* read size bytes from addr to file */
1019 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1020 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1021 || sl->chip_id == STM32_CHIPID_L152_RE) ? 0:0xff;
1023 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
1025 fprintf(stderr, "open(%s) == -1\n", path);
1030 size = sl->flash_size;
1032 if (size > sl->flash_size)
1033 size = sl->flash_size;
1035 /* do the copy by 1k blocks */
1036 for (off = 0; off < size; off += 1024) {
1037 size_t read_size = 1024;
1038 size_t rounded_size;
1040 if ((off + read_size) > size)
1041 read_size = size - off;
1043 /* round size if needed */
1044 rounded_size = read_size;
1045 if (rounded_size & 3)
1046 rounded_size = (rounded_size + 4) & ~(3);
1048 stlink_read_mem32(sl, addr + off, rounded_size);
1050 for(index = 0; index < read_size; index ++) {
1051 if (sl->q_buf[index] == erased_pattern)
1056 if (write(fd, sl->q_buf, read_size) != (ssize_t) read_size) {
1057 fprintf(stderr, "write() != read_size\n");
1062 /* Ignore NULL Bytes at end of file */
1063 if (!ftruncate(fd, size - num_empty)) {
1076 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
1077 /* write the buffer right after the loader */
1078 size_t chunk = size & ~0x3;
1079 size_t rem = size & 0x3;
1081 memcpy(sl->q_buf, buf, chunk);
1082 stlink_write_mem32(sl, fl->buf_addr, chunk);
1085 memcpy(sl->q_buf, buf+chunk, rem);
1086 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
1091 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
1092 uint32_t offset = 0;
1093 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1094 if (flashaddr >= 0x100000) {
1096 flashaddr -= 0x100000;
1098 if (flashaddr<0x4000) return (offset + 0);
1099 else if(flashaddr<0x8000) return(offset + 1);
1100 else if(flashaddr<0xc000) return(offset + 2);
1101 else if(flashaddr<0x10000) return(offset + 3);
1102 else if(flashaddr<0x20000) return(offset + 4);
1103 else return offset + (flashaddr/0x20000) +4;
1107 // Returns BKER:PNB for the given page address
1108 uint32_t calculate_L4_page(stlink_t *sl, uint32_t flashaddr) {
1110 uint32_t flashopt = stlink_read_debug32(sl, STM32L4_FLASH_OPTR);
1111 flashaddr -= STM32_FLASH_BASE;
1112 if (flashopt & (1lu << STM32L4_FLASH_OPTR_DUALBANK)) {
1113 uint32_t banksize = sl->flash_size / 2;
1114 if (flashaddr > banksize) {
1115 flashaddr -= banksize;
1119 // For 1MB chips without the dual-bank option set, the page address will
1120 // overflow into the BKER bit, which gives us the correct bank:page value.
1121 return bker | flashaddr/sl->flash_pgsz;
1124 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
1125 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1126 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
1127 (sl->chip_id == STM32_CHIPID_F446)) {
1128 uint32_t sector=calculate_F4_sectornum(flashaddr);
1132 if (sector<4) sl->flash_pgsz=0x4000;
1133 else if(sector<5) sl->flash_pgsz=0x10000;
1134 else sl->flash_pgsz=0x20000;
1136 return (sl->flash_pgsz);
1140 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
1141 * @param sl stlink context
1142 * @param flashaddr an address in the flash page to erase
1143 * @return 0 on success -ve on failure
1145 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
1147 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1148 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
1149 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_L4)) {
1150 /* wait for ongoing op to finish */
1151 wait_flash_busy(sl);
1153 /* unlock if locked */
1154 unlock_flash_if(sl);
1156 /* select the page to erase */
1157 if (sl->chip_id == STM32_CHIPID_L4) {
1158 // calculate the actual bank+page from the address
1159 uint32_t page = calculate_L4_page(sl, flashaddr);
1161 write_flash_cr_bker_pnb(sl, page);
1163 // calculate the actual page from the address
1164 uint32_t sector=calculate_F4_sectornum(flashaddr);
1166 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1168 //the SNB values for flash sectors in the second bank do not directly follow the values for the first bank on 2mb devices...
1169 if (sector >= 12) sector += 4;
1171 write_flash_cr_snb(sl, sector);
1174 /* start erase operation */
1175 set_flash_cr_strt(sl);
1177 /* wait for completion */
1178 wait_flash_busy(sl);
1180 /* relock the flash */
1181 //todo: fails to program if this is in
1184 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
1186 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1187 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1188 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1191 uint32_t flash_regs_base;
1192 if (sl->chip_id == STM32_CHIPID_L0) {
1193 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1195 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1198 /* check if the locks are set */
1199 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1200 if((val & (1<<0))||(val & (1<<1))) {
1201 /* disable pecr protection */
1202 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1203 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1205 /* check pecr.pelock is cleared */
1206 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1207 if (val & (1 << 0)) {
1208 WLOG("pecr.pelock not clear (%#x)\n", val);
1212 /* unlock program memory */
1213 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1214 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1216 /* check pecr.prglock is cleared */
1217 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1218 if (val & (1 << 1)) {
1219 WLOG("pecr.prglock not clear (%#x)\n", val);
1224 /* set pecr.{erase,prog} */
1225 val |= (1 << 9) | (1 << 3);
1226 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1227 #if 0 /* fix_to_be_confirmed */
1229 /* wait for sr.busy to be cleared
1230 * MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1231 * wrong and we do not need to wait here for clearing the busy bit.
1232 * TEXANE: ok, if experience says so and it works for you, we comment
1233 * it. If someone has a problem, please drop an email.
1235 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1238 #endif /* fix_to_be_confirmed */
1240 /* write 0 to the first word of the page to be erased */
1241 stlink_write_debug32(sl, flashaddr, 0);
1243 /* MP: It is better to wait for clearing the busy bit after issuing
1244 page erase command, even though PM0062 recommends to wait before it.
1245 Test shows that a few iterations is performed in the following loop
1246 before busy bit is cleared.*/
1247 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0)
1250 /* reset lock bits */
1251 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF)
1252 | (1 << 0) | (1 << 1) | (1 << 2);
1253 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1254 } else if (sl->core_id == STM32VL_CORE_ID
1255 || sl->core_id == STM32F0_CORE_ID
1256 || sl->chip_id == STM32_CHIPID_F3
1257 || sl->chip_id == STM32_CHIPID_F303_HIGH
1258 || sl->chip_id == STM32_CHIPID_F37x
1259 || sl->chip_id == STM32_CHIPID_F334) {
1260 /* wait for ongoing op to finish */
1261 wait_flash_busy(sl);
1263 /* unlock if locked */
1264 unlock_flash_if(sl);
1266 /* set the page erase bit */
1267 set_flash_cr_per(sl);
1269 /* select the page to erase */
1270 write_flash_ar(sl, flashaddr);
1272 /* start erase operation, reset by hw with bsy bit */
1273 set_flash_cr_strt(sl);
1275 /* wait for completion */
1276 wait_flash_busy(sl);
1278 /* relock the flash */
1281 WLOG("unknown coreid %x, page erase failed\n", sl->core_id);
1285 /* todo: verify the erased page */
1290 int stlink_erase_flash_mass(stlink_t *sl) {
1291 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1292 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1293 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1294 /* erase each page */
1295 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1296 for (i = 0; i < num_pages; i++) {
1297 /* addr must be an addr inside the page */
1298 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1299 if (stlink_erase_flash_page(sl, addr) == -1) {
1300 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1303 fprintf(stdout,"\rFlash page at %5d/%5d erased", i, num_pages);
1306 fprintf(stdout, "\n");
1308 /* wait for ongoing op to finish */
1309 wait_flash_busy(sl);
1311 /* unlock if locked */
1312 unlock_flash_if(sl);
1314 /* set the mass erase bit */
1315 set_flash_cr_mer(sl);
1317 /* start erase operation, reset by hw with bsy bit */
1318 set_flash_cr_strt(sl);
1320 /* wait for completion */
1321 wait_flash_busy_progress(sl);
1323 /* relock the flash */
1326 /* todo: verify the erased memory */
1331 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1334 /* allocate the loader in sram */
1335 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1336 WLOG("Failed to write flash loader to sram!\n");
1340 /* allocate a one page buffer in sram right after loader */
1341 fl->buf_addr = fl->loader_addr + size;
1342 ILOG("Successfully loaded flash loader in sram\n");
1346 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1347 /* from openocd, contrib/loaders/flash/stm32.s */
1348 static const uint8_t loader_code_stm32vl[] = {
1349 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1350 0x1c, 0x44, /* add r4, r3 */
1351 /* write_half_word: */
1352 0x01, 0x23, /* movs r3, #0x01 */
1353 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1354 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1355 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1357 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1358 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1359 0xfb, 0xd0, /* beq busy */
1360 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1361 0x01, 0xd1, /* bne exit */
1362 0x01, 0x3a, /* subs r2, r2, #0x01 */
1363 0xf0, 0xd1, /* bne write_half_word */
1365 0x00, 0xbe, /* bkpt #0x00 */
1366 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1369 /* flashloaders/stm32f0.s -- thumb1 only, same sequence as for STM32VL, bank ignored */
1370 static const uint8_t loader_code_stm32f0[] = {
1373 * These two NOPs here are a safety precaution, added by Pekka Nikander
1374 * while debugging the STM32F05x support. They may not be needed, but
1375 * there were strange problems with simpler programs, like a program
1376 * that had just a breakpoint or a program that first moved zero to register r2
1377 * and then had a breakpoint. So, it appears safest to have these two nops.
1379 * Feel free to remove them, if you dare, but then please do test the result
1380 * rigorously. Also, if you remove these, it may be a good idea first to
1381 * #if 0 them out, with a comment when these were taken out, and to remove
1382 * these only a few months later... But YMMV.
1384 0x00, 0x30, // nop /* add r0,#0 */
1385 0x00, 0x30, // nop /* add r0,#0 */
1387 0x0A, 0x4C, // ldr r4, STM32_FLASH_BASE
1388 0x01, 0x25, // mov r5, #1 /* FLASH_CR_PG, FLASH_SR_BUSY */
1389 0x04, 0x26, // mov r6, #4 /* PGERR */
1391 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1392 0x2B, 0x43, // orr r3, r5
1393 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR |= FLASH_CR_PG */
1394 0x03, 0x88, // ldrh r3, [r0] /* r3 = *sram */
1395 0x0B, 0x80, // strh r3, [r1] /* *flash = r3 */
1397 0xE3, 0x68, // ldr r3, [r4, #12] /* FLASH->SR */
1398 0x2B, 0x42, // tst r3, r5 /* FLASH_SR_BUSY */
1399 0xFC, 0xD0, // beq busy
1401 0x33, 0x42, // tst r3, r6 /* PGERR */
1402 0x04, 0xD1, // bne exit
1404 0x02, 0x30, // add r0, r0, #2 /* sram += 2 */
1405 0x02, 0x31, // add r1, r1, #2 /* flash += 2 */
1406 0x01, 0x3A, // sub r2, r2, #0x01 /* count-- */
1407 0x00, 0x2A, // cmp r2, #0
1408 0xF0, 0xD1, // bne write_half_word
1410 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1411 0xAB, 0x43, // bic r3, r5
1412 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR &= ~FLASH_CR_PG */
1413 0x00, 0xBE, // bkpt #0x00
1414 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1417 static const uint8_t loader_code_stm32l[] = {
1419 /* openocd.git/contrib/loaders/flash/stm32lx.S
1420 r0, input, dest addr
1421 r1, input, source addr
1422 r2, input, word count
1423 r3, output, word count
1429 0x51, 0xf8, 0x04, 0xcb,
1430 0x40, 0xf8, 0x04, 0xcb,
1438 static const uint8_t loader_code_stm32l0[] = {
1441 r0, input, dest addr
1442 r1, input, source addr
1443 r2, input, word count
1444 r3, output, word count
1461 static const uint8_t loader_code_stm32f4[] = {
1462 // flashloaders/stm32f4.s
1471 0x14, 0xf0, 0x01, 0x0f,
1473 0x00, 0xf1, 0x04, 0x00,
1474 0x01, 0xf1, 0x04, 0x01,
1475 0xa2, 0xf1, 0x01, 0x02,
1480 0x00, 0x3c, 0x02, 0x40,
1483 static const uint8_t loader_code_stm32f4_lv[] = {
1484 // flashloaders/stm32f4lv.s
1493 0x14, 0xf0, 0x01, 0x0f,
1495 0x00, 0xf1, 0x01, 0x00,
1496 0x01, 0xf1, 0x01, 0x01,
1497 0xa2, 0xf1, 0x01, 0x02,
1503 0x00, 0x3c, 0x02, 0x40,
1506 static const uint8_t loader_code_stm32l4[] = {
1507 // flashloaders/stm32l4.s
1508 0x08, 0x4b, // start: ldr r3, [pc, #32] ; <flash_base>
1509 0x72, 0xb1, // next: cbz r2, <done>
1510 0x04, 0x68, // ldr r4, [r0, #0]
1511 0x45, 0x68, // ldr r5, [r0, #4]
1512 0x0c, 0x60, // str r4, [r1, #0]
1513 0x4d, 0x60, // str r5, [r1, #4]
1514 0x5c, 0x8a, // wait: ldrh r4, [r3, #18]
1515 0x14, 0xf0, 0x01, 0x0f, // tst.w r4, #1
1516 0xfb, 0xd1, // bne.n <wait>
1517 0x00, 0xf1, 0x08, 0x00, // add.w r0, r0, #8
1518 0x01, 0xf1, 0x08, 0x01, // add.w r1, r1, #8
1519 0xa2, 0xf1, 0x02, 0x02, // add.w r2, r2, #2
1520 0xef, 0xe7, // b.n <next>
1521 0x00, 0xbe, // done: bkpt 0x0000
1522 0x00, 0x20, 0x02, 0x40 // flash_base: .word 0x40022000
1525 const uint8_t* loader_code;
1528 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1529 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1530 || sl->chip_id == STM32_CHIPID_L152_RE) { /* stm32l */
1531 loader_code = loader_code_stm32l;
1532 loader_size = sizeof(loader_code_stm32l);
1533 } else if (sl->core_id == STM32VL_CORE_ID
1534 || sl->chip_id == STM32_CHIPID_F3
1535 || sl->chip_id == STM32_CHIPID_F303_HIGH
1536 || sl->chip_id == STM32_CHIPID_F37x
1537 || sl->chip_id == STM32_CHIPID_F334) {
1538 loader_code = loader_code_stm32vl;
1539 loader_size = sizeof(loader_code_stm32vl);
1540 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1541 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
1542 (sl->chip_id == STM32_CHIPID_F446)){
1543 int voltage = stlink_target_voltage(sl);
1544 if (voltage > 2700) {
1545 loader_code = loader_code_stm32f4;
1546 loader_size = sizeof(loader_code_stm32f4);
1548 loader_code = loader_code_stm32f4_lv;
1549 loader_size = sizeof(loader_code_stm32f4_lv);
1551 } else if (sl->chip_id == STM32_CHIPID_F0 || sl->chip_id == STM32_CHIPID_F04 || sl->chip_id == STM32_CHIPID_F0_CAN || sl->chip_id == STM32_CHIPID_F0_SMALL || sl->chip_id == STM32_CHIPID_F09X) {
1552 loader_code = loader_code_stm32f0;
1553 loader_size = sizeof(loader_code_stm32f0);
1554 } else if (sl->chip_id == STM32_CHIPID_L0) {
1555 loader_code = loader_code_stm32l0;
1556 loader_size = sizeof(loader_code_stm32l0);
1557 } else if (sl->chip_id == STM32_CHIPID_L4) {
1558 loader_code = loader_code_stm32l4;
1559 loader_size = sizeof(loader_code_stm32l4);
1561 ELOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1565 memcpy(sl->q_buf, loader_code, loader_size);
1566 stlink_write_mem32(sl, sl->sram_base, loader_size);
1568 *addr = sl->sram_base;
1569 *size = loader_size;
1575 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1576 /* check the contents of path are at addr */
1579 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1581 if (map_file(&mf, path) == -1)
1584 res = check_file(sl, &mf, addr);
1592 * Verify addr..addr+len is binary identical to base...base+len
1593 * @param sl stlink context
1594 * @param address stm device address
1595 * @param data host side buffer to check against
1596 * @param length how much
1597 * @return 0 for success, -ve for failure
1599 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1601 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1602 ILOG("Starting verification of write complete\n");
1603 for (off = 0; off < length; off += cmp_size) {
1604 size_t aligned_size;
1606 /* adjust last page size */
1607 if ((off + cmp_size) > length)
1608 cmp_size = length - off;
1610 aligned_size = cmp_size;
1611 if (aligned_size & (4 - 1))
1612 aligned_size = (cmp_size + 4) & ~(4 - 1);
1614 stlink_read_mem32(sl, address + off, aligned_size);
1616 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1617 ELOG("Verification of flash failed at offset: %zd\n", off);
1621 ILOG("Flash written and verified! jolly good!\n");
1626 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len, uint32_t pagesize)
1629 unsigned int num_half_pages = len / pagesize;
1631 uint32_t flash_regs_base;
1634 if (sl->chip_id == STM32_CHIPID_L0) {
1635 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1637 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1640 ILOG("Starting Half page flash write for STM32L core id\n");
1641 /* flash loader initialization */
1642 if (init_flash_loader(sl, &fl) == -1) {
1643 WLOG("init_flash_loader() == -1\n");
1646 /* Unlock already done */
1647 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1648 val |= (1 << FLASH_L1_FPRG);
1649 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1651 val |= (1 << FLASH_L1_PROG);
1652 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1653 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0) {}
1655 for (count = 0; count < num_half_pages; count ++) {
1656 if (run_flash_loader(sl, &fl, addr + count * pagesize, base + count * pagesize, pagesize) == -1) {
1657 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * pagesize);
1658 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1659 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1660 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1663 /* wait for sr.busy to be cleared */
1664 if (sl->verbose >= 1) {
1665 /* show progress. writing procedure is slow
1666 and previous errors are misleading */
1667 fprintf(stdout, "\r%3u/%u halfpages written", count + 1, num_half_pages);
1670 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0) {
1673 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1674 val &= ~(1 << FLASH_L1_PROG);
1675 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1676 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1677 val &= ~(1 << FLASH_L1_FPRG);
1678 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1683 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len) {
1686 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1687 len, len, addr, addr);
1688 /* check addr range is inside the flash */
1689 stlink_calculate_pagesize(sl, addr);
1690 if (addr < sl->flash_base) {
1691 ELOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1693 } else if ((addr + len) < addr) {
1694 ELOG("addr overruns\n");
1696 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1697 ELOG("addr too high\n");
1699 } else if (addr & 1) {
1700 ELOG("unaligned addr 0x%x\n", addr);
1702 } else if (len & 1) {
1703 WLOG("unaligned len 0x%x -- padding with zero\n", len);
1705 } else if (addr & (sl->flash_pgsz - 1)) {
1706 ELOG("addr not a multiple of pagesize, not supported\n");
1710 // Make sure we've loaded the context with the chip details
1712 /* erase each page */
1714 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1715 /* addr must be an addr inside the page */
1716 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1717 ELOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1720 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1721 (unsigned long)addr + off);
1725 fprintf(stdout,"\n");
1726 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1727 page_count, sl->flash_pgsz, sl->flash_pgsz);
1729 if ((sl->chip_id == STM32_CHIPID_F2) ||
1730 (sl->chip_id == STM32_CHIPID_F4) ||
1731 (sl->chip_id == STM32_CHIPID_F4_DE) ||
1732 (sl->chip_id == STM32_CHIPID_F4_LP) ||
1733 (sl->chip_id == STM32_CHIPID_F4_HD) ||
1734 (sl->chip_id == STM32_CHIPID_F411RE) ||
1735 (sl->chip_id == STM32_CHIPID_F446) ||
1736 (sl->chip_id == STM32_CHIPID_L4)) {
1737 /* todo: check write operation */
1739 ILOG("Starting Flash write for F2/F4/L4\n");
1740 /* flash loader initialization */
1741 if (init_flash_loader(sl, &fl) == -1) {
1742 ELOG("init_flash_loader() == -1\n");
1746 /* First unlock the cr */
1747 unlock_flash_if(sl);
1749 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1750 if (sl->chip_id != STM32_CHIPID_L4) {
1751 /* set parallelisim to 32 bit*/
1752 int voltage = stlink_target_voltage(sl);
1753 if (voltage > 2700) {
1754 printf("enabling 32-bit flash writes\n");
1755 write_flash_cr_psiz(sl, 2);
1757 printf("Target voltage (%d mV) too low for 32-bit flash, using 8-bit flash writes\n", voltage);
1758 write_flash_cr_psiz(sl, 0);
1761 /* L4 does not have a byte-write mode */
1762 int voltage = stlink_target_voltage(sl);
1763 if (voltage <= 2700) {
1764 printf("Target voltage (%d mV) too low for flash writes!\n", voltage);
1769 /* set programming mode */
1770 set_flash_cr_pg(sl);
1772 for(off = 0; off < len;) {
1773 size_t size = len - off > 0x8000 ? 0x8000 : len - off;
1775 printf("size: %zu\n", size);
1777 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1778 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1790 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1791 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1792 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1793 /* use fast word write. todo: half page. */
1795 uint32_t flash_regs_base;
1798 if (sl->chip_id == STM32_CHIPID_L0) {
1799 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1800 pagesize = L0_WRITE_BLOCK_SIZE;
1802 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1803 pagesize = L1_WRITE_BLOCK_SIZE;
1806 /* todo: check write operation */
1808 /* disable pecr protection */
1809 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1810 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1812 /* check pecr.pelock is cleared */
1813 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1814 if (val & (1 << 0)) {
1815 fprintf(stderr, "pecr.pelock not clear\n");
1819 /* unlock program memory */
1820 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1821 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1823 /* check pecr.prglock is cleared */
1824 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1825 if (val & (1 << 1)) {
1826 fprintf(stderr, "pecr.prglock not clear\n");
1830 if (len > pagesize) {
1831 if (stm32l1_write_half_pages(sl, addr, base, len, pagesize) == -1) {
1832 /* This may happen on a blank device! */
1833 WLOG("\nwrite_half_pages failed == -1\n");
1835 off = (len / pagesize)*pagesize;
1839 /* write remainingword in program memory */
1840 for ( ; off < len; off += sizeof(uint32_t)) {
1843 fprintf(stdout, "\r");
1845 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1846 fprintf(stdout, "\r%3zd/%3zd pages written",
1847 off/sl->flash_pgsz, len/sl->flash_pgsz);
1851 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1852 stlink_write_debug32(sl, addr + off, data);
1854 /* wait for sr.busy to be cleared */
1855 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0)
1858 /* todo: check redo write operation */
1861 fprintf(stdout, "\n");
1862 /* reset lock bits */
1863 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF)
1864 | (1 << 0) | (1 << 1) | (1 << 2);
1865 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1866 } else if (sl->core_id == STM32VL_CORE_ID ||
1867 sl->core_id == STM32F0_CORE_ID ||
1868 sl->chip_id == STM32_CHIPID_F3 ||
1869 sl->chip_id == STM32_CHIPID_F303_HIGH ||
1870 sl->chip_id == STM32_CHIPID_F334 ||
1871 sl->chip_id == STM32_CHIPID_F37x) {
1872 ILOG("Starting Flash write for VL/F0/F3 core id\n");
1873 /* flash loader initialization */
1874 if (init_flash_loader(sl, &fl) == -1) {
1875 ELOG("init_flash_loader() == -1\n");
1879 int write_block_count = 0;
1880 for (off = 0; off < len; off += sl->flash_pgsz) {
1881 /* adjust last write size */
1882 size_t size = sl->flash_pgsz;
1883 if ((off + sl->flash_pgsz) > len) size = len - off;
1885 /* unlock and set programming mode */
1886 unlock_flash_if(sl);
1887 set_flash_cr_pg(sl);
1888 //DLOG("Finished setting flash cr pg, running loader!\n");
1889 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1890 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1894 if (sl->verbose >= 1) {
1895 /* show progress. writing procedure is slow
1896 and previous errors are misleading */
1897 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
1901 fprintf(stdout, "\n");
1903 ELOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1907 return stlink_verify_write_flash(sl, addr, base, len);
1911 * Write the given binary file into flash at address "addr"
1913 * @param path readable file path, should be binary image
1914 * @param addr where to start writing
1915 * @return 0 on success, -ve on failure.
1917 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1918 /* write the file in flash at addr */
1920 unsigned int num_empty = 0, index;
1921 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1922 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1923 || sl->chip_id == STM32_CHIPID_L152_RE) ? 0:0xff;
1924 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1925 if (map_file(&mf, path) == -1) {
1926 ELOG("map_file() == -1\n");
1929 for(index = 0; index < mf.len; index ++) {
1930 if (mf.base[index] == erased_pattern)
1935 /* Round down to words */
1936 num_empty -= (num_empty & 3);
1937 if(num_empty != 0) {
1938 ILOG("Ignoring %d bytes of 0x%02x at end of file\n", num_empty, erased_pattern);
1939 mf.len -= num_empty;
1941 err = stlink_write_flash(sl, addr, mf.base, mf.len);
1943 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1944 /* Set PC to the reset routine*/
1945 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1951 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
1955 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
1956 // FIXME This can never return -1
1957 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
1959 ELOG("write_buffer_to_sram() == -1\n");
1963 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1964 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1965 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1967 size_t count = size / sizeof(uint32_t);
1968 if (size % sizeof(uint32_t)) ++count;
1971 stlink_write_reg(sl, target, 0); /* target */
1972 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
1973 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1974 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1976 } else if (sl->core_id == STM32VL_CORE_ID ||
1977 sl->core_id == STM32F0_CORE_ID ||
1978 sl->chip_id == STM32_CHIPID_F3 ||
1979 sl->chip_id == STM32_CHIPID_F303_HIGH ||
1980 sl->chip_id == STM32_CHIPID_F37x ||
1981 sl->chip_id == STM32_CHIPID_F334) {
1983 size_t count = size / sizeof(uint16_t);
1984 if (size % sizeof(uint16_t)) ++count;
1987 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1988 stlink_write_reg(sl, target, 1); /* target */
1989 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
1990 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
1991 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1993 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1994 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
1995 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_L4)) {
1997 size_t count = size / sizeof(uint32_t);
1998 if (size % sizeof(uint32_t)) ++count;
1999 if (sl->chip_id == STM32_CHIPID_L4) {
2000 if (count % 2) ++count;
2004 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
2005 stlink_write_reg(sl, target, 1); /* target */
2006 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
2007 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2010 fprintf(stderr, "unknown coreid 0x%x, don't know what flash loader to use\n", sl->core_id);
2017 #define WAIT_ROUNDS 10000
2018 /* wait until done (reaches breakpoint) */
2019 for (i = 0; i < WAIT_ROUNDS; i++) {
2021 if (is_core_halted(sl))
2025 if (i >= WAIT_ROUNDS) {
2026 ELOG("flash loader run error\n");
2030 /* check written byte count */
2031 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2032 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2033 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
2035 size_t count = size / sizeof(uint32_t);
2036 if (size % sizeof(uint32_t)) ++count;
2038 stlink_read_reg(sl, 3, &rr);
2039 if (rr.r[3] != count) {
2040 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
2044 } else if (sl->core_id == STM32VL_CORE_ID ||
2045 sl->core_id == STM32F0_CORE_ID ||
2046 sl->chip_id == STM32_CHIPID_F3 ||
2047 sl->chip_id == STM32_CHIPID_F303_HIGH ||
2048 sl->chip_id == STM32_CHIPID_F37x ||
2049 sl->chip_id == STM32_CHIPID_F334) {
2051 stlink_read_reg(sl, 2, &rr);
2053 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
2057 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
2058 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
2059 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_L4)) {
2061 stlink_read_reg(sl, 2, &rr);
2063 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
2069 fprintf(stderr, "unknown coreid 0x%x, can't check written byte count\n", sl->core_id);