10 #include <sys/types.h>
14 #include "stlink-common.h"
15 #include "uglylogging.h"
21 /* todo: stm32l15xxx flash memory, pm0062 manual */
23 /* stm32f FPEC flash controller interface, pm0063 manual */
24 // TODO - all of this needs to be abstracted out....
25 // STM32F05x is identical, based on RM0091 (DM00031936, Doc ID 018940 Rev 2, August 2012)
26 #define FLASH_REGS_ADDR 0x40022000
27 #define FLASH_REGS_SIZE 0x28
29 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
30 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
31 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
32 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
33 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
34 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
35 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
37 // For STM32F05x, the RDPTR_KEY may be wrong, but as it is not used anywhere...
38 #define FLASH_RDPTR_KEY 0x00a5
39 #define FLASH_KEY1 0x45670123
40 #define FLASH_KEY2 0xcdef89ab
42 #define FLASH_SR_BSY 0
43 #define FLASH_SR_EOP 5
46 #define FLASH_CR_PER 1
47 #define FLASH_CR_MER 2
48 #define FLASH_CR_STRT 6
49 #define FLASH_CR_LOCK 7
52 //32L = 32F1 same CoreID as 32F4!
53 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
54 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
55 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
56 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
57 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
58 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
59 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
60 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
61 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
62 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
63 #define FLASH_L1_FPRG 10
64 #define FLASH_L1_PROG 3
66 //32L4 register base is at FLASH_REGS_ADDR (0x40022000)
67 #define STM32L4_FLASH_KEYR (FLASH_REGS_ADDR + 0x08)
68 #define STM32L4_FLASH_SR (FLASH_REGS_ADDR + 0x10)
69 #define STM32L4_FLASH_CR (FLASH_REGS_ADDR + 0x14)
70 #define STM32L4_FLASH_OPTR (FLASH_REGS_ADDR + 0x20)
72 #define STM32L4_FLASH_SR_BSY 16
73 #define STM32L4_FLASH_SR_ERRMASK 0x3f8 /* SR [9:3] */
75 #define STM32L4_FLASH_CR_LOCK 31 /* Lock control register */
76 #define STM32L4_FLASH_CR_PG 0 /* Program */
77 #define STM32L4_FLASH_CR_PER 1 /* Page erase */
78 #define STM32L4_FLASH_CR_MER1 2 /* Bank 1 erase */
79 #define STM32L4_FLASH_CR_MER2 15 /* Bank 2 erase */
80 #define STM32L4_FLASH_CR_STRT 16 /* Start command */
81 #define STM32L4_FLASH_CR_BKER 11 /* Bank select for page erase */
82 #define STM32L4_FLASH_CR_PNB 3 /* Page number (8 bits) */
83 // Bits requesting flash operations (useful when we want to clear them)
84 #define STM32L4_FLASH_CR_OPBITS \
85 ((1lu<<STM32L4_FLASH_CR_PG) | (1lu<<STM32L4_FLASH_CR_PER) \
86 | (1lu<<STM32L4_FLASH_CR_MER1) | (1lu<<STM32L4_FLASH_CR_MER1))
87 // Page is fully specified by BKER and PNB
88 #define STM32L4_FLASH_CR_PAGEMASK (0x1fflu << STM32L4_FLASH_CR_PNB)
90 #define STM32L4_FLASH_OPTR_DUALBANK 21
92 //STM32L0x flash register base and offsets
94 // RM0090 - DM00031020.pdf
95 #define STM32L0_FLASH_REGS_ADDR ((uint32_t)0x40022000)
96 #define FLASH_ACR_OFF ((uint32_t) 0x00)
97 #define FLASH_PECR_OFF ((uint32_t) 0x04)
98 #define FLASH_PDKEYR_OFF ((uint32_t) 0x08)
99 #define FLASH_PEKEYR_OFF ((uint32_t) 0x0c)
100 #define FLASH_PRGKEYR_OFF ((uint32_t) 0x10)
101 #define FLASH_OPTKEYR_OFF ((uint32_t) 0x14)
102 #define FLASH_SR_OFF ((uint32_t) 0x18)
103 #define FLASH_OBR_OFF ((uint32_t) 0x1c)
104 #define FLASH_WRPR_OFF ((uint32_t) 0x20)
109 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
110 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
111 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
112 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
113 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
114 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
115 #define FLASH_F4_CR_STRT 16
116 #define FLASH_F4_CR_LOCK 31
117 #define FLASH_F4_CR_SER 1
118 #define FLASH_F4_CR_SNB 3
119 #define FLASH_F4_CR_SNB_MASK 0xf8
120 #define FLASH_F4_SR_BSY 16
122 #define L1_WRITE_BLOCK_SIZE 0x80
123 #define L0_WRITE_BLOCK_SIZE 0x40
125 void write_uint32(unsigned char* buf, uint32_t ui) {
126 if (!is_bigendian()) { // le -> le (don't swap)
127 buf[0] = ((unsigned char*) &ui)[0];
128 buf[1] = ((unsigned char*) &ui)[1];
129 buf[2] = ((unsigned char*) &ui)[2];
130 buf[3] = ((unsigned char*) &ui)[3];
132 buf[0] = ((unsigned char*) &ui)[3];
133 buf[1] = ((unsigned char*) &ui)[2];
134 buf[2] = ((unsigned char*) &ui)[1];
135 buf[3] = ((unsigned char*) &ui)[0];
139 void write_uint16(unsigned char* buf, uint16_t ui) {
140 if (!is_bigendian()) { // le -> le (don't swap)
141 buf[0] = ((unsigned char*) &ui)[0];
142 buf[1] = ((unsigned char*) &ui)[1];
144 buf[0] = ((unsigned char*) &ui)[1];
145 buf[1] = ((unsigned char*) &ui)[0];
149 uint32_t read_uint32(const unsigned char *c, const int pt) {
151 char *p = (char *) &ui;
153 if (!is_bigendian()) { // le -> le (don't swap)
167 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
168 return stlink_read_debug32(sl, FLASH_WRPR) & 0xff;
171 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
172 return stlink_read_debug32(sl, FLASH_WRPR);
175 static inline uint32_t read_flash_obr(stlink_t *sl) {
176 return stlink_read_debug32(sl, FLASH_OBR);
179 static inline uint32_t read_flash_cr(stlink_t *sl) {
181 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||(sl->chip_id == STM32_CHIPID_F4_DE) ||
182 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
183 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
184 res = stlink_read_debug32(sl, FLASH_F4_CR);
185 else if (sl->chip_id == STM32_CHIPID_L4)
186 res = stlink_read_debug32(sl, STM32L4_FLASH_CR);
188 res = stlink_read_debug32(sl, FLASH_CR);
190 fprintf(stdout, "CR:0x%x\n", res);
195 static inline unsigned int is_flash_locked(stlink_t *sl) {
196 /* return non zero for true */
197 uint32_t cr = read_flash_cr(sl);
199 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
200 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
201 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
202 return cr & (1 << FLASH_F4_CR_LOCK);
203 else if (sl->chip_id == STM32_CHIPID_L4)
204 return cr & (1lu << STM32L4_FLASH_CR_LOCK);
206 return cr & (1 << FLASH_CR_LOCK);
209 static void unlock_flash(stlink_t *sl) {
210 /* the unlock sequence consists of 2 write cycles where
211 2 key values are written to the FLASH_KEYR register.
212 an invalid sequence results in a definitive lock of
213 the FPEC block until next reset.
215 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
216 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
217 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
218 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
219 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
220 } else if (sl->chip_id == STM32_CHIPID_L4) {
221 stlink_write_debug32(sl, STM32L4_FLASH_KEYR, FLASH_KEY1);
222 stlink_write_debug32(sl, STM32L4_FLASH_KEYR, FLASH_KEY2);
224 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
225 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
230 static int unlock_flash_if(stlink_t *sl) {
231 /* unlock flash if already locked */
233 if (is_flash_locked(sl)) {
235 if (is_flash_locked(sl)) {
236 WLOG("Failed to unlock flash!\n");
240 DLOG("Successfully unlocked flash\n");
244 static void lock_flash(stlink_t *sl) {
245 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
246 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
247 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
248 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
249 stlink_write_debug32(sl, FLASH_F4_CR, n);
250 } else if (sl->chip_id == STM32_CHIPID_L4) {
251 const uint32_t n = read_flash_cr(sl) | (1lu << STM32L4_FLASH_CR_LOCK);
252 stlink_write_debug32(sl, STM32L4_FLASH_CR, n);
254 /* write to 1 only. reset by hw at unlock sequence */
255 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
256 stlink_write_debug32(sl, FLASH_CR, n);
261 static void set_flash_cr_pg(stlink_t *sl) {
262 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
263 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
264 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
265 uint32_t x = read_flash_cr(sl);
266 x |= (1 << FLASH_CR_PG);
267 stlink_write_debug32(sl, FLASH_F4_CR, x);
268 } else if (sl->chip_id == STM32_CHIPID_L4) {
269 uint32_t x = read_flash_cr(sl);
270 x &=~ STM32L4_FLASH_CR_OPBITS;
271 x |= (1 << STM32L4_FLASH_CR_PG);
272 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
274 const uint32_t n = 1 << FLASH_CR_PG;
275 stlink_write_debug32(sl, FLASH_CR, n);
279 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
280 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
281 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
282 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
283 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
284 stlink_write_debug32(sl, FLASH_F4_CR, n);
286 stlink_write_debug32(sl, FLASH_CR, n);
289 static void set_flash_cr_per(stlink_t *sl) {
290 const uint32_t n = 1 << FLASH_CR_PER;
291 stlink_write_debug32(sl, FLASH_CR, n);
294 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
295 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
296 stlink_write_debug32(sl, FLASH_CR, n);
299 static void set_flash_cr_mer(stlink_t *sl) {
300 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
301 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
302 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
303 stlink_write_debug32(sl, FLASH_F4_CR,
304 stlink_read_debug32(sl, FLASH_F4_CR) | (1 << FLASH_CR_MER));
305 else if (sl->chip_id == STM32_CHIPID_L4) {
306 uint32_t x = stlink_read_debug32(sl, STM32L4_FLASH_CR);
307 x &=~ STM32L4_FLASH_CR_OPBITS;
308 x |= (1lu << STM32L4_FLASH_CR_MER1) | (1lu << STM32L4_FLASH_CR_MER2);
309 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
311 stlink_write_debug32(sl, FLASH_CR,
312 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_MER));
315 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
316 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
317 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
318 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
319 stlink_write_debug32(sl, FLASH_F4_CR,
320 stlink_read_debug32(sl, FLASH_F4_CR) & ~(1 << FLASH_CR_MER));
322 stlink_write_debug32(sl, FLASH_CR,
323 stlink_read_debug32(sl, FLASH_CR) & ~(1 << FLASH_CR_MER));
326 static void set_flash_cr_strt(stlink_t *sl) {
327 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
328 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
329 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
330 uint32_t x = read_flash_cr(sl);
331 x |= (1 << FLASH_F4_CR_STRT);
332 stlink_write_debug32(sl, FLASH_F4_CR, x);
333 } else if (sl->chip_id == STM32_CHIPID_L4) {
334 uint32_t x = read_flash_cr(sl);
335 x |= (1lu << STM32L4_FLASH_CR_STRT);
336 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
338 stlink_write_debug32(sl, FLASH_CR,
339 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_STRT) );
343 static inline uint32_t read_flash_acr(stlink_t *sl) {
344 return stlink_read_debug32(sl, FLASH_ACR);
347 static inline uint32_t read_flash_sr(stlink_t *sl) {
349 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
350 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
351 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
352 res = stlink_read_debug32(sl, FLASH_F4_SR);
353 else if (sl->chip_id == STM32_CHIPID_L4)
354 res = stlink_read_debug32(sl, STM32L4_FLASH_SR);
356 res = stlink_read_debug32(sl, FLASH_SR);
357 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
361 static inline unsigned int is_flash_busy(stlink_t *sl) {
362 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
363 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
364 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
365 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
366 else if (sl->chip_id == STM32_CHIPID_L4)
367 return read_flash_sr(sl) & (1 << STM32L4_FLASH_SR_BSY);
369 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
372 static void wait_flash_busy(stlink_t *sl) {
373 /* todo: add some delays here */
374 while (is_flash_busy(sl))
378 static void wait_flash_busy_progress(stlink_t *sl) {
380 fprintf(stdout, "Mass erasing");
382 while (is_flash_busy(sl)) {
386 fprintf(stdout, ".");
390 fprintf(stdout, "\n");
393 static inline unsigned int is_flash_eop(stlink_t *sl) {
394 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
397 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
398 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
399 stlink_write_debug32(sl, FLASH_SR, n);
402 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
403 /* todo: add some delays here */
404 while (is_flash_eop(sl) == 0)
408 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
409 stlink_write_debug32(sl, FLASH_AR, n);
412 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
413 uint32_t x = read_flash_cr(sl);
417 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
419 stlink_write_debug32(sl, FLASH_F4_CR, x);
423 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
424 uint32_t x = read_flash_cr(sl);
425 x &= ~FLASH_F4_CR_SNB_MASK;
426 x |= (n << FLASH_F4_CR_SNB);
427 x |= (1 << FLASH_F4_CR_SER);
429 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
431 stlink_write_debug32(sl, FLASH_F4_CR, x);
434 static inline void write_flash_cr_bker_pnb(stlink_t *sl, uint32_t n) {
435 stlink_write_debug32(sl, STM32L4_FLASH_SR, 0xFFFFFFFF & ~(1<<STM32L4_FLASH_SR_BSY));
436 uint32_t x = read_flash_cr(sl);
437 x &=~ STM32L4_FLASH_CR_OPBITS;
438 x &=~ STM32L4_FLASH_CR_PAGEMASK;
439 x &= ~(1<<STM32L4_FLASH_CR_MER1);
440 x &= ~(1<<STM32L4_FLASH_CR_MER2);
441 x |= (n << STM32L4_FLASH_CR_PNB);
442 x |= (1lu << STM32L4_FLASH_CR_PER);
444 fprintf(stdout, "BKER:PNB:0x%x 0x%x\n", x, n);
446 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
449 // Delegates to the backends...
451 void stlink_close(stlink_t *sl) {
452 DLOG("*** stlink_close ***\n");
453 sl->backend->close(sl);
457 void stlink_exit_debug_mode(stlink_t *sl) {
458 DLOG("*** stlink_exit_debug_mode ***\n");
459 stlink_write_debug32(sl, DHCSR, DBGKEY);
460 sl->backend->exit_debug_mode(sl);
463 void stlink_enter_swd_mode(stlink_t *sl) {
464 DLOG("*** stlink_enter_swd_mode ***\n");
465 sl->backend->enter_swd_mode(sl);
468 // Force the core into the debug mode -> halted state.
469 void stlink_force_debug(stlink_t *sl) {
470 DLOG("*** stlink_force_debug_mode ***\n");
471 sl->backend->force_debug(sl);
474 void stlink_exit_dfu_mode(stlink_t *sl) {
475 DLOG("*** stlink_exit_dfu_mode ***\n");
476 sl->backend->exit_dfu_mode(sl);
479 uint32_t stlink_core_id(stlink_t *sl) {
480 DLOG("*** stlink_core_id ***\n");
481 sl->backend->core_id(sl);
483 stlink_print_data(sl);
484 DLOG("core_id = 0x%08x\n", sl->core_id);
488 uint32_t stlink_chip_id(stlink_t *sl) {
489 uint32_t chip_id = stlink_read_debug32(sl, 0xE0042000);
490 if (chip_id == 0) chip_id = stlink_read_debug32(sl, 0x40015800); //Try Corex M0 DBGMCU_IDCODE register address
495 * Cortex m3 tech ref manual, CPUID register description
496 * @param sl stlink context
497 * @param cpuid pointer to the result object
499 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
500 uint32_t raw = stlink_read_debug32(sl, CM3_REG_CPUID);
501 cpuid->implementer_id = (raw >> 24) & 0x7f;
502 cpuid->variant = (raw >> 20) & 0xf;
503 cpuid->part = (raw >> 4) & 0xfff;
504 cpuid->revision = raw & 0xf;
509 * reads and decodes the flash parameters, as dynamically as possible
511 * @return 0 for success, or -1 for unsupported core type.
513 int stlink_load_device_params(stlink_t *sl) {
514 ILOG("Loading device parameters....\n");
515 const chip_params_t *params = NULL;
516 sl->core_id = stlink_core_id(sl);
517 uint32_t chip_id = stlink_chip_id(sl);
520 sl->chip_id = chip_id & 0xfff;
521 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
522 if (sl->chip_id == 0x411) {
523 uint32_t cpuid = stlink_read_debug32(sl, 0xE000ED00);
524 if ((cpuid & 0xfff0) == 0xc240)
528 for (size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
529 if(devices[i].chip_id == sl->chip_id) {
530 params = &devices[i];
534 if (params == NULL) {
535 WLOG("unknown chip id! %#x\n", chip_id);
539 // These are fixed...
540 sl->flash_base = STM32_FLASH_BASE;
541 sl->sram_base = STM32_SRAM_BASE;
542 flash_size = stlink_read_debug32(sl,(params->flash_size_reg) & ~3);
543 if (params->flash_size_reg & 2)
544 flash_size = flash_size >>16;
545 flash_size = flash_size & 0xffff;
547 if ((sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) && ( flash_size == 0 )) {
548 sl->flash_size = 128 * 1024;
549 } else if (sl->chip_id == STM32_CHIPID_L1_CAT2) {
550 sl->flash_size = (flash_size & 0xff) * 1024;
551 } else if ((sl->chip_id & 0xFFF) == STM32_CHIPID_L1_HIGH) {
552 // 0 is 384k and 1 is 256k
553 if ( flash_size == 0 ) {
554 sl->flash_size = 384 * 1024;
556 sl->flash_size = 256 * 1024;
559 sl->flash_size = flash_size * 1024;
561 sl->flash_pgsz = params->flash_pagesize;
562 sl->sram_size = params->sram_size;
563 sl->sys_base = params->bootrom_base;
564 sl->sys_size = params->bootrom_size;
566 //medium and low devices have the same chipid. ram size depends on flash size.
567 //STM32F100xx datasheet Doc ID 16455 Table 2
568 if(sl->chip_id == STM32_CHIPID_F1_VL_MEDIUM_LOW && sl->flash_size < 64 * 1024){
569 sl->sram_size = 0x1000;
572 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
573 // TODO make note of variable page size here.....
574 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
575 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
580 void stlink_reset(stlink_t *sl) {
581 DLOG("*** stlink_reset ***\n");
582 sl->backend->reset(sl);
585 void stlink_jtag_reset(stlink_t *sl, int value) {
586 DLOG("*** stlink_jtag_reset ***\n");
587 sl->backend->jtag_reset(sl, value);
590 void stlink_run(stlink_t *sl) {
591 DLOG("*** stlink_run ***\n");
592 sl->backend->run(sl);
595 void stlink_status(stlink_t *sl) {
596 DLOG("*** stlink_status ***\n");
597 sl->backend->status(sl);
598 stlink_core_stat(sl);
602 * Decode the version bits, originally from -sg, verified with usb
603 * @param sl stlink context, assumed to contain valid data in the buffer
604 * @param slv output parsed version object
606 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
607 uint32_t b0 = sl->q_buf[0]; //lsb
608 uint32_t b1 = sl->q_buf[1];
609 uint32_t b2 = sl->q_buf[2];
610 uint32_t b3 = sl->q_buf[3];
611 uint32_t b4 = sl->q_buf[4];
612 uint32_t b5 = sl->q_buf[5]; //msb
614 // b0 b1 || b2 b3 | b4 b5
615 // 4b | 6b | 6b || 2B | 2B
616 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
618 slv->stlink_v = (b0 & 0xf0) >> 4;
619 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
620 slv->swim_v = b1 & 0x3f;
621 slv->st_vid = (b3 << 8) | b2;
622 slv->stlink_pid = (b5 << 8) | b4;
626 void stlink_version(stlink_t *sl) {
627 DLOG("*** looking up stlink version\n");
628 sl->backend->version(sl);
629 _parse_version(sl, &sl->version);
631 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
632 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
633 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
634 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
635 DLOG("swim version = 0x%x\n", sl->version.swim_v);
636 if (sl->version.jtag_v == 0) {
637 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
639 if (sl->version.swim_v == 0) {
640 DLOG(" notice: the firmware doesn't support a swim interface\n");
644 int stlink_target_voltage(stlink_t *sl) {
646 DLOG("*** reading target voltage\n");
647 if (sl->backend->target_voltage != NULL) {
648 voltage = sl->backend->target_voltage(sl);
650 DLOG("target voltage = %ldmV\n", voltage);
652 DLOG("error reading target voltage\n");
655 DLOG("reading voltage not supported by backend\n");
660 uint32_t stlink_read_debug32(stlink_t *sl, uint32_t addr) {
661 uint32_t data = sl->backend->read_debug32(sl, addr);
662 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
666 void stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
667 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
668 sl->backend->write_debug32(sl, addr, data);
671 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
672 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
674 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
677 sl->backend->write_mem32(sl, addr, len);
680 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
681 DLOG("*** stlink_read_mem32 ***\n");
682 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
683 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
687 sl->backend->read_mem32(sl, addr, len);
690 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
691 DLOG("*** stlink_write_mem8 ***\n");
692 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
693 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
697 sl->backend->write_mem8(sl, addr, len);
700 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
701 DLOG("*** stlink_read_all_regs ***\n");
702 sl->backend->read_all_regs(sl, regp);
705 void stlink_read_all_unsupported_regs(stlink_t *sl, reg *regp) {
706 DLOG("*** stlink_read_all_unsupported_regs ***\n");
707 sl->backend->read_all_unsupported_regs(sl, regp);
710 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
711 DLOG("*** stlink_write_reg\n");
712 sl->backend->write_reg(sl, reg, idx);
715 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
716 DLOG("*** stlink_read_reg\n");
717 DLOG(" (%d) ***\n", r_idx);
719 if (r_idx > 20 || r_idx < 0) {
720 fprintf(stderr, "Error: register index must be in [0..20]\n");
724 sl->backend->read_reg(sl, r_idx, regp);
727 void stlink_read_unsupported_reg(stlink_t *sl, int r_idx, reg *regp) {
730 DLOG("*** stlink_read_unsupported_reg\n");
731 DLOG(" (%d) ***\n", r_idx);
733 /* Convert to values used by DCRSR */
734 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
736 } else if (r_idx == 0x40) { /* FPSCR */
738 } else if (r_idx >= 0x20 && r_idx < 0x40) {
739 r_convert = 0x40 + (r_idx - 0x20);
741 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
745 sl->backend->read_unsupported_reg(sl, r_convert, regp);
748 void stlink_write_unsupported_reg(stlink_t *sl, uint32_t val, int r_idx, reg *regp) {
751 DLOG("*** stlink_write_unsupported_reg\n");
752 DLOG(" (%d) ***\n", r_idx);
754 /* Convert to values used by DCRSR */
755 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
756 r_convert = r_idx; /* The backend function handles this */
757 } else if (r_idx == 0x40) { /* FPSCR */
759 } else if (r_idx >= 0x20 && r_idx < 0x40) {
760 r_convert = 0x40 + (r_idx - 0x20);
762 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
766 sl->backend->write_unsupported_reg(sl, val, r_convert, regp);
769 unsigned int is_core_halted(stlink_t *sl) {
770 /* return non zero if core is halted */
772 return sl->q_buf[0] == STLINK_CORE_HALTED;
775 void stlink_step(stlink_t *sl) {
776 DLOG("*** stlink_step ***\n");
777 sl->backend->step(sl);
780 int stlink_current_mode(stlink_t *sl) {
781 int mode = sl->backend->current_mode(sl);
783 case STLINK_DEV_DFU_MODE:
784 DLOG("stlink current mode: dfu\n");
786 case STLINK_DEV_DEBUG_MODE:
787 DLOG("stlink current mode: debug (jtag or swd)\n");
789 case STLINK_DEV_MASS_MODE:
790 DLOG("stlink current mode: mass\n");
793 DLOG("stlink mode: unknown!\n");
794 return STLINK_DEV_UNKNOWN_MODE;
800 // End of delegates.... Common code below here...
803 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
805 // #define is_bigendian() ( (*(char*)&i) == 0 )
807 inline unsigned int is_bigendian(void) {
808 static volatile const unsigned int i = 1;
809 return *(volatile const char*) &i == 0;
812 uint16_t read_uint16(const unsigned char *c, const int pt) {
814 char *p = (char *) &ui;
816 if (!is_bigendian()) { // le -> le (don't swap)
826 // same as above with entrypoint.
828 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
829 stlink_write_reg(sl, addr, 15); /* pc register */
833 while (is_core_halted(sl) == 0)
837 void stlink_core_stat(stlink_t *sl) {
841 switch (sl->q_buf[0]) {
842 case STLINK_CORE_RUNNING:
843 sl->core_stat = STLINK_CORE_RUNNING;
844 DLOG(" core status: running\n");
846 case STLINK_CORE_HALTED:
847 sl->core_stat = STLINK_CORE_HALTED;
848 DLOG(" core status: halted\n");
851 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
852 fprintf(stderr, " core status: unknown\n");
856 void stlink_print_data(stlink_t * sl) {
857 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
860 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
862 for (int i = 0; i < sl->q_len; i++) {
865 if (sl->q_data_dir == Q_DATA_OUT)
866 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
868 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
871 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
873 fputs("\n\n", stdout);
876 /* memory mapped file */
878 typedef struct mapped_file {
883 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
885 static int map_file(mapped_file_t* mf, const char* path) {
889 const int fd = open(path, O_RDONLY | O_BINARY);
891 fprintf(stderr, "open(%s) == -1\n", path);
895 if (fstat(fd, &st) == -1) {
896 fprintf(stderr, "fstat() == -1\n");
900 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
901 if (mf->base == MAP_FAILED) {
902 fprintf(stderr, "mmap() == MAP_FAILED\n");
906 mf->len = st.st_size;
917 static void unmap_file(mapped_file_t * mf) {
918 munmap((void*) mf->base, mf->len);
919 mf->base = (unsigned char*) MAP_FAILED;
923 /* Limit the block size to compare to 0x1800
924 Anything larger will stall the STLINK2
925 Maybe STLINK V1 needs smaller value!*/
926 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
928 size_t n_cmp = sl->flash_pgsz;
932 for (off = 0; off < mf->len; off += n_cmp) {
935 /* adjust last page size */
936 size_t cmp_size = n_cmp;
937 if ((off + n_cmp) > mf->len)
938 cmp_size = mf->len - off;
940 aligned_size = cmp_size;
941 if (aligned_size & (4 - 1))
942 aligned_size = (cmp_size + 4) & ~(4 - 1);
944 stlink_read_mem32(sl, addr + off, aligned_size);
946 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
953 int stlink_fwrite_sram
954 (stlink_t * sl, const char* path, stm32_addr_t addr) {
955 /* write the file in sram at addr */
960 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
963 if (map_file(&mf, path) == -1) {
964 fprintf(stderr, "map_file() == -1\n");
968 /* check addr range is inside the sram */
969 if (addr < sl->sram_base) {
970 fprintf(stderr, "addr too low\n");
972 } else if ((addr + mf.len) < addr) {
973 fprintf(stderr, "addr overruns\n");
975 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
976 fprintf(stderr, "addr too high\n");
978 } else if (addr & 3) {
980 fprintf(stderr, "unaligned addr\n");
990 /* do the copy by 1k blocks */
991 for (off = 0; off < len; off += 1024) {
993 if ((off + size) > len)
996 memcpy(sl->q_buf, mf.base + off, size);
998 /* round size if needed */
1002 stlink_write_mem32(sl, addr + off, size);
1006 memcpy(sl->q_buf, mf.base + len, mf.len - len);
1007 stlink_write_mem8(sl, addr + len, mf.len - len);
1010 /* check the file ha been written */
1011 if (check_file(sl, &mf, addr) == -1) {
1012 fprintf(stderr, "check_file() == -1\n");
1019 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1020 /* Set PC to the reset routine*/
1021 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1029 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
1030 /* read size bytes from addr to file */
1035 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
1037 fprintf(stderr, "open(%s) == -1\n", path);
1042 size = sl->flash_size;
1044 if (size > sl->flash_size)
1045 size = sl->flash_size;
1047 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1048 for (off = 0; off < size; off += cmp_size) {
1049 size_t aligned_size;
1051 /* adjust last page size */
1052 if ((off + cmp_size) > size)
1053 cmp_size = size - off;
1055 aligned_size = cmp_size;
1056 if (aligned_size & (4 - 1))
1057 aligned_size = (cmp_size + 4) & ~(4 - 1);
1059 stlink_read_mem32(sl, addr + off, aligned_size);
1061 if (write(fd, sl->q_buf, sl->q_len) != (ssize_t) aligned_size) {
1062 fprintf(stderr, "write() != aligned_size\n");
1076 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
1077 /* write the buffer right after the loader */
1078 size_t chunk = size & ~0x3;
1079 size_t rem = size & 0x3;
1081 memcpy(sl->q_buf, buf, chunk);
1082 stlink_write_mem32(sl, fl->buf_addr, chunk);
1085 memcpy(sl->q_buf, buf+chunk, rem);
1086 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
1091 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
1092 uint32_t offset = 0;
1093 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1094 if (flashaddr >= 0x100000) {
1096 flashaddr -= 0x100000;
1098 if (flashaddr<0x4000) return (offset + 0);
1099 else if(flashaddr<0x8000) return(offset + 1);
1100 else if(flashaddr<0xc000) return(offset + 2);
1101 else if(flashaddr<0x10000) return(offset + 3);
1102 else if(flashaddr<0x20000) return(offset + 4);
1103 else return offset + (flashaddr/0x20000) +4;
1107 uint32_t calculate_F7_sectornum(uint32_t flashaddr){
1108 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1109 if(flashaddr<0x20000) return(flashaddr/0x8000);
1110 else if(flashaddr<0x40000) return(4);
1111 else return(flashaddr/0x40000) +4;
1115 // Returns BKER:PNB for the given page address
1116 uint32_t calculate_L4_page(stlink_t *sl, uint32_t flashaddr) {
1118 uint32_t flashopt = stlink_read_debug32(sl, STM32L4_FLASH_OPTR);
1119 flashaddr -= STM32_FLASH_BASE;
1120 if (flashopt & (1lu << STM32L4_FLASH_OPTR_DUALBANK)) {
1121 uint32_t banksize = sl->flash_size / 2;
1122 if (flashaddr > banksize) {
1123 flashaddr -= banksize;
1127 // For 1MB chips without the dual-bank option set, the page address will
1128 // overflow into the BKER bit, which gives us the correct bank:page value.
1129 return bker | flashaddr/sl->flash_pgsz;
1132 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
1133 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1134 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
1135 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1136 uint32_t sector=calculate_F4_sectornum(flashaddr);
1140 if (sector<4) sl->flash_pgsz=0x4000;
1141 else if(sector<5) sl->flash_pgsz=0x10000;
1142 else sl->flash_pgsz=0x20000;
1144 else if (sl->chip_id == STM32_CHIPID_F7) {
1145 uint32_t sector=calculate_F7_sectornum(flashaddr);
1146 if (sector<4) sl->flash_pgsz=0x8000;
1147 else if(sector<5) sl->flash_pgsz=0x20000;
1148 else sl->flash_pgsz=0x40000;
1150 return (sl->flash_pgsz);
1154 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
1155 * @param sl stlink context
1156 * @param flashaddr an address in the flash page to erase
1157 * @return 0 on success -ve on failure
1159 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
1161 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1162 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
1163 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4)|| (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1164 /* wait for ongoing op to finish */
1165 wait_flash_busy(sl);
1167 /* unlock if locked */
1168 unlock_flash_if(sl);
1170 /* select the page to erase */
1171 if (sl->chip_id == STM32_CHIPID_L4) {
1172 // calculate the actual bank+page from the address
1173 uint32_t page = calculate_L4_page(sl, flashaddr);
1175 write_flash_cr_bker_pnb(sl, page);
1176 } else if (sl->chip_id == STM32_CHIPID_F7) {
1177 // calculate the actual page from the address
1178 uint32_t sector=calculate_F7_sectornum(flashaddr);
1180 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1182 write_flash_cr_snb(sl, sector);
1184 // calculate the actual page from the address
1185 uint32_t sector=calculate_F4_sectornum(flashaddr);
1187 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1189 //the SNB values for flash sectors in the second bank do not directly follow the values for the first bank on 2mb devices...
1190 if (sector >= 12) sector += 4;
1192 write_flash_cr_snb(sl, sector);
1195 /* start erase operation */
1196 set_flash_cr_strt(sl);
1198 /* wait for completion */
1199 wait_flash_busy(sl);
1201 /* relock the flash */
1202 //todo: fails to program if this is in
1205 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
1207 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1208 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1209 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1212 uint32_t flash_regs_base;
1213 if (sl->chip_id == STM32_CHIPID_L0) {
1214 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1216 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1219 /* check if the locks are set */
1220 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1221 if((val & (1<<0))||(val & (1<<1))) {
1222 /* disable pecr protection */
1223 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1224 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1226 /* check pecr.pelock is cleared */
1227 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1228 if (val & (1 << 0)) {
1229 WLOG("pecr.pelock not clear (%#x)\n", val);
1233 /* unlock program memory */
1234 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1235 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1237 /* check pecr.prglock is cleared */
1238 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1239 if (val & (1 << 1)) {
1240 WLOG("pecr.prglock not clear (%#x)\n", val);
1245 /* set pecr.{erase,prog} */
1246 val |= (1 << 9) | (1 << 3);
1247 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1248 #if 0 /* fix_to_be_confirmed */
1250 /* wait for sr.busy to be cleared
1251 * MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1252 * wrong and we do not need to wait here for clearing the busy bit.
1253 * TEXANE: ok, if experience says so and it works for you, we comment
1254 * it. If someone has a problem, please drop an email.
1256 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1259 #endif /* fix_to_be_confirmed */
1261 /* write 0 to the first word of the page to be erased */
1262 stlink_write_debug32(sl, flashaddr, 0);
1264 /* MP: It is better to wait for clearing the busy bit after issuing
1265 page erase command, even though PM0062 recommends to wait before it.
1266 Test shows that a few iterations is performed in the following loop
1267 before busy bit is cleared.*/
1268 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0)
1271 /* reset lock bits */
1272 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF)
1273 | (1 << 0) | (1 << 1) | (1 << 2);
1274 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1275 } else if (sl->core_id == STM32VL_CORE_ID
1276 || sl->core_id == STM32F0_CORE_ID
1277 || sl->chip_id == STM32_CHIPID_F3
1278 || sl->chip_id == STM32_CHIPID_F3_SMALL
1279 || sl->chip_id == STM32_CHIPID_F303_HIGH
1280 || sl->chip_id == STM32_CHIPID_F37x
1281 || sl->chip_id == STM32_CHIPID_F334) {
1282 /* wait for ongoing op to finish */
1283 wait_flash_busy(sl);
1285 /* unlock if locked */
1286 unlock_flash_if(sl);
1288 /* set the page erase bit */
1289 set_flash_cr_per(sl);
1291 /* select the page to erase */
1292 write_flash_ar(sl, flashaddr);
1294 /* start erase operation, reset by hw with bsy bit */
1295 set_flash_cr_strt(sl);
1297 /* wait for completion */
1298 wait_flash_busy(sl);
1300 /* relock the flash */
1303 WLOG("unknown coreid %x, page erase failed\n", sl->core_id);
1307 /* todo: verify the erased page */
1312 int stlink_erase_flash_mass(stlink_t *sl) {
1313 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1314 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1315 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1316 /* erase each page */
1317 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1318 for (i = 0; i < num_pages; i++) {
1319 /* addr must be an addr inside the page */
1320 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1321 if (stlink_erase_flash_page(sl, addr) == -1) {
1322 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1325 fprintf(stdout,"\rFlash page at %5d/%5d erased", i, num_pages);
1328 fprintf(stdout, "\n");
1330 /* wait for ongoing op to finish */
1331 wait_flash_busy(sl);
1333 /* unlock if locked */
1334 unlock_flash_if(sl);
1336 /* set the mass erase bit */
1337 set_flash_cr_mer(sl);
1339 /* start erase operation, reset by hw with bsy bit */
1340 set_flash_cr_strt(sl);
1342 /* wait for completion */
1343 wait_flash_busy_progress(sl);
1345 /* relock the flash */
1348 /* todo: verify the erased memory */
1353 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1356 /* allocate the loader in sram */
1357 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1358 WLOG("Failed to write flash loader to sram!\n");
1362 /* allocate a one page buffer in sram right after loader */
1363 fl->buf_addr = fl->loader_addr + size;
1364 ILOG("Successfully loaded flash loader in sram\n");
1368 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1369 /* from openocd, contrib/loaders/flash/stm32.s */
1370 static const uint8_t loader_code_stm32vl[] = {
1371 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1372 0x1c, 0x44, /* add r4, r3 */
1373 /* write_half_word: */
1374 0x01, 0x23, /* movs r3, #0x01 */
1375 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1376 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1377 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1379 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1380 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1381 0xfb, 0xd0, /* beq busy */
1382 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1383 0x01, 0xd1, /* bne exit */
1384 0x01, 0x3a, /* subs r2, r2, #0x01 */
1385 0xf0, 0xd1, /* bne write_half_word */
1387 0x00, 0xbe, /* bkpt #0x00 */
1388 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1391 /* flashloaders/stm32f0.s -- thumb1 only, same sequence as for STM32VL, bank ignored */
1392 static const uint8_t loader_code_stm32f0[] = {
1395 * These two NOPs here are a safety precaution, added by Pekka Nikander
1396 * while debugging the STM32F05x support. They may not be needed, but
1397 * there were strange problems with simpler programs, like a program
1398 * that had just a breakpoint or a program that first moved zero to register r2
1399 * and then had a breakpoint. So, it appears safest to have these two nops.
1401 * Feel free to remove them, if you dare, but then please do test the result
1402 * rigorously. Also, if you remove these, it may be a good idea first to
1403 * #if 0 them out, with a comment when these were taken out, and to remove
1404 * these only a few months later... But YMMV.
1406 0x00, 0x30, // nop /* add r0,#0 */
1407 0x00, 0x30, // nop /* add r0,#0 */
1409 0x0A, 0x4C, // ldr r4, STM32_FLASH_BASE
1410 0x01, 0x25, // mov r5, #1 /* FLASH_CR_PG, FLASH_SR_BUSY */
1411 0x04, 0x26, // mov r6, #4 /* PGERR */
1413 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1414 0x2B, 0x43, // orr r3, r5
1415 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR |= FLASH_CR_PG */
1416 0x03, 0x88, // ldrh r3, [r0] /* r3 = *sram */
1417 0x0B, 0x80, // strh r3, [r1] /* *flash = r3 */
1419 0xE3, 0x68, // ldr r3, [r4, #12] /* FLASH->SR */
1420 0x2B, 0x42, // tst r3, r5 /* FLASH_SR_BUSY */
1421 0xFC, 0xD0, // beq busy
1423 0x33, 0x42, // tst r3, r6 /* PGERR */
1424 0x04, 0xD1, // bne exit
1426 0x02, 0x30, // add r0, r0, #2 /* sram += 2 */
1427 0x02, 0x31, // add r1, r1, #2 /* flash += 2 */
1428 0x01, 0x3A, // sub r2, r2, #0x01 /* count-- */
1429 0x00, 0x2A, // cmp r2, #0
1430 0xF0, 0xD1, // bne write_half_word
1432 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1433 0xAB, 0x43, // bic r3, r5
1434 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR &= ~FLASH_CR_PG */
1435 0x00, 0xBE, // bkpt #0x00
1436 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1439 static const uint8_t loader_code_stm32l[] = {
1441 /* openocd.git/contrib/loaders/flash/stm32lx.S
1442 r0, input, dest addr
1443 r1, input, source addr
1444 r2, input, word count
1445 r3, output, word count
1451 0x51, 0xf8, 0x04, 0xcb,
1452 0x40, 0xf8, 0x04, 0xcb,
1460 static const uint8_t loader_code_stm32l0[] = {
1463 r0, input, dest addr
1464 r1, input, source addr
1465 r2, input, word count
1466 r3, output, word count
1483 static const uint8_t loader_code_stm32f4[] = {
1484 // flashloaders/stm32f4.s
1493 0x14, 0xf0, 0x01, 0x0f,
1495 0x00, 0xf1, 0x04, 0x00,
1496 0x01, 0xf1, 0x04, 0x01,
1497 0xa2, 0xf1, 0x01, 0x02,
1502 0x00, 0x3c, 0x02, 0x40,
1505 static const uint8_t loader_code_stm32f4_lv[] = {
1506 // flashloaders/stm32f4lv.s
1515 0x14, 0xf0, 0x01, 0x0f,
1517 0x00, 0xf1, 0x01, 0x00,
1518 0x01, 0xf1, 0x01, 0x01,
1519 0xa2, 0xf1, 0x01, 0x02,
1525 0x00, 0x3c, 0x02, 0x40,
1528 static const uint8_t loader_code_stm32l4[] = {
1529 // flashloaders/stm32l4.s
1530 0x08, 0x4b, // start: ldr r3, [pc, #32] ; <flash_base>
1531 0x72, 0xb1, // next: cbz r2, <done>
1532 0x04, 0x68, // ldr r4, [r0, #0]
1533 0x45, 0x68, // ldr r5, [r0, #4]
1534 0x0c, 0x60, // str r4, [r1, #0]
1535 0x4d, 0x60, // str r5, [r1, #4]
1536 0x5c, 0x8a, // wait: ldrh r4, [r3, #18]
1537 0x14, 0xf0, 0x01, 0x0f, // tst.w r4, #1
1538 0xfb, 0xd1, // bne.n <wait>
1539 0x00, 0xf1, 0x08, 0x00, // add.w r0, r0, #8
1540 0x01, 0xf1, 0x08, 0x01, // add.w r1, r1, #8
1541 0xa2, 0xf1, 0x02, 0x02, // add.w r2, r2, #2
1542 0xef, 0xe7, // b.n <next>
1543 0x00, 0xbe, // done: bkpt 0x0000
1544 0x00, 0x20, 0x02, 0x40 // flash_base: .word 0x40022000
1547 static const uint8_t loader_code_stm32f7[] = {
1552 0xbf, 0xf3, 0x4f, 0x8f, // DSB Memory barrier for in order flash write
1554 0x14, 0xf0, 0x01, 0x0f,
1556 0x00, 0xf1, 0x04, 0x00,
1557 0x01, 0xf1, 0x04, 0x01,
1558 0xa2, 0xf1, 0x01, 0x02,
1560 0x00, 0xbe, // bkpt #0x00
1561 0x00, 0x3c, 0x02, 0x40,
1564 const uint8_t* loader_code;
1567 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1568 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1569 || sl->chip_id == STM32_CHIPID_L152_RE) { /* stm32l */
1570 loader_code = loader_code_stm32l;
1571 loader_size = sizeof(loader_code_stm32l);
1572 } else if (sl->core_id == STM32VL_CORE_ID
1573 || sl->chip_id == STM32_CHIPID_F3
1574 || sl->chip_id == STM32_CHIPID_F3_SMALL
1575 || sl->chip_id == STM32_CHIPID_F303_HIGH
1576 || sl->chip_id == STM32_CHIPID_F37x
1577 || sl->chip_id == STM32_CHIPID_F334) {
1578 loader_code = loader_code_stm32vl;
1579 loader_size = sizeof(loader_code_stm32vl);
1580 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1581 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
1582 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F4_DSI)){
1583 int voltage = stlink_target_voltage(sl);
1584 if (voltage > 2700) {
1585 loader_code = loader_code_stm32f4;
1586 loader_size = sizeof(loader_code_stm32f4);
1588 loader_code = loader_code_stm32f4_lv;
1589 loader_size = sizeof(loader_code_stm32f4_lv);
1591 } else if (sl->chip_id == STM32_CHIPID_F7){
1592 loader_code = loader_code_stm32f7;
1593 loader_size = sizeof(loader_code_stm32f7);
1594 } else if (sl->chip_id == STM32_CHIPID_F0 || sl->chip_id == STM32_CHIPID_F04 || sl->chip_id == STM32_CHIPID_F0_CAN || sl->chip_id == STM32_CHIPID_F0_SMALL || sl->chip_id == STM32_CHIPID_F09X) {
1595 loader_code = loader_code_stm32f0;
1596 loader_size = sizeof(loader_code_stm32f0);
1597 } else if (sl->chip_id == STM32_CHIPID_L0) {
1598 loader_code = loader_code_stm32l0;
1599 loader_size = sizeof(loader_code_stm32l0);
1600 } else if (sl->chip_id == STM32_CHIPID_L4) {
1601 loader_code = loader_code_stm32l4;
1602 loader_size = sizeof(loader_code_stm32l4);
1604 ELOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1608 memcpy(sl->q_buf, loader_code, loader_size);
1609 stlink_write_mem32(sl, sl->sram_base, loader_size);
1611 *addr = sl->sram_base;
1612 *size = loader_size;
1618 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1619 /* check the contents of path are at addr */
1622 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1624 if (map_file(&mf, path) == -1)
1627 res = check_file(sl, &mf, addr);
1635 * Verify addr..addr+len is binary identical to base...base+len
1636 * @param sl stlink context
1637 * @param address stm device address
1638 * @param data host side buffer to check against
1639 * @param length how much
1640 * @return 0 for success, -ve for failure
1642 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1644 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1645 ILOG("Starting verification of write complete\n");
1646 for (off = 0; off < length; off += cmp_size) {
1647 size_t aligned_size;
1649 /* adjust last page size */
1650 if ((off + cmp_size) > length)
1651 cmp_size = length - off;
1653 aligned_size = cmp_size;
1654 if (aligned_size & (4 - 1))
1655 aligned_size = (cmp_size + 4) & ~(4 - 1);
1657 stlink_read_mem32(sl, address + off, aligned_size);
1659 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1660 ELOG("Verification of flash failed at offset: %zd\n", off);
1664 ILOG("Flash written and verified! jolly good!\n");
1669 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len, uint32_t pagesize)
1672 unsigned int num_half_pages = len / pagesize;
1674 uint32_t flash_regs_base;
1677 if (sl->chip_id == STM32_CHIPID_L0) {
1678 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1680 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1683 ILOG("Starting Half page flash write for STM32L core id\n");
1684 /* flash loader initialization */
1685 if (init_flash_loader(sl, &fl) == -1) {
1686 WLOG("init_flash_loader() == -1\n");
1689 /* Unlock already done */
1690 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1691 val |= (1 << FLASH_L1_FPRG);
1692 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1694 val |= (1 << FLASH_L1_PROG);
1695 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1696 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0) {}
1698 for (count = 0; count < num_half_pages; count ++) {
1699 if (run_flash_loader(sl, &fl, addr + count * pagesize, base + count * pagesize, pagesize) == -1) {
1700 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * pagesize);
1701 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1702 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1703 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1706 /* wait for sr.busy to be cleared */
1707 if (sl->verbose >= 1) {
1708 /* show progress. writing procedure is slow
1709 and previous errors are misleading */
1710 fprintf(stdout, "\r%3u/%u halfpages written", count + 1, num_half_pages);
1713 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0) {
1716 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1717 val &= ~(1 << FLASH_L1_PROG);
1718 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1719 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1720 val &= ~(1 << FLASH_L1_FPRG);
1721 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1726 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len, uint8_t eraseonly) {
1729 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1730 len, len, addr, addr);
1731 /* check addr range is inside the flash */
1732 stlink_calculate_pagesize(sl, addr);
1733 if (addr < sl->flash_base) {
1734 ELOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1736 } else if ((addr + len) < addr) {
1737 ELOG("addr overruns\n");
1739 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1740 ELOG("addr too high\n");
1742 } else if (addr & 1) {
1743 ELOG("unaligned addr 0x%x\n", addr);
1745 } else if (len & 1) {
1746 WLOG("unaligned len 0x%x -- padding with zero\n", len);
1748 } else if (addr & (sl->flash_pgsz - 1)) {
1749 ELOG("addr not a multiple of pagesize, not supported\n");
1753 // Make sure we've loaded the context with the chip details
1755 /* erase each page */
1757 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1758 /* addr must be an addr inside the page */
1759 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1760 ELOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1763 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1764 (unsigned long)addr + off);
1768 fprintf(stdout,"\n");
1769 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1770 page_count, sl->flash_pgsz, sl->flash_pgsz);
1775 if ((sl->chip_id == STM32_CHIPID_F2) ||
1776 (sl->chip_id == STM32_CHIPID_F4) ||
1777 (sl->chip_id == STM32_CHIPID_F4_DE) ||
1778 (sl->chip_id == STM32_CHIPID_F4_LP) ||
1779 (sl->chip_id == STM32_CHIPID_F4_HD) ||
1780 (sl->chip_id == STM32_CHIPID_F411RE) ||
1781 (sl->chip_id == STM32_CHIPID_F446) ||
1782 (sl->chip_id == STM32_CHIPID_F7) ||
1783 (sl->chip_id == STM32_CHIPID_L4) ||
1784 (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1785 /* todo: check write operation */
1787 ILOG("Starting Flash write for F2/F4/L4\n");
1788 /* flash loader initialization */
1789 if (init_flash_loader(sl, &fl) == -1) {
1790 ELOG("init_flash_loader() == -1\n");
1794 /* First unlock the cr */
1795 unlock_flash_if(sl);
1797 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1798 if (sl->chip_id != STM32_CHIPID_L4) {
1799 /* set parallelisim to 32 bit*/
1800 int voltage = stlink_target_voltage(sl);
1801 if (voltage > 2700) {
1802 printf("enabling 32-bit flash writes\n");
1803 write_flash_cr_psiz(sl, 2);
1805 printf("Target voltage (%d mV) too low for 32-bit flash, using 8-bit flash writes\n", voltage);
1806 write_flash_cr_psiz(sl, 0);
1809 /* L4 does not have a byte-write mode */
1810 int voltage = stlink_target_voltage(sl);
1811 if (voltage < 1710) {
1812 printf("Target voltage (%d mV) too low for flash writes!\n", voltage);
1817 /* set programming mode */
1818 set_flash_cr_pg(sl);
1820 for(off = 0; off < len;) {
1821 size_t size = len - off > 0x8000 ? 0x8000 : len - off;
1823 printf("size: %zu\n", size);
1825 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1826 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1838 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1839 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1840 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1841 /* use fast word write. todo: half page. */
1843 uint32_t flash_regs_base;
1846 if (sl->chip_id == STM32_CHIPID_L0) {
1847 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1848 pagesize = L0_WRITE_BLOCK_SIZE;
1850 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1851 pagesize = L1_WRITE_BLOCK_SIZE;
1854 /* todo: check write operation */
1856 /* disable pecr protection */
1857 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1858 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1860 /* check pecr.pelock is cleared */
1861 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1862 if (val & (1 << 0)) {
1863 fprintf(stderr, "pecr.pelock not clear\n");
1867 /* unlock program memory */
1868 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1869 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1871 /* check pecr.prglock is cleared */
1872 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1873 if (val & (1 << 1)) {
1874 fprintf(stderr, "pecr.prglock not clear\n");
1878 if (len > pagesize) {
1879 if (stm32l1_write_half_pages(sl, addr, base, len, pagesize) == -1) {
1880 /* This may happen on a blank device! */
1881 WLOG("\nwrite_half_pages failed == -1\n");
1883 off = (len / pagesize)*pagesize;
1887 /* write remainingword in program memory */
1888 for ( ; off < len; off += sizeof(uint32_t)) {
1891 fprintf(stdout, "\r");
1893 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1894 fprintf(stdout, "\r%3zd/%3zd pages written",
1895 off/sl->flash_pgsz, len/sl->flash_pgsz);
1899 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1900 stlink_write_debug32(sl, addr + off, data);
1902 /* wait for sr.busy to be cleared */
1903 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0)
1906 /* todo: check redo write operation */
1909 fprintf(stdout, "\n");
1910 /* reset lock bits */
1911 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF)
1912 | (1 << 0) | (1 << 1) | (1 << 2);
1913 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1914 } else if (sl->core_id == STM32VL_CORE_ID ||
1915 sl->core_id == STM32F0_CORE_ID ||
1916 sl->chip_id == STM32_CHIPID_F3 ||
1917 sl->chip_id == STM32_CHIPID_F3_SMALL ||
1918 sl->chip_id == STM32_CHIPID_F303_HIGH ||
1919 sl->chip_id == STM32_CHIPID_F334 ||
1920 sl->chip_id == STM32_CHIPID_F37x) {
1921 ILOG("Starting Flash write for VL/F0/F3 core id\n");
1922 /* flash loader initialization */
1923 if (init_flash_loader(sl, &fl) == -1) {
1924 ELOG("init_flash_loader() == -1\n");
1928 int write_block_count = 0;
1929 for (off = 0; off < len; off += sl->flash_pgsz) {
1930 /* adjust last write size */
1931 size_t size = sl->flash_pgsz;
1932 if ((off + sl->flash_pgsz) > len) size = len - off;
1934 /* unlock and set programming mode */
1935 unlock_flash_if(sl);
1936 set_flash_cr_pg(sl);
1937 //DLOG("Finished setting flash cr pg, running loader!\n");
1938 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1939 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1943 if (sl->verbose >= 1) {
1944 /* show progress. writing procedure is slow
1945 and previous errors are misleading */
1946 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
1950 fprintf(stdout, "\n");
1952 ELOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1956 return stlink_verify_write_flash(sl, addr, base, len);
1960 * Write the given binary file into flash at address "addr"
1962 * @param path readable file path, should be binary image
1963 * @param addr where to start writing
1964 * @return 0 on success, -ve on failure.
1966 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1967 /* write the file in flash at addr */
1969 unsigned int num_empty = 0, index;
1970 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1971 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1972 || sl->chip_id == STM32_CHIPID_L152_RE) ? 0:0xff;
1973 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1974 if (map_file(&mf, path) == -1) {
1975 ELOG("map_file() == -1\n");
1978 for(index = mf.len - 1; num_empty < mf.len; index --) {
1979 if (mf.base[index] != erased_pattern) {
1984 /* Round down to words */
1985 num_empty -= (num_empty & 3);
1986 if(num_empty != 0) {
1987 ILOG("Ignoring %d bytes of 0x%02x at end of file\n", num_empty, erased_pattern);
1989 err = stlink_write_flash(sl, addr, mf.base, num_empty == mf.len? mf.len : mf.len - num_empty, num_empty == mf.len);
1991 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1992 /* Set PC to the reset routine*/
1993 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1999 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
2003 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
2004 // FIXME This can never return -1
2005 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
2007 ELOG("write_buffer_to_sram() == -1\n");
2011 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2012 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2013 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
2015 size_t count = size / sizeof(uint32_t);
2016 if (size % sizeof(uint32_t)) ++count;
2019 stlink_write_reg(sl, target, 0); /* target */
2020 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
2021 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
2022 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2024 } else if (sl->core_id == STM32VL_CORE_ID ||
2025 sl->core_id == STM32F0_CORE_ID ||
2026 sl->chip_id == STM32_CHIPID_F3 ||
2027 sl->chip_id == STM32_CHIPID_F3_SMALL ||
2028 sl->chip_id == STM32_CHIPID_F303_HIGH ||
2029 sl->chip_id == STM32_CHIPID_F37x ||
2030 sl->chip_id == STM32_CHIPID_F334) {
2032 size_t count = size / sizeof(uint16_t);
2033 if (size % sizeof(uint16_t)) ++count;
2036 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
2037 stlink_write_reg(sl, target, 1); /* target */
2038 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
2039 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
2040 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2042 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
2043 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
2044 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
2046 size_t count = size / sizeof(uint32_t);
2047 if (size % sizeof(uint32_t)) ++count;
2048 if (sl->chip_id == STM32_CHIPID_L4) {
2049 if (count % 2) ++count;
2053 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
2054 stlink_write_reg(sl, target, 1); /* target */
2055 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
2056 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2059 fprintf(stderr, "unknown coreid 0x%x, don't know what flash loader to use\n", sl->core_id);
2066 #define WAIT_ROUNDS 10000
2067 /* wait until done (reaches breakpoint) */
2068 for (i = 0; i < WAIT_ROUNDS; i++) {
2070 if (is_core_halted(sl))
2074 if (i >= WAIT_ROUNDS) {
2075 ELOG("flash loader run error\n");
2079 /* check written byte count */
2080 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2081 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2082 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
2084 size_t count = size / sizeof(uint32_t);
2085 if (size % sizeof(uint32_t)) ++count;
2087 stlink_read_reg(sl, 3, &rr);
2088 if (rr.r[3] != count) {
2089 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
2093 } else if (sl->core_id == STM32VL_CORE_ID ||
2094 sl->core_id == STM32F0_CORE_ID ||
2095 sl->chip_id == STM32_CHIPID_F3 ||
2096 sl->chip_id == STM32_CHIPID_F3_SMALL ||
2097 sl->chip_id == STM32_CHIPID_F303_HIGH ||
2098 sl->chip_id == STM32_CHIPID_F37x ||
2099 sl->chip_id == STM32_CHIPID_F334) {
2101 stlink_read_reg(sl, 2, &rr);
2103 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
2107 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
2108 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
2109 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4) ||
2110 (sl->chip_id == STM32_CHIPID_F4_DSI)) {
2112 stlink_read_reg(sl, 2, &rr);
2114 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
2120 fprintf(stderr, "unknown coreid 0x%x, can't check written byte count\n", sl->core_id);