10 #include <sys/types.h>
14 #include "stlink-common.h"
15 #include "uglylogging.h"
22 #define LOG_TAG __FILE__
23 #define DLOG(format, args...) ugly_log(UDEBUG, LOG_TAG, format, ## args)
24 #define ILOG(format, args...) ugly_log(UINFO, LOG_TAG, format, ## args)
25 #define WLOG(format, args...) ugly_log(UWARN, LOG_TAG, format, ## args)
26 #define ELOG(format, args...) ugly_log(UERROR, LOG_TAG, format, ## args)
27 #define fatal(format, args...) ugly_log(UFATAL, LOG_TAG, format, ## args)
29 /* todo: stm32l15xxx flash memory, pm0062 manual */
31 /* stm32f FPEC flash controller interface, pm0063 manual */
32 // TODO - all of this needs to be abstracted out....
33 // STM32F05x is identical, based on RM0091 (DM00031936, Doc ID 018940 Rev 2, August 2012)
34 #define FLASH_REGS_ADDR 0x40022000
35 #define FLASH_REGS_SIZE 0x28
37 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
38 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
39 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
40 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
41 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
42 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
43 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
45 // For STM32F05x, the RDPTR_KEY may be wrong, but as it is not used anywhere...
46 #define FLASH_RDPTR_KEY 0x00a5
47 #define FLASH_KEY1 0x45670123
48 #define FLASH_KEY2 0xcdef89ab
50 #define FLASH_SR_BSY 0
51 #define FLASH_SR_EOP 5
54 #define FLASH_CR_PER 1
55 #define FLASH_CR_MER 2
56 #define FLASH_CR_STRT 6
57 #define FLASH_CR_LOCK 7
60 //32L = 32F1 same CoreID as 32F4!
61 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
62 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
63 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
64 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
65 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
66 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
67 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
68 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
69 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
70 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
71 #define FLASH_L1_FPRG 10
72 #define FLASH_L1_PROG 3
76 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
77 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
78 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
79 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
80 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
81 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
82 #define FLASH_F4_CR_STRT 16
83 #define FLASH_F4_CR_LOCK 31
84 #define FLASH_F4_CR_SER 1
85 #define FLASH_F4_CR_SNB 3
86 #define FLASH_F4_CR_SNB_MASK 0x38
87 #define FLASH_F4_SR_BSY 16
90 void write_uint32(unsigned char* buf, uint32_t ui) {
91 if (!is_bigendian()) { // le -> le (don't swap)
92 buf[0] = ((unsigned char*) &ui)[0];
93 buf[1] = ((unsigned char*) &ui)[1];
94 buf[2] = ((unsigned char*) &ui)[2];
95 buf[3] = ((unsigned char*) &ui)[3];
97 buf[0] = ((unsigned char*) &ui)[3];
98 buf[1] = ((unsigned char*) &ui)[2];
99 buf[2] = ((unsigned char*) &ui)[1];
100 buf[3] = ((unsigned char*) &ui)[0];
104 void write_uint16(unsigned char* buf, uint16_t ui) {
105 if (!is_bigendian()) { // le -> le (don't swap)
106 buf[0] = ((unsigned char*) &ui)[0];
107 buf[1] = ((unsigned char*) &ui)[1];
109 buf[0] = ((unsigned char*) &ui)[1];
110 buf[1] = ((unsigned char*) &ui)[0];
114 uint32_t read_uint32(const unsigned char *c, const int pt) {
116 char *p = (char *) &ui;
118 if (!is_bigendian()) { // le -> le (don't swap)
132 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
133 return stlink_read_debug32(sl, FLASH_WRPR) & 0xff;
136 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
137 return stlink_read_debug32(sl, FLASH_WRPR);
140 static inline uint32_t read_flash_obr(stlink_t *sl) {
141 return stlink_read_debug32(sl, FLASH_OBR);
144 static inline uint32_t read_flash_cr(stlink_t *sl) {
146 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||(sl->chip_id == STM32_CHIPID_F4_DE) ||
147 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD))
148 res = stlink_read_debug32(sl, FLASH_F4_CR);
150 res = stlink_read_debug32(sl, FLASH_CR);
152 fprintf(stdout, "CR:0x%x\n", res);
157 static inline unsigned int is_flash_locked(stlink_t *sl) {
158 /* return non zero for true */
159 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
160 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD))
161 return read_flash_cr(sl) & (1 << FLASH_F4_CR_LOCK);
163 return read_flash_cr(sl) & (1 << FLASH_CR_LOCK);
166 static void unlock_flash(stlink_t *sl) {
167 /* the unlock sequence consists of 2 write cycles where
168 2 key values are written to the FLASH_KEYR register.
169 an invalid sequence results in a definitive lock of
170 the FPEC block until next reset.
172 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
173 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD)) {
174 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
175 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
177 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
178 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
183 static int unlock_flash_if(stlink_t *sl) {
184 /* unlock flash if already locked */
186 if (is_flash_locked(sl)) {
188 if (is_flash_locked(sl)) {
189 WLOG("Failed to unlock flash!\n");
193 DLOG("Successfully unlocked flash\n");
197 static void lock_flash(stlink_t *sl) {
198 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
199 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD)) {
200 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
201 stlink_write_debug32(sl, FLASH_F4_CR, n);
203 /* write to 1 only. reset by hw at unlock sequence */
204 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
205 stlink_write_debug32(sl, FLASH_CR, n);
210 static void set_flash_cr_pg(stlink_t *sl) {
211 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
212 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD)) {
213 uint32_t x = read_flash_cr(sl);
214 x |= (1 << FLASH_CR_PG);
215 stlink_write_debug32(sl, FLASH_F4_CR, x);
217 const uint32_t n = 1 << FLASH_CR_PG;
218 stlink_write_debug32(sl, FLASH_CR, n);
222 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
223 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
224 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
225 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD))
226 stlink_write_debug32(sl, FLASH_F4_CR, n);
228 stlink_write_debug32(sl, FLASH_CR, n);
231 static void set_flash_cr_per(stlink_t *sl) {
232 const uint32_t n = 1 << FLASH_CR_PER;
233 stlink_write_debug32(sl, FLASH_CR, n);
236 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
237 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
238 stlink_write_debug32(sl, FLASH_CR, n);
241 static void set_flash_cr_mer(stlink_t *sl) {
242 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
243 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD))
244 stlink_write_debug32(sl, FLASH_F4_CR,
245 stlink_read_debug32(sl, FLASH_F4_CR) | (1 << FLASH_CR_MER));
247 stlink_write_debug32(sl, FLASH_CR,
248 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_MER));
251 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
252 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
253 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD))
254 stlink_write_debug32(sl, FLASH_F4_CR,
255 stlink_read_debug32(sl, FLASH_F4_CR) & ~(1 << FLASH_CR_MER));
257 stlink_write_debug32(sl, FLASH_CR,
258 stlink_read_debug32(sl, FLASH_CR) & ~(1 << FLASH_CR_MER));
261 static void set_flash_cr_strt(stlink_t *sl) {
262 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
263 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD)) {
264 uint32_t x = read_flash_cr(sl);
265 x |= (1 << FLASH_F4_CR_STRT);
266 stlink_write_debug32(sl, FLASH_F4_CR, x);
268 stlink_write_debug32(sl, FLASH_CR,
269 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_STRT) );
273 static inline uint32_t read_flash_acr(stlink_t *sl) {
274 return stlink_read_debug32(sl, FLASH_ACR);
277 static inline uint32_t read_flash_sr(stlink_t *sl) {
279 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
280 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD))
281 res = stlink_read_debug32(sl, FLASH_F4_SR);
283 res = stlink_read_debug32(sl, FLASH_SR);
284 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
288 static inline unsigned int is_flash_busy(stlink_t *sl) {
289 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
290 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD))
291 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
293 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
296 static void wait_flash_busy(stlink_t *sl) {
297 /* todo: add some delays here */
298 while (is_flash_busy(sl))
302 static void wait_flash_busy_progress(stlink_t *sl) {
304 fprintf(stdout, "Mass erasing");
306 while (is_flash_busy(sl)) {
310 fprintf(stdout, ".");
314 fprintf(stdout, "\n");
317 static inline unsigned int is_flash_eop(stlink_t *sl) {
318 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
321 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
322 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
323 stlink_write_debug32(sl, FLASH_SR, n);
326 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
327 /* todo: add some delays here */
328 while (is_flash_eop(sl) == 0)
332 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
333 stlink_write_debug32(sl, FLASH_AR, n);
336 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
337 uint32_t x = read_flash_cr(sl);
341 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
343 stlink_write_debug32(sl, FLASH_F4_CR, x);
347 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
348 uint32_t x = read_flash_cr(sl);
349 x &= ~FLASH_F4_CR_SNB_MASK;
350 x |= (n << FLASH_F4_CR_SNB);
351 x |= (1 << FLASH_F4_CR_SER);
353 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
355 stlink_write_debug32(sl, FLASH_F4_CR, x);
358 // Delegates to the backends...
360 void stlink_close(stlink_t *sl) {
361 DLOG("*** stlink_close ***\n");
362 sl->backend->close(sl);
366 void stlink_exit_debug_mode(stlink_t *sl) {
367 DLOG("*** stlink_exit_debug_mode ***\n");
368 stlink_write_debug32(sl, DHCSR, DBGKEY);
369 sl->backend->exit_debug_mode(sl);
372 void stlink_enter_swd_mode(stlink_t *sl) {
373 DLOG("*** stlink_enter_swd_mode ***\n");
374 sl->backend->enter_swd_mode(sl);
377 // Force the core into the debug mode -> halted state.
378 void stlink_force_debug(stlink_t *sl) {
379 DLOG("*** stlink_force_debug_mode ***\n");
380 sl->backend->force_debug(sl);
383 void stlink_exit_dfu_mode(stlink_t *sl) {
384 DLOG("*** stlink_exit_dfu_mode ***\n");
385 sl->backend->exit_dfu_mode(sl);
388 uint32_t stlink_core_id(stlink_t *sl) {
389 DLOG("*** stlink_core_id ***\n");
390 sl->backend->core_id(sl);
392 stlink_print_data(sl);
393 DLOG("core_id = 0x%08x\n", sl->core_id);
397 uint32_t stlink_chip_id(stlink_t *sl) {
398 uint32_t chip_id = stlink_read_debug32(sl, 0xE0042000);
399 if (chip_id == 0) chip_id = stlink_read_debug32(sl, 0x40015800); //Try Corex M0 DBGMCU_IDCODE register address
404 * Cortex m3 tech ref manual, CPUID register description
405 * @param sl stlink context
406 * @param cpuid pointer to the result object
408 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
409 uint32_t raw = stlink_read_debug32(sl, CM3_REG_CPUID);
410 cpuid->implementer_id = (raw >> 24) & 0x7f;
411 cpuid->variant = (raw >> 20) & 0xf;
412 cpuid->part = (raw >> 4) & 0xfff;
413 cpuid->revision = raw & 0xf;
418 * reads and decodes the flash parameters, as dynamically as possible
420 * @return 0 for success, or -1 for unsupported core type.
422 int stlink_load_device_params(stlink_t *sl) {
423 ILOG("Loading device parameters....\n");
424 const chip_params_t *params = NULL;
425 sl->core_id = stlink_core_id(sl);
426 uint32_t chip_id = stlink_chip_id(sl);
429 sl->chip_id = chip_id & 0xfff;
430 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
431 if (sl->chip_id == 0x411) {
432 uint32_t cpuid = stlink_read_debug32(sl, 0xE000ED00);
433 if ((cpuid & 0xfff0) == 0xc240)
437 for (size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
438 if(devices[i].chip_id == sl->chip_id) {
439 params = &devices[i];
443 if (params == NULL) {
444 WLOG("unknown chip id! %#x\n", chip_id);
448 // These are fixed...
449 sl->flash_base = STM32_FLASH_BASE;
450 sl->sram_base = STM32_SRAM_BASE;
451 flash_size = stlink_read_debug32(sl,(params->flash_size_reg) & ~3);
452 if (params->flash_size_reg & 2)
453 flash_size = flash_size >>16;
454 flash_size = flash_size & 0xffff;
456 if ((sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) && ( flash_size == 0 )) {
457 sl->flash_size = 128 * 1024;
458 } else if ((sl->chip_id & 0xFFF) == STM32_CHIPID_L1_HIGH) {
459 // 0 is 384k and 1 is 256k
460 if ( flash_size == 0 ) {
461 sl->flash_size = 384 * 1024;
463 sl->flash_size = 256 * 1024;
466 sl->flash_size = flash_size * 1024;
468 sl->flash_pgsz = params->flash_pagesize;
469 sl->sram_size = params->sram_size;
470 sl->sys_base = params->bootrom_base;
471 sl->sys_size = params->bootrom_size;
473 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
474 // TODO make note of variable page size here.....
475 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
476 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
481 void stlink_reset(stlink_t *sl) {
482 DLOG("*** stlink_reset ***\n");
483 sl->backend->reset(sl);
486 void stlink_jtag_reset(stlink_t *sl, int value) {
487 DLOG("*** stlink_jtag_reset ***\n");
488 sl->backend->jtag_reset(sl, value);
491 void stlink_run(stlink_t *sl) {
492 DLOG("*** stlink_run ***\n");
493 sl->backend->run(sl);
496 void stlink_status(stlink_t *sl) {
497 DLOG("*** stlink_status ***\n");
498 sl->backend->status(sl);
499 stlink_core_stat(sl);
503 * Decode the version bits, originally from -sg, verified with usb
504 * @param sl stlink context, assumed to contain valid data in the buffer
505 * @param slv output parsed version object
507 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
508 uint32_t b0 = sl->q_buf[0]; //lsb
509 uint32_t b1 = sl->q_buf[1];
510 uint32_t b2 = sl->q_buf[2];
511 uint32_t b3 = sl->q_buf[3];
512 uint32_t b4 = sl->q_buf[4];
513 uint32_t b5 = sl->q_buf[5]; //msb
515 // b0 b1 || b2 b3 | b4 b5
516 // 4b | 6b | 6b || 2B | 2B
517 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
519 slv->stlink_v = (b0 & 0xf0) >> 4;
520 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
521 slv->swim_v = b1 & 0x3f;
522 slv->st_vid = (b3 << 8) | b2;
523 slv->stlink_pid = (b5 << 8) | b4;
527 void stlink_version(stlink_t *sl) {
528 DLOG("*** looking up stlink version\n");
529 sl->backend->version(sl);
530 _parse_version(sl, &sl->version);
532 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
533 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
534 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
535 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
536 DLOG("swim version = 0x%x\n", sl->version.swim_v);
537 if (sl->version.jtag_v == 0) {
538 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
540 if (sl->version.swim_v == 0) {
541 DLOG(" notice: the firmware doesn't support a swim interface\n");
545 int stlink_target_voltage(stlink_t *sl) {
547 DLOG("*** reading target voltage\n");
548 if (sl->backend->target_voltage != NULL) {
549 voltage = sl->backend->target_voltage(sl);
551 DLOG("target voltage = %ldmV\n", voltage);
553 DLOG("error reading target voltage\n");
556 DLOG("reading voltage not supported by backend\n");
561 uint32_t stlink_read_debug32(stlink_t *sl, uint32_t addr) {
562 uint32_t data = sl->backend->read_debug32(sl, addr);
563 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
567 void stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
568 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
569 sl->backend->write_debug32(sl, addr, data);
572 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
573 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
575 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
578 sl->backend->write_mem32(sl, addr, len);
581 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
582 DLOG("*** stlink_read_mem32 ***\n");
583 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
584 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
588 sl->backend->read_mem32(sl, addr, len);
591 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
592 DLOG("*** stlink_write_mem8 ***\n");
593 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
594 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
598 sl->backend->write_mem8(sl, addr, len);
601 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
602 DLOG("*** stlink_read_all_regs ***\n");
603 sl->backend->read_all_regs(sl, regp);
606 void stlink_read_all_unsupported_regs(stlink_t *sl, reg *regp) {
607 DLOG("*** stlink_read_all_unsupported_regs ***\n");
608 sl->backend->read_all_unsupported_regs(sl, regp);
611 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
612 DLOG("*** stlink_write_reg\n");
613 sl->backend->write_reg(sl, reg, idx);
616 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
617 DLOG("*** stlink_read_reg\n");
618 DLOG(" (%d) ***\n", r_idx);
620 if (r_idx > 20 || r_idx < 0) {
621 fprintf(stderr, "Error: register index must be in [0..20]\n");
625 sl->backend->read_reg(sl, r_idx, regp);
628 void stlink_read_unsupported_reg(stlink_t *sl, int r_idx, reg *regp) {
631 DLOG("*** stlink_read_unsupported_reg\n");
632 DLOG(" (%d) ***\n", r_idx);
634 /* Convert to values used by DCRSR */
635 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
637 } else if (r_idx == 0x40) { /* FPSCR */
639 } else if (r_idx >= 0x20 && r_idx < 0x40) {
640 r_convert = 0x40 + (r_idx - 0x20);
642 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
646 sl->backend->read_unsupported_reg(sl, r_convert, regp);
649 void stlink_write_unsupported_reg(stlink_t *sl, uint32_t val, int r_idx, reg *regp) {
652 DLOG("*** stlink_write_unsupported_reg\n");
653 DLOG(" (%d) ***\n", r_idx);
655 /* Convert to values used by DCRSR */
656 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
657 r_convert = r_idx; /* The backend function handles this */
658 } else if (r_idx == 0x40) { /* FPSCR */
660 } else if (r_idx >= 0x20 && r_idx < 0x40) {
661 r_convert = 0x40 + (r_idx - 0x20);
663 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
667 sl->backend->write_unsupported_reg(sl, val, r_convert, regp);
670 unsigned int is_core_halted(stlink_t *sl) {
671 /* return non zero if core is halted */
673 return sl->q_buf[0] == STLINK_CORE_HALTED;
676 void stlink_step(stlink_t *sl) {
677 DLOG("*** stlink_step ***\n");
678 sl->backend->step(sl);
681 int stlink_current_mode(stlink_t *sl) {
682 int mode = sl->backend->current_mode(sl);
684 case STLINK_DEV_DFU_MODE:
685 DLOG("stlink current mode: dfu\n");
687 case STLINK_DEV_DEBUG_MODE:
688 DLOG("stlink current mode: debug (jtag or swd)\n");
690 case STLINK_DEV_MASS_MODE:
691 DLOG("stlink current mode: mass\n");
694 DLOG("stlink mode: unknown!\n");
695 return STLINK_DEV_UNKNOWN_MODE;
701 // End of delegates.... Common code below here...
704 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
706 // #define is_bigendian() ( (*(char*)&i) == 0 )
708 inline unsigned int is_bigendian(void) {
709 static volatile const unsigned int i = 1;
710 return *(volatile const char*) &i == 0;
713 uint16_t read_uint16(const unsigned char *c, const int pt) {
715 char *p = (char *) &ui;
717 if (!is_bigendian()) { // le -> le (don't swap)
727 // same as above with entrypoint.
729 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
730 stlink_write_reg(sl, addr, 15); /* pc register */
734 while (is_core_halted(sl) == 0)
738 void stlink_core_stat(stlink_t *sl) {
742 switch (sl->q_buf[0]) {
743 case STLINK_CORE_RUNNING:
744 sl->core_stat = STLINK_CORE_RUNNING;
745 DLOG(" core status: running\n");
747 case STLINK_CORE_HALTED:
748 sl->core_stat = STLINK_CORE_HALTED;
749 DLOG(" core status: halted\n");
752 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
753 fprintf(stderr, " core status: unknown\n");
757 void stlink_print_data(stlink_t * sl) {
758 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
761 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
763 for (int i = 0; i < sl->q_len; i++) {
766 if (sl->q_data_dir == Q_DATA_OUT)
767 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
769 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
772 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
774 fputs("\n\n", stdout);
777 /* memory mapped file */
779 typedef struct mapped_file {
784 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
786 static int map_file(mapped_file_t* mf, const char* path) {
790 const int fd = open(path, O_RDONLY | O_BINARY);
792 fprintf(stderr, "open(%s) == -1\n", path);
796 if (fstat(fd, &st) == -1) {
797 fprintf(stderr, "fstat() == -1\n");
801 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
802 if (mf->base == MAP_FAILED) {
803 fprintf(stderr, "mmap() == MAP_FAILED\n");
807 mf->len = st.st_size;
818 static void unmap_file(mapped_file_t * mf) {
819 munmap((void*) mf->base, mf->len);
820 mf->base = (unsigned char*) MAP_FAILED;
824 /* Limit the block size to compare to 0x1800
825 Anything larger will stall the STLINK2
826 Maybe STLINK V1 needs smaller value!*/
827 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
829 size_t n_cmp = sl->flash_pgsz;
833 for (off = 0; off < mf->len; off += n_cmp) {
836 /* adjust last page size */
837 size_t cmp_size = n_cmp;
838 if ((off + n_cmp) > mf->len)
839 cmp_size = mf->len - off;
841 aligned_size = cmp_size;
842 if (aligned_size & (4 - 1))
843 aligned_size = (cmp_size + 4) & ~(4 - 1);
845 stlink_read_mem32(sl, addr + off, aligned_size);
847 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
854 int stlink_fwrite_sram
855 (stlink_t * sl, const char* path, stm32_addr_t addr) {
856 /* write the file in sram at addr */
860 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
863 if (map_file(&mf, path) == -1) {
864 fprintf(stderr, "map_file() == -1\n");
868 /* check addr range is inside the sram */
869 if (addr < sl->sram_base) {
870 fprintf(stderr, "addr too low\n");
872 } else if ((addr + mf.len) < addr) {
873 fprintf(stderr, "addr overruns\n");
875 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
876 fprintf(stderr, "addr too high\n");
878 } else if ((addr & 3) || (mf.len & 3)) {
880 fprintf(stderr, "unaligned addr or size\n");
883 /* do the copy by 1k blocks */
884 for (off = 0; off < mf.len; off += 1024) {
886 if ((off + size) > mf.len)
889 memcpy(sl->q_buf, mf.base + off, size);
891 /* round size if needed */
895 stlink_write_mem32(sl, addr + off, size);
898 /* check the file ha been written */
899 if (check_file(sl, &mf, addr) == -1) {
900 fprintf(stderr, "check_file() == -1\n");
907 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
908 /* Set PC to the reset routine*/
909 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
917 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
918 /* read size bytes from addr to file */
923 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
924 || sl->chip_id == STM32_CHIPID_L1_HIGH || sl->chip_id == STM32_CHIPID_L152_RE) ? 0:0xff;
926 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
928 fprintf(stderr, "open(%s) == -1\n", path);
933 size = sl->flash_size;
935 if (size > sl->flash_size)
936 size = sl->flash_size;
938 /* do the copy by 1k blocks */
939 for (off = 0; off < size; off += 1024) {
940 size_t read_size = 1024;
943 if ((off + read_size) > size)
944 read_size = size - off;
946 /* round size if needed */
947 rounded_size = read_size;
948 if (rounded_size & 3)
949 rounded_size = (rounded_size + 4) & ~(3);
951 stlink_read_mem32(sl, addr + off, rounded_size);
953 for(index = 0; index < read_size; index ++) {
954 if (sl->q_buf[index] == erased_pattern)
959 if (write(fd, sl->q_buf, read_size) != (ssize_t) read_size) {
960 fprintf(stderr, "write() != read_size\n");
965 /* Ignore NULL Bytes at end of file */
966 if (!ftruncate(fd, size - num_empty)) {
979 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
980 /* write the buffer right after the loader */
981 size_t chunk = size & ~0x3;
982 size_t rem = size & 0x3;
984 memcpy(sl->q_buf, buf, chunk);
985 stlink_write_mem32(sl, fl->buf_addr, chunk);
988 memcpy(sl->q_buf, buf+chunk, rem);
989 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
994 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
995 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
996 if (flashaddr<0x4000) return (0);
997 else if(flashaddr<0x8000) return(1);
998 else if(flashaddr<0xc000) return(2);
999 else if(flashaddr<0x10000) return(3);
1000 else if(flashaddr<0x20000) return(4);
1001 else return(flashaddr/0x20000)+4;
1005 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
1006 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1007 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD)) {
1008 uint32_t sector=calculate_F4_sectornum(flashaddr);
1009 if (sector<4) sl->flash_pgsz=0x4000;
1010 else if(sector<5) sl->flash_pgsz=0x10000;
1011 else sl->flash_pgsz=0x20000;
1013 return (sl->flash_pgsz);
1017 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
1018 * @param sl stlink context
1019 * @param flashaddr an address in the flash page to erase
1020 * @return 0 on success -ve on failure
1022 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
1024 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1025 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD)) {
1026 /* wait for ongoing op to finish */
1027 wait_flash_busy(sl);
1029 /* unlock if locked */
1030 unlock_flash_if(sl);
1032 /* select the page to erase */
1033 // calculate the actual page from the address
1034 uint32_t sector=calculate_F4_sectornum(flashaddr);
1036 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1037 write_flash_cr_snb(sl, sector);
1039 /* start erase operation */
1040 set_flash_cr_strt(sl);
1042 /* wait for completion */
1043 wait_flash_busy(sl);
1045 /* relock the flash */
1046 //todo: fails to program if this is in
1049 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
1051 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1052 || sl->chip_id == STM32_CHIPID_L1_HIGH || sl->chip_id == STM32_CHIPID_L152_RE) {
1056 /* check if the locks are set */
1057 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1058 if((val & (1<<0))||(val & (1<<1))) {
1059 /* disable pecr protection */
1060 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
1061 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
1063 /* check pecr.pelock is cleared */
1064 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1065 if (val & (1 << 0)) {
1066 WLOG("pecr.pelock not clear (%#x)\n", val);
1070 /* unlock program memory */
1071 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
1072 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
1074 /* check pecr.prglock is cleared */
1075 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1076 if (val & (1 << 1)) {
1077 WLOG("pecr.prglock not clear (%#x)\n", val);
1082 /* set pecr.{erase,prog} */
1083 val |= (1 << 9) | (1 << 3);
1084 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1086 #if 0 /* fix_to_be_confirmed */
1088 /* wait for sr.busy to be cleared
1089 * MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1090 * wrong and we do not need to wait here for clearing the busy bit.
1091 * TEXANE: ok, if experience says so and it works for you, we comment
1092 * it. If someone has a problem, please drop an email.
1094 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1097 #endif /* fix_to_be_confirmed */
1099 /* write 0 to the first word of the page to be erased */
1100 stlink_write_debug32(sl, flashaddr, 0);
1102 /* MP: It is better to wait for clearing the busy bit after issuing
1103 page erase command, even though PM0062 recommends to wait before it.
1104 Test shows that a few iterations is performed in the following loop
1105 before busy bit is cleared.*/
1106 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1109 /* reset lock bits */
1110 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1111 | (1 << 0) | (1 << 1) | (1 << 2);
1112 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1113 } else if (sl->core_id == STM32VL_CORE_ID
1114 || sl->core_id == STM32F0_CORE_ID
1115 || sl->chip_id == STM32_CHIPID_F3
1116 || sl->chip_id == STM32_CHIPID_F37x) {
1117 /* wait for ongoing op to finish */
1118 wait_flash_busy(sl);
1120 /* unlock if locked */
1121 unlock_flash_if(sl);
1123 /* set the page erase bit */
1124 set_flash_cr_per(sl);
1126 /* select the page to erase */
1127 write_flash_ar(sl, flashaddr);
1129 /* start erase operation, reset by hw with bsy bit */
1130 set_flash_cr_strt(sl);
1132 /* wait for completion */
1133 wait_flash_busy(sl);
1135 /* relock the flash */
1138 WLOG("unknown coreid %x, page erase failed\n", sl->core_id);
1142 /* todo: verify the erased page */
1147 int stlink_erase_flash_mass(stlink_t *sl) {
1148 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1149 || sl->chip_id == STM32_CHIPID_L1_HIGH || sl->chip_id == STM32_CHIPID_L152_RE) {
1150 /* erase each page */
1151 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1152 for (i = 0; i < num_pages; i++) {
1153 /* addr must be an addr inside the page */
1154 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1155 if (stlink_erase_flash_page(sl, addr) == -1) {
1156 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1159 fprintf(stdout,"\rFlash page at %5d/%5d erased", i, num_pages);
1162 fprintf(stdout, "\n");
1164 /* wait for ongoing op to finish */
1165 wait_flash_busy(sl);
1167 /* unlock if locked */
1168 unlock_flash_if(sl);
1170 /* set the mass erase bit */
1171 set_flash_cr_mer(sl);
1173 /* start erase operation, reset by hw with bsy bit */
1174 set_flash_cr_strt(sl);
1176 /* wait for completion */
1177 wait_flash_busy_progress(sl);
1179 /* relock the flash */
1182 /* todo: verify the erased memory */
1187 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1190 /* allocate the loader in sram */
1191 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1192 WLOG("Failed to write flash loader to sram!\n");
1196 /* allocate a one page buffer in sram right after loader */
1197 fl->buf_addr = fl->loader_addr + size;
1198 ILOG("Successfully loaded flash loader in sram\n");
1202 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1203 /* from openocd, contrib/loaders/flash/stm32.s */
1204 static const uint8_t loader_code_stm32vl[] = {
1205 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1206 0x1c, 0x44, /* add r4, r3 */
1207 /* write_half_word: */
1208 0x01, 0x23, /* movs r3, #0x01 */
1209 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1210 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1211 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1213 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1214 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1215 0xfb, 0xd0, /* beq busy */
1216 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1217 0x01, 0xd1, /* bne exit */
1218 0x01, 0x3a, /* subs r2, r2, #0x01 */
1219 0xf0, 0xd1, /* bne write_half_word */
1221 0x00, 0xbe, /* bkpt #0x00 */
1222 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1225 /* flashloaders/stm32f0.s -- thumb1 only, same sequence as for STM32VL, bank ignored */
1226 static const uint8_t loader_code_stm32f0[] = {
1229 * These two NOPs here are a safety precaution, added by Pekka Nikander
1230 * while debugging the STM32F05x support. They may not be needed, but
1231 * there were strange problems with simpler programs, like a program
1232 * that had just a breakpoint or a program that first moved zero to register r2
1233 * and then had a breakpoint. So, it appears safest to have these two nops.
1235 * Feel free to remove them, if you dare, but then please do test the result
1236 * rigorously. Also, if you remove these, it may be a good idea first to
1237 * #if 0 them out, with a comment when these were taken out, and to remove
1238 * these only a few months later... But YMMV.
1240 0x00, 0x30, // nop /* add r0,#0 */
1241 0x00, 0x30, // nop /* add r0,#0 */
1243 0x0A, 0x4C, // ldr r4, STM32_FLASH_BASE
1244 0x01, 0x25, // mov r5, #1 /* FLASH_CR_PG, FLASH_SR_BUSY */
1245 0x04, 0x26, // mov r6, #4 /* PGERR */
1247 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1248 0x2B, 0x43, // orr r3, r5
1249 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR |= FLASH_CR_PG */
1250 0x03, 0x88, // ldrh r3, [r0] /* r3 = *sram */
1251 0x0B, 0x80, // strh r3, [r1] /* *flash = r3 */
1253 0xE3, 0x68, // ldr r3, [r4, #12] /* FLASH->SR */
1254 0x2B, 0x42, // tst r3, r5 /* FLASH_SR_BUSY */
1255 0xFC, 0xD0, // beq busy
1257 0x33, 0x42, // tst r3, r6 /* PGERR */
1258 0x04, 0xD1, // bne exit
1260 0x02, 0x30, // add r0, r0, #2 /* sram += 2 */
1261 0x02, 0x31, // add r1, r1, #2 /* flash += 2 */
1262 0x01, 0x3A, // sub r2, r2, #0x01 /* count-- */
1263 0x00, 0x2A, // cmp r2, #0
1264 0xF0, 0xD1, // bne write_half_word
1266 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1267 0xAB, 0x43, // bic r3, r5
1268 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR &= ~FLASH_CR_PG */
1269 0x00, 0xBE, // bkpt #0x00
1270 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1273 static const uint8_t loader_code_stm32l[] = {
1275 /* openocd.git/contrib/loaders/flash/stm32lx.S
1276 r0, input, dest addr
1277 r1, input, source addr
1278 r2, input, word count
1279 r3, output, word count
1285 0x51, 0xf8, 0x04, 0xcb,
1286 0x40, 0xf8, 0x04, 0xcb,
1294 static const uint8_t loader_code_stm32f4[] = {
1295 // flashloaders/stm32f4.s
1304 0x14, 0xf0, 0x01, 0x0f,
1306 0x00, 0xf1, 0x04, 0x00,
1307 0x01, 0xf1, 0x04, 0x01,
1308 0xa2, 0xf1, 0x01, 0x02,
1313 0x00, 0x3c, 0x02, 0x40,
1316 const uint8_t* loader_code;
1319 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1320 || sl->chip_id == STM32_CHIPID_L1_HIGH || sl->chip_id == STM32_CHIPID_L152_RE ) { /* stm32l */
1321 loader_code = loader_code_stm32l;
1322 loader_size = sizeof(loader_code_stm32l);
1323 } else if (sl->core_id == STM32VL_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1324 loader_code = loader_code_stm32vl;
1325 loader_size = sizeof(loader_code_stm32vl);
1326 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1327 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD){
1328 loader_code = loader_code_stm32f4;
1329 loader_size = sizeof(loader_code_stm32f4);
1330 } else if (sl->chip_id == STM32_CHIPID_F0 || sl->chip_id == STM32_CHIPID_F0_CAN || sl->chip_id == STM32_CHIPID_F0_SMALL) {
1331 loader_code = loader_code_stm32f0;
1332 loader_size = sizeof(loader_code_stm32f0);
1334 ELOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1338 memcpy(sl->q_buf, loader_code, loader_size);
1339 stlink_write_mem32(sl, sl->sram_base, loader_size);
1341 *addr = sl->sram_base;
1342 *size = loader_size;
1348 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1349 /* check the contents of path are at addr */
1352 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1354 if (map_file(&mf, path) == -1)
1357 res = check_file(sl, &mf, addr);
1365 * Verify addr..addr+len is binary identical to base...base+len
1366 * @param sl stlink context
1367 * @param address stm device address
1368 * @param data host side buffer to check against
1369 * @param length how much
1370 * @return 0 for success, -ve for failure
1372 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1374 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1375 ILOG("Starting verification of write complete\n");
1376 for (off = 0; off < length; off += cmp_size) {
1377 size_t aligned_size;
1379 /* adjust last page size */
1380 if ((off + cmp_size) > length)
1381 cmp_size = length - off;
1383 aligned_size = cmp_size;
1384 if (aligned_size & (4 - 1))
1385 aligned_size = (cmp_size + 4) & ~(4 - 1);
1387 stlink_read_mem32(sl, address + off, aligned_size);
1389 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1390 ELOG("Verification of flash failed at offset: %zd\n", off);
1394 ILOG("Flash written and verified! jolly good!\n");
1399 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, unsigned num_half_pages)
1405 ILOG("Starting Half page flash write for STM32L core id\n");
1406 /* flash loader initialization */
1407 if (init_flash_loader(sl, &fl) == -1) {
1408 WLOG("init_flash_loader() == -1\n");
1411 /* Unlock already done */
1412 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1413 val |= (1 << FLASH_L1_FPRG);
1414 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1416 val |= (1 << FLASH_L1_PROG);
1417 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1418 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {}
1420 #define L1_WRITE_BLOCK_SIZE 0x80
1421 for (count = 0; count < num_half_pages; count ++) {
1422 if (run_flash_loader(sl, &fl, addr + count * L1_WRITE_BLOCK_SIZE, base + count * L1_WRITE_BLOCK_SIZE, L1_WRITE_BLOCK_SIZE) == -1) {
1423 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * L1_WRITE_BLOCK_SIZE);
1424 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1425 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1426 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1429 /* wait for sr.busy to be cleared */
1430 if (sl->verbose >= 1) {
1431 /* show progress. writing procedure is slow
1432 and previous errors are misleading */
1433 fprintf(stdout, "\r%3u/%u halfpages written", count + 1, num_half_pages);
1436 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {
1439 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1440 val &= ~(1 << FLASH_L1_PROG);
1441 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1442 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1443 val &= ~(1 << FLASH_L1_FPRG);
1444 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1449 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len) {
1452 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1453 len, len, addr, addr);
1454 /* check addr range is inside the flash */
1455 stlink_calculate_pagesize(sl, addr);
1456 if (addr < sl->flash_base) {
1457 ELOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1459 } else if ((addr + len) < addr) {
1460 ELOG("addr overruns\n");
1462 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1463 ELOG("addr too high\n");
1465 } else if (addr & 1) {
1466 ELOG("unaligned addr 0x%x\n", addr);
1468 } else if (len & 1) {
1469 WLOG("unaligned len 0x%x -- padding with zero\n", len);
1471 } else if (addr & (sl->flash_pgsz - 1)) {
1472 ELOG("addr not a multiple of pagesize, not supported\n");
1476 // Make sure we've loaded the context with the chip details
1478 /* erase each page */
1480 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1481 /* addr must be an addr inside the page */
1482 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1483 ELOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1486 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1487 (unsigned long)addr + off);
1491 fprintf(stdout,"\n");
1492 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1493 page_count, sl->flash_pgsz, sl->flash_pgsz);
1495 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1496 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD)) {
1497 /* todo: check write operation */
1499 ILOG("Starting Flash write for F2/F4\n");
1500 /* flash loader initialization */
1501 if (init_flash_loader(sl, &fl) == -1) {
1502 ELOG("init_flash_loader() == -1\n");
1506 /* First unlock the cr */
1507 unlock_flash_if(sl);
1509 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1510 /* set parallelisim to 32 bit*/
1511 write_flash_cr_psiz(sl, 2);
1513 /* set programming mode */
1514 set_flash_cr_pg(sl);
1516 for(off = 0; off < len;) {
1517 size_t size = len - off > 0x8000 ? 0x8000 : len - off;
1519 printf("size: %zu\n", size);
1521 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1522 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1534 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1535 || sl->chip_id == STM32_CHIPID_L1_HIGH || sl->chip_id == STM32_CHIPID_L152_RE ) {
1536 /* use fast word write. todo: half page. */
1539 /* todo: check write operation */
1541 /* disable pecr protection */
1542 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
1543 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
1545 /* check pecr.pelock is cleared */
1546 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1547 if (val & (1 << 0)) {
1548 fprintf(stderr, "pecr.pelock not clear\n");
1552 /* unlock program memory */
1553 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
1554 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
1556 /* check pecr.prglock is cleared */
1557 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1558 if (val & (1 << 1)) {
1559 fprintf(stderr, "pecr.prglock not clear\n");
1563 if (len > L1_WRITE_BLOCK_SIZE) {
1564 if (stm32l1_write_half_pages(sl, addr, base, len/L1_WRITE_BLOCK_SIZE) == -1) {
1565 /* This may happen on a blank device! */
1566 WLOG("\nwrite_half_pages failed == -1\n");
1568 off = (len /L1_WRITE_BLOCK_SIZE)*L1_WRITE_BLOCK_SIZE;
1572 /* write remainingword in program memory */
1573 for ( ; off < len; off += sizeof(uint32_t)) {
1576 fprintf(stdout, "\r");
1578 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1579 fprintf(stdout, "\r%3zd/%3zd pages written",
1580 off/sl->flash_pgsz, len/sl->flash_pgsz);
1584 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1585 stlink_write_debug32(sl, addr + off, data);
1587 /* wait for sr.busy to be cleared */
1588 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1591 /* todo: check redo write operation */
1594 fprintf(stdout, "\n");
1595 /* reset lock bits */
1596 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1597 | (1 << 0) | (1 << 1) | (1 << 2);
1598 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1599 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1600 ILOG("Starting Flash write for VL/F0 core id\n");
1601 /* flash loader initialization */
1602 if (init_flash_loader(sl, &fl) == -1) {
1603 ELOG("init_flash_loader() == -1\n");
1607 int write_block_count = 0;
1608 for (off = 0; off < len; off += sl->flash_pgsz) {
1609 /* adjust last write size */
1610 size_t size = sl->flash_pgsz;
1611 if ((off + sl->flash_pgsz) > len) size = len - off;
1613 /* unlock and set programming mode */
1614 unlock_flash_if(sl);
1615 set_flash_cr_pg(sl);
1616 //DLOG("Finished setting flash cr pg, running loader!\n");
1617 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1618 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1622 if (sl->verbose >= 1) {
1623 /* show progress. writing procedure is slow
1624 and previous errors are misleading */
1625 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
1629 fprintf(stdout, "\n");
1631 ELOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1635 return stlink_verify_write_flash(sl, addr, base, len);
1639 * Write the given binary file into flash at address "addr"
1641 * @param path readable file path, should be binary image
1642 * @param addr where to start writing
1643 * @return 0 on success, -ve on failure.
1645 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1646 /* write the file in flash at addr */
1648 unsigned int num_empty = 0, index;
1649 unsigned char erased_pattern =(sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1650 || sl->chip_id == STM32_CHIPID_L1_HIGH || sl->chip_id == STM32_CHIPID_L152_RE )?0:0xff;
1651 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1652 if (map_file(&mf, path) == -1) {
1653 ELOG("map_file() == -1\n");
1656 for(index = 0; index < mf.len; index ++) {
1657 if (mf.base[index] == erased_pattern)
1662 /* Round down to words */
1663 num_empty -= (num_empty & 3);
1664 if(num_empty != 0) {
1665 ILOG("Ignoring %d bytes of 0x%02x at end of file\n", num_empty, erased_pattern);
1666 mf.len -= num_empty;
1668 err = stlink_write_flash(sl, addr, mf.base, mf.len);
1670 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1671 /* Set PC to the reset routine*/
1672 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1678 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
1682 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
1683 // FIXME This can never return -1
1684 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
1686 ELOG("write_buffer_to_sram() == -1\n");
1690 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1691 || sl->chip_id == STM32_CHIPID_L1_HIGH || sl->chip_id == STM32_CHIPID_L152_RE ) {
1693 size_t count = size / sizeof(uint32_t);
1694 if (size % sizeof(uint32_t)) ++count;
1697 stlink_write_reg(sl, target, 0); /* target */
1698 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
1699 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1700 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1702 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1704 size_t count = size / sizeof(uint16_t);
1705 if (size % sizeof(uint16_t)) ++count;
1708 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1709 stlink_write_reg(sl, target, 1); /* target */
1710 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
1711 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
1712 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1714 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1715 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD) {
1717 size_t count = size / sizeof(uint32_t);
1718 if (size % sizeof(uint32_t)) ++count;
1721 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1722 stlink_write_reg(sl, target, 1); /* target */
1723 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1724 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1727 fprintf(stderr, "unknown coreid 0x%x, don't know what flash loader to use\n", sl->core_id);
1734 #define WAIT_ROUNDS 10000
1735 /* wait until done (reaches breakpoint) */
1736 for (i = 0; i < WAIT_ROUNDS; i++) {
1738 if (is_core_halted(sl))
1742 if (i >= WAIT_ROUNDS) {
1743 ELOG("flash loader run error\n");
1747 /* check written byte count */
1748 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1749 || sl->chip_id == STM32_CHIPID_L1_HIGH || sl->chip_id == STM32_CHIPID_L152_RE ) {
1751 size_t count = size / sizeof(uint32_t);
1752 if (size % sizeof(uint32_t)) ++count;
1754 stlink_read_reg(sl, 3, &rr);
1755 if (rr.r[3] != count) {
1756 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
1760 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1762 stlink_read_reg(sl, 2, &rr);
1764 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1768 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1769 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD) {
1771 stlink_read_reg(sl, 2, &rr);
1773 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1779 fprintf(stderr, "unknown coreid 0x%x, can't check written byte count\n", sl->core_id);