10 #include <sys/types.h>
14 #include "stlink-common.h"
15 #include "uglylogging.h"
21 /* todo: stm32l15xxx flash memory, pm0062 manual */
23 /* stm32f FPEC flash controller interface, pm0063 manual */
24 // TODO - all of this needs to be abstracted out....
25 // STM32F05x is identical, based on RM0091 (DM00031936, Doc ID 018940 Rev 2, August 2012)
26 #define FLASH_REGS_ADDR 0x40022000
27 #define FLASH_REGS_SIZE 0x28
29 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
30 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
31 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
32 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
33 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
34 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
35 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
37 // For STM32F05x, the RDPTR_KEY may be wrong, but as it is not used anywhere...
38 #define FLASH_RDPTR_KEY 0x00a5
39 #define FLASH_KEY1 0x45670123
40 #define FLASH_KEY2 0xcdef89ab
42 #define FLASH_SR_BSY 0
43 #define FLASH_SR_EOP 5
46 #define FLASH_CR_PER 1
47 #define FLASH_CR_MER 2
48 #define FLASH_CR_STRT 6
49 #define FLASH_CR_LOCK 7
52 //32L = 32F1 same CoreID as 32F4!
53 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
54 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
55 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
56 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
57 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
58 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
59 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
60 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
61 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
62 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
63 #define FLASH_L1_FPRG 10
64 #define FLASH_L1_PROG 3
66 //32L4 register base is at FLASH_REGS_ADDR (0x40022000)
67 #define STM32L4_FLASH_KEYR (FLASH_REGS_ADDR + 0x08)
68 #define STM32L4_FLASH_SR (FLASH_REGS_ADDR + 0x10)
69 #define STM32L4_FLASH_CR (FLASH_REGS_ADDR + 0x14)
70 #define STM32L4_FLASH_OPTR (FLASH_REGS_ADDR + 0x20)
72 #define STM32L4_FLASH_SR_BSY 16
73 #define STM32L4_FLASH_SR_ERRMASK 0x3f8 /* SR [9:3] */
75 #define STM32L4_FLASH_CR_LOCK 31 /* Lock control register */
76 #define STM32L4_FLASH_CR_PG 0 /* Program */
77 #define STM32L4_FLASH_CR_PER 1 /* Page erase */
78 #define STM32L4_FLASH_CR_MER1 2 /* Bank 1 erase */
79 #define STM32L4_FLASH_CR_MER2 15 /* Bank 2 erase */
80 #define STM32L4_FLASH_CR_STRT 16 /* Start command */
81 #define STM32L4_FLASH_CR_BKER 11 /* Bank select for page erase */
82 #define STM32L4_FLASH_CR_PNB 3 /* Page number (8 bits) */
83 // Bits requesting flash operations (useful when we want to clear them)
84 #define STM32L4_FLASH_CR_OPBITS \
85 ((1lu<<STM32L4_FLASH_CR_PG) | (1lu<<STM32L4_FLASH_CR_PER) \
86 | (1lu<<STM32L4_FLASH_CR_MER1) | (1lu<<STM32L4_FLASH_CR_MER1))
87 // Page is fully specified by BKER and PNB
88 #define STM32L4_FLASH_CR_PAGEMASK (0x1fflu << STM32L4_FLASH_CR_PNB)
90 #define STM32L4_FLASH_OPTR_DUALBANK 21
92 //STM32L0x flash register base and offsets
94 // RM0090 - DM00031020.pdf
95 #define STM32L0_FLASH_REGS_ADDR ((uint32_t)0x40022000)
96 #define FLASH_ACR_OFF ((uint32_t) 0x00)
97 #define FLASH_PECR_OFF ((uint32_t) 0x04)
98 #define FLASH_PDKEYR_OFF ((uint32_t) 0x08)
99 #define FLASH_PEKEYR_OFF ((uint32_t) 0x0c)
100 #define FLASH_PRGKEYR_OFF ((uint32_t) 0x10)
101 #define FLASH_OPTKEYR_OFF ((uint32_t) 0x14)
102 #define FLASH_SR_OFF ((uint32_t) 0x18)
103 #define FLASH_OBR_OFF ((uint32_t) 0x1c)
104 #define FLASH_WRPR_OFF ((uint32_t) 0x20)
109 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
110 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
111 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
112 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
113 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
114 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
115 #define FLASH_F4_CR_STRT 16
116 #define FLASH_F4_CR_LOCK 31
117 #define FLASH_F4_CR_SER 1
118 #define FLASH_F4_CR_SNB 3
119 #define FLASH_F4_CR_SNB_MASK 0xf8
120 #define FLASH_F4_SR_BSY 16
122 #define L1_WRITE_BLOCK_SIZE 0x80
123 #define L0_WRITE_BLOCK_SIZE 0x40
125 void write_uint32(unsigned char* buf, uint32_t ui) {
126 if (!is_bigendian()) { // le -> le (don't swap)
127 buf[0] = ((unsigned char*) &ui)[0];
128 buf[1] = ((unsigned char*) &ui)[1];
129 buf[2] = ((unsigned char*) &ui)[2];
130 buf[3] = ((unsigned char*) &ui)[3];
132 buf[0] = ((unsigned char*) &ui)[3];
133 buf[1] = ((unsigned char*) &ui)[2];
134 buf[2] = ((unsigned char*) &ui)[1];
135 buf[3] = ((unsigned char*) &ui)[0];
139 void write_uint16(unsigned char* buf, uint16_t ui) {
140 if (!is_bigendian()) { // le -> le (don't swap)
141 buf[0] = ((unsigned char*) &ui)[0];
142 buf[1] = ((unsigned char*) &ui)[1];
144 buf[0] = ((unsigned char*) &ui)[1];
145 buf[1] = ((unsigned char*) &ui)[0];
149 uint32_t read_uint32(const unsigned char *c, const int pt) {
151 char *p = (char *) &ui;
153 if (!is_bigendian()) { // le -> le (don't swap)
167 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
168 return stlink_read_debug32(sl, FLASH_WRPR) & 0xff;
171 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
172 return stlink_read_debug32(sl, FLASH_WRPR);
175 static inline uint32_t read_flash_obr(stlink_t *sl) {
176 return stlink_read_debug32(sl, FLASH_OBR);
179 static inline uint32_t read_flash_cr(stlink_t *sl) {
181 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||(sl->chip_id == STM32_CHIPID_F4_DE) ||
182 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
183 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
184 res = stlink_read_debug32(sl, FLASH_F4_CR);
185 else if (sl->chip_id == STM32_CHIPID_L4)
186 res = stlink_read_debug32(sl, STM32L4_FLASH_CR);
188 res = stlink_read_debug32(sl, FLASH_CR);
190 fprintf(stdout, "CR:0x%x\n", res);
195 static inline unsigned int is_flash_locked(stlink_t *sl) {
196 /* return non zero for true */
197 uint32_t cr = read_flash_cr(sl);
199 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
200 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
201 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
202 return cr & (1 << FLASH_F4_CR_LOCK);
203 else if (sl->chip_id == STM32_CHIPID_L4)
204 return cr & (1lu << STM32L4_FLASH_CR_LOCK);
206 return cr & (1 << FLASH_CR_LOCK);
209 static void unlock_flash(stlink_t *sl) {
210 /* the unlock sequence consists of 2 write cycles where
211 2 key values are written to the FLASH_KEYR register.
212 an invalid sequence results in a definitive lock of
213 the FPEC block until next reset.
215 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
216 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
217 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
218 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
219 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
220 } else if (sl->chip_id == STM32_CHIPID_L4) {
221 stlink_write_debug32(sl, STM32L4_FLASH_KEYR, FLASH_KEY1);
222 stlink_write_debug32(sl, STM32L4_FLASH_KEYR, FLASH_KEY2);
224 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
225 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
230 static int unlock_flash_if(stlink_t *sl) {
231 /* unlock flash if already locked */
233 if (is_flash_locked(sl)) {
235 if (is_flash_locked(sl)) {
236 WLOG("Failed to unlock flash!\n");
240 DLOG("Successfully unlocked flash\n");
244 static void lock_flash(stlink_t *sl) {
245 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
246 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
247 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
248 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
249 stlink_write_debug32(sl, FLASH_F4_CR, n);
250 } else if (sl->chip_id == STM32_CHIPID_L4) {
251 const uint32_t n = read_flash_cr(sl) | (1lu << STM32L4_FLASH_CR_LOCK);
252 stlink_write_debug32(sl, STM32L4_FLASH_CR, n);
254 /* write to 1 only. reset by hw at unlock sequence */
255 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
256 stlink_write_debug32(sl, FLASH_CR, n);
261 static void set_flash_cr_pg(stlink_t *sl) {
262 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
263 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
264 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
265 uint32_t x = read_flash_cr(sl);
266 x |= (1 << FLASH_CR_PG);
267 stlink_write_debug32(sl, FLASH_F4_CR, x);
268 } else if (sl->chip_id == STM32_CHIPID_L4) {
269 uint32_t x = read_flash_cr(sl);
270 x &=~ STM32L4_FLASH_CR_OPBITS;
271 x |= (1 << STM32L4_FLASH_CR_PG);
272 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
274 const uint32_t n = 1 << FLASH_CR_PG;
275 stlink_write_debug32(sl, FLASH_CR, n);
279 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
280 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
281 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
282 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
283 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
284 stlink_write_debug32(sl, FLASH_F4_CR, n);
286 stlink_write_debug32(sl, FLASH_CR, n);
289 static void set_flash_cr_per(stlink_t *sl) {
290 const uint32_t n = 1 << FLASH_CR_PER;
291 stlink_write_debug32(sl, FLASH_CR, n);
294 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
295 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
296 stlink_write_debug32(sl, FLASH_CR, n);
299 static void set_flash_cr_mer(stlink_t *sl) {
300 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
301 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
302 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
303 stlink_write_debug32(sl, FLASH_F4_CR,
304 stlink_read_debug32(sl, FLASH_F4_CR) | (1 << FLASH_CR_MER));
305 else if (sl->chip_id == STM32_CHIPID_L4) {
306 uint32_t x = stlink_read_debug32(sl, STM32L4_FLASH_CR);
307 x &=~ STM32L4_FLASH_CR_OPBITS;
308 x |= (1lu << STM32L4_FLASH_CR_MER1) | (1lu << STM32L4_FLASH_CR_MER2);
309 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
311 stlink_write_debug32(sl, FLASH_CR,
312 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_MER));
315 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
316 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
317 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
318 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
319 stlink_write_debug32(sl, FLASH_F4_CR,
320 stlink_read_debug32(sl, FLASH_F4_CR) & ~(1 << FLASH_CR_MER));
322 stlink_write_debug32(sl, FLASH_CR,
323 stlink_read_debug32(sl, FLASH_CR) & ~(1 << FLASH_CR_MER));
326 static void set_flash_cr_strt(stlink_t *sl) {
327 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
328 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
329 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
330 uint32_t x = read_flash_cr(sl);
331 x |= (1 << FLASH_F4_CR_STRT);
332 stlink_write_debug32(sl, FLASH_F4_CR, x);
333 } else if (sl->chip_id == STM32_CHIPID_L4) {
334 uint32_t x = read_flash_cr(sl);
335 x |= (1lu << STM32L4_FLASH_CR_STRT);
336 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
338 stlink_write_debug32(sl, FLASH_CR,
339 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_STRT) );
343 static inline uint32_t read_flash_acr(stlink_t *sl) {
344 return stlink_read_debug32(sl, FLASH_ACR);
347 static inline uint32_t read_flash_sr(stlink_t *sl) {
349 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
350 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
351 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
352 res = stlink_read_debug32(sl, FLASH_F4_SR);
353 else if (sl->chip_id == STM32_CHIPID_L4)
354 res = stlink_read_debug32(sl, STM32L4_FLASH_SR);
356 res = stlink_read_debug32(sl, FLASH_SR);
357 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
361 static inline unsigned int is_flash_busy(stlink_t *sl) {
362 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
363 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
364 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
365 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
366 else if (sl->chip_id == STM32_CHIPID_L4)
367 return read_flash_sr(sl) & (1 << STM32L4_FLASH_SR_BSY);
369 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
372 static void wait_flash_busy(stlink_t *sl) {
373 /* todo: add some delays here */
374 while (is_flash_busy(sl))
378 static void wait_flash_busy_progress(stlink_t *sl) {
380 fprintf(stdout, "Mass erasing");
382 while (is_flash_busy(sl)) {
386 fprintf(stdout, ".");
390 fprintf(stdout, "\n");
393 static inline unsigned int is_flash_eop(stlink_t *sl) {
394 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
397 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
398 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
399 stlink_write_debug32(sl, FLASH_SR, n);
402 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
403 /* todo: add some delays here */
404 while (is_flash_eop(sl) == 0)
408 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
409 stlink_write_debug32(sl, FLASH_AR, n);
412 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
413 uint32_t x = read_flash_cr(sl);
417 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
419 stlink_write_debug32(sl, FLASH_F4_CR, x);
423 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
424 uint32_t x = read_flash_cr(sl);
425 x &= ~FLASH_F4_CR_SNB_MASK;
426 x |= (n << FLASH_F4_CR_SNB);
427 x |= (1 << FLASH_F4_CR_SER);
429 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
431 stlink_write_debug32(sl, FLASH_F4_CR, x);
434 static inline void write_flash_cr_bker_pnb(stlink_t *sl, uint32_t n) {
435 stlink_write_debug32(sl, STM32L4_FLASH_SR, 0xFFFFFFFF & ~(1<<STM32L4_FLASH_SR_BSY));
436 uint32_t x = read_flash_cr(sl);
437 x &=~ STM32L4_FLASH_CR_OPBITS;
438 x &=~ STM32L4_FLASH_CR_PAGEMASK;
439 x &= ~(1<<STM32L4_FLASH_CR_MER1);
440 x &= ~(1<<STM32L4_FLASH_CR_MER2);
441 x |= (n << STM32L4_FLASH_CR_PNB);
442 x |= (1lu << STM32L4_FLASH_CR_PER);
444 fprintf(stdout, "BKER:PNB:0x%x 0x%x\n", x, n);
446 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
449 // Delegates to the backends...
451 void stlink_close(stlink_t *sl) {
452 DLOG("*** stlink_close ***\n");
453 sl->backend->close(sl);
457 void stlink_exit_debug_mode(stlink_t *sl) {
458 DLOG("*** stlink_exit_debug_mode ***\n");
459 stlink_write_debug32(sl, DHCSR, DBGKEY);
460 sl->backend->exit_debug_mode(sl);
463 void stlink_enter_swd_mode(stlink_t *sl) {
464 DLOG("*** stlink_enter_swd_mode ***\n");
465 sl->backend->enter_swd_mode(sl);
468 // Force the core into the debug mode -> halted state.
469 void stlink_force_debug(stlink_t *sl) {
470 DLOG("*** stlink_force_debug_mode ***\n");
471 sl->backend->force_debug(sl);
474 void stlink_exit_dfu_mode(stlink_t *sl) {
475 DLOG("*** stlink_exit_dfu_mode ***\n");
476 sl->backend->exit_dfu_mode(sl);
479 uint32_t stlink_core_id(stlink_t *sl) {
480 DLOG("*** stlink_core_id ***\n");
481 sl->backend->core_id(sl);
483 stlink_print_data(sl);
484 DLOG("core_id = 0x%08x\n", sl->core_id);
488 uint32_t stlink_chip_id(stlink_t *sl) {
489 uint32_t chip_id = stlink_read_debug32(sl, 0xE0042000);
490 if (chip_id == 0) chip_id = stlink_read_debug32(sl, 0x40015800); //Try Corex M0 DBGMCU_IDCODE register address
495 * Cortex m3 tech ref manual, CPUID register description
496 * @param sl stlink context
497 * @param cpuid pointer to the result object
499 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
500 uint32_t raw = stlink_read_debug32(sl, CM3_REG_CPUID);
501 cpuid->implementer_id = (raw >> 24) & 0x7f;
502 cpuid->variant = (raw >> 20) & 0xf;
503 cpuid->part = (raw >> 4) & 0xfff;
504 cpuid->revision = raw & 0xf;
509 * reads and decodes the flash parameters, as dynamically as possible
511 * @return 0 for success, or -1 for unsupported core type.
513 int stlink_load_device_params(stlink_t *sl) {
514 ILOG("Loading device parameters....\n");
515 const chip_params_t *params = NULL;
516 sl->core_id = stlink_core_id(sl);
517 uint32_t chip_id = stlink_chip_id(sl);
520 sl->chip_id = chip_id & 0xfff;
521 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
522 if (sl->chip_id == 0x411) {
523 uint32_t cpuid = stlink_read_debug32(sl, 0xE000ED00);
524 if ((cpuid & 0xfff0) == 0xc240)
528 for (size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
529 if(devices[i].chip_id == sl->chip_id) {
530 params = &devices[i];
534 if (params == NULL) {
535 WLOG("unknown chip id! %#x\n", chip_id);
539 // These are fixed...
540 sl->flash_base = STM32_FLASH_BASE;
541 sl->sram_base = STM32_SRAM_BASE;
542 flash_size = stlink_read_debug32(sl,(params->flash_size_reg) & ~3);
543 if (params->flash_size_reg & 2)
544 flash_size = flash_size >>16;
545 flash_size = flash_size & 0xffff;
547 if ((sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) && ( flash_size == 0 )) {
548 sl->flash_size = 128 * 1024;
549 } else if (sl->chip_id == STM32_CHIPID_L1_CAT2) {
550 sl->flash_size = (flash_size & 0xff) * 1024;
551 } else if ((sl->chip_id & 0xFFF) == STM32_CHIPID_L1_HIGH) {
552 // 0 is 384k and 1 is 256k
553 if ( flash_size == 0 ) {
554 sl->flash_size = 384 * 1024;
556 sl->flash_size = 256 * 1024;
559 sl->flash_size = flash_size * 1024;
561 sl->flash_pgsz = params->flash_pagesize;
562 sl->sram_size = params->sram_size;
563 sl->sys_base = params->bootrom_base;
564 sl->sys_size = params->bootrom_size;
566 //medium and low devices have the same chipid. ram size depends on flash size.
567 //STM32F100xx datasheet Doc ID 16455 Table 2
568 if(sl->chip_id == STM32_CHIPID_F1_VL_MEDIUM_LOW && sl->flash_size < 64 * 1024){
569 sl->sram_size = 0x1000;
572 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
573 // TODO make note of variable page size here.....
574 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
575 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
580 void stlink_reset(stlink_t *sl) {
581 DLOG("*** stlink_reset ***\n");
582 sl->backend->reset(sl);
585 void stlink_jtag_reset(stlink_t *sl, int value) {
586 DLOG("*** stlink_jtag_reset ***\n");
587 sl->backend->jtag_reset(sl, value);
590 void stlink_run(stlink_t *sl) {
591 DLOG("*** stlink_run ***\n");
592 sl->backend->run(sl);
595 void stlink_status(stlink_t *sl) {
596 DLOG("*** stlink_status ***\n");
597 sl->backend->status(sl);
598 stlink_core_stat(sl);
602 * Decode the version bits, originally from -sg, verified with usb
603 * @param sl stlink context, assumed to contain valid data in the buffer
604 * @param slv output parsed version object
606 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
607 uint32_t b0 = sl->q_buf[0]; //lsb
608 uint32_t b1 = sl->q_buf[1];
609 uint32_t b2 = sl->q_buf[2];
610 uint32_t b3 = sl->q_buf[3];
611 uint32_t b4 = sl->q_buf[4];
612 uint32_t b5 = sl->q_buf[5]; //msb
614 // b0 b1 || b2 b3 | b4 b5
615 // 4b | 6b | 6b || 2B | 2B
616 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
618 slv->stlink_v = (b0 & 0xf0) >> 4;
619 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
620 slv->swim_v = b1 & 0x3f;
621 slv->st_vid = (b3 << 8) | b2;
622 slv->stlink_pid = (b5 << 8) | b4;
626 void stlink_version(stlink_t *sl) {
627 DLOG("*** looking up stlink version\n");
628 sl->backend->version(sl);
629 _parse_version(sl, &sl->version);
631 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
632 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
633 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
634 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
635 DLOG("swim version = 0x%x\n", sl->version.swim_v);
636 if (sl->version.jtag_v == 0) {
637 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
639 if (sl->version.swim_v == 0) {
640 DLOG(" notice: the firmware doesn't support a swim interface\n");
644 int stlink_target_voltage(stlink_t *sl) {
646 DLOG("*** reading target voltage\n");
647 if (sl->backend->target_voltage != NULL) {
648 voltage = sl->backend->target_voltage(sl);
650 DLOG("target voltage = %ldmV\n", voltage);
652 DLOG("error reading target voltage\n");
655 DLOG("reading voltage not supported by backend\n");
660 uint32_t stlink_read_debug32(stlink_t *sl, uint32_t addr) {
661 uint32_t data = sl->backend->read_debug32(sl, addr);
662 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
666 void stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
667 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
668 sl->backend->write_debug32(sl, addr, data);
671 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
672 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
674 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
677 sl->backend->write_mem32(sl, addr, len);
680 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
681 DLOG("*** stlink_read_mem32 ***\n");
682 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
683 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
687 sl->backend->read_mem32(sl, addr, len);
690 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
691 DLOG("*** stlink_write_mem8 ***\n");
692 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
693 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
697 sl->backend->write_mem8(sl, addr, len);
700 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
701 DLOG("*** stlink_read_all_regs ***\n");
702 sl->backend->read_all_regs(sl, regp);
705 void stlink_read_all_unsupported_regs(stlink_t *sl, reg *regp) {
706 DLOG("*** stlink_read_all_unsupported_regs ***\n");
707 sl->backend->read_all_unsupported_regs(sl, regp);
710 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
711 DLOG("*** stlink_write_reg\n");
712 sl->backend->write_reg(sl, reg, idx);
715 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
716 DLOG("*** stlink_read_reg\n");
717 DLOG(" (%d) ***\n", r_idx);
719 if (r_idx > 20 || r_idx < 0) {
720 fprintf(stderr, "Error: register index must be in [0..20]\n");
724 sl->backend->read_reg(sl, r_idx, regp);
727 void stlink_read_unsupported_reg(stlink_t *sl, int r_idx, reg *regp) {
730 DLOG("*** stlink_read_unsupported_reg\n");
731 DLOG(" (%d) ***\n", r_idx);
733 /* Convert to values used by DCRSR */
734 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
736 } else if (r_idx == 0x40) { /* FPSCR */
738 } else if (r_idx >= 0x20 && r_idx < 0x40) {
739 r_convert = 0x40 + (r_idx - 0x20);
741 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
745 sl->backend->read_unsupported_reg(sl, r_convert, regp);
748 void stlink_write_unsupported_reg(stlink_t *sl, uint32_t val, int r_idx, reg *regp) {
751 DLOG("*** stlink_write_unsupported_reg\n");
752 DLOG(" (%d) ***\n", r_idx);
754 /* Convert to values used by DCRSR */
755 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
756 r_convert = r_idx; /* The backend function handles this */
757 } else if (r_idx == 0x40) { /* FPSCR */
759 } else if (r_idx >= 0x20 && r_idx < 0x40) {
760 r_convert = 0x40 + (r_idx - 0x20);
762 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
766 sl->backend->write_unsupported_reg(sl, val, r_convert, regp);
769 unsigned int is_core_halted(stlink_t *sl) {
770 /* return non zero if core is halted */
772 return sl->q_buf[0] == STLINK_CORE_HALTED;
775 void stlink_step(stlink_t *sl) {
776 DLOG("*** stlink_step ***\n");
777 sl->backend->step(sl);
780 int stlink_current_mode(stlink_t *sl) {
781 int mode = sl->backend->current_mode(sl);
783 case STLINK_DEV_DFU_MODE:
784 DLOG("stlink current mode: dfu\n");
786 case STLINK_DEV_DEBUG_MODE:
787 DLOG("stlink current mode: debug (jtag or swd)\n");
789 case STLINK_DEV_MASS_MODE:
790 DLOG("stlink current mode: mass\n");
793 DLOG("stlink mode: unknown!\n");
794 return STLINK_DEV_UNKNOWN_MODE;
800 // End of delegates.... Common code below here...
803 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
805 // #define is_bigendian() ( (*(char*)&i) == 0 )
807 inline unsigned int is_bigendian(void) {
808 static volatile const unsigned int i = 1;
809 return *(volatile const char*) &i == 0;
812 uint16_t read_uint16(const unsigned char *c, const int pt) {
814 char *p = (char *) &ui;
816 if (!is_bigendian()) { // le -> le (don't swap)
826 // same as above with entrypoint.
828 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
829 stlink_write_reg(sl, addr, 15); /* pc register */
833 while (is_core_halted(sl) == 0)
837 void stlink_core_stat(stlink_t *sl) {
841 switch (sl->q_buf[0]) {
842 case STLINK_CORE_RUNNING:
843 sl->core_stat = STLINK_CORE_RUNNING;
844 DLOG(" core status: running\n");
846 case STLINK_CORE_HALTED:
847 sl->core_stat = STLINK_CORE_HALTED;
848 DLOG(" core status: halted\n");
851 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
852 fprintf(stderr, " core status: unknown\n");
856 void stlink_print_data(stlink_t * sl) {
857 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
860 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
862 for (int i = 0; i < sl->q_len; i++) {
865 if (sl->q_data_dir == Q_DATA_OUT)
866 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
868 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
871 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
873 fputs("\n\n", stdout);
876 /* memory mapped file */
878 typedef struct mapped_file {
883 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
885 static int map_file(mapped_file_t* mf, const char* path) {
889 const int fd = open(path, O_RDONLY | O_BINARY);
891 fprintf(stderr, "open(%s) == -1\n", path);
895 if (fstat(fd, &st) == -1) {
896 fprintf(stderr, "fstat() == -1\n");
900 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
901 if (mf->base == MAP_FAILED) {
902 fprintf(stderr, "mmap() == MAP_FAILED\n");
906 mf->len = st.st_size;
917 static void unmap_file(mapped_file_t * mf) {
918 munmap((void*) mf->base, mf->len);
919 mf->base = (unsigned char*) MAP_FAILED;
923 /* Limit the block size to compare to 0x1800
924 Anything larger will stall the STLINK2
925 Maybe STLINK V1 needs smaller value!*/
926 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
928 size_t n_cmp = sl->flash_pgsz;
932 for (off = 0; off < mf->len; off += n_cmp) {
935 /* adjust last page size */
936 size_t cmp_size = n_cmp;
937 if ((off + n_cmp) > mf->len)
938 cmp_size = mf->len - off;
940 aligned_size = cmp_size;
941 if (aligned_size & (4 - 1))
942 aligned_size = (cmp_size + 4) & ~(4 - 1);
944 stlink_read_mem32(sl, addr + off, aligned_size);
946 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
953 int stlink_fwrite_sram
954 (stlink_t * sl, const char* path, stm32_addr_t addr) {
955 /* write the file in sram at addr */
960 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
963 if (map_file(&mf, path) == -1) {
964 fprintf(stderr, "map_file() == -1\n");
968 /* check addr range is inside the sram */
969 if (addr < sl->sram_base) {
970 fprintf(stderr, "addr too low\n");
972 } else if ((addr + mf.len) < addr) {
973 fprintf(stderr, "addr overruns\n");
975 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
976 fprintf(stderr, "addr too high\n");
978 } else if (addr & 3) {
980 fprintf(stderr, "unaligned addr\n");
990 /* do the copy by 1k blocks */
991 for (off = 0; off < len; off += 1024) {
993 if ((off + size) > len)
996 memcpy(sl->q_buf, mf.base + off, size);
998 /* round size if needed */
1002 stlink_write_mem32(sl, addr + off, size);
1006 memcpy(sl->q_buf, mf.base + len, mf.len - len);
1007 stlink_write_mem8(sl, addr + len, mf.len - len);
1010 /* check the file ha been written */
1011 if (check_file(sl, &mf, addr) == -1) {
1012 fprintf(stderr, "check_file() == -1\n");
1019 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1020 /* Set PC to the reset routine*/
1021 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1029 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
1030 /* read size bytes from addr to file */
1036 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
1038 fprintf(stderr, "open(%s) == -1\n", path);
1043 size = sl->flash_size;
1045 if (size > sl->flash_size)
1046 size = sl->flash_size;
1048 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1049 for (off = 0; off < size; off += cmp_size) {
1050 size_t aligned_size;
1052 /* adjust last page size */
1053 if ((off + cmp_size) > size)
1054 cmp_size = size - off;
1056 aligned_size = cmp_size;
1057 if (aligned_size & (4 - 1))
1058 aligned_size = (cmp_size + 4) & ~(4 - 1);
1060 stlink_read_mem32(sl, addr + off, aligned_size);
1062 if (write(fd, sl->q_buf, sl->q_len) != (ssize_t) aligned_size) {
1063 fprintf(stderr, "write() != aligned_size\n");
1077 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
1078 /* write the buffer right after the loader */
1079 size_t chunk = size & ~0x3;
1080 size_t rem = size & 0x3;
1082 memcpy(sl->q_buf, buf, chunk);
1083 stlink_write_mem32(sl, fl->buf_addr, chunk);
1086 memcpy(sl->q_buf, buf+chunk, rem);
1087 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
1092 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
1093 uint32_t offset = 0;
1094 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1095 if (flashaddr >= 0x100000) {
1097 flashaddr -= 0x100000;
1099 if (flashaddr<0x4000) return (offset + 0);
1100 else if(flashaddr<0x8000) return(offset + 1);
1101 else if(flashaddr<0xc000) return(offset + 2);
1102 else if(flashaddr<0x10000) return(offset + 3);
1103 else if(flashaddr<0x20000) return(offset + 4);
1104 else return offset + (flashaddr/0x20000) +4;
1108 uint32_t calculate_F7_sectornum(uint32_t flashaddr){
1109 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1110 if(flashaddr<0x20000) return(flashaddr/0x8000);
1111 else if(flashaddr<0x40000) return(4);
1112 else return(flashaddr/0x40000) +4;
1116 // Returns BKER:PNB for the given page address
1117 uint32_t calculate_L4_page(stlink_t *sl, uint32_t flashaddr) {
1119 uint32_t flashopt = stlink_read_debug32(sl, STM32L4_FLASH_OPTR);
1120 flashaddr -= STM32_FLASH_BASE;
1121 if (flashopt & (1lu << STM32L4_FLASH_OPTR_DUALBANK)) {
1122 uint32_t banksize = sl->flash_size / 2;
1123 if (flashaddr > banksize) {
1124 flashaddr -= banksize;
1128 // For 1MB chips without the dual-bank option set, the page address will
1129 // overflow into the BKER bit, which gives us the correct bank:page value.
1130 return bker | flashaddr/sl->flash_pgsz;
1133 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
1134 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1135 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
1136 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1137 uint32_t sector=calculate_F4_sectornum(flashaddr);
1141 if (sector<4) sl->flash_pgsz=0x4000;
1142 else if(sector<5) sl->flash_pgsz=0x10000;
1143 else sl->flash_pgsz=0x20000;
1145 else if (sl->chip_id == STM32_CHIPID_F7) {
1146 uint32_t sector=calculate_F7_sectornum(flashaddr);
1147 if (sector<4) sl->flash_pgsz=0x8000;
1148 else if(sector<5) sl->flash_pgsz=0x20000;
1149 else sl->flash_pgsz=0x40000;
1151 return (sl->flash_pgsz);
1155 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
1156 * @param sl stlink context
1157 * @param flashaddr an address in the flash page to erase
1158 * @return 0 on success -ve on failure
1160 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
1162 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1163 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
1164 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4)|| (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1165 /* wait for ongoing op to finish */
1166 wait_flash_busy(sl);
1168 /* unlock if locked */
1169 unlock_flash_if(sl);
1171 /* select the page to erase */
1172 if (sl->chip_id == STM32_CHIPID_L4) {
1173 // calculate the actual bank+page from the address
1174 uint32_t page = calculate_L4_page(sl, flashaddr);
1176 write_flash_cr_bker_pnb(sl, page);
1177 } else if (sl->chip_id == STM32_CHIPID_F7) {
1178 // calculate the actual page from the address
1179 uint32_t sector=calculate_F7_sectornum(flashaddr);
1181 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1183 write_flash_cr_snb(sl, sector);
1185 // calculate the actual page from the address
1186 uint32_t sector=calculate_F4_sectornum(flashaddr);
1188 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1190 //the SNB values for flash sectors in the second bank do not directly follow the values for the first bank on 2mb devices...
1191 if (sector >= 12) sector += 4;
1193 write_flash_cr_snb(sl, sector);
1196 /* start erase operation */
1197 set_flash_cr_strt(sl);
1199 /* wait for completion */
1200 wait_flash_busy(sl);
1202 /* relock the flash */
1203 //todo: fails to program if this is in
1206 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
1208 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1209 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1210 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1213 uint32_t flash_regs_base;
1214 if (sl->chip_id == STM32_CHIPID_L0) {
1215 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1217 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1220 /* check if the locks are set */
1221 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1222 if((val & (1<<0))||(val & (1<<1))) {
1223 /* disable pecr protection */
1224 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1225 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1227 /* check pecr.pelock is cleared */
1228 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1229 if (val & (1 << 0)) {
1230 WLOG("pecr.pelock not clear (%#x)\n", val);
1234 /* unlock program memory */
1235 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1236 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1238 /* check pecr.prglock is cleared */
1239 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1240 if (val & (1 << 1)) {
1241 WLOG("pecr.prglock not clear (%#x)\n", val);
1246 /* set pecr.{erase,prog} */
1247 val |= (1 << 9) | (1 << 3);
1248 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1249 #if 0 /* fix_to_be_confirmed */
1251 /* wait for sr.busy to be cleared
1252 * MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1253 * wrong and we do not need to wait here for clearing the busy bit.
1254 * TEXANE: ok, if experience says so and it works for you, we comment
1255 * it. If someone has a problem, please drop an email.
1257 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1260 #endif /* fix_to_be_confirmed */
1262 /* write 0 to the first word of the page to be erased */
1263 stlink_write_debug32(sl, flashaddr, 0);
1265 /* MP: It is better to wait for clearing the busy bit after issuing
1266 page erase command, even though PM0062 recommends to wait before it.
1267 Test shows that a few iterations is performed in the following loop
1268 before busy bit is cleared.*/
1269 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0)
1272 /* reset lock bits */
1273 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF)
1274 | (1 << 0) | (1 << 1) | (1 << 2);
1275 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1276 } else if (sl->core_id == STM32VL_CORE_ID
1277 || sl->core_id == STM32F0_CORE_ID
1278 || sl->chip_id == STM32_CHIPID_F3
1279 || sl->chip_id == STM32_CHIPID_F3_SMALL
1280 || sl->chip_id == STM32_CHIPID_F303_HIGH
1281 || sl->chip_id == STM32_CHIPID_F37x
1282 || sl->chip_id == STM32_CHIPID_F334) {
1283 /* wait for ongoing op to finish */
1284 wait_flash_busy(sl);
1286 /* unlock if locked */
1287 unlock_flash_if(sl);
1289 /* set the page erase bit */
1290 set_flash_cr_per(sl);
1292 /* select the page to erase */
1293 write_flash_ar(sl, flashaddr);
1295 /* start erase operation, reset by hw with bsy bit */
1296 set_flash_cr_strt(sl);
1298 /* wait for completion */
1299 wait_flash_busy(sl);
1301 /* relock the flash */
1304 WLOG("unknown coreid %x, page erase failed\n", sl->core_id);
1308 /* todo: verify the erased page */
1313 int stlink_erase_flash_mass(stlink_t *sl) {
1314 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1315 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1316 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1317 /* erase each page */
1318 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1319 for (i = 0; i < num_pages; i++) {
1320 /* addr must be an addr inside the page */
1321 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1322 if (stlink_erase_flash_page(sl, addr) == -1) {
1323 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1326 fprintf(stdout,"\rFlash page at %5d/%5d erased", i, num_pages);
1329 fprintf(stdout, "\n");
1331 /* wait for ongoing op to finish */
1332 wait_flash_busy(sl);
1334 /* unlock if locked */
1335 unlock_flash_if(sl);
1337 /* set the mass erase bit */
1338 set_flash_cr_mer(sl);
1340 /* start erase operation, reset by hw with bsy bit */
1341 set_flash_cr_strt(sl);
1343 /* wait for completion */
1344 wait_flash_busy_progress(sl);
1346 /* relock the flash */
1349 /* todo: verify the erased memory */
1354 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1357 /* allocate the loader in sram */
1358 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1359 WLOG("Failed to write flash loader to sram!\n");
1363 /* allocate a one page buffer in sram right after loader */
1364 fl->buf_addr = fl->loader_addr + size;
1365 ILOG("Successfully loaded flash loader in sram\n");
1369 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1370 /* from openocd, contrib/loaders/flash/stm32.s */
1371 static const uint8_t loader_code_stm32vl[] = {
1372 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1373 0x1c, 0x44, /* add r4, r3 */
1374 /* write_half_word: */
1375 0x01, 0x23, /* movs r3, #0x01 */
1376 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1377 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1378 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1380 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1381 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1382 0xfb, 0xd0, /* beq busy */
1383 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1384 0x01, 0xd1, /* bne exit */
1385 0x01, 0x3a, /* subs r2, r2, #0x01 */
1386 0xf0, 0xd1, /* bne write_half_word */
1388 0x00, 0xbe, /* bkpt #0x00 */
1389 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1392 /* flashloaders/stm32f0.s -- thumb1 only, same sequence as for STM32VL, bank ignored */
1393 static const uint8_t loader_code_stm32f0[] = {
1396 * These two NOPs here are a safety precaution, added by Pekka Nikander
1397 * while debugging the STM32F05x support. They may not be needed, but
1398 * there were strange problems with simpler programs, like a program
1399 * that had just a breakpoint or a program that first moved zero to register r2
1400 * and then had a breakpoint. So, it appears safest to have these two nops.
1402 * Feel free to remove them, if you dare, but then please do test the result
1403 * rigorously. Also, if you remove these, it may be a good idea first to
1404 * #if 0 them out, with a comment when these were taken out, and to remove
1405 * these only a few months later... But YMMV.
1407 0x00, 0x30, // nop /* add r0,#0 */
1408 0x00, 0x30, // nop /* add r0,#0 */
1410 0x0A, 0x4C, // ldr r4, STM32_FLASH_BASE
1411 0x01, 0x25, // mov r5, #1 /* FLASH_CR_PG, FLASH_SR_BUSY */
1412 0x04, 0x26, // mov r6, #4 /* PGERR */
1414 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1415 0x2B, 0x43, // orr r3, r5
1416 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR |= FLASH_CR_PG */
1417 0x03, 0x88, // ldrh r3, [r0] /* r3 = *sram */
1418 0x0B, 0x80, // strh r3, [r1] /* *flash = r3 */
1420 0xE3, 0x68, // ldr r3, [r4, #12] /* FLASH->SR */
1421 0x2B, 0x42, // tst r3, r5 /* FLASH_SR_BUSY */
1422 0xFC, 0xD0, // beq busy
1424 0x33, 0x42, // tst r3, r6 /* PGERR */
1425 0x04, 0xD1, // bne exit
1427 0x02, 0x30, // add r0, r0, #2 /* sram += 2 */
1428 0x02, 0x31, // add r1, r1, #2 /* flash += 2 */
1429 0x01, 0x3A, // sub r2, r2, #0x01 /* count-- */
1430 0x00, 0x2A, // cmp r2, #0
1431 0xF0, 0xD1, // bne write_half_word
1433 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1434 0xAB, 0x43, // bic r3, r5
1435 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR &= ~FLASH_CR_PG */
1436 0x00, 0xBE, // bkpt #0x00
1437 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1440 static const uint8_t loader_code_stm32l[] = {
1442 /* openocd.git/contrib/loaders/flash/stm32lx.S
1443 r0, input, dest addr
1444 r1, input, source addr
1445 r2, input, word count
1446 r3, output, word count
1452 0x51, 0xf8, 0x04, 0xcb,
1453 0x40, 0xf8, 0x04, 0xcb,
1461 static const uint8_t loader_code_stm32l0[] = {
1464 r0, input, dest addr
1465 r1, input, source addr
1466 r2, input, word count
1467 r3, output, word count
1484 static const uint8_t loader_code_stm32f4[] = {
1485 // flashloaders/stm32f4.s
1494 0x14, 0xf0, 0x01, 0x0f,
1496 0x00, 0xf1, 0x04, 0x00,
1497 0x01, 0xf1, 0x04, 0x01,
1498 0xa2, 0xf1, 0x01, 0x02,
1503 0x00, 0x3c, 0x02, 0x40,
1506 static const uint8_t loader_code_stm32f4_lv[] = {
1507 // flashloaders/stm32f4lv.s
1516 0x14, 0xf0, 0x01, 0x0f,
1518 0x00, 0xf1, 0x01, 0x00,
1519 0x01, 0xf1, 0x01, 0x01,
1520 0xa2, 0xf1, 0x01, 0x02,
1526 0x00, 0x3c, 0x02, 0x40,
1529 static const uint8_t loader_code_stm32l4[] = {
1530 // flashloaders/stm32l4.s
1531 0x08, 0x4b, // start: ldr r3, [pc, #32] ; <flash_base>
1532 0x72, 0xb1, // next: cbz r2, <done>
1533 0x04, 0x68, // ldr r4, [r0, #0]
1534 0x45, 0x68, // ldr r5, [r0, #4]
1535 0x0c, 0x60, // str r4, [r1, #0]
1536 0x4d, 0x60, // str r5, [r1, #4]
1537 0x5c, 0x8a, // wait: ldrh r4, [r3, #18]
1538 0x14, 0xf0, 0x01, 0x0f, // tst.w r4, #1
1539 0xfb, 0xd1, // bne.n <wait>
1540 0x00, 0xf1, 0x08, 0x00, // add.w r0, r0, #8
1541 0x01, 0xf1, 0x08, 0x01, // add.w r1, r1, #8
1542 0xa2, 0xf1, 0x02, 0x02, // add.w r2, r2, #2
1543 0xef, 0xe7, // b.n <next>
1544 0x00, 0xbe, // done: bkpt 0x0000
1545 0x00, 0x20, 0x02, 0x40 // flash_base: .word 0x40022000
1548 static const uint8_t loader_code_stm32f7[] = {
1553 0xbf, 0xf3, 0x4f, 0x8f, // DSB Memory barrier for in order flash write
1555 0x14, 0xf0, 0x01, 0x0f,
1557 0x00, 0xf1, 0x04, 0x00,
1558 0x01, 0xf1, 0x04, 0x01,
1559 0xa2, 0xf1, 0x01, 0x02,
1561 0x00, 0xbe, // bkpt #0x00
1562 0x00, 0x3c, 0x02, 0x40,
1565 const uint8_t* loader_code;
1568 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1569 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1570 || sl->chip_id == STM32_CHIPID_L152_RE) { /* stm32l */
1571 loader_code = loader_code_stm32l;
1572 loader_size = sizeof(loader_code_stm32l);
1573 } else if (sl->core_id == STM32VL_CORE_ID
1574 || sl->chip_id == STM32_CHIPID_F3
1575 || sl->chip_id == STM32_CHIPID_F3_SMALL
1576 || sl->chip_id == STM32_CHIPID_F303_HIGH
1577 || sl->chip_id == STM32_CHIPID_F37x
1578 || sl->chip_id == STM32_CHIPID_F334) {
1579 loader_code = loader_code_stm32vl;
1580 loader_size = sizeof(loader_code_stm32vl);
1581 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1582 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
1583 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F4_DSI)){
1584 int voltage = stlink_target_voltage(sl);
1585 if (voltage > 2700) {
1586 loader_code = loader_code_stm32f4;
1587 loader_size = sizeof(loader_code_stm32f4);
1589 loader_code = loader_code_stm32f4_lv;
1590 loader_size = sizeof(loader_code_stm32f4_lv);
1592 } else if (sl->chip_id == STM32_CHIPID_F7){
1593 loader_code = loader_code_stm32f7;
1594 loader_size = sizeof(loader_code_stm32f7);
1595 } else if (sl->chip_id == STM32_CHIPID_F0 || sl->chip_id == STM32_CHIPID_F04 || sl->chip_id == STM32_CHIPID_F0_CAN || sl->chip_id == STM32_CHIPID_F0_SMALL || sl->chip_id == STM32_CHIPID_F09X) {
1596 loader_code = loader_code_stm32f0;
1597 loader_size = sizeof(loader_code_stm32f0);
1598 } else if (sl->chip_id == STM32_CHIPID_L0) {
1599 loader_code = loader_code_stm32l0;
1600 loader_size = sizeof(loader_code_stm32l0);
1601 } else if (sl->chip_id == STM32_CHIPID_L4) {
1602 loader_code = loader_code_stm32l4;
1603 loader_size = sizeof(loader_code_stm32l4);
1605 ELOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1609 memcpy(sl->q_buf, loader_code, loader_size);
1610 stlink_write_mem32(sl, sl->sram_base, loader_size);
1612 *addr = sl->sram_base;
1613 *size = loader_size;
1619 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1620 /* check the contents of path are at addr */
1623 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1625 if (map_file(&mf, path) == -1)
1628 res = check_file(sl, &mf, addr);
1636 * Verify addr..addr+len is binary identical to base...base+len
1637 * @param sl stlink context
1638 * @param address stm device address
1639 * @param data host side buffer to check against
1640 * @param length how much
1641 * @return 0 for success, -ve for failure
1643 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1645 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1646 ILOG("Starting verification of write complete\n");
1647 for (off = 0; off < length; off += cmp_size) {
1648 size_t aligned_size;
1650 /* adjust last page size */
1651 if ((off + cmp_size) > length)
1652 cmp_size = length - off;
1654 aligned_size = cmp_size;
1655 if (aligned_size & (4 - 1))
1656 aligned_size = (cmp_size + 4) & ~(4 - 1);
1658 stlink_read_mem32(sl, address + off, aligned_size);
1660 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1661 ELOG("Verification of flash failed at offset: %zd\n", off);
1665 ILOG("Flash written and verified! jolly good!\n");
1670 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len, uint32_t pagesize)
1673 unsigned int num_half_pages = len / pagesize;
1675 uint32_t flash_regs_base;
1678 if (sl->chip_id == STM32_CHIPID_L0) {
1679 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1681 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1684 ILOG("Starting Half page flash write for STM32L core id\n");
1685 /* flash loader initialization */
1686 if (init_flash_loader(sl, &fl) == -1) {
1687 WLOG("init_flash_loader() == -1\n");
1690 /* Unlock already done */
1691 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1692 val |= (1 << FLASH_L1_FPRG);
1693 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1695 val |= (1 << FLASH_L1_PROG);
1696 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1697 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0) {}
1699 for (count = 0; count < num_half_pages; count ++) {
1700 if (run_flash_loader(sl, &fl, addr + count * pagesize, base + count * pagesize, pagesize) == -1) {
1701 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * pagesize);
1702 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1703 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1704 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1707 /* wait for sr.busy to be cleared */
1708 if (sl->verbose >= 1) {
1709 /* show progress. writing procedure is slow
1710 and previous errors are misleading */
1711 fprintf(stdout, "\r%3u/%u halfpages written", count + 1, num_half_pages);
1714 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0) {
1717 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1718 val &= ~(1 << FLASH_L1_PROG);
1719 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1720 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1721 val &= ~(1 << FLASH_L1_FPRG);
1722 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1727 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len) {
1730 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1731 len, len, addr, addr);
1732 /* check addr range is inside the flash */
1733 stlink_calculate_pagesize(sl, addr);
1734 if (addr < sl->flash_base) {
1735 ELOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1737 } else if ((addr + len) < addr) {
1738 ELOG("addr overruns\n");
1740 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1741 ELOG("addr too high\n");
1743 } else if (addr & 1) {
1744 ELOG("unaligned addr 0x%x\n", addr);
1746 } else if (len & 1) {
1747 WLOG("unaligned len 0x%x -- padding with zero\n", len);
1749 } else if (addr & (sl->flash_pgsz - 1)) {
1750 ELOG("addr not a multiple of pagesize, not supported\n");
1754 // Make sure we've loaded the context with the chip details
1756 /* erase each page */
1758 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1759 /* addr must be an addr inside the page */
1760 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1761 ELOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1764 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1765 (unsigned long)addr + off);
1769 fprintf(stdout,"\n");
1770 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1771 page_count, sl->flash_pgsz, sl->flash_pgsz);
1773 if ((sl->chip_id == STM32_CHIPID_F2) ||
1774 (sl->chip_id == STM32_CHIPID_F4) ||
1775 (sl->chip_id == STM32_CHIPID_F4_DE) ||
1776 (sl->chip_id == STM32_CHIPID_F4_LP) ||
1777 (sl->chip_id == STM32_CHIPID_F4_HD) ||
1778 (sl->chip_id == STM32_CHIPID_F411RE) ||
1779 (sl->chip_id == STM32_CHIPID_F446) ||
1780 (sl->chip_id == STM32_CHIPID_F7) ||
1781 (sl->chip_id == STM32_CHIPID_L4) ||
1782 (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1783 /* todo: check write operation */
1785 ILOG("Starting Flash write for F2/F4/L4\n");
1786 /* flash loader initialization */
1787 if (init_flash_loader(sl, &fl) == -1) {
1788 ELOG("init_flash_loader() == -1\n");
1792 /* First unlock the cr */
1793 unlock_flash_if(sl);
1795 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1796 if (sl->chip_id != STM32_CHIPID_L4) {
1797 /* set parallelisim to 32 bit*/
1798 int voltage = stlink_target_voltage(sl);
1799 if (voltage > 2700) {
1800 printf("enabling 32-bit flash writes\n");
1801 write_flash_cr_psiz(sl, 2);
1803 printf("Target voltage (%d mV) too low for 32-bit flash, using 8-bit flash writes\n", voltage);
1804 write_flash_cr_psiz(sl, 0);
1807 /* L4 does not have a byte-write mode */
1808 int voltage = stlink_target_voltage(sl);
1809 if (voltage < 1710) {
1810 printf("Target voltage (%d mV) too low for flash writes!\n", voltage);
1815 /* set programming mode */
1816 set_flash_cr_pg(sl);
1818 for(off = 0; off < len;) {
1819 size_t size = len - off > 0x8000 ? 0x8000 : len - off;
1821 printf("size: %zu\n", size);
1823 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1824 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1836 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1837 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1838 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1839 /* use fast word write. todo: half page. */
1841 uint32_t flash_regs_base;
1844 if (sl->chip_id == STM32_CHIPID_L0) {
1845 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1846 pagesize = L0_WRITE_BLOCK_SIZE;
1848 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1849 pagesize = L1_WRITE_BLOCK_SIZE;
1852 /* todo: check write operation */
1854 /* disable pecr protection */
1855 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1856 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1858 /* check pecr.pelock is cleared */
1859 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1860 if (val & (1 << 0)) {
1861 fprintf(stderr, "pecr.pelock not clear\n");
1865 /* unlock program memory */
1866 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1867 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1869 /* check pecr.prglock is cleared */
1870 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF);
1871 if (val & (1 << 1)) {
1872 fprintf(stderr, "pecr.prglock not clear\n");
1876 if (len > pagesize) {
1877 if (stm32l1_write_half_pages(sl, addr, base, len, pagesize) == -1) {
1878 /* This may happen on a blank device! */
1879 WLOG("\nwrite_half_pages failed == -1\n");
1881 off = (len / pagesize)*pagesize;
1885 /* write remainingword in program memory */
1886 for ( ; off < len; off += sizeof(uint32_t)) {
1889 fprintf(stdout, "\r");
1891 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1892 fprintf(stdout, "\r%3zd/%3zd pages written",
1893 off/sl->flash_pgsz, len/sl->flash_pgsz);
1897 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1898 stlink_write_debug32(sl, addr + off, data);
1900 /* wait for sr.busy to be cleared */
1901 while ((stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF) & (1 << 0)) != 0)
1904 /* todo: check redo write operation */
1907 fprintf(stdout, "\n");
1908 /* reset lock bits */
1909 val = stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF)
1910 | (1 << 0) | (1 << 1) | (1 << 2);
1911 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1912 } else if (sl->core_id == STM32VL_CORE_ID ||
1913 sl->core_id == STM32F0_CORE_ID ||
1914 sl->chip_id == STM32_CHIPID_F3 ||
1915 sl->chip_id == STM32_CHIPID_F3_SMALL ||
1916 sl->chip_id == STM32_CHIPID_F303_HIGH ||
1917 sl->chip_id == STM32_CHIPID_F334 ||
1918 sl->chip_id == STM32_CHIPID_F37x) {
1919 ILOG("Starting Flash write for VL/F0/F3 core id\n");
1920 /* flash loader initialization */
1921 if (init_flash_loader(sl, &fl) == -1) {
1922 ELOG("init_flash_loader() == -1\n");
1926 int write_block_count = 0;
1927 for (off = 0; off < len; off += sl->flash_pgsz) {
1928 /* adjust last write size */
1929 size_t size = sl->flash_pgsz;
1930 if ((off + sl->flash_pgsz) > len) size = len - off;
1932 /* unlock and set programming mode */
1933 unlock_flash_if(sl);
1934 set_flash_cr_pg(sl);
1935 //DLOG("Finished setting flash cr pg, running loader!\n");
1936 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1937 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1941 if (sl->verbose >= 1) {
1942 /* show progress. writing procedure is slow
1943 and previous errors are misleading */
1944 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
1948 fprintf(stdout, "\n");
1950 ELOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1954 return stlink_verify_write_flash(sl, addr, base, len);
1958 * Write the given binary file into flash at address "addr"
1960 * @param path readable file path, should be binary image
1961 * @param addr where to start writing
1962 * @return 0 on success, -ve on failure.
1964 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1965 /* write the file in flash at addr */
1967 unsigned int num_empty = 0, index;
1968 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1969 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1970 || sl->chip_id == STM32_CHIPID_L152_RE) ? 0:0xff;
1971 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1972 if (map_file(&mf, path) == -1) {
1973 ELOG("map_file() == -1\n");
1976 for(index = 0; index < mf.len; index ++) {
1977 if (mf.base[index] == erased_pattern)
1982 /* Round down to words */
1983 num_empty -= (num_empty & 3);
1984 if(num_empty != 0) {
1985 ILOG("Ignoring %d bytes of 0x%02x at end of file\n", num_empty, erased_pattern);
1986 mf.len -= num_empty;
1988 err = stlink_write_flash(sl, addr, mf.base, mf.len);
1990 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1991 /* Set PC to the reset routine*/
1992 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1998 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
2002 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
2003 // FIXME This can never return -1
2004 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
2006 ELOG("write_buffer_to_sram() == -1\n");
2010 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2011 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2012 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
2014 size_t count = size / sizeof(uint32_t);
2015 if (size % sizeof(uint32_t)) ++count;
2018 stlink_write_reg(sl, target, 0); /* target */
2019 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
2020 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
2021 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2023 } else if (sl->core_id == STM32VL_CORE_ID ||
2024 sl->core_id == STM32F0_CORE_ID ||
2025 sl->chip_id == STM32_CHIPID_F3 ||
2026 sl->chip_id == STM32_CHIPID_F3_SMALL ||
2027 sl->chip_id == STM32_CHIPID_F303_HIGH ||
2028 sl->chip_id == STM32_CHIPID_F37x ||
2029 sl->chip_id == STM32_CHIPID_F334) {
2031 size_t count = size / sizeof(uint16_t);
2032 if (size % sizeof(uint16_t)) ++count;
2035 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
2036 stlink_write_reg(sl, target, 1); /* target */
2037 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
2038 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
2039 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2041 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
2042 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
2043 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
2045 size_t count = size / sizeof(uint32_t);
2046 if (size % sizeof(uint32_t)) ++count;
2047 if (sl->chip_id == STM32_CHIPID_L4) {
2048 if (count % 2) ++count;
2052 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
2053 stlink_write_reg(sl, target, 1); /* target */
2054 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
2055 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2058 fprintf(stderr, "unknown coreid 0x%x, don't know what flash loader to use\n", sl->core_id);
2065 #define WAIT_ROUNDS 10000
2066 /* wait until done (reaches breakpoint) */
2067 for (i = 0; i < WAIT_ROUNDS; i++) {
2069 if (is_core_halted(sl))
2073 if (i >= WAIT_ROUNDS) {
2074 ELOG("flash loader run error\n");
2078 /* check written byte count */
2079 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2080 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2081 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
2083 size_t count = size / sizeof(uint32_t);
2084 if (size % sizeof(uint32_t)) ++count;
2086 stlink_read_reg(sl, 3, &rr);
2087 if (rr.r[3] != count) {
2088 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
2092 } else if (sl->core_id == STM32VL_CORE_ID ||
2093 sl->core_id == STM32F0_CORE_ID ||
2094 sl->chip_id == STM32_CHIPID_F3 ||
2095 sl->chip_id == STM32_CHIPID_F3_SMALL ||
2096 sl->chip_id == STM32_CHIPID_F303_HIGH ||
2097 sl->chip_id == STM32_CHIPID_F37x ||
2098 sl->chip_id == STM32_CHIPID_F334) {
2100 stlink_read_reg(sl, 2, &rr);
2102 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
2106 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
2107 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
2108 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4) ||
2109 (sl->chip_id == STM32_CHIPID_F4_DSI)) {
2111 stlink_read_reg(sl, 2, &rr);
2113 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
2119 fprintf(stderr, "unknown coreid 0x%x, can't check written byte count\n", sl->core_id);
projects / fw / stlink / blob