10 #include <sys/types.h>
14 #include "stlink-common.h"
15 #include "uglylogging.h"
21 /* todo: stm32l15xxx flash memory, pm0062 manual */
23 /* stm32f FPEC flash controller interface, pm0063 manual */
24 // TODO - all of this needs to be abstracted out....
25 // STM32F05x is identical, based on RM0091 (DM00031936, Doc ID 018940 Rev 2, August 2012)
26 #define FLASH_REGS_ADDR 0x40022000
27 #define FLASH_REGS_SIZE 0x28
29 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
30 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
31 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
32 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
33 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
34 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
35 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
37 // For STM32F05x, the RDPTR_KEY may be wrong, but as it is not used anywhere...
38 #define FLASH_RDPTR_KEY 0x00a5
39 #define FLASH_KEY1 0x45670123
40 #define FLASH_KEY2 0xcdef89ab
42 #define FLASH_SR_BSY 0
43 #define FLASH_SR_EOP 5
46 #define FLASH_CR_PER 1
47 #define FLASH_CR_MER 2
48 #define FLASH_CR_STRT 6
49 #define FLASH_CR_LOCK 7
52 //32L = 32F1 same CoreID as 32F4!
53 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
54 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
55 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
56 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
57 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
58 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
59 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
60 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
61 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
62 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
63 #define FLASH_L1_FPRG 10
64 #define FLASH_L1_PROG 3
66 //32L4 register base is at FLASH_REGS_ADDR (0x40022000)
67 #define STM32L4_FLASH_KEYR (FLASH_REGS_ADDR + 0x08)
68 #define STM32L4_FLASH_SR (FLASH_REGS_ADDR + 0x10)
69 #define STM32L4_FLASH_CR (FLASH_REGS_ADDR + 0x14)
70 #define STM32L4_FLASH_OPTR (FLASH_REGS_ADDR + 0x20)
72 #define STM32L4_FLASH_SR_BSY 16
73 #define STM32L4_FLASH_SR_ERRMASK 0x3f8 /* SR [9:3] */
75 #define STM32L4_FLASH_CR_LOCK 31 /* Lock control register */
76 #define STM32L4_FLASH_CR_PG 0 /* Program */
77 #define STM32L4_FLASH_CR_PER 1 /* Page erase */
78 #define STM32L4_FLASH_CR_MER1 2 /* Bank 1 erase */
79 #define STM32L4_FLASH_CR_MER2 15 /* Bank 2 erase */
80 #define STM32L4_FLASH_CR_STRT 16 /* Start command */
81 #define STM32L4_FLASH_CR_BKER 11 /* Bank select for page erase */
82 #define STM32L4_FLASH_CR_PNB 3 /* Page number (8 bits) */
83 // Bits requesting flash operations (useful when we want to clear them)
84 #define STM32L4_FLASH_CR_OPBITS \
85 ((1lu<<STM32L4_FLASH_CR_PG) | (1lu<<STM32L4_FLASH_CR_PER) \
86 | (1lu<<STM32L4_FLASH_CR_MER1) | (1lu<<STM32L4_FLASH_CR_MER1))
87 // Page is fully specified by BKER and PNB
88 #define STM32L4_FLASH_CR_PAGEMASK (0x1fflu << STM32L4_FLASH_CR_PNB)
90 #define STM32L4_FLASH_OPTR_DUALBANK 21
92 //STM32L0x flash register base and offsets
94 // RM0090 - DM00031020.pdf
95 #define STM32L0_FLASH_REGS_ADDR ((uint32_t)0x40022000)
96 #define FLASH_ACR_OFF ((uint32_t) 0x00)
97 #define FLASH_PECR_OFF ((uint32_t) 0x04)
98 #define FLASH_PDKEYR_OFF ((uint32_t) 0x08)
99 #define FLASH_PEKEYR_OFF ((uint32_t) 0x0c)
100 #define FLASH_PRGKEYR_OFF ((uint32_t) 0x10)
101 #define FLASH_OPTKEYR_OFF ((uint32_t) 0x14)
102 #define FLASH_SR_OFF ((uint32_t) 0x18)
103 #define FLASH_OBR_OFF ((uint32_t) 0x1c)
104 #define FLASH_WRPR_OFF ((uint32_t) 0x20)
109 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
110 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
111 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
112 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
113 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
114 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
115 #define FLASH_F4_CR_STRT 16
116 #define FLASH_F4_CR_LOCK 31
117 #define FLASH_F4_CR_SER 1
118 #define FLASH_F4_CR_SNB 3
119 #define FLASH_F4_CR_SNB_MASK 0xf8
120 #define FLASH_F4_SR_BSY 16
122 #define L1_WRITE_BLOCK_SIZE 0x80
123 #define L0_WRITE_BLOCK_SIZE 0x40
125 void write_uint32(unsigned char* buf, uint32_t ui) {
126 if (!is_bigendian()) { // le -> le (don't swap)
127 buf[0] = ((unsigned char*) &ui)[0];
128 buf[1] = ((unsigned char*) &ui)[1];
129 buf[2] = ((unsigned char*) &ui)[2];
130 buf[3] = ((unsigned char*) &ui)[3];
132 buf[0] = ((unsigned char*) &ui)[3];
133 buf[1] = ((unsigned char*) &ui)[2];
134 buf[2] = ((unsigned char*) &ui)[1];
135 buf[3] = ((unsigned char*) &ui)[0];
139 void write_uint16(unsigned char* buf, uint16_t ui) {
140 if (!is_bigendian()) { // le -> le (don't swap)
141 buf[0] = ((unsigned char*) &ui)[0];
142 buf[1] = ((unsigned char*) &ui)[1];
144 buf[0] = ((unsigned char*) &ui)[1];
145 buf[1] = ((unsigned char*) &ui)[0];
149 uint32_t read_uint32(const unsigned char *c, const int pt) {
151 char *p = (char *) &ui;
153 if (!is_bigendian()) { // le -> le (don't swap)
167 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
169 stlink_read_debug32(sl, FLASH_WRPR, &rdp);
173 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
175 stlink_read_debug32(sl, FLASH_WRPR, &wrpr);
179 static inline uint32_t read_flash_obr(stlink_t *sl) {
181 stlink_read_debug32(sl, FLASH_OBR, &obr);
185 static inline uint32_t read_flash_cr(stlink_t *sl) {
187 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||(sl->chip_id == STM32_CHIPID_F4_DE) ||
188 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
189 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
190 stlink_read_debug32(sl, FLASH_F4_CR, &res);
191 else if (sl->chip_id == STM32_CHIPID_L4)
192 stlink_read_debug32(sl, STM32L4_FLASH_CR, &res);
194 stlink_read_debug32(sl, FLASH_CR, &res);
196 fprintf(stdout, "CR:0x%x\n", res);
201 static inline unsigned int is_flash_locked(stlink_t *sl) {
202 /* return non zero for true */
203 uint32_t cr = read_flash_cr(sl);
205 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
206 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
207 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
208 return cr & (1 << FLASH_F4_CR_LOCK);
209 else if (sl->chip_id == STM32_CHIPID_L4)
210 return cr & (1lu << STM32L4_FLASH_CR_LOCK);
212 return cr & (1 << FLASH_CR_LOCK);
215 static void unlock_flash(stlink_t *sl) {
216 /* the unlock sequence consists of 2 write cycles where
217 2 key values are written to the FLASH_KEYR register.
218 an invalid sequence results in a definitive lock of
219 the FPEC block until next reset.
221 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
222 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
223 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
224 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
225 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
226 } else if (sl->chip_id == STM32_CHIPID_L4) {
227 stlink_write_debug32(sl, STM32L4_FLASH_KEYR, FLASH_KEY1);
228 stlink_write_debug32(sl, STM32L4_FLASH_KEYR, FLASH_KEY2);
230 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
231 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
236 static int unlock_flash_if(stlink_t *sl) {
237 /* unlock flash if already locked */
239 if (is_flash_locked(sl)) {
241 if (is_flash_locked(sl)) {
242 WLOG("Failed to unlock flash!\n");
246 DLOG("Successfully unlocked flash\n");
250 static void lock_flash(stlink_t *sl) {
251 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
252 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
253 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
254 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
255 stlink_write_debug32(sl, FLASH_F4_CR, n);
256 } else if (sl->chip_id == STM32_CHIPID_L4) {
257 const uint32_t n = read_flash_cr(sl) | (1lu << STM32L4_FLASH_CR_LOCK);
258 stlink_write_debug32(sl, STM32L4_FLASH_CR, n);
260 /* write to 1 only. reset by hw at unlock sequence */
261 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
262 stlink_write_debug32(sl, FLASH_CR, n);
267 static void set_flash_cr_pg(stlink_t *sl) {
268 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
269 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
270 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
271 uint32_t x = read_flash_cr(sl);
272 x |= (1 << FLASH_CR_PG);
273 stlink_write_debug32(sl, FLASH_F4_CR, x);
274 } else if (sl->chip_id == STM32_CHIPID_L4) {
275 uint32_t x = read_flash_cr(sl);
276 x &=~ STM32L4_FLASH_CR_OPBITS;
277 x |= (1 << STM32L4_FLASH_CR_PG);
278 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
280 const uint32_t n = 1 << FLASH_CR_PG;
281 stlink_write_debug32(sl, FLASH_CR, n);
285 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
286 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
287 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
288 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
289 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
290 stlink_write_debug32(sl, FLASH_F4_CR, n);
292 stlink_write_debug32(sl, FLASH_CR, n);
295 static void set_flash_cr_per(stlink_t *sl) {
296 const uint32_t n = 1 << FLASH_CR_PER;
297 stlink_write_debug32(sl, FLASH_CR, n);
300 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
301 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
302 stlink_write_debug32(sl, FLASH_CR, n);
305 static void set_flash_cr_mer(stlink_t *sl) {
307 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
308 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
309 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
310 stlink_read_debug32(sl, FLASH_F4_CR, &val);
311 val |= 1 << FLASH_CR_MER;
312 stlink_write_debug32(sl, FLASH_F4_CR, val);
313 } else if (sl->chip_id == STM32_CHIPID_L4) {
314 stlink_read_debug32(sl, STM32L4_FLASH_CR, &val);
315 val &=~ STM32L4_FLASH_CR_OPBITS;
316 val |= (1lu << STM32L4_FLASH_CR_MER1) | (1lu << STM32L4_FLASH_CR_MER2);
317 stlink_write_debug32(sl, STM32L4_FLASH_CR, val);
319 stlink_read_debug32(sl, FLASH_CR, &val);
320 val |= 1 << FLASH_CR_MER;
321 stlink_write_debug32(sl, FLASH_CR, val);
325 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
327 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
328 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
329 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
330 stlink_read_debug32(sl, FLASH_F4_CR, &val);
331 val &= ~(1 << FLASH_CR_MER);
332 stlink_write_debug32(sl, FLASH_F4_CR, val);
334 stlink_read_debug32(sl, FLASH_CR, &val);
335 val &= ~(1 << FLASH_CR_MER);
336 stlink_write_debug32(sl, FLASH_CR, val);
340 static void set_flash_cr_strt(stlink_t *sl) {
342 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
343 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
344 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
345 val = read_flash_cr(sl);
346 val |= (1 << FLASH_F4_CR_STRT);
347 stlink_write_debug32(sl, FLASH_F4_CR, val);
348 } else if (sl->chip_id == STM32_CHIPID_L4) {
349 val = read_flash_cr(sl);
350 val |= (1lu << STM32L4_FLASH_CR_STRT);
351 stlink_write_debug32(sl, STM32L4_FLASH_CR, val);
353 stlink_read_debug32(sl, FLASH_CR, &val);
354 val |= 1 << FLASH_CR_STRT;
355 stlink_write_debug32(sl, FLASH_CR, val);
359 static inline uint32_t read_flash_acr(stlink_t *sl) {
361 stlink_read_debug32(sl, FLASH_ACR, &acr);
365 static inline uint32_t read_flash_sr(stlink_t *sl) {
367 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
368 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
369 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
370 stlink_read_debug32(sl, FLASH_F4_SR, &res);
371 else if (sl->chip_id == STM32_CHIPID_L4)
372 stlink_read_debug32(sl, STM32L4_FLASH_SR, &res);
374 stlink_read_debug32(sl, FLASH_SR, &res);
375 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
379 static inline unsigned int is_flash_busy(stlink_t *sl) {
380 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
381 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
382 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_F4_DSI))
383 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
384 else if (sl->chip_id == STM32_CHIPID_L4)
385 return read_flash_sr(sl) & (1 << STM32L4_FLASH_SR_BSY);
387 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
390 static void wait_flash_busy(stlink_t *sl) {
391 /* todo: add some delays here */
392 while (is_flash_busy(sl))
396 static void wait_flash_busy_progress(stlink_t *sl) {
398 fprintf(stdout, "Mass erasing");
400 while (is_flash_busy(sl)) {
404 fprintf(stdout, ".");
408 fprintf(stdout, "\n");
411 static inline unsigned int is_flash_eop(stlink_t *sl) {
412 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
415 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
416 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
417 stlink_write_debug32(sl, FLASH_SR, n);
420 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
421 /* todo: add some delays here */
422 while (is_flash_eop(sl) == 0)
426 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
427 stlink_write_debug32(sl, FLASH_AR, n);
430 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
431 uint32_t x = read_flash_cr(sl);
435 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
437 stlink_write_debug32(sl, FLASH_F4_CR, x);
441 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
442 uint32_t x = read_flash_cr(sl);
443 x &= ~FLASH_F4_CR_SNB_MASK;
444 x |= (n << FLASH_F4_CR_SNB);
445 x |= (1 << FLASH_F4_CR_SER);
447 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
449 stlink_write_debug32(sl, FLASH_F4_CR, x);
452 static inline void write_flash_cr_bker_pnb(stlink_t *sl, uint32_t n) {
453 stlink_write_debug32(sl, STM32L4_FLASH_SR, 0xFFFFFFFF & ~(1<<STM32L4_FLASH_SR_BSY));
454 uint32_t x = read_flash_cr(sl);
455 x &=~ STM32L4_FLASH_CR_OPBITS;
456 x &=~ STM32L4_FLASH_CR_PAGEMASK;
457 x &= ~(1<<STM32L4_FLASH_CR_MER1);
458 x &= ~(1<<STM32L4_FLASH_CR_MER2);
459 x |= (n << STM32L4_FLASH_CR_PNB);
460 x |= (1lu << STM32L4_FLASH_CR_PER);
462 fprintf(stdout, "BKER:PNB:0x%x 0x%x\n", x, n);
464 stlink_write_debug32(sl, STM32L4_FLASH_CR, x);
467 // Delegates to the backends...
469 void stlink_close(stlink_t *sl) {
470 DLOG("*** stlink_close ***\n");
471 sl->backend->close(sl);
475 int stlink_exit_debug_mode(stlink_t *sl) {
478 DLOG("*** stlink_exit_debug_mode ***\n");
479 ret = stlink_write_debug32(sl, DHCSR, DBGKEY);
483 return sl->backend->exit_debug_mode(sl);
486 int stlink_enter_swd_mode(stlink_t *sl) {
487 DLOG("*** stlink_enter_swd_mode ***\n");
488 return sl->backend->enter_swd_mode(sl);
491 // Force the core into the debug mode -> halted state.
492 int stlink_force_debug(stlink_t *sl) {
493 DLOG("*** stlink_force_debug_mode ***\n");
494 return sl->backend->force_debug(sl);
497 int stlink_exit_dfu_mode(stlink_t *sl) {
498 DLOG("*** stlink_exit_dfu_mode ***\n");
499 return sl->backend->exit_dfu_mode(sl);
502 int stlink_core_id(stlink_t *sl) {
505 DLOG("*** stlink_core_id ***\n");
506 ret = sl->backend->core_id(sl);
508 ELOG("Failed to read core_id\n");
512 stlink_print_data(sl);
513 DLOG("core_id = 0x%08x\n", sl->core_id);
517 int stlink_chip_id(stlink_t *sl, uint32_t *chip_id) {
520 ret = stlink_read_debug32(sl, 0xE0042000, chip_id);
525 ret = stlink_read_debug32(sl, 0x40015800, chip_id); //Try Corex M0 DBGMCU_IDCODE register address
531 * Cortex m3 tech ref manual, CPUID register description
532 * @param sl stlink context
533 * @param cpuid pointer to the result object
535 int stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
538 if (stlink_read_debug32(sl, CM3_REG_CPUID, &raw))
541 cpuid->implementer_id = (raw >> 24) & 0x7f;
542 cpuid->variant = (raw >> 20) & 0xf;
543 cpuid->part = (raw >> 4) & 0xfff;
544 cpuid->revision = raw & 0xf;
549 * reads and decodes the flash parameters, as dynamically as possible
551 * @return 0 for success, or -1 for unsupported core type.
553 int stlink_load_device_params(stlink_t *sl) {
554 ILOG("Loading device parameters....\n");
555 const chip_params_t *params = NULL;
560 stlink_chip_id(sl, &chip_id);
561 sl->chip_id = chip_id & 0xfff;
562 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
563 if (sl->chip_id == 0x411) {
565 stlink_read_debug32(sl, 0xE000ED00, &cpuid);
566 if ((cpuid & 0xfff0) == 0xc240)
570 for (size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
571 if(devices[i].chip_id == sl->chip_id) {
572 params = &devices[i];
576 if (params == NULL) {
577 WLOG("unknown chip id! %#x\n", chip_id);
581 // These are fixed...
582 sl->flash_base = STM32_FLASH_BASE;
583 sl->sram_base = STM32_SRAM_BASE;
584 stlink_read_debug32(sl,(params->flash_size_reg) & ~3, &flash_size);
585 if (params->flash_size_reg & 2)
586 flash_size = flash_size >>16;
587 flash_size = flash_size & 0xffff;
589 if ((sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) && ( flash_size == 0 )) {
590 sl->flash_size = 128 * 1024;
591 } else if (sl->chip_id == STM32_CHIPID_L1_CAT2) {
592 sl->flash_size = (flash_size & 0xff) * 1024;
593 } else if ((sl->chip_id & 0xFFF) == STM32_CHIPID_L1_HIGH) {
594 // 0 is 384k and 1 is 256k
595 if ( flash_size == 0 ) {
596 sl->flash_size = 384 * 1024;
598 sl->flash_size = 256 * 1024;
601 sl->flash_size = flash_size * 1024;
603 sl->flash_pgsz = params->flash_pagesize;
604 sl->sram_size = params->sram_size;
605 sl->sys_base = params->bootrom_base;
606 sl->sys_size = params->bootrom_size;
608 //medium and low devices have the same chipid. ram size depends on flash size.
609 //STM32F100xx datasheet Doc ID 16455 Table 2
610 if(sl->chip_id == STM32_CHIPID_F1_VL_MEDIUM_LOW && sl->flash_size < 64 * 1024){
611 sl->sram_size = 0x1000;
614 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
615 // TODO make note of variable page size here.....
616 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
617 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
622 int stlink_reset(stlink_t *sl) {
623 DLOG("*** stlink_reset ***\n");
624 return sl->backend->reset(sl);
627 int stlink_jtag_reset(stlink_t *sl, int value) {
628 DLOG("*** stlink_jtag_reset ***\n");
629 return sl->backend->jtag_reset(sl, value);
632 int stlink_run(stlink_t *sl) {
633 DLOG("*** stlink_run ***\n");
634 return sl->backend->run(sl);
637 int stlink_status(stlink_t *sl) {
640 DLOG("*** stlink_status ***\n");
641 ret = sl->backend->status(sl);
642 stlink_core_stat(sl);
648 * Decode the version bits, originally from -sg, verified with usb
649 * @param sl stlink context, assumed to contain valid data in the buffer
650 * @param slv output parsed version object
652 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
653 uint32_t b0 = sl->q_buf[0]; //lsb
654 uint32_t b1 = sl->q_buf[1];
655 uint32_t b2 = sl->q_buf[2];
656 uint32_t b3 = sl->q_buf[3];
657 uint32_t b4 = sl->q_buf[4];
658 uint32_t b5 = sl->q_buf[5]; //msb
660 // b0 b1 || b2 b3 | b4 b5
661 // 4b | 6b | 6b || 2B | 2B
662 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
664 slv->stlink_v = (b0 & 0xf0) >> 4;
665 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
666 slv->swim_v = b1 & 0x3f;
667 slv->st_vid = (b3 << 8) | b2;
668 slv->stlink_pid = (b5 << 8) | b4;
672 int stlink_version(stlink_t *sl) {
673 DLOG("*** looking up stlink version\n");
674 if (sl->backend->version(sl))
677 _parse_version(sl, &sl->version);
679 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
680 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
681 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
682 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
683 DLOG("swim version = 0x%x\n", sl->version.swim_v);
684 if (sl->version.jtag_v == 0) {
685 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
687 if (sl->version.swim_v == 0) {
688 DLOG(" notice: the firmware doesn't support a swim interface\n");
694 int stlink_target_voltage(stlink_t *sl) {
696 DLOG("*** reading target voltage\n");
697 if (sl->backend->target_voltage != NULL) {
698 voltage = sl->backend->target_voltage(sl);
700 DLOG("target voltage = %ldmV\n", voltage);
702 DLOG("error reading target voltage\n");
705 DLOG("reading voltage not supported by backend\n");
710 int stlink_read_debug32(stlink_t *sl, uint32_t addr, uint32_t *data) {
713 ret = sl->backend->read_debug32(sl, addr, data);
715 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
720 int stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
721 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
722 return sl->backend->write_debug32(sl, addr, data);
725 int stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
726 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
728 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
731 return sl->backend->write_mem32(sl, addr, len);
734 int stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
735 DLOG("*** stlink_read_mem32 ***\n");
736 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
737 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
741 return sl->backend->read_mem32(sl, addr, len);
744 int stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
745 DLOG("*** stlink_write_mem8 ***\n");
746 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
747 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
751 return sl->backend->write_mem8(sl, addr, len);
754 int stlink_read_all_regs(stlink_t *sl, reg *regp) {
755 DLOG("*** stlink_read_all_regs ***\n");
756 return sl->backend->read_all_regs(sl, regp);
759 int stlink_read_all_unsupported_regs(stlink_t *sl, reg *regp) {
760 DLOG("*** stlink_read_all_unsupported_regs ***\n");
761 return sl->backend->read_all_unsupported_regs(sl, regp);
764 int stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
765 DLOG("*** stlink_write_reg\n");
766 return sl->backend->write_reg(sl, reg, idx);
769 int stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
770 DLOG("*** stlink_read_reg\n");
771 DLOG(" (%d) ***\n", r_idx);
773 if (r_idx > 20 || r_idx < 0) {
774 fprintf(stderr, "Error: register index must be in [0..20]\n");
778 return sl->backend->read_reg(sl, r_idx, regp);
781 int stlink_read_unsupported_reg(stlink_t *sl, int r_idx, reg *regp) {
784 DLOG("*** stlink_read_unsupported_reg\n");
785 DLOG(" (%d) ***\n", r_idx);
787 /* Convert to values used by DCRSR */
788 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
790 } else if (r_idx == 0x40) { /* FPSCR */
792 } else if (r_idx >= 0x20 && r_idx < 0x40) {
793 r_convert = 0x40 + (r_idx - 0x20);
795 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
799 return sl->backend->read_unsupported_reg(sl, r_convert, regp);
802 int stlink_write_unsupported_reg(stlink_t *sl, uint32_t val, int r_idx, reg *regp) {
805 DLOG("*** stlink_write_unsupported_reg\n");
806 DLOG(" (%d) ***\n", r_idx);
808 /* Convert to values used by DCRSR */
809 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
810 r_convert = r_idx; /* The backend function handles this */
811 } else if (r_idx == 0x40) { /* FPSCR */
813 } else if (r_idx >= 0x20 && r_idx < 0x40) {
814 r_convert = 0x40 + (r_idx - 0x20);
816 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
820 return sl->backend->write_unsupported_reg(sl, val, r_convert, regp);
823 unsigned int is_core_halted(stlink_t *sl) {
824 /* return non zero if core is halted */
826 return sl->q_buf[0] == STLINK_CORE_HALTED;
829 int stlink_step(stlink_t *sl) {
830 DLOG("*** stlink_step ***\n");
831 return sl->backend->step(sl);
834 int stlink_current_mode(stlink_t *sl) {
835 int mode = sl->backend->current_mode(sl);
837 case STLINK_DEV_DFU_MODE:
838 DLOG("stlink current mode: dfu\n");
840 case STLINK_DEV_DEBUG_MODE:
841 DLOG("stlink current mode: debug (jtag or swd)\n");
843 case STLINK_DEV_MASS_MODE:
844 DLOG("stlink current mode: mass\n");
847 DLOG("stlink mode: unknown!\n");
848 return STLINK_DEV_UNKNOWN_MODE;
854 // End of delegates.... Common code below here...
857 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
859 // #define is_bigendian() ( (*(char*)&i) == 0 )
861 inline unsigned int is_bigendian(void) {
862 static volatile const unsigned int i = 1;
863 return *(volatile const char*) &i == 0;
866 uint16_t read_uint16(const unsigned char *c, const int pt) {
868 char *p = (char *) &ui;
870 if (!is_bigendian()) { // le -> le (don't swap)
880 // same as above with entrypoint.
882 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
883 stlink_write_reg(sl, addr, 15); /* pc register */
887 while (is_core_halted(sl) == 0)
891 void stlink_core_stat(stlink_t *sl) {
895 switch (sl->q_buf[0]) {
896 case STLINK_CORE_RUNNING:
897 sl->core_stat = STLINK_CORE_RUNNING;
898 DLOG(" core status: running\n");
900 case STLINK_CORE_HALTED:
901 sl->core_stat = STLINK_CORE_HALTED;
902 DLOG(" core status: halted\n");
905 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
906 fprintf(stderr, " core status: unknown\n");
910 void stlink_print_data(stlink_t * sl) {
911 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
914 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
916 for (int i = 0; i < sl->q_len; i++) {
919 if (sl->q_data_dir == Q_DATA_OUT)
920 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
922 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
925 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
927 fputs("\n\n", stdout);
930 /* memory mapped file */
932 typedef struct mapped_file {
937 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
939 static int map_file(mapped_file_t* mf, const char* path) {
943 const int fd = open(path, O_RDONLY | O_BINARY);
945 fprintf(stderr, "open(%s) == -1\n", path);
949 if (fstat(fd, &st) == -1) {
950 fprintf(stderr, "fstat() == -1\n");
954 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
955 if (mf->base == MAP_FAILED) {
956 fprintf(stderr, "mmap() == MAP_FAILED\n");
960 mf->len = st.st_size;
971 static void unmap_file(mapped_file_t * mf) {
972 munmap((void*) mf->base, mf->len);
973 mf->base = (unsigned char*) MAP_FAILED;
977 /* Limit the block size to compare to 0x1800
978 Anything larger will stall the STLINK2
979 Maybe STLINK V1 needs smaller value!*/
980 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
982 size_t n_cmp = sl->flash_pgsz;
986 for (off = 0; off < mf->len; off += n_cmp) {
989 /* adjust last page size */
990 size_t cmp_size = n_cmp;
991 if ((off + n_cmp) > mf->len)
992 cmp_size = mf->len - off;
994 aligned_size = cmp_size;
995 if (aligned_size & (4 - 1))
996 aligned_size = (cmp_size + 4) & ~(4 - 1);
998 stlink_read_mem32(sl, addr + off, aligned_size);
1000 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
1007 int stlink_fwrite_sram
1008 (stlink_t * sl, const char* path, stm32_addr_t addr) {
1009 /* write the file in sram at addr */
1014 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1018 if (map_file(&mf, path) == -1) {
1019 fprintf(stderr, "map_file() == -1\n");
1023 /* check addr range is inside the sram */
1024 if (addr < sl->sram_base) {
1025 fprintf(stderr, "addr too low\n");
1027 } else if ((addr + mf.len) < addr) {
1028 fprintf(stderr, "addr overruns\n");
1030 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
1031 fprintf(stderr, "addr too high\n");
1033 } else if (addr & 3) {
1035 fprintf(stderr, "unaligned addr\n");
1045 /* do the copy by 1k blocks */
1046 for (off = 0; off < len; off += 1024) {
1048 if ((off + size) > len)
1051 memcpy(sl->q_buf, mf.base + off, size);
1053 /* round size if needed */
1057 stlink_write_mem32(sl, addr + off, size);
1061 memcpy(sl->q_buf, mf.base + len, mf.len - len);
1062 stlink_write_mem8(sl, addr + len, mf.len - len);
1065 /* check the file ha been written */
1066 if (check_file(sl, &mf, addr) == -1) {
1067 fprintf(stderr, "check_file() == -1\n");
1074 stlink_read_debug32(sl, addr, &val);
1075 stlink_write_reg(sl, val, 13);
1076 /* Set PC to the reset routine*/
1077 stlink_read_debug32(sl, addr + 4, &val);
1078 stlink_write_reg(sl, val, 15);
1086 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
1087 /* read size bytes from addr to file */
1092 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
1094 fprintf(stderr, "open(%s) == -1\n", path);
1099 size = sl->flash_size;
1101 if (size > sl->flash_size)
1102 size = sl->flash_size;
1104 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1105 for (off = 0; off < size; off += cmp_size) {
1106 size_t aligned_size;
1108 /* adjust last page size */
1109 if ((off + cmp_size) > size)
1110 cmp_size = size - off;
1112 aligned_size = cmp_size;
1113 if (aligned_size & (4 - 1))
1114 aligned_size = (cmp_size + 4) & ~(4 - 1);
1116 stlink_read_mem32(sl, addr + off, aligned_size);
1118 if (write(fd, sl->q_buf, sl->q_len) != (ssize_t) aligned_size) {
1119 fprintf(stderr, "write() != aligned_size\n");
1133 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
1134 /* write the buffer right after the loader */
1135 size_t chunk = size & ~0x3;
1136 size_t rem = size & 0x3;
1138 memcpy(sl->q_buf, buf, chunk);
1139 stlink_write_mem32(sl, fl->buf_addr, chunk);
1142 memcpy(sl->q_buf, buf+chunk, rem);
1143 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
1148 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
1149 uint32_t offset = 0;
1150 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1151 if (flashaddr >= 0x100000) {
1153 flashaddr -= 0x100000;
1155 if (flashaddr<0x4000) return (offset + 0);
1156 else if(flashaddr<0x8000) return(offset + 1);
1157 else if(flashaddr<0xc000) return(offset + 2);
1158 else if(flashaddr<0x10000) return(offset + 3);
1159 else if(flashaddr<0x20000) return(offset + 4);
1160 else return offset + (flashaddr/0x20000) +4;
1164 uint32_t calculate_F7_sectornum(uint32_t flashaddr){
1165 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1166 if(flashaddr<0x20000) return(flashaddr/0x8000);
1167 else if(flashaddr<0x40000) return(4);
1168 else return(flashaddr/0x40000) +4;
1172 // Returns BKER:PNB for the given page address
1173 uint32_t calculate_L4_page(stlink_t *sl, uint32_t flashaddr) {
1176 stlink_read_debug32(sl, STM32L4_FLASH_OPTR, &flashopt);
1177 flashaddr -= STM32_FLASH_BASE;
1178 if (flashopt & (1lu << STM32L4_FLASH_OPTR_DUALBANK)) {
1179 uint32_t banksize = sl->flash_size / 2;
1180 if (flashaddr > banksize) {
1181 flashaddr -= banksize;
1185 // For 1MB chips without the dual-bank option set, the page address will
1186 // overflow into the BKER bit, which gives us the correct bank:page value.
1187 return bker | flashaddr/sl->flash_pgsz;
1190 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
1191 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1192 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
1193 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1194 uint32_t sector=calculate_F4_sectornum(flashaddr);
1198 if (sector<4) sl->flash_pgsz=0x4000;
1199 else if(sector<5) sl->flash_pgsz=0x10000;
1200 else sl->flash_pgsz=0x20000;
1202 else if (sl->chip_id == STM32_CHIPID_F7) {
1203 uint32_t sector=calculate_F7_sectornum(flashaddr);
1204 if (sector<4) sl->flash_pgsz=0x8000;
1205 else if(sector<5) sl->flash_pgsz=0x20000;
1206 else sl->flash_pgsz=0x40000;
1208 return (sl->flash_pgsz);
1212 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
1213 * @param sl stlink context
1214 * @param flashaddr an address in the flash page to erase
1215 * @return 0 on success -ve on failure
1217 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
1219 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1220 (sl->chip_id == STM32_CHIPID_F4_LP) || (sl->chip_id == STM32_CHIPID_F4_HD) || (sl->chip_id == STM32_CHIPID_F411RE) ||
1221 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4)|| (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1222 /* wait for ongoing op to finish */
1223 wait_flash_busy(sl);
1225 /* unlock if locked */
1226 unlock_flash_if(sl);
1228 /* select the page to erase */
1229 if (sl->chip_id == STM32_CHIPID_L4) {
1230 // calculate the actual bank+page from the address
1231 uint32_t page = calculate_L4_page(sl, flashaddr);
1233 write_flash_cr_bker_pnb(sl, page);
1234 } else if (sl->chip_id == STM32_CHIPID_F7) {
1235 // calculate the actual page from the address
1236 uint32_t sector=calculate_F7_sectornum(flashaddr);
1238 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1240 write_flash_cr_snb(sl, sector);
1242 // calculate the actual page from the address
1243 uint32_t sector=calculate_F4_sectornum(flashaddr);
1245 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1247 //the SNB values for flash sectors in the second bank do not directly follow the values for the first bank on 2mb devices...
1248 if (sector >= 12) sector += 4;
1250 write_flash_cr_snb(sl, sector);
1253 /* start erase operation */
1254 set_flash_cr_strt(sl);
1256 /* wait for completion */
1257 wait_flash_busy(sl);
1259 /* relock the flash */
1260 //todo: fails to program if this is in
1263 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
1265 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1266 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1267 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1270 uint32_t flash_regs_base;
1271 if (sl->chip_id == STM32_CHIPID_L0) {
1272 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1274 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1277 /* check if the locks are set */
1278 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1279 if((val & (1<<0))||(val & (1<<1))) {
1280 /* disable pecr protection */
1281 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1282 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1284 /* check pecr.pelock is cleared */
1285 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1286 if (val & (1 << 0)) {
1287 WLOG("pecr.pelock not clear (%#x)\n", val);
1291 /* unlock program memory */
1292 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1293 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1295 /* check pecr.prglock is cleared */
1296 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1297 if (val & (1 << 1)) {
1298 WLOG("pecr.prglock not clear (%#x)\n", val);
1303 /* set pecr.{erase,prog} */
1304 val |= (1 << 9) | (1 << 3);
1305 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1306 #if 0 /* fix_to_be_confirmed */
1308 /* wait for sr.busy to be cleared
1309 * MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1310 * wrong and we do not need to wait here for clearing the busy bit.
1311 * TEXANE: ok, if experience says so and it works for you, we comment
1312 * it. If someone has a problem, please drop an email.
1315 stlink_read_debug32(sl, STM32L_FLASH_SR, &val)
1316 } while((val & (1 << 0)) != 0);
1318 #endif /* fix_to_be_confirmed */
1320 /* write 0 to the first word of the page to be erased */
1321 stlink_write_debug32(sl, flashaddr, 0);
1323 /* MP: It is better to wait for clearing the busy bit after issuing
1324 page erase command, even though PM0062 recommends to wait before it.
1325 Test shows that a few iterations is performed in the following loop
1326 before busy bit is cleared.*/
1328 stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF, &val);
1329 } while ((val & (1 << 0)) != 0);
1331 /* reset lock bits */
1332 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1333 val |= (1 << 0) | (1 << 1) | (1 << 2);
1334 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1335 } else if (sl->core_id == STM32VL_CORE_ID
1336 || sl->core_id == STM32F0_CORE_ID
1337 || sl->chip_id == STM32_CHIPID_F3
1338 || sl->chip_id == STM32_CHIPID_F3_SMALL
1339 || sl->chip_id == STM32_CHIPID_F303_HIGH
1340 || sl->chip_id == STM32_CHIPID_F37x
1341 || sl->chip_id == STM32_CHIPID_F334) {
1342 /* wait for ongoing op to finish */
1343 wait_flash_busy(sl);
1345 /* unlock if locked */
1346 unlock_flash_if(sl);
1348 /* set the page erase bit */
1349 set_flash_cr_per(sl);
1351 /* select the page to erase */
1352 write_flash_ar(sl, flashaddr);
1354 /* start erase operation, reset by hw with bsy bit */
1355 set_flash_cr_strt(sl);
1357 /* wait for completion */
1358 wait_flash_busy(sl);
1360 /* relock the flash */
1363 WLOG("unknown coreid %x, page erase failed\n", sl->core_id);
1367 /* todo: verify the erased page */
1372 int stlink_erase_flash_mass(stlink_t *sl) {
1373 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1374 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1375 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1376 /* erase each page */
1377 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1378 for (i = 0; i < num_pages; i++) {
1379 /* addr must be an addr inside the page */
1380 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1381 if (stlink_erase_flash_page(sl, addr) == -1) {
1382 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1385 fprintf(stdout,"\rFlash page at %5d/%5d erased", i, num_pages);
1388 fprintf(stdout, "\n");
1390 /* wait for ongoing op to finish */
1391 wait_flash_busy(sl);
1393 /* unlock if locked */
1394 unlock_flash_if(sl);
1396 /* set the mass erase bit */
1397 set_flash_cr_mer(sl);
1399 /* start erase operation, reset by hw with bsy bit */
1400 set_flash_cr_strt(sl);
1402 /* wait for completion */
1403 wait_flash_busy_progress(sl);
1405 /* relock the flash */
1408 /* todo: verify the erased memory */
1413 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1416 /* allocate the loader in sram */
1417 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1418 WLOG("Failed to write flash loader to sram!\n");
1422 /* allocate a one page buffer in sram right after loader */
1423 fl->buf_addr = fl->loader_addr + size;
1424 ILOG("Successfully loaded flash loader in sram\n");
1428 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1429 /* from openocd, contrib/loaders/flash/stm32.s */
1430 static const uint8_t loader_code_stm32vl[] = {
1431 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1432 0x1c, 0x44, /* add r4, r3 */
1433 /* write_half_word: */
1434 0x01, 0x23, /* movs r3, #0x01 */
1435 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1436 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1437 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1439 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1440 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1441 0xfb, 0xd0, /* beq busy */
1442 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1443 0x01, 0xd1, /* bne exit */
1444 0x01, 0x3a, /* subs r2, r2, #0x01 */
1445 0xf0, 0xd1, /* bne write_half_word */
1447 0x00, 0xbe, /* bkpt #0x00 */
1448 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1451 /* flashloaders/stm32f0.s -- thumb1 only, same sequence as for STM32VL, bank ignored */
1452 static const uint8_t loader_code_stm32f0[] = {
1455 * These two NOPs here are a safety precaution, added by Pekka Nikander
1456 * while debugging the STM32F05x support. They may not be needed, but
1457 * there were strange problems with simpler programs, like a program
1458 * that had just a breakpoint or a program that first moved zero to register r2
1459 * and then had a breakpoint. So, it appears safest to have these two nops.
1461 * Feel free to remove them, if you dare, but then please do test the result
1462 * rigorously. Also, if you remove these, it may be a good idea first to
1463 * #if 0 them out, with a comment when these were taken out, and to remove
1464 * these only a few months later... But YMMV.
1466 0x00, 0x30, // nop /* add r0,#0 */
1467 0x00, 0x30, // nop /* add r0,#0 */
1469 0x0A, 0x4C, // ldr r4, STM32_FLASH_BASE
1470 0x01, 0x25, // mov r5, #1 /* FLASH_CR_PG, FLASH_SR_BUSY */
1471 0x04, 0x26, // mov r6, #4 /* PGERR */
1473 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1474 0x2B, 0x43, // orr r3, r5
1475 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR |= FLASH_CR_PG */
1476 0x03, 0x88, // ldrh r3, [r0] /* r3 = *sram */
1477 0x0B, 0x80, // strh r3, [r1] /* *flash = r3 */
1479 0xE3, 0x68, // ldr r3, [r4, #12] /* FLASH->SR */
1480 0x2B, 0x42, // tst r3, r5 /* FLASH_SR_BUSY */
1481 0xFC, 0xD0, // beq busy
1483 0x33, 0x42, // tst r3, r6 /* PGERR */
1484 0x04, 0xD1, // bne exit
1486 0x02, 0x30, // add r0, r0, #2 /* sram += 2 */
1487 0x02, 0x31, // add r1, r1, #2 /* flash += 2 */
1488 0x01, 0x3A, // sub r2, r2, #0x01 /* count-- */
1489 0x00, 0x2A, // cmp r2, #0
1490 0xF0, 0xD1, // bne write_half_word
1492 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1493 0xAB, 0x43, // bic r3, r5
1494 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR &= ~FLASH_CR_PG */
1495 0x00, 0xBE, // bkpt #0x00
1496 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1499 static const uint8_t loader_code_stm32l[] = {
1501 /* openocd.git/contrib/loaders/flash/stm32lx.S
1502 r0, input, dest addr
1503 r1, input, source addr
1504 r2, input, word count
1505 r3, output, word count
1511 0x51, 0xf8, 0x04, 0xcb,
1512 0x40, 0xf8, 0x04, 0xcb,
1520 static const uint8_t loader_code_stm32l0[] = {
1523 r0, input, dest addr
1524 r1, input, source addr
1525 r2, input, word count
1526 r3, output, word count
1543 static const uint8_t loader_code_stm32f4[] = {
1544 // flashloaders/stm32f4.s
1553 0x14, 0xf0, 0x01, 0x0f,
1555 0x00, 0xf1, 0x04, 0x00,
1556 0x01, 0xf1, 0x04, 0x01,
1557 0xa2, 0xf1, 0x01, 0x02,
1562 0x00, 0x3c, 0x02, 0x40,
1565 static const uint8_t loader_code_stm32f4_lv[] = {
1566 // flashloaders/stm32f4lv.s
1575 0x14, 0xf0, 0x01, 0x0f,
1577 0x00, 0xf1, 0x01, 0x00,
1578 0x01, 0xf1, 0x01, 0x01,
1579 0xa2, 0xf1, 0x01, 0x02,
1585 0x00, 0x3c, 0x02, 0x40,
1588 static const uint8_t loader_code_stm32l4[] = {
1589 // flashloaders/stm32l4.s
1590 0x08, 0x4b, // start: ldr r3, [pc, #32] ; <flash_base>
1591 0x72, 0xb1, // next: cbz r2, <done>
1592 0x04, 0x68, // ldr r4, [r0, #0]
1593 0x45, 0x68, // ldr r5, [r0, #4]
1594 0x0c, 0x60, // str r4, [r1, #0]
1595 0x4d, 0x60, // str r5, [r1, #4]
1596 0x5c, 0x8a, // wait: ldrh r4, [r3, #18]
1597 0x14, 0xf0, 0x01, 0x0f, // tst.w r4, #1
1598 0xfb, 0xd1, // bne.n <wait>
1599 0x00, 0xf1, 0x08, 0x00, // add.w r0, r0, #8
1600 0x01, 0xf1, 0x08, 0x01, // add.w r1, r1, #8
1601 0xa2, 0xf1, 0x02, 0x02, // add.w r2, r2, #2
1602 0xef, 0xe7, // b.n <next>
1603 0x00, 0xbe, // done: bkpt 0x0000
1604 0x00, 0x20, 0x02, 0x40 // flash_base: .word 0x40022000
1607 static const uint8_t loader_code_stm32f7[] = {
1612 0xbf, 0xf3, 0x4f, 0x8f, // DSB Memory barrier for in order flash write
1614 0x14, 0xf0, 0x01, 0x0f,
1616 0x00, 0xf1, 0x04, 0x00,
1617 0x01, 0xf1, 0x04, 0x01,
1618 0xa2, 0xf1, 0x01, 0x02,
1620 0x00, 0xbe, // bkpt #0x00
1621 0x00, 0x3c, 0x02, 0x40,
1624 const uint8_t* loader_code;
1627 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1628 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1629 || sl->chip_id == STM32_CHIPID_L152_RE) { /* stm32l */
1630 loader_code = loader_code_stm32l;
1631 loader_size = sizeof(loader_code_stm32l);
1632 } else if (sl->core_id == STM32VL_CORE_ID
1633 || sl->chip_id == STM32_CHIPID_F3
1634 || sl->chip_id == STM32_CHIPID_F3_SMALL
1635 || sl->chip_id == STM32_CHIPID_F303_HIGH
1636 || sl->chip_id == STM32_CHIPID_F37x
1637 || sl->chip_id == STM32_CHIPID_F334) {
1638 loader_code = loader_code_stm32vl;
1639 loader_size = sizeof(loader_code_stm32vl);
1640 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
1641 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
1642 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F4_DSI)){
1643 int voltage = stlink_target_voltage(sl);
1644 if (voltage == -1) {
1645 printf("Failed to read Target voltage\n");
1647 } else if (voltage > 2700) {
1648 loader_code = loader_code_stm32f4;
1649 loader_size = sizeof(loader_code_stm32f4);
1651 loader_code = loader_code_stm32f4_lv;
1652 loader_size = sizeof(loader_code_stm32f4_lv);
1654 } else if (sl->chip_id == STM32_CHIPID_F7){
1655 loader_code = loader_code_stm32f7;
1656 loader_size = sizeof(loader_code_stm32f7);
1657 } else if (sl->chip_id == STM32_CHIPID_F0 || sl->chip_id == STM32_CHIPID_F04 || sl->chip_id == STM32_CHIPID_F0_CAN || sl->chip_id == STM32_CHIPID_F0_SMALL || sl->chip_id == STM32_CHIPID_F09X) {
1658 loader_code = loader_code_stm32f0;
1659 loader_size = sizeof(loader_code_stm32f0);
1660 } else if (sl->chip_id == STM32_CHIPID_L0) {
1661 loader_code = loader_code_stm32l0;
1662 loader_size = sizeof(loader_code_stm32l0);
1663 } else if (sl->chip_id == STM32_CHIPID_L4) {
1664 loader_code = loader_code_stm32l4;
1665 loader_size = sizeof(loader_code_stm32l4);
1667 ELOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1671 memcpy(sl->q_buf, loader_code, loader_size);
1672 stlink_write_mem32(sl, sl->sram_base, loader_size);
1674 *addr = sl->sram_base;
1675 *size = loader_size;
1681 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1682 /* check the contents of path are at addr */
1685 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1687 if (map_file(&mf, path) == -1)
1690 res = check_file(sl, &mf, addr);
1698 * Verify addr..addr+len is binary identical to base...base+len
1699 * @param sl stlink context
1700 * @param address stm device address
1701 * @param data host side buffer to check against
1702 * @param length how much
1703 * @return 0 for success, -ve for failure
1705 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1707 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1708 ILOG("Starting verification of write complete\n");
1709 for (off = 0; off < length; off += cmp_size) {
1710 size_t aligned_size;
1712 /* adjust last page size */
1713 if ((off + cmp_size) > length)
1714 cmp_size = length - off;
1716 aligned_size = cmp_size;
1717 if (aligned_size & (4 - 1))
1718 aligned_size = (cmp_size + 4) & ~(4 - 1);
1720 stlink_read_mem32(sl, address + off, aligned_size);
1722 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1723 ELOG("Verification of flash failed at offset: %zd\n", off);
1727 ILOG("Flash written and verified! jolly good!\n");
1732 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len, uint32_t pagesize)
1735 unsigned int num_half_pages = len / pagesize;
1737 uint32_t flash_regs_base;
1740 if (sl->chip_id == STM32_CHIPID_L0) {
1741 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1743 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1746 ILOG("Starting Half page flash write for STM32L core id\n");
1747 /* flash loader initialization */
1748 if (init_flash_loader(sl, &fl) == -1) {
1749 WLOG("init_flash_loader() == -1\n");
1752 /* Unlock already done */
1753 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1754 val |= (1 << FLASH_L1_FPRG);
1755 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1757 val |= (1 << FLASH_L1_PROG);
1758 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1760 stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF, &val);
1761 } while ((val & (1 << 0)) != 0);
1763 for (count = 0; count < num_half_pages; count ++) {
1764 if (run_flash_loader(sl, &fl, addr + count * pagesize, base + count * pagesize, pagesize) == -1) {
1765 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * pagesize);
1766 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1767 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1768 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1771 /* wait for sr.busy to be cleared */
1772 if (sl->verbose >= 1) {
1773 /* show progress. writing procedure is slow
1774 and previous errors are misleading */
1775 fprintf(stdout, "\r%3u/%u halfpages written", count + 1, num_half_pages);
1779 stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF, &val);
1780 } while ((val & (1 << 0)) != 0);
1782 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1783 val &= ~(1 << FLASH_L1_PROG);
1784 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1785 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1786 val &= ~(1 << FLASH_L1_FPRG);
1787 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1792 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len, uint8_t eraseonly) {
1795 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1796 len, len, addr, addr);
1797 /* check addr range is inside the flash */
1798 stlink_calculate_pagesize(sl, addr);
1799 if (addr < sl->flash_base) {
1800 ELOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1802 } else if ((addr + len) < addr) {
1803 ELOG("addr overruns\n");
1805 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1806 ELOG("addr too high\n");
1808 } else if (addr & 1) {
1809 ELOG("unaligned addr 0x%x\n", addr);
1811 } else if (len & 1) {
1812 WLOG("unaligned len 0x%x -- padding with zero\n", len);
1814 } else if (addr & (sl->flash_pgsz - 1)) {
1815 ELOG("addr not a multiple of pagesize, not supported\n");
1819 // Make sure we've loaded the context with the chip details
1821 /* erase each page */
1823 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1824 /* addr must be an addr inside the page */
1825 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1826 ELOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1829 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1830 (unsigned long)addr + off);
1834 fprintf(stdout,"\n");
1835 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1836 page_count, sl->flash_pgsz, sl->flash_pgsz);
1841 if ((sl->chip_id == STM32_CHIPID_F2) ||
1842 (sl->chip_id == STM32_CHIPID_F4) ||
1843 (sl->chip_id == STM32_CHIPID_F4_DE) ||
1844 (sl->chip_id == STM32_CHIPID_F4_LP) ||
1845 (sl->chip_id == STM32_CHIPID_F4_HD) ||
1846 (sl->chip_id == STM32_CHIPID_F411RE) ||
1847 (sl->chip_id == STM32_CHIPID_F446) ||
1848 (sl->chip_id == STM32_CHIPID_F7) ||
1849 (sl->chip_id == STM32_CHIPID_L4) ||
1850 (sl->chip_id == STM32_CHIPID_F4_DSI)) {
1851 /* todo: check write operation */
1853 ILOG("Starting Flash write for F2/F4/L4\n");
1854 /* flash loader initialization */
1855 if (init_flash_loader(sl, &fl) == -1) {
1856 ELOG("init_flash_loader() == -1\n");
1860 /* First unlock the cr */
1861 unlock_flash_if(sl);
1863 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1864 if (sl->chip_id != STM32_CHIPID_L4) {
1865 /* set parallelisim to 32 bit*/
1866 int voltage = stlink_target_voltage(sl);
1867 if (voltage == -1) {
1868 printf("Failed to read Target voltage\n");
1870 } else if (voltage > 2700) {
1871 printf("enabling 32-bit flash writes\n");
1872 write_flash_cr_psiz(sl, 2);
1874 printf("Target voltage (%d mV) too low for 32-bit flash, using 8-bit flash writes\n", voltage);
1875 write_flash_cr_psiz(sl, 0);
1878 /* L4 does not have a byte-write mode */
1879 int voltage = stlink_target_voltage(sl);
1880 if (voltage == -1) {
1881 printf("Failed to read Target voltage\n");
1883 } else if (voltage < 1710) {
1884 printf("Target voltage (%d mV) too low for flash writes!\n", voltage);
1889 /* set programming mode */
1890 set_flash_cr_pg(sl);
1892 for(off = 0; off < len;) {
1893 size_t size = len - off > 0x8000 ? 0x8000 : len - off;
1895 printf("size: %zu\n", size);
1897 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1898 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1910 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
1911 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
1912 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
1913 /* use fast word write. todo: half page. */
1915 uint32_t flash_regs_base;
1918 if (sl->chip_id == STM32_CHIPID_L0) {
1919 flash_regs_base = STM32L0_FLASH_REGS_ADDR;
1920 pagesize = L0_WRITE_BLOCK_SIZE;
1922 flash_regs_base = STM32L_FLASH_REGS_ADDR;
1923 pagesize = L1_WRITE_BLOCK_SIZE;
1926 /* todo: check write operation */
1928 /* disable pecr protection */
1929 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x89abcdef);
1930 stlink_write_debug32(sl, flash_regs_base + FLASH_PEKEYR_OFF, 0x02030405);
1932 /* check pecr.pelock is cleared */
1933 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1934 if (val & (1 << 0)) {
1935 fprintf(stderr, "pecr.pelock not clear\n");
1939 /* unlock program memory */
1940 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x8c9daebf);
1941 stlink_write_debug32(sl, flash_regs_base + FLASH_PRGKEYR_OFF, 0x13141516);
1943 /* check pecr.prglock is cleared */
1944 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1945 if (val & (1 << 1)) {
1946 fprintf(stderr, "pecr.prglock not clear\n");
1950 if (len > pagesize) {
1951 if (stm32l1_write_half_pages(sl, addr, base, len, pagesize) == -1) {
1952 /* This may happen on a blank device! */
1953 WLOG("\nwrite_half_pages failed == -1\n");
1955 off = (len / pagesize)*pagesize;
1959 /* write remainingword in program memory */
1960 for ( ; off < len; off += sizeof(uint32_t)) {
1963 fprintf(stdout, "\r");
1965 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1966 fprintf(stdout, "\r%3zd/%3zd pages written",
1967 off/sl->flash_pgsz, len/sl->flash_pgsz);
1971 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1972 stlink_write_debug32(sl, addr + off, data);
1974 /* wait for sr.busy to be cleared */
1976 stlink_read_debug32(sl, flash_regs_base + FLASH_SR_OFF, &val);
1977 } while ((val & (1 << 0)) != 0);
1979 /* todo: check redo write operation */
1982 fprintf(stdout, "\n");
1983 /* reset lock bits */
1984 stlink_read_debug32(sl, flash_regs_base + FLASH_PECR_OFF, &val);
1985 val |= (1 << 0) | (1 << 1) | (1 << 2);
1986 stlink_write_debug32(sl, flash_regs_base + FLASH_PECR_OFF, val);
1987 } else if (sl->core_id == STM32VL_CORE_ID ||
1988 sl->core_id == STM32F0_CORE_ID ||
1989 sl->chip_id == STM32_CHIPID_F3 ||
1990 sl->chip_id == STM32_CHIPID_F3_SMALL ||
1991 sl->chip_id == STM32_CHIPID_F303_HIGH ||
1992 sl->chip_id == STM32_CHIPID_F334 ||
1993 sl->chip_id == STM32_CHIPID_F37x) {
1994 ILOG("Starting Flash write for VL/F0/F3 core id\n");
1995 /* flash loader initialization */
1996 if (init_flash_loader(sl, &fl) == -1) {
1997 ELOG("init_flash_loader() == -1\n");
2001 int write_block_count = 0;
2002 for (off = 0; off < len; off += sl->flash_pgsz) {
2003 /* adjust last write size */
2004 size_t size = sl->flash_pgsz;
2005 if ((off + sl->flash_pgsz) > len) size = len - off;
2007 /* unlock and set programming mode */
2008 unlock_flash_if(sl);
2009 set_flash_cr_pg(sl);
2010 //DLOG("Finished setting flash cr pg, running loader!\n");
2011 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
2012 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
2016 if (sl->verbose >= 1) {
2017 /* show progress. writing procedure is slow
2018 and previous errors are misleading */
2019 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
2023 fprintf(stdout, "\n");
2025 ELOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
2029 return stlink_verify_write_flash(sl, addr, base, len);
2033 * Write the given binary file into flash at address "addr"
2035 * @param path readable file path, should be binary image
2036 * @param addr where to start writing
2037 * @return 0 on success, -ve on failure.
2039 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
2040 /* write the file in flash at addr */
2042 unsigned int num_empty, index, val;
2043 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2044 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2045 || sl->chip_id == STM32_CHIPID_L152_RE) ? 0:0xff;
2046 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
2047 if (map_file(&mf, path) == -1) {
2048 ELOG("map_file() == -1\n");
2052 for(num_empty = 0; num_empty != mf.len; ++num_empty) {
2053 if (mf.base[--index] != erased_pattern) {
2057 /* Round down to words */
2058 num_empty -= (num_empty & 3);
2059 if(num_empty != 0) {
2060 ILOG("Ignoring %d bytes of 0x%02x at end of file\n", num_empty, erased_pattern);
2062 err = stlink_write_flash(sl, addr, mf.base, num_empty == mf.len? mf.len : mf.len - num_empty, num_empty == mf.len);
2064 stlink_read_debug32(sl, addr, &val);
2065 stlink_write_reg(sl, val, 13);
2066 /* Set PC to the reset routine*/
2067 stlink_read_debug32(sl, addr + 4, &val);
2068 stlink_write_reg(sl, val, 15);
2074 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
2078 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
2079 // FIXME This can never return -1
2080 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
2082 ELOG("write_buffer_to_sram() == -1\n");
2086 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2087 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2088 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
2090 size_t count = size / sizeof(uint32_t);
2091 if (size % sizeof(uint32_t)) ++count;
2094 stlink_write_reg(sl, target, 0); /* target */
2095 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
2096 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
2097 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2099 } else if (sl->core_id == STM32VL_CORE_ID ||
2100 sl->core_id == STM32F0_CORE_ID ||
2101 sl->chip_id == STM32_CHIPID_F3 ||
2102 sl->chip_id == STM32_CHIPID_F3_SMALL ||
2103 sl->chip_id == STM32_CHIPID_F303_HIGH ||
2104 sl->chip_id == STM32_CHIPID_F37x ||
2105 sl->chip_id == STM32_CHIPID_F334) {
2107 size_t count = size / sizeof(uint16_t);
2108 if (size % sizeof(uint16_t)) ++count;
2111 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
2112 stlink_write_reg(sl, target, 1); /* target */
2113 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
2114 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
2115 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2117 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
2118 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
2119 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4) || (sl->chip_id == STM32_CHIPID_F4_DSI)) {
2121 size_t count = size / sizeof(uint32_t);
2122 if (size % sizeof(uint32_t)) ++count;
2123 if (sl->chip_id == STM32_CHIPID_L4) {
2124 if (count % 2) ++count;
2128 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
2129 stlink_write_reg(sl, target, 1); /* target */
2130 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
2131 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
2134 fprintf(stderr, "unknown coreid 0x%x, don't know what flash loader to use\n", sl->core_id);
2141 #define WAIT_ROUNDS 10000
2142 /* wait until done (reaches breakpoint) */
2143 for (i = 0; i < WAIT_ROUNDS; i++) {
2145 if (is_core_halted(sl))
2149 if (i >= WAIT_ROUNDS) {
2150 ELOG("flash loader run error\n");
2154 /* check written byte count */
2155 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_CAT2
2156 || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS || sl->chip_id == STM32_CHIPID_L1_HIGH
2157 || sl->chip_id == STM32_CHIPID_L152_RE || sl->chip_id == STM32_CHIPID_L0) {
2159 size_t count = size / sizeof(uint32_t);
2160 if (size % sizeof(uint32_t)) ++count;
2162 stlink_read_reg(sl, 3, &rr);
2163 if (rr.r[3] != count) {
2164 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
2168 } else if (sl->core_id == STM32VL_CORE_ID ||
2169 sl->core_id == STM32F0_CORE_ID ||
2170 sl->chip_id == STM32_CHIPID_F3 ||
2171 sl->chip_id == STM32_CHIPID_F3_SMALL ||
2172 sl->chip_id == STM32_CHIPID_F303_HIGH ||
2173 sl->chip_id == STM32_CHIPID_F37x ||
2174 sl->chip_id == STM32_CHIPID_F334) {
2176 stlink_read_reg(sl, 2, &rr);
2178 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
2182 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4 || (sl->chip_id == STM32_CHIPID_F4_DE) ||
2183 sl->chip_id == STM32_CHIPID_F4_LP || sl->chip_id == STM32_CHIPID_F4_HD || (sl->chip_id == STM32_CHIPID_F411RE) ||
2184 (sl->chip_id == STM32_CHIPID_F446) || (sl->chip_id == STM32_CHIPID_F7) || (sl->chip_id == STM32_CHIPID_L4) ||
2185 (sl->chip_id == STM32_CHIPID_F4_DSI)) {
2187 stlink_read_reg(sl, 2, &rr);
2189 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
2195 fprintf(stderr, "unknown coreid 0x%x, can't check written byte count\n", sl->core_id);