10 #include <sys/types.h>
14 #include "stlink-common.h"
15 #include "uglylogging.h"
22 #define LOG_TAG __FILE__
23 #define DLOG(format, args...) ugly_log(UDEBUG, LOG_TAG, format, ## args)
24 #define ILOG(format, args...) ugly_log(UINFO, LOG_TAG, format, ## args)
25 #define WLOG(format, args...) ugly_log(UWARN, LOG_TAG, format, ## args)
26 #define ELOG(format, args...) ugly_log(UERROR, LOG_TAG, format, ## args)
27 #define fatal(format, args...) ugly_log(UFATAL, LOG_TAG, format, ## args)
29 /* todo: stm32l15xxx flash memory, pm0062 manual */
31 /* stm32f FPEC flash controller interface, pm0063 manual */
32 // TODO - all of this needs to be abstracted out....
33 // STM32F05x is identical, based on RM0091 (DM00031936, Doc ID 018940 Rev 2, August 2012)
34 #define FLASH_REGS_ADDR 0x40022000
35 #define FLASH_REGS_SIZE 0x28
37 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
38 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
39 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
40 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
41 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
42 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
43 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
45 // For STM32F05x, the RDPTR_KEY may be wrong, but as it is not used anywhere...
46 #define FLASH_RDPTR_KEY 0x00a5
47 #define FLASH_KEY1 0x45670123
48 #define FLASH_KEY2 0xcdef89ab
50 #define FLASH_SR_BSY 0
51 #define FLASH_SR_EOP 5
54 #define FLASH_CR_PER 1
55 #define FLASH_CR_MER 2
56 #define FLASH_CR_STRT 6
57 #define FLASH_CR_LOCK 7
60 //32L = 32F1 same CoreID as 32F4!
61 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
62 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
63 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
64 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
65 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
66 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
67 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
68 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
69 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
70 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
71 #define FLASH_L1_FPRG 10
72 #define FLASH_L1_PROG 3
76 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
77 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
78 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
79 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
80 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
81 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
82 #define FLASH_F4_CR_STRT 16
83 #define FLASH_F4_CR_LOCK 31
84 #define FLASH_F4_CR_SER 1
85 #define FLASH_F4_CR_SNB 3
86 #define FLASH_F4_CR_SNB_MASK 0x38
87 #define FLASH_F4_SR_BSY 16
90 void write_uint32(unsigned char* buf, uint32_t ui) {
91 if (!is_bigendian()) { // le -> le (don't swap)
92 buf[0] = ((unsigned char*) &ui)[0];
93 buf[1] = ((unsigned char*) &ui)[1];
94 buf[2] = ((unsigned char*) &ui)[2];
95 buf[3] = ((unsigned char*) &ui)[3];
97 buf[0] = ((unsigned char*) &ui)[3];
98 buf[1] = ((unsigned char*) &ui)[2];
99 buf[2] = ((unsigned char*) &ui)[1];
100 buf[3] = ((unsigned char*) &ui)[0];
104 void write_uint16(unsigned char* buf, uint16_t ui) {
105 if (!is_bigendian()) { // le -> le (don't swap)
106 buf[0] = ((unsigned char*) &ui)[0];
107 buf[1] = ((unsigned char*) &ui)[1];
109 buf[0] = ((unsigned char*) &ui)[1];
110 buf[1] = ((unsigned char*) &ui)[0];
114 uint32_t read_uint32(const unsigned char *c, const int pt) {
116 char *p = (char *) &ui;
118 if (!is_bigendian()) { // le -> le (don't swap)
132 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
133 return stlink_read_debug32(sl, FLASH_WRPR) & 0xff;
136 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
137 return stlink_read_debug32(sl, FLASH_WRPR);
140 static inline uint32_t read_flash_obr(stlink_t *sl) {
141 return stlink_read_debug32(sl, FLASH_OBR);
144 static inline uint32_t read_flash_cr(stlink_t *sl) {
146 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
147 (sl->chip_id == STM32_CHIPID_F4_LP))
148 res = stlink_read_debug32(sl, FLASH_F4_CR);
150 res = stlink_read_debug32(sl, FLASH_CR);
152 fprintf(stdout, "CR:0x%x\n", res);
157 static inline unsigned int is_flash_locked(stlink_t *sl) {
158 /* return non zero for true */
159 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
160 (sl->chip_id == STM32_CHIPID_F4_LP))
161 return read_flash_cr(sl) & (1 << FLASH_F4_CR_LOCK);
163 return read_flash_cr(sl) & (1 << FLASH_CR_LOCK);
166 static void unlock_flash(stlink_t *sl) {
167 /* the unlock sequence consists of 2 write cycles where
168 2 key values are written to the FLASH_KEYR register.
169 an invalid sequence results in a definitive lock of
170 the FPEC block until next reset.
172 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
173 (sl->chip_id == STM32_CHIPID_F4_LP)) {
174 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
175 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
177 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
178 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
183 static int unlock_flash_if(stlink_t *sl) {
184 /* unlock flash if already locked */
186 if (is_flash_locked(sl)) {
188 if (is_flash_locked(sl)) {
189 WLOG("Failed to unlock flash!\n");
193 DLOG("Successfully unlocked flash\n");
197 static void lock_flash(stlink_t *sl) {
198 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
199 (sl->chip_id == STM32_CHIPID_F4_LP)) {
200 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
201 stlink_write_debug32(sl, FLASH_F4_CR, n);
203 /* write to 1 only. reset by hw at unlock sequence */
204 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
205 stlink_write_debug32(sl, FLASH_CR, n);
210 static void set_flash_cr_pg(stlink_t *sl) {
211 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
212 (sl->chip_id == STM32_CHIPID_F4_LP)) {
213 uint32_t x = read_flash_cr(sl);
214 x |= (1 << FLASH_CR_PG);
215 stlink_write_debug32(sl, FLASH_F4_CR, x);
217 const uint32_t n = 1 << FLASH_CR_PG;
218 stlink_write_debug32(sl, FLASH_CR, n);
222 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
223 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
224 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
225 (sl->chip_id == STM32_CHIPID_F4_LP))
226 stlink_write_debug32(sl, FLASH_F4_CR, n);
228 stlink_write_debug32(sl, FLASH_CR, n);
231 static void set_flash_cr_per(stlink_t *sl) {
232 const uint32_t n = 1 << FLASH_CR_PER;
233 stlink_write_debug32(sl, FLASH_CR, n);
236 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
237 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
238 stlink_write_debug32(sl, FLASH_CR, n);
241 static void set_flash_cr_mer(stlink_t *sl) {
242 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
243 (sl->chip_id == STM32_CHIPID_F4_LP))
244 stlink_write_debug32(sl, FLASH_F4_CR,
245 stlink_read_debug32(sl, FLASH_F4_CR) | (1 << FLASH_CR_MER));
247 stlink_write_debug32(sl, FLASH_CR,
248 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_MER));
251 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
252 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
253 (sl->chip_id == STM32_CHIPID_F4_LP))
254 stlink_write_debug32(sl, FLASH_F4_CR,
255 stlink_read_debug32(sl, FLASH_F4_CR) & ~(1 << FLASH_CR_MER));
257 stlink_write_debug32(sl, FLASH_CR,
258 stlink_read_debug32(sl, FLASH_CR) & ~(1 << FLASH_CR_MER));
261 static void set_flash_cr_strt(stlink_t *sl) {
262 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
263 (sl->chip_id == STM32_CHIPID_F4_LP)) {
264 uint32_t x = read_flash_cr(sl);
265 x |= (1 << FLASH_F4_CR_STRT);
266 stlink_write_debug32(sl, FLASH_F4_CR, x);
268 stlink_write_debug32(sl, FLASH_CR,
269 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_STRT) );
273 static inline uint32_t read_flash_acr(stlink_t *sl) {
274 return stlink_read_debug32(sl, FLASH_ACR);
277 static inline uint32_t read_flash_sr(stlink_t *sl) {
279 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
280 (sl->chip_id == STM32_CHIPID_F4_LP))
281 res = stlink_read_debug32(sl, FLASH_F4_SR);
283 res = stlink_read_debug32(sl, FLASH_SR);
284 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
288 static inline unsigned int is_flash_busy(stlink_t *sl) {
289 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
290 (sl->chip_id == STM32_CHIPID_F4_LP))
291 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
293 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
296 static void wait_flash_busy(stlink_t *sl) {
297 /* todo: add some delays here */
298 while (is_flash_busy(sl))
302 static void wait_flash_busy_progress(stlink_t *sl) {
304 fprintf(stdout, "Mass erasing");
306 while (is_flash_busy(sl)) {
310 fprintf(stdout, ".");
314 fprintf(stdout, "\n");
317 static inline unsigned int is_flash_eop(stlink_t *sl) {
318 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
321 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
322 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
323 stlink_write_debug32(sl, FLASH_SR, n);
326 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
327 /* todo: add some delays here */
328 while (is_flash_eop(sl) == 0)
332 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
333 stlink_write_debug32(sl, FLASH_AR, n);
336 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
337 uint32_t x = read_flash_cr(sl);
341 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
343 stlink_write_debug32(sl, FLASH_F4_CR, x);
347 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
348 uint32_t x = read_flash_cr(sl);
349 x &= ~FLASH_F4_CR_SNB_MASK;
350 x |= (n << FLASH_F4_CR_SNB);
351 x |= (1 << FLASH_F4_CR_SER);
353 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
355 stlink_write_debug32(sl, FLASH_F4_CR, x);
360 static void disable_flash_read_protection(stlink_t *sl) {
361 /* erase the option byte area */
368 // Delegates to the backends...
370 void stlink_close(stlink_t *sl) {
371 DLOG("*** stlink_close ***\n");
372 sl->backend->close(sl);
376 void stlink_exit_debug_mode(stlink_t *sl) {
377 DLOG("*** stlink_exit_debug_mode ***\n");
378 stlink_write_debug32(sl, DHCSR, DBGKEY);
379 sl->backend->exit_debug_mode(sl);
382 void stlink_enter_swd_mode(stlink_t *sl) {
383 DLOG("*** stlink_enter_swd_mode ***\n");
384 sl->backend->enter_swd_mode(sl);
387 // Force the core into the debug mode -> halted state.
388 void stlink_force_debug(stlink_t *sl) {
389 DLOG("*** stlink_force_debug_mode ***\n");
390 sl->backend->force_debug(sl);
393 void stlink_exit_dfu_mode(stlink_t *sl) {
394 DLOG("*** stlink_exit_dfu_mode ***\n");
395 sl->backend->exit_dfu_mode(sl);
398 uint32_t stlink_core_id(stlink_t *sl) {
399 DLOG("*** stlink_core_id ***\n");
400 sl->backend->core_id(sl);
402 stlink_print_data(sl);
403 DLOG("core_id = 0x%08x\n", sl->core_id);
407 uint32_t stlink_chip_id(stlink_t *sl) {
408 uint32_t chip_id = stlink_read_debug32(sl, 0xE0042000);
409 if (chip_id == 0) chip_id = stlink_read_debug32(sl, 0x40015800); //Try Corex M0 DBGMCU_IDCODE register address
414 * Cortex m3 tech ref manual, CPUID register description
415 * @param sl stlink context
416 * @param cpuid pointer to the result object
418 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
419 uint32_t raw = stlink_read_debug32(sl, CM3_REG_CPUID);
420 cpuid->implementer_id = (raw >> 24) & 0x7f;
421 cpuid->variant = (raw >> 20) & 0xf;
422 cpuid->part = (raw >> 4) & 0xfff;
423 cpuid->revision = raw & 0xf;
428 * reads and decodes the flash parameters, as dynamically as possible
430 * @return 0 for success, or -1 for unsupported core type.
432 int stlink_load_device_params(stlink_t *sl) {
433 ILOG("Loading device parameters....\n");
434 const chip_params_t *params = NULL;
435 sl->core_id = stlink_core_id(sl);
436 uint32_t chip_id = stlink_chip_id(sl);
438 sl->chip_id = chip_id & 0xfff;
439 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
440 if (sl->chip_id == 0x411) {
441 uint32_t cpuid = stlink_read_debug32(sl, 0xE000ED00);
442 if ((cpuid & 0xfff0) == 0xc240)
446 for (size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
447 if(devices[i].chip_id == sl->chip_id) {
448 params = &devices[i];
452 if (params == NULL) {
453 WLOG("unknown chip id! %#x\n", chip_id);
457 // These are fixed...
458 sl->flash_base = STM32_FLASH_BASE;
459 sl->sram_base = STM32_SRAM_BASE;
461 // read flash size from hardware, if possible...
462 if (sl->chip_id == STM32_CHIPID_F2) {
463 sl->flash_size = 0x100000; /* Use maximum, User must care!*/
464 } else if (sl->chip_id == STM32_CHIPID_F4 ||
465 sl->chip_id == STM32_CHIPID_F4_LP) {
466 sl->flash_size = 0x100000; //todo: RM0090 error; size register same address as unique ID
467 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) {
468 // if the flash size is zero, we assume it is 128k, if not we calculate the real value
469 uint32_t flash_size = stlink_read_debug32(sl,params->flash_size_reg) & 0xffff;
470 if ( flash_size == 0 ) {
471 sl->flash_size = 128 * 1024;
473 sl->flash_size = flash_size * 1024;
475 } else if ((sl->chip_id & 0xFFF) == STM32_CHIPID_L1_HIGH) {
476 uint32_t flash_size = stlink_read_debug32(sl, params->flash_size_reg) & 0x1;
477 // 0 is 384k and 1 is 256k
478 if ( flash_size == 0 ) {
479 sl->flash_size = 384 * 1024;
481 sl->flash_size = 256 * 1024;
484 uint32_t flash_size = stlink_read_debug32(sl, params->flash_size_reg) & 0xffff;
485 sl->flash_size = flash_size * 1024;
487 sl->flash_pgsz = params->flash_pagesize;
488 sl->sram_size = params->sram_size;
489 sl->sys_base = params->bootrom_base;
490 sl->sys_size = params->bootrom_size;
492 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
493 // TODO make note of variable page size here.....
494 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
495 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
500 void stlink_reset(stlink_t *sl) {
501 DLOG("*** stlink_reset ***\n");
502 // Step 1: assert jtag reset
503 sl->backend->jtag_reset(sl, 1);
504 // Step 2: deassert jtag reset
505 sl->backend->jtag_reset(sl, 0);
506 // Step 3: perform the sysreset command
507 sl->backend->reset(sl);
510 void stlink_jtag_reset(stlink_t *sl, int value) {
511 DLOG("*** stlink_jtag_reset ***\n");
512 sl->backend->jtag_reset(sl, value);
515 void stlink_run(stlink_t *sl) {
516 DLOG("*** stlink_run ***\n");
517 sl->backend->run(sl);
520 void stlink_status(stlink_t *sl) {
521 DLOG("*** stlink_status ***\n");
522 sl->backend->status(sl);
523 stlink_core_stat(sl);
527 * Decode the version bits, originally from -sg, verified with usb
528 * @param sl stlink context, assumed to contain valid data in the buffer
529 * @param slv output parsed version object
531 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
532 uint32_t b0 = sl->q_buf[0]; //lsb
533 uint32_t b1 = sl->q_buf[1];
534 uint32_t b2 = sl->q_buf[2];
535 uint32_t b3 = sl->q_buf[3];
536 uint32_t b4 = sl->q_buf[4];
537 uint32_t b5 = sl->q_buf[5]; //msb
539 // b0 b1 || b2 b3 | b4 b5
540 // 4b | 6b | 6b || 2B | 2B
541 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
543 slv->stlink_v = (b0 & 0xf0) >> 4;
544 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
545 slv->swim_v = b1 & 0x3f;
546 slv->st_vid = (b3 << 8) | b2;
547 slv->stlink_pid = (b5 << 8) | b4;
551 void stlink_version(stlink_t *sl) {
552 DLOG("*** looking up stlink version\n");
553 sl->backend->version(sl);
554 _parse_version(sl, &sl->version);
556 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
557 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
558 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
559 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
560 DLOG("swim version = 0x%x\n", sl->version.swim_v);
561 if (sl->version.jtag_v == 0) {
562 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
564 if (sl->version.swim_v == 0) {
565 DLOG(" notice: the firmware doesn't support a swim interface\n");
569 uint32_t stlink_read_debug32(stlink_t *sl, uint32_t addr) {
570 uint32_t data = sl->backend->read_debug32(sl, addr);
571 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
575 void stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
576 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
577 sl->backend->write_debug32(sl, addr, data);
580 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
581 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
583 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
586 sl->backend->write_mem32(sl, addr, len);
589 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
590 DLOG("*** stlink_read_mem32 ***\n");
591 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
592 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
596 sl->backend->read_mem32(sl, addr, len);
599 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
600 DLOG("*** stlink_write_mem8 ***\n");
601 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
602 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
606 sl->backend->write_mem8(sl, addr, len);
609 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
610 DLOG("*** stlink_read_all_regs ***\n");
611 sl->backend->read_all_regs(sl, regp);
614 void stlink_read_all_unsupported_regs(stlink_t *sl, reg *regp) {
615 DLOG("*** stlink_read_all_unsupported_regs ***\n");
616 sl->backend->read_all_unsupported_regs(sl, regp);
619 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
620 DLOG("*** stlink_write_reg\n");
621 sl->backend->write_reg(sl, reg, idx);
624 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
625 DLOG("*** stlink_read_reg\n");
626 DLOG(" (%d) ***\n", r_idx);
628 if (r_idx > 20 || r_idx < 0) {
629 fprintf(stderr, "Error: register index must be in [0..20]\n");
633 sl->backend->read_reg(sl, r_idx, regp);
636 void stlink_read_unsupported_reg(stlink_t *sl, int r_idx, reg *regp) {
639 DLOG("*** stlink_read_unsupported_reg\n");
640 DLOG(" (%d) ***\n", r_idx);
642 /* Convert to values used by DCRSR */
643 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
645 } else if (r_idx == 0x40) { /* FPSCR */
647 } else if (r_idx >= 0x20 && r_idx < 0x40) {
648 r_convert = 0x40 + (r_idx - 0x20);
650 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
654 sl->backend->read_unsupported_reg(sl, r_convert, regp);
657 void stlink_write_unsupported_reg(stlink_t *sl, uint32_t val, int r_idx, reg *regp) {
660 DLOG("*** stlink_write_unsupported_reg\n");
661 DLOG(" (%d) ***\n", r_idx);
663 /* Convert to values used by DCRSR */
664 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
665 r_convert = r_idx; /* The backend function handles this */
666 } else if (r_idx == 0x40) { /* FPSCR */
668 } else if (r_idx >= 0x20 && r_idx < 0x40) {
669 r_convert = 0x40 + (r_idx - 0x20);
671 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
675 sl->backend->write_unsupported_reg(sl, val, r_convert, regp);
678 unsigned int is_core_halted(stlink_t *sl) {
679 /* return non zero if core is halted */
681 return sl->q_buf[0] == STLINK_CORE_HALTED;
684 void stlink_step(stlink_t *sl) {
685 DLOG("*** stlink_step ***\n");
686 sl->backend->step(sl);
689 int stlink_current_mode(stlink_t *sl) {
690 int mode = sl->backend->current_mode(sl);
692 case STLINK_DEV_DFU_MODE:
693 DLOG("stlink current mode: dfu\n");
695 case STLINK_DEV_DEBUG_MODE:
696 DLOG("stlink current mode: debug (jtag or swd)\n");
698 case STLINK_DEV_MASS_MODE:
699 DLOG("stlink current mode: mass\n");
702 DLOG("stlink mode: unknown!\n");
703 return STLINK_DEV_UNKNOWN_MODE;
709 // End of delegates.... Common code below here...
712 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
714 // #define is_bigendian() ( (*(char*)&i) == 0 )
716 inline unsigned int is_bigendian(void) {
717 static volatile const unsigned int i = 1;
718 return *(volatile const char*) &i == 0;
721 uint16_t read_uint16(const unsigned char *c, const int pt) {
723 char *p = (char *) &ui;
725 if (!is_bigendian()) { // le -> le (don't swap)
735 // same as above with entrypoint.
737 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
738 stlink_write_reg(sl, addr, 15); /* pc register */
742 while (is_core_halted(sl) == 0)
746 void stlink_core_stat(stlink_t *sl) {
750 switch (sl->q_buf[0]) {
751 case STLINK_CORE_RUNNING:
752 sl->core_stat = STLINK_CORE_RUNNING;
753 DLOG(" core status: running\n");
755 case STLINK_CORE_HALTED:
756 sl->core_stat = STLINK_CORE_HALTED;
757 DLOG(" core status: halted\n");
760 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
761 fprintf(stderr, " core status: unknown\n");
765 void stlink_print_data(stlink_t * sl) {
766 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
769 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
771 for (int i = 0; i < sl->q_len; i++) {
774 if (sl->q_data_dir == Q_DATA_OUT)
775 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
777 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
780 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
782 fputs("\n\n", stdout);
785 /* memory mapped file */
787 typedef struct mapped_file {
792 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
794 static int map_file(mapped_file_t* mf, const char* path) {
798 const int fd = open(path, O_RDONLY | O_BINARY);
800 fprintf(stderr, "open(%s) == -1\n", path);
804 if (fstat(fd, &st) == -1) {
805 fprintf(stderr, "fstat() == -1\n");
809 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
810 if (mf->base == MAP_FAILED) {
811 fprintf(stderr, "mmap() == MAP_FAILED\n");
815 mf->len = st.st_size;
826 static void unmap_file(mapped_file_t * mf) {
827 munmap((void*) mf->base, mf->len);
828 mf->base = (unsigned char*) MAP_FAILED;
832 /* Limit the block size to compare to 0x1800
833 Anything larger will stall the STLINK2
834 Maybe STLINK V1 needs smaller value!*/
835 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
837 size_t n_cmp = sl->flash_pgsz;
841 for (off = 0; off < mf->len; off += n_cmp) {
844 /* adjust last page size */
845 size_t cmp_size = n_cmp;
846 if ((off + n_cmp) > mf->len)
847 cmp_size = mf->len - off;
849 aligned_size = cmp_size;
850 if (aligned_size & (4 - 1))
851 aligned_size = (cmp_size + 4) & ~(4 - 1);
853 stlink_read_mem32(sl, addr + off, aligned_size);
855 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
862 int stlink_fwrite_sram
863 (stlink_t * sl, const char* path, stm32_addr_t addr) {
864 /* write the file in sram at addr */
868 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
871 if (map_file(&mf, path) == -1) {
872 fprintf(stderr, "map_file() == -1\n");
876 /* check addr range is inside the sram */
877 if (addr < sl->sram_base) {
878 fprintf(stderr, "addr too low\n");
880 } else if ((addr + mf.len) < addr) {
881 fprintf(stderr, "addr overruns\n");
883 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
884 fprintf(stderr, "addr too high\n");
886 } else if ((addr & 3) || (mf.len & 3)) {
888 fprintf(stderr, "unaligned addr or size\n");
891 /* do the copy by 1k blocks */
892 for (off = 0; off < mf.len; off += 1024) {
894 if ((off + size) > mf.len)
897 memcpy(sl->q_buf, mf.base + off, size);
899 /* round size if needed */
903 stlink_write_mem32(sl, addr + off, size);
906 /* check the file ha been written */
907 if (check_file(sl, &mf, addr) == -1) {
908 fprintf(stderr, "check_file() == -1\n");
915 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
916 /* Set PC to the reset routine*/
917 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
925 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
926 /* read size bytes from addr to file */
931 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
932 || sl->chip_id == STM32_CHIPID_L1_HIGH) ? 0:0xff;
934 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
936 fprintf(stderr, "open(%s) == -1\n", path);
941 size = sl->flash_size;
943 if (size > sl->flash_size)
944 size = sl->flash_size;
946 /* do the copy by 1k blocks */
947 for (off = 0; off < size; off += 1024) {
948 size_t read_size = 1024;
951 if ((off + read_size) > size)
952 read_size = size - off;
954 /* round size if needed */
955 rounded_size = read_size;
956 if (rounded_size & 3)
957 rounded_size = (rounded_size + 4) & ~(3);
959 stlink_read_mem32(sl, addr + off, rounded_size);
961 for(index = 0; index < read_size; index ++) {
962 if (sl->q_buf[index] == erased_pattern)
967 if (write(fd, sl->q_buf, read_size) != (ssize_t) read_size) {
968 fprintf(stderr, "write() != read_size\n");
973 /* Ignore NULL Bytes at end of file */
974 if (!ftruncate(fd, size - num_empty)) {
987 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
988 /* write the buffer right after the loader */
989 size_t chunk = size & ~0x3;
990 size_t rem = size & 0x3;
992 memcpy(sl->q_buf, buf, chunk);
993 stlink_write_mem32(sl, fl->buf_addr, chunk);
996 memcpy(sl->q_buf, buf+chunk, rem);
997 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
1002 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
1003 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
1004 if (flashaddr<0x4000) return (0);
1005 else if(flashaddr<0x8000) return(1);
1006 else if(flashaddr<0xc000) return(2);
1007 else if(flashaddr<0x10000) return(3);
1008 else if(flashaddr<0x20000) return(4);
1009 else return(flashaddr/0x20000)+4;
1013 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
1014 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
1015 (sl->chip_id == STM32_CHIPID_F4_LP)) {
1016 uint32_t sector=calculate_F4_sectornum(flashaddr);
1017 if (sector<4) sl->flash_pgsz=0x4000;
1018 else if(sector<5) sl->flash_pgsz=0x10000;
1019 else sl->flash_pgsz=0x20000;
1021 return (sl->flash_pgsz);
1025 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
1026 * @param sl stlink context
1027 * @param flashaddr an address in the flash page to erase
1028 * @return 0 on success -ve on failure
1030 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
1032 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
1033 (sl->chip_id == STM32_CHIPID_F4_LP)) {
1034 /* wait for ongoing op to finish */
1035 wait_flash_busy(sl);
1037 /* unlock if locked */
1038 unlock_flash_if(sl);
1040 /* select the page to erase */
1041 // calculate the actual page from the address
1042 uint32_t sector=calculate_F4_sectornum(flashaddr);
1044 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1045 write_flash_cr_snb(sl, sector);
1047 /* start erase operation */
1048 set_flash_cr_strt(sl);
1050 /* wait for completion */
1051 wait_flash_busy(sl);
1053 /* relock the flash */
1054 //todo: fails to program if this is in
1057 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
1059 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1060 || sl->chip_id == STM32_CHIPID_L1_HIGH) {
1064 /* check if the locks are set */
1065 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1066 if((val & (1<<0))||(val & (1<<1))) {
1067 /* disable pecr protection */
1068 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
1069 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
1071 /* check pecr.pelock is cleared */
1072 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1073 if (val & (1 << 0)) {
1074 WLOG("pecr.pelock not clear (%#x)\n", val);
1078 /* unlock program memory */
1079 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
1080 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
1082 /* check pecr.prglock is cleared */
1083 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1084 if (val & (1 << 1)) {
1085 WLOG("pecr.prglock not clear (%#x)\n", val);
1090 /* unused: unlock the option byte block */
1092 stlink_write_debug32(sl, STM32L_FLASH_OPTKEYR, 0xfbead9c8);
1093 stlink_write_debug32(sl, STM32L_FLASH_OPTKEYR, 0x24252627);
1095 /* check pecr.optlock is cleared */
1096 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1097 if (val & (1 << 2)) {
1098 fprintf(stderr, "pecr.prglock not clear\n");
1103 /* set pecr.{erase,prog} */
1104 val |= (1 << 9) | (1 << 3);
1105 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1107 #if 0 /* fix_to_be_confirmed */
1109 /* wait for sr.busy to be cleared
1110 MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1111 wrong and we do not need to wait here for clearing the busy bit.
1112 TEXANE: ok, if experience says so and it works for you, we comment
1113 it. If someone has a problem, please drop an email.
1115 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1118 #endif /* fix_to_be_confirmed */
1120 /* write 0 to the first word of the page to be erased */
1121 stlink_write_debug32(sl, flashaddr, 0);
1123 /* MP: It is better to wait for clearing the busy bit after issuing
1124 page erase command, even though PM0062 recommends to wait before it.
1125 Test shows that a few iterations is performed in the following loop
1126 before busy bit is cleared.*/
1127 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1130 /* reset lock bits */
1131 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1132 | (1 << 0) | (1 << 1) | (1 << 2);
1133 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1134 } else if (sl->core_id == STM32VL_CORE_ID
1135 || sl->core_id == STM32F0_CORE_ID
1136 || sl->chip_id == STM32_CHIPID_F3
1137 || sl->chip_id == STM32_CHIPID_F37x) {
1138 /* wait for ongoing op to finish */
1139 wait_flash_busy(sl);
1141 /* unlock if locked */
1142 unlock_flash_if(sl);
1144 /* set the page erase bit */
1145 set_flash_cr_per(sl);
1147 /* select the page to erase */
1148 write_flash_ar(sl, flashaddr);
1150 /* start erase operation, reset by hw with bsy bit */
1151 set_flash_cr_strt(sl);
1153 /* wait for completion */
1154 wait_flash_busy(sl);
1156 /* relock the flash */
1159 WLOG("unknown coreid %x, page erase failed\n", sl->core_id);
1163 /* todo: verify the erased page */
1168 int stlink_erase_flash_mass(stlink_t *sl) {
1169 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1170 || sl->chip_id == STM32_CHIPID_L1_HIGH) {
1171 /* erase each page */
1172 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1173 for (i = 0; i < num_pages; i++) {
1174 /* addr must be an addr inside the page */
1175 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1176 if (stlink_erase_flash_page(sl, addr) == -1) {
1177 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1180 fprintf(stdout,"\rFlash page at %5d/%5d erased", i, num_pages);
1183 fprintf(stdout, "\n");
1185 /* wait for ongoing op to finish */
1186 wait_flash_busy(sl);
1188 /* unlock if locked */
1189 unlock_flash_if(sl);
1191 /* set the mass erase bit */
1192 set_flash_cr_mer(sl);
1194 /* start erase operation, reset by hw with bsy bit */
1195 set_flash_cr_strt(sl);
1197 /* wait for completion */
1198 wait_flash_busy_progress(sl);
1200 /* relock the flash */
1203 /* todo: verify the erased memory */
1208 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1211 /* allocate the loader in sram */
1212 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1213 WLOG("Failed to write flash loader to sram!\n");
1217 /* allocate a one page buffer in sram right after loader */
1218 fl->buf_addr = fl->loader_addr + size;
1219 ILOG("Successfully loaded flash loader in sram\n");
1223 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1224 /* from openocd, contrib/loaders/flash/stm32.s */
1225 static const uint8_t loader_code_stm32vl[] = {
1226 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1227 0x1c, 0x44, /* add r4, r3 */
1228 /* write_half_word: */
1229 0x01, 0x23, /* movs r3, #0x01 */
1230 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1231 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1232 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1234 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1235 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1236 0xfb, 0xd0, /* beq busy */
1237 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1238 0x01, 0xd1, /* bne exit */
1239 0x01, 0x3a, /* subs r2, r2, #0x01 */
1240 0xf0, 0xd1, /* bne write_half_word */
1242 0x00, 0xbe, /* bkpt #0x00 */
1243 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1246 /* flashloaders/stm32f0.s -- thumb1 only, same sequence as for STM32VL, bank ignored */
1247 static const uint8_t loader_code_stm32f0[] = {
1250 * These two NOPs here are a safety precaution, added by Pekka Nikander
1251 * while debugging the STM32F05x support. They may not be needed, but
1252 * there were strange problems with simpler programs, like a program
1253 * that had just a breakpoint or a program that first moved zero to register r2
1254 * and then had a breakpoint. So, it appears safest to have these two nops.
1256 * Feel free to remove them, if you dare, but then please do test the result
1257 * rigorously. Also, if you remove these, it may be a good idea first to
1258 * #if 0 them out, with a comment when these were taken out, and to remove
1259 * these only a few months later... But YMMV.
1261 0x00, 0x30, // nop /* add r0,#0 */
1262 0x00, 0x30, // nop /* add r0,#0 */
1264 0x0A, 0x4C, // ldr r4, STM32_FLASH_BASE
1265 0x01, 0x25, // mov r5, #1 /* FLASH_CR_PG, FLASH_SR_BUSY */
1266 0x04, 0x26, // mov r6, #4 /* PGERR */
1268 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1269 0x2B, 0x43, // orr r3, r5
1270 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR |= FLASH_CR_PG */
1271 0x03, 0x88, // ldrh r3, [r0] /* r3 = *sram */
1272 0x0B, 0x80, // strh r3, [r1] /* *flash = r3 */
1274 0xE3, 0x68, // ldr r3, [r4, #12] /* FLASH->SR */
1275 0x2B, 0x42, // tst r3, r5 /* FLASH_SR_BUSY */
1276 0xFC, 0xD0, // beq busy
1278 0x33, 0x42, // tst r3, r6 /* PGERR */
1279 0x04, 0xD1, // bne exit
1281 0x02, 0x30, // add r0, r0, #2 /* sram += 2 */
1282 0x02, 0x31, // add r1, r1, #2 /* flash += 2 */
1283 0x01, 0x3A, // sub r2, r2, #0x01 /* count-- */
1284 0x00, 0x2A, // cmp r2, #0
1285 0xF0, 0xD1, // bne write_half_word
1287 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1288 0xAB, 0x43, // bic r3, r5
1289 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR &= ~FLASH_CR_PG */
1290 0x00, 0xBE, // bkpt #0x00
1291 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1294 static const uint8_t loader_code_stm32l[] = {
1296 /* openocd.git/contrib/loaders/flash/stm32lx.S
1297 r0, input, dest addr
1298 r1, input, source addr
1299 r2, input, word count
1300 r3, output, word count
1306 0x51, 0xf8, 0x04, 0xcb,
1307 0x40, 0xf8, 0x04, 0xcb,
1315 static const uint8_t loader_code_stm32f4[] = {
1316 // flashloaders/stm32f4.s
1325 0x14, 0xf0, 0x01, 0x0f,
1327 0x00, 0xf1, 0x04, 0x00,
1328 0x01, 0xf1, 0x04, 0x01,
1329 0xa2, 0xf1, 0x01, 0x02,
1334 0x00, 0x3c, 0x02, 0x40,
1337 const uint8_t* loader_code;
1340 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1341 || sl->chip_id == STM32_CHIPID_L1_HIGH ) { /* stm32l */
1342 loader_code = loader_code_stm32l;
1343 loader_size = sizeof(loader_code_stm32l);
1344 } else if (sl->core_id == STM32VL_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1345 loader_code = loader_code_stm32vl;
1346 loader_size = sizeof(loader_code_stm32vl);
1347 } else if (sl->chip_id == STM32_CHIPID_F2 ||
1348 sl->chip_id == STM32_CHIPID_F4 || sl->chip_id == STM32_CHIPID_F4_LP) {
1349 loader_code = loader_code_stm32f4;
1350 loader_size = sizeof(loader_code_stm32f4);
1351 } else if (sl->chip_id == STM32_CHIPID_F0 || sl->chip_id == STM32_CHIPID_F0_SMALL) {
1352 loader_code = loader_code_stm32f0;
1353 loader_size = sizeof(loader_code_stm32f0);
1355 ELOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1359 memcpy(sl->q_buf, loader_code, loader_size);
1360 stlink_write_mem32(sl, sl->sram_base, loader_size);
1362 *addr = sl->sram_base;
1363 *size = loader_size;
1369 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1370 /* check the contents of path are at addr */
1373 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1375 if (map_file(&mf, path) == -1)
1378 res = check_file(sl, &mf, addr);
1386 * Verify addr..addr+len is binary identical to base...base+len
1387 * @param sl stlink context
1388 * @param address stm device address
1389 * @param data host side buffer to check against
1390 * @param length how much
1391 * @return 0 for success, -ve for failure
1393 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1395 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1396 ILOG("Starting verification of write complete\n");
1397 for (off = 0; off < length; off += cmp_size) {
1398 size_t aligned_size;
1400 /* adjust last page size */
1401 if ((off + cmp_size) > length)
1402 cmp_size = length - off;
1404 aligned_size = cmp_size;
1405 if (aligned_size & (4 - 1))
1406 aligned_size = (cmp_size + 4) & ~(4 - 1);
1408 stlink_read_mem32(sl, address + off, aligned_size);
1410 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1411 ELOG("Verification of flash failed at offset: %zd\n", off);
1415 ILOG("Flash written and verified! jolly good!\n");
1420 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, unsigned num_half_pages)
1426 ILOG("Starting Half page flash write for STM32L core id\n");
1427 /* flash loader initialization */
1428 if (init_flash_loader(sl, &fl) == -1) {
1429 WLOG("init_flash_loader() == -1\n");
1432 /* Unlock already done */
1433 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1434 val |= (1 << FLASH_L1_FPRG);
1435 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1437 val |= (1 << FLASH_L1_PROG);
1438 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1439 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {}
1441 #define L1_WRITE_BLOCK_SIZE 0x80
1442 for (count = 0; count < num_half_pages; count ++) {
1443 if (run_flash_loader(sl, &fl, addr + count * L1_WRITE_BLOCK_SIZE, base + count * L1_WRITE_BLOCK_SIZE, L1_WRITE_BLOCK_SIZE) == -1) {
1444 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * L1_WRITE_BLOCK_SIZE);
1445 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1446 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1447 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1450 /* wait for sr.busy to be cleared */
1451 if (sl->verbose >= 1) {
1452 /* show progress. writing procedure is slow
1453 and previous errors are misleading */
1454 fprintf(stdout, "\r%3u/%u halfpages written", count + 1, num_half_pages);
1457 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {
1460 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1461 val &= ~(1 << FLASH_L1_PROG);
1462 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1463 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1464 val &= ~(1 << FLASH_L1_FPRG);
1465 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1470 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len) {
1473 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1474 len, len, addr, addr);
1475 /* check addr range is inside the flash */
1476 stlink_calculate_pagesize(sl, addr);
1477 if (addr < sl->flash_base) {
1478 ELOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1480 } else if ((addr + len) < addr) {
1481 ELOG("addr overruns\n");
1483 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1484 ELOG("addr too high\n");
1486 } else if (addr & 1) {
1487 ELOG("unaligned addr 0x%x\n", addr);
1489 } else if (len & 1) {
1490 WLOG("unaligned len 0x%x -- padding with zero\n", len);
1492 } else if (addr & (sl->flash_pgsz - 1)) {
1493 ELOG("addr not a multiple of pagesize, not supported\n");
1497 // Make sure we've loaded the context with the chip details
1499 /* erase each page */
1501 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1502 /* addr must be an addr inside the page */
1503 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1504 ELOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1507 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1508 (unsigned long)addr + off);
1512 fprintf(stdout,"\n");
1513 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1514 page_count, sl->flash_pgsz, sl->flash_pgsz);
1516 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4) ||
1517 (sl->chip_id == STM32_CHIPID_F4_LP)) {
1518 /* todo: check write operation */
1520 ILOG("Starting Flash write for F2/F4\n");
1521 /* flash loader initialization */
1522 if (init_flash_loader(sl, &fl) == -1) {
1523 ELOG("init_flash_loader() == -1\n");
1527 /* First unlock the cr */
1528 unlock_flash_if(sl);
1530 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1531 /* set parallelisim to 32 bit*/
1532 write_flash_cr_psiz(sl, 2);
1534 /* set programming mode */
1535 set_flash_cr_pg(sl);
1537 for(off = 0; off < len;) {
1538 size_t size = len - off > 0x8000 ? 0x8000 : len - off;
1540 printf("size: %zu\n", size);
1542 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1543 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1551 #define PROGRESS_CHUNK_SIZE 0x1000
1552 /* write a word in program memory */
1553 for (off = 0; off < len; off += sizeof(uint32_t)) {
1555 if (sl->verbose >= 1) {
1556 if ((off & (PROGRESS_CHUNK_SIZE - 1)) == 0) {
1557 /* show progress. writing procedure is slow
1558 and previous errors are misleading */
1559 const uint32_t pgnum = (off / PROGRESS_CHUNK_SIZE)+1;
1560 const uint32_t pgcount = len / PROGRESS_CHUNK_SIZE +1;
1561 fprintf(stdout, "Writing %ukB chunk %u out of %u\n",
1562 PROGRESS_CHUNK_SIZE/1024, pgnum, pgcount);
1566 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1567 stlink_write_debug32(sl, addr + off, data);
1569 /* wait for sr.busy to be cleared */
1570 wait_flash_busy(sl);
1577 #if 0 /* todo: debug mode */
1578 fprintf(stdout, "Final CR:0x%x\n", read_flash_cr(sl));
1583 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1584 || sl->chip_id == STM32_CHIPID_L1_HIGH ) {
1585 /* use fast word write. todo: half page. */
1588 #if 0 /* todo: check write operation */
1590 uint32_t nwrites = sl->flash_pgsz;
1594 #endif /* todo: check write operation */
1596 /* disable pecr protection */
1597 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
1598 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
1600 /* check pecr.pelock is cleared */
1601 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1602 if (val & (1 << 0)) {
1603 fprintf(stderr, "pecr.pelock not clear\n");
1607 /* unlock program memory */
1608 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
1609 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
1611 /* check pecr.prglock is cleared */
1612 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1613 if (val & (1 << 1)) {
1614 fprintf(stderr, "pecr.prglock not clear\n");
1618 if (len > L1_WRITE_BLOCK_SIZE) {
1619 if (stm32l1_write_half_pages(sl, addr, base, len/L1_WRITE_BLOCK_SIZE) == -1) {
1620 /* This may happen on a blank device! */
1621 WLOG("\nwrite_half_pages failed == -1\n");
1623 off = (len /L1_WRITE_BLOCK_SIZE)*L1_WRITE_BLOCK_SIZE;
1627 /* write remainingword in program memory */
1628 for ( ; off < len; off += sizeof(uint32_t)) {
1631 fprintf(stdout, "\r");
1633 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1634 fprintf(stdout, "\r%3zd/%3zd pages written",
1635 off/sl->flash_pgsz, len/sl->flash_pgsz);
1639 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1640 stlink_write_debug32(sl, addr + off, data);
1642 /* wait for sr.busy to be cleared */
1643 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1646 #if 0 /* todo: check redo write operation */
1648 /* check written bytes. todo: should be on a per page basis. */
1649 data = stlink_read_debug32(sl, addr + off);
1650 if (data == *(uint32_t*)(base + off)) {
1651 /* re erase the page and redo the write operation */
1655 /* fail if successive write count too low */
1656 if (nwrites < sl->flash_pgsz) {
1657 fprintf(stderr, "writes operation failure count too high, aborting\n");
1663 /* assume addr aligned */
1664 if (off % sl->flash_pgsz) off &= ~(sl->flash_pgsz - 1);
1667 fprintf(stderr, "invalid write @0x%x(0x%x): 0x%x != 0x%x. retrying.\n",
1668 page, addr + off, read_uint32(base + off, 0), read_uint32(sl->q_buf, 0));
1670 /* reset lock bits */
1671 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1672 | (1 << 0) | (1 << 1) | (1 << 2);
1673 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1675 stlink_erase_flash_page(sl, page);
1680 /* increment successive writes counter */
1683 #endif /* todo: check redo write operation */
1685 fprintf(stdout, "\n");
1686 /* reset lock bits */
1687 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1688 | (1 << 0) | (1 << 1) | (1 << 2);
1689 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1690 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1691 ILOG("Starting Flash write for VL/F0 core id\n");
1692 /* flash loader initialization */
1693 if (init_flash_loader(sl, &fl) == -1) {
1694 ELOG("init_flash_loader() == -1\n");
1698 int write_block_count = 0;
1699 for (off = 0; off < len; off += sl->flash_pgsz) {
1700 /* adjust last write size */
1701 size_t size = sl->flash_pgsz;
1702 if ((off + sl->flash_pgsz) > len) size = len - off;
1704 /* unlock and set programming mode */
1705 unlock_flash_if(sl);
1706 set_flash_cr_pg(sl);
1707 //DLOG("Finished setting flash cr pg, running loader!\n");
1708 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1709 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1713 if (sl->verbose >= 1) {
1714 /* show progress. writing procedure is slow
1715 and previous errors are misleading */
1716 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
1720 fprintf(stdout, "\n");
1722 ELOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1726 return stlink_verify_write_flash(sl, addr, base, len);
1730 * Write the given binary file into flash at address "addr"
1732 * @param path readable file path, should be binary image
1733 * @param addr where to start writing
1734 * @return 0 on success, -ve on failure.
1736 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1737 /* write the file in flash at addr */
1739 unsigned int num_empty = 0, index;
1740 unsigned char erased_pattern =(sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1741 || sl->chip_id == STM32_CHIPID_L1_HIGH )?0:0xff;
1742 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1743 if (map_file(&mf, path) == -1) {
1744 ELOG("map_file() == -1\n");
1747 for(index = 0; index < mf.len; index ++) {
1748 if (mf.base[index] == erased_pattern)
1753 if(num_empty != 0) {
1754 ILOG("Ignoring %d bytes of Zeros at end of file\n",num_empty);
1755 mf.len -= num_empty;
1757 err = stlink_write_flash(sl, addr, mf.base, mf.len);
1759 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1760 /* Set PC to the reset routine*/
1761 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1767 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
1771 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
1772 // FIXME This can never return -1
1773 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
1775 ELOG("write_buffer_to_sram() == -1\n");
1779 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1780 || sl->chip_id == STM32_CHIPID_L1_HIGH ) {
1782 size_t count = size / sizeof(uint32_t);
1783 if (size % sizeof(uint32_t)) ++count;
1786 stlink_write_reg(sl, target, 0); /* target */
1787 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
1788 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1789 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1791 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1793 size_t count = size / sizeof(uint16_t);
1794 if (size % sizeof(uint16_t)) ++count;
1797 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1798 stlink_write_reg(sl, target, 1); /* target */
1799 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
1800 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
1801 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1803 } else if (sl->chip_id == STM32_CHIPID_F2 ||
1804 sl->chip_id == STM32_CHIPID_F4 || sl->chip_id == STM32_CHIPID_F4_LP) {
1806 size_t count = size / sizeof(uint32_t);
1807 if (size % sizeof(uint32_t)) ++count;
1810 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1811 stlink_write_reg(sl, target, 1); /* target */
1812 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1813 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1816 fprintf(stderr, "unknown coreid 0x%x, don't know what flash loader to use\n", sl->core_id);
1823 #define WAIT_ROUNDS 10000
1824 /* wait until done (reaches breakpoint) */
1825 for (i = 0; i < WAIT_ROUNDS; i++) {
1827 if (is_core_halted(sl))
1831 if (i >= WAIT_ROUNDS) {
1832 ELOG("flash loader run error\n");
1836 /* check written byte count */
1837 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1838 || sl->chip_id == STM32_CHIPID_L1_HIGH ) {
1840 size_t count = size / sizeof(uint32_t);
1841 if (size % sizeof(uint32_t)) ++count;
1843 stlink_read_reg(sl, 3, &rr);
1844 if (rr.r[3] != count) {
1845 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
1849 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1851 stlink_read_reg(sl, 2, &rr);
1853 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1857 } else if (sl->chip_id == STM32_CHIPID_F2 ||
1858 sl->chip_id == STM32_CHIPID_F4 || sl->chip_id == STM32_CHIPID_F4_LP) {
1860 stlink_read_reg(sl, 2, &rr);
1862 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1868 fprintf(stderr, "unknown coreid 0x%x, can't check written byte count\n", sl->core_id);
projects / fw / stlink / blob