10 #include <sys/types.h>
14 #include "stlink-common.h"
15 #include "uglylogging.h"
22 #define LOG_TAG __FILE__
23 #define DLOG(format, args...) ugly_log(UDEBUG, LOG_TAG, format, ## args)
24 #define ILOG(format, args...) ugly_log(UINFO, LOG_TAG, format, ## args)
25 #define WLOG(format, args...) ugly_log(UWARN, LOG_TAG, format, ## args)
26 #define ELOG(format, args...) ugly_log(UERROR, LOG_TAG, format, ## args)
27 #define fatal(format, args...) ugly_log(UFATAL, LOG_TAG, format, ## args)
29 /* todo: stm32l15xxx flash memory, pm0062 manual */
31 /* stm32f FPEC flash controller interface, pm0063 manual */
32 // TODO - all of this needs to be abstracted out....
33 // STM32F05x is identical, based on RM0091 (DM00031936, Doc ID 018940 Rev 2, August 2012)
34 #define FLASH_REGS_ADDR 0x40022000
35 #define FLASH_REGS_SIZE 0x28
37 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
38 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
39 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
40 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
41 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
42 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
43 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
45 // For STM32F05x, the RDPTR_KEY may be wrong, but as it is not used anywhere...
46 #define FLASH_RDPTR_KEY 0x00a5
47 #define FLASH_KEY1 0x45670123
48 #define FLASH_KEY2 0xcdef89ab
50 #define FLASH_SR_BSY 0
51 #define FLASH_SR_EOP 5
54 #define FLASH_CR_PER 1
55 #define FLASH_CR_MER 2
56 #define FLASH_CR_STRT 6
57 #define FLASH_CR_LOCK 7
60 //32L = 32F1 same CoreID as 32F4!
61 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
62 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
63 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
64 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
65 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
66 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
67 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
68 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
69 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
70 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
71 #define FLASH_L1_FPRG 10
72 #define FLASH_L1_PROG 3
76 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
77 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
78 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
79 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
80 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
81 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
82 #define FLASH_F4_CR_STRT 16
83 #define FLASH_F4_CR_LOCK 31
84 #define FLASH_F4_CR_SER 1
85 #define FLASH_F4_CR_SNB 3
86 #define FLASH_F4_CR_SNB_MASK 0x38
87 #define FLASH_F4_SR_BSY 16
90 void write_uint32(unsigned char* buf, uint32_t ui) {
91 if (!is_bigendian()) { // le -> le (don't swap)
92 buf[0] = ((unsigned char*) &ui)[0];
93 buf[1] = ((unsigned char*) &ui)[1];
94 buf[2] = ((unsigned char*) &ui)[2];
95 buf[3] = ((unsigned char*) &ui)[3];
97 buf[0] = ((unsigned char*) &ui)[3];
98 buf[1] = ((unsigned char*) &ui)[2];
99 buf[2] = ((unsigned char*) &ui)[1];
100 buf[3] = ((unsigned char*) &ui)[0];
104 void write_uint16(unsigned char* buf, uint16_t ui) {
105 if (!is_bigendian()) { // le -> le (don't swap)
106 buf[0] = ((unsigned char*) &ui)[0];
107 buf[1] = ((unsigned char*) &ui)[1];
109 buf[0] = ((unsigned char*) &ui)[1];
110 buf[1] = ((unsigned char*) &ui)[0];
114 uint32_t read_uint32(const unsigned char *c, const int pt) {
116 char *p = (char *) &ui;
118 if (!is_bigendian()) { // le -> le (don't swap)
132 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
133 return stlink_read_debug32(sl, FLASH_WRPR) & 0xff;
136 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
137 return stlink_read_debug32(sl, FLASH_WRPR);
140 static inline uint32_t read_flash_obr(stlink_t *sl) {
141 return stlink_read_debug32(sl, FLASH_OBR);
144 static inline uint32_t read_flash_cr(stlink_t *sl) {
146 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
147 res = stlink_read_debug32(sl, FLASH_F4_CR);
149 res = stlink_read_debug32(sl, FLASH_CR);
151 fprintf(stdout, "CR:0x%x\n", res);
156 static inline unsigned int is_flash_locked(stlink_t *sl) {
157 /* return non zero for true */
158 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
159 return read_flash_cr(sl) & (1 << FLASH_F4_CR_LOCK);
161 return read_flash_cr(sl) & (1 << FLASH_CR_LOCK);
164 static void unlock_flash(stlink_t *sl) {
165 /* the unlock sequence consists of 2 write cycles where
166 2 key values are written to the FLASH_KEYR register.
167 an invalid sequence results in a definitive lock of
168 the FPEC block until next reset.
170 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
171 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
172 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
174 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
175 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
180 static int unlock_flash_if(stlink_t *sl) {
181 /* unlock flash if already locked */
183 if (is_flash_locked(sl)) {
185 if (is_flash_locked(sl)) {
186 WLOG("Failed to unlock flash!\n");
190 DLOG("Successfully unlocked flash\n");
194 static void lock_flash(stlink_t *sl) {
195 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
196 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
197 stlink_write_debug32(sl, FLASH_F4_CR, n);
199 /* write to 1 only. reset by hw at unlock sequence */
200 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
201 stlink_write_debug32(sl, FLASH_CR, n);
206 static void set_flash_cr_pg(stlink_t *sl) {
207 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
208 uint32_t x = read_flash_cr(sl);
209 x |= (1 << FLASH_CR_PG);
210 stlink_write_debug32(sl, FLASH_F4_CR, x);
212 const uint32_t n = 1 << FLASH_CR_PG;
213 stlink_write_debug32(sl, FLASH_CR, n);
217 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
218 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
219 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
220 stlink_write_debug32(sl, FLASH_F4_CR, n);
222 stlink_write_debug32(sl, FLASH_CR, n);
225 static void set_flash_cr_per(stlink_t *sl) {
226 const uint32_t n = 1 << FLASH_CR_PER;
227 stlink_write_debug32(sl, FLASH_CR, n);
230 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
231 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
232 stlink_write_debug32(sl, FLASH_CR, n);
235 static void set_flash_cr_mer(stlink_t *sl) {
236 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
237 stlink_write_debug32(sl, FLASH_F4_CR,
238 stlink_read_debug32(sl, FLASH_F4_CR) | (1 << FLASH_CR_MER));
240 stlink_write_debug32(sl, FLASH_CR,
241 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_MER));
244 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
245 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
246 stlink_write_debug32(sl, FLASH_F4_CR,
247 stlink_read_debug32(sl, FLASH_F4_CR) & ~(1 << FLASH_CR_MER));
249 stlink_write_debug32(sl, FLASH_CR,
250 stlink_read_debug32(sl, FLASH_CR) & ~(1 << FLASH_CR_MER));
253 static void set_flash_cr_strt(stlink_t *sl) {
254 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
255 uint32_t x = read_flash_cr(sl);
256 x |= (1 << FLASH_F4_CR_STRT);
257 stlink_write_debug32(sl, FLASH_F4_CR, x);
259 stlink_write_debug32(sl, FLASH_CR,
260 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_STRT) );
264 static inline uint32_t read_flash_acr(stlink_t *sl) {
265 return stlink_read_debug32(sl, FLASH_ACR);
268 static inline uint32_t read_flash_sr(stlink_t *sl) {
270 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
271 res = stlink_read_debug32(sl, FLASH_F4_SR);
273 res = stlink_read_debug32(sl, FLASH_SR);
274 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
278 static inline unsigned int is_flash_busy(stlink_t *sl) {
279 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
280 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
282 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
285 static void wait_flash_busy(stlink_t *sl) {
286 /* todo: add some delays here */
287 while (is_flash_busy(sl))
291 static void wait_flash_busy_progress(stlink_t *sl) {
293 fprintf(stdout, "Mass erasing");
295 while (is_flash_busy(sl)) {
299 fprintf(stdout, ".");
303 fprintf(stdout, "\n");
306 static inline unsigned int is_flash_eop(stlink_t *sl) {
307 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
310 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
311 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
312 stlink_write_debug32(sl, FLASH_SR, n);
315 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
316 /* todo: add some delays here */
317 while (is_flash_eop(sl) == 0)
321 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
322 stlink_write_debug32(sl, FLASH_AR, n);
325 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
326 uint32_t x = read_flash_cr(sl);
330 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
332 stlink_write_debug32(sl, FLASH_F4_CR, x);
336 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
337 uint32_t x = read_flash_cr(sl);
338 x &= ~FLASH_F4_CR_SNB_MASK;
339 x |= (n << FLASH_F4_CR_SNB);
340 x |= (1 << FLASH_F4_CR_SER);
342 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
344 stlink_write_debug32(sl, FLASH_F4_CR, x);
349 static void disable_flash_read_protection(stlink_t *sl) {
350 /* erase the option byte area */
357 // Delegates to the backends...
359 void stlink_close(stlink_t *sl) {
360 DLOG("*** stlink_close ***\n");
361 sl->backend->close(sl);
365 void stlink_exit_debug_mode(stlink_t *sl) {
366 DLOG("*** stlink_exit_debug_mode ***\n");
367 stlink_write_debug32(sl, DHCSR, DBGKEY);
368 sl->backend->exit_debug_mode(sl);
371 void stlink_enter_swd_mode(stlink_t *sl) {
372 DLOG("*** stlink_enter_swd_mode ***\n");
373 sl->backend->enter_swd_mode(sl);
376 // Force the core into the debug mode -> halted state.
377 void stlink_force_debug(stlink_t *sl) {
378 DLOG("*** stlink_force_debug_mode ***\n");
379 sl->backend->force_debug(sl);
382 void stlink_exit_dfu_mode(stlink_t *sl) {
383 DLOG("*** stlink_exit_dfu_mode ***\n");
384 sl->backend->exit_dfu_mode(sl);
387 uint32_t stlink_core_id(stlink_t *sl) {
388 DLOG("*** stlink_core_id ***\n");
389 sl->backend->core_id(sl);
391 stlink_print_data(sl);
392 DLOG("core_id = 0x%08x\n", sl->core_id);
396 uint32_t stlink_chip_id(stlink_t *sl) {
397 uint32_t chip_id = stlink_read_debug32(sl, 0xE0042000);
398 if (chip_id == 0) chip_id = stlink_read_debug32(sl, 0x40015800); //Try Corex M0 DBGMCU_IDCODE register address
403 * Cortex m3 tech ref manual, CPUID register description
404 * @param sl stlink context
405 * @param cpuid pointer to the result object
407 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
408 uint32_t raw = stlink_read_debug32(sl, CM3_REG_CPUID);
409 cpuid->implementer_id = (raw >> 24) & 0x7f;
410 cpuid->variant = (raw >> 20) & 0xf;
411 cpuid->part = (raw >> 4) & 0xfff;
412 cpuid->revision = raw & 0xf;
417 * reads and decodes the flash parameters, as dynamically as possible
419 * @return 0 for success, or -1 for unsupported core type.
421 int stlink_load_device_params(stlink_t *sl) {
422 ILOG("Loading device parameters....\n");
423 const chip_params_t *params = NULL;
424 sl->core_id = stlink_core_id(sl);
425 uint32_t chip_id = stlink_chip_id(sl);
427 sl->chip_id = chip_id & 0xfff;
428 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
429 if (sl->chip_id == 0x411) {
430 uint32_t cpuid = stlink_read_debug32(sl, 0xE000ED00);
431 if ((cpuid & 0xfff0) == 0xc240)
435 for (size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
436 if(devices[i].chip_id == sl->chip_id) {
437 params = &devices[i];
441 if (params == NULL) {
442 WLOG("unknown chip id! %#x\n", chip_id);
446 // These are fixed...
447 sl->flash_base = STM32_FLASH_BASE;
448 sl->sram_base = STM32_SRAM_BASE;
450 // read flash size from hardware, if possible...
451 if (sl->chip_id == STM32_CHIPID_F2) {
452 sl->flash_size = 0x100000; /* Use maximum, User must care!*/
453 } else if (sl->chip_id == STM32_CHIPID_F4) {
454 sl->flash_size = 0x100000; //todo: RM0090 error; size register same address as unique ID
455 } else if ((sl->chip_id & 0xFFF) == STM32_CHIPID_L1_MEDIUM_PLUS) {
456 uint32_t flash_size = stlink_read_debug32(sl, params->flash_size_reg) & 0x1;
457 // 0 is 384k and 1 is 256k
458 if ( flash_size == 0 ) {
459 sl->flash_size = 384 * 1024;
461 sl->flash_size = 256 * 1024;
464 uint32_t flash_size = stlink_read_debug32(sl, params->flash_size_reg) & 0xffff;
465 sl->flash_size = flash_size * 1024;
467 sl->flash_pgsz = params->flash_pagesize;
468 sl->sram_size = params->sram_size;
469 sl->sys_base = params->bootrom_base;
470 sl->sys_size = params->bootrom_size;
472 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
473 // TODO make note of variable page size here.....
474 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
475 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
480 void stlink_reset(stlink_t *sl) {
481 DLOG("*** stlink_reset ***\n");
482 sl->backend->reset(sl);
485 void stlink_jtag_reset(stlink_t *sl, int value) {
486 DLOG("*** stlink_jtag_reset ***\n");
487 sl->backend->jtag_reset(sl, value);
490 void stlink_run(stlink_t *sl) {
491 DLOG("*** stlink_run ***\n");
492 sl->backend->run(sl);
495 void stlink_status(stlink_t *sl) {
496 DLOG("*** stlink_status ***\n");
497 sl->backend->status(sl);
498 stlink_core_stat(sl);
502 * Decode the version bits, originally from -sg, verified with usb
503 * @param sl stlink context, assumed to contain valid data in the buffer
504 * @param slv output parsed version object
506 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
507 uint32_t b0 = sl->q_buf[0]; //lsb
508 uint32_t b1 = sl->q_buf[1];
509 uint32_t b2 = sl->q_buf[2];
510 uint32_t b3 = sl->q_buf[3];
511 uint32_t b4 = sl->q_buf[4];
512 uint32_t b5 = sl->q_buf[5]; //msb
514 // b0 b1 || b2 b3 | b4 b5
515 // 4b | 6b | 6b || 2B | 2B
516 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
518 slv->stlink_v = (b0 & 0xf0) >> 4;
519 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
520 slv->swim_v = b1 & 0x3f;
521 slv->st_vid = (b3 << 8) | b2;
522 slv->stlink_pid = (b5 << 8) | b4;
526 void stlink_version(stlink_t *sl) {
527 DLOG("*** looking up stlink version\n");
528 sl->backend->version(sl);
529 _parse_version(sl, &sl->version);
531 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
532 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
533 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
534 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
535 DLOG("swim version = 0x%x\n", sl->version.swim_v);
536 if (sl->version.jtag_v == 0) {
537 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
539 if (sl->version.swim_v == 0) {
540 DLOG(" notice: the firmware doesn't support a swim interface\n");
544 uint32_t stlink_read_debug32(stlink_t *sl, uint32_t addr) {
545 uint32_t data = sl->backend->read_debug32(sl, addr);
546 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
550 void stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
551 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
552 sl->backend->write_debug32(sl, addr, data);
555 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
556 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
558 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
561 sl->backend->write_mem32(sl, addr, len);
564 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
565 DLOG("*** stlink_read_mem32 ***\n");
566 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
567 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
571 sl->backend->read_mem32(sl, addr, len);
574 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
575 DLOG("*** stlink_write_mem8 ***\n");
576 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
577 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
581 sl->backend->write_mem8(sl, addr, len);
584 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
585 DLOG("*** stlink_read_all_regs ***\n");
586 sl->backend->read_all_regs(sl, regp);
589 void stlink_read_all_unsupported_regs(stlink_t *sl, reg *regp) {
590 DLOG("*** stlink_read_all_unsupported_regs ***\n");
591 sl->backend->read_all_unsupported_regs(sl, regp);
594 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
595 DLOG("*** stlink_write_reg\n");
596 sl->backend->write_reg(sl, reg, idx);
599 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
600 DLOG("*** stlink_read_reg\n");
601 DLOG(" (%d) ***\n", r_idx);
603 if (r_idx > 20 || r_idx < 0) {
604 fprintf(stderr, "Error: register index must be in [0..20]\n");
608 sl->backend->read_reg(sl, r_idx, regp);
611 void stlink_read_unsupported_reg(stlink_t *sl, int r_idx, reg *regp) {
614 DLOG("*** stlink_read_unsupported_reg\n");
615 DLOG(" (%d) ***\n", r_idx);
617 /* Convert to values used by DCRSR */
618 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
620 } else if (r_idx == 0x40) { /* FPSCR */
622 } else if (r_idx >= 0x20 && r_idx < 0x40) {
623 r_convert = 0x40 + (r_idx - 0x20);
625 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
629 sl->backend->read_unsupported_reg(sl, r_convert, regp);
632 void stlink_write_unsupported_reg(stlink_t *sl, uint32_t val, int r_idx, reg *regp) {
635 DLOG("*** stlink_write_unsupported_reg\n");
636 DLOG(" (%d) ***\n", r_idx);
638 /* Convert to values used by DCRSR */
639 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
640 r_convert = r_idx; /* The backend function handles this */
641 } else if (r_idx == 0x40) { /* FPSCR */
643 } else if (r_idx >= 0x20 && r_idx < 0x40) {
644 r_convert = 0x40 + (r_idx - 0x20);
646 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
650 sl->backend->write_unsupported_reg(sl, val, r_convert, regp);
653 unsigned int is_core_halted(stlink_t *sl) {
654 /* return non zero if core is halted */
656 return sl->q_buf[0] == STLINK_CORE_HALTED;
659 void stlink_step(stlink_t *sl) {
660 DLOG("*** stlink_step ***\n");
661 sl->backend->step(sl);
664 int stlink_current_mode(stlink_t *sl) {
665 int mode = sl->backend->current_mode(sl);
667 case STLINK_DEV_DFU_MODE:
668 DLOG("stlink current mode: dfu\n");
670 case STLINK_DEV_DEBUG_MODE:
671 DLOG("stlink current mode: debug (jtag or swd)\n");
673 case STLINK_DEV_MASS_MODE:
674 DLOG("stlink current mode: mass\n");
677 DLOG("stlink mode: unknown!\n");
678 return STLINK_DEV_UNKNOWN_MODE;
684 // End of delegates.... Common code below here...
687 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
689 // #define is_bigendian() ( (*(char*)&i) == 0 )
691 inline unsigned int is_bigendian(void) {
692 static volatile const unsigned int i = 1;
693 return *(volatile const char*) &i == 0;
696 uint16_t read_uint16(const unsigned char *c, const int pt) {
698 char *p = (char *) &ui;
700 if (!is_bigendian()) { // le -> le (don't swap)
710 // same as above with entrypoint.
712 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
713 stlink_write_reg(sl, addr, 15); /* pc register */
717 while (is_core_halted(sl) == 0)
721 void stlink_core_stat(stlink_t *sl) {
725 switch (sl->q_buf[0]) {
726 case STLINK_CORE_RUNNING:
727 sl->core_stat = STLINK_CORE_RUNNING;
728 DLOG(" core status: running\n");
730 case STLINK_CORE_HALTED:
731 sl->core_stat = STLINK_CORE_HALTED;
732 DLOG(" core status: halted\n");
735 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
736 fprintf(stderr, " core status: unknown\n");
740 void stlink_print_data(stlink_t * sl) {
741 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
744 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
746 for (int i = 0; i < sl->q_len; i++) {
749 if (sl->q_data_dir == Q_DATA_OUT)
750 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
752 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
755 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
757 fputs("\n\n", stdout);
760 /* memory mapped file */
762 typedef struct mapped_file {
767 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
769 static int map_file(mapped_file_t* mf, const char* path) {
773 const int fd = open(path, O_RDONLY | O_BINARY);
775 fprintf(stderr, "open(%s) == -1\n", path);
779 if (fstat(fd, &st) == -1) {
780 fprintf(stderr, "fstat() == -1\n");
784 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
785 if (mf->base == MAP_FAILED) {
786 fprintf(stderr, "mmap() == MAP_FAILED\n");
790 mf->len = st.st_size;
801 static void unmap_file(mapped_file_t * mf) {
802 munmap((void*) mf->base, mf->len);
803 mf->base = (unsigned char*) MAP_FAILED;
807 /* Limit the block size to compare to 0x1800
808 Anything larger will stall the STLINK2
809 Maybe STLINK V1 needs smaller value!*/
810 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
812 size_t n_cmp = sl->flash_pgsz;
816 for (off = 0; off < mf->len; off += n_cmp) {
819 /* adjust last page size */
820 size_t cmp_size = n_cmp;
821 if ((off + n_cmp) > mf->len)
822 cmp_size = mf->len - off;
824 aligned_size = cmp_size;
825 if (aligned_size & (4 - 1))
826 aligned_size = (cmp_size + 4) & ~(4 - 1);
828 stlink_read_mem32(sl, addr + off, aligned_size);
830 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
837 int stlink_fwrite_sram
838 (stlink_t * sl, const char* path, stm32_addr_t addr) {
839 /* write the file in sram at addr */
843 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
846 if (map_file(&mf, path) == -1) {
847 fprintf(stderr, "map_file() == -1\n");
851 /* check addr range is inside the sram */
852 if (addr < sl->sram_base) {
853 fprintf(stderr, "addr too low\n");
855 } else if ((addr + mf.len) < addr) {
856 fprintf(stderr, "addr overruns\n");
858 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
859 fprintf(stderr, "addr too high\n");
861 } else if ((addr & 3) || (mf.len & 3)) {
863 fprintf(stderr, "unaligned addr or size\n");
866 /* do the copy by 1k blocks */
867 for (off = 0; off < mf.len; off += 1024) {
869 if ((off + size) > mf.len)
872 memcpy(sl->q_buf, mf.base + off, size);
874 /* round size if needed */
878 stlink_write_mem32(sl, addr + off, size);
881 /* check the file ha been written */
882 if (check_file(sl, &mf, addr) == -1) {
883 fprintf(stderr, "check_file() == -1\n");
890 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
891 /* Set PC to the reset routine*/
892 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
900 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
901 /* read size bytes from addr to file */
906 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS)?0:0xff;
908 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
910 fprintf(stderr, "open(%s) == -1\n", path);
915 size = sl->flash_size;
917 if (size > sl->flash_size)
918 size = sl->flash_size;
920 /* do the copy by 1k blocks */
921 for (off = 0; off < size; off += 1024) {
922 size_t read_size = 1024;
925 if ((off + read_size) > size)
926 read_size = size - off;
928 /* round size if needed */
929 rounded_size = read_size;
930 if (rounded_size & 3)
931 rounded_size = (rounded_size + 4) & ~(3);
933 stlink_read_mem32(sl, addr + off, rounded_size);
935 for(index = 0; index < read_size; index ++) {
936 if (sl->q_buf[index] == erased_pattern)
941 if (write(fd, sl->q_buf, read_size) != (ssize_t) read_size) {
942 fprintf(stderr, "write() != read_size\n");
947 /* Ignore NULL Bytes at end of file */
948 if (!ftruncate(fd, size - num_empty)) {
961 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
962 /* write the buffer right after the loader */
963 size_t chunk = size & ~0x3;
964 size_t rem = size & 0x3;
966 memcpy(sl->q_buf, buf, chunk);
967 stlink_write_mem32(sl, fl->buf_addr, chunk);
970 memcpy(sl->q_buf, buf+chunk, rem);
971 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
976 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
977 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
978 if (flashaddr<0x4000) return (0);
979 else if(flashaddr<0x8000) return(1);
980 else if(flashaddr<0xc000) return(2);
981 else if(flashaddr<0x10000) return(3);
982 else if(flashaddr<0x20000) return(4);
983 else return(flashaddr/0x20000)+4;
987 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
988 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
989 uint32_t sector=calculate_F4_sectornum(flashaddr);
990 if (sector<4) sl->flash_pgsz=0x4000;
991 else if(sector<5) sl->flash_pgsz=0x10000;
992 else sl->flash_pgsz=0x20000;
994 return (sl->flash_pgsz);
998 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
999 * @param sl stlink context
1000 * @param flashaddr an address in the flash page to erase
1001 * @return 0 on success -ve on failure
1003 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
1005 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
1006 /* wait for ongoing op to finish */
1007 wait_flash_busy(sl);
1009 /* unlock if locked */
1010 unlock_flash_if(sl);
1012 /* select the page to erase */
1013 // calculate the actual page from the address
1014 uint32_t sector=calculate_F4_sectornum(flashaddr);
1016 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1017 write_flash_cr_snb(sl, sector);
1019 /* start erase operation */
1020 set_flash_cr_strt(sl);
1022 /* wait for completion */
1023 wait_flash_busy(sl);
1025 /* relock the flash */
1026 //todo: fails to program if this is in
1029 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
1031 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) {
1035 /* check if the locks are set */
1036 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1037 if((val & (1<<0))||(val & (1<<1))) {
1038 /* disable pecr protection */
1039 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
1040 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
1042 /* check pecr.pelock is cleared */
1043 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1044 if (val & (1 << 0)) {
1045 WLOG("pecr.pelock not clear (%#x)\n", val);
1049 /* unlock program memory */
1050 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
1051 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
1053 /* check pecr.prglock is cleared */
1054 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1055 if (val & (1 << 1)) {
1056 WLOG("pecr.prglock not clear (%#x)\n", val);
1061 /* unused: unlock the option byte block */
1063 stlink_write_debug32(sl, STM32L_FLASH_OPTKEYR, 0xfbead9c8);
1064 stlink_write_debug32(sl, STM32L_FLASH_OPTKEYR, 0x24252627);
1066 /* check pecr.optlock is cleared */
1067 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1068 if (val & (1 << 2)) {
1069 fprintf(stderr, "pecr.prglock not clear\n");
1074 /* set pecr.{erase,prog} */
1075 val |= (1 << 9) | (1 << 3);
1076 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1078 #if 0 /* fix_to_be_confirmed */
1080 /* wait for sr.busy to be cleared
1081 MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1082 wrong and we do not need to wait here for clearing the busy bit.
1083 TEXANE: ok, if experience says so and it works for you, we comment
1084 it. If someone has a problem, please drop an email.
1086 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1089 #endif /* fix_to_be_confirmed */
1091 /* write 0 to the first word of the page to be erased */
1092 stlink_write_debug32(sl, flashaddr, 0);
1094 /* MP: It is better to wait for clearing the busy bit after issuing
1095 page erase command, even though PM0062 recommends to wait before it.
1096 Test shows that a few iterations is performed in the following loop
1097 before busy bit is cleared.*/
1098 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1101 /* reset lock bits */
1102 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1103 | (1 << 0) | (1 << 1) | (1 << 2);
1104 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1105 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1106 /* wait for ongoing op to finish */
1107 wait_flash_busy(sl);
1109 /* unlock if locked */
1110 unlock_flash_if(sl);
1112 /* set the page erase bit */
1113 set_flash_cr_per(sl);
1115 /* select the page to erase */
1116 write_flash_ar(sl, flashaddr);
1118 /* start erase operation, reset by hw with bsy bit */
1119 set_flash_cr_strt(sl);
1121 /* wait for completion */
1122 wait_flash_busy(sl);
1124 /* relock the flash */
1127 WLOG("unknown coreid %x, page erase failed\n", sl->core_id);
1131 /* todo: verify the erased page */
1136 int stlink_erase_flash_mass(stlink_t *sl) {
1137 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS ) {
1138 /* erase each page */
1139 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1140 for (i = 0; i < num_pages; i++) {
1141 /* addr must be an addr inside the page */
1142 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1143 if (stlink_erase_flash_page(sl, addr) == -1) {
1144 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1147 fprintf(stdout,"\rFlash page at %5d/%5d erased", i, num_pages);
1150 fprintf(stdout, "\n");
1152 /* wait for ongoing op to finish */
1153 wait_flash_busy(sl);
1155 /* unlock if locked */
1156 unlock_flash_if(sl);
1158 /* set the mass erase bit */
1159 set_flash_cr_mer(sl);
1161 /* start erase operation, reset by hw with bsy bit */
1162 set_flash_cr_strt(sl);
1164 /* wait for completion */
1165 wait_flash_busy_progress(sl);
1167 /* relock the flash */
1170 /* todo: verify the erased memory */
1175 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1178 /* allocate the loader in sram */
1179 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1180 WLOG("Failed to write flash loader to sram!\n");
1184 /* allocate a one page buffer in sram right after loader */
1185 fl->buf_addr = fl->loader_addr + size;
1186 ILOG("Successfully loaded flash loader in sram\n");
1190 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1191 /* from openocd, contrib/loaders/flash/stm32.s */
1192 static const uint8_t loader_code_stm32vl[] = {
1193 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1194 0x1c, 0x44, /* add r4, r3 */
1195 /* write_half_word: */
1196 0x01, 0x23, /* movs r3, #0x01 */
1197 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1198 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1199 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1201 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1202 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1203 0xfb, 0xd0, /* beq busy */
1204 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1205 0x01, 0xd1, /* bne exit */
1206 0x01, 0x3a, /* subs r2, r2, #0x01 */
1207 0xf0, 0xd1, /* bne write_half_word */
1209 0x00, 0xbe, /* bkpt #0x00 */
1210 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1213 /* flashloaders/stm32f0.s -- thumb1 only, same sequence as for STM32VL, bank ignored */
1214 static const uint8_t loader_code_stm32f0[] = {
1217 * These two NOPs here are a safety precaution, added by Pekka Nikander
1218 * while debugging the STM32F05x support. They may not be needed, but
1219 * there were strange problems with simpler programs, like a program
1220 * that had just a breakpoint or a program that first moved zero to register r2
1221 * and then had a breakpoint. So, it appears safest to have these two nops.
1223 * Feel free to remove them, if you dare, but then please do test the result
1224 * rigorously. Also, if you remove these, it may be a good idea first to
1225 * #if 0 them out, with a comment when these were taken out, and to remove
1226 * these only a few months later... But YMMV.
1228 0x00, 0x30, // nop /* add r0,#0 */
1229 0x00, 0x30, // nop /* add r0,#0 */
1231 0x0A, 0x4C, // ldr r4, STM32_FLASH_BASE
1232 0x01, 0x25, // mov r5, #1 /* FLASH_CR_PG, FLASH_SR_BUSY */
1233 0x04, 0x26, // mov r6, #4 /* PGERR */
1235 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1236 0x2B, 0x43, // orr r3, r5
1237 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR |= FLASH_CR_PG */
1238 0x03, 0x88, // ldrh r3, [r0] /* r3 = *sram */
1239 0x0B, 0x80, // strh r3, [r1] /* *flash = r3 */
1241 0xE3, 0x68, // ldr r3, [r4, #12] /* FLASH->SR */
1242 0x2B, 0x42, // tst r3, r5 /* FLASH_SR_BUSY */
1243 0xFC, 0xD0, // beq busy
1245 0x33, 0x42, // tst r3, r6 /* PGERR */
1246 0x04, 0xD1, // bne exit
1248 0x02, 0x30, // add r0, r0, #2 /* sram += 2 */
1249 0x02, 0x31, // add r1, r1, #2 /* flash += 2 */
1250 0x01, 0x3A, // sub r2, r2, #0x01 /* count-- */
1251 0x00, 0x2A, // cmp r2, #0
1252 0xF0, 0xD1, // bne write_half_word
1254 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1255 0xAB, 0x43, // bic r3, r5
1256 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR &= ~FLASH_CR_PG */
1257 0x00, 0xBE, // bkpt #0x00
1258 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1261 static const uint8_t loader_code_stm32l[] = {
1263 /* openocd.git/contrib/loaders/flash/stm32lx.S
1264 r0, input, dest addr
1265 r1, input, source addr
1266 r2, input, word count
1267 r3, output, word count
1273 0x51, 0xf8, 0x04, 0xcb,
1274 0x40, 0xf8, 0x04, 0xcb,
1282 static const uint8_t loader_code_stm32f4[] = {
1283 // flashloaders/stm32f4.s
1292 0x14, 0xf0, 0x01, 0x0f,
1294 0x00, 0xf1, 0x04, 0x00,
1295 0x01, 0xf1, 0x04, 0x01,
1296 0xa2, 0xf1, 0x01, 0x02,
1301 0x00, 0x3c, 0x02, 0x40,
1304 const uint8_t* loader_code;
1307 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS ) { /* stm32l */
1308 loader_code = loader_code_stm32l;
1309 loader_size = sizeof(loader_code_stm32l);
1310 } else if (sl->core_id == STM32VL_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1311 loader_code = loader_code_stm32vl;
1312 loader_size = sizeof(loader_code_stm32vl);
1313 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4) {
1314 loader_code = loader_code_stm32f4;
1315 loader_size = sizeof(loader_code_stm32f4);
1316 } else if (sl->chip_id == STM32_CHIPID_F0) {
1317 loader_code = loader_code_stm32f0;
1318 loader_size = sizeof(loader_code_stm32f0);
1320 ELOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1324 memcpy(sl->q_buf, loader_code, loader_size);
1325 stlink_write_mem32(sl, sl->sram_base, loader_size);
1327 *addr = sl->sram_base;
1328 *size = loader_size;
1334 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1335 /* check the contents of path are at addr */
1338 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1340 if (map_file(&mf, path) == -1)
1343 res = check_file(sl, &mf, addr);
1351 * Verify addr..addr+len is binary identical to base...base+len
1352 * @param sl stlink context
1353 * @param address stm device address
1354 * @param data host side buffer to check against
1355 * @param length how much
1356 * @return 0 for success, -ve for failure
1358 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1360 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1361 ILOG("Starting verification of write complete\n");
1362 for (off = 0; off < length; off += cmp_size) {
1363 size_t aligned_size;
1365 /* adjust last page size */
1366 if ((off + cmp_size) > length)
1367 cmp_size = length - off;
1369 aligned_size = cmp_size;
1370 if (aligned_size & (4 - 1))
1371 aligned_size = (cmp_size + 4) & ~(4 - 1);
1373 stlink_read_mem32(sl, address + off, aligned_size);
1375 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1376 ELOG("Verification of flash failed at offset: %zd\n", off);
1380 ILOG("Flash written and verified! jolly good!\n");
1385 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, unsigned num_half_pages)
1391 ILOG("Starting Half page flash write for STM32L core id\n");
1392 /* flash loader initialization */
1393 if (init_flash_loader(sl, &fl) == -1) {
1394 WLOG("init_flash_loader() == -1\n");
1397 /* Unlock already done */
1398 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1399 val |= (1 << FLASH_L1_FPRG);
1400 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1402 val |= (1 << FLASH_L1_PROG);
1403 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1404 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {}
1406 #define L1_WRITE_BLOCK_SIZE 0x80
1407 for (count = 0; count < num_half_pages; count ++) {
1408 if (run_flash_loader(sl, &fl, addr + count * L1_WRITE_BLOCK_SIZE, base + count * L1_WRITE_BLOCK_SIZE, L1_WRITE_BLOCK_SIZE) == -1) {
1409 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * L1_WRITE_BLOCK_SIZE);
1410 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1411 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1412 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1415 /* wait for sr.busy to be cleared */
1416 if (sl->verbose >= 1) {
1417 /* show progress. writing procedure is slow
1418 and previous errors are misleading */
1419 fprintf(stdout, "\r%3u/%u halfpages written", count + 1, num_half_pages);
1422 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {
1425 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1426 val &= ~(1 << FLASH_L1_PROG);
1427 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1428 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1429 val &= ~(1 << FLASH_L1_FPRG);
1430 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1435 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len) {
1438 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1439 len, len, addr, addr);
1440 /* check addr range is inside the flash */
1441 stlink_calculate_pagesize(sl, addr);
1442 if (addr < sl->flash_base) {
1443 ELOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1445 } else if ((addr + len) < addr) {
1446 ELOG("addr overruns\n");
1448 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1449 ELOG("addr too high\n");
1451 } else if (addr & 1) {
1452 ELOG("unaligned addr 0x%x\n", addr);
1454 } else if (len & 1) {
1455 WLOG("unaligned len 0x%x -- padding with zero\n", len);
1457 } else if (addr & (sl->flash_pgsz - 1)) {
1458 ELOG("addr not a multiple of pagesize, not supported\n");
1462 // Make sure we've loaded the context with the chip details
1464 /* erase each page */
1466 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1467 /* addr must be an addr inside the page */
1468 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1469 ELOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1472 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1473 (unsigned long)addr + off);
1477 fprintf(stdout,"\n");
1478 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1479 page_count, sl->flash_pgsz, sl->flash_pgsz);
1481 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
1482 /* todo: check write operation */
1484 ILOG("Starting Flash write for F2/F4\n");
1485 /* flash loader initialization */
1486 if (init_flash_loader(sl, &fl) == -1) {
1487 ELOG("init_flash_loader() == -1\n");
1491 /* First unlock the cr */
1492 unlock_flash_if(sl);
1494 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1495 /* set parallelisim to 32 bit*/
1496 write_flash_cr_psiz(sl, 2);
1498 /* set programming mode */
1499 set_flash_cr_pg(sl);
1501 for(off = 0; off < len;) {
1502 size_t size = len - off > 0x8000 ? 0x8000 : len - off;
1504 printf("size: %zu\n", size);
1506 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1507 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1515 #define PROGRESS_CHUNK_SIZE 0x1000
1516 /* write a word in program memory */
1517 for (off = 0; off < len; off += sizeof(uint32_t)) {
1519 if (sl->verbose >= 1) {
1520 if ((off & (PROGRESS_CHUNK_SIZE - 1)) == 0) {
1521 /* show progress. writing procedure is slow
1522 and previous errors are misleading */
1523 const uint32_t pgnum = (off / PROGRESS_CHUNK_SIZE)+1;
1524 const uint32_t pgcount = len / PROGRESS_CHUNK_SIZE +1;
1525 fprintf(stdout, "Writing %ukB chunk %u out of %u\n",
1526 PROGRESS_CHUNK_SIZE/1024, pgnum, pgcount);
1530 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1531 stlink_write_debug32(sl, addr + off, data);
1533 /* wait for sr.busy to be cleared */
1534 wait_flash_busy(sl);
1541 #if 0 /* todo: debug mode */
1542 fprintf(stdout, "Final CR:0x%x\n", read_flash_cr(sl));
1547 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) {
1548 /* use fast word write. todo: half page. */
1551 #if 0 /* todo: check write operation */
1553 uint32_t nwrites = sl->flash_pgsz;
1557 #endif /* todo: check write operation */
1559 /* disable pecr protection */
1560 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
1561 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
1563 /* check pecr.pelock is cleared */
1564 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1565 if (val & (1 << 0)) {
1566 fprintf(stderr, "pecr.pelock not clear\n");
1570 /* unlock program memory */
1571 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
1572 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
1574 /* check pecr.prglock is cleared */
1575 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1576 if (val & (1 << 1)) {
1577 fprintf(stderr, "pecr.prglock not clear\n");
1581 if (len > L1_WRITE_BLOCK_SIZE) {
1582 if (stm32l1_write_half_pages(sl, addr, base, len/L1_WRITE_BLOCK_SIZE) == -1) {
1583 /* This may happen on a blank device! */
1584 WLOG("\nwrite_half_pages failed == -1\n");
1586 off = (len /L1_WRITE_BLOCK_SIZE)*L1_WRITE_BLOCK_SIZE;
1590 /* write remainingword in program memory */
1591 for ( ; off < len; off += sizeof(uint32_t)) {
1594 fprintf(stdout, "\r");
1596 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1597 fprintf(stdout, "\r%3zd/%3zd pages written",
1598 off/sl->flash_pgsz, len/sl->flash_pgsz);
1602 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1603 stlink_write_debug32(sl, addr + off, data);
1605 /* wait for sr.busy to be cleared */
1606 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1609 #if 0 /* todo: check redo write operation */
1611 /* check written bytes. todo: should be on a per page basis. */
1612 data = stlink_read_debug32(sl, addr + off);
1613 if (data == *(uint32_t*)(base + off)) {
1614 /* re erase the page and redo the write operation */
1618 /* fail if successive write count too low */
1619 if (nwrites < sl->flash_pgsz) {
1620 fprintf(stderr, "writes operation failure count too high, aborting\n");
1626 /* assume addr aligned */
1627 if (off % sl->flash_pgsz) off &= ~(sl->flash_pgsz - 1);
1630 fprintf(stderr, "invalid write @0x%x(0x%x): 0x%x != 0x%x. retrying.\n",
1631 page, addr + off, read_uint32(base + off, 0), read_uint32(sl->q_buf, 0));
1633 /* reset lock bits */
1634 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1635 | (1 << 0) | (1 << 1) | (1 << 2);
1636 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1638 stlink_erase_flash_page(sl, page);
1643 /* increment successive writes counter */
1646 #endif /* todo: check redo write operation */
1648 fprintf(stdout, "\n");
1649 /* reset lock bits */
1650 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1651 | (1 << 0) | (1 << 1) | (1 << 2);
1652 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1653 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1654 ILOG("Starting Flash write for VL/F0 core id\n");
1655 /* flash loader initialization */
1656 if (init_flash_loader(sl, &fl) == -1) {
1657 ELOG("init_flash_loader() == -1\n");
1661 int write_block_count = 0;
1662 for (off = 0; off < len; off += sl->flash_pgsz) {
1663 /* adjust last write size */
1664 size_t size = sl->flash_pgsz;
1665 if ((off + sl->flash_pgsz) > len) size = len - off;
1667 /* unlock and set programming mode */
1668 unlock_flash_if(sl);
1669 set_flash_cr_pg(sl);
1670 //DLOG("Finished setting flash cr pg, running loader!\n");
1671 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1672 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1676 if (sl->verbose >= 1) {
1677 /* show progress. writing procedure is slow
1678 and previous errors are misleading */
1679 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
1683 fprintf(stdout, "\n");
1685 ELOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1689 return stlink_verify_write_flash(sl, addr, base, len);
1693 * Write the given binary file into flash at address "addr"
1695 * @param path readable file path, should be binary image
1696 * @param addr where to start writing
1697 * @return 0 on success, -ve on failure.
1699 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1700 /* write the file in flash at addr */
1702 unsigned int num_empty = 0, index;
1703 unsigned char erased_pattern =(sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS)?0:0xff;
1704 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1705 if (map_file(&mf, path) == -1) {
1706 ELOG("map_file() == -1\n");
1709 for(index = 0; index < mf.len; index ++) {
1710 if (mf.base[index] == erased_pattern)
1715 if(num_empty != 0) {
1716 ILOG("Ignoring %d bytes of Zeros at end of file\n",num_empty);
1717 mf.len -= num_empty;
1719 err = stlink_write_flash(sl, addr, mf.base, mf.len);
1721 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1722 /* Set PC to the reset routine*/
1723 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1729 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
1733 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
1734 // FIXME This can never return -1
1735 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
1737 ELOG("write_buffer_to_sram() == -1\n");
1741 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) {
1743 size_t count = size / sizeof(uint32_t);
1744 if (size % sizeof(uint32_t)) ++count;
1747 stlink_write_reg(sl, target, 0); /* target */
1748 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
1749 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1750 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1752 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1754 size_t count = size / sizeof(uint16_t);
1755 if (size % sizeof(uint16_t)) ++count;
1758 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1759 stlink_write_reg(sl, target, 1); /* target */
1760 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
1761 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
1762 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1764 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4) {
1766 size_t count = size / sizeof(uint32_t);
1767 if (size % sizeof(uint32_t)) ++count;
1770 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1771 stlink_write_reg(sl, target, 1); /* target */
1772 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1773 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1776 fprintf(stderr, "unknown coreid 0x%x, don't know what flash loader to use\n", sl->core_id);
1783 #define WAIT_ROUNDS 1000
1784 /* wait until done (reaches breakpoint) */
1785 for (i = 0; i < WAIT_ROUNDS; i++) {
1787 if (is_core_halted(sl))
1791 if (i >= WAIT_ROUNDS) {
1792 ELOG("flash loader run error\n");
1796 /* check written byte count */
1797 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) {
1799 size_t count = size / sizeof(uint32_t);
1800 if (size % sizeof(uint32_t)) ++count;
1802 stlink_read_reg(sl, 3, &rr);
1803 if (rr.r[3] != count) {
1804 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
1808 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1810 stlink_read_reg(sl, 2, &rr);
1812 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1816 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4) {
1818 stlink_read_reg(sl, 2, &rr);
1820 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1826 fprintf(stderr, "unknown coreid 0x%x, can't check written byte count\n", sl->core_id);
projects / fw / stlink / blob