10 #include <sys/types.h>
14 #include "stlink-common.h"
15 #include "uglylogging.h"
22 #define LOG_TAG __FILE__
23 #define DLOG(format, args...) ugly_log(UDEBUG, LOG_TAG, format, ## args)
24 #define ILOG(format, args...) ugly_log(UINFO, LOG_TAG, format, ## args)
25 #define WLOG(format, args...) ugly_log(UWARN, LOG_TAG, format, ## args)
26 #define ELOG(format, args...) ugly_log(UERROR, LOG_TAG, format, ## args)
27 #define fatal(format, args...) ugly_log(UFATAL, LOG_TAG, format, ## args)
29 /* todo: stm32l15xxx flash memory, pm0062 manual */
31 /* stm32f FPEC flash controller interface, pm0063 manual */
32 // TODO - all of this needs to be abstracted out....
33 // STM32F05x is identical, based on RM0091 (DM00031936, Doc ID 018940 Rev 2, August 2012)
34 #define FLASH_REGS_ADDR 0x40022000
35 #define FLASH_REGS_SIZE 0x28
37 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
38 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
39 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
40 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
41 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
42 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
43 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
45 // For STM32F05x, the RDPTR_KEY may be wrong, but as it is not used anywhere...
46 #define FLASH_RDPTR_KEY 0x00a5
47 #define FLASH_KEY1 0x45670123
48 #define FLASH_KEY2 0xcdef89ab
50 #define FLASH_SR_BSY 0
51 #define FLASH_SR_EOP 5
54 #define FLASH_CR_PER 1
55 #define FLASH_CR_MER 2
56 #define FLASH_CR_STRT 6
57 #define FLASH_CR_LOCK 7
60 //32L = 32F1 same CoreID as 32F4!
61 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
62 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
63 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
64 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
65 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
66 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
67 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
68 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
69 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
70 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
71 #define FLASH_L1_FPRG 10
72 #define FLASH_L1_PROG 3
76 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
77 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
78 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
79 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
80 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
81 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
82 #define FLASH_F4_CR_STRT 16
83 #define FLASH_F4_CR_LOCK 31
84 #define FLASH_F4_CR_SER 1
85 #define FLASH_F4_CR_SNB 3
86 #define FLASH_F4_CR_SNB_MASK 0x38
87 #define FLASH_F4_SR_BSY 16
90 void write_uint32(unsigned char* buf, uint32_t ui) {
91 if (!is_bigendian()) { // le -> le (don't swap)
92 buf[0] = ((unsigned char*) &ui)[0];
93 buf[1] = ((unsigned char*) &ui)[1];
94 buf[2] = ((unsigned char*) &ui)[2];
95 buf[3] = ((unsigned char*) &ui)[3];
97 buf[0] = ((unsigned char*) &ui)[3];
98 buf[1] = ((unsigned char*) &ui)[2];
99 buf[2] = ((unsigned char*) &ui)[1];
100 buf[3] = ((unsigned char*) &ui)[0];
104 void write_uint16(unsigned char* buf, uint16_t ui) {
105 if (!is_bigendian()) { // le -> le (don't swap)
106 buf[0] = ((unsigned char*) &ui)[0];
107 buf[1] = ((unsigned char*) &ui)[1];
109 buf[0] = ((unsigned char*) &ui)[1];
110 buf[1] = ((unsigned char*) &ui)[0];
114 uint32_t read_uint32(const unsigned char *c, const int pt) {
116 char *p = (char *) &ui;
118 if (!is_bigendian()) { // le -> le (don't swap)
132 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
133 return stlink_read_debug32(sl, FLASH_WRPR) & 0xff;
136 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
137 return stlink_read_debug32(sl, FLASH_WRPR);
140 static inline uint32_t read_flash_obr(stlink_t *sl) {
141 return stlink_read_debug32(sl, FLASH_OBR);
144 static inline uint32_t read_flash_cr(stlink_t *sl) {
146 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
147 res = stlink_read_debug32(sl, FLASH_F4_CR);
149 res = stlink_read_debug32(sl, FLASH_CR);
151 fprintf(stdout, "CR:0x%x\n", res);
156 static inline unsigned int is_flash_locked(stlink_t *sl) {
157 /* return non zero for true */
158 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
159 return read_flash_cr(sl) & (1 << FLASH_F4_CR_LOCK);
161 return read_flash_cr(sl) & (1 << FLASH_CR_LOCK);
164 static void unlock_flash(stlink_t *sl) {
165 /* the unlock sequence consists of 2 write cycles where
166 2 key values are written to the FLASH_KEYR register.
167 an invalid sequence results in a definitive lock of
168 the FPEC block until next reset.
170 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
171 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
172 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
174 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
175 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
180 static int unlock_flash_if(stlink_t *sl) {
181 /* unlock flash if already locked */
183 if (is_flash_locked(sl)) {
185 if (is_flash_locked(sl)) {
186 WLOG("Failed to unlock flash!\n");
190 DLOG("Successfully unlocked flash\n");
194 static void lock_flash(stlink_t *sl) {
195 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
196 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
197 stlink_write_debug32(sl, FLASH_F4_CR, n);
199 /* write to 1 only. reset by hw at unlock sequence */
200 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
201 stlink_write_debug32(sl, FLASH_CR, n);
206 static void set_flash_cr_pg(stlink_t *sl) {
207 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
208 uint32_t x = read_flash_cr(sl);
209 x |= (1 << FLASH_CR_PG);
210 stlink_write_debug32(sl, FLASH_F4_CR, x);
212 const uint32_t n = 1 << FLASH_CR_PG;
213 stlink_write_debug32(sl, FLASH_CR, n);
217 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
218 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
219 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
220 stlink_write_debug32(sl, FLASH_F4_CR, n);
222 stlink_write_debug32(sl, FLASH_CR, n);
225 static void set_flash_cr_per(stlink_t *sl) {
226 const uint32_t n = 1 << FLASH_CR_PER;
227 stlink_write_debug32(sl, FLASH_CR, n);
230 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
231 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
232 stlink_write_debug32(sl, FLASH_CR, n);
235 static void set_flash_cr_mer(stlink_t *sl) {
236 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
237 stlink_write_debug32(sl, FLASH_F4_CR,
238 stlink_read_debug32(sl, FLASH_F4_CR) | (1 << FLASH_CR_MER));
240 stlink_write_debug32(sl, FLASH_CR,
241 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_MER));
244 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
245 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
246 stlink_write_debug32(sl, FLASH_F4_CR,
247 stlink_read_debug32(sl, FLASH_F4_CR) & ~(1 << FLASH_CR_MER));
249 stlink_write_debug32(sl, FLASH_CR,
250 stlink_read_debug32(sl, FLASH_CR) & ~(1 << FLASH_CR_MER));
253 static void set_flash_cr_strt(stlink_t *sl) {
254 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
255 uint32_t x = read_flash_cr(sl);
256 x |= (1 << FLASH_F4_CR_STRT);
257 stlink_write_debug32(sl, FLASH_F4_CR, x);
259 stlink_write_debug32(sl, FLASH_CR,
260 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_STRT) );
264 static inline uint32_t read_flash_acr(stlink_t *sl) {
265 return stlink_read_debug32(sl, FLASH_ACR);
268 static inline uint32_t read_flash_sr(stlink_t *sl) {
270 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
271 res = stlink_read_debug32(sl, FLASH_F4_SR);
273 res = stlink_read_debug32(sl, FLASH_SR);
274 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
278 static inline unsigned int is_flash_busy(stlink_t *sl) {
279 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
280 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
282 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
285 static void wait_flash_busy(stlink_t *sl) {
286 /* todo: add some delays here */
287 while (is_flash_busy(sl))
291 static void wait_flash_busy_progress(stlink_t *sl) {
293 fprintf(stdout, "Mass erasing");
295 while (is_flash_busy(sl)) {
299 fprintf(stdout, ".");
303 fprintf(stdout, "\n");
306 static inline unsigned int is_flash_eop(stlink_t *sl) {
307 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
310 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
311 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
312 stlink_write_debug32(sl, FLASH_SR, n);
315 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
316 /* todo: add some delays here */
317 while (is_flash_eop(sl) == 0)
321 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
322 stlink_write_debug32(sl, FLASH_AR, n);
325 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
326 uint32_t x = read_flash_cr(sl);
330 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
332 stlink_write_debug32(sl, FLASH_F4_CR, x);
336 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
337 uint32_t x = read_flash_cr(sl);
338 x &= ~FLASH_F4_CR_SNB_MASK;
339 x |= (n << FLASH_F4_CR_SNB);
340 x |= (1 << FLASH_F4_CR_SER);
342 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
344 stlink_write_debug32(sl, FLASH_F4_CR, x);
349 static void disable_flash_read_protection(stlink_t *sl) {
350 /* erase the option byte area */
357 // Delegates to the backends...
359 void stlink_close(stlink_t *sl) {
360 DLOG("*** stlink_close ***\n");
361 sl->backend->close(sl);
365 void stlink_exit_debug_mode(stlink_t *sl) {
366 DLOG("*** stlink_exit_debug_mode ***\n");
367 stlink_write_debug32(sl, DHCSR, DBGKEY);
368 sl->backend->exit_debug_mode(sl);
371 void stlink_enter_swd_mode(stlink_t *sl) {
372 DLOG("*** stlink_enter_swd_mode ***\n");
373 sl->backend->enter_swd_mode(sl);
376 // Force the core into the debug mode -> halted state.
377 void stlink_force_debug(stlink_t *sl) {
378 DLOG("*** stlink_force_debug_mode ***\n");
379 sl->backend->force_debug(sl);
382 void stlink_exit_dfu_mode(stlink_t *sl) {
383 DLOG("*** stlink_exit_dfu_mode ***\n");
384 sl->backend->exit_dfu_mode(sl);
387 uint32_t stlink_core_id(stlink_t *sl) {
388 DLOG("*** stlink_core_id ***\n");
389 sl->backend->core_id(sl);
391 stlink_print_data(sl);
392 DLOG("core_id = 0x%08x\n", sl->core_id);
396 uint32_t stlink_chip_id(stlink_t *sl) {
397 uint32_t chip_id = stlink_read_debug32(sl, 0xE0042000);
398 if (chip_id == 0) chip_id = stlink_read_debug32(sl, 0x40015800); //Try Corex M0 DBGMCU_IDCODE register address
403 * Cortex m3 tech ref manual, CPUID register description
404 * @param sl stlink context
405 * @param cpuid pointer to the result object
407 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
408 uint32_t raw = stlink_read_debug32(sl, CM3_REG_CPUID);
409 cpuid->implementer_id = (raw >> 24) & 0x7f;
410 cpuid->variant = (raw >> 20) & 0xf;
411 cpuid->part = (raw >> 4) & 0xfff;
412 cpuid->revision = raw & 0xf;
417 * reads and decodes the flash parameters, as dynamically as possible
419 * @return 0 for success, or -1 for unsupported core type.
421 int stlink_load_device_params(stlink_t *sl) {
422 ILOG("Loading device parameters....\n");
423 const chip_params_t *params = NULL;
424 sl->core_id = stlink_core_id(sl);
425 uint32_t chip_id = stlink_chip_id(sl);
427 sl->chip_id = chip_id & 0xfff;
428 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
429 if (sl->chip_id == 0x411) {
430 uint32_t cpuid = stlink_read_debug32(sl, 0xE000ED00);
431 if ((cpuid & 0xfff0) == 0xc240)
435 for (size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
436 if(devices[i].chip_id == sl->chip_id) {
437 params = &devices[i];
441 if (params == NULL) {
442 WLOG("unknown chip id! %#x\n", chip_id);
446 // These are fixed...
447 sl->flash_base = STM32_FLASH_BASE;
448 sl->sram_base = STM32_SRAM_BASE;
450 // read flash size from hardware, if possible...
451 if (sl->chip_id == STM32_CHIPID_F2) {
452 sl->flash_size = 0x100000; /* Use maximum, User must care!*/
453 } else if (sl->chip_id == STM32_CHIPID_F4) {
454 sl->flash_size = 0x100000; //todo: RM0090 error; size register same address as unique ID
455 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM) {
456 // if the flash size is zero, we assume it is 128k, if not we calculate the real value
457 uint32_t flash_size = stlink_read_debug32(sl,params->flash_size_reg) & 0xffff;
458 if ( flash_size == 0 ) {
459 sl->flash_size = 128 * 1024;
461 sl->flash_size = flash_size * 1024;
463 } else if ((sl->chip_id & 0xFFF) == STM32_CHIPID_L1_MEDIUM_PLUS) {
464 uint32_t flash_size = stlink_read_debug32(sl, params->flash_size_reg) & 0x1;
465 // 0 is 384k and 1 is 256k
466 if ( flash_size == 0 ) {
467 sl->flash_size = 384 * 1024;
469 sl->flash_size = 256 * 1024;
472 uint32_t flash_size = stlink_read_debug32(sl, params->flash_size_reg) & 0xffff;
473 sl->flash_size = flash_size * 1024;
475 sl->flash_pgsz = params->flash_pagesize;
476 sl->sram_size = params->sram_size;
477 sl->sys_base = params->bootrom_base;
478 sl->sys_size = params->bootrom_size;
480 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
481 // TODO make note of variable page size here.....
482 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
483 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
488 void stlink_reset(stlink_t *sl) {
489 DLOG("*** stlink_reset ***\n");
490 sl->backend->reset(sl);
493 void stlink_jtag_reset(stlink_t *sl, int value) {
494 DLOG("*** stlink_jtag_reset ***\n");
495 sl->backend->jtag_reset(sl, value);
498 void stlink_run(stlink_t *sl) {
499 DLOG("*** stlink_run ***\n");
500 sl->backend->run(sl);
503 void stlink_status(stlink_t *sl) {
504 DLOG("*** stlink_status ***\n");
505 sl->backend->status(sl);
506 stlink_core_stat(sl);
510 * Decode the version bits, originally from -sg, verified with usb
511 * @param sl stlink context, assumed to contain valid data in the buffer
512 * @param slv output parsed version object
514 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
515 uint32_t b0 = sl->q_buf[0]; //lsb
516 uint32_t b1 = sl->q_buf[1];
517 uint32_t b2 = sl->q_buf[2];
518 uint32_t b3 = sl->q_buf[3];
519 uint32_t b4 = sl->q_buf[4];
520 uint32_t b5 = sl->q_buf[5]; //msb
522 // b0 b1 || b2 b3 | b4 b5
523 // 4b | 6b | 6b || 2B | 2B
524 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
526 slv->stlink_v = (b0 & 0xf0) >> 4;
527 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
528 slv->swim_v = b1 & 0x3f;
529 slv->st_vid = (b3 << 8) | b2;
530 slv->stlink_pid = (b5 << 8) | b4;
534 void stlink_version(stlink_t *sl) {
535 DLOG("*** looking up stlink version\n");
536 sl->backend->version(sl);
537 _parse_version(sl, &sl->version);
539 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
540 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
541 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
542 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
543 DLOG("swim version = 0x%x\n", sl->version.swim_v);
544 if (sl->version.jtag_v == 0) {
545 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
547 if (sl->version.swim_v == 0) {
548 DLOG(" notice: the firmware doesn't support a swim interface\n");
552 uint32_t stlink_read_debug32(stlink_t *sl, uint32_t addr) {
553 uint32_t data = sl->backend->read_debug32(sl, addr);
554 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
558 void stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
559 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
560 sl->backend->write_debug32(sl, addr, data);
563 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
564 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
566 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
569 sl->backend->write_mem32(sl, addr, len);
572 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
573 DLOG("*** stlink_read_mem32 ***\n");
574 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
575 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
579 sl->backend->read_mem32(sl, addr, len);
582 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
583 DLOG("*** stlink_write_mem8 ***\n");
584 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
585 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
589 sl->backend->write_mem8(sl, addr, len);
592 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
593 DLOG("*** stlink_read_all_regs ***\n");
594 sl->backend->read_all_regs(sl, regp);
597 void stlink_read_all_unsupported_regs(stlink_t *sl, reg *regp) {
598 DLOG("*** stlink_read_all_unsupported_regs ***\n");
599 sl->backend->read_all_unsupported_regs(sl, regp);
602 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
603 DLOG("*** stlink_write_reg\n");
604 sl->backend->write_reg(sl, reg, idx);
607 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
608 DLOG("*** stlink_read_reg\n");
609 DLOG(" (%d) ***\n", r_idx);
611 if (r_idx > 20 || r_idx < 0) {
612 fprintf(stderr, "Error: register index must be in [0..20]\n");
616 sl->backend->read_reg(sl, r_idx, regp);
619 void stlink_read_unsupported_reg(stlink_t *sl, int r_idx, reg *regp) {
622 DLOG("*** stlink_read_unsupported_reg\n");
623 DLOG(" (%d) ***\n", r_idx);
625 /* Convert to values used by DCRSR */
626 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
628 } else if (r_idx == 0x40) { /* FPSCR */
630 } else if (r_idx >= 0x20 && r_idx < 0x40) {
631 r_convert = 0x40 + (r_idx - 0x20);
633 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
637 sl->backend->read_unsupported_reg(sl, r_convert, regp);
640 void stlink_write_unsupported_reg(stlink_t *sl, uint32_t val, int r_idx, reg *regp) {
643 DLOG("*** stlink_write_unsupported_reg\n");
644 DLOG(" (%d) ***\n", r_idx);
646 /* Convert to values used by DCRSR */
647 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
648 r_convert = r_idx; /* The backend function handles this */
649 } else if (r_idx == 0x40) { /* FPSCR */
651 } else if (r_idx >= 0x20 && r_idx < 0x40) {
652 r_convert = 0x40 + (r_idx - 0x20);
654 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
658 sl->backend->write_unsupported_reg(sl, val, r_convert, regp);
661 unsigned int is_core_halted(stlink_t *sl) {
662 /* return non zero if core is halted */
664 return sl->q_buf[0] == STLINK_CORE_HALTED;
667 void stlink_step(stlink_t *sl) {
668 DLOG("*** stlink_step ***\n");
669 sl->backend->step(sl);
672 int stlink_current_mode(stlink_t *sl) {
673 int mode = sl->backend->current_mode(sl);
675 case STLINK_DEV_DFU_MODE:
676 DLOG("stlink current mode: dfu\n");
678 case STLINK_DEV_DEBUG_MODE:
679 DLOG("stlink current mode: debug (jtag or swd)\n");
681 case STLINK_DEV_MASS_MODE:
682 DLOG("stlink current mode: mass\n");
685 DLOG("stlink mode: unknown!\n");
686 return STLINK_DEV_UNKNOWN_MODE;
692 // End of delegates.... Common code below here...
695 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
697 // #define is_bigendian() ( (*(char*)&i) == 0 )
699 inline unsigned int is_bigendian(void) {
700 static volatile const unsigned int i = 1;
701 return *(volatile const char*) &i == 0;
704 uint16_t read_uint16(const unsigned char *c, const int pt) {
706 char *p = (char *) &ui;
708 if (!is_bigendian()) { // le -> le (don't swap)
718 // same as above with entrypoint.
720 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
721 stlink_write_reg(sl, addr, 15); /* pc register */
725 while (is_core_halted(sl) == 0)
729 void stlink_core_stat(stlink_t *sl) {
733 switch (sl->q_buf[0]) {
734 case STLINK_CORE_RUNNING:
735 sl->core_stat = STLINK_CORE_RUNNING;
736 DLOG(" core status: running\n");
738 case STLINK_CORE_HALTED:
739 sl->core_stat = STLINK_CORE_HALTED;
740 DLOG(" core status: halted\n");
743 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
744 fprintf(stderr, " core status: unknown\n");
748 void stlink_print_data(stlink_t * sl) {
749 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
752 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
754 for (int i = 0; i < sl->q_len; i++) {
757 if (sl->q_data_dir == Q_DATA_OUT)
758 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
760 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
763 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
765 fputs("\n\n", stdout);
768 /* memory mapped file */
770 typedef struct mapped_file {
775 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
777 static int map_file(mapped_file_t* mf, const char* path) {
781 const int fd = open(path, O_RDONLY | O_BINARY);
783 fprintf(stderr, "open(%s) == -1\n", path);
787 if (fstat(fd, &st) == -1) {
788 fprintf(stderr, "fstat() == -1\n");
792 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
793 if (mf->base == MAP_FAILED) {
794 fprintf(stderr, "mmap() == MAP_FAILED\n");
798 mf->len = st.st_size;
809 static void unmap_file(mapped_file_t * mf) {
810 munmap((void*) mf->base, mf->len);
811 mf->base = (unsigned char*) MAP_FAILED;
815 /* Limit the block size to compare to 0x1800
816 Anything larger will stall the STLINK2
817 Maybe STLINK V1 needs smaller value!*/
818 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
820 size_t n_cmp = sl->flash_pgsz;
824 for (off = 0; off < mf->len; off += n_cmp) {
827 /* adjust last page size */
828 size_t cmp_size = n_cmp;
829 if ((off + n_cmp) > mf->len)
830 cmp_size = mf->len - off;
832 aligned_size = cmp_size;
833 if (aligned_size & (4 - 1))
834 aligned_size = (cmp_size + 4) & ~(4 - 1);
836 stlink_read_mem32(sl, addr + off, aligned_size);
838 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
845 int stlink_fwrite_sram
846 (stlink_t * sl, const char* path, stm32_addr_t addr) {
847 /* write the file in sram at addr */
851 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
854 if (map_file(&mf, path) == -1) {
855 fprintf(stderr, "map_file() == -1\n");
859 /* check addr range is inside the sram */
860 if (addr < sl->sram_base) {
861 fprintf(stderr, "addr too low\n");
863 } else if ((addr + mf.len) < addr) {
864 fprintf(stderr, "addr overruns\n");
866 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
867 fprintf(stderr, "addr too high\n");
869 } else if ((addr & 3) || (mf.len & 3)) {
871 fprintf(stderr, "unaligned addr or size\n");
874 /* do the copy by 1k blocks */
875 for (off = 0; off < mf.len; off += 1024) {
877 if ((off + size) > mf.len)
880 memcpy(sl->q_buf, mf.base + off, size);
882 /* round size if needed */
886 stlink_write_mem32(sl, addr + off, size);
889 /* check the file ha been written */
890 if (check_file(sl, &mf, addr) == -1) {
891 fprintf(stderr, "check_file() == -1\n");
898 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
899 /* Set PC to the reset routine*/
900 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
908 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
909 /* read size bytes from addr to file */
914 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS)?0:0xff;
916 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
918 fprintf(stderr, "open(%s) == -1\n", path);
923 size = sl->flash_size;
925 if (size > sl->flash_size)
926 size = sl->flash_size;
928 /* do the copy by 1k blocks */
929 for (off = 0; off < size; off += 1024) {
930 size_t read_size = 1024;
933 if ((off + read_size) > size)
934 read_size = size - off;
936 /* round size if needed */
937 rounded_size = read_size;
938 if (rounded_size & 3)
939 rounded_size = (rounded_size + 4) & ~(3);
941 stlink_read_mem32(sl, addr + off, rounded_size);
943 for(index = 0; index < read_size; index ++) {
944 if (sl->q_buf[index] == erased_pattern)
949 if (write(fd, sl->q_buf, read_size) != (ssize_t) read_size) {
950 fprintf(stderr, "write() != read_size\n");
955 /* Ignore NULL Bytes at end of file */
956 if (!ftruncate(fd, size - num_empty)) {
969 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
970 /* write the buffer right after the loader */
971 size_t chunk = size & ~0x3;
972 size_t rem = size & 0x3;
974 memcpy(sl->q_buf, buf, chunk);
975 stlink_write_mem32(sl, fl->buf_addr, chunk);
978 memcpy(sl->q_buf, buf+chunk, rem);
979 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
984 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
985 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
986 if (flashaddr<0x4000) return (0);
987 else if(flashaddr<0x8000) return(1);
988 else if(flashaddr<0xc000) return(2);
989 else if(flashaddr<0x10000) return(3);
990 else if(flashaddr<0x20000) return(4);
991 else return(flashaddr/0x20000)+4;
995 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
996 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
997 uint32_t sector=calculate_F4_sectornum(flashaddr);
998 if (sector<4) sl->flash_pgsz=0x4000;
999 else if(sector<5) sl->flash_pgsz=0x10000;
1000 else sl->flash_pgsz=0x20000;
1002 return (sl->flash_pgsz);
1006 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
1007 * @param sl stlink context
1008 * @param flashaddr an address in the flash page to erase
1009 * @return 0 on success -ve on failure
1011 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
1013 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
1014 /* wait for ongoing op to finish */
1015 wait_flash_busy(sl);
1017 /* unlock if locked */
1018 unlock_flash_if(sl);
1020 /* select the page to erase */
1021 // calculate the actual page from the address
1022 uint32_t sector=calculate_F4_sectornum(flashaddr);
1024 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1025 write_flash_cr_snb(sl, sector);
1027 /* start erase operation */
1028 set_flash_cr_strt(sl);
1030 /* wait for completion */
1031 wait_flash_busy(sl);
1033 /* relock the flash */
1034 //todo: fails to program if this is in
1037 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
1039 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) {
1043 /* check if the locks are set */
1044 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1045 if((val & (1<<0))||(val & (1<<1))) {
1046 /* disable pecr protection */
1047 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
1048 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
1050 /* check pecr.pelock is cleared */
1051 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1052 if (val & (1 << 0)) {
1053 WLOG("pecr.pelock not clear (%#x)\n", val);
1057 /* unlock program memory */
1058 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
1059 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
1061 /* check pecr.prglock is cleared */
1062 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1063 if (val & (1 << 1)) {
1064 WLOG("pecr.prglock not clear (%#x)\n", val);
1069 /* unused: unlock the option byte block */
1071 stlink_write_debug32(sl, STM32L_FLASH_OPTKEYR, 0xfbead9c8);
1072 stlink_write_debug32(sl, STM32L_FLASH_OPTKEYR, 0x24252627);
1074 /* check pecr.optlock is cleared */
1075 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1076 if (val & (1 << 2)) {
1077 fprintf(stderr, "pecr.prglock not clear\n");
1082 /* set pecr.{erase,prog} */
1083 val |= (1 << 9) | (1 << 3);
1084 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1086 #if 0 /* fix_to_be_confirmed */
1088 /* wait for sr.busy to be cleared
1089 MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1090 wrong and we do not need to wait here for clearing the busy bit.
1091 TEXANE: ok, if experience says so and it works for you, we comment
1092 it. If someone has a problem, please drop an email.
1094 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1097 #endif /* fix_to_be_confirmed */
1099 /* write 0 to the first word of the page to be erased */
1100 stlink_write_debug32(sl, flashaddr, 0);
1102 /* MP: It is better to wait for clearing the busy bit after issuing
1103 page erase command, even though PM0062 recommends to wait before it.
1104 Test shows that a few iterations is performed in the following loop
1105 before busy bit is cleared.*/
1106 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1109 /* reset lock bits */
1110 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1111 | (1 << 0) | (1 << 1) | (1 << 2);
1112 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1113 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1114 /* wait for ongoing op to finish */
1115 wait_flash_busy(sl);
1117 /* unlock if locked */
1118 unlock_flash_if(sl);
1120 /* set the page erase bit */
1121 set_flash_cr_per(sl);
1123 /* select the page to erase */
1124 write_flash_ar(sl, flashaddr);
1126 /* start erase operation, reset by hw with bsy bit */
1127 set_flash_cr_strt(sl);
1129 /* wait for completion */
1130 wait_flash_busy(sl);
1132 /* relock the flash */
1135 WLOG("unknown coreid %x, page erase failed\n", sl->core_id);
1139 /* todo: verify the erased page */
1144 int stlink_erase_flash_mass(stlink_t *sl) {
1145 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS ) {
1146 /* erase each page */
1147 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1148 for (i = 0; i < num_pages; i++) {
1149 /* addr must be an addr inside the page */
1150 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1151 if (stlink_erase_flash_page(sl, addr) == -1) {
1152 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1155 fprintf(stdout,"\rFlash page at %5d/%5d erased", i, num_pages);
1158 fprintf(stdout, "\n");
1160 /* wait for ongoing op to finish */
1161 wait_flash_busy(sl);
1163 /* unlock if locked */
1164 unlock_flash_if(sl);
1166 /* set the mass erase bit */
1167 set_flash_cr_mer(sl);
1169 /* start erase operation, reset by hw with bsy bit */
1170 set_flash_cr_strt(sl);
1172 /* wait for completion */
1173 wait_flash_busy_progress(sl);
1175 /* relock the flash */
1178 /* todo: verify the erased memory */
1183 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1186 /* allocate the loader in sram */
1187 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1188 WLOG("Failed to write flash loader to sram!\n");
1192 /* allocate a one page buffer in sram right after loader */
1193 fl->buf_addr = fl->loader_addr + size;
1194 ILOG("Successfully loaded flash loader in sram\n");
1198 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1199 /* from openocd, contrib/loaders/flash/stm32.s */
1200 static const uint8_t loader_code_stm32vl[] = {
1201 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1202 0x1c, 0x44, /* add r4, r3 */
1203 /* write_half_word: */
1204 0x01, 0x23, /* movs r3, #0x01 */
1205 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1206 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1207 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1209 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1210 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1211 0xfb, 0xd0, /* beq busy */
1212 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1213 0x01, 0xd1, /* bne exit */
1214 0x01, 0x3a, /* subs r2, r2, #0x01 */
1215 0xf0, 0xd1, /* bne write_half_word */
1217 0x00, 0xbe, /* bkpt #0x00 */
1218 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1221 /* flashloaders/stm32f0.s -- thumb1 only, same sequence as for STM32VL, bank ignored */
1222 static const uint8_t loader_code_stm32f0[] = {
1225 * These two NOPs here are a safety precaution, added by Pekka Nikander
1226 * while debugging the STM32F05x support. They may not be needed, but
1227 * there were strange problems with simpler programs, like a program
1228 * that had just a breakpoint or a program that first moved zero to register r2
1229 * and then had a breakpoint. So, it appears safest to have these two nops.
1231 * Feel free to remove them, if you dare, but then please do test the result
1232 * rigorously. Also, if you remove these, it may be a good idea first to
1233 * #if 0 them out, with a comment when these were taken out, and to remove
1234 * these only a few months later... But YMMV.
1236 0x00, 0x30, // nop /* add r0,#0 */
1237 0x00, 0x30, // nop /* add r0,#0 */
1239 0x0A, 0x4C, // ldr r4, STM32_FLASH_BASE
1240 0x01, 0x25, // mov r5, #1 /* FLASH_CR_PG, FLASH_SR_BUSY */
1241 0x04, 0x26, // mov r6, #4 /* PGERR */
1243 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1244 0x2B, 0x43, // orr r3, r5
1245 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR |= FLASH_CR_PG */
1246 0x03, 0x88, // ldrh r3, [r0] /* r3 = *sram */
1247 0x0B, 0x80, // strh r3, [r1] /* *flash = r3 */
1249 0xE3, 0x68, // ldr r3, [r4, #12] /* FLASH->SR */
1250 0x2B, 0x42, // tst r3, r5 /* FLASH_SR_BUSY */
1251 0xFC, 0xD0, // beq busy
1253 0x33, 0x42, // tst r3, r6 /* PGERR */
1254 0x04, 0xD1, // bne exit
1256 0x02, 0x30, // add r0, r0, #2 /* sram += 2 */
1257 0x02, 0x31, // add r1, r1, #2 /* flash += 2 */
1258 0x01, 0x3A, // sub r2, r2, #0x01 /* count-- */
1259 0x00, 0x2A, // cmp r2, #0
1260 0xF0, 0xD1, // bne write_half_word
1262 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1263 0xAB, 0x43, // bic r3, r5
1264 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR &= ~FLASH_CR_PG */
1265 0x00, 0xBE, // bkpt #0x00
1266 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1269 static const uint8_t loader_code_stm32l[] = {
1271 /* openocd.git/contrib/loaders/flash/stm32lx.S
1272 r0, input, dest addr
1273 r1, input, source addr
1274 r2, input, word count
1275 r3, output, word count
1281 0x51, 0xf8, 0x04, 0xcb,
1282 0x40, 0xf8, 0x04, 0xcb,
1290 static const uint8_t loader_code_stm32f4[] = {
1291 // flashloaders/stm32f4.s
1300 0x14, 0xf0, 0x01, 0x0f,
1302 0x00, 0xf1, 0x04, 0x00,
1303 0x01, 0xf1, 0x04, 0x01,
1304 0xa2, 0xf1, 0x01, 0x02,
1309 0x00, 0x3c, 0x02, 0x40,
1312 const uint8_t* loader_code;
1315 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS ) { /* stm32l */
1316 loader_code = loader_code_stm32l;
1317 loader_size = sizeof(loader_code_stm32l);
1318 } else if (sl->core_id == STM32VL_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1319 loader_code = loader_code_stm32vl;
1320 loader_size = sizeof(loader_code_stm32vl);
1321 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4) {
1322 loader_code = loader_code_stm32f4;
1323 loader_size = sizeof(loader_code_stm32f4);
1324 } else if (sl->chip_id == STM32_CHIPID_F0) {
1325 loader_code = loader_code_stm32f0;
1326 loader_size = sizeof(loader_code_stm32f0);
1328 ELOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1332 memcpy(sl->q_buf, loader_code, loader_size);
1333 stlink_write_mem32(sl, sl->sram_base, loader_size);
1335 *addr = sl->sram_base;
1336 *size = loader_size;
1342 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1343 /* check the contents of path are at addr */
1346 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1348 if (map_file(&mf, path) == -1)
1351 res = check_file(sl, &mf, addr);
1359 * Verify addr..addr+len is binary identical to base...base+len
1360 * @param sl stlink context
1361 * @param address stm device address
1362 * @param data host side buffer to check against
1363 * @param length how much
1364 * @return 0 for success, -ve for failure
1366 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1368 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1369 ILOG("Starting verification of write complete\n");
1370 for (off = 0; off < length; off += cmp_size) {
1371 size_t aligned_size;
1373 /* adjust last page size */
1374 if ((off + cmp_size) > length)
1375 cmp_size = length - off;
1377 aligned_size = cmp_size;
1378 if (aligned_size & (4 - 1))
1379 aligned_size = (cmp_size + 4) & ~(4 - 1);
1381 stlink_read_mem32(sl, address + off, aligned_size);
1383 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1384 ELOG("Verification of flash failed at offset: %zd\n", off);
1388 ILOG("Flash written and verified! jolly good!\n");
1393 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, unsigned num_half_pages)
1399 ILOG("Starting Half page flash write for STM32L core id\n");
1400 /* flash loader initialization */
1401 if (init_flash_loader(sl, &fl) == -1) {
1402 WLOG("init_flash_loader() == -1\n");
1405 /* Unlock already done */
1406 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1407 val |= (1 << FLASH_L1_FPRG);
1408 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1410 val |= (1 << FLASH_L1_PROG);
1411 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1412 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {}
1414 #define L1_WRITE_BLOCK_SIZE 0x80
1415 for (count = 0; count < num_half_pages; count ++) {
1416 if (run_flash_loader(sl, &fl, addr + count * L1_WRITE_BLOCK_SIZE, base + count * L1_WRITE_BLOCK_SIZE, L1_WRITE_BLOCK_SIZE) == -1) {
1417 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * L1_WRITE_BLOCK_SIZE);
1418 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1419 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1420 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1423 /* wait for sr.busy to be cleared */
1424 if (sl->verbose >= 1) {
1425 /* show progress. writing procedure is slow
1426 and previous errors are misleading */
1427 fprintf(stdout, "\r%3u/%u halfpages written", count + 1, num_half_pages);
1430 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {
1433 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1434 val &= ~(1 << FLASH_L1_PROG);
1435 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1436 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1437 val &= ~(1 << FLASH_L1_FPRG);
1438 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1443 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len) {
1446 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1447 len, len, addr, addr);
1448 /* check addr range is inside the flash */
1449 stlink_calculate_pagesize(sl, addr);
1450 if (addr < sl->flash_base) {
1451 ELOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1453 } else if ((addr + len) < addr) {
1454 ELOG("addr overruns\n");
1456 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1457 ELOG("addr too high\n");
1459 } else if (addr & 1) {
1460 ELOG("unaligned addr 0x%x\n", addr);
1462 } else if (len & 1) {
1463 WLOG("unaligned len 0x%x -- padding with zero\n", len);
1465 } else if (addr & (sl->flash_pgsz - 1)) {
1466 ELOG("addr not a multiple of pagesize, not supported\n");
1470 // Make sure we've loaded the context with the chip details
1472 /* erase each page */
1474 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1475 /* addr must be an addr inside the page */
1476 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1477 ELOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1480 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1481 (unsigned long)addr + off);
1485 fprintf(stdout,"\n");
1486 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1487 page_count, sl->flash_pgsz, sl->flash_pgsz);
1489 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
1490 /* todo: check write operation */
1492 ILOG("Starting Flash write for F2/F4\n");
1493 /* flash loader initialization */
1494 if (init_flash_loader(sl, &fl) == -1) {
1495 ELOG("init_flash_loader() == -1\n");
1499 /* First unlock the cr */
1500 unlock_flash_if(sl);
1502 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1503 /* set parallelisim to 32 bit*/
1504 write_flash_cr_psiz(sl, 2);
1506 /* set programming mode */
1507 set_flash_cr_pg(sl);
1509 for(off = 0; off < len;) {
1510 size_t size = len - off > 0x8000 ? 0x8000 : len - off;
1512 printf("size: %zu\n", size);
1514 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1515 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1523 #define PROGRESS_CHUNK_SIZE 0x1000
1524 /* write a word in program memory */
1525 for (off = 0; off < len; off += sizeof(uint32_t)) {
1527 if (sl->verbose >= 1) {
1528 if ((off & (PROGRESS_CHUNK_SIZE - 1)) == 0) {
1529 /* show progress. writing procedure is slow
1530 and previous errors are misleading */
1531 const uint32_t pgnum = (off / PROGRESS_CHUNK_SIZE)+1;
1532 const uint32_t pgcount = len / PROGRESS_CHUNK_SIZE +1;
1533 fprintf(stdout, "Writing %ukB chunk %u out of %u\n",
1534 PROGRESS_CHUNK_SIZE/1024, pgnum, pgcount);
1538 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1539 stlink_write_debug32(sl, addr + off, data);
1541 /* wait for sr.busy to be cleared */
1542 wait_flash_busy(sl);
1549 #if 0 /* todo: debug mode */
1550 fprintf(stdout, "Final CR:0x%x\n", read_flash_cr(sl));
1555 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) {
1556 /* use fast word write. todo: half page. */
1559 #if 0 /* todo: check write operation */
1561 uint32_t nwrites = sl->flash_pgsz;
1565 #endif /* todo: check write operation */
1567 /* disable pecr protection */
1568 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
1569 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
1571 /* check pecr.pelock is cleared */
1572 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1573 if (val & (1 << 0)) {
1574 fprintf(stderr, "pecr.pelock not clear\n");
1578 /* unlock program memory */
1579 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
1580 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
1582 /* check pecr.prglock is cleared */
1583 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1584 if (val & (1 << 1)) {
1585 fprintf(stderr, "pecr.prglock not clear\n");
1589 if (len > L1_WRITE_BLOCK_SIZE) {
1590 if (stm32l1_write_half_pages(sl, addr, base, len/L1_WRITE_BLOCK_SIZE) == -1) {
1591 /* This may happen on a blank device! */
1592 WLOG("\nwrite_half_pages failed == -1\n");
1594 off = (len /L1_WRITE_BLOCK_SIZE)*L1_WRITE_BLOCK_SIZE;
1598 /* write remainingword in program memory */
1599 for ( ; off < len; off += sizeof(uint32_t)) {
1602 fprintf(stdout, "\r");
1604 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1605 fprintf(stdout, "\r%3zd/%3zd pages written",
1606 off/sl->flash_pgsz, len/sl->flash_pgsz);
1610 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1611 stlink_write_debug32(sl, addr + off, data);
1613 /* wait for sr.busy to be cleared */
1614 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1617 #if 0 /* todo: check redo write operation */
1619 /* check written bytes. todo: should be on a per page basis. */
1620 data = stlink_read_debug32(sl, addr + off);
1621 if (data == *(uint32_t*)(base + off)) {
1622 /* re erase the page and redo the write operation */
1626 /* fail if successive write count too low */
1627 if (nwrites < sl->flash_pgsz) {
1628 fprintf(stderr, "writes operation failure count too high, aborting\n");
1634 /* assume addr aligned */
1635 if (off % sl->flash_pgsz) off &= ~(sl->flash_pgsz - 1);
1638 fprintf(stderr, "invalid write @0x%x(0x%x): 0x%x != 0x%x. retrying.\n",
1639 page, addr + off, read_uint32(base + off, 0), read_uint32(sl->q_buf, 0));
1641 /* reset lock bits */
1642 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1643 | (1 << 0) | (1 << 1) | (1 << 2);
1644 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1646 stlink_erase_flash_page(sl, page);
1651 /* increment successive writes counter */
1654 #endif /* todo: check redo write operation */
1656 fprintf(stdout, "\n");
1657 /* reset lock bits */
1658 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1659 | (1 << 0) | (1 << 1) | (1 << 2);
1660 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1661 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1662 ILOG("Starting Flash write for VL/F0 core id\n");
1663 /* flash loader initialization */
1664 if (init_flash_loader(sl, &fl) == -1) {
1665 ELOG("init_flash_loader() == -1\n");
1669 int write_block_count = 0;
1670 for (off = 0; off < len; off += sl->flash_pgsz) {
1671 /* adjust last write size */
1672 size_t size = sl->flash_pgsz;
1673 if ((off + sl->flash_pgsz) > len) size = len - off;
1675 /* unlock and set programming mode */
1676 unlock_flash_if(sl);
1677 set_flash_cr_pg(sl);
1678 //DLOG("Finished setting flash cr pg, running loader!\n");
1679 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1680 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1684 if (sl->verbose >= 1) {
1685 /* show progress. writing procedure is slow
1686 and previous errors are misleading */
1687 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
1691 fprintf(stdout, "\n");
1693 ELOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1697 return stlink_verify_write_flash(sl, addr, base, len);
1701 * Write the given binary file into flash at address "addr"
1703 * @param path readable file path, should be binary image
1704 * @param addr where to start writing
1705 * @return 0 on success, -ve on failure.
1707 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1708 /* write the file in flash at addr */
1710 unsigned int num_empty = 0, index;
1711 unsigned char erased_pattern =(sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS)?0:0xff;
1712 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1713 if (map_file(&mf, path) == -1) {
1714 ELOG("map_file() == -1\n");
1717 for(index = 0; index < mf.len; index ++) {
1718 if (mf.base[index] == erased_pattern)
1723 if(num_empty != 0) {
1724 ILOG("Ignoring %d bytes of Zeros at end of file\n",num_empty);
1725 mf.len -= num_empty;
1727 err = stlink_write_flash(sl, addr, mf.base, mf.len);
1729 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1730 /* Set PC to the reset routine*/
1731 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1737 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
1741 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
1742 // FIXME This can never return -1
1743 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
1745 ELOG("write_buffer_to_sram() == -1\n");
1749 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) {
1751 size_t count = size / sizeof(uint32_t);
1752 if (size % sizeof(uint32_t)) ++count;
1755 stlink_write_reg(sl, target, 0); /* target */
1756 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
1757 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1758 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1760 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1762 size_t count = size / sizeof(uint16_t);
1763 if (size % sizeof(uint16_t)) ++count;
1766 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1767 stlink_write_reg(sl, target, 1); /* target */
1768 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
1769 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
1770 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1772 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4) {
1774 size_t count = size / sizeof(uint32_t);
1775 if (size % sizeof(uint32_t)) ++count;
1778 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1779 stlink_write_reg(sl, target, 1); /* target */
1780 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1781 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1784 fprintf(stderr, "unknown coreid 0x%x, don't know what flash loader to use\n", sl->core_id);
1791 #define WAIT_ROUNDS 1000
1792 /* wait until done (reaches breakpoint) */
1793 for (i = 0; i < WAIT_ROUNDS; i++) {
1795 if (is_core_halted(sl))
1799 if (i >= WAIT_ROUNDS) {
1800 ELOG("flash loader run error\n");
1804 /* check written byte count */
1805 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) {
1807 size_t count = size / sizeof(uint32_t);
1808 if (size % sizeof(uint32_t)) ++count;
1810 stlink_read_reg(sl, 3, &rr);
1811 if (rr.r[3] != count) {
1812 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
1816 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1818 stlink_read_reg(sl, 2, &rr);
1820 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1824 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4) {
1826 stlink_read_reg(sl, 2, &rr);
1828 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1834 fprintf(stderr, "unknown coreid 0x%x, can't check written byte count\n", sl->core_id);
projects / fw / stlink / blob