10 #include <sys/types.h>
14 #include "stlink-common.h"
15 #include "uglylogging.h"
22 #define LOG_TAG __FILE__
23 #define DLOG(format, args...) ugly_log(UDEBUG, LOG_TAG, format, ## args)
24 #define ILOG(format, args...) ugly_log(UINFO, LOG_TAG, format, ## args)
25 #define WLOG(format, args...) ugly_log(UWARN, LOG_TAG, format, ## args)
26 #define ELOG(format, args...) ugly_log(UERROR, LOG_TAG, format, ## args)
27 #define fatal(format, args...) ugly_log(UFATAL, LOG_TAG, format, ## args)
29 /* todo: stm32l15xxx flash memory, pm0062 manual */
31 /* stm32f FPEC flash controller interface, pm0063 manual */
32 // TODO - all of this needs to be abstracted out....
33 // STM32F05x is identical, based on RM0091 (DM00031936, Doc ID 018940 Rev 2, August 2012)
34 #define FLASH_REGS_ADDR 0x40022000
35 #define FLASH_REGS_SIZE 0x28
37 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
38 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
39 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
40 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
41 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
42 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
43 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
45 // For STM32F05x, the RDPTR_KEY may be wrong, but as it is not used anywhere...
46 #define FLASH_RDPTR_KEY 0x00a5
47 #define FLASH_KEY1 0x45670123
48 #define FLASH_KEY2 0xcdef89ab
50 #define FLASH_SR_BSY 0
51 #define FLASH_SR_EOP 5
54 #define FLASH_CR_PER 1
55 #define FLASH_CR_MER 2
56 #define FLASH_CR_STRT 6
57 #define FLASH_CR_LOCK 7
60 //32L = 32F1 same CoreID as 32F4!
61 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
62 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
63 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
64 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
65 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
66 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
67 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
68 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
69 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
70 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
71 #define FLASH_L1_FPRG 10
72 #define FLASH_L1_PROG 3
76 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
77 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
78 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
79 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
80 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
81 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
82 #define FLASH_F4_CR_STRT 16
83 #define FLASH_F4_CR_LOCK 31
84 #define FLASH_F4_CR_SER 1
85 #define FLASH_F4_CR_SNB 3
86 #define FLASH_F4_CR_SNB_MASK 0x38
87 #define FLASH_F4_SR_BSY 16
90 void write_uint32(unsigned char* buf, uint32_t ui) {
91 if (!is_bigendian()) { // le -> le (don't swap)
92 buf[0] = ((unsigned char*) &ui)[0];
93 buf[1] = ((unsigned char*) &ui)[1];
94 buf[2] = ((unsigned char*) &ui)[2];
95 buf[3] = ((unsigned char*) &ui)[3];
97 buf[0] = ((unsigned char*) &ui)[3];
98 buf[1] = ((unsigned char*) &ui)[2];
99 buf[2] = ((unsigned char*) &ui)[1];
100 buf[3] = ((unsigned char*) &ui)[0];
104 void write_uint16(unsigned char* buf, uint16_t ui) {
105 if (!is_bigendian()) { // le -> le (don't swap)
106 buf[0] = ((unsigned char*) &ui)[0];
107 buf[1] = ((unsigned char*) &ui)[1];
109 buf[0] = ((unsigned char*) &ui)[1];
110 buf[1] = ((unsigned char*) &ui)[0];
114 uint32_t read_uint32(const unsigned char *c, const int pt) {
116 char *p = (char *) &ui;
118 if (!is_bigendian()) { // le -> le (don't swap)
132 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
133 return stlink_read_debug32(sl, FLASH_WRPR) & 0xff;
136 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
137 return stlink_read_debug32(sl, FLASH_WRPR);
140 static inline uint32_t read_flash_obr(stlink_t *sl) {
141 return stlink_read_debug32(sl, FLASH_OBR);
144 static inline uint32_t read_flash_cr(stlink_t *sl) {
146 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
147 res = stlink_read_debug32(sl, FLASH_F4_CR);
149 res = stlink_read_debug32(sl, FLASH_CR);
151 fprintf(stdout, "CR:0x%x\n", res);
156 static inline unsigned int is_flash_locked(stlink_t *sl) {
157 /* return non zero for true */
158 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
159 return read_flash_cr(sl) & (1 << FLASH_F4_CR_LOCK);
161 return read_flash_cr(sl) & (1 << FLASH_CR_LOCK);
164 static void unlock_flash(stlink_t *sl) {
165 /* the unlock sequence consists of 2 write cycles where
166 2 key values are written to the FLASH_KEYR register.
167 an invalid sequence results in a definitive lock of
168 the FPEC block until next reset.
170 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
171 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
172 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
174 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
175 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
180 static int unlock_flash_if(stlink_t *sl) {
181 /* unlock flash if already locked */
183 if (is_flash_locked(sl)) {
185 if (is_flash_locked(sl)) {
186 WLOG("Failed to unlock flash!\n");
190 DLOG("Successfully unlocked flash\n");
194 static void lock_flash(stlink_t *sl) {
195 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
196 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
197 stlink_write_debug32(sl, FLASH_F4_CR, n);
199 /* write to 1 only. reset by hw at unlock sequence */
200 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
201 stlink_write_debug32(sl, FLASH_CR, n);
206 static void set_flash_cr_pg(stlink_t *sl) {
207 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
208 uint32_t x = read_flash_cr(sl);
209 x |= (1 << FLASH_CR_PG);
210 stlink_write_debug32(sl, FLASH_F4_CR, x);
212 const uint32_t n = 1 << FLASH_CR_PG;
213 stlink_write_debug32(sl, FLASH_CR, n);
217 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
218 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
219 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
220 stlink_write_debug32(sl, FLASH_F4_CR, n);
222 stlink_write_debug32(sl, FLASH_CR, n);
225 static void set_flash_cr_per(stlink_t *sl) {
226 const uint32_t n = 1 << FLASH_CR_PER;
227 stlink_write_debug32(sl, FLASH_CR, n);
230 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
231 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
232 stlink_write_debug32(sl, FLASH_CR, n);
235 static void set_flash_cr_mer(stlink_t *sl) {
236 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
237 stlink_write_debug32(sl, FLASH_F4_CR,
238 stlink_read_debug32(sl, FLASH_F4_CR) | (1 << FLASH_CR_MER));
240 stlink_write_debug32(sl, FLASH_CR,
241 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_MER));
244 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
245 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
246 stlink_write_debug32(sl, FLASH_F4_CR,
247 stlink_read_debug32(sl, FLASH_F4_CR) & ~(1 << FLASH_CR_MER));
249 stlink_write_debug32(sl, FLASH_CR,
250 stlink_read_debug32(sl, FLASH_CR) & ~(1 << FLASH_CR_MER));
253 static void set_flash_cr_strt(stlink_t *sl) {
254 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
255 uint32_t x = read_flash_cr(sl);
256 x |= (1 << FLASH_F4_CR_STRT);
257 stlink_write_debug32(sl, FLASH_F4_CR, x);
259 stlink_write_debug32(sl, FLASH_CR,
260 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_STRT) );
264 static inline uint32_t read_flash_acr(stlink_t *sl) {
265 return stlink_read_debug32(sl, FLASH_ACR);
268 static inline uint32_t read_flash_sr(stlink_t *sl) {
270 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
271 res = stlink_read_debug32(sl, FLASH_F4_SR);
273 res = stlink_read_debug32(sl, FLASH_SR);
274 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
278 static inline unsigned int is_flash_busy(stlink_t *sl) {
279 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4))
280 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
282 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
285 static void wait_flash_busy(stlink_t *sl) {
286 /* todo: add some delays here */
287 while (is_flash_busy(sl))
291 static void wait_flash_busy_progress(stlink_t *sl) {
293 fprintf(stdout, "Mass erasing");
295 while (is_flash_busy(sl)) {
299 fprintf(stdout, ".");
303 fprintf(stdout, "\n");
306 static inline unsigned int is_flash_eop(stlink_t *sl) {
307 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
310 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
311 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
312 stlink_write_debug32(sl, FLASH_SR, n);
315 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
316 /* todo: add some delays here */
317 while (is_flash_eop(sl) == 0)
321 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
322 stlink_write_debug32(sl, FLASH_AR, n);
325 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
326 uint32_t x = read_flash_cr(sl);
330 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
332 stlink_write_debug32(sl, FLASH_F4_CR, x);
336 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
337 uint32_t x = read_flash_cr(sl);
338 x &= ~FLASH_F4_CR_SNB_MASK;
339 x |= (n << FLASH_F4_CR_SNB);
340 x |= (1 << FLASH_F4_CR_SER);
342 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
344 stlink_write_debug32(sl, FLASH_F4_CR, x);
349 static void disable_flash_read_protection(stlink_t *sl) {
350 /* erase the option byte area */
357 // Delegates to the backends...
359 void stlink_close(stlink_t *sl) {
360 DLOG("*** stlink_close ***\n");
361 sl->backend->close(sl);
365 void stlink_exit_debug_mode(stlink_t *sl) {
366 DLOG("*** stlink_exit_debug_mode ***\n");
367 stlink_write_debug32(sl, DHCSR, DBGKEY);
368 sl->backend->exit_debug_mode(sl);
371 void stlink_enter_swd_mode(stlink_t *sl) {
372 DLOG("*** stlink_enter_swd_mode ***\n");
373 sl->backend->enter_swd_mode(sl);
376 // Force the core into the debug mode -> halted state.
377 void stlink_force_debug(stlink_t *sl) {
378 DLOG("*** stlink_force_debug_mode ***\n");
379 sl->backend->force_debug(sl);
382 void stlink_exit_dfu_mode(stlink_t *sl) {
383 DLOG("*** stlink_exit_dfu_mode ***\n");
384 sl->backend->exit_dfu_mode(sl);
387 uint32_t stlink_core_id(stlink_t *sl) {
388 DLOG("*** stlink_core_id ***\n");
389 sl->backend->core_id(sl);
391 stlink_print_data(sl);
392 DLOG("core_id = 0x%08x\n", sl->core_id);
396 uint32_t stlink_chip_id(stlink_t *sl) {
397 uint32_t chip_id = stlink_read_debug32(sl, 0xE0042000);
398 if (chip_id == 0) chip_id = stlink_read_debug32(sl, 0x40015800); //Try Corex M0 DBGMCU_IDCODE register address
403 * Cortex m3 tech ref manual, CPUID register description
404 * @param sl stlink context
405 * @param cpuid pointer to the result object
407 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
408 uint32_t raw = stlink_read_debug32(sl, CM3_REG_CPUID);
409 cpuid->implementer_id = (raw >> 24) & 0x7f;
410 cpuid->variant = (raw >> 20) & 0xf;
411 cpuid->part = (raw >> 4) & 0xfff;
412 cpuid->revision = raw & 0xf;
417 * reads and decodes the flash parameters, as dynamically as possible
419 * @return 0 for success, or -1 for unsupported core type.
421 int stlink_load_device_params(stlink_t *sl) {
422 ILOG("Loading device parameters....\n");
423 const chip_params_t *params = NULL;
424 sl->core_id = stlink_core_id(sl);
425 uint32_t chip_id = stlink_chip_id(sl);
427 sl->chip_id = chip_id & 0xfff;
428 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
429 if (sl->chip_id == 0x411) {
430 uint32_t cpuid = stlink_read_debug32(sl, 0xE000ED00);
431 if ((cpuid & 0xfff0) == 0xc240)
435 for (size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
436 if(devices[i].chip_id == sl->chip_id) {
437 params = &devices[i];
441 if (params == NULL) {
442 WLOG("unknown chip id! %#x\n", chip_id);
446 // These are fixed...
447 sl->flash_base = STM32_FLASH_BASE;
448 sl->sram_base = STM32_SRAM_BASE;
450 // read flash size from hardware, if possible...
451 if (sl->chip_id == STM32_CHIPID_F2) {
452 sl->flash_size = 0x100000; /* Use maximum, User must care!*/
453 } else if (sl->chip_id == STM32_CHIPID_F4) {
454 sl->flash_size = 0x100000; //todo: RM0090 error; size register same address as unique ID
455 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS) {
456 // if the flash size is zero, we assume it is 128k, if not we calculate the real value
457 uint32_t flash_size = stlink_read_debug32(sl,params->flash_size_reg) & 0xffff;
458 if ( flash_size == 0 ) {
459 sl->flash_size = 128 * 1024;
461 sl->flash_size = flash_size * 1024;
463 } else if ((sl->chip_id & 0xFFF) == STM32_CHIPID_L1_HIGH) {
464 uint32_t flash_size = stlink_read_debug32(sl, params->flash_size_reg) & 0x1;
465 // 0 is 384k and 1 is 256k
466 if ( flash_size == 0 ) {
467 sl->flash_size = 384 * 1024;
469 sl->flash_size = 256 * 1024;
472 uint32_t flash_size = stlink_read_debug32(sl, params->flash_size_reg) & 0xffff;
473 sl->flash_size = flash_size * 1024;
475 sl->flash_pgsz = params->flash_pagesize;
476 sl->sram_size = params->sram_size;
477 sl->sys_base = params->bootrom_base;
478 sl->sys_size = params->bootrom_size;
480 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
481 // TODO make note of variable page size here.....
482 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
483 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
488 void stlink_reset(stlink_t *sl) {
489 DLOG("*** stlink_reset ***\n");
490 sl->backend->reset(sl);
493 void stlink_jtag_reset(stlink_t *sl, int value) {
494 DLOG("*** stlink_jtag_reset ***\n");
495 sl->backend->jtag_reset(sl, value);
498 void stlink_run(stlink_t *sl) {
499 DLOG("*** stlink_run ***\n");
500 sl->backend->run(sl);
503 void stlink_status(stlink_t *sl) {
504 DLOG("*** stlink_status ***\n");
505 sl->backend->status(sl);
506 stlink_core_stat(sl);
510 * Decode the version bits, originally from -sg, verified with usb
511 * @param sl stlink context, assumed to contain valid data in the buffer
512 * @param slv output parsed version object
514 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
515 uint32_t b0 = sl->q_buf[0]; //lsb
516 uint32_t b1 = sl->q_buf[1];
517 uint32_t b2 = sl->q_buf[2];
518 uint32_t b3 = sl->q_buf[3];
519 uint32_t b4 = sl->q_buf[4];
520 uint32_t b5 = sl->q_buf[5]; //msb
522 // b0 b1 || b2 b3 | b4 b5
523 // 4b | 6b | 6b || 2B | 2B
524 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
526 slv->stlink_v = (b0 & 0xf0) >> 4;
527 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
528 slv->swim_v = b1 & 0x3f;
529 slv->st_vid = (b3 << 8) | b2;
530 slv->stlink_pid = (b5 << 8) | b4;
534 void stlink_version(stlink_t *sl) {
535 DLOG("*** looking up stlink version\n");
536 sl->backend->version(sl);
537 _parse_version(sl, &sl->version);
539 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
540 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
541 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
542 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
543 DLOG("swim version = 0x%x\n", sl->version.swim_v);
544 if (sl->version.jtag_v == 0) {
545 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
547 if (sl->version.swim_v == 0) {
548 DLOG(" notice: the firmware doesn't support a swim interface\n");
552 uint32_t stlink_read_debug32(stlink_t *sl, uint32_t addr) {
553 uint32_t data = sl->backend->read_debug32(sl, addr);
554 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
558 void stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
559 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
560 sl->backend->write_debug32(sl, addr, data);
563 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
564 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
566 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
569 sl->backend->write_mem32(sl, addr, len);
572 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
573 DLOG("*** stlink_read_mem32 ***\n");
574 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
575 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
579 sl->backend->read_mem32(sl, addr, len);
582 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
583 DLOG("*** stlink_write_mem8 ***\n");
584 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
585 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
589 sl->backend->write_mem8(sl, addr, len);
592 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
593 DLOG("*** stlink_read_all_regs ***\n");
594 sl->backend->read_all_regs(sl, regp);
597 void stlink_read_all_unsupported_regs(stlink_t *sl, reg *regp) {
598 DLOG("*** stlink_read_all_unsupported_regs ***\n");
599 sl->backend->read_all_unsupported_regs(sl, regp);
602 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
603 DLOG("*** stlink_write_reg\n");
604 sl->backend->write_reg(sl, reg, idx);
607 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
608 DLOG("*** stlink_read_reg\n");
609 DLOG(" (%d) ***\n", r_idx);
611 if (r_idx > 20 || r_idx < 0) {
612 fprintf(stderr, "Error: register index must be in [0..20]\n");
616 sl->backend->read_reg(sl, r_idx, regp);
619 void stlink_read_unsupported_reg(stlink_t *sl, int r_idx, reg *regp) {
622 DLOG("*** stlink_read_unsupported_reg\n");
623 DLOG(" (%d) ***\n", r_idx);
625 /* Convert to values used by DCRSR */
626 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
628 } else if (r_idx == 0x40) { /* FPSCR */
630 } else if (r_idx >= 0x20 && r_idx < 0x40) {
631 r_convert = 0x40 + (r_idx - 0x20);
633 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
637 sl->backend->read_unsupported_reg(sl, r_convert, regp);
640 void stlink_write_unsupported_reg(stlink_t *sl, uint32_t val, int r_idx, reg *regp) {
643 DLOG("*** stlink_write_unsupported_reg\n");
644 DLOG(" (%d) ***\n", r_idx);
646 /* Convert to values used by DCRSR */
647 if (r_idx >= 0x1C && r_idx <= 0x1F) { /* primask, basepri, faultmask, or control */
648 r_convert = r_idx; /* The backend function handles this */
649 } else if (r_idx == 0x40) { /* FPSCR */
651 } else if (r_idx >= 0x20 && r_idx < 0x40) {
652 r_convert = 0x40 + (r_idx - 0x20);
654 fprintf(stderr, "Error: register address must be in [0x1C..0x40]\n");
658 sl->backend->write_unsupported_reg(sl, val, r_convert, regp);
661 unsigned int is_core_halted(stlink_t *sl) {
662 /* return non zero if core is halted */
664 return sl->q_buf[0] == STLINK_CORE_HALTED;
667 void stlink_step(stlink_t *sl) {
668 DLOG("*** stlink_step ***\n");
669 sl->backend->step(sl);
672 int stlink_current_mode(stlink_t *sl) {
673 int mode = sl->backend->current_mode(sl);
675 case STLINK_DEV_DFU_MODE:
676 DLOG("stlink current mode: dfu\n");
678 case STLINK_DEV_DEBUG_MODE:
679 DLOG("stlink current mode: debug (jtag or swd)\n");
681 case STLINK_DEV_MASS_MODE:
682 DLOG("stlink current mode: mass\n");
685 DLOG("stlink mode: unknown!\n");
686 return STLINK_DEV_UNKNOWN_MODE;
692 // End of delegates.... Common code below here...
695 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
697 // #define is_bigendian() ( (*(char*)&i) == 0 )
699 inline unsigned int is_bigendian(void) {
700 static volatile const unsigned int i = 1;
701 return *(volatile const char*) &i == 0;
704 uint16_t read_uint16(const unsigned char *c, const int pt) {
706 char *p = (char *) &ui;
708 if (!is_bigendian()) { // le -> le (don't swap)
718 // same as above with entrypoint.
720 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
721 stlink_write_reg(sl, addr, 15); /* pc register */
725 while (is_core_halted(sl) == 0)
729 void stlink_core_stat(stlink_t *sl) {
733 switch (sl->q_buf[0]) {
734 case STLINK_CORE_RUNNING:
735 sl->core_stat = STLINK_CORE_RUNNING;
736 DLOG(" core status: running\n");
738 case STLINK_CORE_HALTED:
739 sl->core_stat = STLINK_CORE_HALTED;
740 DLOG(" core status: halted\n");
743 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
744 fprintf(stderr, " core status: unknown\n");
748 void stlink_print_data(stlink_t * sl) {
749 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
752 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
754 for (int i = 0; i < sl->q_len; i++) {
757 if (sl->q_data_dir == Q_DATA_OUT)
758 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
760 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
763 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
765 fputs("\n\n", stdout);
768 /* memory mapped file */
770 typedef struct mapped_file {
775 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
777 static int map_file(mapped_file_t* mf, const char* path) {
781 const int fd = open(path, O_RDONLY | O_BINARY);
783 fprintf(stderr, "open(%s) == -1\n", path);
787 if (fstat(fd, &st) == -1) {
788 fprintf(stderr, "fstat() == -1\n");
792 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
793 if (mf->base == MAP_FAILED) {
794 fprintf(stderr, "mmap() == MAP_FAILED\n");
798 mf->len = st.st_size;
809 static void unmap_file(mapped_file_t * mf) {
810 munmap((void*) mf->base, mf->len);
811 mf->base = (unsigned char*) MAP_FAILED;
815 /* Limit the block size to compare to 0x1800
816 Anything larger will stall the STLINK2
817 Maybe STLINK V1 needs smaller value!*/
818 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
820 size_t n_cmp = sl->flash_pgsz;
824 for (off = 0; off < mf->len; off += n_cmp) {
827 /* adjust last page size */
828 size_t cmp_size = n_cmp;
829 if ((off + n_cmp) > mf->len)
830 cmp_size = mf->len - off;
832 aligned_size = cmp_size;
833 if (aligned_size & (4 - 1))
834 aligned_size = (cmp_size + 4) & ~(4 - 1);
836 stlink_read_mem32(sl, addr + off, aligned_size);
838 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
845 int stlink_fwrite_sram
846 (stlink_t * sl, const char* path, stm32_addr_t addr) {
847 /* write the file in sram at addr */
851 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
854 if (map_file(&mf, path) == -1) {
855 fprintf(stderr, "map_file() == -1\n");
859 /* check addr range is inside the sram */
860 if (addr < sl->sram_base) {
861 fprintf(stderr, "addr too low\n");
863 } else if ((addr + mf.len) < addr) {
864 fprintf(stderr, "addr overruns\n");
866 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
867 fprintf(stderr, "addr too high\n");
869 } else if ((addr & 3) || (mf.len & 3)) {
871 fprintf(stderr, "unaligned addr or size\n");
874 /* do the copy by 1k blocks */
875 for (off = 0; off < mf.len; off += 1024) {
877 if ((off + size) > mf.len)
880 memcpy(sl->q_buf, mf.base + off, size);
882 /* round size if needed */
886 stlink_write_mem32(sl, addr + off, size);
889 /* check the file ha been written */
890 if (check_file(sl, &mf, addr) == -1) {
891 fprintf(stderr, "check_file() == -1\n");
898 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
899 /* Set PC to the reset routine*/
900 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
908 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
909 /* read size bytes from addr to file */
914 unsigned char erased_pattern = (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
915 || sl->chip_id == STM32_CHIPID_L1_HIGH) ? 0:0xff;
917 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
919 fprintf(stderr, "open(%s) == -1\n", path);
924 size = sl->flash_size;
926 if (size > sl->flash_size)
927 size = sl->flash_size;
929 /* do the copy by 1k blocks */
930 for (off = 0; off < size; off += 1024) {
931 size_t read_size = 1024;
934 if ((off + read_size) > size)
935 read_size = size - off;
937 /* round size if needed */
938 rounded_size = read_size;
939 if (rounded_size & 3)
940 rounded_size = (rounded_size + 4) & ~(3);
942 stlink_read_mem32(sl, addr + off, rounded_size);
944 for(index = 0; index < read_size; index ++) {
945 if (sl->q_buf[index] == erased_pattern)
950 if (write(fd, sl->q_buf, read_size) != (ssize_t) read_size) {
951 fprintf(stderr, "write() != read_size\n");
956 /* Ignore NULL Bytes at end of file */
957 if (!ftruncate(fd, size - num_empty)) {
970 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
971 /* write the buffer right after the loader */
972 size_t chunk = size & ~0x3;
973 size_t rem = size & 0x3;
975 memcpy(sl->q_buf, buf, chunk);
976 stlink_write_mem32(sl, fl->buf_addr, chunk);
979 memcpy(sl->q_buf, buf+chunk, rem);
980 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
985 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
986 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
987 if (flashaddr<0x4000) return (0);
988 else if(flashaddr<0x8000) return(1);
989 else if(flashaddr<0xc000) return(2);
990 else if(flashaddr<0x10000) return(3);
991 else if(flashaddr<0x20000) return(4);
992 else return(flashaddr/0x20000)+4;
996 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
997 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
998 uint32_t sector=calculate_F4_sectornum(flashaddr);
999 if (sector<4) sl->flash_pgsz=0x4000;
1000 else if(sector<5) sl->flash_pgsz=0x10000;
1001 else sl->flash_pgsz=0x20000;
1003 return (sl->flash_pgsz);
1007 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
1008 * @param sl stlink context
1009 * @param flashaddr an address in the flash page to erase
1010 * @return 0 on success -ve on failure
1012 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
1014 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
1015 /* wait for ongoing op to finish */
1016 wait_flash_busy(sl);
1018 /* unlock if locked */
1019 unlock_flash_if(sl);
1021 /* select the page to erase */
1022 // calculate the actual page from the address
1023 uint32_t sector=calculate_F4_sectornum(flashaddr);
1025 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
1026 write_flash_cr_snb(sl, sector);
1028 /* start erase operation */
1029 set_flash_cr_strt(sl);
1031 /* wait for completion */
1032 wait_flash_busy(sl);
1034 /* relock the flash */
1035 //todo: fails to program if this is in
1038 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
1040 } else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1041 || sl->chip_id == STM32_CHIPID_L1_HIGH) {
1045 /* check if the locks are set */
1046 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1047 if((val & (1<<0))||(val & (1<<1))) {
1048 /* disable pecr protection */
1049 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
1050 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
1052 /* check pecr.pelock is cleared */
1053 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1054 if (val & (1 << 0)) {
1055 WLOG("pecr.pelock not clear (%#x)\n", val);
1059 /* unlock program memory */
1060 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
1061 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
1063 /* check pecr.prglock is cleared */
1064 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1065 if (val & (1 << 1)) {
1066 WLOG("pecr.prglock not clear (%#x)\n", val);
1071 /* unused: unlock the option byte block */
1073 stlink_write_debug32(sl, STM32L_FLASH_OPTKEYR, 0xfbead9c8);
1074 stlink_write_debug32(sl, STM32L_FLASH_OPTKEYR, 0x24252627);
1076 /* check pecr.optlock is cleared */
1077 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1078 if (val & (1 << 2)) {
1079 fprintf(stderr, "pecr.prglock not clear\n");
1084 /* set pecr.{erase,prog} */
1085 val |= (1 << 9) | (1 << 3);
1086 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1088 #if 0 /* fix_to_be_confirmed */
1090 /* wait for sr.busy to be cleared
1091 MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1092 wrong and we do not need to wait here for clearing the busy bit.
1093 TEXANE: ok, if experience says so and it works for you, we comment
1094 it. If someone has a problem, please drop an email.
1096 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1099 #endif /* fix_to_be_confirmed */
1101 /* write 0 to the first word of the page to be erased */
1102 stlink_write_debug32(sl, flashaddr, 0);
1104 /* MP: It is better to wait for clearing the busy bit after issuing
1105 page erase command, even though PM0062 recommends to wait before it.
1106 Test shows that a few iterations is performed in the following loop
1107 before busy bit is cleared.*/
1108 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1111 /* reset lock bits */
1112 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1113 | (1 << 0) | (1 << 1) | (1 << 2);
1114 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1115 } else if (sl->core_id == STM32VL_CORE_ID
1116 || sl->core_id == STM32F0_CORE_ID
1117 || sl->chip_id == STM32_CHIPID_F3
1118 || sl->chip_id == STM32_CHIPID_F37x) {
1119 /* wait for ongoing op to finish */
1120 wait_flash_busy(sl);
1122 /* unlock if locked */
1123 unlock_flash_if(sl);
1125 /* set the page erase bit */
1126 set_flash_cr_per(sl);
1128 /* select the page to erase */
1129 write_flash_ar(sl, flashaddr);
1131 /* start erase operation, reset by hw with bsy bit */
1132 set_flash_cr_strt(sl);
1134 /* wait for completion */
1135 wait_flash_busy(sl);
1137 /* relock the flash */
1140 WLOG("unknown coreid %x, page erase failed\n", sl->core_id);
1144 /* todo: verify the erased page */
1149 int stlink_erase_flash_mass(stlink_t *sl) {
1150 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1151 || sl->chip_id == STM32_CHIPID_L1_HIGH) {
1152 /* erase each page */
1153 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1154 for (i = 0; i < num_pages; i++) {
1155 /* addr must be an addr inside the page */
1156 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1157 if (stlink_erase_flash_page(sl, addr) == -1) {
1158 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1161 fprintf(stdout,"\rFlash page at %5d/%5d erased", i, num_pages);
1164 fprintf(stdout, "\n");
1166 /* wait for ongoing op to finish */
1167 wait_flash_busy(sl);
1169 /* unlock if locked */
1170 unlock_flash_if(sl);
1172 /* set the mass erase bit */
1173 set_flash_cr_mer(sl);
1175 /* start erase operation, reset by hw with bsy bit */
1176 set_flash_cr_strt(sl);
1178 /* wait for completion */
1179 wait_flash_busy_progress(sl);
1181 /* relock the flash */
1184 /* todo: verify the erased memory */
1189 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1192 /* allocate the loader in sram */
1193 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1194 WLOG("Failed to write flash loader to sram!\n");
1198 /* allocate a one page buffer in sram right after loader */
1199 fl->buf_addr = fl->loader_addr + size;
1200 ILOG("Successfully loaded flash loader in sram\n");
1204 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1205 /* from openocd, contrib/loaders/flash/stm32.s */
1206 static const uint8_t loader_code_stm32vl[] = {
1207 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1208 0x1c, 0x44, /* add r4, r3 */
1209 /* write_half_word: */
1210 0x01, 0x23, /* movs r3, #0x01 */
1211 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1212 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1213 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1215 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1216 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1217 0xfb, 0xd0, /* beq busy */
1218 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1219 0x01, 0xd1, /* bne exit */
1220 0x01, 0x3a, /* subs r2, r2, #0x01 */
1221 0xf0, 0xd1, /* bne write_half_word */
1223 0x00, 0xbe, /* bkpt #0x00 */
1224 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1227 /* flashloaders/stm32f0.s -- thumb1 only, same sequence as for STM32VL, bank ignored */
1228 static const uint8_t loader_code_stm32f0[] = {
1231 * These two NOPs here are a safety precaution, added by Pekka Nikander
1232 * while debugging the STM32F05x support. They may not be needed, but
1233 * there were strange problems with simpler programs, like a program
1234 * that had just a breakpoint or a program that first moved zero to register r2
1235 * and then had a breakpoint. So, it appears safest to have these two nops.
1237 * Feel free to remove them, if you dare, but then please do test the result
1238 * rigorously. Also, if you remove these, it may be a good idea first to
1239 * #if 0 them out, with a comment when these were taken out, and to remove
1240 * these only a few months later... But YMMV.
1242 0x00, 0x30, // nop /* add r0,#0 */
1243 0x00, 0x30, // nop /* add r0,#0 */
1245 0x0A, 0x4C, // ldr r4, STM32_FLASH_BASE
1246 0x01, 0x25, // mov r5, #1 /* FLASH_CR_PG, FLASH_SR_BUSY */
1247 0x04, 0x26, // mov r6, #4 /* PGERR */
1249 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1250 0x2B, 0x43, // orr r3, r5
1251 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR |= FLASH_CR_PG */
1252 0x03, 0x88, // ldrh r3, [r0] /* r3 = *sram */
1253 0x0B, 0x80, // strh r3, [r1] /* *flash = r3 */
1255 0xE3, 0x68, // ldr r3, [r4, #12] /* FLASH->SR */
1256 0x2B, 0x42, // tst r3, r5 /* FLASH_SR_BUSY */
1257 0xFC, 0xD0, // beq busy
1259 0x33, 0x42, // tst r3, r6 /* PGERR */
1260 0x04, 0xD1, // bne exit
1262 0x02, 0x30, // add r0, r0, #2 /* sram += 2 */
1263 0x02, 0x31, // add r1, r1, #2 /* flash += 2 */
1264 0x01, 0x3A, // sub r2, r2, #0x01 /* count-- */
1265 0x00, 0x2A, // cmp r2, #0
1266 0xF0, 0xD1, // bne write_half_word
1268 0x23, 0x69, // ldr r3, [r4, #16] /* FLASH->CR */
1269 0xAB, 0x43, // bic r3, r5
1270 0x23, 0x61, // str r3, [r4, #16] /* FLASH->CR &= ~FLASH_CR_PG */
1271 0x00, 0xBE, // bkpt #0x00
1272 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1275 static const uint8_t loader_code_stm32l[] = {
1277 /* openocd.git/contrib/loaders/flash/stm32lx.S
1278 r0, input, dest addr
1279 r1, input, source addr
1280 r2, input, word count
1281 r3, output, word count
1287 0x51, 0xf8, 0x04, 0xcb,
1288 0x40, 0xf8, 0x04, 0xcb,
1296 static const uint8_t loader_code_stm32f4[] = {
1297 // flashloaders/stm32f4.s
1306 0x14, 0xf0, 0x01, 0x0f,
1308 0x00, 0xf1, 0x04, 0x00,
1309 0x01, 0xf1, 0x04, 0x01,
1310 0xa2, 0xf1, 0x01, 0x02,
1315 0x00, 0x3c, 0x02, 0x40,
1318 const uint8_t* loader_code;
1321 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1322 || sl->chip_id == STM32_CHIPID_L1_HIGH ) { /* stm32l */
1323 loader_code = loader_code_stm32l;
1324 loader_size = sizeof(loader_code_stm32l);
1325 } else if (sl->core_id == STM32VL_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1326 loader_code = loader_code_stm32vl;
1327 loader_size = sizeof(loader_code_stm32vl);
1328 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4) {
1329 loader_code = loader_code_stm32f4;
1330 loader_size = sizeof(loader_code_stm32f4);
1331 } else if (sl->chip_id == STM32_CHIPID_F0 || sl->chip_id == STM32_CHIPID_F0_SMALL) {
1332 loader_code = loader_code_stm32f0;
1333 loader_size = sizeof(loader_code_stm32f0);
1335 ELOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1339 memcpy(sl->q_buf, loader_code, loader_size);
1340 stlink_write_mem32(sl, sl->sram_base, loader_size);
1342 *addr = sl->sram_base;
1343 *size = loader_size;
1349 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1350 /* check the contents of path are at addr */
1353 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1355 if (map_file(&mf, path) == -1)
1358 res = check_file(sl, &mf, addr);
1366 * Verify addr..addr+len is binary identical to base...base+len
1367 * @param sl stlink context
1368 * @param address stm device address
1369 * @param data host side buffer to check against
1370 * @param length how much
1371 * @return 0 for success, -ve for failure
1373 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1375 size_t cmp_size = (sl->flash_pgsz > 0x1800)? 0x1800:sl->flash_pgsz;
1376 ILOG("Starting verification of write complete\n");
1377 for (off = 0; off < length; off += cmp_size) {
1378 size_t aligned_size;
1380 /* adjust last page size */
1381 if ((off + cmp_size) > length)
1382 cmp_size = length - off;
1384 aligned_size = cmp_size;
1385 if (aligned_size & (4 - 1))
1386 aligned_size = (cmp_size + 4) & ~(4 - 1);
1388 stlink_read_mem32(sl, address + off, aligned_size);
1390 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1391 ELOG("Verification of flash failed at offset: %zd\n", off);
1395 ILOG("Flash written and verified! jolly good!\n");
1400 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, unsigned num_half_pages)
1406 ILOG("Starting Half page flash write for STM32L core id\n");
1407 /* flash loader initialization */
1408 if (init_flash_loader(sl, &fl) == -1) {
1409 WLOG("init_flash_loader() == -1\n");
1412 /* Unlock already done */
1413 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1414 val |= (1 << FLASH_L1_FPRG);
1415 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1417 val |= (1 << FLASH_L1_PROG);
1418 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1419 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {}
1421 #define L1_WRITE_BLOCK_SIZE 0x80
1422 for (count = 0; count < num_half_pages; count ++) {
1423 if (run_flash_loader(sl, &fl, addr + count * L1_WRITE_BLOCK_SIZE, base + count * L1_WRITE_BLOCK_SIZE, L1_WRITE_BLOCK_SIZE) == -1) {
1424 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * L1_WRITE_BLOCK_SIZE);
1425 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1426 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1427 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1430 /* wait for sr.busy to be cleared */
1431 if (sl->verbose >= 1) {
1432 /* show progress. writing procedure is slow
1433 and previous errors are misleading */
1434 fprintf(stdout, "\r%3u/%u halfpages written", count + 1, num_half_pages);
1437 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {
1440 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1441 val &= ~(1 << FLASH_L1_PROG);
1442 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1443 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1444 val &= ~(1 << FLASH_L1_FPRG);
1445 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1450 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, uint32_t len) {
1453 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1454 len, len, addr, addr);
1455 /* check addr range is inside the flash */
1456 stlink_calculate_pagesize(sl, addr);
1457 if (addr < sl->flash_base) {
1458 ELOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1460 } else if ((addr + len) < addr) {
1461 ELOG("addr overruns\n");
1463 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1464 ELOG("addr too high\n");
1466 } else if (addr & 1) {
1467 ELOG("unaligned addr 0x%x\n", addr);
1469 } else if (len & 1) {
1470 WLOG("unaligned len 0x%x -- padding with zero\n", len);
1472 } else if (addr & (sl->flash_pgsz - 1)) {
1473 ELOG("addr not a multiple of pagesize, not supported\n");
1477 // Make sure we've loaded the context with the chip details
1479 /* erase each page */
1481 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1482 /* addr must be an addr inside the page */
1483 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1484 ELOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1487 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1488 (unsigned long)addr + off);
1492 fprintf(stdout,"\n");
1493 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1494 page_count, sl->flash_pgsz, sl->flash_pgsz);
1496 if ((sl->chip_id == STM32_CHIPID_F2) || (sl->chip_id == STM32_CHIPID_F4)) {
1497 /* todo: check write operation */
1499 ILOG("Starting Flash write for F2/F4\n");
1500 /* flash loader initialization */
1501 if (init_flash_loader(sl, &fl) == -1) {
1502 ELOG("init_flash_loader() == -1\n");
1506 /* First unlock the cr */
1507 unlock_flash_if(sl);
1509 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1510 /* set parallelisim to 32 bit*/
1511 write_flash_cr_psiz(sl, 2);
1513 /* set programming mode */
1514 set_flash_cr_pg(sl);
1516 for(off = 0; off < len;) {
1517 size_t size = len - off > 0x8000 ? 0x8000 : len - off;
1519 printf("size: %zu\n", size);
1521 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1522 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1530 #define PROGRESS_CHUNK_SIZE 0x1000
1531 /* write a word in program memory */
1532 for (off = 0; off < len; off += sizeof(uint32_t)) {
1534 if (sl->verbose >= 1) {
1535 if ((off & (PROGRESS_CHUNK_SIZE - 1)) == 0) {
1536 /* show progress. writing procedure is slow
1537 and previous errors are misleading */
1538 const uint32_t pgnum = (off / PROGRESS_CHUNK_SIZE)+1;
1539 const uint32_t pgcount = len / PROGRESS_CHUNK_SIZE +1;
1540 fprintf(stdout, "Writing %ukB chunk %u out of %u\n",
1541 PROGRESS_CHUNK_SIZE/1024, pgnum, pgcount);
1545 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1546 stlink_write_debug32(sl, addr + off, data);
1548 /* wait for sr.busy to be cleared */
1549 wait_flash_busy(sl);
1556 #if 0 /* todo: debug mode */
1557 fprintf(stdout, "Final CR:0x%x\n", read_flash_cr(sl));
1562 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1563 || sl->chip_id == STM32_CHIPID_L1_HIGH ) {
1564 /* use fast word write. todo: half page. */
1567 #if 0 /* todo: check write operation */
1569 uint32_t nwrites = sl->flash_pgsz;
1573 #endif /* todo: check write operation */
1575 /* disable pecr protection */
1576 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
1577 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
1579 /* check pecr.pelock is cleared */
1580 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1581 if (val & (1 << 0)) {
1582 fprintf(stderr, "pecr.pelock not clear\n");
1586 /* unlock program memory */
1587 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
1588 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
1590 /* check pecr.prglock is cleared */
1591 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1592 if (val & (1 << 1)) {
1593 fprintf(stderr, "pecr.prglock not clear\n");
1597 if (len > L1_WRITE_BLOCK_SIZE) {
1598 if (stm32l1_write_half_pages(sl, addr, base, len/L1_WRITE_BLOCK_SIZE) == -1) {
1599 /* This may happen on a blank device! */
1600 WLOG("\nwrite_half_pages failed == -1\n");
1602 off = (len /L1_WRITE_BLOCK_SIZE)*L1_WRITE_BLOCK_SIZE;
1606 /* write remainingword in program memory */
1607 for ( ; off < len; off += sizeof(uint32_t)) {
1610 fprintf(stdout, "\r");
1612 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1613 fprintf(stdout, "\r%3zd/%3zd pages written",
1614 off/sl->flash_pgsz, len/sl->flash_pgsz);
1618 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1619 stlink_write_debug32(sl, addr + off, data);
1621 /* wait for sr.busy to be cleared */
1622 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1625 #if 0 /* todo: check redo write operation */
1627 /* check written bytes. todo: should be on a per page basis. */
1628 data = stlink_read_debug32(sl, addr + off);
1629 if (data == *(uint32_t*)(base + off)) {
1630 /* re erase the page and redo the write operation */
1634 /* fail if successive write count too low */
1635 if (nwrites < sl->flash_pgsz) {
1636 fprintf(stderr, "writes operation failure count too high, aborting\n");
1642 /* assume addr aligned */
1643 if (off % sl->flash_pgsz) off &= ~(sl->flash_pgsz - 1);
1646 fprintf(stderr, "invalid write @0x%x(0x%x): 0x%x != 0x%x. retrying.\n",
1647 page, addr + off, read_uint32(base + off, 0), read_uint32(sl->q_buf, 0));
1649 /* reset lock bits */
1650 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1651 | (1 << 0) | (1 << 1) | (1 << 2);
1652 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1654 stlink_erase_flash_page(sl, page);
1659 /* increment successive writes counter */
1662 #endif /* todo: check redo write operation */
1664 fprintf(stdout, "\n");
1665 /* reset lock bits */
1666 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1667 | (1 << 0) | (1 << 1) | (1 << 2);
1668 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1669 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1670 ILOG("Starting Flash write for VL/F0 core id\n");
1671 /* flash loader initialization */
1672 if (init_flash_loader(sl, &fl) == -1) {
1673 ELOG("init_flash_loader() == -1\n");
1677 int write_block_count = 0;
1678 for (off = 0; off < len; off += sl->flash_pgsz) {
1679 /* adjust last write size */
1680 size_t size = sl->flash_pgsz;
1681 if ((off + sl->flash_pgsz) > len) size = len - off;
1683 /* unlock and set programming mode */
1684 unlock_flash_if(sl);
1685 set_flash_cr_pg(sl);
1686 //DLOG("Finished setting flash cr pg, running loader!\n");
1687 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1688 ELOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1692 if (sl->verbose >= 1) {
1693 /* show progress. writing procedure is slow
1694 and previous errors are misleading */
1695 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
1699 fprintf(stdout, "\n");
1701 ELOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1705 return stlink_verify_write_flash(sl, addr, base, len);
1709 * Write the given binary file into flash at address "addr"
1711 * @param path readable file path, should be binary image
1712 * @param addr where to start writing
1713 * @return 0 on success, -ve on failure.
1715 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1716 /* write the file in flash at addr */
1718 unsigned int num_empty = 0, index;
1719 unsigned char erased_pattern =(sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1720 || sl->chip_id == STM32_CHIPID_L1_HIGH )?0:0xff;
1721 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1722 if (map_file(&mf, path) == -1) {
1723 ELOG("map_file() == -1\n");
1726 for(index = 0; index < mf.len; index ++) {
1727 if (mf.base[index] == erased_pattern)
1732 if(num_empty != 0) {
1733 ILOG("Ignoring %d bytes of Zeros at end of file\n",num_empty);
1734 mf.len -= num_empty;
1736 err = stlink_write_flash(sl, addr, mf.base, mf.len);
1738 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1739 /* Set PC to the reset routine*/
1740 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1746 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
1750 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
1751 // FIXME This can never return -1
1752 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
1754 ELOG("write_buffer_to_sram() == -1\n");
1758 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1759 || sl->chip_id == STM32_CHIPID_L1_HIGH ) {
1761 size_t count = size / sizeof(uint32_t);
1762 if (size % sizeof(uint32_t)) ++count;
1765 stlink_write_reg(sl, target, 0); /* target */
1766 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
1767 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1768 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1770 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1772 size_t count = size / sizeof(uint16_t);
1773 if (size % sizeof(uint16_t)) ++count;
1776 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1777 stlink_write_reg(sl, target, 1); /* target */
1778 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
1779 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
1780 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1782 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4) {
1784 size_t count = size / sizeof(uint32_t);
1785 if (size % sizeof(uint32_t)) ++count;
1788 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1789 stlink_write_reg(sl, target, 1); /* target */
1790 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1791 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1794 fprintf(stderr, "unknown coreid 0x%x, don't know what flash loader to use\n", sl->core_id);
1801 #define WAIT_ROUNDS 10000
1802 /* wait until done (reaches breakpoint) */
1803 for (i = 0; i < WAIT_ROUNDS; i++) {
1805 if (is_core_halted(sl))
1809 if (i >= WAIT_ROUNDS) {
1810 ELOG("flash loader run error\n");
1814 /* check written byte count */
1815 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM || sl->chip_id == STM32_CHIPID_L1_MEDIUM_PLUS
1816 || sl->chip_id == STM32_CHIPID_L1_HIGH ) {
1818 size_t count = size / sizeof(uint32_t);
1819 if (size % sizeof(uint32_t)) ++count;
1821 stlink_read_reg(sl, 3, &rr);
1822 if (rr.r[3] != count) {
1823 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
1827 } else if (sl->core_id == STM32VL_CORE_ID || sl->core_id == STM32F0_CORE_ID || sl->chip_id == STM32_CHIPID_F3 || sl->chip_id == STM32_CHIPID_F37x) {
1829 stlink_read_reg(sl, 2, &rr);
1831 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1835 } else if (sl->chip_id == STM32_CHIPID_F2 || sl->chip_id == STM32_CHIPID_F4) {
1837 stlink_read_reg(sl, 2, &rr);
1839 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1845 fprintf(stderr, "unknown coreid 0x%x, can't check written byte count\n", sl->core_id);
projects / fw / stlink / blob