1 // SPDX-License-Identifier: GPL-2.0-or-later
3 /***************************************************************************
4 * Copyright (C) 2005 by Dominic Rath *
5 * Dominic.Rath@gmx.de *
7 * Copyright (C) 2007,2008 Øyvind Harboe *
8 * oyvind.harboe@zylin.com *
10 * Copyright (C) 2008 Rob Brown, Lou Deluxe *
11 * rob@cobbleware.com, lou.openocd012@fixit.nospammail.net *
12 ***************************************************************************/
18 /* project specific includes */
19 #include <jtag/interface.h>
20 #include <jtag/commands.h>
21 #include "helper/replacements.h"
23 #include "rlink_st7.h"
24 #include "rlink_ep1_cmd.h"
25 #include "rlink_dtc_cmd.h"
26 #include "libusb_helper.h"
28 /* This feature is made useless by running the DTC all the time. When automatic, the LED is on
29 *whenever the DTC is running. Otherwise, USB messages are sent to turn it on and off. */
30 #undef AUTOMATIC_BUSY_LED
32 /* This feature may require derating the speed due to reduced hold time. */
33 #undef USE_HARDWARE_SHIFTER_FOR_TMS
35 #define INTERFACE_NAME "RLink"
37 #define USB_IDVENDOR (0x138e)
38 #define USB_IDPRODUCT (0x9000)
40 #define USB_EP1OUT_ADDR (0x01)
41 #define USB_EP1OUT_SIZE (16)
42 #define USB_EP1IN_ADDR (USB_EP1OUT_ADDR | 0x80)
43 #define USB_EP1IN_SIZE (USB_EP1OUT_SIZE)
45 #define USB_EP2OUT_ADDR (0x02)
46 #define USB_EP2OUT_SIZE (64)
47 #define USB_EP2IN_ADDR (USB_EP2OUT_ADDR | 0x80)
48 #define USB_EP2IN_SIZE (USB_EP2OUT_SIZE)
49 #define USB_EP2BANK_SIZE (512)
51 #define DTC_STATUS_POLL_BYTE (ST7_USB_BUF_EP0OUT + 0xff)
53 #define ST7_PD_NBUSY_LED ST7_PD0
54 #define ST7_PD_NRUN_LED ST7_PD1
55 /* low enables VPP at adapter header, high connects it to GND instead */
56 #define ST7_PD_VPP_SEL ST7_PD6
57 /* low: VPP = 12v, high: VPP <= 5v */
58 #define ST7_PD_VPP_SHDN ST7_PD7
60 /* These pins are connected together */
61 #define ST7_PE_ADAPTER_SENSE_IN ST7_PE3
62 #define ST7_PE_ADAPTER_SENSE_OUT ST7_PE4
64 /* Symbolic mapping between port pins and numbered IO lines */
65 #define ST7_PA_IO1 ST7_PA1
66 #define ST7_PA_IO2 ST7_PA2
67 #define ST7_PA_IO4 ST7_PA4
68 #define ST7_PA_IO8 ST7_PA6
69 #define ST7_PA_IO10 ST7_PA7
70 #define ST7_PB_IO5 ST7_PB5
71 #define ST7_PC_IO9 ST7_PC1
72 #define ST7_PC_IO3 ST7_PC2
73 #define ST7_PC_IO7 ST7_PC3
74 #define ST7_PE_IO6 ST7_PE5
76 /* Symbolic mapping between numbered IO lines and adapter signals */
77 #define ST7_PA_RTCK ST7_PA_IO0
78 #define ST7_PA_NTRST ST7_PA_IO1
79 #define ST7_PC_TDI ST7_PC_IO3
80 #define ST7_PA_DBGRQ ST7_PA_IO4
81 #define ST7_PB_NSRST ST7_PB_IO5
82 #define ST7_PE_TMS ST7_PE_IO6
83 #define ST7_PC_TCK ST7_PC_IO7
84 #define ST7_PC_TDO ST7_PC_IO9
85 #define ST7_PA_DBGACK ST7_PA_IO10
87 static struct libusb_device_handle *hdev;
90 * ep1 commands are up to USB_EP1OUT_SIZE bytes in length.
91 * This function takes care of zeroing the unused bytes before sending the packet.
92 * Any reply packet is not handled by this function.
94 static int ep1_generic_commandl(struct libusb_device_handle *hdev_param, size_t length, ...)
96 uint8_t usb_buffer[USB_EP1OUT_SIZE];
97 uint8_t *usb_buffer_p;
102 if (length > sizeof(usb_buffer))
103 length = sizeof(usb_buffer);
105 usb_buffer_p = usb_buffer;
107 va_start(ap, length);
109 *usb_buffer_p++ = va_arg(ap, int);
116 sizeof(usb_buffer) - (usb_buffer_p - usb_buffer)
119 usb_ret = jtag_libusb_bulk_write(
122 (char *)usb_buffer, sizeof(usb_buffer),
127 if (usb_ret != ERROR_OK)
133 static ssize_t ep1_memory_read(
134 struct libusb_device_handle *hdev_param, uint16_t addr,
135 size_t length, uint8_t *buffer)
137 uint8_t usb_buffer[USB_EP1OUT_SIZE];
143 usb_buffer[0] = EP1_CMD_MEMORY_READ;
147 sizeof(usb_buffer) - 4
154 if (remain > sizeof(usb_buffer))
155 length = sizeof(usb_buffer);
159 usb_buffer[1] = addr >> 8;
160 usb_buffer[2] = addr;
161 usb_buffer[3] = length;
163 usb_ret = jtag_libusb_bulk_write(
164 hdev_param, USB_EP1OUT_ADDR,
165 (char *)usb_buffer, sizeof(usb_buffer),
170 if (usb_ret != ERROR_OK || transferred < (int)sizeof(usb_buffer))
173 usb_ret = jtag_libusb_bulk_read(
174 hdev_param, USB_EP1IN_ADDR,
175 (char *)buffer, length,
180 if (usb_ret != ERROR_OK || transferred < (int)length)
193 static ssize_t ep1_memory_write(struct libusb_device_handle *hdev_param, uint16_t addr,
194 size_t length, uint8_t const *buffer)
196 uint8_t usb_buffer[USB_EP1OUT_SIZE];
201 usb_buffer[0] = EP1_CMD_MEMORY_WRITE;
207 if (remain > (sizeof(usb_buffer) - 4))
208 length = (sizeof(usb_buffer) - 4);
212 usb_buffer[1] = addr >> 8;
213 usb_buffer[2] = addr;
214 usb_buffer[3] = length;
221 usb_buffer + 4 + length,
223 sizeof(usb_buffer) - 4 - length
228 usb_ret = jtag_libusb_bulk_write(
229 hdev_param, USB_EP1OUT_ADDR,
230 (char *)usb_buffer, sizeof(usb_buffer),
235 if (usb_ret != ERROR_OK || transferred < (int)sizeof(usb_buffer))
249 static ssize_t ep1_memory_writel(struct libusb_device_handle *hdev_param, uint16_t addr,
252 uint8_t buffer[USB_EP1OUT_SIZE - 4];
257 if (length > sizeof(buffer))
258 length = sizeof(buffer);
263 va_start(ap, length);
265 *buffer_p++ = va_arg(ap, int);
269 return ep1_memory_write(hdev_param, addr, length, buffer);
273 #define DTCLOAD_COMMENT (0)
274 #define DTCLOAD_ENTRY (1)
275 #define DTCLOAD_LOAD (2)
276 #define DTCLOAD_RUN (3)
277 #define DTCLOAD_LUT_START (4)
278 #define DTCLOAD_LUT (5)
280 #define DTC_LOAD_BUFFER ST7_USB_BUF_EP2UIDO
282 /* This gets set by the DTC loader */
283 static uint8_t dtc_entry_download;
285 /* The buffer is specially formatted to represent a valid image to load into the DTC. */
286 static int dtc_load_from_buffer(struct libusb_device_handle *hdev_param, const uint8_t *buffer,
295 struct header_s *header;
296 uint8_t lut_start = 0xc0;
298 dtc_entry_download = 0;
300 /* Stop the DTC before loading anything. */
301 usb_err = ep1_generic_commandl(
309 if (length < sizeof(*header)) {
310 LOG_ERROR("Malformed DTC image");
314 header = (struct header_s *)buffer;
315 buffer += sizeof(*header);
316 length -= sizeof(*header);
318 if (length < (size_t)header->length + 1) {
319 LOG_ERROR("Malformed DTC image");
323 switch (header->type) {
324 case DTCLOAD_COMMENT:
328 /* store entry addresses somewhere */
329 if (!strncmp("download", (char *)buffer + 1, 8))
330 dtc_entry_download = buffer[0];
334 /* Send the DTC program to ST7 RAM. */
335 usb_err = ep1_memory_write(
338 header->length + 1, buffer
343 /* Load it into the DTC. */
344 usb_err = ep1_generic_commandl(
347 (DTC_LOAD_BUFFER >> 8),
356 usb_err = ep1_generic_commandl(
367 case DTCLOAD_LUT_START:
368 lut_start = buffer[0];
372 usb_err = ep1_memory_write(
374 ST7_USB_BUF_EP0OUT + lut_start,
375 header->length + 1, buffer
382 LOG_ERROR("Invalid DTC image record type: 0x%02x", header->type);
387 buffer += (header->length + 1);
388 length -= (header->length + 1);
395 * Start the DTC running in download mode (waiting for 512 byte command packets on ep2).
397 static int dtc_start_download(void)
403 /* set up for download mode and make sure EP2 is set up to transmit */
404 usb_err = ep1_generic_commandl(
409 EP1_CMD_SET_DOWNLOAD,
410 EP1_CMD_MEMORY_READ, /* read EP2TXR for its data toggle */
418 /* read back ep2txr */
419 usb_err = jtag_libusb_bulk_read(
420 hdev, USB_EP1IN_ADDR,
425 if (usb_err != ERROR_OK)
428 usb_err = ep1_generic_commandl(
431 EP1_CMD_MEMORY_WRITE, /* preinitialize poll byte */
432 DTC_STATUS_POLL_BYTE >> 8,
433 DTC_STATUS_POLL_BYTE,
436 EP1_CMD_MEMORY_WRITE, /* set EP2IN to return data */
440 (ep2txr & ST7_EP2TXR_DTOG_TX) | ST7_EP2TXR_STAT_VALID,
441 EP1_CMD_DTC_CALL, /* start running the DTC */
443 EP1_CMD_DTC_GET_CACHED_STATUS
448 /* wait for completion */
449 usb_err = jtag_libusb_bulk_read(
450 hdev, USB_EP1IN_ADDR,
459 static int dtc_run_download(
460 struct libusb_device_handle *hdev_param,
461 uint8_t *command_buffer,
462 int command_buffer_size,
463 uint8_t *reply_buffer,
464 int reply_buffer_size
472 LOG_DEBUG("%d/%d", command_buffer_size, reply_buffer_size);
474 usb_err = jtag_libusb_bulk_write(
477 (char *)command_buffer, USB_EP2BANK_SIZE,
485 /* Wait for DTC to finish running command buffer */
487 usb_err = ep1_generic_commandl(
491 DTC_STATUS_POLL_BYTE >> 8,
492 DTC_STATUS_POLL_BYTE,
498 usb_err = jtag_libusb_bulk_read(
508 if (dtc_status & 0x01)
512 LOG_ERROR("too many retries waiting for DTC status");
513 return LIBUSB_ERROR_TIMEOUT;
518 if (reply_buffer && reply_buffer_size) {
519 usb_err = jtag_libusb_bulk_read(
522 (char *)reply_buffer, reply_buffer_size,
527 if (usb_err != ERROR_OK || transferred < reply_buffer_size) {
528 LOG_ERROR("Read of endpoint 2 returned %d, expected %d",
529 usb_err, reply_buffer_size
539 * The dtc reply queue is a singly linked list that describes what to do
540 * with the reply packet that comes from the DTC. Only SCAN_IN and SCAN_IO generate
544 struct dtc_reply_queue_entry {
545 struct dtc_reply_queue_entry *next;
546 struct jtag_command *cmd; /* the command that resulted in this entry */
549 uint8_t *buffer; /* the scan buffer */
550 int size; /* size of the scan buffer in bits */
551 int offset; /* how many bits were already done before this? */
552 int length; /* how many bits are processed in this operation? */
553 enum scan_type type; /* SCAN_IN/SCAN_OUT/SCAN_IO */
559 * The dtc_queue consists of a buffer of pending commands and a reply queue.
560 * rlink_scan and tap_state_run add to the command buffer and maybe to the reply queue.
564 struct dtc_reply_queue_entry *rq_head;
565 struct dtc_reply_queue_entry *rq_tail;
567 uint32_t reply_index;
568 uint8_t cmd_buffer[USB_EP2BANK_SIZE];
572 * The tap state queue is for accumulating TAP state changes without needlessly
573 * flushing the dtc_queue. When it fills or is run, it adds the accumulated bytes to
582 static int dtc_queue_init(void)
584 dtc_queue.rq_head = NULL;
585 dtc_queue.rq_tail = NULL;
586 dtc_queue.cmd_index = 0;
587 dtc_queue.reply_index = 0;
591 static inline struct dtc_reply_queue_entry *dtc_queue_enqueue_reply(
592 enum scan_type type, uint8_t *buffer, int size, int offset,
593 int length, struct jtag_command *cmd)
595 struct dtc_reply_queue_entry *rq_entry;
597 rq_entry = malloc(sizeof(struct dtc_reply_queue_entry));
599 rq_entry->scan.type = type;
600 rq_entry->scan.buffer = buffer;
601 rq_entry->scan.size = size;
602 rq_entry->scan.offset = offset;
603 rq_entry->scan.length = length;
605 rq_entry->next = NULL;
607 if (!dtc_queue.rq_head)
608 dtc_queue.rq_head = rq_entry;
610 dtc_queue.rq_tail->next = rq_entry;
612 dtc_queue.rq_tail = rq_entry;
619 * Running the queue means that any pending command buffer is run
620 * and any reply data dealt with. The command buffer is then cleared for subsequent processing.
621 * The queue is automatically run by append when it is necessary to get space for the append.
624 static int dtc_queue_run(void)
626 struct dtc_reply_queue_entry *rq_p, *rq_next;
631 uint8_t *dtc_p, *tdo_p;
632 uint8_t dtc_mask, tdo_mask;
633 uint8_t reply_buffer[USB_EP2IN_SIZE];
635 assert((dtc_queue.rq_head != 0) == (dtc_queue.reply_index > 0));
636 assert(dtc_queue.cmd_index < USB_EP2BANK_SIZE);
637 assert(dtc_queue.reply_index <= USB_EP2IN_SIZE);
641 if (dtc_queue.cmd_index < 1)
644 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] = DTC_CMD_STOP;
646 usb_err = dtc_run_download(hdev,
647 dtc_queue.cmd_buffer, dtc_queue.cmd_index,
648 reply_buffer, sizeof(reply_buffer)
651 LOG_ERROR("dtc_run_download: %s", libusb_error_name(usb_err));
655 if (dtc_queue.rq_head) {
656 /* process the reply, which empties the reply queue and frees its entries */
657 dtc_p = reply_buffer;
659 /* The rigamarole with the masks and doing it bit-by-bit is due to the fact that the
660 *scan buffer is LSb-first and the DTC code is MSb-first for hardware reasons. It
661 *was that or craft a function to do the reversal, and that wouldn't work with
662 *bit-stuffing (supplying extra bits to use mostly byte operations), or any other
663 *scheme which would throw the byte alignment off. */
666 rq_p = dtc_queue.rq_head;
670 tdo_p = rq_p->scan.buffer + (rq_p->scan.offset / 8);
671 tdo_mask = 1 << (rq_p->scan.offset % 8);
674 bit_cnt = rq_p->scan.length;
678 dtc_mask = 1 << (8 - 1);
685 if (*dtc_p & dtc_mask)
693 dtc_mask = 1 << (8 - 1);
703 /* extra bits or last bit */
706 if ((rq_p->scan.type == SCAN_IN) && (
707 rq_p->scan.offset != rq_p->scan.size - 1
709 /* extra bits were sent as a full byte with padding on the
711 dtc_mask = 1 << (8 - 1);
713 dtc_mask = 1 << (bit_cnt - 1);
736 if ((rq_p->scan.offset + rq_p->scan.length) >= rq_p->scan.size) {
737 /* feed scan buffer back into openocd and free it */
738 if (jtag_read_buffer(rq_p->scan.buffer,
739 rq_p->cmd->cmd.scan) != ERROR_OK)
740 retval = ERROR_JTAG_QUEUE_FAILED;
741 free(rq_p->scan.buffer);
744 rq_next = rq_p->next;
747 dtc_queue.rq_head = NULL;
748 dtc_queue.rq_tail = NULL;
751 /* reset state for new appends */
752 dtc_queue.cmd_index = 0;
753 dtc_queue.reply_index = 0;
758 /* runs the queue if it cannot take reserved_cmd bytes of command data
759 * or reserved_reply bytes of reply data */
760 static int dtc_queue_run_if_full(int reserved_cmd, int reserved_reply)
762 /* reserve one additional byte for the STOP cmd appended during run */
763 if (dtc_queue.cmd_index + reserved_cmd + 1 > USB_EP2BANK_SIZE)
764 return dtc_queue_run();
766 if (dtc_queue.reply_index + reserved_reply > USB_EP2IN_SIZE)
767 return dtc_queue_run();
772 static int tap_state_queue_init(void)
774 tap_state_queue.length = 0;
775 tap_state_queue.buffer = 0;
779 static int tap_state_queue_run(void)
787 if (!tap_state_queue.length)
791 for (i = tap_state_queue.length; i--; ) {
794 if (tap_state_queue.buffer & 1)
796 if ((bits >= 8) || !i) {
797 byte_param <<= (8 - bits);
799 /* make sure there's room for two cmd bytes */
800 dtc_queue_run_if_full(2, 0);
802 #ifdef USE_HARDWARE_SHIFTER_FOR_TMS
804 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
805 DTC_CMD_SHIFT_TMS_BYTES(1);
808 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
809 DTC_CMD_SHIFT_TMS_BITS(bits);
810 #ifdef USE_HARDWARE_SHIFTER_FOR_TMS
814 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
822 tap_state_queue.buffer >>= 1;
824 retval = tap_state_queue_init();
828 static int tap_state_queue_append(uint8_t tms)
832 if (tap_state_queue.length >= sizeof(tap_state_queue.buffer) * 8) {
833 retval = tap_state_queue_run();
839 tap_state_queue.buffer |= (1 << tap_state_queue.length);
840 tap_state_queue.length++;
845 static void rlink_end_state(tap_state_t state)
847 if (tap_is_state_stable(state))
848 tap_set_end_state(state);
850 LOG_ERROR("BUG: %i is not a valid end state", state);
855 static void rlink_state_move(void)
859 uint8_t tms_scan = tap_get_tms_path(tap_get_state(), tap_get_end_state());
860 int tms_count = tap_get_tms_path_len(tap_get_state(), tap_get_end_state());
862 for (i = 0; i < tms_count; i++) {
863 tms = (tms_scan >> i) & 1;
864 tap_state_queue_append(tms);
867 tap_set_state(tap_get_end_state());
870 static void rlink_path_move(struct pathmove_command *cmd)
872 int num_states = cmd->num_states;
878 if (tap_state_transition(tap_get_state(), false) == cmd->path[state_count])
880 else if (tap_state_transition(tap_get_state(), true) == cmd->path[state_count])
883 LOG_ERROR("BUG: %s -> %s isn't a valid TAP transition",
884 tap_state_name(tap_get_state()),
885 tap_state_name(cmd->path[state_count]));
889 tap_state_queue_append(tms);
891 tap_set_state(cmd->path[state_count]);
896 tap_set_end_state(tap_get_state());
899 static void rlink_runtest(int num_cycles)
903 tap_state_t saved_end_state = tap_get_end_state();
905 /* only do a state_move when we're not already in RTI */
906 if (tap_get_state() != TAP_IDLE) {
907 rlink_end_state(TAP_IDLE);
911 /* execute num_cycles */
912 for (i = 0; i < num_cycles; i++)
913 tap_state_queue_append(0);
915 /* finish in end_state */
916 rlink_end_state(saved_end_state);
917 if (tap_get_state() != tap_get_end_state())
921 /* (1) assert or (0) deassert reset lines */
922 static void rlink_reset(int trst, int srst)
928 /* Read port A for bit op */
929 usb_err = ep1_generic_commandl(
937 LOG_ERROR("%s", libusb_error_name(usb_err));
941 usb_err = jtag_libusb_bulk_read(
942 hdev, USB_EP1IN_ADDR,
947 if (usb_err != ERROR_OK || transferred < 1) {
948 LOG_ERROR("%s", libusb_error_name(usb_err));
953 bitmap &= ~ST7_PA_NTRST;
955 bitmap |= ST7_PA_NTRST;
957 /* Write port A and read port B for bit op
958 * port B has no OR, and we want to emulate open drain on NSRST, so we initialize DR to 0
959 *and assert NSRST by setting DDR to 1. */
960 usb_err = ep1_generic_commandl(
962 EP1_CMD_MEMORY_WRITE,
973 LOG_ERROR("%s", libusb_error_name(usb_err));
977 usb_err = jtag_libusb_bulk_read(
978 hdev, USB_EP1IN_ADDR,
983 if (usb_err != ERROR_OK || transferred < 1) {
984 LOG_ERROR("%s", libusb_error_name(usb_err));
989 bitmap |= ST7_PB_NSRST;
991 bitmap &= ~ST7_PB_NSRST;
993 /* write port B and read dummy to ensure completion before returning */
994 usb_err = ep1_generic_commandl(
996 EP1_CMD_MEMORY_WRITE,
1001 EP1_CMD_DTC_GET_CACHED_STATUS
1004 LOG_ERROR("%s", libusb_error_name(usb_err));
1008 usb_err = jtag_libusb_bulk_read(
1009 hdev, USB_EP1IN_ADDR,
1014 if (usb_err != ERROR_OK || transferred < 1) {
1015 LOG_ERROR("%s", libusb_error_name(usb_err));
1020 static int rlink_scan(struct jtag_command *cmd, enum scan_type type,
1021 uint8_t *buffer, int scan_size)
1024 tap_state_t saved_end_state;
1032 uint8_t tdi_mask, *tdi_p;
1035 if (scan_size < 1) {
1036 LOG_ERROR("scan_size cannot be less than 1 bit");
1040 ir_scan = cmd->cmd.scan->ir_scan;
1042 /* Move to the proper state before starting to shift TDI/TDO. */
1043 if (!((!ir_scan && (tap_get_state() == TAP_DRSHIFT)) ||
1044 (ir_scan && (tap_get_state() == TAP_IRSHIFT)))) {
1045 saved_end_state = tap_get_end_state();
1046 rlink_end_state(ir_scan ? TAP_IRSHIFT : TAP_DRSHIFT);
1048 rlink_end_state(saved_end_state);
1051 tap_state_queue_run();
1055 printf("scan_size = %d, type = 0x%x\n", scan_size, type);
1059 /* clear unused bits in scan buffer for ease of debugging
1060 * (it makes diffing output easier) */
1061 buffer[scan_size / 8] &= ((1 << ((scan_size - 1) % 8) + 1) - 1);
1063 printf("before scan:");
1064 for (i = 0; i < (scan_size + 7) / 8; i++)
1065 printf(" %02x", buffer[i]);
1070 /* The number of bits that can be shifted as complete bytes */
1071 byte_bits = (int)(scan_size - 1) / 8 * 8;
1072 /* The number of bits left over, not counting the last bit */
1073 extra_bits = (scan_size - 1) - byte_bits;
1079 if (extra_bits && (type == SCAN_OUT)) {
1080 /* Schedule any extra bits into the DTC command buffer, padding as needed
1081 * For SCAN_OUT, this comes before the full bytes so the (leading) padding bits will
1082 *fall off the end */
1084 /* make sure there's room for two cmd bytes */
1085 dtc_queue_run_if_full(2, 0);
1088 dtc_mask = 1 << (extra_bits - 1);
1090 while (extra_bits--) {
1091 if (*tdi_p & tdi_mask)
1097 if (tdi_mask == 0) {
1103 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
1104 DTC_CMD_SHIFT_TDI_BYTES(1);
1106 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] = x;
1109 /* Loop scheduling full bytes into the DTC command buffer */
1111 /* make sure there's room for one (for in scans) or two cmd bytes and
1112 * at least one reply byte for in or inout scans*/
1113 dtc_queue_run_if_full(type == SCAN_IN ? 1 : 2, type != SCAN_OUT ? 1 : 0);
1115 chunk_bits = byte_bits;
1116 /* we can only use up to 16 bytes at a time */
1117 if (chunk_bits > (16 * 8))
1118 chunk_bits = (16 * 8);
1120 if (type != SCAN_IN) {
1121 /* how much is there room for, considering stop and byte op? */
1122 x = (sizeof(dtc_queue.cmd_buffer) - (dtc_queue.cmd_index + 1 + 1)) * 8;
1127 if (type != SCAN_OUT) {
1128 /* how much is there room for in the reply buffer? */
1129 x = (USB_EP2IN_SIZE - dtc_queue.reply_index) * 8;
1134 /* so the loop will end */
1135 byte_bits -= chunk_bits;
1137 if (type != SCAN_OUT) {
1138 if (!dtc_queue_enqueue_reply(type, buffer, scan_size, tdi_bit_offset,
1140 LOG_ERROR("enqueuing DTC reply entry: %s", strerror(errno));
1143 dtc_queue.reply_index += (chunk_bits + 7) / 8;
1145 tdi_bit_offset += chunk_bits;
1148 /* chunk_bits is a multiple of 8, so there are no rounding issues. */
1149 chunk_bytes = chunk_bits / 8;
1153 x = DTC_CMD_SHIFT_TDO_BYTES(chunk_bytes);
1156 x = DTC_CMD_SHIFT_TDI_BYTES(chunk_bytes);
1159 x = DTC_CMD_SHIFT_TDIO_BYTES(chunk_bytes);
1162 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] = x;
1164 if (type != SCAN_IN) {
1166 dtc_mask = 1 << (8 - 1);
1168 while (chunk_bits--) {
1169 if (*tdi_p & tdi_mask)
1173 if (dtc_mask == 0) {
1174 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] = x;
1176 dtc_mask = 1 << (8 - 1);
1180 if (tdi_mask == 0) {
1188 if (extra_bits && (type != SCAN_OUT)) {
1189 /* Schedule any extra bits into the DTC command buffer */
1191 /* make sure there's room for one (for in scans) or two cmd bytes
1192 * and one reply byte */
1193 dtc_queue_run_if_full(type == SCAN_IN ? 1 : 2, 1);
1195 if (!dtc_queue_enqueue_reply(type, buffer, scan_size, tdi_bit_offset,
1197 LOG_ERROR("enqueuing DTC reply entry: %s", strerror(errno));
1201 dtc_queue.reply_index++;
1203 tdi_bit_offset += extra_bits;
1205 if (type == SCAN_IN) {
1206 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
1207 DTC_CMD_SHIFT_TDO_BYTES(1);
1210 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
1211 DTC_CMD_SHIFT_TDIO_BITS(extra_bits);
1214 dtc_mask = 1 << (8 - 1);
1216 while (extra_bits--) {
1217 if (*tdi_p & tdi_mask)
1223 if (tdi_mask == 0) {
1229 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] = x;
1233 /* Schedule the last bit into the DTC command buffer */
1235 /* make sure there's room for one cmd byte and one reply byte
1236 * for in or inout scans*/
1237 dtc_queue_run_if_full(1, type == SCAN_OUT ? 0 : 1);
1239 if (type == SCAN_OUT) {
1240 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
1241 DTC_CMD_SHIFT_TMS_TDI_BIT_PAIR(1, (*tdi_p & tdi_mask), 0);
1244 if (!dtc_queue_enqueue_reply(type, buffer, scan_size, tdi_bit_offset,
1246 LOG_ERROR("enqueuing DTC reply entry: %s", strerror(errno));
1250 dtc_queue.reply_index++;
1252 dtc_queue.cmd_buffer[dtc_queue.cmd_index++] =
1253 DTC_CMD_SHIFT_TMS_TDI_BIT_PAIR(1, (*tdi_p & tdi_mask), 1);
1256 /* Move to pause state */
1257 tap_state_queue_append(0);
1258 tap_set_state(ir_scan ? TAP_IRPAUSE : TAP_DRPAUSE);
1259 if (tap_get_state() != tap_get_end_state())
1265 static int rlink_execute_queue(void)
1267 struct jtag_command *cmd = jtag_command_queue; /* currently processed command */
1269 enum scan_type type;
1271 int retval, tmp_retval;
1273 /* return ERROR_OK, unless something goes wrong */
1276 #ifndef AUTOMATIC_BUSY_LED
1278 ep1_generic_commandl(hdev, 2,
1279 EP1_CMD_SET_PORTD_LEDS,
1285 switch (cmd->type) {
1287 case JTAG_TLR_RESET:
1293 /* some events, such as resets, need a queue flush to ensure
1295 tap_state_queue_run();
1300 switch (cmd->type) {
1302 LOG_DEBUG_IO("reset trst: %i srst %i",
1303 cmd->cmd.reset->trst,
1304 cmd->cmd.reset->srst);
1305 if ((cmd->cmd.reset->trst == 1) ||
1306 (cmd->cmd.reset->srst &&
1307 (jtag_get_reset_config() & RESET_SRST_PULLS_TRST)))
1308 tap_set_state(TAP_RESET);
1309 rlink_reset(cmd->cmd.reset->trst, cmd->cmd.reset->srst);
1312 LOG_DEBUG_IO("runtest %i cycles, end in %i",
1313 cmd->cmd.runtest->num_cycles,
1314 cmd->cmd.runtest->end_state);
1315 if (cmd->cmd.runtest->end_state != -1)
1316 rlink_end_state(cmd->cmd.runtest->end_state);
1317 rlink_runtest(cmd->cmd.runtest->num_cycles);
1319 case JTAG_TLR_RESET:
1320 LOG_DEBUG_IO("statemove end in %i", cmd->cmd.statemove->end_state);
1321 if (cmd->cmd.statemove->end_state != -1)
1322 rlink_end_state(cmd->cmd.statemove->end_state);
1326 LOG_DEBUG_IO("pathmove: %i states, end in %i",
1327 cmd->cmd.pathmove->num_states,
1328 cmd->cmd.pathmove->path[cmd->cmd.pathmove->num_states - 1]);
1329 rlink_path_move(cmd->cmd.pathmove);
1332 LOG_DEBUG_IO("%s scan end in %i",
1333 (cmd->cmd.scan->ir_scan) ? "IR" : "DR",
1334 cmd->cmd.scan->end_state);
1335 if (cmd->cmd.scan->end_state != -1)
1336 rlink_end_state(cmd->cmd.scan->end_state);
1337 scan_size = jtag_build_buffer(cmd->cmd.scan, &buffer);
1338 type = jtag_scan_type(cmd->cmd.scan);
1339 if (rlink_scan(cmd, type, buffer, scan_size) != ERROR_OK)
1340 retval = ERROR_FAIL;
1343 LOG_DEBUG_IO("sleep %" PRIu32, cmd->cmd.sleep->us);
1344 jtag_sleep(cmd->cmd.sleep->us);
1347 LOG_ERROR("BUG: unknown JTAG command type encountered");
1353 /* Flush the DTC queue to make sure any pending reads have been done before exiting this
1355 tap_state_queue_run();
1356 tmp_retval = dtc_queue_run();
1357 if (tmp_retval != ERROR_OK)
1358 retval = tmp_retval;
1360 #ifndef AUTOMATIC_BUSY_LED
1362 ep1_generic_commandl(hdev, 2,
1363 EP1_CMD_SET_PORTD_LEDS,
1371 /* Using an unindexed table because it is infrequently accessed and it is short. The table must be
1372 *in order of ascending speed (and descending prescaler), as it is scanned in reverse. */
1374 static int rlink_speed(int speed)
1380 speed = rlink_speed_table[rlink_speed_table_size - 1].prescaler;
1383 for (i = rlink_speed_table_size; i--; ) {
1384 if (rlink_speed_table[i].prescaler == speed) {
1385 if (dtc_load_from_buffer(hdev, rlink_speed_table[i].dtc,
1386 rlink_speed_table[i].dtc_size) != 0) {
1388 "An error occurred while trying to load DTC code for speed \"%d\".",
1393 int ret = dtc_start_download();
1395 LOG_ERROR("starting DTC: %s", libusb_error_name(ret));
1403 LOG_ERROR("%d is not a supported speed", speed);
1407 static int rlink_speed_div(int speed, int *khz)
1411 for (i = rlink_speed_table_size; i--; ) {
1412 if (rlink_speed_table[i].prescaler == speed) {
1413 *khz = rlink_speed_table[i].khz;
1418 LOG_ERROR("%d is not a supported speed", speed);
1422 static int rlink_khz(int khz, int *speed)
1427 LOG_ERROR("RCLK not supported");
1431 for (i = rlink_speed_table_size; i--; ) {
1432 if (rlink_speed_table[i].khz <= khz) {
1433 *speed = rlink_speed_table[i].prescaler;
1438 LOG_WARNING("The lowest supported JTAG speed is %d KHz", rlink_speed_table[0].khz);
1439 *speed = rlink_speed_table[0].prescaler;
1443 static int rlink_init(void)
1446 uint8_t reply_buffer[USB_EP1IN_SIZE];
1449 const uint16_t vids[] = { USB_IDVENDOR, 0 };
1450 const uint16_t pids[] = { USB_IDPRODUCT, 0 };
1451 if (jtag_libusb_open(vids, pids, &hdev, NULL) != ERROR_OK)
1454 struct libusb_device_descriptor descriptor;
1455 struct libusb_device *usb_dev = libusb_get_device(hdev);
1456 int r = libusb_get_device_descriptor(usb_dev, &descriptor);
1458 LOG_ERROR("error %d getting device descriptor", r);
1462 if (descriptor.bNumConfigurations > 1) {
1463 LOG_ERROR("Whoops! NumConfigurations is not 1, don't know what to do...");
1466 struct libusb_config_descriptor *config;
1467 libusb_get_config_descriptor(usb_dev, 0, &config);
1468 if (config->bNumInterfaces > 1) {
1469 LOG_ERROR("Whoops! NumInterfaces is not 1, don't know what to do...");
1473 LOG_DEBUG("Opened device, hdev = %p", hdev);
1475 /* usb_set_configuration required under win32 */
1476 libusb_set_configuration(hdev, config->bConfigurationValue);
1480 i = libusb_claim_interface(hdev, 0);
1481 if (i != LIBUSB_SUCCESS) {
1482 LOG_ERROR("usb_claim_interface: %s", libusb_error_name(i));
1483 j = libusb_detach_kernel_driver(hdev, 0);
1484 if (j != LIBUSB_SUCCESS)
1485 LOG_ERROR("detach kernel driver: %s", libusb_error_name(j));
1487 LOG_DEBUG("interface claimed!");
1490 } while (--retries);
1492 if (i != LIBUSB_SUCCESS) {
1493 LOG_ERROR("Initialisation failed.");
1496 if (libusb_set_interface_alt_setting(hdev, 0, 0) != LIBUSB_SUCCESS) {
1497 LOG_ERROR("Failed to set interface.");
1501 /* The device starts out in an unknown state on open. As such,
1502 * result reads time out, and it's not even known whether the
1503 * command was accepted. So, for this first command, we issue
1504 * it repeatedly until its response doesn't time out. Also, if
1505 * sending a command is going to time out, we find that out here.
1507 * It must be possible to open the device in such a way that
1508 * this special magic isn't needed, but, so far, it escapes us.
1510 for (i = 0; i < 5; i++) {
1511 j = ep1_generic_commandl(
1515 if (j < USB_EP1OUT_SIZE) {
1516 LOG_ERROR("USB write error: %s", libusb_error_name(j));
1519 j = jtag_libusb_bulk_read(
1520 hdev, USB_EP1IN_ADDR,
1521 (char *)reply_buffer, sizeof(reply_buffer),
1525 if (j != LIBUSB_ERROR_TIMEOUT)
1529 if (j != ERROR_OK || transferred != (int)sizeof(reply_buffer)) {
1530 LOG_ERROR("USB read error: %s", libusb_error_name(j));
1533 LOG_DEBUG(INTERFACE_NAME " firmware version: %d.%d.%d",
1538 if ((reply_buffer[0] != 0) || (reply_buffer[1] != 0) || (reply_buffer[2] != 3))
1540 "The rlink device is not of the version that the developers have played with. It may or may not work.");
1542 /* Probe port E for adapter presence */
1543 ep1_generic_commandl(
1545 EP1_CMD_MEMORY_WRITE, /* Drive sense pin with 0 */
1550 ST7_PE_ADAPTER_SENSE_OUT, /* DDR */
1551 ST7_PE_ADAPTER_SENSE_OUT, /* OR */
1552 EP1_CMD_MEMORY_READ, /* Read back */
1556 EP1_CMD_MEMORY_WRITE, /* Drive sense pin with 1 */
1560 ST7_PE_ADAPTER_SENSE_OUT
1563 jtag_libusb_bulk_read(
1564 hdev, USB_EP1IN_ADDR,
1565 (char *)reply_buffer, 1,
1570 if ((reply_buffer[0] & ST7_PE_ADAPTER_SENSE_IN) != 0)
1571 LOG_WARNING("target detection problem");
1573 ep1_generic_commandl(
1575 EP1_CMD_MEMORY_READ, /* Read back */
1579 EP1_CMD_MEMORY_WRITE, /* float port E */
1588 jtag_libusb_bulk_read(
1589 hdev, USB_EP1IN_ADDR,
1590 (char *)reply_buffer, 1,
1596 if ((reply_buffer[0] & ST7_PE_ADAPTER_SENSE_IN) == 0)
1597 LOG_WARNING("target not plugged in");
1599 /* float ports A and B */
1600 ep1_generic_commandl(
1602 EP1_CMD_MEMORY_WRITE,
1608 EP1_CMD_MEMORY_WRITE,
1615 /* make sure DTC is stopped, set VPP control, set up ports A and B */
1616 ep1_generic_commandl(
1619 EP1_CMD_SET_PORTD_VPP,
1621 EP1_CMD_MEMORY_WRITE,
1625 ((~(0)) & (ST7_PA_NTRST)),
1627 /* port B has no OR, and we want to emulate open drain on NSRST, so we set DR to 0
1628 *here and later assert NSRST by setting DDR bit to 1. */
1629 EP1_CMD_MEMORY_WRITE,
1636 /* set LED updating mode and make sure they're unlit */
1637 ep1_generic_commandl(
1639 #ifdef AUTOMATIC_BUSY_LED
1644 EP1_CMD_SET_PORTD_LEDS,
1648 tap_state_queue_init();
1655 static int rlink_quit(void)
1657 /* stop DTC and make sure LEDs are off */
1658 ep1_generic_commandl(
1662 EP1_CMD_SET_PORTD_LEDS,
1664 EP1_CMD_SET_PORTD_VPP,
1668 libusb_release_interface(hdev, 0);
1674 static struct jtag_interface rlink_interface = {
1675 .execute_queue = rlink_execute_queue,
1678 struct adapter_driver rlink_adapter_driver = {
1680 .transports = jtag_only,
1684 .speed = rlink_speed,
1686 .speed_div = rlink_speed_div,
1688 .jtag_ops = &rlink_interface,
projects / fw / openocd / blob