10 #include <sys/types.h>
15 #include "stlink-common.h"
16 #include "uglylogging.h"
18 #define LOG_TAG __FILE__
19 #define DLOG(format, args...) ugly_log(UDEBUG, LOG_TAG, format, ## args)
20 #define ILOG(format, args...) ugly_log(UINFO, LOG_TAG, format, ## args)
21 #define WLOG(format, args...) ugly_log(UWARN, LOG_TAG, format, ## args)
22 #define fatal(format, args...) ugly_log(UFATAL, LOG_TAG, format, ## args)
24 /* todo: stm32l15xxx flash memory, pm0062 manual */
26 /* stm32f FPEC flash controller interface, pm0063 manual */
27 // TODO - all of this needs to be abstracted out....
28 #define FLASH_REGS_ADDR 0x40022000
29 #define FLASH_REGS_SIZE 0x28
31 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
32 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
33 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
34 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
35 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
36 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
37 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
39 #define FLASH_RDPTR_KEY 0x00a5
40 #define FLASH_KEY1 0x45670123
41 #define FLASH_KEY2 0xcdef89ab
43 #define FLASH_SR_BSY 0
44 #define FLASH_SR_EOP 5
47 #define FLASH_CR_PER 1
48 #define FLASH_CR_MER 2
49 #define FLASH_CR_STRT 6
50 #define FLASH_CR_LOCK 7
53 //32L = 32F1 same CoreID as 32F4!
54 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
55 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
56 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
57 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
58 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
59 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
60 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
61 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
62 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x0c)
63 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
67 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
68 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
69 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
70 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
71 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
72 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
73 #define FLASH_F4_CR_STRT 16
74 #define FLASH_F4_CR_LOCK 31
75 #define FLASH_F4_CR_SER 1
76 #define FLASH_F4_CR_SNB 3
77 #define FLASH_F4_CR_SNB_MASK 0x38
78 #define FLASH_F4_SR_BSY 16
81 void write_uint32(unsigned char* buf, uint32_t ui) {
82 if (!is_bigendian()) { // le -> le (don't swap)
83 buf[0] = ((unsigned char*) &ui)[0];
84 buf[1] = ((unsigned char*) &ui)[1];
85 buf[2] = ((unsigned char*) &ui)[2];
86 buf[3] = ((unsigned char*) &ui)[3];
88 buf[0] = ((unsigned char*) &ui)[3];
89 buf[1] = ((unsigned char*) &ui)[2];
90 buf[2] = ((unsigned char*) &ui)[1];
91 buf[3] = ((unsigned char*) &ui)[0];
95 void write_uint16(unsigned char* buf, uint16_t ui) {
96 if (!is_bigendian()) { // le -> le (don't swap)
97 buf[0] = ((unsigned char*) &ui)[0];
98 buf[1] = ((unsigned char*) &ui)[1];
100 buf[0] = ((unsigned char*) &ui)[1];
101 buf[1] = ((unsigned char*) &ui)[0];
105 uint32_t read_uint32(const unsigned char *c, const int pt) {
107 char *p = (char *) &ui;
109 if (!is_bigendian()) { // le -> le (don't swap)
123 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
124 return stlink_read_debug32(sl, FLASH_WRPR) & 0xff;
127 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
128 return stlink_read_debug32(sl, FLASH_WRPR);
131 static inline uint32_t read_flash_obr(stlink_t *sl) {
132 return stlink_read_debug32(sl, FLASH_OBR);
135 static inline uint32_t read_flash_cr(stlink_t *sl) {
137 if(sl->chip_id==STM32F4_CHIP_ID)
138 res = stlink_read_debug32(sl, FLASH_F4_CR);
140 res = stlink_read_debug32(sl, FLASH_CR);
142 fprintf(stdout, "CR:0x%x\n", res);
147 static inline unsigned int is_flash_locked(stlink_t *sl) {
148 /* return non zero for true */
149 if(sl->chip_id==STM32F4_CHIP_ID)
150 return read_flash_cr(sl) & (1 << FLASH_F4_CR_LOCK);
152 return read_flash_cr(sl) & (1 << FLASH_CR_LOCK);
155 static void unlock_flash(stlink_t *sl) {
156 /* the unlock sequence consists of 2 write cycles where
157 2 key values are written to the FLASH_KEYR register.
158 an invalid sequence results in a definitive lock of
159 the FPEC block until next reset.
161 if(sl->chip_id==STM32F4_CHIP_ID) {
162 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
163 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
166 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
167 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
172 static int unlock_flash_if(stlink_t *sl) {
173 /* unlock flash if already locked */
175 if (is_flash_locked(sl)) {
177 if (is_flash_locked(sl)) {
178 WLOG("Failed to unlock flash!\n");
182 ILOG("Successfully unlocked flash\n");
186 static void lock_flash(stlink_t *sl) {
187 if(sl->chip_id==STM32F4_CHIP_ID) {
188 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
189 stlink_write_debug32(sl, FLASH_F4_CR, n);
192 /* write to 1 only. reset by hw at unlock sequence */
193 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
194 stlink_write_debug32(sl, FLASH_CR, n);
199 static void set_flash_cr_pg(stlink_t *sl) {
200 if(sl->chip_id==STM32F4_CHIP_ID) {
201 uint32_t x = read_flash_cr(sl);
202 x |= (1 << FLASH_CR_PG);
203 stlink_write_debug32(sl, FLASH_F4_CR, x);
206 const uint32_t n = 1 << FLASH_CR_PG;
207 stlink_write_debug32(sl, FLASH_CR, n);
211 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
212 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
213 if(sl->chip_id==STM32F4_CHIP_ID)
214 stlink_write_debug32(sl, FLASH_F4_CR, n);
216 stlink_write_debug32(sl, FLASH_CR, n);
219 static void set_flash_cr_per(stlink_t *sl) {
220 const uint32_t n = 1 << FLASH_CR_PER;
221 stlink_write_debug32(sl, FLASH_CR, n);
224 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
225 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
226 stlink_write_debug32(sl, FLASH_CR, n);
229 static void set_flash_cr_mer(stlink_t *sl) {
230 const uint32_t n = 1 << FLASH_CR_MER;
231 stlink_write_debug32(sl, FLASH_CR, n);
234 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
235 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_MER);
236 stlink_write_debug32(sl, FLASH_CR, n);
239 static void set_flash_cr_strt(stlink_t *sl) {
240 if(sl->chip_id == STM32F4_CHIP_ID)
242 uint32_t x = read_flash_cr(sl);
243 x |= (1 << FLASH_F4_CR_STRT);
244 stlink_write_debug32(sl, FLASH_F4_CR, x);
247 /* assume come on the flash_cr_per path */
248 const uint32_t n = (1 << FLASH_CR_PER) | (1 << FLASH_CR_STRT);
249 stlink_write_debug32(sl, FLASH_CR, n);
253 static inline uint32_t read_flash_acr(stlink_t *sl) {
254 return stlink_read_debug32(sl, FLASH_ACR);
257 static inline uint32_t read_flash_sr(stlink_t *sl) {
259 if(sl->chip_id==STM32F4_CHIP_ID)
260 res = stlink_read_debug32(sl, FLASH_F4_SR);
262 res = stlink_read_debug32(sl, FLASH_SR);
263 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
267 static inline unsigned int is_flash_busy(stlink_t *sl) {
268 if(sl->chip_id==STM32F4_CHIP_ID)
269 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
271 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
274 static void wait_flash_busy(stlink_t *sl) {
275 /* todo: add some delays here */
276 while (is_flash_busy(sl))
280 static inline unsigned int is_flash_eop(stlink_t *sl) {
281 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
284 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
285 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
286 stlink_write_debug32(sl, FLASH_SR, n);
289 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
290 /* todo: add some delays here */
291 while (is_flash_eop(sl) == 0)
295 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
296 stlink_write_debug32(sl, FLASH_AR, n);
299 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
300 uint32_t x = read_flash_cr(sl);
304 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
306 stlink_write_debug32(sl, FLASH_F4_CR, x);
310 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
311 uint32_t x = read_flash_cr(sl);
312 x &= ~FLASH_F4_CR_SNB_MASK;
313 x |= (n << FLASH_F4_CR_SNB);
314 x |= (1 << FLASH_F4_CR_SER);
316 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
318 stlink_write_debug32(sl, FLASH_F4_CR, x);
323 static void disable_flash_read_protection(stlink_t *sl) {
324 /* erase the option byte area */
331 // Delegates to the backends...
333 void stlink_close(stlink_t *sl) {
334 DLOG("*** stlink_close ***\n");
335 sl->backend->close(sl);
339 void stlink_exit_debug_mode(stlink_t *sl) {
340 DLOG("*** stlink_exit_debug_mode ***\n");
341 stlink_write_debug32(sl, DHCSR, DBGKEY);
342 sl->backend->exit_debug_mode(sl);
345 void stlink_enter_swd_mode(stlink_t *sl) {
346 DLOG("*** stlink_enter_swd_mode ***\n");
347 sl->backend->enter_swd_mode(sl);
350 // Force the core into the debug mode -> halted state.
351 void stlink_force_debug(stlink_t *sl) {
352 DLOG("*** stlink_force_debug_mode ***\n");
353 sl->backend->force_debug(sl);
356 void stlink_exit_dfu_mode(stlink_t *sl) {
357 DLOG("*** stlink_exit_dfu_mode ***\n");
358 sl->backend->exit_dfu_mode(sl);
361 uint32_t stlink_core_id(stlink_t *sl) {
362 DLOG("*** stlink_core_id ***\n");
363 sl->backend->core_id(sl);
365 stlink_print_data(sl);
366 DLOG("core_id = 0x%08x\n", sl->core_id);
370 uint32_t stlink_chip_id(stlink_t *sl) {
371 uint32_t chip_id = stlink_read_debug32(sl, 0xE0042000);
376 * Cortex m3 tech ref manual, CPUID register description
377 * @param sl stlink context
378 * @param cpuid pointer to the result object
380 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
381 uint32_t raw = stlink_read_debug32(sl, CM3_REG_CPUID);
382 cpuid->implementer_id = (raw >> 24) & 0x7f;
383 cpuid->variant = (raw >> 20) & 0xf;
384 cpuid->part = (raw >> 4) & 0xfff;
385 cpuid->revision = raw & 0xf;
390 * reads and decodes the flash parameters, as dynamically as possible
392 * @return 0 for success, or -1 for unsupported core type.
394 int stlink_load_device_params(stlink_t *sl) {
395 ILOG("Loading device parameters....\n");
396 const chip_params_t *params = NULL;
398 sl->core_id = stlink_core_id(sl);
399 uint32_t chip_id = stlink_chip_id(sl);
401 /* Fix chip_id for F4 rev A errata */
402 if (((chip_id & 0xFFF) == 0x411) && (sl->core_id == CORE_M4_R0)) {
406 sl->chip_id = chip_id;
407 for(size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
408 if(devices[i].chip_id == (chip_id & 0xFFF)) {
409 params = &devices[i];
413 if (params == NULL) {
414 WLOG("unknown chip id! %#x\n", chip_id);
418 // These are fixed...
419 sl->flash_base = STM32_FLASH_BASE;
420 sl->sram_base = STM32_SRAM_BASE;
422 // read flash size from hardware, if possible...
423 if ((chip_id & 0xFFF) == STM32_CHIPID_F2) {
424 sl->flash_size = 0; // FIXME - need to work this out some other way, just set to max possible?
425 } else if ((chip_id & 0xFFF) == STM32_CHIPID_F4) {
426 sl->flash_size = 0x100000; //todo: RM0090 error; size register same address as unique ID
428 uint32_t flash_size = stlink_read_debug32(sl, params->flash_size_reg) & 0xffff;
429 sl->flash_size = flash_size * 1024;
431 sl->flash_pgsz = params->flash_pagesize;
432 sl->sram_size = params->sram_size;
433 sl->sys_base = params->bootrom_base;
434 sl->sys_size = params->bootrom_size;
436 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
437 // TODO make note of variable page size here.....
438 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
439 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
444 void stlink_reset(stlink_t *sl) {
445 DLOG("*** stlink_reset ***\n");
446 sl->backend->reset(sl);
449 void stlink_jtag_reset(stlink_t *sl, int value) {
450 DLOG("*** stlink_jtag_reset ***\n");
451 sl->backend->jtag_reset(sl, value);
454 void stlink_run(stlink_t *sl) {
455 DLOG("*** stlink_run ***\n");
456 sl->backend->run(sl);
459 void stlink_status(stlink_t *sl) {
460 DLOG("*** stlink_status ***\n");
461 sl->backend->status(sl);
462 stlink_core_stat(sl);
466 * Decode the version bits, originally from -sg, verified with usb
467 * @param sl stlink context, assumed to contain valid data in the buffer
468 * @param slv output parsed version object
470 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
471 uint32_t b0 = sl->q_buf[0]; //lsb
472 uint32_t b1 = sl->q_buf[1];
473 uint32_t b2 = sl->q_buf[2];
474 uint32_t b3 = sl->q_buf[3];
475 uint32_t b4 = sl->q_buf[4];
476 uint32_t b5 = sl->q_buf[5]; //msb
478 // b0 b1 || b2 b3 | b4 b5
479 // 4b | 6b | 6b || 2B | 2B
480 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
482 slv->stlink_v = (b0 & 0xf0) >> 4;
483 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
484 slv->swim_v = b1 & 0x3f;
485 slv->st_vid = (b3 << 8) | b2;
486 slv->stlink_pid = (b5 << 8) | b4;
490 void stlink_version(stlink_t *sl) {
491 DLOG("*** looking up stlink version\n");
492 sl->backend->version(sl);
493 _parse_version(sl, &sl->version);
495 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
496 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
497 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
498 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
499 DLOG("swim version = 0x%x\n", sl->version.swim_v);
500 if (sl->version.jtag_v == 0) {
501 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
503 if (sl->version.swim_v == 0) {
504 DLOG(" notice: the firmware doesn't support a swim interface\n");
508 uint32_t stlink_read_debug32(stlink_t *sl, uint32_t addr) {
509 uint32_t data = sl->backend->read_debug32(sl, addr);
510 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
514 void stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
515 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
516 sl->backend->write_debug32(sl, addr, data);
519 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
520 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
522 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
525 sl->backend->write_mem32(sl, addr, len);
528 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
529 DLOG("*** stlink_read_mem32 ***\n");
530 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
531 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
535 sl->backend->read_mem32(sl, addr, len);
538 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
539 DLOG("*** stlink_write_mem8 ***\n");
540 sl->backend->write_mem8(sl, addr, len);
543 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
544 DLOG("*** stlink_read_all_regs ***\n");
545 sl->backend->read_all_regs(sl, regp);
548 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
549 DLOG("*** stlink_write_reg\n");
550 sl->backend->write_reg(sl, reg, idx);
553 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
554 DLOG("*** stlink_read_reg\n");
555 DLOG(" (%d) ***\n", r_idx);
557 if (r_idx > 20 || r_idx < 0) {
558 fprintf(stderr, "Error: register index must be in [0..20]\n");
562 sl->backend->read_reg(sl, r_idx, regp);
565 unsigned int is_core_halted(stlink_t *sl) {
566 /* return non zero if core is halted */
568 return sl->q_buf[0] == STLINK_CORE_HALTED;
571 void stlink_step(stlink_t *sl) {
572 DLOG("*** stlink_step ***\n");
573 sl->backend->step(sl);
576 int stlink_current_mode(stlink_t *sl) {
577 int mode = sl->backend->current_mode(sl);
579 case STLINK_DEV_DFU_MODE:
580 DLOG("stlink current mode: dfu\n");
582 case STLINK_DEV_DEBUG_MODE:
583 DLOG("stlink current mode: debug (jtag or swd)\n");
585 case STLINK_DEV_MASS_MODE:
586 DLOG("stlink current mode: mass\n");
589 DLOG("stlink mode: unknown!\n");
590 return STLINK_DEV_UNKNOWN_MODE;
596 // End of delegates.... Common code below here...
599 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
601 // #define is_bigendian() ( (*(char*)&i) == 0 )
603 inline unsigned int is_bigendian(void) {
604 static volatile const unsigned int i = 1;
605 return *(volatile const char*) &i == 0;
608 uint16_t read_uint16(const unsigned char *c, const int pt) {
610 char *p = (char *) &ui;
612 if (!is_bigendian()) { // le -> le (don't swap)
622 // same as above with entrypoint.
624 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
625 stlink_write_reg(sl, addr, 15); /* pc register */
629 while (is_core_halted(sl) == 0)
633 void stlink_core_stat(stlink_t *sl) {
637 switch (sl->q_buf[0]) {
638 case STLINK_CORE_RUNNING:
639 sl->core_stat = STLINK_CORE_RUNNING;
640 DLOG(" core status: running\n");
642 case STLINK_CORE_HALTED:
643 sl->core_stat = STLINK_CORE_HALTED;
644 DLOG(" core status: halted\n");
647 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
648 fprintf(stderr, " core status: unknown\n");
652 void stlink_print_data(stlink_t * sl) {
653 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
656 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
658 for (int i = 0; i < sl->q_len; i++) {
661 if (sl->q_data_dir == Q_DATA_OUT)
662 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
664 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
667 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
669 fputs("\n\n", stdout);
672 /* memory mapped file */
674 typedef struct mapped_file {
679 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
681 static int map_file(mapped_file_t* mf, const char* path) {
685 const int fd = open(path, O_RDONLY);
687 fprintf(stderr, "open(%s) == -1\n", path);
691 if (fstat(fd, &st) == -1) {
692 fprintf(stderr, "fstat() == -1\n");
696 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
697 if (mf->base == MAP_FAILED) {
698 fprintf(stderr, "mmap() == MAP_FAILED\n");
702 mf->len = st.st_size;
713 static void unmap_file(mapped_file_t * mf) {
714 munmap((void*) mf->base, mf->len);
715 mf->base = (unsigned char*) MAP_FAILED;
719 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
722 for (off = 0; off < mf->len; off += sl->flash_pgsz) {
725 /* adjust last page size */
726 size_t cmp_size = sl->flash_pgsz;
727 if ((off + sl->flash_pgsz) > mf->len)
728 cmp_size = mf->len - off;
730 aligned_size = cmp_size;
731 if (aligned_size & (4 - 1))
732 aligned_size = (cmp_size + 4) & ~(4 - 1);
734 stlink_read_mem32(sl, addr + off, aligned_size);
736 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
743 int stlink_fwrite_sram
744 (stlink_t * sl, const char* path, stm32_addr_t addr) {
745 /* write the file in sram at addr */
749 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
751 if (map_file(&mf, path) == -1) {
752 fprintf(stderr, "map_file() == -1\n");
756 /* check addr range is inside the sram */
757 if (addr < sl->sram_base) {
758 fprintf(stderr, "addr too low\n");
760 } else if ((addr + mf.len) < addr) {
761 fprintf(stderr, "addr overruns\n");
763 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
764 fprintf(stderr, "addr too high\n");
766 } else if ((addr & 3) || (mf.len & 3)) {
768 fprintf(stderr, "unaligned addr or size\n");
772 /* do the copy by 1k blocks */
773 for (off = 0; off < mf.len; off += 1024) {
775 if ((off + size) > mf.len)
778 memcpy(sl->q_buf, mf.base + off, size);
780 /* round size if needed */
784 stlink_write_mem32(sl, addr + off, size);
787 /* check the file ha been written */
788 if (check_file(sl, &mf, addr) == -1) {
789 fprintf(stderr, "check_file() == -1\n");
801 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
802 /* read size bytes from addr to file */
807 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
809 fprintf(stderr, "open(%s) == -1\n", path);
813 /* do the copy by 1k blocks */
814 for (off = 0; off < size; off += 1024) {
815 size_t read_size = 1024;
817 if ((off + read_size) > size)
818 read_size = size - off;
820 /* round size if needed */
821 rounded_size = read_size;
822 if (rounded_size & 3)
823 rounded_size = (rounded_size + 4) & ~(3);
825 stlink_read_mem32(sl, addr + off, rounded_size);
827 if (write(fd, sl->q_buf, read_size) != (ssize_t) read_size) {
828 fprintf(stderr, "write() != read_size\n");
842 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
843 /* write the buffer right after the loader */
844 memcpy(sl->q_buf, buf, size);
845 stlink_write_mem8(sl, fl->buf_addr, size);
849 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
850 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
851 if (flashaddr<0x4000) return (0);
852 else if(flashaddr<0x8000) return(1);
853 else if(flashaddr<0xc000) return(2);
854 else if(flashaddr<0x10000) return(3);
855 else if(flashaddr<0x20000) return(4);
856 else return(flashaddr/0x20000)+4;
860 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
861 if(sl->chip_id == STM32F4_CHIP_ID) {
862 uint32_t sector=calculate_F4_sectornum(flashaddr);
863 if (sector<4) sl->flash_pgsz=0x4000;
864 else if(sector<5) sl->flash_pgsz=0x10000;
865 else sl->flash_pgsz=0x20000;
867 return (sl->flash_pgsz);
871 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
872 * @param sl stlink context
873 * @param flashaddr an address in the flash page to erase
874 * @return 0 on success -ve on failure
876 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
878 ILOG("Erasing flash page at addr: %#x\n", flashaddr);
879 if (sl->chip_id == STM32F4_CHIP_ID)
881 /* wait for ongoing op to finish */
884 /* unlock if locked */
887 /* select the page to erase */
888 // calculate the actual page from the address
889 uint32_t sector=calculate_F4_sectornum(flashaddr);
891 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
892 write_flash_cr_snb(sl, sector);
894 /* start erase operation */
895 set_flash_cr_strt(sl);
897 /* wait for completion */
900 /* relock the flash */
901 //todo: fails to program if this is in
904 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
907 else if (sl->core_id == STM32L_CORE_ID)
912 /* disable pecr protection */
913 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
914 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
916 /* check pecr.pelock is cleared */
917 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
920 WLOG("pecr.pelock not clear (%#x)\n", val);
924 /* unlock program memory */
925 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
926 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
928 /* check pecr.prglock is cleared */
929 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
932 WLOG("pecr.prglock not clear (%#x)\n", val);
936 /* unused: unlock the option byte block */
938 stlink_write_debug32(sl, STM32L_FLASH_OPTKEYR, 0xfbead9c8);
939 stlink_write_debug32(sl, STM32L_FLASH_OPTKEYR, 0x24252627);
941 /* check pecr.optlock is cleared */
942 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
945 fprintf(stderr, "pecr.prglock not clear\n");
950 /* set pecr.{erase,prog} */
951 val |= (1 << 9) | (1 << 3);
952 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
954 #if 0 /* fix_to_be_confirmed */
956 /* wait for sr.busy to be cleared
957 MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
958 wrong and we do not need to wait here for clearing the busy bit.
959 TEXANE: ok, if experience says so and it works for you, we comment
960 it. If someone has a problem, please drop an email.
962 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
966 #endif /* fix_to_be_confirmed */
968 /* write 0 to the first word of the page to be erased */
969 stlink_write_debug32(sl, flashaddr, 0);
971 /* MP: It is better to wait for clearing the busy bit after issuing
972 page erase command, even though PM0062 recommends to wait before it.
973 Test shows that a few iterations is performed in the following loop
974 before busy bit is cleared.*/
975 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
979 /* reset lock bits */
980 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
981 | (1 << 0) | (1 << 1) | (1 << 2);
982 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
984 else if (sl->core_id == STM32VL_CORE_ID)
986 /* wait for ongoing op to finish */
989 /* unlock if locked */
992 /* set the page erase bit */
993 set_flash_cr_per(sl);
995 /* select the page to erase */
996 write_flash_ar(sl, flashaddr);
998 /* start erase operation, reset by hw with bsy bit */
999 set_flash_cr_strt(sl);
1001 /* wait for completion */
1002 wait_flash_busy(sl);
1004 /* relock the flash */
1009 WLOG("unknown coreid: %x\n", sl->core_id);
1013 /* todo: verify the erased page */
1018 int stlink_erase_flash_mass(stlink_t *sl) {
1019 /* wait for ongoing op to finish */
1020 wait_flash_busy(sl);
1022 /* unlock if locked */
1023 unlock_flash_if(sl);
1025 /* set the mass erase bit */
1026 set_flash_cr_mer(sl);
1028 /* start erase operation, reset by hw with bsy bit */
1029 set_flash_cr_strt(sl);
1031 /* wait for completion */
1032 wait_flash_busy(sl);
1034 /* relock the flash */
1037 /* todo: verify the erased memory */
1042 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1045 /* allocate the loader in sram */
1046 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1047 WLOG("Failed to write flash loader to sram!\n");
1051 /* allocate a one page buffer in sram right after loader */
1052 fl->buf_addr = fl->loader_addr + size;
1053 ILOG("Successfully loaded flash loader in sram\n");
1057 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1058 /* from openocd, contrib/loaders/flash/stm32.s */
1059 static const uint8_t loader_code_stm32vl[] = {
1060 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1061 0x1c, 0x44, /* add r4, r3 */
1062 /* write_half_word: */
1063 0x01, 0x23, /* movs r3, #0x01 */
1064 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1065 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1066 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1068 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1069 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1070 0xfb, 0xd0, /* beq busy */
1071 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1072 0x01, 0xd1, /* bne exit */
1073 0x01, 0x3a, /* subs r2, r2, #0x01 */
1074 0xf0, 0xd1, /* bne write_half_word */
1076 0x00, 0xbe, /* bkpt #0x00 */
1077 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1080 static const uint8_t loader_code_stm32l[] = {
1082 /* openocd.git/contrib/loaders/flash/stm32lx.S
1083 r0, input, dest addr
1084 r1, input, source addr
1085 r2, input, word count
1086 r3, output, word count
1092 0x51, 0xf8, 0x04, 0xcb,
1093 0x40, 0xf8, 0x04, 0xcb,
1101 const uint8_t* loader_code;
1104 if (sl->core_id == STM32L_CORE_ID) /* stm32l */
1106 loader_code = loader_code_stm32l;
1107 loader_size = sizeof(loader_code_stm32l);
1109 else if (sl->core_id == STM32VL_CORE_ID)
1111 loader_code = loader_code_stm32vl;
1112 loader_size = sizeof(loader_code_stm32vl);
1116 WLOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1120 memcpy(sl->q_buf, loader_code, loader_size);
1121 stlink_write_mem32(sl, sl->sram_base, loader_size);
1123 *addr = sl->sram_base;
1124 *size = loader_size;
1130 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1131 /* check the contents of path are at addr */
1134 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1136 if (map_file(&mf, path) == -1)
1139 res = check_file(sl, &mf, addr);
1147 * Verify addr..addr+len is binary identical to base...base+len
1148 * @param sl stlink context
1149 * @param address stm device address
1150 * @param data host side buffer to check against
1151 * @param length how much
1152 * @return 0 for success, -ve for failure
1154 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1156 if ((sl->chip_id & 0xFFF) == STM32_CHIPID_F4) {
1157 DLOG("(FIXME)Skipping verification for F4, not enough ram (yet)\n");
1160 ILOG("Starting verification of write complete\n");
1161 for (off = 0; off < length; off += sl->flash_pgsz) {
1162 size_t aligned_size;
1164 /* adjust last page size */
1165 size_t cmp_size = sl->flash_pgsz;
1166 if ((off + sl->flash_pgsz) > length)
1167 cmp_size = length - off;
1169 aligned_size = cmp_size;
1170 if (aligned_size & (4 - 1))
1171 aligned_size = (cmp_size + 4) & ~(4 - 1);
1173 stlink_read_mem32(sl, address + off, aligned_size);
1175 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1176 WLOG("Verification of flash failed at offset: %zd\n", off);
1180 ILOG("Flash written and verified! jolly good!\n");
1185 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, unsigned len) {
1188 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1189 len, len, addr, addr);
1190 /* check addr range is inside the flash */
1191 stlink_calculate_pagesize(sl, addr);
1192 if (addr < sl->flash_base) {
1193 WLOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1195 } else if ((addr + len) < addr) {
1196 WLOG("addr overruns\n");
1198 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1199 WLOG("addr too high\n");
1201 } else if ((addr & 1) || (len & 1)) {
1202 WLOG("unaligned addr or size\n");
1204 } else if (addr & (sl->flash_pgsz - 1)) {
1205 WLOG("addr not a multiple of pagesize, not supported\n");
1209 // Make sure we've loaded the context with the chip details
1211 /* erase each page */
1213 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1214 /* addr must be an addr inside the page */
1215 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1216 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1221 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1222 page_count, sl->flash_pgsz, sl->flash_pgsz);
1224 if (sl->chip_id == STM32F4_CHIP_ID) {
1225 /* todo: check write operation */
1227 /* First unlock the cr */
1228 unlock_flash_if(sl);
1230 /* set parallelisim to 32 bit*/
1231 write_flash_cr_psiz(sl, 2);
1233 /* set programming mode */
1234 set_flash_cr_pg(sl);
1236 #define PROGRESS_CHUNK_SIZE 0x1000
1237 /* write a word in program memory */
1238 for (off = 0; off < len; off += sizeof(uint32_t)) {
1240 if (sl->verbose >= 1) {
1241 if ((off & (PROGRESS_CHUNK_SIZE - 1)) == 0) {
1242 /* show progress. writing procedure is slow
1243 and previous errors are misleading */
1244 const uint32_t pgnum = (off / PROGRESS_CHUNK_SIZE)+1;
1245 const uint32_t pgcount = len / PROGRESS_CHUNK_SIZE;
1246 fprintf(stdout, "Writing %ukB chunk %u out of %u\n", PROGRESS_CHUNK_SIZE/1024, pgnum, pgcount);
1250 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1251 stlink_write_debug32(sl, addr + off, data);
1253 /* wait for sr.busy to be cleared */
1254 wait_flash_busy(sl);
1260 #if 0 /* todo: debug mode */
1261 fprintf(stdout, "Final CR:0x%x\n", read_flash_cr(sl));
1268 else if (sl->core_id == STM32L_CORE_ID) {
1269 /* use fast word write. todo: half page. */
1272 #if 0 /* todo: check write operation */
1274 uint32_t nwrites = sl->flash_pgsz;
1278 #endif /* todo: check write operation */
1280 /* disable pecr protection */
1281 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
1282 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
1284 /* check pecr.pelock is cleared */
1285 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1286 if (val & (1 << 0)) {
1287 fprintf(stderr, "pecr.pelock not clear\n");
1291 /* unlock program memory */
1292 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
1293 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
1295 /* check pecr.prglock is cleared */
1296 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1297 if (val & (1 << 1)) {
1298 fprintf(stderr, "pecr.prglock not clear\n");
1302 /* write a word in program memory */
1303 for (off = 0; off < len; off += sizeof(uint32_t)) {
1305 if (sl->verbose >= 1) {
1306 if ((off & (sl->flash_pgsz - 1)) == 0) {
1307 /* show progress. writing procedure is slow
1308 and previous errors are misleading */
1309 const uint32_t pgnum = off / sl->flash_pgsz;
1310 const uint32_t pgcount = len / sl->flash_pgsz;
1311 fprintf(stdout, "%u pages written out of %u\n", pgnum, pgcount);
1315 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1316 stlink_write_debug32(sl, addr + off, data);
1318 /* wait for sr.busy to be cleared */
1319 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {
1322 #if 0 /* todo: check redo write operation */
1324 /* check written bytes. todo: should be on a per page basis. */
1325 data = stlink_read_debug32(sl, addr + off);
1326 if (data == *(uint32_t*)(base + off)) {
1327 /* re erase the page and redo the write operation */
1331 /* fail if successive write count too low */
1332 if (nwrites < sl->flash_pgsz) {
1333 fprintf(stderr, "writes operation failure count too high, aborting\n");
1339 /* assume addr aligned */
1340 if (off % sl->flash_pgsz) off &= ~(sl->flash_pgsz - 1);
1343 fprintf(stderr, "invalid write @0x%x(0x%x): 0x%x != 0x%x. retrying.\n",
1344 page, addr + off, read_uint32(base + off, 0), read_uint32(sl->q_buf, 0));
1346 /* reset lock bits */
1347 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1348 | (1 << 0) | (1 << 1) | (1 << 2);
1349 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1351 stlink_erase_flash_page(sl, page);
1356 /* increment successive writes counter */
1359 #endif /* todo: check redo write operation */
1361 /* reset lock bits */
1362 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1363 | (1 << 0) | (1 << 1) | (1 << 2);
1364 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1365 } else if (sl->core_id == STM32VL_CORE_ID) {
1366 ILOG("Starting Flash write for VL core id\n");
1367 /* flash loader initialization */
1368 if (init_flash_loader(sl, &fl) == -1) {
1369 WLOG("init_flash_loader() == -1\n");
1373 /* write each page. above WRITE_BLOCK_SIZE fails? */
1374 #define WRITE_BLOCK_SIZE 0x40
1375 int write_block_count = 0;
1376 for (off = 0; off < len; off += WRITE_BLOCK_SIZE) {
1377 ILOG("Writing flash block %d of size %d (%#x)\n", write_block_count,
1378 WRITE_BLOCK_SIZE, WRITE_BLOCK_SIZE);
1379 /* adjust last write size */
1380 size_t size = WRITE_BLOCK_SIZE;
1381 if ((off + WRITE_BLOCK_SIZE) > len) size = len - off;
1383 /* unlock and set programming mode */
1384 unlock_flash_if(sl);
1385 set_flash_cr_pg(sl);
1386 //DLOG("Finished setting flash cr pg, running loader!\n");
1387 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1388 WLOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1392 DLOG("Finished writing block %d\n", write_block_count++);
1395 WLOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1399 return stlink_verify_write_flash(sl, addr, base, len);
1403 * Write the given binary file into flash at address "addr"
1405 * @param path readable file path, should be binary image
1406 * @param addr where to start writing
1407 * @return 0 on success, -ve on failure.
1409 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1410 /* write the file in flash at addr */
1412 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1413 if (map_file(&mf, path) == -1) {
1414 WLOG("map_file() == -1\n");
1417 err = stlink_write_flash(sl, addr, mf.base, mf.len);
1422 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
1425 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
1426 // FIXME This can never return -1
1427 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
1429 WLOG("write_buffer_to_sram() == -1\n");
1433 if (sl->core_id == STM32L_CORE_ID) {
1435 size_t count = size / sizeof(uint32_t);
1436 if (size % sizeof(uint32_t)) ++count;
1439 stlink_write_reg(sl, target, 0); /* target */
1440 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
1441 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1442 stlink_write_reg(sl, 0, 3); /* output count */
1443 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1445 } else if (sl->core_id == STM32VL_CORE_ID) {
1447 size_t count = size / sizeof(uint16_t);
1448 if (size % sizeof(uint16_t)) ++count;
1451 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1452 stlink_write_reg(sl, target, 1); /* target */
1453 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
1454 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
1455 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1458 fprintf(stderr, "unknown coreid: 0x%x\n", sl->core_id);
1465 /* wait until done (reaches breakpoint) */
1466 while (is_core_halted(sl) == 0) ;
1468 /* check written byte count */
1469 if (sl->core_id == STM32L_CORE_ID) {
1471 size_t count = size / sizeof(uint32_t);
1472 if (size % sizeof(uint32_t)) ++count;
1474 stlink_read_reg(sl, 3, &rr);
1475 if (rr.r[3] != count) {
1476 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
1480 } else if (sl->core_id == STM32VL_CORE_ID) {
1482 stlink_read_reg(sl, 2, &rr);
1484 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1490 fprintf(stderr, "unknown coreid: 0x%x\n", sl->core_id);
projects / fw / stlink / blob