10 #include <sys/types.h>
15 #include "stlink-common.h"
17 void D(stlink_t *sl, char *txt) {
22 void DD(stlink_t *sl, char *format, ...) {
23 if (sl->verbose > 0) {
25 va_start(list, format);
26 vfprintf(stderr, format, list);
32 /* todo: stm32l15xxx flash memory, pm0062 manual */
34 /* stm32f FPEC flash controller interface, pm0063 manual */
36 #define FLASH_REGS_ADDR 0x40022000
37 #define FLASH_REGS_SIZE 0x28
39 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
40 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
41 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
42 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
43 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
44 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
45 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
47 #define FLASH_RDPTR_KEY 0x00a5
48 #define FLASH_KEY1 0x45670123
49 #define FLASH_KEY2 0xcdef89ab
51 #define FLASH_SR_BSY 0
52 #define FLASH_SR_EOP 5
55 #define FLASH_CR_PER 1
56 #define FLASH_CR_MER 2
57 #define FLASH_CR_STRT 6
58 #define FLASH_CR_LOCK 7
60 void write_uint32(unsigned char* buf, uint32_t ui) {
61 if (!is_bigendian()) { // le -> le (don't swap)
62 buf[0] = ((unsigned char*) &ui)[0];
63 buf[1] = ((unsigned char*) &ui)[1];
64 buf[2] = ((unsigned char*) &ui)[2];
65 buf[3] = ((unsigned char*) &ui)[3];
67 buf[0] = ((unsigned char*) &ui)[3];
68 buf[1] = ((unsigned char*) &ui)[2];
69 buf[2] = ((unsigned char*) &ui)[1];
70 buf[3] = ((unsigned char*) &ui)[0];
74 void write_uint16(unsigned char* buf, uint16_t ui) {
75 if (!is_bigendian()) { // le -> le (don't swap)
76 buf[0] = ((unsigned char*) &ui)[0];
77 buf[1] = ((unsigned char*) &ui)[1];
79 buf[0] = ((unsigned char*) &ui)[1];
80 buf[1] = ((unsigned char*) &ui)[0];
84 uint32_t read_uint32(const unsigned char *c, const int pt) {
86 char *p = (char *) &ui;
88 if (!is_bigendian()) { // le -> le (don't swap)
102 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
103 stlink_read_mem32(sl, FLASH_WRPR, sizeof (uint32_t));
104 return (*(uint32_t*) sl->q_buf) & 0xff;
107 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
108 stlink_read_mem32(sl, FLASH_WRPR, sizeof (uint32_t));
109 return *(uint32_t*) sl->q_buf;
112 static inline uint32_t read_flash_obr(stlink_t *sl) {
113 stlink_read_mem32(sl, FLASH_OBR, sizeof (uint32_t));
114 return *(uint32_t*) sl->q_buf;
117 static inline uint32_t read_flash_cr(stlink_t *sl) {
118 stlink_read_mem32(sl, FLASH_CR, sizeof (uint32_t));
119 return *(uint32_t*) sl->q_buf;
122 static inline unsigned int is_flash_locked(stlink_t *sl) {
123 /* return non zero for true */
124 return read_flash_cr(sl) & (1 << FLASH_CR_LOCK);
127 static void unlock_flash(stlink_t *sl) {
128 /* the unlock sequence consists of 2 write cycles where
129 2 key values are written to the FLASH_KEYR register.
130 an invalid sequence results in a definitive lock of
131 the FPEC block until next reset.
134 write_uint32(sl->q_buf, FLASH_KEY1);
135 stlink_write_mem32(sl, FLASH_KEYR, sizeof (uint32_t));
137 write_uint32(sl->q_buf, FLASH_KEY2);
138 stlink_write_mem32(sl, FLASH_KEYR, sizeof (uint32_t));
141 static int unlock_flash_if(stlink_t *sl) {
142 /* unlock flash if already locked */
144 if (is_flash_locked(sl)) {
146 if (is_flash_locked(sl))
153 static void lock_flash(stlink_t *sl) {
154 /* write to 1 only. reset by hw at unlock sequence */
156 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
158 write_uint32(sl->q_buf, n);
159 stlink_write_mem32(sl, FLASH_CR, sizeof (uint32_t));
162 static void set_flash_cr_pg(stlink_t *sl) {
163 const uint32_t n = 1 << FLASH_CR_PG;
164 write_uint32(sl->q_buf, n);
165 stlink_write_mem32(sl, FLASH_CR, sizeof (uint32_t));
168 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
169 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
170 write_uint32(sl->q_buf, n);
171 stlink_write_mem32(sl, FLASH_CR, sizeof (uint32_t));
174 static void set_flash_cr_per(stlink_t *sl) {
175 const uint32_t n = 1 << FLASH_CR_PER;
176 write_uint32(sl->q_buf, n);
177 stlink_write_mem32(sl, FLASH_CR, sizeof (uint32_t));
180 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
181 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
182 write_uint32(sl->q_buf, n);
183 stlink_write_mem32(sl, FLASH_CR, sizeof (uint32_t));
186 static void set_flash_cr_mer(stlink_t *sl) {
187 const uint32_t n = 1 << FLASH_CR_MER;
188 write_uint32(sl->q_buf, n);
189 stlink_write_mem32(sl, FLASH_CR, sizeof (uint32_t));
192 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
193 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_MER);
194 write_uint32(sl->q_buf, n);
195 stlink_write_mem32(sl, FLASH_CR, sizeof (uint32_t));
198 static void set_flash_cr_strt(stlink_t *sl) {
199 /* assume come on the flash_cr_per path */
200 const uint32_t n = (1 << FLASH_CR_PER) | (1 << FLASH_CR_STRT);
201 write_uint32(sl->q_buf, n);
202 stlink_write_mem32(sl, FLASH_CR, sizeof (uint32_t));
205 static inline uint32_t read_flash_acr(stlink_t *sl) {
206 stlink_read_mem32(sl, FLASH_ACR, sizeof (uint32_t));
207 return *(uint32_t*) sl->q_buf;
210 static inline uint32_t read_flash_sr(stlink_t *sl) {
211 stlink_read_mem32(sl, FLASH_SR, sizeof (uint32_t));
212 return *(uint32_t*) sl->q_buf;
215 static inline unsigned int is_flash_busy(stlink_t *sl) {
216 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
219 static void wait_flash_busy(stlink_t *sl) {
220 /* todo: add some delays here */
221 while (is_flash_busy(sl))
225 static inline unsigned int is_flash_eop(stlink_t *sl) {
226 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
229 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
230 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
231 write_uint32(sl->q_buf, n);
232 stlink_write_mem32(sl, FLASH_SR, sizeof (uint32_t));
235 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
236 /* todo: add some delays here */
237 while (is_flash_eop(sl) == 0)
241 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
242 write_uint32(sl->q_buf, n);
243 stlink_write_mem32(sl, FLASH_AR, sizeof (uint32_t));
248 static void disable_flash_read_protection(stlink_t *sl) {
249 /* erase the option byte area */
256 // Delegates to the backends...
258 void stlink_close(stlink_t *sl) {
259 D(sl, "\n*** stlink_close ***\n");
260 sl->backend->close(sl);
264 void stlink_exit_debug_mode(stlink_t *sl) {
265 D(sl, "\n*** stlink_exit_debug_mode ***\n");
266 sl->backend->exit_debug_mode(sl);
269 void stlink_enter_swd_mode(stlink_t *sl) {
270 D(sl, "\n*** stlink_enter_swd_mode ***\n");
271 sl->backend->enter_swd_mode(sl);
274 // Force the core into the debug mode -> halted state.
275 void stlink_force_debug(stlink_t *sl) {
276 D(sl, "\n*** stlink_force_debug_mode ***\n");
277 sl->backend->force_debug(sl);
280 void stlink_exit_dfu_mode(stlink_t *sl) {
281 D(sl, "\n*** stlink_exit_dfu_mode ***\n");
282 sl->backend->exit_dfu_mode(sl);
285 uint32_t stlink_core_id(stlink_t *sl) {
286 D(sl, "\n*** stlink_core_id ***\n");
287 sl->backend->core_id(sl);
289 stlink_print_data(sl);
293 uint16_t stlink_chip_id(stlink_t *sl) {
294 stlink_read_mem32(sl, 0xE0042000, 4);
295 uint32_t chip_id = sl->q_buf[0] | (sl->q_buf[1] << 8) | (sl->q_buf[2] << 16) |
296 (sl->q_buf[3] << 24);
301 * Cortex m3 tech ref manual, CPUID register description
302 * @param sl stlink context
303 * @param cpuid pointer to the result object
305 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
306 stlink_read_mem32(sl, CM3_REG_CPUID, 4);
307 uint32_t raw = read_uint32(sl->q_buf, 0);
308 cpuid->implementer_id = (raw >> 24) & 0x7f;
309 cpuid->variant = (raw >> 20) & 0xf;
310 cpuid->part = (raw >> 4) & 0xfff;
311 cpuid->revision = raw & 0xf;
315 void stlink_reset(stlink_t *sl) {
316 D(sl, "\n*** stlink_reset ***\n");
317 sl->backend->reset(sl);
320 void stlink_run(stlink_t *sl) {
321 D(sl, "\n*** stlink_run ***\n");
322 sl->backend->run(sl);
325 void stlink_status(stlink_t *sl) {
326 D(sl, "\n*** stlink_status ***\n");
327 sl->backend->status(sl);
328 stlink_core_stat(sl);
332 * Decode the version bits, originally from -sg, verified with usb
333 * @param sl stlink context, assumed to contain valid data in the buffer
334 * @param slv output parsed version object
336 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
337 uint32_t b0 = sl->q_buf[0]; //lsb
338 uint32_t b1 = sl->q_buf[1];
339 uint32_t b2 = sl->q_buf[2];
340 uint32_t b3 = sl->q_buf[3];
341 uint32_t b4 = sl->q_buf[4];
342 uint32_t b5 = sl->q_buf[5]; //msb
344 // b0 b1 || b2 b3 | b4 b5
345 // 4b | 6b | 6b || 2B | 2B
346 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
348 slv->stlink_v = (b0 & 0xf0) >> 4;
349 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
350 slv->swim_v = b1 & 0x3f;
351 slv->st_vid = (b3 << 8) | b2;
352 slv->stlink_pid = (b5 << 8) | b4;
356 void stlink_version(stlink_t *sl) {
357 D(sl, "*** looking up stlink version\n");
358 stlink_version_t slv;
359 sl->backend->version(sl);
360 _parse_version(sl, &slv);
362 DD(sl, "st vid = 0x%04x (expect 0x%04x)\n", slv.st_vid, USB_ST_VID);
363 DD(sl, "stlink pid = 0x%04x\n", slv.stlink_pid);
364 DD(sl, "stlink version = 0x%x\n", slv.stlink_v);
365 DD(sl, "jtag version = 0x%x\n", slv.jtag_v);
366 DD(sl, "swim version = 0x%x\n", slv.swim_v);
367 if (slv.jtag_v == 0) {
368 DD(sl, " notice: the firmware doesn't support a jtag/swd interface\n");
370 if (slv.swim_v == 0) {
371 DD(sl, " notice: the firmware doesn't support a swim interface\n");
375 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
376 D(sl, "\n*** stlink_write_mem32 ***\n");
378 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
381 sl->backend->write_mem32(sl, addr, len);
384 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
385 D(sl, "\n*** stlink_read_mem32 ***\n");
386 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
387 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
391 sl->backend->read_mem32(sl, addr, len);
394 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
395 D(sl, "\n*** stlink_write_mem8 ***\n");
396 sl->backend->write_mem8(sl, addr, len);
399 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
400 D(sl, "\n*** stlink_read_all_regs ***\n");
401 sl->backend->read_all_regs(sl, regp);
404 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
405 D(sl, "\n*** stlink_write_reg\n");
406 sl->backend->write_reg(sl, reg, idx);
409 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
410 D(sl, "\n*** stlink_read_reg\n");
411 DD(sl, " (%d) ***\n", r_idx);
413 if (r_idx > 20 || r_idx < 0) {
414 fprintf(stderr, "Error: register index must be in [0..20]\n");
418 sl->backend->read_reg(sl, r_idx, regp);
421 unsigned int is_core_halted(stlink_t *sl) {
422 /* return non zero if core is halted */
424 return sl->q_buf[0] == STLINK_CORE_HALTED;
427 void stlink_step(stlink_t *sl) {
428 D(sl, "\n*** stlink_step ***\n");
429 sl->backend->step(sl);
432 int stlink_current_mode(stlink_t *sl) {
433 int mode = sl->backend->current_mode(sl);
435 case STLINK_DEV_DFU_MODE:
436 DD(sl, "stlink current mode: dfu\n");
438 case STLINK_DEV_DEBUG_MODE:
439 DD(sl, "stlink current mode: debug (jtag or swd)\n");
441 case STLINK_DEV_MASS_MODE:
442 DD(sl, "stlink current mode: mass\n");
445 DD(sl, "stlink mode: unknown!\n");
446 return STLINK_DEV_UNKNOWN_MODE;
452 // End of delegates.... Common code below here...
455 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
457 // #define is_bigendian() ( (*(char*)&i) == 0 )
459 inline unsigned int is_bigendian(void) {
460 static volatile const unsigned int i = 1;
461 return *(volatile const char*) &i == 0;
464 uint16_t read_uint16(const unsigned char *c, const int pt) {
466 char *p = (char *) &ui;
468 if (!is_bigendian()) { // le -> le (don't swap)
478 // same as above with entrypoint.
480 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
481 stlink_write_reg(sl, addr, 15); /* pc register */
485 while (is_core_halted(sl) == 0)
489 void stlink_core_stat(stlink_t *sl) {
493 switch (sl->q_buf[0]) {
494 case STLINK_CORE_RUNNING:
495 sl->core_stat = STLINK_CORE_RUNNING;
496 DD(sl, " core status: running\n");
498 case STLINK_CORE_HALTED:
499 sl->core_stat = STLINK_CORE_HALTED;
500 DD(sl, " core status: halted\n");
503 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
504 fprintf(stderr, " core status: unknown\n");
508 void stlink_print_data(stlink_t * sl) {
509 if (sl->q_len <= 0 || sl->verbose < 2)
512 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
514 for (int i = 0; i < sl->q_len; i++) {
517 if (sl->q_data_dir == Q_DATA_OUT)
518 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
520 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
523 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
525 fputs("\n\n", stdout);
528 /* memory mapped file */
530 typedef struct mapped_file {
535 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
537 static int map_file(mapped_file_t* mf, const char* path) {
541 const int fd = open(path, O_RDONLY);
543 fprintf(stderr, "open(%s) == -1\n", path);
547 if (fstat(fd, &st) == -1) {
548 fprintf(stderr, "fstat() == -1\n");
552 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
553 if (mf->base == MAP_FAILED) {
554 fprintf(stderr, "mmap() == MAP_FAILED\n");
558 mf->len = st.st_size;
569 static void unmap_file(mapped_file_t * mf) {
570 munmap((void*) mf->base, mf->len);
571 mf->base = (unsigned char*) MAP_FAILED;
575 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
578 for (off = 0; off < mf->len; off += sl->flash_pgsz) {
581 /* adjust last page size */
582 size_t cmp_size = sl->flash_pgsz;
583 if ((off + sl->flash_pgsz) > mf->len)
584 cmp_size = mf->len - off;
586 aligned_size = cmp_size;
587 if (aligned_size & (4 - 1))
588 aligned_size = (cmp_size + 4) & ~(4 - 1);
590 stlink_read_mem32(sl, addr + off, aligned_size);
592 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
599 int stlink_fwrite_sram
600 (stlink_t * sl, const char* path, stm32_addr_t addr) {
601 /* write the file in sram at addr */
605 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
607 if (map_file(&mf, path) == -1) {
608 fprintf(stderr, "map_file() == -1\n");
612 /* check addr range is inside the sram */
613 if (addr < sl->sram_base) {
614 fprintf(stderr, "addr too low\n");
616 } else if ((addr + mf.len) < addr) {
617 fprintf(stderr, "addr overruns\n");
619 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
620 fprintf(stderr, "addr too high\n");
622 } else if ((addr & 3) || (mf.len & 3)) {
624 fprintf(stderr, "unaligned addr or size\n");
628 /* do the copy by 1k blocks */
629 for (off = 0; off < mf.len; off += 1024) {
631 if ((off + size) > mf.len)
634 memcpy(sl->q_buf, mf.base + off, size);
636 /* round size if needed */
640 stlink_write_mem32(sl, addr + off, size);
643 /* check the file ha been written */
644 if (check_file(sl, &mf, addr) == -1) {
645 fprintf(stderr, "check_file() == -1\n");
657 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
658 /* read size bytes from addr to file */
663 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
665 fprintf(stderr, "open(%s) == -1\n", path);
669 /* do the copy by 1k blocks */
670 for (off = 0; off < size; off += 1024) {
671 size_t read_size = 1024;
673 if ((off + read_size) > size)
674 read_size = size - off;
676 /* round size if needed */
677 rounded_size = read_size;
678 if (rounded_size & 3)
679 rounded_size = (rounded_size + 4) & ~(3);
681 stlink_read_mem32(sl, addr + off, rounded_size);
683 if (write(fd, sl->q_buf, read_size) != (ssize_t) read_size) {
684 fprintf(stderr, "write() != read_size\n");
698 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
699 /* write the buffer right after the loader */
700 memcpy(sl->q_buf, buf, size);
701 stlink_write_mem8(sl, fl->buf_addr, size);
705 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t page)
707 /* page an addr in the page to erase */
710 if (sl->core_id == STM32L_CORE_ID)
712 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
713 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
714 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
715 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
716 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
717 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
718 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
719 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
720 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x0c)
721 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
725 /* disable pecr protection */
726 write_uint32(sl->q_buf, 0x89abcdef);
727 stlink_write_mem32(sl, STM32L_FLASH_PEKEYR, sizeof(uint32_t));
728 write_uint32(sl->q_buf, 0x02030405);
729 stlink_write_mem32(sl, STM32L_FLASH_PEKEYR, sizeof(uint32_t));
731 /* check pecr.pelock is cleared */
732 stlink_read_mem32(sl, STM32L_FLASH_PECR, sizeof(uint32_t));
733 val = read_uint32(sl->q_buf, 0);
736 fprintf(stderr, "pecr.pelock not clear (0x%x)\n", val);
740 /* unlock program memory */
741 write_uint32(sl->q_buf, 0x8c9daebf);
742 stlink_write_mem32(sl, STM32L_FLASH_PRGKEYR, sizeof(uint32_t));
743 write_uint32(sl->q_buf, 0x13141516);
744 stlink_write_mem32(sl, STM32L_FLASH_PRGKEYR, sizeof(uint32_t));
746 /* check pecr.prglock is cleared */
747 stlink_read_mem32(sl, STM32L_FLASH_PECR, sizeof(uint32_t));
748 val = read_uint32(sl->q_buf, 0);
751 fprintf(stderr, "pecr.prglock not clear (0x%x)\n", val);
755 /* unused: unlock the option byte block */
757 write_uint32(sl->q_buf, 0xfbead9c8);
758 stlink_write_mem32(sl, STM32L_FLASH_OPTKEYR, sizeof(uint32_t));
759 write_uint32(sl->q_buf, 0x24252627);
760 stlink_write_mem32(sl, STM32L_FLASH_OPTKEYR, sizeof(uint32_t));
762 /* check pecr.optlock is cleared */
763 stlink_read_mem32(sl, STM32L_FLASH_PECR, sizeof(uint32_t));
764 val = read_uint32(sl->q_buf, 0);
767 fprintf(stderr, "pecr.prglock not clear\n");
772 /* set pecr.{erase,prog} */
773 val |= (1 << 9) | (1 << 3);
774 write_uint32(sl->q_buf, val);
775 stlink_write_mem32(sl, STM32L_FLASH_PECR, sizeof(uint32_t));
777 /* wait for sr.busy to be cleared */
780 stlink_read_mem32(sl, STM32L_FLASH_SR, sizeof(uint32_t));
781 if ((read_uint32(sl->q_buf, 0) & (1 << 0)) == 0) break ;
784 /* write 0 to the first word of the page to be erased */
785 memset(sl->q_buf, 0, sizeof(uint32_t));
786 stlink_write_mem32(sl, page, sizeof(uint32_t));
788 /* reset lock bits */
789 stlink_read_mem32(sl, STM32L_FLASH_PECR, sizeof(uint32_t));
790 val = read_uint32(sl->q_buf, 0) | (1 << 0) | (1 << 1) | (1 << 2);
791 write_uint32(sl->q_buf, val);
792 stlink_write_mem32(sl, STM32L_FLASH_PECR, sizeof(uint32_t));
794 else if (sl->core_id == STM32VL_CORE_ID)
796 /* wait for ongoing op to finish */
799 /* unlock if locked */
802 /* set the page erase bit */
803 set_flash_cr_per(sl);
805 /* select the page to erase */
806 write_flash_ar(sl, page);
808 /* start erase operation, reset by hw with bsy bit */
809 set_flash_cr_strt(sl);
811 /* wait for completion */
814 /* relock the flash */
818 fprintf(stderr, "unknown coreid: %x\n", sl->core_id);
822 /* todo: verify the erased page */
827 int stlink_erase_flash_mass(stlink_t *sl) {
828 /* wait for ongoing op to finish */
831 /* unlock if locked */
834 /* set the mass erase bit */
835 set_flash_cr_mer(sl);
837 /* start erase operation, reset by hw with bsy bit */
838 set_flash_cr_strt(sl);
840 /* wait for completion */
843 /* relock the flash */
846 /* todo: verify the erased memory */
851 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
854 /* allocate the loader in sram */
855 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
856 fprintf(stderr, "write_loader_to_sram() == -1\n");
860 /* allocate a one page buffer in sram right after loader */
861 fl->buf_addr = fl->loader_addr + size;
866 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
867 /* from openocd, contrib/loaders/flash/stm32.s */
868 static const uint8_t loader_code_stm32vl[] = {
869 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
870 0x1c, 0x44, /* add r4, r3 */
871 /* write_half_word: */
872 0x01, 0x23, /* movs r3, #0x01 */
873 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
874 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
875 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
877 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
878 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
879 0xfb, 0xd0, /* beq busy */
880 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
881 0x01, 0xd1, /* bne exit */
882 0x01, 0x3a, /* subs r2, r2, #0x01 */
883 0xf0, 0xd1, /* bne write_half_word */
885 0x00, 0xbe, /* bkpt #0x00 */
886 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
889 static const uint8_t loader_code_stm32l[] = {
891 /* openocd.git/contrib/loaders/flash/stm32lx.S
893 r1, input, source addr
894 r2, input, word count
895 r3, output, word count
901 0x51, 0xf8, 0x04, 0xcb,
902 0x40, 0xf8, 0x04, 0xcb,
910 const uint8_t* loader_code;
913 if (sl->core_id == STM32L_CORE_ID) /* stm32l */
915 loader_code = loader_code_stm32l;
916 loader_size = sizeof(loader_code_stm32l);
918 else if (sl->core_id == STM32VL_CORE_ID)
920 loader_code = loader_code_stm32vl;
921 loader_size = sizeof(loader_code_stm32vl);
925 fprintf(stderr, "unknown coreid: %x\n", sl->core_id);
929 memcpy(sl->q_buf, loader_code, loader_size);
930 stlink_write_mem32(sl, sl->sram_base, loader_size);
932 *addr = sl->sram_base;
939 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
940 /* check the contents of path are at addr */
943 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
945 if (map_file(&mf, path) == -1)
948 res = check_file(sl, &mf, addr);
956 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, unsigned len) {
960 /* check addr range is inside the flash */
961 if (addr < sl->flash_base) {
962 fprintf(stderr, "addr too low\n");
964 } else if ((addr + len) < addr) {
965 fprintf(stderr, "addr overruns\n");
967 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
968 fprintf(stderr, "addr too high\n");
970 } else if ((addr & 1) || (len & 1)) {
971 fprintf(stderr, "unaligned addr or size\n");
973 } else if (addr & (sl->flash_pgsz - 1)) {
974 fprintf(stderr, "addr not a multiple of pagesize, not supported\n");
978 /* erase each page */
979 for (off = 0; off < len; off += sl->flash_pgsz) {
980 /* addr must be an addr inside the page */
981 if (stlink_erase_flash_page(sl, addr + off) == -1) {
982 fprintf(stderr, "erase_flash_page(0x%zx) == -1\n", addr + off);
988 if (sl->core_id == STM32L_CORE_ID)
990 /* use fast word write. todo: half page. */
994 #if 0 /* todo: check write operation */
996 uint32_t nwrites = sl->flash_pgsz;
1000 #endif /* todo: check write operation */
1002 /* disable pecr protection */
1003 write_uint32(sl->q_buf, 0x89abcdef);
1004 stlink_write_mem32(sl, STM32L_FLASH_PEKEYR, sizeof(uint32_t));
1005 write_uint32(sl->q_buf, 0x02030405);
1006 stlink_write_mem32(sl, STM32L_FLASH_PEKEYR, sizeof(uint32_t));
1008 /* check pecr.pelock is cleared */
1009 stlink_read_mem32(sl, STM32L_FLASH_PECR, sizeof(uint32_t));
1010 val = read_uint32(sl->q_buf, 0);
1013 fprintf(stderr, "pecr.pelock not clear\n");
1017 /* unlock program memory */
1018 write_uint32(sl->q_buf, 0x8c9daebf);
1019 stlink_write_mem32(sl, STM32L_FLASH_PRGKEYR, sizeof(uint32_t));
1020 write_uint32(sl->q_buf, 0x13141516);
1021 stlink_write_mem32(sl, STM32L_FLASH_PRGKEYR, sizeof(uint32_t));
1023 /* check pecr.prglock is cleared */
1024 stlink_read_mem32(sl, STM32L_FLASH_PECR, sizeof(uint32_t));
1025 val = read_uint32(sl->q_buf, 0);
1028 fprintf(stderr, "pecr.prglock not clear\n");
1032 /* write a word in program memory */
1033 for (off = 0; off < len; off += sizeof(uint32_t))
1035 if (sl->verbose >= 1)
1037 if ((off & (sl->flash_pgsz - 1)) == 0)
1039 /* show progress. writing procedure is slow
1040 and previous errors are misleading */
1041 const uint32_t pgnum = off / sl->flash_pgsz;
1042 const uint32_t pgcount = len / sl->flash_pgsz;
1043 fprintf(stdout, "%u pages written out of %u\n", pgnum, pgcount);
1047 memcpy(sl->q_buf, (const void*)(base + off), sizeof(uint32_t));
1048 stlink_write_mem32(sl, addr + off, sizeof(uint32_t));
1050 /* wait for sr.busy to be cleared */
1053 stlink_read_mem32(sl, STM32L_FLASH_SR, sizeof(uint32_t));
1054 if ((read_uint32(sl->q_buf, 0) & (1 << 0)) == 0) break ;
1057 #if 0 /* todo: check redo write operation */
1059 /* check written bytes. todo: should be on a per page basis. */
1060 stlink_read_mem32(sl, addr + off, sizeof(uint32_t));
1061 if (memcmp(sl->q_buf, base + off, sizeof(uint32_t)))
1063 /* re erase the page and redo the write operation */
1067 /* fail if successive write count too low */
1068 if (nwrites < sl->flash_pgsz) {
1069 fprintf(stderr, "writes operation failure count too high, aborting\n");
1075 /* assume addr aligned */
1076 if (off % sl->flash_pgsz) off &= ~(sl->flash_pgsz - 1);
1079 fprintf(stderr, "invalid write @%x(%x): %x != %x. retrying.\n",
1080 page, addr + off, read_uint32(base + off, 0), read_uint32(sl->q_buf, 0));
1082 /* reset lock bits */
1083 stlink_read_mem32(sl, STM32L_FLASH_PECR, sizeof(uint32_t));
1084 val = read_uint32(sl->q_buf, 0) | (1 << 0) | (1 << 1) | (1 << 2);
1085 write_uint32(sl->q_buf, val);
1086 stlink_write_mem32(sl, STM32L_FLASH_PECR, sizeof(uint32_t));
1088 stlink_erase_flash_page(sl, page);
1093 /* increment successive writes counter */
1096 #endif /* todo: check redo write operation */
1100 /* reset lock bits */
1101 stlink_read_mem32(sl, STM32L_FLASH_PECR, sizeof(uint32_t));
1102 val = read_uint32(sl->q_buf, 0) | (1 << 0) | (1 << 1) | (1 << 2);
1103 write_uint32(sl->q_buf, val);
1104 stlink_write_mem32(sl, STM32L_FLASH_PECR, sizeof(uint32_t));
1106 else if (sl->core_id == STM32VL_CORE_ID)
1108 /* flash loader initialization */
1109 if (init_flash_loader(sl, &fl) == -1) {
1110 fprintf(stderr, "init_flash_loader() == -1\n");
1114 /* write each page. above WRITE_BLOCK_SIZE fails? */
1115 #define WRITE_BLOCK_SIZE 0x40
1116 for (off = 0; off < len; off += WRITE_BLOCK_SIZE)
1118 /* adjust last write size */
1119 size_t size = WRITE_BLOCK_SIZE;
1120 if ((off + WRITE_BLOCK_SIZE) > len) size = len - off;
1122 /* unlock and set programming mode */
1123 unlock_flash_if(sl);
1124 set_flash_cr_pg(sl);
1126 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1127 fprintf(stderr, "run_flash_loader(0x%zx) == -1\n", addr + off);
1134 fprintf(stderr, "unknown coreid: %x\n", sl->core_id);
1138 for (off = 0; off < len; off += sl->flash_pgsz) {
1139 size_t aligned_size;
1141 /* adjust last page size */
1142 size_t cmp_size = sl->flash_pgsz;
1143 if ((off + sl->flash_pgsz) > len)
1144 cmp_size = len - off;
1146 aligned_size = cmp_size;
1147 if (aligned_size & (4 - 1))
1148 aligned_size = (cmp_size + 4) & ~(4 - 1);
1150 stlink_read_mem32(sl, addr + off, aligned_size);
1152 if (memcmp(sl->q_buf, base + off, cmp_size))
1159 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1160 /* write the file in flash at addr */
1163 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1165 if (map_file(&mf, path) == -1) {
1166 fprintf(stderr, "map_file() == -1\n");
1170 err = stlink_write_flash(sl, addr, mf.base, mf.len);
1177 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
1181 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
1182 fprintf(stderr, "write_buffer_to_sram() == -1\n");
1186 if (sl->core_id == STM32L_CORE_ID) {
1188 size_t count = size / sizeof(uint32_t);
1189 if (size % sizeof(uint32_t)) ++count;
1192 stlink_write_reg(sl, target, 0); /* target */
1193 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
1194 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1195 stlink_write_reg(sl, 0, 3); /* output count */
1196 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1198 } else if (sl->core_id == STM32VL_CORE_ID) {
1200 size_t count = size / sizeof(uint16_t);
1201 if (size % sizeof(uint16_t)) ++count;
1204 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1205 stlink_write_reg(sl, target, 1); /* target */
1206 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
1207 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
1208 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1211 fprintf(stderr, "unknown coreid: %x\n", sl->core_id);
1218 /* wait until done (reaches breakpoint) */
1219 while (is_core_halted(sl) == 0) ;
1221 /* check written byte count */
1222 if (sl->core_id == STM32L_CORE_ID) {
1224 size_t count = size / sizeof(uint32_t);
1225 if (size % sizeof(uint32_t)) ++count;
1227 stlink_read_reg(sl, 3, &rr);
1228 if (rr.r[3] != count) {
1229 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
1233 } else if (sl->core_id == STM32VL_CORE_ID) {
1235 stlink_read_reg(sl, 2, &rr);
1237 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1243 fprintf(stderr, "unknown coreid: %x\n", sl->core_id);
projects / fw / stlink / blob