/*************************************************************************** * Copyright (C) 2009 by Simon Qian * * SimonQian@SimonQian.com * * * * This program is free software; you can redistribute it and/or modify * * it under the terms of the GNU General Public License as published by * * the Free Software Foundation; either version 2 of the License, or * * (at your option) any later version. * * * * This program is distributed in the hope that it will be useful, * * but WITHOUT ANY WARRANTY; without even the implied warranty of * * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * * GNU General Public License for more details. * * * * You should have received a copy of the GNU General Public License * * along with this program; if not, write to the * * Free Software Foundation, Inc., * * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * ***************************************************************************/ #ifdef HAVE_CONFIG_H #include "config.h" #endif #include "avrf.h" #include "avrt.h" #include "flash.h" /* AVR_JTAG_Instructions */ #define AVR_JTAG_INS_LEN 4 // Public Instructions: #define AVR_JTAG_INS_EXTEST 0x00 #define AVR_JTAG_INS_IDCODE 0x01 #define AVR_JTAG_INS_SAMPLE_PRELOAD 0x02 #define AVR_JTAG_INS_BYPASS 0x0F // AVR Specified Public Instructions: #define AVR_JTAG_INS_AVR_RESET 0x0C #define AVR_JTAG_INS_PROG_ENABLE 0x04 #define AVR_JTAG_INS_PROG_COMMANDS 0x05 #define AVR_JTAG_INS_PROG_PAGELOAD 0x06 #define AVR_JTAG_INS_PROG_PAGEREAD 0x07 // Data Registers: #define AVR_JTAG_REG_Bypass_Len 1 #define AVR_JTAG_REG_DeviceID_Len 32 #define AVR_JTAG_REG_Reset_Len 1 #define AVR_JTAG_REG_JTAGID_Len 32 #define AVR_JTAG_REG_ProgrammingEnable_Len 16 #define AVR_JTAG_REG_ProgrammingCommand_Len 15 #define AVR_JTAG_REG_FlashDataByte_Len 16 avrf_type_t avft_chips_info[] = { // name, chip_id, flash_page_size, flash_page_num, eeprom_page_size, eeprom_page_num {"atmega128", 0x9702, 256, 512, 8, 512}, }; static int avrf_register_commands(struct command_context_s *cmd_ctx); static int avrf_flash_bank_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc, struct flash_bank_s *bank); static int avrf_erase(struct flash_bank_s *bank, int first, int last); static int avrf_protect(struct flash_bank_s *bank, int set, int first, int last); static int avrf_write(struct flash_bank_s *bank, uint8_t *buffer, uint32_t offset, uint32_t count); static int avrf_probe(struct flash_bank_s *bank); static int avrf_auto_probe(struct flash_bank_s *bank); //static int avrf_handle_part_id_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc); static int avrf_protect_check(struct flash_bank_s *bank); static int avrf_info(struct flash_bank_s *bank, char *buf, int buf_size); static int avrf_handle_mass_erase_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc); extern int avr_jtag_sendinstr(jtag_tap_t *tap, uint8_t *ir_in, uint8_t ir_out); extern int avr_jtag_senddat(jtag_tap_t *tap, uint32_t *dr_in, uint32_t dr_out, int len); extern int mcu_write_ir(jtag_tap_t *tap, uint8_t *ir_in, uint8_t *ir_out, int ir_len, int rti); extern int mcu_write_dr(jtag_tap_t *tap, uint8_t *ir_in, uint8_t *ir_out, int dr_len, int rti); extern int mcu_write_ir_u8(jtag_tap_t *tap, uint8_t *ir_in, uint8_t ir_out, int ir_len, int rti); extern int mcu_write_dr_u8(jtag_tap_t *tap, uint8_t *ir_in, uint8_t ir_out, int dr_len, int rti); extern int mcu_write_ir_u16(jtag_tap_t *tap, uint16_t *ir_in, uint16_t ir_out, int ir_len, int rti); extern int mcu_write_dr_u16(jtag_tap_t *tap, uint16_t *ir_in, uint16_t ir_out, int dr_len, int rti); extern int mcu_write_ir_u32(jtag_tap_t *tap, uint32_t *ir_in, uint32_t ir_out, int ir_len, int rti); extern int mcu_write_dr_u32(jtag_tap_t *tap, uint32_t *ir_in, uint32_t ir_out, int dr_len, int rti); extern int mcu_execute_queue(void); flash_driver_t avr_flash = { .name = "avr", .register_commands = avrf_register_commands, .flash_bank_command = avrf_flash_bank_command, .erase = avrf_erase, .protect = avrf_protect, .write = avrf_write, .probe = avrf_probe, .auto_probe = avrf_auto_probe, .erase_check = default_flash_mem_blank_check, .protect_check = avrf_protect_check, .info = avrf_info }; /* avr program functions */ static int avr_jtag_reset(avr_common_t *avr, uint32_t reset) { avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_AVR_RESET); avr_jtag_senddat(avr->jtag_info.tap, NULL, reset ,AVR_JTAG_REG_Reset_Len); return ERROR_OK; } static int avr_jtag_read_jtagid(avr_common_t *avr, uint32_t *id) { avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_IDCODE); avr_jtag_senddat(avr->jtag_info.tap, id, 0, AVR_JTAG_REG_JTAGID_Len); return ERROR_OK; } static int avr_jtagprg_enterprogmode(avr_common_t *avr) { avr_jtag_reset(avr, 1); avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_PROG_ENABLE); avr_jtag_senddat(avr->jtag_info.tap, NULL, 0xA370, AVR_JTAG_REG_ProgrammingEnable_Len); return ERROR_OK; } static int avr_jtagprg_leaveprogmode(avr_common_t *avr) { avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_PROG_COMMANDS); avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x2300, AVR_JTAG_REG_ProgrammingCommand_Len); avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3300, AVR_JTAG_REG_ProgrammingCommand_Len); avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_PROG_ENABLE); avr_jtag_senddat(avr->jtag_info.tap, NULL, 0, AVR_JTAG_REG_ProgrammingEnable_Len); avr_jtag_reset(avr, 0); return ERROR_OK; } static int avr_jtagprg_chiperase(avr_common_t *avr) { uint32_t poll_value; avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_PROG_COMMANDS); avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x2380, AVR_JTAG_REG_ProgrammingCommand_Len); avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3180, AVR_JTAG_REG_ProgrammingCommand_Len); avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3380, AVR_JTAG_REG_ProgrammingCommand_Len); avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3380, AVR_JTAG_REG_ProgrammingCommand_Len); do { poll_value = 0; avr_jtag_senddat(avr->jtag_info.tap, &poll_value, 0x3380, AVR_JTAG_REG_ProgrammingCommand_Len); if (ERROR_OK != mcu_execute_queue()) { return ERROR_FAIL; } LOG_DEBUG("poll_value = 0x%04" PRIx32 "", poll_value); } while (!(poll_value & 0x0200)); return ERROR_OK; } static int avr_jtagprg_writeflashpage(avr_common_t *avr, uint8_t *page_buf, uint32_t buf_size, uint32_t addr, uint32_t page_size) { uint32_t i, poll_value; avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_PROG_COMMANDS); avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x2310, AVR_JTAG_REG_ProgrammingCommand_Len); // load addr high byte avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x0700 | ((addr >> 9) & 0xFF), AVR_JTAG_REG_ProgrammingCommand_Len); // load addr low byte avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x0300 | ((addr >> 1) & 0xFF), AVR_JTAG_REG_ProgrammingCommand_Len); avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_PROG_PAGELOAD); for (i = 0; i < page_size; i++) { if (i < buf_size) { avr_jtag_senddat(avr->jtag_info.tap, NULL, page_buf[i], 8); } else { avr_jtag_senddat(avr->jtag_info.tap, NULL, 0xFF, 8); } } avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_PROG_COMMANDS); avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3700, AVR_JTAG_REG_ProgrammingCommand_Len); avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3500, AVR_JTAG_REG_ProgrammingCommand_Len); avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3700, AVR_JTAG_REG_ProgrammingCommand_Len); avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3700, AVR_JTAG_REG_ProgrammingCommand_Len); do { poll_value = 0; avr_jtag_senddat(avr->jtag_info.tap, &poll_value, 0x3700, AVR_JTAG_REG_ProgrammingCommand_Len); if (ERROR_OK != mcu_execute_queue()) { return ERROR_FAIL; } LOG_DEBUG("poll_value = 0x%04" PRIx32 "", poll_value); } while (!(poll_value & 0x0200)); return ERROR_OK; } /* interface command */ static int avrf_register_commands(struct command_context_s *cmd_ctx) { command_t *avr_cmd = register_command(cmd_ctx, NULL, "avr", NULL, COMMAND_ANY, "avr flash specific commands"); register_command(cmd_ctx, avr_cmd, "mass_erase", avrf_handle_mass_erase_command, COMMAND_EXEC, "mass erase device"); return ERROR_OK; } static int avrf_flash_bank_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc, struct flash_bank_s *bank) { avrf_flash_bank_t *avrf_info; if (argc < 6) { LOG_WARNING("incomplete flash_bank avr configuration"); return ERROR_FLASH_BANK_INVALID; } avrf_info = malloc(sizeof(avrf_flash_bank_t)); bank->driver_priv = avrf_info; avrf_info->probed = 0; return ERROR_OK; } static int avrf_erase(struct flash_bank_s *bank, int first, int last) { LOG_INFO("%s", __FUNCTION__); return ERROR_OK; } static int avrf_protect(struct flash_bank_s *bank, int set, int first, int last) { LOG_INFO("%s", __FUNCTION__); return ERROR_OK; } static int avrf_write(struct flash_bank_s *bank, uint8_t *buffer, uint32_t offset, uint32_t count) { target_t *target = bank->target; avr_common_t *avr = target->arch_info; uint32_t cur_size, cur_buffer_size, page_size; if (bank->target->state != TARGET_HALTED) { LOG_ERROR("Target not halted"); return ERROR_TARGET_NOT_HALTED; } page_size = bank->sectors[0].size; if ((offset % page_size) != 0) { LOG_WARNING("offset 0x%" PRIx32 " breaks required %" PRIu32 "-byte alignment", offset, page_size); return ERROR_FLASH_DST_BREAKS_ALIGNMENT; } LOG_DEBUG("offset is 0x%08" PRIx32 "", offset); LOG_DEBUG("count is %" PRId32 "", count); if (ERROR_OK != avr_jtagprg_enterprogmode(avr)) { return ERROR_FAIL; } cur_size = 0; while (count > 0) { if (count > page_size) { cur_buffer_size = page_size; } else { cur_buffer_size = count; } avr_jtagprg_writeflashpage(avr, buffer + cur_size, cur_buffer_size, offset + cur_size, page_size); count -= cur_buffer_size; cur_size += cur_buffer_size; keep_alive(); } return avr_jtagprg_leaveprogmode(avr); } #define EXTRACT_MFG(X) (((X) & 0xffe) >> 1) #define EXTRACT_PART(X) (((X) & 0xffff000) >> 12) #define EXTRACT_VER(X) (((X) & 0xf0000000) >> 28) static int avrf_probe(struct flash_bank_s *bank) { target_t *target = bank->target; avrf_flash_bank_t *avrf_info = bank->driver_priv; avr_common_t *avr = target->arch_info; avrf_type_t *avr_info = NULL; int i; uint32_t device_id; if (bank->target->state != TARGET_HALTED) { LOG_ERROR("Target not halted"); return ERROR_TARGET_NOT_HALTED; } avrf_info->probed = 0; avr_jtag_read_jtagid(avr, &device_id); if (ERROR_OK != mcu_execute_queue()) { return ERROR_FAIL; } LOG_INFO("device id = 0x%08" PRIx32 "", device_id); if (EXTRACT_MFG(device_id) != 0x1F) { LOG_ERROR("0x%" PRIx32 " is invalid Manufacturer for avr, 0x%X is expected", EXTRACT_MFG(device_id), 0x1F); } for (i = 0; i < (int)(sizeof(avft_chips_info) / sizeof(avft_chips_info[0])); i++) { if (avft_chips_info[i].chip_id == EXTRACT_PART(device_id)) { avr_info = &avft_chips_info[i]; LOG_INFO("target device is %s", avr_info->name); break; } } if (avr_info != NULL) { // chip found bank->base = 0x00000000; bank->size = (avr_info->flash_page_size * avr_info->flash_page_num); bank->num_sectors = avr_info->flash_page_num; bank->sectors = malloc(sizeof(flash_sector_t) * avr_info->flash_page_num); for (i = 0; i < avr_info->flash_page_num; i++) { bank->sectors[i].offset = i * avr_info->flash_page_size; bank->sectors[i].size = avr_info->flash_page_size; bank->sectors[i].is_erased = -1; bank->sectors[i].is_protected = 1; } avrf_info->probed = 1; return ERROR_OK; } else { // chip not supported LOG_ERROR("0x%" PRIx32 " is not support for avr", EXTRACT_PART(device_id)); avrf_info->probed = 1; return ERROR_FAIL; } } static int avrf_auto_probe(struct flash_bank_s *bank) { avrf_flash_bank_t *avrf_info = bank->driver_priv; if (avrf_info->probed) return ERROR_OK; return avrf_probe(bank); } static int avrf_protect_check(struct flash_bank_s *bank) { LOG_INFO("%s", __FUNCTION__); return ERROR_OK; } static int avrf_info(struct flash_bank_s *bank, char *buf, int buf_size) { target_t *target = bank->target; avr_common_t *avr = target->arch_info; avrf_type_t *avr_info = NULL; int i; uint32_t device_id; if (bank->target->state != TARGET_HALTED) { LOG_ERROR("Target not halted"); return ERROR_TARGET_NOT_HALTED; } avr_jtag_read_jtagid(avr, &device_id); if (ERROR_OK != mcu_execute_queue()) { return ERROR_FAIL; } LOG_INFO("device id = 0x%08" PRIx32 "", device_id); if (EXTRACT_MFG(device_id) != 0x1F) { LOG_ERROR("0x%" PRIx32 " is invalid Manufacturer for avr, 0x%X is expected", EXTRACT_MFG(device_id), 0x1F); } for (i = 0; i < (int)(sizeof(avft_chips_info) / sizeof(avft_chips_info[0])); i++) { if (avft_chips_info[i].chip_id == EXTRACT_PART(device_id)) { avr_info = &avft_chips_info[i]; LOG_INFO("target device is %s", avr_info->name); break; } } if (avr_info != NULL) { // chip found snprintf(buf, buf_size, "%s - Rev: 0x%" PRIx32 "", avr_info->name, EXTRACT_VER(device_id)); return ERROR_OK; } else { // chip not supported snprintf(buf, buf_size, "Cannot identify target as a avr\n"); return ERROR_FLASH_OPERATION_FAILED; } } static int avrf_mass_erase(struct flash_bank_s *bank) { target_t *target = bank->target; avr_common_t *avr = target->arch_info; if (target->state != TARGET_HALTED) { LOG_ERROR("Target not halted"); return ERROR_TARGET_NOT_HALTED; } if ((ERROR_OK != avr_jtagprg_enterprogmode(avr)) || (ERROR_OK != avr_jtagprg_chiperase(avr)) || (ERROR_OK != avr_jtagprg_leaveprogmode(avr))) { return ERROR_FAIL; } return ERROR_OK; } static int avrf_handle_mass_erase_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc) { flash_bank_t *bank; int i; if (argc < 1) { command_print(cmd_ctx, "avr mass_erase <bank>"); return ERROR_OK; } bank = get_flash_bank_by_num(strtoul(args[0], NULL, 0)); if (!bank) { command_print(cmd_ctx, "flash bank '#%s' is out of bounds", args[0]); return ERROR_OK; } if (avrf_mass_erase(bank) == ERROR_OK) { /* set all sectors as erased */ for (i = 0; i < bank->num_sectors; i++) { bank->sectors[i].is_erased = 1; } command_print(cmd_ctx, "avr mass erase complete"); } else { command_print(cmd_ctx, "avr mass erase failed"); } LOG_DEBUG("%s", __FUNCTION__); return ERROR_OK; }