Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
jtag: linuxgpiod: drop extra parenthesis
[openocd.git] / src / target / arm920t.c
1
2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program. If not, see <http://www.gnu.org/licenses/>. *
18 ***************************************************************************/
19
20 #ifdef HAVE_CONFIG_H
21 #include "config.h"
22 #endif
23
24 #include "arm920t.h"
25 #include <helper/time_support.h>
26 #include "target_type.h"
27 #include "register.h"
28 #include "arm_opcodes.h"
29
30 /*
31 * For information about the ARM920T, see ARM DDI 0151C especially
32 * Chapter 9 about debug support, which shows how to manipulate each
33 * of the different scan chains:
34 *
35 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
36 * 1 ... debugging; watchpoint and breakpoint status, etc; also
37 * MMU and cache access in conjunction with scan chain 15
38 * 2 ... EmbeddedICE
39 * 3 ... external boundary scan (SoC-specific, unused here)
40 * 4 ... access to cache tag RAM
41 * 6 ... ETM9
42 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
43 * "interpreted" works with a few actual MRC/MCR instructions
44 * "physical" provides register-like behaviors. Section 9.6.7
45 * covers these details.
46 *
47 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
48 */
49
50 #if 0
51 #define _DEBUG_INSTRUCTION_EXECUTION_
52 #endif
53
54 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
55 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
56 * JTAG scan, while reads use two.
57 *
58 * Table 9-9 lists the thirteen registers which support physical access.
59 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
60 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
61 *
62 * x == bit[38]
63 * y == bits[37:34]
64 * z == bit[33]
65 */
66 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
67
68 /* Registers supporting physical Read access (from table 9-9) */
69 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
70 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
71 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
72 /* NOTE: several more registers support only physical read access */
73
74 /* Registers supporting physical Read/Write access (from table 9-9) */
75 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
76 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
77 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
78 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
79 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
80
81 static int arm920t_read_cp15_physical(struct target *target,
82 int reg_addr, uint32_t *value)
83 {
84 struct arm920t_common *arm920t = target_to_arm920(target);
85 struct arm_jtag *jtag_info;
86 struct scan_field fields[4];
87 uint8_t access_type_buf = 1;
88 uint8_t reg_addr_buf = reg_addr & 0x3f;
89 uint8_t nr_w_buf = 0;
90 int retval;
91
92 jtag_info = &arm920t->arm7_9_common.jtag_info;
93
94 retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
95 if (retval != ERROR_OK)
96 return retval;
97 retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_IDLE);
98 if (retval != ERROR_OK)
99 return retval;
100
101 fields[0].num_bits = 1;
102 fields[0].out_value = &access_type_buf;
103 fields[0].in_value = NULL;
104
105 fields[1].num_bits = 32;
106 fields[1].out_value = NULL;
107 fields[1].in_value = NULL;
108
109 fields[2].num_bits = 6;
110 fields[2].out_value = &reg_addr_buf;
111 fields[2].in_value = NULL;
112
113 fields[3].num_bits = 1;
114 fields[3].out_value = &nr_w_buf;
115 fields[3].in_value = NULL;
116
117 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
118
119 fields[1].in_value = (uint8_t *)value;
120
121 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
122
123 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
124
125 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
126 jtag_execute_queue();
127 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
128 #endif
129
130 return ERROR_OK;
131 }
132
133 static int arm920t_write_cp15_physical(struct target *target,
134 int reg_addr, uint32_t value)
135 {
136 struct arm920t_common *arm920t = target_to_arm920(target);
137 struct arm_jtag *jtag_info;
138 struct scan_field fields[4];
139 uint8_t access_type_buf = 1;
140 uint8_t reg_addr_buf = reg_addr & 0x3f;
141 uint8_t nr_w_buf = 1;
142 uint8_t value_buf[4];
143 int retval;
144
145 jtag_info = &arm920t->arm7_9_common.jtag_info;
146
147 buf_set_u32(value_buf, 0, 32, value);
148
149 retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
150 if (retval != ERROR_OK)
151 return retval;
152 retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_IDLE);
153 if (retval != ERROR_OK)
154 return retval;
155
156 fields[0].num_bits = 1;
157 fields[0].out_value = &access_type_buf;
158 fields[0].in_value = NULL;
159
160 fields[1].num_bits = 32;
161 fields[1].out_value = value_buf;
162 fields[1].in_value = NULL;
163
164 fields[2].num_bits = 6;
165 fields[2].out_value = &reg_addr_buf;
166 fields[2].in_value = NULL;
167
168 fields[3].num_bits = 1;
169 fields[3].out_value = &nr_w_buf;
170 fields[3].in_value = NULL;
171
172 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
173
174 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
175 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
176 #endif
177
178 return ERROR_OK;
179 }
180
181 /* See table 9-10 for scan chain 15 format during interpreted access mode.
182 * If the TESTSTATE register is set for interpreted access, certain CP15
183 * MRC and MCR instructions may be executed through scan chain 15.
184 *
185 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
186 * executed using scan chain 15 interpreted mode.
187 */
188 static int arm920t_execute_cp15(struct target *target, uint32_t cp15_opcode,
189 uint32_t arm_opcode)
190 {
191 int retval;
192 struct arm920t_common *arm920t = target_to_arm920(target);
193 struct arm_jtag *jtag_info;
194 struct scan_field fields[4];
195 uint8_t access_type_buf = 0; /* interpreted access */
196 uint8_t reg_addr_buf = 0x0;
197 uint8_t nr_w_buf = 0;
198 uint8_t cp15_opcode_buf[4];
199
200 jtag_info = &arm920t->arm7_9_common.jtag_info;
201
202 retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
203 if (retval != ERROR_OK)
204 return retval;
205 retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_IDLE);
206 if (retval != ERROR_OK)
207 return retval;
208
209 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
210
211 fields[0].num_bits = 1;
212 fields[0].out_value = &access_type_buf;
213 fields[0].in_value = NULL;
214
215 fields[1].num_bits = 32;
216 fields[1].out_value = cp15_opcode_buf;
217 fields[1].in_value = NULL;
218
219 fields[2].num_bits = 6;
220 fields[2].out_value = &reg_addr_buf;
221 fields[2].in_value = NULL;
222
223 fields[3].num_bits = 1;
224 fields[3].out_value = &nr_w_buf;
225 fields[3].in_value = NULL;
226
227 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
228
229 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
230 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
231 retval = arm7_9_execute_sys_speed(target);
232 if (retval != ERROR_OK)
233 return retval;
234
235 retval = jtag_execute_queue();
236 if (retval != ERROR_OK) {
237 LOG_ERROR("failed executing JTAG queue");
238 return retval;
239 }
240
241 return ERROR_OK;
242 }
243
244 static int arm920t_read_cp15_interpreted(struct target *target,
245 uint32_t cp15_opcode, uint32_t address, uint32_t *value)
246 {
247 struct arm *arm = target_to_arm(target);
248 uint32_t *regs_p[1];
249 uint32_t regs[2];
250 uint32_t cp15c15 = 0x0;
251 struct reg *r = arm->core_cache->reg_list;
252
253 /* load address into R1 */
254 regs[1] = address;
255 arm9tdmi_write_core_regs(target, 0x2, regs);
256
257 /* read-modify-write CP15 test state register
258 * to enable interpreted access mode */
259 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
260 jtag_execute_queue();
261 cp15c15 |= 1; /* set interpret mode */
262 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
263
264 /* execute CP15 instruction and ARM load (reading from coprocessor) */
265 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
266
267 /* disable interpreted access mode */
268 cp15c15 &= ~1U; /* clear interpret mode */
269 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
270
271 /* retrieve value from R0 */
272 regs_p[0] = value;
273 arm9tdmi_read_core_regs(target, 0x1, regs_p);
274 jtag_execute_queue();
275
276 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
277 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
278 cp15_opcode, address, *value);
279 #endif
280
281 if (!is_arm_mode(arm->core_mode)) {
282 LOG_ERROR("not a valid arm core mode - communication failure?");
283 return ERROR_FAIL;
284 }
285
286 r[0].dirty = true;
287 r[1].dirty = true;
288
289 return ERROR_OK;
290 }
291
292 static
293 int arm920t_write_cp15_interpreted(struct target *target,
294 uint32_t cp15_opcode, uint32_t value, uint32_t address)
295 {
296 uint32_t cp15c15 = 0x0;
297 struct arm *arm = target_to_arm(target);
298 uint32_t regs[2];
299 struct reg *r = arm->core_cache->reg_list;
300
301 /* load value, address into R0, R1 */
302 regs[0] = value;
303 regs[1] = address;
304 arm9tdmi_write_core_regs(target, 0x3, regs);
305
306 /* read-modify-write CP15 test state register
307 * to enable interpreted access mode */
308 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
309 jtag_execute_queue();
310 cp15c15 |= 1; /* set interpret mode */
311 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
312
313 /* execute CP15 instruction and ARM store (writing to coprocessor) */
314 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
315
316 /* disable interpreted access mode */
317 cp15c15 &= ~1U; /* set interpret mode */
318 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
319
320 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
321 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
322 cp15_opcode, value, address);
323 #endif
324
325 if (!is_arm_mode(arm->core_mode)) {
326 LOG_ERROR("not a valid arm core mode - communication failure?");
327 return ERROR_FAIL;
328 }
329
330 r[0].dirty = true;
331 r[1].dirty = true;
332
333 return ERROR_OK;
334 }
335
336 /* EXPORTED to FA256 */
337 int arm920t_get_ttb(struct target *target, uint32_t *result)
338 {
339 int retval;
340 uint32_t ttb = 0x0;
341
342 retval = arm920t_read_cp15_interpreted(target,
343 /* FIXME use opcode macro */
344 0xeebf0f51, 0x0, &ttb);
345 if (retval != ERROR_OK)
346 return retval;
347
348 *result = ttb;
349 return ERROR_OK;
350 }
351
352 /* EXPORTED to FA256 */
353 int arm920t_disable_mmu_caches(struct target *target, int mmu,
354 int d_u_cache, int i_cache)
355 {
356 uint32_t cp15_control;
357 int retval;
358
359 /* read cp15 control register */
360 retval = arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
361 if (retval != ERROR_OK)
362 return retval;
363 retval = jtag_execute_queue();
364 if (retval != ERROR_OK)
365 return retval;
366
367 if (mmu)
368 cp15_control &= ~0x1U;
369
370 if (d_u_cache)
371 cp15_control &= ~0x4U;
372
373 if (i_cache)
374 cp15_control &= ~0x1000U;
375
376 retval = arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
377 return retval;
378 }
379
380 /* EXPORTED to FA256 */
381 int arm920t_enable_mmu_caches(struct target *target, int mmu,
382 int d_u_cache, int i_cache)
383 {
384 uint32_t cp15_control;
385 int retval;
386
387 /* read cp15 control register */
388 retval = arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
389 if (retval != ERROR_OK)
390 return retval;
391 retval = jtag_execute_queue();
392 if (retval != ERROR_OK)
393 return retval;
394
395 if (mmu)
396 cp15_control |= 0x1U;
397
398 if (d_u_cache)
399 cp15_control |= 0x4U;
400
401 if (i_cache)
402 cp15_control |= 0x1000U;
403
404 retval = arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
405 return retval;
406 }
407
408 /* EXPORTED to FA256 */
409 int arm920t_post_debug_entry(struct target *target)
410 {
411 uint32_t cp15c15;
412 struct arm920t_common *arm920t = target_to_arm920(target);
413 int retval;
414
415 /* examine cp15 control reg */
416 retval = arm920t_read_cp15_physical(target,
417 CP15PHYS_CTRL, &arm920t->cp15_control_reg);
418 if (retval != ERROR_OK)
419 return retval;
420 retval = jtag_execute_queue();
421 if (retval != ERROR_OK)
422 return retval;
423 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32, arm920t->cp15_control_reg);
424
425 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1) {
426 uint32_t cache_type_reg;
427 /* identify caches */
428 retval = arm920t_read_cp15_physical(target,
429 CP15PHYS_CACHETYPE, &cache_type_reg);
430 if (retval != ERROR_OK)
431 return retval;
432 retval = jtag_execute_queue();
433 if (retval != ERROR_OK)
434 return retval;
435 armv4_5_identify_cache(cache_type_reg,
436 &arm920t->armv4_5_mmu.armv4_5_cache);
437 }
438
439 arm920t->armv4_5_mmu.mmu_enabled =
440 (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
441 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled =
442 (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
443 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled =
444 (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
445
446 /* save i/d fault status and address register
447 * FIXME use opcode macros */
448 retval = arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
449 if (retval != ERROR_OK)
450 return retval;
451 retval = arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
452 if (retval != ERROR_OK)
453 return retval;
454 retval = arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
455 if (retval != ERROR_OK)
456 return retval;
457 retval = arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
458 if (retval != ERROR_OK)
459 return retval;
460
461 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32
462 ", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32,
463 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
464
465 if (arm920t->preserve_cache) {
466 /* read-modify-write CP15 test state register
467 * to disable I/D-cache linefills */
468 retval = arm920t_read_cp15_physical(target,
469 CP15PHYS_TESTSTATE, &cp15c15);
470 if (retval != ERROR_OK)
471 return retval;
472 retval = jtag_execute_queue();
473 if (retval != ERROR_OK)
474 return retval;
475 cp15c15 |= 0x600;
476 retval = arm920t_write_cp15_physical(target,
477 CP15PHYS_TESTSTATE, cp15c15);
478 if (retval != ERROR_OK)
479 return retval;
480 }
481 return ERROR_OK;
482 }
483
484 /* EXPORTED to FA256 */
485 void arm920t_pre_restore_context(struct target *target)
486 {
487 uint32_t cp15c15 = 0;
488 struct arm920t_common *arm920t = target_to_arm920(target);
489
490 /* restore i/d fault status and address register */
491 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
492 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
493 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
494 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
495
496 /* read-modify-write CP15 test state register
497 * to reenable I/D-cache linefills */
498 if (arm920t->preserve_cache) {
499 arm920t_read_cp15_physical(target,
500 CP15PHYS_TESTSTATE, &cp15c15);
501 jtag_execute_queue();
502 cp15c15 &= ~0x600U;
503 arm920t_write_cp15_physical(target,
504 CP15PHYS_TESTSTATE, cp15c15);
505 }
506 }
507
508 static const char arm920_not[] = "target is not an ARM920";
509
510 static int arm920t_verify_pointer(struct command_invocation *cmd,
511 struct arm920t_common *arm920t)
512 {
513 if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
514 command_print(cmd, arm920_not);
515 return ERROR_TARGET_INVALID;
516 }
517
518 return ERROR_OK;
519 }
520
521 /** Logs summary of ARM920 state for a halted target. */
522 int arm920t_arch_state(struct target *target)
523 {
524 static const char *state[] = {
525 "disabled", "enabled"
526 };
527
528 struct arm920t_common *arm920t = target_to_arm920(target);
529
530 if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
531 LOG_ERROR("BUG: %s", arm920_not);
532 return ERROR_TARGET_INVALID;
533 }
534
535 arm_arch_state(target);
536 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
537 state[arm920t->armv4_5_mmu.mmu_enabled],
538 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
539 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
540
541 return ERROR_OK;
542 }
543
544 static int arm920_mmu(struct target *target, int *enabled)
545 {
546 if (target->state != TARGET_HALTED) {
547 LOG_ERROR("%s: target not halted", __func__);
548 return ERROR_TARGET_INVALID;
549 }
550
551 *enabled = target_to_arm920(target)->armv4_5_mmu.mmu_enabled;
552 return ERROR_OK;
553 }
554
555 static int arm920_virt2phys(struct target *target,
556 target_addr_t virt, target_addr_t *phys)
557 {
558 uint32_t cb;
559 struct arm920t_common *arm920t = target_to_arm920(target);
560
561 uint32_t ret;
562 int retval = armv4_5_mmu_translate_va(target,
563 &arm920t->armv4_5_mmu, virt, &cb, &ret);
564 if (retval != ERROR_OK)
565 return retval;
566 *phys = ret;
567 return ERROR_OK;
568 }
569
570 /** Reads a buffer, in the specified word size, with current MMU settings. */
571 int arm920t_read_memory(struct target *target, target_addr_t address,
572 uint32_t size, uint32_t count, uint8_t *buffer)
573 {
574 int retval;
575
576 retval = arm7_9_read_memory(target, address, size, count, buffer);
577
578 return retval;
579 }
580
581
582 static int arm920t_read_phys_memory(struct target *target,
583 target_addr_t address, uint32_t size,
584 uint32_t count, uint8_t *buffer)
585 {
586 struct arm920t_common *arm920t = target_to_arm920(target);
587
588 return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu,
589 address, size, count, buffer);
590 }
591
592 static int arm920t_write_phys_memory(struct target *target,
593 target_addr_t address, uint32_t size,
594 uint32_t count, const uint8_t *buffer)
595 {
596 struct arm920t_common *arm920t = target_to_arm920(target);
597
598 return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu,
599 address, size, count, buffer);
600 }
601
602 /** Writes a buffer, in the specified word size, with current MMU settings. */
603 int arm920t_write_memory(struct target *target, target_addr_t address,
604 uint32_t size, uint32_t count, const uint8_t *buffer)
605 {
606 int retval;
607 const uint32_t cache_mask = ~0x1f; /* cache line size : 32 byte */
608 struct arm920t_common *arm920t = target_to_arm920(target);
609
610 /* FIX!!!! this should be cleaned up and made much more general. The
611 * plan is to write up and test on arm920t specifically and
612 * then generalize and clean up afterwards.
613 *
614 * Also it should be moved to the callbacks that handle breakpoints
615 * specifically and not the generic memory write fn's. See XScale code.
616 */
617 if (arm920t->armv4_5_mmu.mmu_enabled && (count == 1) &&
618 ((size == 2) || (size == 4))) {
619 /* special case the handling of single word writes to
620 * bypass MMU, to allow implementation of breakpoints
621 * in memory marked read only
622 * by MMU
623 */
624 uint32_t cb;
625 uint32_t pa;
626
627 /*
628 * We need physical address and cb
629 */
630 retval = armv4_5_mmu_translate_va(target, &arm920t->armv4_5_mmu,
631 address, &cb, &pa);
632 if (retval != ERROR_OK)
633 return retval;
634
635 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled) {
636 if (cb & 0x1) {
637 LOG_DEBUG("D-Cache buffered, "
638 "drain write buffer");
639 /*
640 * Buffered ?
641 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
642 */
643
644 retval = arm920t_write_cp15_interpreted(target,
645 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
646 0x0, 0);
647 if (retval != ERROR_OK)
648 return retval;
649 }
650
651 if (cb == 0x3) {
652 /*
653 * Write back memory ? -> clean cache
654 *
655 * There is no way to clean cache lines using
656 * cp15 scan chain, so copy the full cache
657 * line from cache to physical memory.
658 */
659 uint8_t data[32];
660
661 LOG_DEBUG("D-Cache in 'write back' mode, "
662 "flush cache line");
663
664 retval = target_read_memory(target,
665 address & cache_mask, 1,
666 sizeof(data), &data[0]);
667 if (retval != ERROR_OK)
668 return retval;
669
670 retval = armv4_5_mmu_write_physical(target,
671 &arm920t->armv4_5_mmu,
672 pa & cache_mask, 1,
673 sizeof(data), &data[0]);
674 if (retval != ERROR_OK)
675 return retval;
676 }
677
678 /* Cached ? */
679 if (cb & 0x2) {
680 /*
681 * Cached ? -> Invalidate data cache using MVA
682 *
683 * MCR p15,0,Rd,c7,c6,1
684 */
685 LOG_DEBUG("D-Cache enabled, "
686 "invalidate cache line");
687
688 retval = arm920t_write_cp15_interpreted(target,
689 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
690 address & cache_mask);
691 if (retval != ERROR_OK)
692 return retval;
693 }
694 }
695
696 /* write directly to physical memory,
697 * bypassing any read only MMU bits, etc.
698 */
699 retval = armv4_5_mmu_write_physical(target,
700 &arm920t->armv4_5_mmu, pa, size,
701 count, buffer);
702 if (retval != ERROR_OK)
703 return retval;
704 } else {
705 retval = arm7_9_write_memory(target, address, size, count, buffer);
706 if (retval != ERROR_OK)
707 return retval;
708 }
709
710 /* If ICache is enabled, we have to invalidate affected ICache lines
711 * the DCache is forced to write-through,
712 * so we don't have to clean it here
713 */
714 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled) {
715 if (count <= 1) {
716 /* invalidate ICache single entry with MVA
717 * mcr 15, 0, r0, cr7, cr5, {1}
718 */
719 LOG_DEBUG("I-Cache enabled, "
720 "invalidating affected I-Cache line");
721 retval = arm920t_write_cp15_interpreted(target,
722 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
723 0x0, address & cache_mask);
724 if (retval != ERROR_OK)
725 return retval;
726 } else {
727 /* invalidate ICache
728 * mcr 15, 0, r0, cr7, cr5, {0}
729 */
730 retval = arm920t_write_cp15_interpreted(target,
731 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
732 0x0, 0x0);
733 if (retval != ERROR_OK)
734 return retval;
735 }
736 }
737
738 return ERROR_OK;
739 }
740
741 /* EXPORTED to FA256 */
742 int arm920t_soft_reset_halt(struct target *target)
743 {
744 int retval = ERROR_OK;
745 struct arm920t_common *arm920t = target_to_arm920(target);
746 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
747 struct arm *arm = &arm7_9->arm;
748 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
749
750 retval = target_halt(target);
751 if (retval != ERROR_OK)
752 return retval;
753
754 int64_t then = timeval_ms();
755 bool timeout;
756 while (!(timeout = ((timeval_ms()-then) > 1000))) {
757 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0) {
758 embeddedice_read_reg(dbg_stat);
759 retval = jtag_execute_queue();
760 if (retval != ERROR_OK)
761 return retval;
762 } else
763 break;
764 if (debug_level >= 3) {
765 /* do not eat all CPU, time out after 1 se*/
766 alive_sleep(100);
767 } else
768 keep_alive();
769 }
770 if (timeout) {
771 LOG_ERROR("Failed to halt CPU after 1 sec");
772 return ERROR_TARGET_TIMEOUT;
773 }
774
775 target->state = TARGET_HALTED;
776
777 /* SVC, ARM state, IRQ and FIQ disabled */
778 uint32_t cpsr;
779
780 cpsr = buf_get_u32(arm->cpsr->value, 0, 32);
781 cpsr &= ~0xff;
782 cpsr |= 0xd3;
783 arm_set_cpsr(arm, cpsr);
784 arm->cpsr->dirty = true;
785
786 /* start fetching from 0x0 */
787 buf_set_u32(arm->pc->value, 0, 32, 0x0);
788 arm->pc->dirty = true;
789 arm->pc->valid = true;
790
791 arm920t_disable_mmu_caches(target, 1, 1, 1);
792 arm920t->armv4_5_mmu.mmu_enabled = 0;
793 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
794 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
795
796 return target_call_event_callbacks(target, TARGET_EVENT_HALTED);
797 }
798
799 /* FIXME remove forward decls */
800 static int arm920t_mrc(struct target *target, int cpnum,
801 uint32_t op1, uint32_t op2,
802 uint32_t CRn, uint32_t CRm,
803 uint32_t *value);
804 static int arm920t_mcr(struct target *target, int cpnum,
805 uint32_t op1, uint32_t op2,
806 uint32_t CRn, uint32_t CRm,
807 uint32_t value);
808
809 static int arm920t_init_arch_info(struct target *target,
810 struct arm920t_common *arm920t, struct jtag_tap *tap)
811 {
812 struct arm7_9_common *arm7_9 = &arm920t->arm7_9_common;
813
814 arm7_9->arm.mrc = arm920t_mrc;
815 arm7_9->arm.mcr = arm920t_mcr;
816
817 /* initialize arm7/arm9 specific info (including armv4_5) */
818 arm9tdmi_init_arch_info(target, arm7_9, tap);
819
820 arm920t->common_magic = ARM920T_COMMON_MAGIC;
821
822 arm7_9->post_debug_entry = arm920t_post_debug_entry;
823 arm7_9->pre_restore_context = arm920t_pre_restore_context;
824 arm7_9->write_memory = arm920t_write_memory;
825
826 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
827 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
828 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
829 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
830 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
831 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
832 arm920t->armv4_5_mmu.has_tiny_pages = 1;
833 arm920t->armv4_5_mmu.mmu_enabled = 0;
834
835 /* disabling linefills leads to lockups, so keep them enabled for now
836 * this doesn't affect correctness, but might affect timing issues, if
837 * important data is evicted from the cache during the debug session
838 * */
839 arm920t->preserve_cache = 0;
840
841 /* override hw single-step capability from ARM9TDMI */
842 arm7_9->has_single_step = 1;
843
844 return ERROR_OK;
845 }
846
847 static int arm920t_target_create(struct target *target, Jim_Interp *interp)
848 {
849 struct arm920t_common *arm920t;
850
851 arm920t = calloc(1, sizeof(struct arm920t_common));
852 return arm920t_init_arch_info(target, arm920t, target->tap);
853 }
854
855 static void arm920t_deinit_target(struct target *target)
856 {
857 struct arm *arm = target_to_arm(target);
858 struct arm920t_common *arm920t = target_to_arm920(target);
859
860 arm7_9_deinit(target);
861 arm_free_reg_cache(arm);
862 free(arm920t);
863 }
864
865 COMMAND_HANDLER(arm920t_handle_read_cache_command)
866 {
867 int retval = ERROR_OK;
868 struct target *target = get_current_target(CMD_CTX);
869 struct arm920t_common *arm920t = target_to_arm920(target);
870 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
871 struct arm *arm = &arm7_9->arm;
872 uint32_t cp15c15;
873 uint32_t cp15_ctrl, cp15_ctrl_saved;
874 uint32_t regs[16];
875 uint32_t *regs_p[16];
876 uint32_t C15_C_D_Ind, C15_C_I_Ind;
877 int i;
878 FILE *output;
879 int segment, index_t;
880 struct reg *r;
881
882 retval = arm920t_verify_pointer(CMD, arm920t);
883 if (retval != ERROR_OK)
884 return retval;
885
886 if (CMD_ARGC != 1)
887 return ERROR_COMMAND_SYNTAX_ERROR;
888
889 output = fopen(CMD_ARGV[0], "w");
890 if (output == NULL) {
891 LOG_DEBUG("error opening cache content file");
892 return ERROR_OK;
893 }
894
895 for (i = 0; i < 16; i++)
896 regs_p[i] = &regs[i];
897
898 /* disable MMU and Caches */
899 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
900 retval = jtag_execute_queue();
901 if (retval != ERROR_OK)
902 return retval;
903 cp15_ctrl_saved = cp15_ctrl;
904 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED
905 | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
906 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
907
908 /* read CP15 test state register */
909 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
910 jtag_execute_queue();
911
912 /* read DCache content */
913 fprintf(output, "DCache:\n");
914
915 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
916 for (segment = 0;
917 segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;
918 segment++) {
919 fprintf(output, "\nsegment: %i\n----------", segment);
920
921 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
922 regs[0] = 0x0 | (segment << 5);
923 arm9tdmi_write_core_regs(target, 0x1, regs);
924
925 /* set interpret mode */
926 cp15c15 |= 0x1;
927 arm920t_write_cp15_physical(target,
928 CP15PHYS_TESTSTATE, cp15c15);
929
930 /* D CAM Read, loads current victim into C15.C.D.Ind */
931 arm920t_execute_cp15(target,
932 ARMV4_5_MCR(15, 2, 0, 15, 6, 2), ARMV4_5_LDR(1, 0));
933
934 /* read current victim */
935 arm920t_read_cp15_physical(target,
936 CP15PHYS_DCACHE_IDX, &C15_C_D_Ind);
937
938 /* clear interpret mode */
939 cp15c15 &= ~0x1;
940 arm920t_write_cp15_physical(target,
941 CP15PHYS_TESTSTATE, cp15c15);
942
943 for (index_t = 0; index_t < 64; index_t++) {
944 /* Ra:
945 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
946 */
947 regs[0] = 0x0 | (segment << 5) | (index_t << 26);
948 arm9tdmi_write_core_regs(target, 0x1, regs);
949
950 /* set interpret mode */
951 cp15c15 |= 0x1;
952 arm920t_write_cp15_physical(target,
953 CP15PHYS_TESTSTATE, cp15c15);
954
955 /* Write DCache victim */
956 arm920t_execute_cp15(target,
957 ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));
958
959 /* Read D RAM */
960 arm920t_execute_cp15(target,
961 ARMV4_5_MCR(15, 2, 0, 15, 10, 2),
962 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
963
964 /* Read D CAM */
965 arm920t_execute_cp15(target,
966 ARMV4_5_MCR(15, 2, 0, 15, 6, 2),
967 ARMV4_5_LDR(9, 0));
968
969 /* clear interpret mode */
970 cp15c15 &= ~0x1;
971 arm920t_write_cp15_physical(target,
972 CP15PHYS_TESTSTATE, cp15c15);
973
974 /* read D RAM and CAM content */
975 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
976 retval = jtag_execute_queue();
977 if (retval != ERROR_OK)
978 return retval;
979
980 /* mask LFSR[6] */
981 regs[9] &= 0xfffffffe;
982 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8"
983 PRIx32 ", content (%s):\n",
984 segment, index_t, regs[9],
985 (regs[9] & 0x10) ? "valid" : "invalid");
986
987 for (i = 1; i < 9; i++) {
988 fprintf(output, "%i: 0x%8.8" PRIx32 "\n",
989 i-1, regs[i]);
990 }
991
992 }
993
994 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
995 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
996 arm9tdmi_write_core_regs(target, 0x1, regs);
997
998 /* set interpret mode */
999 cp15c15 |= 0x1;
1000 arm920t_write_cp15_physical(target,
1001 CP15PHYS_TESTSTATE, cp15c15);
1002
1003 /* Write DCache victim */
1004 arm920t_execute_cp15(target,
1005 ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));
1006
1007 /* clear interpret mode */
1008 cp15c15 &= ~0x1;
1009 arm920t_write_cp15_physical(target,
1010 CP15PHYS_TESTSTATE, cp15c15);
1011 }
1012
1013 /* read ICache content */
1014 fprintf(output, "ICache:\n");
1015
1016 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
1017 for (segment = 0;
1018 segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;
1019 segment++) {
1020 fprintf(output, "segment: %i\n----------", segment);
1021
1022 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1023 regs[0] = 0x0 | (segment << 5);
1024 arm9tdmi_write_core_regs(target, 0x1, regs);
1025
1026 /* set interpret mode */
1027 cp15c15 |= 0x1;
1028 arm920t_write_cp15_physical(target,
1029 CP15PHYS_TESTSTATE, cp15c15);
1030
1031 /* I CAM Read, loads current victim into C15.C.I.Ind */
1032 arm920t_execute_cp15(target,
1033 ARMV4_5_MCR(15, 2, 0, 15, 5, 2), ARMV4_5_LDR(1, 0));
1034
1035 /* read current victim */
1036 arm920t_read_cp15_physical(target, CP15PHYS_ICACHE_IDX,
1037 &C15_C_I_Ind);
1038
1039 /* clear interpret mode */
1040 cp15c15 &= ~0x1;
1041 arm920t_write_cp15_physical(target,
1042 CP15PHYS_TESTSTATE, cp15c15);
1043
1044 for (index_t = 0; index_t < 64; index_t++) {
1045 /* Ra:
1046 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1047 */
1048 regs[0] = 0x0 | (segment << 5) | (index_t << 26);
1049 arm9tdmi_write_core_regs(target, 0x1, regs);
1050
1051 /* set interpret mode */
1052 cp15c15 |= 0x1;
1053 arm920t_write_cp15_physical(target,
1054 CP15PHYS_TESTSTATE, cp15c15);
1055
1056 /* Write ICache victim */
1057 arm920t_execute_cp15(target,
1058 ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));
1059
1060 /* Read I RAM */
1061 arm920t_execute_cp15(target,
1062 ARMV4_5_MCR(15, 2, 0, 15, 9, 2),
1063 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1064
1065 /* Read I CAM */
1066 arm920t_execute_cp15(target,
1067 ARMV4_5_MCR(15, 2, 0, 15, 5, 2),
1068 ARMV4_5_LDR(9, 0));
1069
1070 /* clear interpret mode */
1071 cp15c15 &= ~0x1;
1072 arm920t_write_cp15_physical(target,
1073 CP15PHYS_TESTSTATE, cp15c15);
1074
1075 /* read I RAM and CAM content */
1076 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
1077 retval = jtag_execute_queue();
1078 if (retval != ERROR_OK)
1079 return retval;
1080
1081 /* mask LFSR[6] */
1082 regs[9] &= 0xfffffffe;
1083 fprintf(output, "\nsegment: %i, index: %i, "
1084 "CAM: 0x%8.8" PRIx32 ", content (%s):\n",
1085 segment, index_t, regs[9],
1086 (regs[9] & 0x10) ? "valid" : "invalid");
1087
1088 for (i = 1; i < 9; i++) {
1089 fprintf(output, "%i: 0x%8.8" PRIx32 "\n",
1090 i-1, regs[i]);
1091 }
1092 }
1093
1094 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1095 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
1096 arm9tdmi_write_core_regs(target, 0x1, regs);
1097
1098 /* set interpret mode */
1099 cp15c15 |= 0x1;
1100 arm920t_write_cp15_physical(target,
1101 CP15PHYS_TESTSTATE, cp15c15);
1102
1103 /* Write ICache victim */
1104 arm920t_execute_cp15(target,
1105 ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));
1106
1107 /* clear interpret mode */
1108 cp15c15 &= ~0x1;
1109 arm920t_write_cp15_physical(target,
1110 CP15PHYS_TESTSTATE, cp15c15);
1111 }
1112
1113 /* restore CP15 MMU and Cache settings */
1114 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1115
1116 command_print(CMD, "cache content successfully output to %s",
1117 CMD_ARGV[0]);
1118
1119 fclose(output);
1120
1121 if (!is_arm_mode(arm->core_mode)) {
1122 LOG_ERROR("not a valid arm core mode - communication failure?");
1123 return ERROR_FAIL;
1124 }
1125
1126 /* force writeback of the valid data */
1127 r = arm->core_cache->reg_list;
1128 r[0].dirty = r[0].valid;
1129 r[1].dirty = r[1].valid;
1130 r[2].dirty = r[2].valid;
1131 r[3].dirty = r[3].valid;
1132 r[4].dirty = r[4].valid;
1133 r[5].dirty = r[5].valid;
1134 r[6].dirty = r[6].valid;
1135 r[7].dirty = r[7].valid;
1136
1137 r = arm_reg_current(arm, 8);
1138 r->dirty = r->valid;
1139
1140 r = arm_reg_current(arm, 9);
1141 r->dirty = r->valid;
1142
1143 return ERROR_OK;
1144 }
1145
1146 COMMAND_HANDLER(arm920t_handle_read_mmu_command)
1147 {
1148 int retval = ERROR_OK;
1149 struct target *target = get_current_target(CMD_CTX);
1150 struct arm920t_common *arm920t = target_to_arm920(target);
1151 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1152 struct arm *arm = &arm7_9->arm;
1153 uint32_t cp15c15;
1154 uint32_t cp15_ctrl, cp15_ctrl_saved;
1155 uint32_t regs[16];
1156 uint32_t *regs_p[16];
1157 int i;
1158 FILE *output;
1159 uint32_t Dlockdown, Ilockdown;
1160 struct arm920t_tlb_entry d_tlb[64], i_tlb[64];
1161 int victim;
1162 struct reg *r;
1163
1164 retval = arm920t_verify_pointer(CMD, arm920t);
1165 if (retval != ERROR_OK)
1166 return retval;
1167
1168 if (CMD_ARGC != 1)
1169 return ERROR_COMMAND_SYNTAX_ERROR;
1170
1171 output = fopen(CMD_ARGV[0], "w");
1172 if (output == NULL) {
1173 LOG_DEBUG("error opening mmu content file");
1174 return ERROR_OK;
1175 }
1176
1177 for (i = 0; i < 16; i++)
1178 regs_p[i] = &regs[i];
1179
1180 /* disable MMU and Caches */
1181 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
1182 retval = jtag_execute_queue();
1183 if (retval != ERROR_OK)
1184 return retval;
1185 cp15_ctrl_saved = cp15_ctrl;
1186 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED
1187 | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
1188 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
1189
1190 /* read CP15 test state register */
1191 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
1192 retval = jtag_execute_queue();
1193 if (retval != ERROR_OK)
1194 return retval;
1195
1196 /* prepare reading D TLB content
1197 * */
1198
1199 /* set interpret mode */
1200 cp15c15 |= 0x1;
1201 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1202
1203 /* Read D TLB lockdown */
1204 arm920t_execute_cp15(target,
1205 ARMV4_5_MRC(15, 0, 0, 10, 0, 0), ARMV4_5_LDR(1, 0));
1206
1207 /* clear interpret mode */
1208 cp15c15 &= ~0x1;
1209 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1210
1211 /* read D TLB lockdown stored to r1 */
1212 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1213 retval = jtag_execute_queue();
1214 if (retval != ERROR_OK)
1215 return retval;
1216 Dlockdown = regs[1];
1217
1218 for (victim = 0; victim < 64; victim += 8) {
1219 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1220 * base remains unchanged, victim goes through entries 0 to 63
1221 */
1222 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1223 arm9tdmi_write_core_regs(target, 0x2, regs);
1224
1225 /* set interpret mode */
1226 cp15c15 |= 0x1;
1227 arm920t_write_cp15_physical(target,
1228 CP15PHYS_TESTSTATE, cp15c15);
1229
1230 /* Write D TLB lockdown */
1231 arm920t_execute_cp15(target,
1232 ARMV4_5_MCR(15, 0, 0, 10, 0, 0),
1233 ARMV4_5_STR(1, 0));
1234
1235 /* Read D TLB CAM */
1236 arm920t_execute_cp15(target,
1237 ARMV4_5_MCR(15, 4, 0, 15, 6, 4),
1238 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1239
1240 /* clear interpret mode */
1241 cp15c15 &= ~0x1;
1242 arm920t_write_cp15_physical(target,
1243 CP15PHYS_TESTSTATE, cp15c15);
1244
1245 /* read D TLB CAM content stored to r2-r9 */
1246 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1247 retval = jtag_execute_queue();
1248 if (retval != ERROR_OK)
1249 return retval;
1250
1251 for (i = 0; i < 8; i++)
1252 d_tlb[victim + i].cam = regs[i + 2];
1253 }
1254
1255 for (victim = 0; victim < 64; victim++) {
1256 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1257 * base remains unchanged, victim goes through entries 0 to 63
1258 */
1259 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1260 arm9tdmi_write_core_regs(target, 0x2, regs);
1261
1262 /* set interpret mode */
1263 cp15c15 |= 0x1;
1264 arm920t_write_cp15_physical(target,
1265 CP15PHYS_TESTSTATE, cp15c15);
1266
1267 /* Write D TLB lockdown */
1268 arm920t_execute_cp15(target,
1269 ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));
1270
1271 /* Read D TLB RAM1 */
1272 arm920t_execute_cp15(target,
1273 ARMV4_5_MCR(15, 4, 0, 15, 10, 4), ARMV4_5_LDR(2, 0));
1274
1275 /* Read D TLB RAM2 */
1276 arm920t_execute_cp15(target,
1277 ARMV4_5_MCR(15, 4, 0, 15, 2, 5), ARMV4_5_LDR(3, 0));
1278
1279 /* clear interpret mode */
1280 cp15c15 &= ~0x1;
1281 arm920t_write_cp15_physical(target,
1282 CP15PHYS_TESTSTATE, cp15c15);
1283
1284 /* read D TLB RAM content stored to r2 and r3 */
1285 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1286 retval = jtag_execute_queue();
1287 if (retval != ERROR_OK)
1288 return retval;
1289
1290 d_tlb[victim].ram1 = regs[2];
1291 d_tlb[victim].ram2 = regs[3];
1292 }
1293
1294 /* restore D TLB lockdown */
1295 regs[1] = Dlockdown;
1296 arm9tdmi_write_core_regs(target, 0x2, regs);
1297
1298 /* Write D TLB lockdown */
1299 arm920t_execute_cp15(target,
1300 ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));
1301
1302 /* prepare reading I TLB content
1303 * */
1304
1305 /* set interpret mode */
1306 cp15c15 |= 0x1;
1307 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1308
1309 /* Read I TLB lockdown */
1310 arm920t_execute_cp15(target,
1311 ARMV4_5_MRC(15, 0, 0, 10, 0, 1), ARMV4_5_LDR(1, 0));
1312
1313 /* clear interpret mode */
1314 cp15c15 &= ~0x1;
1315 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1316
1317 /* read I TLB lockdown stored to r1 */
1318 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1319 retval = jtag_execute_queue();
1320 if (retval != ERROR_OK)
1321 return retval;
1322 Ilockdown = regs[1];
1323
1324 for (victim = 0; victim < 64; victim += 8) {
1325 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1326 * base remains unchanged, victim goes through entries 0 to 63
1327 */
1328 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1329 arm9tdmi_write_core_regs(target, 0x2, regs);
1330
1331 /* set interpret mode */
1332 cp15c15 |= 0x1;
1333 arm920t_write_cp15_physical(target,
1334 CP15PHYS_TESTSTATE, cp15c15);
1335
1336 /* Write I TLB lockdown */
1337 arm920t_execute_cp15(target,
1338 ARMV4_5_MCR(15, 0, 0, 10, 0, 1),
1339 ARMV4_5_STR(1, 0));
1340
1341 /* Read I TLB CAM */
1342 arm920t_execute_cp15(target,
1343 ARMV4_5_MCR(15, 4, 0, 15, 5, 4),
1344 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1345
1346 /* clear interpret mode */
1347 cp15c15 &= ~0x1;
1348 arm920t_write_cp15_physical(target,
1349 CP15PHYS_TESTSTATE, cp15c15);
1350
1351 /* read I TLB CAM content stored to r2-r9 */
1352 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1353 retval = jtag_execute_queue();
1354 if (retval != ERROR_OK)
1355 return retval;
1356
1357 for (i = 0; i < 8; i++)
1358 i_tlb[i + victim].cam = regs[i + 2];
1359 }
1360
1361 for (victim = 0; victim < 64; victim++) {
1362 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1363 * base remains unchanged, victim goes through entries 0 to 63
1364 */
1365 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1366 arm9tdmi_write_core_regs(target, 0x2, regs);
1367
1368 /* set interpret mode */
1369 cp15c15 |= 0x1;
1370 arm920t_write_cp15_physical(target,
1371 CP15PHYS_TESTSTATE, cp15c15);
1372
1373 /* Write I TLB lockdown */
1374 arm920t_execute_cp15(target,
1375 ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));
1376
1377 /* Read I TLB RAM1 */
1378 arm920t_execute_cp15(target,
1379 ARMV4_5_MCR(15, 4, 0, 15, 9, 4), ARMV4_5_LDR(2, 0));
1380
1381 /* Read I TLB RAM2 */
1382 arm920t_execute_cp15(target,
1383 ARMV4_5_MCR(15, 4, 0, 15, 1, 5), ARMV4_5_LDR(3, 0));
1384
1385 /* clear interpret mode */
1386 cp15c15 &= ~0x1;
1387 arm920t_write_cp15_physical(target,
1388 CP15PHYS_TESTSTATE, cp15c15);
1389
1390 /* read I TLB RAM content stored to r2 and r3 */
1391 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1392 retval = jtag_execute_queue();
1393 if (retval != ERROR_OK)
1394 return retval;
1395
1396 i_tlb[victim].ram1 = regs[2];
1397 i_tlb[victim].ram2 = regs[3];
1398 }
1399
1400 /* restore I TLB lockdown */
1401 regs[1] = Ilockdown;
1402 arm9tdmi_write_core_regs(target, 0x2, regs);
1403
1404 /* Write I TLB lockdown */
1405 arm920t_execute_cp15(target,
1406 ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));
1407
1408 /* restore CP15 MMU and Cache settings */
1409 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1410
1411 /* output data to file */
1412 fprintf(output, "D TLB content:\n");
1413 for (i = 0; i < 64; i++) {
1414 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32
1415 " 0x%8.8" PRIx32 " %s\n",
1416 i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2,
1417 (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1418 }
1419
1420 fprintf(output, "\n\nI TLB content:\n");
1421 for (i = 0; i < 64; i++) {
1422 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32
1423 " 0x%8.8" PRIx32 " %s\n",
1424 i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2,
1425 (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1426 }
1427
1428 command_print(CMD, "mmu content successfully output to %s",
1429 CMD_ARGV[0]);
1430
1431 fclose(output);
1432
1433 if (!is_arm_mode(arm->core_mode)) {
1434 LOG_ERROR("not a valid arm core mode - communication failure?");
1435 return ERROR_FAIL;
1436 }
1437
1438 /* force writeback of the valid data */
1439 r = arm->core_cache->reg_list;
1440 r[0].dirty = r[0].valid;
1441 r[1].dirty = r[1].valid;
1442 r[2].dirty = r[2].valid;
1443 r[3].dirty = r[3].valid;
1444 r[4].dirty = r[4].valid;
1445 r[5].dirty = r[5].valid;
1446 r[6].dirty = r[6].valid;
1447 r[7].dirty = r[7].valid;
1448
1449 r = arm_reg_current(arm, 8);
1450 r->dirty = r->valid;
1451
1452 r = arm_reg_current(arm, 9);
1453 r->dirty = r->valid;
1454
1455 return ERROR_OK;
1456 }
1457
1458 COMMAND_HANDLER(arm920t_handle_cp15_command)
1459 {
1460 int retval;
1461 struct target *target = get_current_target(CMD_CTX);
1462 struct arm920t_common *arm920t = target_to_arm920(target);
1463
1464 retval = arm920t_verify_pointer(CMD, arm920t);
1465 if (retval != ERROR_OK)
1466 return retval;
1467
1468 if (target->state != TARGET_HALTED) {
1469 command_print(CMD, "target must be stopped for "
1470 "\"%s\" command", CMD_NAME);
1471 return ERROR_OK;
1472 }
1473
1474 /* one argument, read a register.
1475 * two arguments, write it.
1476 */
1477 if (CMD_ARGC >= 1) {
1478 int address;
1479 COMMAND_PARSE_NUMBER(int, CMD_ARGV[0], address);
1480
1481 if (CMD_ARGC == 1) {
1482 uint32_t value;
1483 retval = arm920t_read_cp15_physical(target, address, &value);
1484 if (retval != ERROR_OK) {
1485 command_print(CMD,
1486 "couldn't access reg %i", address);
1487 return ERROR_OK;
1488 }
1489 retval = jtag_execute_queue();
1490 if (retval != ERROR_OK)
1491 return retval;
1492
1493 command_print(CMD, "%i: %8.8" PRIx32,
1494 address, value);
1495 } else if (CMD_ARGC == 2) {
1496 uint32_t value;
1497 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1498 retval = arm920t_write_cp15_physical(target,
1499 address, value);
1500 if (retval != ERROR_OK) {
1501 command_print(CMD,
1502 "couldn't access reg %i", address);
1503 /* REVISIT why lie? "return retval"? */
1504 return ERROR_OK;
1505 }
1506 command_print(CMD, "%i: %8.8" PRIx32,
1507 address, value);
1508 }
1509 }
1510
1511 return ERROR_OK;
1512 }
1513
1514 COMMAND_HANDLER(arm920t_handle_cp15i_command)
1515 {
1516 int retval;
1517 struct target *target = get_current_target(CMD_CTX);
1518 struct arm920t_common *arm920t = target_to_arm920(target);
1519
1520 retval = arm920t_verify_pointer(CMD, arm920t);
1521 if (retval != ERROR_OK)
1522 return retval;
1523
1524
1525 if (target->state != TARGET_HALTED) {
1526 command_print(CMD, "target must be stopped for "
1527 "\"%s\" command", CMD_NAME);
1528 return ERROR_OK;
1529 }
1530
1531 /* one argument, read a register.
1532 * two arguments, write it.
1533 */
1534 if (CMD_ARGC >= 1) {
1535 uint32_t opcode;
1536 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], opcode);
1537
1538 if (CMD_ARGC == 1) {
1539 uint32_t value;
1540 retval = arm920t_read_cp15_interpreted(target,
1541 opcode, 0x0, &value);
1542 if (retval != ERROR_OK) {
1543 command_print(CMD,
1544 "couldn't execute %8.8" PRIx32,
1545 opcode);
1546 /* REVISIT why lie? "return retval"? */
1547 return ERROR_OK;
1548 }
1549
1550 command_print(CMD, "%8.8" PRIx32 ": %8.8" PRIx32,
1551 opcode, value);
1552 } else if (CMD_ARGC == 2) {
1553 uint32_t value;
1554 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1555 retval = arm920t_write_cp15_interpreted(target,
1556 opcode, value, 0);
1557 if (retval != ERROR_OK) {
1558 command_print(CMD,
1559 "couldn't execute %8.8" PRIx32,
1560 opcode);
1561 /* REVISIT why lie? "return retval"? */
1562 return ERROR_OK;
1563 }
1564 command_print(CMD, "%8.8" PRIx32 ": %8.8" PRIx32,
1565 opcode, value);
1566 } else if (CMD_ARGC == 3) {
1567 uint32_t value;
1568 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1569 uint32_t address;
1570 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[2], address);
1571 retval = arm920t_write_cp15_interpreted(target,
1572 opcode, value, address);
1573 if (retval != ERROR_OK) {
1574 command_print(CMD,
1575 "couldn't execute %8.8" PRIx32, opcode);
1576 /* REVISIT why lie? "return retval"? */
1577 return ERROR_OK;
1578 }
1579 command_print(CMD, "%8.8" PRIx32 ": %8.8" PRIx32
1580 " %8.8" PRIx32, opcode, value, address);
1581 }
1582 } else
1583 return ERROR_COMMAND_SYNTAX_ERROR;
1584
1585 return ERROR_OK;
1586 }
1587
1588 COMMAND_HANDLER(arm920t_handle_cache_info_command)
1589 {
1590 int retval;
1591 struct target *target = get_current_target(CMD_CTX);
1592 struct arm920t_common *arm920t = target_to_arm920(target);
1593
1594 retval = arm920t_verify_pointer(CMD, arm920t);
1595 if (retval != ERROR_OK)
1596 return retval;
1597
1598 return armv4_5_handle_cache_info_command(CMD,
1599 &arm920t->armv4_5_mmu.armv4_5_cache);
1600 }
1601
1602
1603 static int arm920t_mrc(struct target *target, int cpnum,
1604 uint32_t op1, uint32_t op2,
1605 uint32_t CRn, uint32_t CRm,
1606 uint32_t *value)
1607 {
1608 if (cpnum != 15) {
1609 LOG_ERROR("Only cp15 is supported");
1610 return ERROR_FAIL;
1611 }
1612
1613 /* read "to" r0 */
1614 return arm920t_read_cp15_interpreted(target,
1615 ARMV4_5_MRC(cpnum, op1, 0, CRn, CRm, op2),
1616 0, value);
1617 }
1618
1619 static int arm920t_mcr(struct target *target, int cpnum,
1620 uint32_t op1, uint32_t op2,
1621 uint32_t CRn, uint32_t CRm,
1622 uint32_t value)
1623 {
1624 if (cpnum != 15) {
1625 LOG_ERROR("Only cp15 is supported");
1626 return ERROR_FAIL;
1627 }
1628
1629 /* write "from" r0 */
1630 return arm920t_write_cp15_interpreted(target,
1631 ARMV4_5_MCR(cpnum, op1, 0, CRn, CRm, op2),
1632 0, value);
1633 }
1634
1635 static const struct command_registration arm920t_exec_command_handlers[] = {
1636 {
1637 .name = "cp15",
1638 .handler = arm920t_handle_cp15_command,
1639 .mode = COMMAND_EXEC,
1640 .help = "display/modify cp15 register",
1641 .usage = "regnum [value]",
1642 },
1643 {
1644 .name = "cp15i",
1645 .handler = arm920t_handle_cp15i_command,
1646 .mode = COMMAND_EXEC,
1647 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1648 .help = "display/modify cp15 register using ARM opcode"
1649 " (DEPRECATED)",
1650 .usage = "instruction [value [address]]",
1651 },
1652 {
1653 .name = "cache_info",
1654 .handler = arm920t_handle_cache_info_command,
1655 .mode = COMMAND_EXEC,
1656 .usage = "",
1657 .help = "display information about target caches",
1658 },
1659 {
1660 .name = "read_cache",
1661 .handler = arm920t_handle_read_cache_command,
1662 .mode = COMMAND_EXEC,
1663 .help = "dump I/D cache content to file",
1664 .usage = "filename",
1665 },
1666 {
1667 .name = "read_mmu",
1668 .handler = arm920t_handle_read_mmu_command,
1669 .mode = COMMAND_EXEC,
1670 .help = "dump I/D mmu content to file",
1671 .usage = "filename",
1672 },
1673 COMMAND_REGISTRATION_DONE
1674 };
1675 const struct command_registration arm920t_command_handlers[] = {
1676 {
1677 .chain = arm9tdmi_command_handlers,
1678 },
1679 {
1680 .name = "arm920t",
1681 .mode = COMMAND_ANY,
1682 .help = "arm920t command group",
1683 .usage = "",
1684 .chain = arm920t_exec_command_handlers,
1685 },
1686 COMMAND_REGISTRATION_DONE
1687 };
1688
1689 /** Holds methods for ARM920 targets. */
1690 struct target_type arm920t_target = {
1691 .name = "arm920t",
1692
1693 .poll = arm7_9_poll,
1694 .arch_state = arm920t_arch_state,
1695
1696 .target_request_data = arm7_9_target_request_data,
1697
1698 .halt = arm7_9_halt,
1699 .resume = arm7_9_resume,
1700 .step = arm7_9_step,
1701
1702 .assert_reset = arm7_9_assert_reset,
1703 .deassert_reset = arm7_9_deassert_reset,
1704 .soft_reset_halt = arm920t_soft_reset_halt,
1705
1706 .get_gdb_arch = arm_get_gdb_arch,
1707 .get_gdb_reg_list = arm_get_gdb_reg_list,
1708
1709 .read_memory = arm920t_read_memory,
1710 .write_memory = arm7_9_write_memory_opt,
1711 .read_phys_memory = arm920t_read_phys_memory,
1712 .write_phys_memory = arm920t_write_phys_memory,
1713 .mmu = arm920_mmu,
1714 .virt2phys = arm920_virt2phys,
1715
1716 .checksum_memory = arm_checksum_memory,
1717 .blank_check_memory = arm_blank_check_memory,
1718
1719 .run_algorithm = armv4_5_run_algorithm,
1720
1721 .add_breakpoint = arm7_9_add_breakpoint,
1722 .remove_breakpoint = arm7_9_remove_breakpoint,
1723 .add_watchpoint = arm7_9_add_watchpoint,
1724 .remove_watchpoint = arm7_9_remove_watchpoint,
1725
1726 .commands = arm920t_command_handlers,
1727 .target_create = arm920t_target_create,
1728 .init_target = arm9tdmi_init_target,
1729 .deinit_target = arm920t_deinit_target,
1730 .examine = arm7_9_examine,
1731 .check_reset = arm7_9_check_reset,
1732 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)