fix segfault from stack corruption in ahbap_debugport_init
[openocd.git] / src / target / arm_adi_v5.c
1 /***************************************************************************
2 * Copyright (C) 2006 by Magnus Lundin *
3 * lundin@mlu.mine.nu *
4 * *
5 * Copyright (C) 2008 by Spencer Oliver *
6 * spen@spen-soft.co.uk *
7 * *
8 * Copyright (C) 2009-2010 by Oyvind Harboe *
9 * oyvind.harboe@zylin.com *
10 * *
11 * Copyright (C) 2009-2010 by David Brownell *
12 * *
13 * This program is free software; you can redistribute it and/or modify *
14 * it under the terms of the GNU General Public License as published by *
15 * the Free Software Foundation; either version 2 of the License, or *
16 * (at your option) any later version. *
17 * *
18 * This program is distributed in the hope that it will be useful, *
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
21 * GNU General Public License for more details. *
22 * *
23 * You should have received a copy of the GNU General Public License *
24 * along with this program; if not, write to the *
25 * Free Software Foundation, Inc., *
26 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
27 ***************************************************************************/
28
29 /**
30 * @file
31 * This file implements support for the ARM Debug Interface version 5 (ADIv5)
32 * debugging architecture. Compared with previous versions, this includes
33 * a low pin-count Serial Wire Debug (SWD) alternative to JTAG for message
34 * transport, and focusses on memory mapped resources as defined by the
35 * CoreSight architecture.
36 *
37 * A key concept in ADIv5 is the Debug Access Port, or DAP. A DAP has two
38 * basic components: a Debug Port (DP) transporting messages to and from a
39 * debugger, and an Access Port (AP) accessing resources. Three types of DP
40 * are defined. One uses only JTAG for communication, and is called JTAG-DP.
41 * One uses only SWD for communication, and is called SW-DP. The third can
42 * use either SWD or JTAG, and is called SWJ-DP. The most common type of AP
43 * is used to access memory mapped resources and is called a MEM-AP. Also a
44 * JTAG-AP is also defined, bridging to JTAG resources; those are uncommon.
45 *
46 * This programming interface allows DAP pipelined operations through a
47 * transaction queue. This primarily affects AP operations (such as using
48 * a MEM-AP to access memory or registers). If the current transaction has
49 * not finished by the time the next one must begin, and the ORUNDETECT bit
50 * is set in the DP_CTRL_STAT register, the SSTICKYORUN status is set and
51 * further AP operations will fail. There are two basic methods to avoid
52 * such overrun errors. One involves polling for status instead of using
53 * transaction piplining. The other involves adding delays to ensure the
54 * AP has enough time to complete one operation before starting the next
55 * one. (For JTAG these delays are controlled by memaccess_tck.)
56 */
57
58 /*
59 * Relevant specifications from ARM include:
60 *
61 * ARM(tm) Debug Interface v5 Architecture Specification ARM IHI 0031A
62 * CoreSight(tm) v1.0 Architecture Specification ARM IHI 0029B
63 *
64 * CoreSight(tm) DAP-Lite TRM, ARM DDI 0316D
65 * Cortex-M3(tm) TRM, ARM DDI 0337G
66 */
67
68 #ifdef HAVE_CONFIG_H
69 #include "config.h"
70 #endif
71
72 #include "arm.h"
73 #include "arm_adi_v5.h"
74 #include <helper/time_support.h>
75
76
77 /* ARM ADI Specification requires at least 10 bits used for TAR autoincrement */
78
79 /*
80 uint32_t tar_block_size(uint32_t address)
81 Return the largest block starting at address that does not cross a tar block size alignment boundary
82 */
83 static uint32_t max_tar_block_size(uint32_t tar_autoincr_block, uint32_t address)
84 {
85 return (tar_autoincr_block - ((tar_autoincr_block - 1) & address)) >> 2;
86 }
87
88 /***************************************************************************
89 * *
90 * DP and MEM-AP register access through APACC and DPACC *
91 * *
92 ***************************************************************************/
93
94 /**
95 * Select one of the APs connected to the specified DAP. The
96 * selection is implicitly used with future AP transactions.
97 * This is a NOP if the specified AP is already selected.
98 *
99 * @param dap The DAP
100 * @param apsel Number of the AP to (implicitly) use with further
101 * transactions. This normally identifies a MEM-AP.
102 */
103 void dap_ap_select(struct adiv5_dap *dap,uint8_t apsel)
104 {
105 uint32_t select_apsel = (apsel << 24) & 0xFF000000;
106
107 if (select_apsel != dap->apsel)
108 {
109 dap->apsel = select_apsel;
110 /* Switching AP invalidates cached values.
111 * Values MUST BE UPDATED BEFORE AP ACCESS.
112 */
113 dap->ap_bank_value = -1;
114 dap->ap_csw_value = -1;
115 dap->ap_tar_value = -1;
116 }
117 }
118
119 /**
120 * Queue transactions setting up transfer parameters for the
121 * currently selected MEM-AP.
122 *
123 * Subsequent transfers using registers like AP_REG_DRW or AP_REG_BD2
124 * initiate data reads or writes using memory or peripheral addresses.
125 * If the CSW is configured for it, the TAR may be automatically
126 * incremented after each transfer.
127 *
128 * @todo Rename to reflect it being specifically a MEM-AP function.
129 *
130 * @param dap The DAP connected to the MEM-AP.
131 * @param csw MEM-AP Control/Status Word (CSW) register to assign. If this
132 * matches the cached value, the register is not changed.
133 * @param tar MEM-AP Transfer Address Register (TAR) to assign. If this
134 * matches the cached address, the register is not changed.
135 *
136 * @return ERROR_OK if the transaction was properly queued, else a fault code.
137 */
138 int dap_setup_accessport(struct adiv5_dap *dap, uint32_t csw, uint32_t tar)
139 {
140 int retval;
141
142 csw = csw | CSW_DBGSWENABLE | CSW_MASTER_DEBUG | CSW_HPROT;
143 if (csw != dap->ap_csw_value)
144 {
145 /* LOG_DEBUG("DAP: Set CSW %x",csw); */
146 retval = dap_queue_ap_write(dap, AP_REG_CSW, csw);
147 if (retval != ERROR_OK)
148 return retval;
149 dap->ap_csw_value = csw;
150 }
151 if (tar != dap->ap_tar_value)
152 {
153 /* LOG_DEBUG("DAP: Set TAR %x",tar); */
154 retval = dap_queue_ap_write(dap, AP_REG_TAR, tar);
155 if (retval != ERROR_OK)
156 return retval;
157 dap->ap_tar_value = tar;
158 }
159 /* Disable TAR cache when autoincrementing */
160 if (csw & CSW_ADDRINC_MASK)
161 dap->ap_tar_value = -1;
162 return ERROR_OK;
163 }
164
165 /**
166 * Asynchronous (queued) read of a word from memory or a system register.
167 *
168 * @param dap The DAP connected to the MEM-AP performing the read.
169 * @param address Address of the 32-bit word to read; it must be
170 * readable by the currently selected MEM-AP.
171 * @param value points to where the word will be stored when the
172 * transaction queue is flushed (assuming no errors).
173 *
174 * @return ERROR_OK for success. Otherwise a fault code.
175 */
176 int mem_ap_read_u32(struct adiv5_dap *dap, uint32_t address,
177 uint32_t *value)
178 {
179 int retval;
180
181 /* Use banked addressing (REG_BDx) to avoid some link traffic
182 * (updating TAR) when reading several consecutive addresses.
183 */
184 retval = dap_setup_accessport(dap, CSW_32BIT | CSW_ADDRINC_OFF,
185 address & 0xFFFFFFF0);
186 if (retval != ERROR_OK)
187 return retval;
188
189 return dap_queue_ap_read(dap, AP_REG_BD0 | (address & 0xC), value);
190 }
191
192 /**
193 * Synchronous read of a word from memory or a system register.
194 * As a side effect, this flushes any queued transactions.
195 *
196 * @param dap The DAP connected to the MEM-AP performing the read.
197 * @param address Address of the 32-bit word to read; it must be
198 * readable by the currently selected MEM-AP.
199 * @param value points to where the result will be stored.
200 *
201 * @return ERROR_OK for success; *value holds the result.
202 * Otherwise a fault code.
203 */
204 int mem_ap_read_atomic_u32(struct adiv5_dap *dap, uint32_t address,
205 uint32_t *value)
206 {
207 int retval;
208
209 retval = mem_ap_read_u32(dap, address, value);
210 if (retval != ERROR_OK)
211 return retval;
212
213 return dap_run(dap);
214 }
215
216 /**
217 * Asynchronous (queued) write of a word to memory or a system register.
218 *
219 * @param dap The DAP connected to the MEM-AP.
220 * @param address Address to be written; it must be writable by
221 * the currently selected MEM-AP.
222 * @param value Word that will be written to the address when transaction
223 * queue is flushed (assuming no errors).
224 *
225 * @return ERROR_OK for success. Otherwise a fault code.
226 */
227 int mem_ap_write_u32(struct adiv5_dap *dap, uint32_t address,
228 uint32_t value)
229 {
230 int retval;
231
232 /* Use banked addressing (REG_BDx) to avoid some link traffic
233 * (updating TAR) when writing several consecutive addresses.
234 */
235 retval = dap_setup_accessport(dap, CSW_32BIT | CSW_ADDRINC_OFF,
236 address & 0xFFFFFFF0);
237 if (retval != ERROR_OK)
238 return retval;
239
240 return dap_queue_ap_write(dap, AP_REG_BD0 | (address & 0xC),
241 value);
242 }
243
244 /**
245 * Synchronous write of a word to memory or a system register.
246 * As a side effect, this flushes any queued transactions.
247 *
248 * @param dap The DAP connected to the MEM-AP.
249 * @param address Address to be written; it must be writable by
250 * the currently selected MEM-AP.
251 * @param value Word that will be written.
252 *
253 * @return ERROR_OK for success; the data was written. Otherwise a fault code.
254 */
255 int mem_ap_write_atomic_u32(struct adiv5_dap *dap, uint32_t address,
256 uint32_t value)
257 {
258 int retval = mem_ap_write_u32(dap, address, value);
259
260 if (retval != ERROR_OK)
261 return retval;
262
263 return dap_run(dap);
264 }
265
266 /*****************************************************************************
267 * *
268 * mem_ap_write_buf(struct adiv5_dap *dap, uint8_t *buffer, int count, uint32_t address) *
269 * *
270 * Write a buffer in target order (little endian) *
271 * *
272 *****************************************************************************/
273 int mem_ap_write_buf_u32(struct adiv5_dap *dap, uint8_t *buffer, int count, uint32_t address)
274 {
275 int wcount, blocksize, writecount, errorcount = 0, retval = ERROR_OK;
276 uint32_t adr = address;
277 uint8_t* pBuffer = buffer;
278
279 count >>= 2;
280 wcount = count;
281
282 /* if we have an unaligned access - reorder data */
283 if (adr & 0x3u)
284 {
285 for (writecount = 0; writecount < count; writecount++)
286 {
287 int i;
288 uint32_t outvalue;
289 memcpy(&outvalue, pBuffer, sizeof(uint32_t));
290
291 for (i = 0; i < 4; i++)
292 {
293 *((uint8_t*)pBuffer + (adr & 0x3)) = outvalue;
294 outvalue >>= 8;
295 adr++;
296 }
297 pBuffer += sizeof(uint32_t);
298 }
299 }
300
301 while (wcount > 0)
302 {
303 /* Adjust to write blocks within boundaries aligned to the TAR autoincremnent size*/
304 blocksize = max_tar_block_size(dap->tar_autoincr_block, address);
305 if (wcount < blocksize)
306 blocksize = wcount;
307
308 /* handle unaligned data at 4k boundary */
309 if (blocksize == 0)
310 blocksize = 1;
311
312 retval = dap_setup_accessport(dap, CSW_32BIT | CSW_ADDRINC_SINGLE, address);
313 if (retval != ERROR_OK)
314 return retval;
315
316 for (writecount = 0; writecount < blocksize; writecount++)
317 {
318 retval = dap_queue_ap_write(dap, AP_REG_DRW,
319 *(uint32_t *) ((void *) (buffer + 4 * writecount)));
320 if (retval != ERROR_OK)
321 break;
322 }
323
324 if ((retval = dap_run(dap)) == ERROR_OK)
325 {
326 wcount = wcount - blocksize;
327 address = address + 4 * blocksize;
328 buffer = buffer + 4 * blocksize;
329 }
330 else
331 {
332 errorcount++;
333 }
334
335 if (errorcount > 1)
336 {
337 LOG_WARNING("Block write error address 0x%" PRIx32 ", wcount 0x%x", address, wcount);
338 return retval;
339 }
340 }
341
342 return retval;
343 }
344
345 static int mem_ap_write_buf_packed_u16(struct adiv5_dap *dap,
346 uint8_t *buffer, int count, uint32_t address)
347 {
348 int retval = ERROR_OK;
349 int wcount, blocksize, writecount, i;
350
351 wcount = count >> 1;
352
353 while (wcount > 0)
354 {
355 int nbytes;
356
357 /* Adjust to write blocks within boundaries aligned to the TAR autoincremnent size*/
358 blocksize = max_tar_block_size(dap->tar_autoincr_block, address);
359
360 if (wcount < blocksize)
361 blocksize = wcount;
362
363 /* handle unaligned data at 4k boundary */
364 if (blocksize == 0)
365 blocksize = 1;
366
367 retval = dap_setup_accessport(dap, CSW_16BIT | CSW_ADDRINC_PACKED, address);
368 if (retval != ERROR_OK)
369 return retval;
370 writecount = blocksize;
371
372 do
373 {
374 nbytes = MIN((writecount << 1), 4);
375
376 if (nbytes < 4)
377 {
378 retval = mem_ap_write_buf_u16(dap, buffer,
379 nbytes, address);
380 if (retval != ERROR_OK)
381 {
382 LOG_WARNING("Block write error address "
383 "0x%" PRIx32 ", count 0x%x",
384 address, count);
385 return retval;
386 }
387
388 address += nbytes >> 1;
389 }
390 else
391 {
392 uint32_t outvalue;
393 memcpy(&outvalue, buffer, sizeof(uint32_t));
394
395 for (i = 0; i < nbytes; i++)
396 {
397 *((uint8_t*)buffer + (address & 0x3)) = outvalue;
398 outvalue >>= 8;
399 address++;
400 }
401
402 memcpy(&outvalue, buffer, sizeof(uint32_t));
403 retval = dap_queue_ap_write(dap,
404 AP_REG_DRW, outvalue);
405 if (retval != ERROR_OK)
406 break;
407
408 if ((retval = dap_run(dap)) != ERROR_OK)
409 {
410 LOG_WARNING("Block write error address "
411 "0x%" PRIx32 ", count 0x%x",
412 address, count);
413 return retval;
414 }
415 }
416
417 buffer += nbytes >> 1;
418 writecount -= nbytes >> 1;
419
420 } while (writecount);
421 wcount -= blocksize;
422 }
423
424 return retval;
425 }
426
427 int mem_ap_write_buf_u16(struct adiv5_dap *dap, uint8_t *buffer, int count, uint32_t address)
428 {
429 int retval = ERROR_OK;
430
431 if (count >= 4)
432 return mem_ap_write_buf_packed_u16(dap, buffer, count, address);
433
434 while (count > 0)
435 {
436 retval = dap_setup_accessport(dap, CSW_16BIT | CSW_ADDRINC_SINGLE, address);
437 if (retval != ERROR_OK)
438 return retval;
439 uint16_t svalue;
440 memcpy(&svalue, buffer, sizeof(uint16_t));
441 uint32_t outvalue = (uint32_t)svalue << 8 * (address & 0x3);
442 retval = dap_queue_ap_write(dap, AP_REG_DRW, outvalue);
443 if (retval != ERROR_OK)
444 break;
445
446 retval = dap_run(dap);
447 if (retval != ERROR_OK)
448 break;
449
450 count -= 2;
451 address += 2;
452 buffer += 2;
453 }
454
455 return retval;
456 }
457
458 static int mem_ap_write_buf_packed_u8(struct adiv5_dap *dap,
459 uint8_t *buffer, int count, uint32_t address)
460 {
461 int retval = ERROR_OK;
462 int wcount, blocksize, writecount, i;
463
464 wcount = count;
465
466 while (wcount > 0)
467 {
468 int nbytes;
469
470 /* Adjust to write blocks within boundaries aligned to the TAR autoincremnent size*/
471 blocksize = max_tar_block_size(dap->tar_autoincr_block, address);
472
473 if (wcount < blocksize)
474 blocksize = wcount;
475
476 retval = dap_setup_accessport(dap, CSW_8BIT | CSW_ADDRINC_PACKED, address);
477 if (retval != ERROR_OK)
478 return retval;
479 writecount = blocksize;
480
481 do
482 {
483 nbytes = MIN(writecount, 4);
484
485 if (nbytes < 4)
486 {
487 retval = mem_ap_write_buf_u8(dap, buffer, nbytes, address);
488 if (retval != ERROR_OK)
489 {
490 LOG_WARNING("Block write error address "
491 "0x%" PRIx32 ", count 0x%x",
492 address, count);
493 return retval;
494 }
495
496 address += nbytes;
497 }
498 else
499 {
500 uint32_t outvalue;
501 memcpy(&outvalue, buffer, sizeof(uint32_t));
502
503 for (i = 0; i < nbytes; i++)
504 {
505 *((uint8_t*)buffer + (address & 0x3)) = outvalue;
506 outvalue >>= 8;
507 address++;
508 }
509
510 memcpy(&outvalue, buffer, sizeof(uint32_t));
511 retval = dap_queue_ap_write(dap,
512 AP_REG_DRW, outvalue);
513 if (retval != ERROR_OK)
514 break;
515
516 if ((retval = dap_run(dap)) != ERROR_OK)
517 {
518 LOG_WARNING("Block write error address "
519 "0x%" PRIx32 ", count 0x%x",
520 address, count);
521 return retval;
522 }
523 }
524
525 buffer += nbytes;
526 writecount -= nbytes;
527
528 } while (writecount);
529 wcount -= blocksize;
530 }
531
532 return retval;
533 }
534
535 int mem_ap_write_buf_u8(struct adiv5_dap *dap, uint8_t *buffer, int count, uint32_t address)
536 {
537 int retval = ERROR_OK;
538
539 if (count >= 4)
540 return mem_ap_write_buf_packed_u8(dap, buffer, count, address);
541
542 while (count > 0)
543 {
544 retval = dap_setup_accessport(dap, CSW_8BIT | CSW_ADDRINC_SINGLE, address);
545 if (retval != ERROR_OK)
546 return retval;
547 uint32_t outvalue = (uint32_t)*buffer << 8 * (address & 0x3);
548 retval = dap_queue_ap_write(dap, AP_REG_DRW, outvalue);
549 if (retval != ERROR_OK)
550 break;
551
552 retval = dap_run(dap);
553 if (retval != ERROR_OK)
554 break;
555
556 count--;
557 address++;
558 buffer++;
559 }
560
561 return retval;
562 }
563
564 /* FIXME don't import ... this is a temporary workaround for the
565 * mem_ap_read_buf_u32() mess, until it's no longer JTAG-specific.
566 */
567 extern int adi_jtag_dp_scan(struct adiv5_dap *dap,
568 uint8_t instr, uint8_t reg_addr, uint8_t RnW,
569 uint8_t *outvalue, uint8_t *invalue, uint8_t *ack);
570
571 /**
572 * Synchronously read a block of 32-bit words into a buffer
573 * @param dap The DAP connected to the MEM-AP.
574 * @param buffer where the words will be stored (in host byte order).
575 * @param count How many words to read.
576 * @param address Memory address from which to read words; all the
577 * words must be readable by the currently selected MEM-AP.
578 */
579 int mem_ap_read_buf_u32(struct adiv5_dap *dap, uint8_t *buffer,
580 int count, uint32_t address)
581 {
582 int wcount, blocksize, readcount, errorcount = 0, retval = ERROR_OK;
583 uint32_t adr = address;
584 uint8_t* pBuffer = buffer;
585
586 count >>= 2;
587 wcount = count;
588
589 while (wcount > 0)
590 {
591 /* Adjust to read blocks within boundaries aligned to the
592 * TAR autoincrement size (at least 2^10). Autoincrement
593 * mode avoids an extra per-word roundtrip to update TAR.
594 */
595 blocksize = max_tar_block_size(dap->tar_autoincr_block,
596 address);
597 if (wcount < blocksize)
598 blocksize = wcount;
599
600 /* handle unaligned data at 4k boundary */
601 if (blocksize == 0)
602 blocksize = 1;
603
604 retval = dap_setup_accessport(dap, CSW_32BIT | CSW_ADDRINC_SINGLE,
605 address);
606 if (retval != ERROR_OK)
607 return retval;
608
609 /* FIXME remove these three calls to adi_jtag_dp_scan(),
610 * so this routine becomes transport-neutral. Be careful
611 * not to cause performance problems with JTAG; would it
612 * suffice to loop over dap_queue_ap_read(), or would that
613 * be slower when JTAG is the chosen transport?
614 */
615
616 /* Scan out first read */
617 retval = adi_jtag_dp_scan(dap, JTAG_DP_APACC, AP_REG_DRW,
618 DPAP_READ, 0, NULL, NULL);
619 if (retval != ERROR_OK)
620 return retval;
621 for (readcount = 0; readcount < blocksize - 1; readcount++)
622 {
623 /* Scan out next read; scan in posted value for the
624 * previous one. Assumes read is acked "OK/FAULT",
625 * and CTRL_STAT says that meant "OK".
626 */
627 retval = adi_jtag_dp_scan(dap, JTAG_DP_APACC, AP_REG_DRW,
628 DPAP_READ, 0, buffer + 4 * readcount,
629 &dap->ack);
630 if (retval != ERROR_OK)
631 return retval;
632 }
633
634 /* Scan in last posted value; RDBUFF has no other effect,
635 * assuming ack is OK/FAULT and CTRL_STAT says "OK".
636 */
637 retval = adi_jtag_dp_scan(dap, JTAG_DP_DPACC, DP_RDBUFF,
638 DPAP_READ, 0, buffer + 4 * readcount,
639 &dap->ack);
640 if (retval != ERROR_OK)
641 return retval;
642
643 retval = dap_run(dap);
644 if (retval != ERROR_OK)
645 {
646 errorcount++;
647 if (errorcount <= 1)
648 {
649 /* try again */
650 continue;
651 }
652 LOG_WARNING("Block read error address 0x%" PRIx32, address);
653 return retval;
654 }
655 wcount = wcount - blocksize;
656 address += 4 * blocksize;
657 buffer += 4 * blocksize;
658 }
659
660 /* if we have an unaligned access - reorder data */
661 if (adr & 0x3u)
662 {
663 for (readcount = 0; readcount < count; readcount++)
664 {
665 int i;
666 uint32_t data;
667 memcpy(&data, pBuffer, sizeof(uint32_t));
668
669 for (i = 0; i < 4; i++)
670 {
671 *((uint8_t*)pBuffer) =
672 (data >> 8 * (adr & 0x3));
673 pBuffer++;
674 adr++;
675 }
676 }
677 }
678
679 return retval;
680 }
681
682 static int mem_ap_read_buf_packed_u16(struct adiv5_dap *dap,
683 uint8_t *buffer, int count, uint32_t address)
684 {
685 uint32_t invalue;
686 int retval = ERROR_OK;
687 int wcount, blocksize, readcount, i;
688
689 wcount = count >> 1;
690
691 while (wcount > 0)
692 {
693 int nbytes;
694
695 /* Adjust to read blocks within boundaries aligned to the TAR autoincremnent size*/
696 blocksize = max_tar_block_size(dap->tar_autoincr_block, address);
697 if (wcount < blocksize)
698 blocksize = wcount;
699
700 retval = dap_setup_accessport(dap, CSW_16BIT | CSW_ADDRINC_PACKED, address);
701 if (retval != ERROR_OK)
702 return retval;
703
704 /* handle unaligned data at 4k boundary */
705 if (blocksize == 0)
706 blocksize = 1;
707 readcount = blocksize;
708
709 do
710 {
711 retval = dap_queue_ap_read(dap, AP_REG_DRW, &invalue);
712 if (retval != ERROR_OK)
713 return retval;
714 if ((retval = dap_run(dap)) != ERROR_OK)
715 {
716 LOG_WARNING("Block read error address 0x%" PRIx32 ", count 0x%x", address, count);
717 return retval;
718 }
719
720 nbytes = MIN((readcount << 1), 4);
721
722 for (i = 0; i < nbytes; i++)
723 {
724 *((uint8_t*)buffer) = (invalue >> 8 * (address & 0x3));
725 buffer++;
726 address++;
727 }
728
729 readcount -= (nbytes >> 1);
730 } while (readcount);
731 wcount -= blocksize;
732 }
733
734 return retval;
735 }
736
737 /**
738 * Synchronously read a block of 16-bit halfwords into a buffer
739 * @param dap The DAP connected to the MEM-AP.
740 * @param buffer where the halfwords will be stored (in host byte order).
741 * @param count How many halfwords to read.
742 * @param address Memory address from which to read words; all the
743 * words must be readable by the currently selected MEM-AP.
744 */
745 int mem_ap_read_buf_u16(struct adiv5_dap *dap, uint8_t *buffer,
746 int count, uint32_t address)
747 {
748 uint32_t invalue, i;
749 int retval = ERROR_OK;
750
751 if (count >= 4)
752 return mem_ap_read_buf_packed_u16(dap, buffer, count, address);
753
754 while (count > 0)
755 {
756 retval = dap_setup_accessport(dap, CSW_16BIT | CSW_ADDRINC_SINGLE, address);
757 if (retval != ERROR_OK)
758 return retval;
759 retval = dap_queue_ap_read(dap, AP_REG_DRW, &invalue);
760 if (retval != ERROR_OK)
761 break;
762
763 retval = dap_run(dap);
764 if (retval != ERROR_OK)
765 break;
766
767 if (address & 0x1)
768 {
769 for (i = 0; i < 2; i++)
770 {
771 *((uint8_t*)buffer) = (invalue >> 8 * (address & 0x3));
772 buffer++;
773 address++;
774 }
775 }
776 else
777 {
778 uint16_t svalue = (invalue >> 8 * (address & 0x3));
779 memcpy(buffer, &svalue, sizeof(uint16_t));
780 address += 2;
781 buffer += 2;
782 }
783 count -= 2;
784 }
785
786 return retval;
787 }
788
789 /* FIX!!! is this a potential performance bottleneck w.r.t. requiring too many
790 * roundtrips when jtag_execute_queue() has a large overhead(e.g. for USB)s?
791 *
792 * The solution is to arrange for a large out/in scan in this loop and
793 * and convert data afterwards.
794 */
795 static int mem_ap_read_buf_packed_u8(struct adiv5_dap *dap,
796 uint8_t *buffer, int count, uint32_t address)
797 {
798 uint32_t invalue;
799 int retval = ERROR_OK;
800 int wcount, blocksize, readcount, i;
801
802 wcount = count;
803
804 while (wcount > 0)
805 {
806 int nbytes;
807
808 /* Adjust to read blocks within boundaries aligned to the TAR autoincremnent size*/
809 blocksize = max_tar_block_size(dap->tar_autoincr_block, address);
810
811 if (wcount < blocksize)
812 blocksize = wcount;
813
814 retval = dap_setup_accessport(dap, CSW_8BIT | CSW_ADDRINC_PACKED, address);
815 if (retval != ERROR_OK)
816 return retval;
817 readcount = blocksize;
818
819 do
820 {
821 retval = dap_queue_ap_read(dap, AP_REG_DRW, &invalue);
822 if (retval != ERROR_OK)
823 return retval;
824 if ((retval = dap_run(dap)) != ERROR_OK)
825 {
826 LOG_WARNING("Block read error address 0x%" PRIx32 ", count 0x%x", address, count);
827 return retval;
828 }
829
830 nbytes = MIN(readcount, 4);
831
832 for (i = 0; i < nbytes; i++)
833 {
834 *((uint8_t*)buffer) = (invalue >> 8 * (address & 0x3));
835 buffer++;
836 address++;
837 }
838
839 readcount -= nbytes;
840 } while (readcount);
841 wcount -= blocksize;
842 }
843
844 return retval;
845 }
846
847 /**
848 * Synchronously read a block of bytes into a buffer
849 * @param dap The DAP connected to the MEM-AP.
850 * @param buffer where the bytes will be stored.
851 * @param count How many bytes to read.
852 * @param address Memory address from which to read data; all the
853 * data must be readable by the currently selected MEM-AP.
854 */
855 int mem_ap_read_buf_u8(struct adiv5_dap *dap, uint8_t *buffer,
856 int count, uint32_t address)
857 {
858 uint32_t invalue;
859 int retval = ERROR_OK;
860
861 if (count >= 4)
862 return mem_ap_read_buf_packed_u8(dap, buffer, count, address);
863
864 while (count > 0)
865 {
866 retval = dap_setup_accessport(dap, CSW_8BIT | CSW_ADDRINC_SINGLE, address);
867 if (retval != ERROR_OK)
868 return retval;
869 retval = dap_queue_ap_read(dap, AP_REG_DRW, &invalue);
870 if (retval != ERROR_OK)
871 return retval;
872 retval = dap_run(dap);
873 if (retval != ERROR_OK)
874 break;
875
876 *((uint8_t*)buffer) = (invalue >> 8 * (address & 0x3));
877 count--;
878 address++;
879 buffer++;
880 }
881
882 return retval;
883 }
884
885 /*--------------------------------------------------------------------------*/
886
887
888 /* FIXME don't import ... just initialize as
889 * part of DAP transport setup
890 */
891 extern const struct dap_ops jtag_dp_ops;
892
893 /*--------------------------------------------------------------------------*/
894
895 /**
896 * Initialize a DAP. This sets up the power domains, prepares the DP
897 * for further use, and arranges to use AP #0 for all AP operations
898 * until dap_ap-select() changes that policy.
899 *
900 * @param dap The DAP being initialized.
901 *
902 * @todo Rename this. We also need an initialization scheme which account
903 * for SWD transports not just JTAG; that will need to address differences
904 * in layering. (JTAG is useful without any debug target; but not SWD.)
905 * And this may not even use an AHB-AP ... e.g. DAP-Lite uses an APB-AP.
906 */
907 int ahbap_debugport_init(struct adiv5_dap *dap)
908 {
909 uint32_t ctrlstat;
910 int cnt = 0;
911 int retval;
912
913 LOG_DEBUG(" ");
914
915 /* JTAG-DP or SWJ-DP, in JTAG mode
916 * ... for SWD mode this is patched as part
917 * of link switchover
918 */
919 if (!dap->ops)
920 dap->ops = &jtag_dp_ops;
921
922 /* Default MEM-AP setup.
923 *
924 * REVISIT AP #0 may be an inappropriate default for this.
925 * Should we probe, or take a hint from the caller?
926 * Presumably we can ignore the possibility of multiple APs.
927 */
928 dap->apsel = !0;
929 dap_ap_select(dap, 0);
930
931 /* DP initialization */
932
933 retval = dap_queue_dp_read(dap, DP_CTRL_STAT, NULL);
934 if (retval != ERROR_OK)
935 return retval;
936
937 retval = dap_queue_dp_write(dap, DP_CTRL_STAT, SSTICKYERR);
938 if (retval != ERROR_OK)
939 return retval;
940
941 retval = dap_queue_dp_read(dap, DP_CTRL_STAT, NULL);
942 if (retval != ERROR_OK)
943 return retval;
944
945 dap->dp_ctrl_stat = CDBGPWRUPREQ | CSYSPWRUPREQ;
946 retval = dap_queue_dp_write(dap, DP_CTRL_STAT, dap->dp_ctrl_stat);
947 if (retval != ERROR_OK)
948 return retval;
949
950 retval = dap_queue_dp_read(dap, DP_CTRL_STAT, &ctrlstat);
951 if (retval != ERROR_OK)
952 return retval;
953 if ((retval = dap_run(dap)) != ERROR_OK)
954 return retval;
955
956 /* Check that we have debug power domains activated */
957 while (!(ctrlstat & CDBGPWRUPACK) && (cnt++ < 10))
958 {
959 LOG_DEBUG("DAP: wait CDBGPWRUPACK");
960 retval = dap_queue_dp_read(dap, DP_CTRL_STAT, &ctrlstat);
961 if (retval != ERROR_OK)
962 return retval;
963 if ((retval = dap_run(dap)) != ERROR_OK)
964 return retval;
965 alive_sleep(10);
966 }
967
968 while (!(ctrlstat & CSYSPWRUPACK) && (cnt++ < 10))
969 {
970 LOG_DEBUG("DAP: wait CSYSPWRUPACK");
971 retval = dap_queue_dp_read(dap, DP_CTRL_STAT, &ctrlstat);
972 if (retval != ERROR_OK)
973 return retval;
974 if ((retval = dap_run(dap)) != ERROR_OK)
975 return retval;
976 alive_sleep(10);
977 }
978
979 retval = dap_queue_dp_read(dap, DP_CTRL_STAT, NULL);
980 if (retval != ERROR_OK)
981 return retval;
982 /* With debug power on we can activate OVERRUN checking */
983 dap->dp_ctrl_stat = CDBGPWRUPREQ | CSYSPWRUPREQ | CORUNDETECT;
984 retval = dap_queue_dp_write(dap, DP_CTRL_STAT, dap->dp_ctrl_stat);
985 if (retval != ERROR_OK)
986 return retval;
987 retval = dap_queue_dp_read(dap, DP_CTRL_STAT, NULL);
988 if (retval != ERROR_OK)
989 return retval;
990
991 return ERROR_OK;
992 }
993
994 /* CID interpretation -- see ARM IHI 0029B section 3
995 * and ARM IHI 0031A table 13-3.
996 */
997 static const char *class_description[16] ={
998 "Reserved", "ROM table", "Reserved", "Reserved",
999 "Reserved", "Reserved", "Reserved", "Reserved",
1000 "Reserved", "CoreSight component", "Reserved", "Peripheral Test Block",
1001 "Reserved", "OptimoDE DESS",
1002 "Generic IP component", "PrimeCell or System component"
1003 };
1004
1005 static bool
1006 is_dap_cid_ok(uint32_t cid3, uint32_t cid2, uint32_t cid1, uint32_t cid0)
1007 {
1008 return cid3 == 0xb1 && cid2 == 0x05
1009 && ((cid1 & 0x0f) == 0) && cid0 == 0x0d;
1010 }
1011
1012 struct broken_cpu {
1013 uint32_t dbgbase;
1014 uint32_t apid;
1015 uint32_t idcode;
1016 uint32_t correct_dbgbase;
1017 char *model;
1018 } broken_cpus[] = {
1019 { 0x80000000, 0x04770002, 0x1ba00477, 0x60000000, "imx51" },
1020 };
1021
1022 int dap_get_debugbase(struct adiv5_dap *dap, int apsel,
1023 uint32_t *out_dbgbase, uint32_t *out_apid)
1024 {
1025 uint32_t apselold;
1026 int retval;
1027 unsigned int i;
1028 uint32_t dbgbase, apid, idcode;
1029
1030 /* AP address is in bits 31:24 of DP_SELECT */
1031 if (apsel >= 256)
1032 return ERROR_INVALID_ARGUMENTS;
1033
1034 apselold = dap->apsel;
1035 dap_ap_select(dap, apsel);
1036
1037 retval = dap_queue_ap_read(dap, AP_REG_BASE, &dbgbase);
1038 if (retval != ERROR_OK)
1039 return retval;
1040 retval = dap_queue_ap_read(dap, AP_REG_IDR, &apid);
1041 if (retval != ERROR_OK)
1042 return retval;
1043 retval = dap_run(dap);
1044 if (retval != ERROR_OK)
1045 return retval;
1046
1047 /* Excavate the device ID code */
1048 struct jtag_tap *tap = dap->jtag_info->tap;
1049 while (tap != NULL) {
1050 if (tap->hasidcode) {
1051 idcode = tap->idcode;
1052 break;
1053 }
1054 tap = tap->next_tap;
1055 }
1056 if (tap == NULL || !tap->hasidcode)
1057 return ERROR_OK;
1058
1059 /* Some CPUs are messed up, so fixup if needed. */
1060 for (i = 0; i < sizeof(broken_cpus)/sizeof(struct broken_cpu); i++)
1061 if (broken_cpus[i].dbgbase == dbgbase &&
1062 broken_cpus[i].apid == apid &&
1063 broken_cpus[i].idcode == idcode) {
1064 LOG_WARNING("Found broken CPU (%s), trying to fixup "
1065 "ROM Table location from 0x%08x to 0x%08x",
1066 broken_cpus[i].model, dbgbase,
1067 broken_cpus[i].correct_dbgbase);
1068 dbgbase = broken_cpus[i].correct_dbgbase;
1069 break;
1070 }
1071
1072 dap_ap_select(dap, apselold);
1073
1074 /* The asignment happens only here to prevent modification of these
1075 * values before they are certain. */
1076 *out_dbgbase = dbgbase;
1077 *out_apid = apid;
1078
1079 return ERROR_OK;
1080 }
1081
1082 int dap_lookup_cs_component(struct adiv5_dap *dap, int apsel,
1083 uint32_t dbgbase, uint8_t type, uint32_t *addr)
1084 {
1085 uint32_t apselold;
1086 uint32_t romentry, entry_offset = 0, component_base, devtype;
1087 int retval = ERROR_FAIL;
1088
1089 if (apsel >= 256)
1090 return ERROR_INVALID_ARGUMENTS;
1091
1092 apselold = dap->apsel;
1093 dap_ap_select(dap, apsel);
1094
1095 do
1096 {
1097 retval = mem_ap_read_atomic_u32(dap, (dbgbase&0xFFFFF000) |
1098 entry_offset, &romentry);
1099 if (retval != ERROR_OK)
1100 return retval;
1101
1102 component_base = (dbgbase & 0xFFFFF000)
1103 + (romentry & 0xFFFFF000);
1104
1105 if (romentry & 0x1) {
1106 retval = mem_ap_read_atomic_u32(dap,
1107 (component_base & 0xfffff000) | 0xfcc,
1108 &devtype);
1109 if ((devtype & 0xff) == type) {
1110 *addr = component_base;
1111 retval = ERROR_OK;
1112 break;
1113 }
1114 }
1115 entry_offset += 4;
1116 } while (romentry > 0);
1117
1118 dap_ap_select(dap, apselold);
1119
1120 return retval;
1121 }
1122
1123 static int dap_info_command(struct command_context *cmd_ctx,
1124 struct adiv5_dap *dap, int apsel)
1125 {
1126 int retval;
1127 uint32_t dbgbase, apid;
1128 int romtable_present = 0;
1129 uint8_t mem_ap;
1130 uint32_t apselold;
1131
1132 retval = dap_get_debugbase(dap, apsel, &dbgbase, &apid);
1133 if (retval != ERROR_OK)
1134 return retval;
1135
1136 apselold = dap->apsel;
1137 dap_ap_select(dap, apsel);
1138
1139 /* Now we read ROM table ID registers, ref. ARM IHI 0029B sec */
1140 mem_ap = ((apid&0x10000) && ((apid&0x0F) != 0));
1141 command_print(cmd_ctx, "AP ID register 0x%8.8" PRIx32, apid);
1142 if (apid)
1143 {
1144 switch (apid&0x0F)
1145 {
1146 case 0:
1147 command_print(cmd_ctx, "\tType is JTAG-AP");
1148 break;
1149 case 1:
1150 command_print(cmd_ctx, "\tType is MEM-AP AHB");
1151 break;
1152 case 2:
1153 command_print(cmd_ctx, "\tType is MEM-AP APB");
1154 break;
1155 default:
1156 command_print(cmd_ctx, "\tUnknown AP type");
1157 break;
1158 }
1159
1160 /* NOTE: a MEM-AP may have a single CoreSight component that's
1161 * not a ROM table ... or have no such components at all.
1162 */
1163 if (mem_ap)
1164 command_print(cmd_ctx, "AP BASE 0x%8.8" PRIx32,
1165 dbgbase);
1166 }
1167 else
1168 {
1169 command_print(cmd_ctx, "No AP found at this apsel 0x%x", apsel);
1170 }
1171
1172 romtable_present = ((mem_ap) && (dbgbase != 0xFFFFFFFF));
1173 if (romtable_present)
1174 {
1175 uint32_t cid0,cid1,cid2,cid3,memtype,romentry;
1176 uint16_t entry_offset;
1177
1178 /* bit 16 of apid indicates a memory access port */
1179 if (dbgbase & 0x02)
1180 command_print(cmd_ctx, "\tValid ROM table present");
1181 else
1182 command_print(cmd_ctx, "\tROM table in legacy format");
1183
1184 /* Now we read ROM table ID registers, ref. ARM IHI 0029B sec */
1185 retval = mem_ap_read_u32(dap, (dbgbase&0xFFFFF000) | 0xFF0, &cid0);
1186 if (retval != ERROR_OK)
1187 return retval;
1188 retval = mem_ap_read_u32(dap, (dbgbase&0xFFFFF000) | 0xFF4, &cid1);
1189 if (retval != ERROR_OK)
1190 return retval;
1191 retval = mem_ap_read_u32(dap, (dbgbase&0xFFFFF000) | 0xFF8, &cid2);
1192 if (retval != ERROR_OK)
1193 return retval;
1194 retval = mem_ap_read_u32(dap, (dbgbase&0xFFFFF000) | 0xFFC, &cid3);
1195 if (retval != ERROR_OK)
1196 return retval;
1197 retval = mem_ap_read_u32(dap, (dbgbase&0xFFFFF000) | 0xFCC, &memtype);
1198 if (retval != ERROR_OK)
1199 return retval;
1200 retval = dap_run(dap);
1201 if (retval != ERROR_OK)
1202 return retval;
1203
1204 if (!is_dap_cid_ok(cid3, cid2, cid1, cid0))
1205 command_print(cmd_ctx, "\tCID3 0x%2.2x"
1206 ", CID2 0x%2.2x"
1207 ", CID1 0x%2.2x"
1208 ", CID0 0x%2.2x",
1209 (unsigned) cid3, (unsigned)cid2,
1210 (unsigned) cid1, (unsigned) cid0);
1211 if (memtype & 0x01)
1212 command_print(cmd_ctx, "\tMEMTYPE system memory present on bus");
1213 else
1214 command_print(cmd_ctx, "\tMEMTYPE System memory not present. "
1215 "Dedicated debug bus.");
1216
1217 /* Now we read ROM table entries from dbgbase&0xFFFFF000) | 0x000 until we get 0x00000000 */
1218 entry_offset = 0;
1219 do
1220 {
1221 retval = mem_ap_read_atomic_u32(dap, (dbgbase&0xFFFFF000) | entry_offset, &romentry);
1222 if (retval != ERROR_OK)
1223 return retval;
1224 command_print(cmd_ctx, "\tROMTABLE[0x%x] = 0x%" PRIx32 "",entry_offset,romentry);
1225 if (romentry&0x01)
1226 {
1227 uint32_t c_cid0, c_cid1, c_cid2, c_cid3;
1228 uint32_t c_pid0, c_pid1, c_pid2, c_pid3, c_pid4;
1229 uint32_t component_base;
1230 unsigned part_num;
1231 char *type, *full;
1232
1233 component_base = (dbgbase & 0xFFFFF000)
1234 + (romentry & 0xFFFFF000);
1235
1236 /* IDs are in last 4K section */
1237
1238
1239 retval = mem_ap_read_atomic_u32(dap,
1240 component_base + 0xFE0, &c_pid0);
1241 if (retval != ERROR_OK)
1242 return retval;
1243 c_pid0 &= 0xff;
1244 retval = mem_ap_read_atomic_u32(dap,
1245 component_base + 0xFE4, &c_pid1);
1246 if (retval != ERROR_OK)
1247 return retval;
1248 c_pid1 &= 0xff;
1249 retval = mem_ap_read_atomic_u32(dap,
1250 component_base + 0xFE8, &c_pid2);
1251 if (retval != ERROR_OK)
1252 return retval;
1253 c_pid2 &= 0xff;
1254 retval = mem_ap_read_atomic_u32(dap,
1255 component_base + 0xFEC, &c_pid3);
1256 if (retval != ERROR_OK)
1257 return retval;
1258 c_pid3 &= 0xff;
1259 retval = mem_ap_read_atomic_u32(dap,
1260 component_base + 0xFD0, &c_pid4);
1261 if (retval != ERROR_OK)
1262 return retval;
1263 c_pid4 &= 0xff;
1264
1265 retval = mem_ap_read_atomic_u32(dap,
1266 component_base + 0xFF0, &c_cid0);
1267 if (retval != ERROR_OK)
1268 return retval;
1269 c_cid0 &= 0xff;
1270 retval = mem_ap_read_atomic_u32(dap,
1271 component_base + 0xFF4, &c_cid1);
1272 if (retval != ERROR_OK)
1273 return retval;
1274 c_cid1 &= 0xff;
1275 retval = mem_ap_read_atomic_u32(dap,
1276 component_base + 0xFF8, &c_cid2);
1277 if (retval != ERROR_OK)
1278 return retval;
1279 c_cid2 &= 0xff;
1280 retval = mem_ap_read_atomic_u32(dap,
1281 component_base + 0xFFC, &c_cid3);
1282 if (retval != ERROR_OK)
1283 return retval;
1284 c_cid3 &= 0xff;
1285
1286
1287 command_print(cmd_ctx,
1288 "\t\tComponent base address 0x%" PRIx32
1289 ", start address 0x%" PRIx32,
1290 component_base,
1291 /* component may take multiple 4K pages */
1292 component_base - 0x1000*(c_pid4 >> 4));
1293 command_print(cmd_ctx, "\t\tComponent class is 0x%x, %s",
1294 (int) (c_cid1 >> 4) & 0xf,
1295 /* See ARM IHI 0029B Table 3-3 */
1296 class_description[(c_cid1 >> 4) & 0xf]);
1297
1298 /* CoreSight component? */
1299 if (((c_cid1 >> 4) & 0x0f) == 9) {
1300 uint32_t devtype;
1301 unsigned minor;
1302 char *major = "Reserved", *subtype = "Reserved";
1303
1304 retval = mem_ap_read_atomic_u32(dap,
1305 (component_base & 0xfffff000) | 0xfcc,
1306 &devtype);
1307 if (retval != ERROR_OK)
1308 return retval;
1309 minor = (devtype >> 4) & 0x0f;
1310 switch (devtype & 0x0f) {
1311 case 0:
1312 major = "Miscellaneous";
1313 switch (minor) {
1314 case 0:
1315 subtype = "other";
1316 break;
1317 case 4:
1318 subtype = "Validation component";
1319 break;
1320 }
1321 break;
1322 case 1:
1323 major = "Trace Sink";
1324 switch (minor) {
1325 case 0:
1326 subtype = "other";
1327 break;
1328 case 1:
1329 subtype = "Port";
1330 break;
1331 case 2:
1332 subtype = "Buffer";
1333 break;
1334 }
1335 break;
1336 case 2:
1337 major = "Trace Link";
1338 switch (minor) {
1339 case 0:
1340 subtype = "other";
1341 break;
1342 case 1:
1343 subtype = "Funnel, router";
1344 break;
1345 case 2:
1346 subtype = "Filter";
1347 break;
1348 case 3:
1349 subtype = "FIFO, buffer";
1350 break;
1351 }
1352 break;
1353 case 3:
1354 major = "Trace Source";
1355 switch (minor) {
1356 case 0:
1357 subtype = "other";
1358 break;
1359 case 1:
1360 subtype = "Processor";
1361 break;
1362 case 2:
1363 subtype = "DSP";
1364 break;
1365 case 3:
1366 subtype = "Engine/Coprocessor";
1367 break;
1368 case 4:
1369 subtype = "Bus";
1370 break;
1371 }
1372 break;
1373 case 4:
1374 major = "Debug Control";
1375 switch (minor) {
1376 case 0:
1377 subtype = "other";
1378 break;
1379 case 1:
1380 subtype = "Trigger Matrix";
1381 break;
1382 case 2:
1383 subtype = "Debug Auth";
1384 break;
1385 }
1386 break;
1387 case 5:
1388 major = "Debug Logic";
1389 switch (minor) {
1390 case 0:
1391 subtype = "other";
1392 break;
1393 case 1:
1394 subtype = "Processor";
1395 break;
1396 case 2:
1397 subtype = "DSP";
1398 break;
1399 case 3:
1400 subtype = "Engine/Coprocessor";
1401 break;
1402 }
1403 break;
1404 }
1405 command_print(cmd_ctx, "\t\tType is 0x%2.2x, %s, %s",
1406 (unsigned) (devtype & 0xff),
1407 major, subtype);
1408 /* REVISIT also show 0xfc8 DevId */
1409 }
1410
1411 if (!is_dap_cid_ok(cid3, cid2, cid1, cid0))
1412 command_print(cmd_ctx,
1413 "\t\tCID3 0%2.2x"
1414 ", CID2 0%2.2x"
1415 ", CID1 0%2.2x"
1416 ", CID0 0%2.2x",
1417 (int) c_cid3,
1418 (int) c_cid2,
1419 (int)c_cid1,
1420 (int)c_cid0);
1421 command_print(cmd_ctx,
1422 "\t\tPeripheral ID[4..0] = hex "
1423 "%2.2x %2.2x %2.2x %2.2x %2.2x",
1424 (int) c_pid4, (int) c_pid3, (int) c_pid2,
1425 (int) c_pid1, (int) c_pid0);
1426
1427 /* Part number interpretations are from Cortex
1428 * core specs, the CoreSight components TRM
1429 * (ARM DDI 0314H), and ETM specs; also from
1430 * chip observation (e.g. TI SDTI).
1431 */
1432 part_num = (c_pid0 & 0xff);
1433 part_num |= (c_pid1 & 0x0f) << 8;
1434 switch (part_num) {
1435 case 0x000:
1436 type = "Cortex-M3 NVIC";
1437 full = "(Interrupt Controller)";
1438 break;
1439 case 0x001:
1440 type = "Cortex-M3 ITM";
1441 full = "(Instrumentation Trace Module)";
1442 break;
1443 case 0x002:
1444 type = "Cortex-M3 DWT";
1445 full = "(Data Watchpoint and Trace)";
1446 break;
1447 case 0x003:
1448 type = "Cortex-M3 FBP";
1449 full = "(Flash Patch and Breakpoint)";
1450 break;
1451 case 0x00d:
1452 type = "CoreSight ETM11";
1453 full = "(Embedded Trace)";
1454 break;
1455 // case 0x113: what?
1456 case 0x120: /* from OMAP3 memmap */
1457 type = "TI SDTI";
1458 full = "(System Debug Trace Interface)";
1459 break;
1460 case 0x343: /* from OMAP3 memmap */
1461 type = "TI DAPCTL";
1462 full = "";
1463 break;
1464 case 0x906:
1465 type = "Coresight CTI";
1466 full = "(Cross Trigger)";
1467 break;
1468 case 0x907:
1469 type = "Coresight ETB";
1470 full = "(Trace Buffer)";
1471 break;
1472 case 0x908:
1473 type = "Coresight CSTF";
1474 full = "(Trace Funnel)";
1475 break;
1476 case 0x910:
1477 type = "CoreSight ETM9";
1478 full = "(Embedded Trace)";
1479 break;
1480 case 0x912:
1481 type = "Coresight TPIU";
1482 full = "(Trace Port Interface Unit)";
1483 break;
1484 case 0x921:
1485 type = "Cortex-A8 ETM";
1486 full = "(Embedded Trace)";
1487 break;
1488 case 0x922:
1489 type = "Cortex-A8 CTI";
1490 full = "(Cross Trigger)";
1491 break;
1492 case 0x923:
1493 type = "Cortex-M3 TPIU";
1494 full = "(Trace Port Interface Unit)";
1495 break;
1496 case 0x924:
1497 type = "Cortex-M3 ETM";
1498 full = "(Embedded Trace)";
1499 break;
1500 case 0xc08:
1501 type = "Cortex-A8 Debug";
1502 full = "(Debug Unit)";
1503 break;
1504 default:
1505 type = "-*- unrecognized -*-";
1506 full = "";
1507 break;
1508 }
1509 command_print(cmd_ctx, "\t\tPart is %s %s",
1510 type, full);
1511 }
1512 else
1513 {
1514 if (romentry)
1515 command_print(cmd_ctx, "\t\tComponent not present");
1516 else
1517 command_print(cmd_ctx, "\t\tEnd of ROM table");
1518 }
1519 entry_offset += 4;
1520 } while (romentry > 0);
1521 }
1522 else
1523 {
1524 command_print(cmd_ctx, "\tNo ROM table present");
1525 }
1526 dap_ap_select(dap, apselold);
1527
1528 return ERROR_OK;
1529 }
1530
1531 COMMAND_HANDLER(handle_dap_info_command)
1532 {
1533 struct target *target = get_current_target(CMD_CTX);
1534 struct arm *arm = target_to_arm(target);
1535 struct adiv5_dap *dap = arm->dap;
1536 uint32_t apsel;
1537
1538 switch (CMD_ARGC) {
1539 case 0:
1540 apsel = dap->apsel;
1541 break;
1542 case 1:
1543 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], apsel);
1544 break;
1545 default:
1546 return ERROR_COMMAND_SYNTAX_ERROR;
1547 }
1548
1549 return dap_info_command(CMD_CTX, dap, apsel);
1550 }
1551
1552 COMMAND_HANDLER(dap_baseaddr_command)
1553 {
1554 struct target *target = get_current_target(CMD_CTX);
1555 struct arm *arm = target_to_arm(target);
1556 struct adiv5_dap *dap = arm->dap;
1557
1558 uint32_t apsel, apselsave, baseaddr;
1559 int retval;
1560
1561 apselsave = dap->apsel;
1562 switch (CMD_ARGC) {
1563 case 0:
1564 apsel = dap->apsel;
1565 break;
1566 case 1:
1567 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], apsel);
1568 /* AP address is in bits 31:24 of DP_SELECT */
1569 if (apsel >= 256)
1570 return ERROR_INVALID_ARGUMENTS;
1571 break;
1572 default:
1573 return ERROR_COMMAND_SYNTAX_ERROR;
1574 }
1575
1576 if (apselsave != apsel)
1577 dap_ap_select(dap, apsel);
1578
1579 /* NOTE: assumes we're talking to a MEM-AP, which
1580 * has a base address. There are other kinds of AP,
1581 * though they're not common for now. This should
1582 * use the ID register to verify it's a MEM-AP.
1583 */
1584 retval = dap_queue_ap_read(dap, AP_REG_BASE, &baseaddr);
1585 if (retval != ERROR_OK)
1586 return retval;
1587 retval = dap_run(dap);
1588 if (retval != ERROR_OK)
1589 return retval;
1590
1591 command_print(CMD_CTX, "0x%8.8" PRIx32, baseaddr);
1592
1593 if (apselsave != apsel)
1594 dap_ap_select(dap, apselsave);
1595
1596 return retval;
1597 }
1598
1599 COMMAND_HANDLER(dap_memaccess_command)
1600 {
1601 struct target *target = get_current_target(CMD_CTX);
1602 struct arm *arm = target_to_arm(target);
1603 struct adiv5_dap *dap = arm->dap;
1604
1605 uint32_t memaccess_tck;
1606
1607 switch (CMD_ARGC) {
1608 case 0:
1609 memaccess_tck = dap->memaccess_tck;
1610 break;
1611 case 1:
1612 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], memaccess_tck);
1613 break;
1614 default:
1615 return ERROR_COMMAND_SYNTAX_ERROR;
1616 }
1617 dap->memaccess_tck = memaccess_tck;
1618
1619 command_print(CMD_CTX, "memory bus access delay set to %" PRIi32 " tck",
1620 dap->memaccess_tck);
1621
1622 return ERROR_OK;
1623 }
1624
1625 COMMAND_HANDLER(dap_apsel_command)
1626 {
1627 struct target *target = get_current_target(CMD_CTX);
1628 struct arm *arm = target_to_arm(target);
1629 struct adiv5_dap *dap = arm->dap;
1630
1631 uint32_t apsel, apid;
1632 int retval;
1633
1634 switch (CMD_ARGC) {
1635 case 0:
1636 apsel = 0;
1637 break;
1638 case 1:
1639 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], apsel);
1640 /* AP address is in bits 31:24 of DP_SELECT */
1641 if (apsel >= 256)
1642 return ERROR_INVALID_ARGUMENTS;
1643 break;
1644 default:
1645 return ERROR_COMMAND_SYNTAX_ERROR;
1646 }
1647
1648 dap_ap_select(dap, apsel);
1649 retval = dap_queue_ap_read(dap, AP_REG_IDR, &apid);
1650 if (retval != ERROR_OK)
1651 return retval;
1652 retval = dap_run(dap);
1653 if (retval != ERROR_OK)
1654 return retval;
1655
1656 command_print(CMD_CTX, "ap %" PRIi32 " selected, identification register 0x%8.8" PRIx32,
1657 apsel, apid);
1658
1659 return retval;
1660 }
1661
1662 COMMAND_HANDLER(dap_apid_command)
1663 {
1664 struct target *target = get_current_target(CMD_CTX);
1665 struct arm *arm = target_to_arm(target);
1666 struct adiv5_dap *dap = arm->dap;
1667
1668 uint32_t apsel, apselsave, apid;
1669 int retval;
1670
1671 apselsave = dap->apsel;
1672 switch (CMD_ARGC) {
1673 case 0:
1674 apsel = dap->apsel;
1675 break;
1676 case 1:
1677 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], apsel);
1678 /* AP address is in bits 31:24 of DP_SELECT */
1679 if (apsel >= 256)
1680 return ERROR_INVALID_ARGUMENTS;
1681 break;
1682 default:
1683 return ERROR_COMMAND_SYNTAX_ERROR;
1684 }
1685
1686 if (apselsave != apsel)
1687 dap_ap_select(dap, apsel);
1688
1689 retval = dap_queue_ap_read(dap, AP_REG_IDR, &apid);
1690 if (retval != ERROR_OK)
1691 return retval;
1692 retval = dap_run(dap);
1693 if (retval != ERROR_OK)
1694 return retval;
1695
1696 command_print(CMD_CTX, "0x%8.8" PRIx32, apid);
1697 if (apselsave != apsel)
1698 dap_ap_select(dap, apselsave);
1699
1700 return retval;
1701 }
1702
1703 static const struct command_registration dap_commands[] = {
1704 {
1705 .name = "info",
1706 .handler = handle_dap_info_command,
1707 .mode = COMMAND_EXEC,
1708 .help = "display ROM table for MEM-AP "
1709 "(default currently selected AP)",
1710 .usage = "[ap_num]",
1711 },
1712 {
1713 .name = "apsel",
1714 .handler = dap_apsel_command,
1715 .mode = COMMAND_EXEC,
1716 .help = "Set the currently selected AP (default 0) "
1717 "and display the result",
1718 .usage = "[ap_num]",
1719 },
1720 {
1721 .name = "apid",
1722 .handler = dap_apid_command,
1723 .mode = COMMAND_EXEC,
1724 .help = "return ID register from AP "
1725 "(default currently selected AP)",
1726 .usage = "[ap_num]",
1727 },
1728 {
1729 .name = "baseaddr",
1730 .handler = dap_baseaddr_command,
1731 .mode = COMMAND_EXEC,
1732 .help = "return debug base address from MEM-AP "
1733 "(default currently selected AP)",
1734 .usage = "[ap_num]",
1735 },
1736 {
1737 .name = "memaccess",
1738 .handler = dap_memaccess_command,
1739 .mode = COMMAND_EXEC,
1740 .help = "set/get number of extra tck for MEM-AP memory "
1741 "bus access [0-255]",
1742 .usage = "[cycles]",
1743 },
1744 COMMAND_REGISTRATION_DONE
1745 };
1746
1747 const struct command_registration dap_command_handlers[] = {
1748 {
1749 .name = "dap",
1750 .mode = COMMAND_EXEC,
1751 .help = "DAP command group",
1752 .chain = dap_commands,
1753 },
1754 COMMAND_REGISTRATION_DONE
1755 };
1756
1757