Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
jtag: linuxgpiod: drop extra parenthesis
[openocd.git] / src / target / cortex_a.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * Copyright (C) 2006 by Magnus Lundin *
6 * lundin@mlu.mine.nu *
7 * *
8 * Copyright (C) 2008 by Spencer Oliver *
9 * spen@spen-soft.co.uk *
10 * *
11 * Copyright (C) 2009 by Dirk Behme *
12 * dirk.behme@gmail.com - copy from cortex_m3 *
13 * *
14 * Copyright (C) 2010 Øyvind Harboe *
15 * oyvind.harboe@zylin.com *
16 * *
17 * Copyright (C) ST-Ericsson SA 2011 *
18 * michel.jaouen@stericsson.com : smp minimum support *
19 * *
20 * Copyright (C) Broadcom 2012 *
21 * ehunter@broadcom.com : Cortex-R4 support *
22 * *
23 * Copyright (C) 2013 Kamal Dasu *
24 * kdasu.kdev@gmail.com *
25 * *
26 * This program is free software; you can redistribute it and/or modify *
27 * it under the terms of the GNU General Public License as published by *
28 * the Free Software Foundation; either version 2 of the License, or *
29 * (at your option) any later version. *
30 * *
31 * This program is distributed in the hope that it will be useful, *
32 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
33 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
34 * GNU General Public License for more details. *
35 * *
36 * You should have received a copy of the GNU General Public License *
37 * along with this program. If not, see <http://www.gnu.org/licenses/>. *
38 * *
39 * Cortex-A8(tm) TRM, ARM DDI 0344H *
40 * Cortex-A9(tm) TRM, ARM DDI 0407F *
41 * Cortex-A4(tm) TRM, ARM DDI 0363E *
42 * Cortex-A15(tm)TRM, ARM DDI 0438C *
43 * *
44 ***************************************************************************/
45
46 #ifdef HAVE_CONFIG_H
47 #include "config.h"
48 #endif
49
50 #include "breakpoints.h"
51 #include "cortex_a.h"
52 #include "register.h"
53 #include "armv7a_mmu.h"
54 #include "target_request.h"
55 #include "target_type.h"
56 #include "arm_opcodes.h"
57 #include "arm_semihosting.h"
58 #include "jtag/interface.h"
59 #include "transport/transport.h"
60 #include "smp.h"
61 #include <helper/time_support.h>
62
63 static int cortex_a_poll(struct target *target);
64 static int cortex_a_debug_entry(struct target *target);
65 static int cortex_a_restore_context(struct target *target, bool bpwp);
66 static int cortex_a_set_breakpoint(struct target *target,
67 struct breakpoint *breakpoint, uint8_t matchmode);
68 static int cortex_a_set_context_breakpoint(struct target *target,
69 struct breakpoint *breakpoint, uint8_t matchmode);
70 static int cortex_a_set_hybrid_breakpoint(struct target *target,
71 struct breakpoint *breakpoint);
72 static int cortex_a_unset_breakpoint(struct target *target,
73 struct breakpoint *breakpoint);
74 static int cortex_a_wait_dscr_bits(struct target *target, uint32_t mask,
75 uint32_t value, uint32_t *dscr);
76 static int cortex_a_mmu(struct target *target, int *enabled);
77 static int cortex_a_mmu_modify(struct target *target, int enable);
78 static int cortex_a_virt2phys(struct target *target,
79 target_addr_t virt, target_addr_t *phys);
80 static int cortex_a_read_cpu_memory(struct target *target,
81 uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer);
82
83
84 /* restore cp15_control_reg at resume */
85 static int cortex_a_restore_cp15_control_reg(struct target *target)
86 {
87 int retval = ERROR_OK;
88 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
89 struct armv7a_common *armv7a = target_to_armv7a(target);
90
91 if (cortex_a->cp15_control_reg != cortex_a->cp15_control_reg_curr) {
92 cortex_a->cp15_control_reg_curr = cortex_a->cp15_control_reg;
93 /* LOG_INFO("cp15_control_reg: %8.8" PRIx32, cortex_a->cp15_control_reg); */
94 retval = armv7a->arm.mcr(target, 15,
95 0, 0, /* op1, op2 */
96 1, 0, /* CRn, CRm */
97 cortex_a->cp15_control_reg);
98 }
99 return retval;
100 }
101
102 /*
103 * Set up ARM core for memory access.
104 * If !phys_access, switch to SVC mode and make sure MMU is on
105 * If phys_access, switch off mmu
106 */
107 static int cortex_a_prep_memaccess(struct target *target, int phys_access)
108 {
109 struct armv7a_common *armv7a = target_to_armv7a(target);
110 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
111 int mmu_enabled = 0;
112
113 if (phys_access == 0) {
114 arm_dpm_modeswitch(&armv7a->dpm, ARM_MODE_SVC);
115 cortex_a_mmu(target, &mmu_enabled);
116 if (mmu_enabled)
117 cortex_a_mmu_modify(target, 1);
118 if (cortex_a->dacrfixup_mode == CORTEX_A_DACRFIXUP_ON) {
119 /* overwrite DACR to all-manager */
120 armv7a->arm.mcr(target, 15,
121 0, 0, 3, 0,
122 0xFFFFFFFF);
123 }
124 } else {
125 cortex_a_mmu(target, &mmu_enabled);
126 if (mmu_enabled)
127 cortex_a_mmu_modify(target, 0);
128 }
129 return ERROR_OK;
130 }
131
132 /*
133 * Restore ARM core after memory access.
134 * If !phys_access, switch to previous mode
135 * If phys_access, restore MMU setting
136 */
137 static int cortex_a_post_memaccess(struct target *target, int phys_access)
138 {
139 struct armv7a_common *armv7a = target_to_armv7a(target);
140 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
141
142 if (phys_access == 0) {
143 if (cortex_a->dacrfixup_mode == CORTEX_A_DACRFIXUP_ON) {
144 /* restore */
145 armv7a->arm.mcr(target, 15,
146 0, 0, 3, 0,
147 cortex_a->cp15_dacr_reg);
148 }
149 arm_dpm_modeswitch(&armv7a->dpm, ARM_MODE_ANY);
150 } else {
151 int mmu_enabled = 0;
152 cortex_a_mmu(target, &mmu_enabled);
153 if (mmu_enabled)
154 cortex_a_mmu_modify(target, 1);
155 }
156 return ERROR_OK;
157 }
158
159
160 /* modify cp15_control_reg in order to enable or disable mmu for :
161 * - virt2phys address conversion
162 * - read or write memory in phys or virt address */
163 static int cortex_a_mmu_modify(struct target *target, int enable)
164 {
165 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
166 struct armv7a_common *armv7a = target_to_armv7a(target);
167 int retval = ERROR_OK;
168 int need_write = 0;
169
170 if (enable) {
171 /* if mmu enabled at target stop and mmu not enable */
172 if (!(cortex_a->cp15_control_reg & 0x1U)) {
173 LOG_ERROR("trying to enable mmu on target stopped with mmu disable");
174 return ERROR_FAIL;
175 }
176 if ((cortex_a->cp15_control_reg_curr & 0x1U) == 0) {
177 cortex_a->cp15_control_reg_curr |= 0x1U;
178 need_write = 1;
179 }
180 } else {
181 if ((cortex_a->cp15_control_reg_curr & 0x1U) == 0x1U) {
182 cortex_a->cp15_control_reg_curr &= ~0x1U;
183 need_write = 1;
184 }
185 }
186
187 if (need_write) {
188 LOG_DEBUG("%s, writing cp15 ctrl: %" PRIx32,
189 enable ? "enable mmu" : "disable mmu",
190 cortex_a->cp15_control_reg_curr);
191
192 retval = armv7a->arm.mcr(target, 15,
193 0, 0, /* op1, op2 */
194 1, 0, /* CRn, CRm */
195 cortex_a->cp15_control_reg_curr);
196 }
197 return retval;
198 }
199
200 /*
201 * Cortex-A Basic debug access, very low level assumes state is saved
202 */
203 static int cortex_a_init_debug_access(struct target *target)
204 {
205 struct armv7a_common *armv7a = target_to_armv7a(target);
206 uint32_t dscr;
207 int retval;
208
209 /* lock memory-mapped access to debug registers to prevent
210 * software interference */
211 retval = mem_ap_write_u32(armv7a->debug_ap,
212 armv7a->debug_base + CPUDBG_LOCKACCESS, 0);
213 if (retval != ERROR_OK)
214 return retval;
215
216 /* Disable cacheline fills and force cache write-through in debug state */
217 retval = mem_ap_write_u32(armv7a->debug_ap,
218 armv7a->debug_base + CPUDBG_DSCCR, 0);
219 if (retval != ERROR_OK)
220 return retval;
221
222 /* Disable TLB lookup and refill/eviction in debug state */
223 retval = mem_ap_write_u32(armv7a->debug_ap,
224 armv7a->debug_base + CPUDBG_DSMCR, 0);
225 if (retval != ERROR_OK)
226 return retval;
227
228 retval = dap_run(armv7a->debug_ap->dap);
229 if (retval != ERROR_OK)
230 return retval;
231
232 /* Enabling of instruction execution in debug mode is done in debug_entry code */
233
234 /* Resync breakpoint registers */
235
236 /* Enable halt for breakpoint, watchpoint and vector catch */
237 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
238 armv7a->debug_base + CPUDBG_DSCR, &dscr);
239 if (retval != ERROR_OK)
240 return retval;
241 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
242 armv7a->debug_base + CPUDBG_DSCR, dscr | DSCR_HALT_DBG_MODE);
243 if (retval != ERROR_OK)
244 return retval;
245
246 /* Since this is likely called from init or reset, update target state information*/
247 return cortex_a_poll(target);
248 }
249
250 static int cortex_a_wait_instrcmpl(struct target *target, uint32_t *dscr, bool force)
251 {
252 /* Waits until InstrCmpl_l becomes 1, indicating instruction is done.
253 * Writes final value of DSCR into *dscr. Pass force to force always
254 * reading DSCR at least once. */
255 struct armv7a_common *armv7a = target_to_armv7a(target);
256 int retval;
257
258 if (force) {
259 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
260 armv7a->debug_base + CPUDBG_DSCR, dscr);
261 if (retval != ERROR_OK) {
262 LOG_ERROR("Could not read DSCR register");
263 return retval;
264 }
265 }
266
267 retval = cortex_a_wait_dscr_bits(target, DSCR_INSTR_COMP, DSCR_INSTR_COMP, dscr);
268 if (retval != ERROR_OK)
269 LOG_ERROR("Error waiting for InstrCompl=1");
270 return retval;
271 }
272
273 /* To reduce needless round-trips, pass in a pointer to the current
274 * DSCR value. Initialize it to zero if you just need to know the
275 * value on return from this function; or DSCR_INSTR_COMP if you
276 * happen to know that no instruction is pending.
277 */
278 static int cortex_a_exec_opcode(struct target *target,
279 uint32_t opcode, uint32_t *dscr_p)
280 {
281 uint32_t dscr;
282 int retval;
283 struct armv7a_common *armv7a = target_to_armv7a(target);
284
285 dscr = dscr_p ? *dscr_p : 0;
286
287 LOG_DEBUG("exec opcode 0x%08" PRIx32, opcode);
288
289 /* Wait for InstrCompl bit to be set */
290 retval = cortex_a_wait_instrcmpl(target, dscr_p, false);
291 if (retval != ERROR_OK)
292 return retval;
293
294 retval = mem_ap_write_u32(armv7a->debug_ap,
295 armv7a->debug_base + CPUDBG_ITR, opcode);
296 if (retval != ERROR_OK)
297 return retval;
298
299 /* Wait for InstrCompl bit to be set */
300 retval = cortex_a_wait_instrcmpl(target, &dscr, true);
301 if (retval != ERROR_OK) {
302 LOG_ERROR("Error waiting for cortex_a_exec_opcode");
303 return retval;
304 }
305
306 if (dscr_p)
307 *dscr_p = dscr;
308
309 return retval;
310 }
311
312 /* Write to memory mapped registers directly with no cache or mmu handling */
313 static int cortex_a_dap_write_memap_register_u32(struct target *target,
314 uint32_t address,
315 uint32_t value)
316 {
317 int retval;
318 struct armv7a_common *armv7a = target_to_armv7a(target);
319
320 retval = mem_ap_write_atomic_u32(armv7a->debug_ap, address, value);
321
322 return retval;
323 }
324
325 /*
326 * Cortex-A implementation of Debug Programmer's Model
327 *
328 * NOTE the invariant: these routines return with DSCR_INSTR_COMP set,
329 * so there's no need to poll for it before executing an instruction.
330 *
331 * NOTE that in several of these cases the "stall" mode might be useful.
332 * It'd let us queue a few operations together... prepare/finish might
333 * be the places to enable/disable that mode.
334 */
335
336 static inline struct cortex_a_common *dpm_to_a(struct arm_dpm *dpm)
337 {
338 return container_of(dpm, struct cortex_a_common, armv7a_common.dpm);
339 }
340
341 static int cortex_a_write_dcc(struct cortex_a_common *a, uint32_t data)
342 {
343 LOG_DEBUG("write DCC 0x%08" PRIx32, data);
344 return mem_ap_write_u32(a->armv7a_common.debug_ap,
345 a->armv7a_common.debug_base + CPUDBG_DTRRX, data);
346 }
347
348 static int cortex_a_read_dcc(struct cortex_a_common *a, uint32_t *data,
349 uint32_t *dscr_p)
350 {
351 uint32_t dscr = DSCR_INSTR_COMP;
352 int retval;
353
354 if (dscr_p)
355 dscr = *dscr_p;
356
357 /* Wait for DTRRXfull */
358 retval = cortex_a_wait_dscr_bits(a->armv7a_common.arm.target,
359 DSCR_DTR_TX_FULL, DSCR_DTR_TX_FULL, &dscr);
360 if (retval != ERROR_OK) {
361 LOG_ERROR("Error waiting for read dcc");
362 return retval;
363 }
364
365 retval = mem_ap_read_atomic_u32(a->armv7a_common.debug_ap,
366 a->armv7a_common.debug_base + CPUDBG_DTRTX, data);
367 if (retval != ERROR_OK)
368 return retval;
369 /* LOG_DEBUG("read DCC 0x%08" PRIx32, *data); */
370
371 if (dscr_p)
372 *dscr_p = dscr;
373
374 return retval;
375 }
376
377 static int cortex_a_dpm_prepare(struct arm_dpm *dpm)
378 {
379 struct cortex_a_common *a = dpm_to_a(dpm);
380 uint32_t dscr;
381 int retval;
382
383 /* set up invariant: INSTR_COMP is set after ever DPM operation */
384 retval = cortex_a_wait_instrcmpl(dpm->arm->target, &dscr, true);
385 if (retval != ERROR_OK) {
386 LOG_ERROR("Error waiting for dpm prepare");
387 return retval;
388 }
389
390 /* this "should never happen" ... */
391 if (dscr & DSCR_DTR_RX_FULL) {
392 LOG_ERROR("DSCR_DTR_RX_FULL, dscr 0x%08" PRIx32, dscr);
393 /* Clear DCCRX */
394 retval = cortex_a_exec_opcode(
395 a->armv7a_common.arm.target,
396 ARMV4_5_MRC(14, 0, 0, 0, 5, 0),
397 &dscr);
398 if (retval != ERROR_OK)
399 return retval;
400 }
401
402 return retval;
403 }
404
405 static int cortex_a_dpm_finish(struct arm_dpm *dpm)
406 {
407 /* REVISIT what could be done here? */
408 return ERROR_OK;
409 }
410
411 static int cortex_a_instr_write_data_dcc(struct arm_dpm *dpm,
412 uint32_t opcode, uint32_t data)
413 {
414 struct cortex_a_common *a = dpm_to_a(dpm);
415 int retval;
416 uint32_t dscr = DSCR_INSTR_COMP;
417
418 retval = cortex_a_write_dcc(a, data);
419 if (retval != ERROR_OK)
420 return retval;
421
422 return cortex_a_exec_opcode(
423 a->armv7a_common.arm.target,
424 opcode,
425 &dscr);
426 }
427
428 static int cortex_a_instr_write_data_rt_dcc(struct arm_dpm *dpm,
429 uint8_t rt, uint32_t data)
430 {
431 struct cortex_a_common *a = dpm_to_a(dpm);
432 uint32_t dscr = DSCR_INSTR_COMP;
433 int retval;
434
435 if (rt > 15)
436 return ERROR_TARGET_INVALID;
437
438 retval = cortex_a_write_dcc(a, data);
439 if (retval != ERROR_OK)
440 return retval;
441
442 /* DCCRX to Rt, "MCR p14, 0, R0, c0, c5, 0", 0xEE000E15 */
443 return cortex_a_exec_opcode(
444 a->armv7a_common.arm.target,
445 ARMV4_5_MRC(14, 0, rt, 0, 5, 0),
446 &dscr);
447 }
448
449 static int cortex_a_instr_write_data_r0(struct arm_dpm *dpm,
450 uint32_t opcode, uint32_t data)
451 {
452 struct cortex_a_common *a = dpm_to_a(dpm);
453 uint32_t dscr = DSCR_INSTR_COMP;
454 int retval;
455
456 retval = cortex_a_instr_write_data_rt_dcc(dpm, 0, data);
457 if (retval != ERROR_OK)
458 return retval;
459
460 /* then the opcode, taking data from R0 */
461 retval = cortex_a_exec_opcode(
462 a->armv7a_common.arm.target,
463 opcode,
464 &dscr);
465
466 return retval;
467 }
468
469 static int cortex_a_instr_cpsr_sync(struct arm_dpm *dpm)
470 {
471 struct target *target = dpm->arm->target;
472 uint32_t dscr = DSCR_INSTR_COMP;
473
474 /* "Prefetch flush" after modifying execution status in CPSR */
475 return cortex_a_exec_opcode(target,
476 ARMV4_5_MCR(15, 0, 0, 7, 5, 4),
477 &dscr);
478 }
479
480 static int cortex_a_instr_read_data_dcc(struct arm_dpm *dpm,
481 uint32_t opcode, uint32_t *data)
482 {
483 struct cortex_a_common *a = dpm_to_a(dpm);
484 int retval;
485 uint32_t dscr = DSCR_INSTR_COMP;
486
487 /* the opcode, writing data to DCC */
488 retval = cortex_a_exec_opcode(
489 a->armv7a_common.arm.target,
490 opcode,
491 &dscr);
492 if (retval != ERROR_OK)
493 return retval;
494
495 return cortex_a_read_dcc(a, data, &dscr);
496 }
497
498 static int cortex_a_instr_read_data_rt_dcc(struct arm_dpm *dpm,
499 uint8_t rt, uint32_t *data)
500 {
501 struct cortex_a_common *a = dpm_to_a(dpm);
502 uint32_t dscr = DSCR_INSTR_COMP;
503 int retval;
504
505 if (rt > 15)
506 return ERROR_TARGET_INVALID;
507
508 retval = cortex_a_exec_opcode(
509 a->armv7a_common.arm.target,
510 ARMV4_5_MCR(14, 0, rt, 0, 5, 0),
511 &dscr);
512 if (retval != ERROR_OK)
513 return retval;
514
515 return cortex_a_read_dcc(a, data, &dscr);
516 }
517
518 static int cortex_a_instr_read_data_r0(struct arm_dpm *dpm,
519 uint32_t opcode, uint32_t *data)
520 {
521 struct cortex_a_common *a = dpm_to_a(dpm);
522 uint32_t dscr = DSCR_INSTR_COMP;
523 int retval;
524
525 /* the opcode, writing data to R0 */
526 retval = cortex_a_exec_opcode(
527 a->armv7a_common.arm.target,
528 opcode,
529 &dscr);
530 if (retval != ERROR_OK)
531 return retval;
532
533 /* write R0 to DCC */
534 return cortex_a_instr_read_data_rt_dcc(dpm, 0, data);
535 }
536
537 static int cortex_a_bpwp_enable(struct arm_dpm *dpm, unsigned index_t,
538 uint32_t addr, uint32_t control)
539 {
540 struct cortex_a_common *a = dpm_to_a(dpm);
541 uint32_t vr = a->armv7a_common.debug_base;
542 uint32_t cr = a->armv7a_common.debug_base;
543 int retval;
544
545 switch (index_t) {
546 case 0 ... 15: /* breakpoints */
547 vr += CPUDBG_BVR_BASE;
548 cr += CPUDBG_BCR_BASE;
549 break;
550 case 16 ... 31: /* watchpoints */
551 vr += CPUDBG_WVR_BASE;
552 cr += CPUDBG_WCR_BASE;
553 index_t -= 16;
554 break;
555 default:
556 return ERROR_FAIL;
557 }
558 vr += 4 * index_t;
559 cr += 4 * index_t;
560
561 LOG_DEBUG("A: bpwp enable, vr %08x cr %08x",
562 (unsigned) vr, (unsigned) cr);
563
564 retval = cortex_a_dap_write_memap_register_u32(dpm->arm->target,
565 vr, addr);
566 if (retval != ERROR_OK)
567 return retval;
568 retval = cortex_a_dap_write_memap_register_u32(dpm->arm->target,
569 cr, control);
570 return retval;
571 }
572
573 static int cortex_a_bpwp_disable(struct arm_dpm *dpm, unsigned index_t)
574 {
575 struct cortex_a_common *a = dpm_to_a(dpm);
576 uint32_t cr;
577
578 switch (index_t) {
579 case 0 ... 15:
580 cr = a->armv7a_common.debug_base + CPUDBG_BCR_BASE;
581 break;
582 case 16 ... 31:
583 cr = a->armv7a_common.debug_base + CPUDBG_WCR_BASE;
584 index_t -= 16;
585 break;
586 default:
587 return ERROR_FAIL;
588 }
589 cr += 4 * index_t;
590
591 LOG_DEBUG("A: bpwp disable, cr %08x", (unsigned) cr);
592
593 /* clear control register */
594 return cortex_a_dap_write_memap_register_u32(dpm->arm->target, cr, 0);
595 }
596
597 static int cortex_a_dpm_setup(struct cortex_a_common *a, uint32_t didr)
598 {
599 struct arm_dpm *dpm = &a->armv7a_common.dpm;
600 int retval;
601
602 dpm->arm = &a->armv7a_common.arm;
603 dpm->didr = didr;
604
605 dpm->prepare = cortex_a_dpm_prepare;
606 dpm->finish = cortex_a_dpm_finish;
607
608 dpm->instr_write_data_dcc = cortex_a_instr_write_data_dcc;
609 dpm->instr_write_data_r0 = cortex_a_instr_write_data_r0;
610 dpm->instr_cpsr_sync = cortex_a_instr_cpsr_sync;
611
612 dpm->instr_read_data_dcc = cortex_a_instr_read_data_dcc;
613 dpm->instr_read_data_r0 = cortex_a_instr_read_data_r0;
614
615 dpm->bpwp_enable = cortex_a_bpwp_enable;
616 dpm->bpwp_disable = cortex_a_bpwp_disable;
617
618 retval = arm_dpm_setup(dpm);
619 if (retval == ERROR_OK)
620 retval = arm_dpm_initialize(dpm);
621
622 return retval;
623 }
624 static struct target *get_cortex_a(struct target *target, int32_t coreid)
625 {
626 struct target_list *head;
627 struct target *curr;
628
629 head = target->head;
630 while (head != (struct target_list *)NULL) {
631 curr = head->target;
632 if ((curr->coreid == coreid) && (curr->state == TARGET_HALTED))
633 return curr;
634 head = head->next;
635 }
636 return target;
637 }
638 static int cortex_a_halt(struct target *target);
639
640 static int cortex_a_halt_smp(struct target *target)
641 {
642 int retval = 0;
643 struct target_list *head;
644 struct target *curr;
645 head = target->head;
646 while (head != (struct target_list *)NULL) {
647 curr = head->target;
648 if ((curr != target) && (curr->state != TARGET_HALTED)
649 && target_was_examined(curr))
650 retval += cortex_a_halt(curr);
651 head = head->next;
652 }
653 return retval;
654 }
655
656 static int update_halt_gdb(struct target *target)
657 {
658 struct target *gdb_target = NULL;
659 struct target_list *head;
660 struct target *curr;
661 int retval = 0;
662
663 if (target->gdb_service && target->gdb_service->core[0] == -1) {
664 target->gdb_service->target = target;
665 target->gdb_service->core[0] = target->coreid;
666 retval += cortex_a_halt_smp(target);
667 }
668
669 if (target->gdb_service)
670 gdb_target = target->gdb_service->target;
671
672 foreach_smp_target(head, target->head) {
673 curr = head->target;
674 /* skip calling context */
675 if (curr == target)
676 continue;
677 if (!target_was_examined(curr))
678 continue;
679 /* skip targets that were already halted */
680 if (curr->state == TARGET_HALTED)
681 continue;
682 /* Skip gdb_target; it alerts GDB so has to be polled as last one */
683 if (curr == gdb_target)
684 continue;
685
686 /* avoid recursion in cortex_a_poll() */
687 curr->smp = 0;
688 cortex_a_poll(curr);
689 curr->smp = 1;
690 }
691
692 /* after all targets were updated, poll the gdb serving target */
693 if (gdb_target != NULL && gdb_target != target)
694 cortex_a_poll(gdb_target);
695 return retval;
696 }
697
698 /*
699 * Cortex-A Run control
700 */
701
702 static int cortex_a_poll(struct target *target)
703 {
704 int retval = ERROR_OK;
705 uint32_t dscr;
706 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
707 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
708 enum target_state prev_target_state = target->state;
709 /* toggle to another core is done by gdb as follow */
710 /* maint packet J core_id */
711 /* continue */
712 /* the next polling trigger an halt event sent to gdb */
713 if ((target->state == TARGET_HALTED) && (target->smp) &&
714 (target->gdb_service) &&
715 (target->gdb_service->target == NULL)) {
716 target->gdb_service->target =
717 get_cortex_a(target, target->gdb_service->core[1]);
718 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
719 return retval;
720 }
721 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
722 armv7a->debug_base + CPUDBG_DSCR, &dscr);
723 if (retval != ERROR_OK)
724 return retval;
725 cortex_a->cpudbg_dscr = dscr;
726
727 if (DSCR_RUN_MODE(dscr) == (DSCR_CORE_HALTED | DSCR_CORE_RESTARTED)) {
728 if (prev_target_state != TARGET_HALTED) {
729 /* We have a halting debug event */
730 LOG_DEBUG("Target halted");
731 target->state = TARGET_HALTED;
732
733 retval = cortex_a_debug_entry(target);
734 if (retval != ERROR_OK)
735 return retval;
736
737 if (target->smp) {
738 retval = update_halt_gdb(target);
739 if (retval != ERROR_OK)
740 return retval;
741 }
742
743 if (prev_target_state == TARGET_DEBUG_RUNNING) {
744 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
745 } else { /* prev_target_state is RUNNING, UNKNOWN or RESET */
746 if (arm_semihosting(target, &retval) != 0)
747 return retval;
748
749 target_call_event_callbacks(target,
750 TARGET_EVENT_HALTED);
751 }
752 }
753 } else
754 target->state = TARGET_RUNNING;
755
756 return retval;
757 }
758
759 static int cortex_a_halt(struct target *target)
760 {
761 int retval;
762 uint32_t dscr;
763 struct armv7a_common *armv7a = target_to_armv7a(target);
764
765 /*
766 * Tell the core to be halted by writing DRCR with 0x1
767 * and then wait for the core to be halted.
768 */
769 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
770 armv7a->debug_base + CPUDBG_DRCR, DRCR_HALT);
771 if (retval != ERROR_OK)
772 return retval;
773
774 dscr = 0; /* force read of dscr */
775 retval = cortex_a_wait_dscr_bits(target, DSCR_CORE_HALTED,
776 DSCR_CORE_HALTED, &dscr);
777 if (retval != ERROR_OK) {
778 LOG_ERROR("Error waiting for halt");
779 return retval;
780 }
781
782 target->debug_reason = DBG_REASON_DBGRQ;
783
784 return ERROR_OK;
785 }
786
787 static int cortex_a_internal_restore(struct target *target, int current,
788 target_addr_t *address, int handle_breakpoints, int debug_execution)
789 {
790 struct armv7a_common *armv7a = target_to_armv7a(target);
791 struct arm *arm = &armv7a->arm;
792 int retval;
793 uint32_t resume_pc;
794
795 if (!debug_execution)
796 target_free_all_working_areas(target);
797
798 #if 0
799 if (debug_execution) {
800 /* Disable interrupts */
801 /* We disable interrupts in the PRIMASK register instead of
802 * masking with C_MASKINTS,
803 * This is probably the same issue as Cortex-M3 Errata 377493:
804 * C_MASKINTS in parallel with disabled interrupts can cause
805 * local faults to not be taken. */
806 buf_set_u32(armv7m->core_cache->reg_list[ARMV7M_PRIMASK].value, 0, 32, 1);
807 armv7m->core_cache->reg_list[ARMV7M_PRIMASK].dirty = true;
808 armv7m->core_cache->reg_list[ARMV7M_PRIMASK].valid = true;
809
810 /* Make sure we are in Thumb mode */
811 buf_set_u32(armv7m->core_cache->reg_list[ARMV7M_xPSR].value, 0, 32,
812 buf_get_u32(armv7m->core_cache->reg_list[ARMV7M_xPSR].value, 0,
813 32) | (1 << 24));
814 armv7m->core_cache->reg_list[ARMV7M_xPSR].dirty = true;
815 armv7m->core_cache->reg_list[ARMV7M_xPSR].valid = true;
816 }
817 #endif
818
819 /* current = 1: continue on current pc, otherwise continue at <address> */
820 resume_pc = buf_get_u32(arm->pc->value, 0, 32);
821 if (!current)
822 resume_pc = *address;
823 else
824 *address = resume_pc;
825
826 /* Make sure that the Armv7 gdb thumb fixups does not
827 * kill the return address
828 */
829 switch (arm->core_state) {
830 case ARM_STATE_ARM:
831 resume_pc &= 0xFFFFFFFC;
832 break;
833 case ARM_STATE_THUMB:
834 case ARM_STATE_THUMB_EE:
835 /* When the return address is loaded into PC
836 * bit 0 must be 1 to stay in Thumb state
837 */
838 resume_pc |= 0x1;
839 break;
840 case ARM_STATE_JAZELLE:
841 LOG_ERROR("How do I resume into Jazelle state??");
842 return ERROR_FAIL;
843 case ARM_STATE_AARCH64:
844 LOG_ERROR("Shouldn't be in AARCH64 state");
845 return ERROR_FAIL;
846 }
847 LOG_DEBUG("resume pc = 0x%08" PRIx32, resume_pc);
848 buf_set_u32(arm->pc->value, 0, 32, resume_pc);
849 arm->pc->dirty = true;
850 arm->pc->valid = true;
851
852 /* restore dpm_mode at system halt */
853 arm_dpm_modeswitch(&armv7a->dpm, ARM_MODE_ANY);
854 /* called it now before restoring context because it uses cpu
855 * register r0 for restoring cp15 control register */
856 retval = cortex_a_restore_cp15_control_reg(target);
857 if (retval != ERROR_OK)
858 return retval;
859 retval = cortex_a_restore_context(target, handle_breakpoints);
860 if (retval != ERROR_OK)
861 return retval;
862 target->debug_reason = DBG_REASON_NOTHALTED;
863 target->state = TARGET_RUNNING;
864
865 /* registers are now invalid */
866 register_cache_invalidate(arm->core_cache);
867
868 #if 0
869 /* the front-end may request us not to handle breakpoints */
870 if (handle_breakpoints) {
871 /* Single step past breakpoint at current address */
872 breakpoint = breakpoint_find(target, resume_pc);
873 if (breakpoint) {
874 LOG_DEBUG("unset breakpoint at 0x%8.8x", breakpoint->address);
875 cortex_m3_unset_breakpoint(target, breakpoint);
876 cortex_m3_single_step_core(target);
877 cortex_m3_set_breakpoint(target, breakpoint);
878 }
879 }
880
881 #endif
882 return retval;
883 }
884
885 static int cortex_a_internal_restart(struct target *target)
886 {
887 struct armv7a_common *armv7a = target_to_armv7a(target);
888 struct arm *arm = &armv7a->arm;
889 int retval;
890 uint32_t dscr;
891 /*
892 * * Restart core and wait for it to be started. Clear ITRen and sticky
893 * * exception flags: see ARMv7 ARM, C5.9.
894 *
895 * REVISIT: for single stepping, we probably want to
896 * disable IRQs by default, with optional override...
897 */
898
899 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
900 armv7a->debug_base + CPUDBG_DSCR, &dscr);
901 if (retval != ERROR_OK)
902 return retval;
903
904 if ((dscr & DSCR_INSTR_COMP) == 0)
905 LOG_ERROR("DSCR InstrCompl must be set before leaving debug!");
906
907 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
908 armv7a->debug_base + CPUDBG_DSCR, dscr & ~DSCR_ITR_EN);
909 if (retval != ERROR_OK)
910 return retval;
911
912 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
913 armv7a->debug_base + CPUDBG_DRCR, DRCR_RESTART |
914 DRCR_CLEAR_EXCEPTIONS);
915 if (retval != ERROR_OK)
916 return retval;
917
918 dscr = 0; /* force read of dscr */
919 retval = cortex_a_wait_dscr_bits(target, DSCR_CORE_RESTARTED,
920 DSCR_CORE_RESTARTED, &dscr);
921 if (retval != ERROR_OK) {
922 LOG_ERROR("Error waiting for resume");
923 return retval;
924 }
925
926 target->debug_reason = DBG_REASON_NOTHALTED;
927 target->state = TARGET_RUNNING;
928
929 /* registers are now invalid */
930 register_cache_invalidate(arm->core_cache);
931
932 return ERROR_OK;
933 }
934
935 static int cortex_a_restore_smp(struct target *target, int handle_breakpoints)
936 {
937 int retval = 0;
938 struct target_list *head;
939 struct target *curr;
940 target_addr_t address;
941 head = target->head;
942 while (head != (struct target_list *)NULL) {
943 curr = head->target;
944 if ((curr != target) && (curr->state != TARGET_RUNNING)
945 && target_was_examined(curr)) {
946 /* resume current address , not in step mode */
947 retval += cortex_a_internal_restore(curr, 1, &address,
948 handle_breakpoints, 0);
949 retval += cortex_a_internal_restart(curr);
950 }
951 head = head->next;
952
953 }
954 return retval;
955 }
956
957 static int cortex_a_resume(struct target *target, int current,
958 target_addr_t address, int handle_breakpoints, int debug_execution)
959 {
960 int retval = 0;
961 /* dummy resume for smp toggle in order to reduce gdb impact */
962 if ((target->smp) && (target->gdb_service->core[1] != -1)) {
963 /* simulate a start and halt of target */
964 target->gdb_service->target = NULL;
965 target->gdb_service->core[0] = target->gdb_service->core[1];
966 /* fake resume at next poll we play the target core[1], see poll*/
967 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
968 return 0;
969 }
970 cortex_a_internal_restore(target, current, &address, handle_breakpoints, debug_execution);
971 if (target->smp) {
972 target->gdb_service->core[0] = -1;
973 retval = cortex_a_restore_smp(target, handle_breakpoints);
974 if (retval != ERROR_OK)
975 return retval;
976 }
977 cortex_a_internal_restart(target);
978
979 if (!debug_execution) {
980 target->state = TARGET_RUNNING;
981 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
982 LOG_DEBUG("target resumed at " TARGET_ADDR_FMT, address);
983 } else {
984 target->state = TARGET_DEBUG_RUNNING;
985 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
986 LOG_DEBUG("target debug resumed at " TARGET_ADDR_FMT, address);
987 }
988
989 return ERROR_OK;
990 }
991
992 static int cortex_a_debug_entry(struct target *target)
993 {
994 uint32_t dscr;
995 int retval = ERROR_OK;
996 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
997 struct armv7a_common *armv7a = target_to_armv7a(target);
998 struct arm *arm = &armv7a->arm;
999
1000 LOG_DEBUG("dscr = 0x%08" PRIx32, cortex_a->cpudbg_dscr);
1001
1002 /* REVISIT surely we should not re-read DSCR !! */
1003 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
1004 armv7a->debug_base + CPUDBG_DSCR, &dscr);
1005 if (retval != ERROR_OK)
1006 return retval;
1007
1008 /* REVISIT see A TRM 12.11.4 steps 2..3 -- make sure that any
1009 * imprecise data aborts get discarded by issuing a Data
1010 * Synchronization Barrier: ARMV4_5_MCR(15, 0, 0, 7, 10, 4).
1011 */
1012
1013 /* Enable the ITR execution once we are in debug mode */
1014 dscr |= DSCR_ITR_EN;
1015 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
1016 armv7a->debug_base + CPUDBG_DSCR, dscr);
1017 if (retval != ERROR_OK)
1018 return retval;
1019
1020 /* Examine debug reason */
1021 arm_dpm_report_dscr(&armv7a->dpm, cortex_a->cpudbg_dscr);
1022
1023 /* save address of instruction that triggered the watchpoint? */
1024 if (target->debug_reason == DBG_REASON_WATCHPOINT) {
1025 uint32_t wfar;
1026
1027 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
1028 armv7a->debug_base + CPUDBG_WFAR,
1029 &wfar);
1030 if (retval != ERROR_OK)
1031 return retval;
1032 arm_dpm_report_wfar(&armv7a->dpm, wfar);
1033 }
1034
1035 /* First load register accessible through core debug port */
1036 retval = arm_dpm_read_current_registers(&armv7a->dpm);
1037 if (retval != ERROR_OK)
1038 return retval;
1039
1040 if (arm->spsr) {
1041 /* read SPSR */
1042 retval = arm_dpm_read_reg(&armv7a->dpm, arm->spsr, 17);
1043 if (retval != ERROR_OK)
1044 return retval;
1045 }
1046
1047 #if 0
1048 /* TODO, Move this */
1049 uint32_t cp15_control_register, cp15_cacr, cp15_nacr;
1050 cortex_a_read_cp(target, &cp15_control_register, 15, 0, 1, 0, 0);
1051 LOG_DEBUG("cp15_control_register = 0x%08x", cp15_control_register);
1052
1053 cortex_a_read_cp(target, &cp15_cacr, 15, 0, 1, 0, 2);
1054 LOG_DEBUG("cp15 Coprocessor Access Control Register = 0x%08x", cp15_cacr);
1055
1056 cortex_a_read_cp(target, &cp15_nacr, 15, 0, 1, 1, 2);
1057 LOG_DEBUG("cp15 Nonsecure Access Control Register = 0x%08x", cp15_nacr);
1058 #endif
1059
1060 /* Are we in an exception handler */
1061 /* armv4_5->exception_number = 0; */
1062 if (armv7a->post_debug_entry) {
1063 retval = armv7a->post_debug_entry(target);
1064 if (retval != ERROR_OK)
1065 return retval;
1066 }
1067
1068 return retval;
1069 }
1070
1071 static int cortex_a_post_debug_entry(struct target *target)
1072 {
1073 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1074 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
1075 int retval;
1076
1077 /* MRC p15,0,<Rt>,c1,c0,0 ; Read CP15 System Control Register */
1078 retval = armv7a->arm.mrc(target, 15,
1079 0, 0, /* op1, op2 */
1080 1, 0, /* CRn, CRm */
1081 &cortex_a->cp15_control_reg);
1082 if (retval != ERROR_OK)
1083 return retval;
1084 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32, cortex_a->cp15_control_reg);
1085 cortex_a->cp15_control_reg_curr = cortex_a->cp15_control_reg;
1086
1087 if (!armv7a->is_armv7r)
1088 armv7a_read_ttbcr(target);
1089
1090 if (armv7a->armv7a_mmu.armv7a_cache.info == -1)
1091 armv7a_identify_cache(target);
1092
1093 if (armv7a->is_armv7r) {
1094 armv7a->armv7a_mmu.mmu_enabled = 0;
1095 } else {
1096 armv7a->armv7a_mmu.mmu_enabled =
1097 (cortex_a->cp15_control_reg & 0x1U) ? 1 : 0;
1098 }
1099 armv7a->armv7a_mmu.armv7a_cache.d_u_cache_enabled =
1100 (cortex_a->cp15_control_reg & 0x4U) ? 1 : 0;
1101 armv7a->armv7a_mmu.armv7a_cache.i_cache_enabled =
1102 (cortex_a->cp15_control_reg & 0x1000U) ? 1 : 0;
1103 cortex_a->curr_mode = armv7a->arm.core_mode;
1104
1105 /* switch to SVC mode to read DACR */
1106 arm_dpm_modeswitch(&armv7a->dpm, ARM_MODE_SVC);
1107 armv7a->arm.mrc(target, 15,
1108 0, 0, 3, 0,
1109 &cortex_a->cp15_dacr_reg);
1110
1111 LOG_DEBUG("cp15_dacr_reg: %8.8" PRIx32,
1112 cortex_a->cp15_dacr_reg);
1113
1114 arm_dpm_modeswitch(&armv7a->dpm, ARM_MODE_ANY);
1115 return ERROR_OK;
1116 }
1117
1118 int cortex_a_set_dscr_bits(struct target *target, unsigned long bit_mask, unsigned long value)
1119 {
1120 struct armv7a_common *armv7a = target_to_armv7a(target);
1121 uint32_t dscr;
1122
1123 /* Read DSCR */
1124 int retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
1125 armv7a->debug_base + CPUDBG_DSCR, &dscr);
1126 if (ERROR_OK != retval)
1127 return retval;
1128
1129 /* clear bitfield */
1130 dscr &= ~bit_mask;
1131 /* put new value */
1132 dscr |= value & bit_mask;
1133
1134 /* write new DSCR */
1135 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
1136 armv7a->debug_base + CPUDBG_DSCR, dscr);
1137 return retval;
1138 }
1139
1140 static int cortex_a_step(struct target *target, int current, target_addr_t address,
1141 int handle_breakpoints)
1142 {
1143 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1144 struct armv7a_common *armv7a = target_to_armv7a(target);
1145 struct arm *arm = &armv7a->arm;
1146 struct breakpoint *breakpoint = NULL;
1147 struct breakpoint stepbreakpoint;
1148 struct reg *r;
1149 int retval;
1150
1151 if (target->state != TARGET_HALTED) {
1152 LOG_WARNING("target not halted");
1153 return ERROR_TARGET_NOT_HALTED;
1154 }
1155
1156 /* current = 1: continue on current pc, otherwise continue at <address> */
1157 r = arm->pc;
1158 if (!current)
1159 buf_set_u32(r->value, 0, 32, address);
1160 else
1161 address = buf_get_u32(r->value, 0, 32);
1162
1163 /* The front-end may request us not to handle breakpoints.
1164 * But since Cortex-A uses breakpoint for single step,
1165 * we MUST handle breakpoints.
1166 */
1167 handle_breakpoints = 1;
1168 if (handle_breakpoints) {
1169 breakpoint = breakpoint_find(target, address);
1170 if (breakpoint)
1171 cortex_a_unset_breakpoint(target, breakpoint);
1172 }
1173
1174 /* Setup single step breakpoint */
1175 stepbreakpoint.address = address;
1176 stepbreakpoint.asid = 0;
1177 stepbreakpoint.length = (arm->core_state == ARM_STATE_THUMB)
1178 ? 2 : 4;
1179 stepbreakpoint.type = BKPT_HARD;
1180 stepbreakpoint.set = 0;
1181
1182 /* Disable interrupts during single step if requested */
1183 if (cortex_a->isrmasking_mode == CORTEX_A_ISRMASK_ON) {
1184 retval = cortex_a_set_dscr_bits(target, DSCR_INT_DIS, DSCR_INT_DIS);
1185 if (ERROR_OK != retval)
1186 return retval;
1187 }
1188
1189 /* Break on IVA mismatch */
1190 cortex_a_set_breakpoint(target, &stepbreakpoint, 0x04);
1191
1192 target->debug_reason = DBG_REASON_SINGLESTEP;
1193
1194 retval = cortex_a_resume(target, 1, address, 0, 0);
1195 if (retval != ERROR_OK)
1196 return retval;
1197
1198 int64_t then = timeval_ms();
1199 while (target->state != TARGET_HALTED) {
1200 retval = cortex_a_poll(target);
1201 if (retval != ERROR_OK)
1202 return retval;
1203 if (target->state == TARGET_HALTED)
1204 break;
1205 if (timeval_ms() > then + 1000) {
1206 LOG_ERROR("timeout waiting for target halt");
1207 return ERROR_FAIL;
1208 }
1209 }
1210
1211 cortex_a_unset_breakpoint(target, &stepbreakpoint);
1212
1213 /* Re-enable interrupts if they were disabled */
1214 if (cortex_a->isrmasking_mode == CORTEX_A_ISRMASK_ON) {
1215 retval = cortex_a_set_dscr_bits(target, DSCR_INT_DIS, 0);
1216 if (ERROR_OK != retval)
1217 return retval;
1218 }
1219
1220
1221 target->debug_reason = DBG_REASON_BREAKPOINT;
1222
1223 if (breakpoint)
1224 cortex_a_set_breakpoint(target, breakpoint, 0);
1225
1226 if (target->state != TARGET_HALTED)
1227 LOG_DEBUG("target stepped");
1228
1229 return ERROR_OK;
1230 }
1231
1232 static int cortex_a_restore_context(struct target *target, bool bpwp)
1233 {
1234 struct armv7a_common *armv7a = target_to_armv7a(target);
1235
1236 LOG_DEBUG(" ");
1237
1238 if (armv7a->pre_restore_context)
1239 armv7a->pre_restore_context(target);
1240
1241 return arm_dpm_write_dirty_registers(&armv7a->dpm, bpwp);
1242 }
1243
1244 /*
1245 * Cortex-A Breakpoint and watchpoint functions
1246 */
1247
1248 /* Setup hardware Breakpoint Register Pair */
1249 static int cortex_a_set_breakpoint(struct target *target,
1250 struct breakpoint *breakpoint, uint8_t matchmode)
1251 {
1252 int retval;
1253 int brp_i = 0;
1254 uint32_t control;
1255 uint8_t byte_addr_select = 0x0F;
1256 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1257 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
1258 struct cortex_a_brp *brp_list = cortex_a->brp_list;
1259
1260 if (breakpoint->set) {
1261 LOG_WARNING("breakpoint already set");
1262 return ERROR_OK;
1263 }
1264
1265 if (breakpoint->type == BKPT_HARD) {
1266 while (brp_list[brp_i].used && (brp_i < cortex_a->brp_num))
1267 brp_i++;
1268 if (brp_i >= cortex_a->brp_num) {
1269 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1270 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1271 }
1272 breakpoint->set = brp_i + 1;
1273 if (breakpoint->length == 2)
1274 byte_addr_select = (3 << (breakpoint->address & 0x02));
1275 control = ((matchmode & 0x7) << 20)
1276 | (byte_addr_select << 5)
1277 | (3 << 1) | 1;
1278 brp_list[brp_i].used = 1;
1279 brp_list[brp_i].value = (breakpoint->address & 0xFFFFFFFC);
1280 brp_list[brp_i].control = control;
1281 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1282 + CPUDBG_BVR_BASE + 4 * brp_list[brp_i].BRPn,
1283 brp_list[brp_i].value);
1284 if (retval != ERROR_OK)
1285 return retval;
1286 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1287 + CPUDBG_BCR_BASE + 4 * brp_list[brp_i].BRPn,
1288 brp_list[brp_i].control);
1289 if (retval != ERROR_OK)
1290 return retval;
1291 LOG_DEBUG("brp %i control 0x%0" PRIx32 " value 0x%0" PRIx32, brp_i,
1292 brp_list[brp_i].control,
1293 brp_list[brp_i].value);
1294 } else if (breakpoint->type == BKPT_SOFT) {
1295 uint8_t code[4];
1296 /* length == 2: Thumb breakpoint */
1297 if (breakpoint->length == 2)
1298 buf_set_u32(code, 0, 32, ARMV5_T_BKPT(0x11));
1299 else
1300 /* length == 3: Thumb-2 breakpoint, actual encoding is
1301 * a regular Thumb BKPT instruction but we replace a
1302 * 32bit Thumb-2 instruction, so fix-up the breakpoint
1303 * length
1304 */
1305 if (breakpoint->length == 3) {
1306 buf_set_u32(code, 0, 32, ARMV5_T_BKPT(0x11));
1307 breakpoint->length = 4;
1308 } else
1309 /* length == 4, normal ARM breakpoint */
1310 buf_set_u32(code, 0, 32, ARMV5_BKPT(0x11));
1311
1312 retval = target_read_memory(target,
1313 breakpoint->address & 0xFFFFFFFE,
1314 breakpoint->length, 1,
1315 breakpoint->orig_instr);
1316 if (retval != ERROR_OK)
1317 return retval;
1318
1319 /* make sure data cache is cleaned & invalidated down to PoC */
1320 if (!armv7a->armv7a_mmu.armv7a_cache.auto_cache_enabled) {
1321 armv7a_cache_flush_virt(target, breakpoint->address,
1322 breakpoint->length);
1323 }
1324
1325 retval = target_write_memory(target,
1326 breakpoint->address & 0xFFFFFFFE,
1327 breakpoint->length, 1, code);
1328 if (retval != ERROR_OK)
1329 return retval;
1330
1331 /* update i-cache at breakpoint location */
1332 armv7a_l1_d_cache_inval_virt(target, breakpoint->address,
1333 breakpoint->length);
1334 armv7a_l1_i_cache_inval_virt(target, breakpoint->address,
1335 breakpoint->length);
1336
1337 breakpoint->set = 0x11; /* Any nice value but 0 */
1338 }
1339
1340 return ERROR_OK;
1341 }
1342
1343 static int cortex_a_set_context_breakpoint(struct target *target,
1344 struct breakpoint *breakpoint, uint8_t matchmode)
1345 {
1346 int retval = ERROR_FAIL;
1347 int brp_i = 0;
1348 uint32_t control;
1349 uint8_t byte_addr_select = 0x0F;
1350 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1351 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
1352 struct cortex_a_brp *brp_list = cortex_a->brp_list;
1353
1354 if (breakpoint->set) {
1355 LOG_WARNING("breakpoint already set");
1356 return retval;
1357 }
1358 /*check available context BRPs*/
1359 while ((brp_list[brp_i].used ||
1360 (brp_list[brp_i].type != BRP_CONTEXT)) && (brp_i < cortex_a->brp_num))
1361 brp_i++;
1362
1363 if (brp_i >= cortex_a->brp_num) {
1364 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1365 return ERROR_FAIL;
1366 }
1367
1368 breakpoint->set = brp_i + 1;
1369 control = ((matchmode & 0x7) << 20)
1370 | (byte_addr_select << 5)
1371 | (3 << 1) | 1;
1372 brp_list[brp_i].used = 1;
1373 brp_list[brp_i].value = (breakpoint->asid);
1374 brp_list[brp_i].control = control;
1375 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1376 + CPUDBG_BVR_BASE + 4 * brp_list[brp_i].BRPn,
1377 brp_list[brp_i].value);
1378 if (retval != ERROR_OK)
1379 return retval;
1380 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1381 + CPUDBG_BCR_BASE + 4 * brp_list[brp_i].BRPn,
1382 brp_list[brp_i].control);
1383 if (retval != ERROR_OK)
1384 return retval;
1385 LOG_DEBUG("brp %i control 0x%0" PRIx32 " value 0x%0" PRIx32, brp_i,
1386 brp_list[brp_i].control,
1387 brp_list[brp_i].value);
1388 return ERROR_OK;
1389
1390 }
1391
1392 static int cortex_a_set_hybrid_breakpoint(struct target *target, struct breakpoint *breakpoint)
1393 {
1394 int retval = ERROR_FAIL;
1395 int brp_1 = 0; /* holds the contextID pair */
1396 int brp_2 = 0; /* holds the IVA pair */
1397 uint32_t control_CTX, control_IVA;
1398 uint8_t CTX_byte_addr_select = 0x0F;
1399 uint8_t IVA_byte_addr_select = 0x0F;
1400 uint8_t CTX_machmode = 0x03;
1401 uint8_t IVA_machmode = 0x01;
1402 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1403 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
1404 struct cortex_a_brp *brp_list = cortex_a->brp_list;
1405
1406 if (breakpoint->set) {
1407 LOG_WARNING("breakpoint already set");
1408 return retval;
1409 }
1410 /*check available context BRPs*/
1411 while ((brp_list[brp_1].used ||
1412 (brp_list[brp_1].type != BRP_CONTEXT)) && (brp_1 < cortex_a->brp_num))
1413 brp_1++;
1414
1415 printf("brp(CTX) found num: %d\n", brp_1);
1416 if (brp_1 >= cortex_a->brp_num) {
1417 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1418 return ERROR_FAIL;
1419 }
1420
1421 while ((brp_list[brp_2].used ||
1422 (brp_list[brp_2].type != BRP_NORMAL)) && (brp_2 < cortex_a->brp_num))
1423 brp_2++;
1424
1425 printf("brp(IVA) found num: %d\n", brp_2);
1426 if (brp_2 >= cortex_a->brp_num) {
1427 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1428 return ERROR_FAIL;
1429 }
1430
1431 breakpoint->set = brp_1 + 1;
1432 breakpoint->linked_BRP = brp_2;
1433 control_CTX = ((CTX_machmode & 0x7) << 20)
1434 | (brp_2 << 16)
1435 | (0 << 14)
1436 | (CTX_byte_addr_select << 5)
1437 | (3 << 1) | 1;
1438 brp_list[brp_1].used = 1;
1439 brp_list[brp_1].value = (breakpoint->asid);
1440 brp_list[brp_1].control = control_CTX;
1441 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1442 + CPUDBG_BVR_BASE + 4 * brp_list[brp_1].BRPn,
1443 brp_list[brp_1].value);
1444 if (retval != ERROR_OK)
1445 return retval;
1446 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1447 + CPUDBG_BCR_BASE + 4 * brp_list[brp_1].BRPn,
1448 brp_list[brp_1].control);
1449 if (retval != ERROR_OK)
1450 return retval;
1451
1452 control_IVA = ((IVA_machmode & 0x7) << 20)
1453 | (brp_1 << 16)
1454 | (IVA_byte_addr_select << 5)
1455 | (3 << 1) | 1;
1456 brp_list[brp_2].used = 1;
1457 brp_list[brp_2].value = (breakpoint->address & 0xFFFFFFFC);
1458 brp_list[brp_2].control = control_IVA;
1459 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1460 + CPUDBG_BVR_BASE + 4 * brp_list[brp_2].BRPn,
1461 brp_list[brp_2].value);
1462 if (retval != ERROR_OK)
1463 return retval;
1464 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1465 + CPUDBG_BCR_BASE + 4 * brp_list[brp_2].BRPn,
1466 brp_list[brp_2].control);
1467 if (retval != ERROR_OK)
1468 return retval;
1469
1470 return ERROR_OK;
1471 }
1472
1473 static int cortex_a_unset_breakpoint(struct target *target, struct breakpoint *breakpoint)
1474 {
1475 int retval;
1476 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1477 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
1478 struct cortex_a_brp *brp_list = cortex_a->brp_list;
1479
1480 if (!breakpoint->set) {
1481 LOG_WARNING("breakpoint not set");
1482 return ERROR_OK;
1483 }
1484
1485 if (breakpoint->type == BKPT_HARD) {
1486 if ((breakpoint->address != 0) && (breakpoint->asid != 0)) {
1487 int brp_i = breakpoint->set - 1;
1488 int brp_j = breakpoint->linked_BRP;
1489 if ((brp_i < 0) || (brp_i >= cortex_a->brp_num)) {
1490 LOG_DEBUG("Invalid BRP number in breakpoint");
1491 return ERROR_OK;
1492 }
1493 LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%0" PRIx32, brp_i,
1494 brp_list[brp_i].control, brp_list[brp_i].value);
1495 brp_list[brp_i].used = 0;
1496 brp_list[brp_i].value = 0;
1497 brp_list[brp_i].control = 0;
1498 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1499 + CPUDBG_BCR_BASE + 4 * brp_list[brp_i].BRPn,
1500 brp_list[brp_i].control);
1501 if (retval != ERROR_OK)
1502 return retval;
1503 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1504 + CPUDBG_BVR_BASE + 4 * brp_list[brp_i].BRPn,
1505 brp_list[brp_i].value);
1506 if (retval != ERROR_OK)
1507 return retval;
1508 if ((brp_j < 0) || (brp_j >= cortex_a->brp_num)) {
1509 LOG_DEBUG("Invalid BRP number in breakpoint");
1510 return ERROR_OK;
1511 }
1512 LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%0" PRIx32, brp_j,
1513 brp_list[brp_j].control, brp_list[brp_j].value);
1514 brp_list[brp_j].used = 0;
1515 brp_list[brp_j].value = 0;
1516 brp_list[brp_j].control = 0;
1517 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1518 + CPUDBG_BCR_BASE + 4 * brp_list[brp_j].BRPn,
1519 brp_list[brp_j].control);
1520 if (retval != ERROR_OK)
1521 return retval;
1522 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1523 + CPUDBG_BVR_BASE + 4 * brp_list[brp_j].BRPn,
1524 brp_list[brp_j].value);
1525 if (retval != ERROR_OK)
1526 return retval;
1527 breakpoint->linked_BRP = 0;
1528 breakpoint->set = 0;
1529 return ERROR_OK;
1530
1531 } else {
1532 int brp_i = breakpoint->set - 1;
1533 if ((brp_i < 0) || (brp_i >= cortex_a->brp_num)) {
1534 LOG_DEBUG("Invalid BRP number in breakpoint");
1535 return ERROR_OK;
1536 }
1537 LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%0" PRIx32, brp_i,
1538 brp_list[brp_i].control, brp_list[brp_i].value);
1539 brp_list[brp_i].used = 0;
1540 brp_list[brp_i].value = 0;
1541 brp_list[brp_i].control = 0;
1542 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1543 + CPUDBG_BCR_BASE + 4 * brp_list[brp_i].BRPn,
1544 brp_list[brp_i].control);
1545 if (retval != ERROR_OK)
1546 return retval;
1547 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1548 + CPUDBG_BVR_BASE + 4 * brp_list[brp_i].BRPn,
1549 brp_list[brp_i].value);
1550 if (retval != ERROR_OK)
1551 return retval;
1552 breakpoint->set = 0;
1553 return ERROR_OK;
1554 }
1555 } else {
1556
1557 /* make sure data cache is cleaned & invalidated down to PoC */
1558 if (!armv7a->armv7a_mmu.armv7a_cache.auto_cache_enabled) {
1559 armv7a_cache_flush_virt(target, breakpoint->address,
1560 breakpoint->length);
1561 }
1562
1563 /* restore original instruction (kept in target endianness) */
1564 if (breakpoint->length == 4) {
1565 retval = target_write_memory(target,
1566 breakpoint->address & 0xFFFFFFFE,
1567 4, 1, breakpoint->orig_instr);
1568 if (retval != ERROR_OK)
1569 return retval;
1570 } else {
1571 retval = target_write_memory(target,
1572 breakpoint->address & 0xFFFFFFFE,
1573 2, 1, breakpoint->orig_instr);
1574 if (retval != ERROR_OK)
1575 return retval;
1576 }
1577
1578 /* update i-cache at breakpoint location */
1579 armv7a_l1_d_cache_inval_virt(target, breakpoint->address,
1580 breakpoint->length);
1581 armv7a_l1_i_cache_inval_virt(target, breakpoint->address,
1582 breakpoint->length);
1583 }
1584 breakpoint->set = 0;
1585
1586 return ERROR_OK;
1587 }
1588
1589 static int cortex_a_add_breakpoint(struct target *target,
1590 struct breakpoint *breakpoint)
1591 {
1592 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1593
1594 if ((breakpoint->type == BKPT_HARD) && (cortex_a->brp_num_available < 1)) {
1595 LOG_INFO("no hardware breakpoint available");
1596 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1597 }
1598
1599 if (breakpoint->type == BKPT_HARD)
1600 cortex_a->brp_num_available--;
1601
1602 return cortex_a_set_breakpoint(target, breakpoint, 0x00); /* Exact match */
1603 }
1604
1605 static int cortex_a_add_context_breakpoint(struct target *target,
1606 struct breakpoint *breakpoint)
1607 {
1608 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1609
1610 if ((breakpoint->type == BKPT_HARD) && (cortex_a->brp_num_available < 1)) {
1611 LOG_INFO("no hardware breakpoint available");
1612 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1613 }
1614
1615 if (breakpoint->type == BKPT_HARD)
1616 cortex_a->brp_num_available--;
1617
1618 return cortex_a_set_context_breakpoint(target, breakpoint, 0x02); /* asid match */
1619 }
1620
1621 static int cortex_a_add_hybrid_breakpoint(struct target *target,
1622 struct breakpoint *breakpoint)
1623 {
1624 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1625
1626 if ((breakpoint->type == BKPT_HARD) && (cortex_a->brp_num_available < 1)) {
1627 LOG_INFO("no hardware breakpoint available");
1628 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1629 }
1630
1631 if (breakpoint->type == BKPT_HARD)
1632 cortex_a->brp_num_available--;
1633
1634 return cortex_a_set_hybrid_breakpoint(target, breakpoint); /* ??? */
1635 }
1636
1637
1638 static int cortex_a_remove_breakpoint(struct target *target, struct breakpoint *breakpoint)
1639 {
1640 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1641
1642 #if 0
1643 /* It is perfectly possible to remove breakpoints while the target is running */
1644 if (target->state != TARGET_HALTED) {
1645 LOG_WARNING("target not halted");
1646 return ERROR_TARGET_NOT_HALTED;
1647 }
1648 #endif
1649
1650 if (breakpoint->set) {
1651 cortex_a_unset_breakpoint(target, breakpoint);
1652 if (breakpoint->type == BKPT_HARD)
1653 cortex_a->brp_num_available++;
1654 }
1655
1656
1657 return ERROR_OK;
1658 }
1659
1660 /*
1661 * Cortex-A Reset functions
1662 */
1663
1664 static int cortex_a_assert_reset(struct target *target)
1665 {
1666 struct armv7a_common *armv7a = target_to_armv7a(target);
1667
1668 LOG_DEBUG(" ");
1669
1670 /* FIXME when halt is requested, make it work somehow... */
1671
1672 /* This function can be called in "target not examined" state */
1673
1674 /* Issue some kind of warm reset. */
1675 if (target_has_event_action(target, TARGET_EVENT_RESET_ASSERT))
1676 target_handle_event(target, TARGET_EVENT_RESET_ASSERT);
1677 else if (jtag_get_reset_config() & RESET_HAS_SRST) {
1678 /* REVISIT handle "pulls" cases, if there's
1679 * hardware that needs them to work.
1680 */
1681
1682 /*
1683 * FIXME: fix reset when transport is SWD. This is a temporary
1684 * work-around for release v0.10 that is not intended to stay!
1685 */
1686 if (transport_is_swd() ||
1687 (target->reset_halt && (jtag_get_reset_config() & RESET_SRST_NO_GATING)))
1688 adapter_assert_reset();
1689
1690 } else {
1691 LOG_ERROR("%s: how to reset?", target_name(target));
1692 return ERROR_FAIL;
1693 }
1694
1695 /* registers are now invalid */
1696 if (target_was_examined(target))
1697 register_cache_invalidate(armv7a->arm.core_cache);
1698
1699 target->state = TARGET_RESET;
1700
1701 return ERROR_OK;
1702 }
1703
1704 static int cortex_a_deassert_reset(struct target *target)
1705 {
1706 struct armv7a_common *armv7a = target_to_armv7a(target);
1707 int retval;
1708
1709 LOG_DEBUG(" ");
1710
1711 /* be certain SRST is off */
1712 adapter_deassert_reset();
1713
1714 if (target_was_examined(target)) {
1715 retval = cortex_a_poll(target);
1716 if (retval != ERROR_OK)
1717 return retval;
1718 }
1719
1720 if (target->reset_halt) {
1721 if (target->state != TARGET_HALTED) {
1722 LOG_WARNING("%s: ran after reset and before halt ...",
1723 target_name(target));
1724 if (target_was_examined(target)) {
1725 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
1726 armv7a->debug_base + CPUDBG_DRCR, DRCR_HALT);
1727 if (retval != ERROR_OK)
1728 return retval;
1729 } else
1730 target->state = TARGET_UNKNOWN;
1731 }
1732 }
1733
1734 return ERROR_OK;
1735 }
1736
1737 static int cortex_a_set_dcc_mode(struct target *target, uint32_t mode, uint32_t *dscr)
1738 {
1739 /* Changes the mode of the DCC between non-blocking, stall, and fast mode.
1740 * New desired mode must be in mode. Current value of DSCR must be in
1741 * *dscr, which is updated with new value.
1742 *
1743 * This function elides actually sending the mode-change over the debug
1744 * interface if the mode is already set as desired.
1745 */
1746 uint32_t new_dscr = (*dscr & ~DSCR_EXT_DCC_MASK) | mode;
1747 if (new_dscr != *dscr) {
1748 struct armv7a_common *armv7a = target_to_armv7a(target);
1749 int retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
1750 armv7a->debug_base + CPUDBG_DSCR, new_dscr);
1751 if (retval == ERROR_OK)
1752 *dscr = new_dscr;
1753 return retval;
1754 } else {
1755 return ERROR_OK;
1756 }
1757 }
1758
1759 static int cortex_a_wait_dscr_bits(struct target *target, uint32_t mask,
1760 uint32_t value, uint32_t *dscr)
1761 {
1762 /* Waits until the specified bit(s) of DSCR take on a specified value. */
1763 struct armv7a_common *armv7a = target_to_armv7a(target);
1764 int64_t then;
1765 int retval;
1766
1767 if ((*dscr & mask) == value)
1768 return ERROR_OK;
1769
1770 then = timeval_ms();
1771 while (1) {
1772 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
1773 armv7a->debug_base + CPUDBG_DSCR, dscr);
1774 if (retval != ERROR_OK) {
1775 LOG_ERROR("Could not read DSCR register");
1776 return retval;
1777 }
1778 if ((*dscr & mask) == value)
1779 break;
1780 if (timeval_ms() > then + 1000) {
1781 LOG_ERROR("timeout waiting for DSCR bit change");
1782 return ERROR_FAIL;
1783 }
1784 }
1785 return ERROR_OK;
1786 }
1787
1788 static int cortex_a_read_copro(struct target *target, uint32_t opcode,
1789 uint32_t *data, uint32_t *dscr)
1790 {
1791 int retval;
1792 struct armv7a_common *armv7a = target_to_armv7a(target);
1793
1794 /* Move from coprocessor to R0. */
1795 retval = cortex_a_exec_opcode(target, opcode, dscr);
1796 if (retval != ERROR_OK)
1797 return retval;
1798
1799 /* Move from R0 to DTRTX. */
1800 retval = cortex_a_exec_opcode(target, ARMV4_5_MCR(14, 0, 0, 0, 5, 0), dscr);
1801 if (retval != ERROR_OK)
1802 return retval;
1803
1804 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture
1805 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
1806 * must also check TXfull_l). Most of the time this will be free
1807 * because TXfull_l will be set immediately and cached in dscr. */
1808 retval = cortex_a_wait_dscr_bits(target, DSCR_DTRTX_FULL_LATCHED,
1809 DSCR_DTRTX_FULL_LATCHED, dscr);
1810 if (retval != ERROR_OK)
1811 return retval;
1812
1813 /* Read the value transferred to DTRTX. */
1814 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
1815 armv7a->debug_base + CPUDBG_DTRTX, data);
1816 if (retval != ERROR_OK)
1817 return retval;
1818
1819 return ERROR_OK;
1820 }
1821
1822 static int cortex_a_read_dfar_dfsr(struct target *target, uint32_t *dfar,
1823 uint32_t *dfsr, uint32_t *dscr)
1824 {
1825 int retval;
1826
1827 if (dfar) {
1828 retval = cortex_a_read_copro(target, ARMV4_5_MRC(15, 0, 0, 6, 0, 0), dfar, dscr);
1829 if (retval != ERROR_OK)
1830 return retval;
1831 }
1832
1833 if (dfsr) {
1834 retval = cortex_a_read_copro(target, ARMV4_5_MRC(15, 0, 0, 5, 0, 0), dfsr, dscr);
1835 if (retval != ERROR_OK)
1836 return retval;
1837 }
1838
1839 return ERROR_OK;
1840 }
1841
1842 static int cortex_a_write_copro(struct target *target, uint32_t opcode,
1843 uint32_t data, uint32_t *dscr)
1844 {
1845 int retval;
1846 struct armv7a_common *armv7a = target_to_armv7a(target);
1847
1848 /* Write the value into DTRRX. */
1849 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
1850 armv7a->debug_base + CPUDBG_DTRRX, data);
1851 if (retval != ERROR_OK)
1852 return retval;
1853
1854 /* Move from DTRRX to R0. */
1855 retval = cortex_a_exec_opcode(target, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), dscr);
1856 if (retval != ERROR_OK)
1857 return retval;
1858
1859 /* Move from R0 to coprocessor. */
1860 retval = cortex_a_exec_opcode(target, opcode, dscr);
1861 if (retval != ERROR_OK)
1862 return retval;
1863
1864 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture manual
1865 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
1866 * check RXfull_l). Most of the time this will be free because RXfull_l
1867 * will be cleared immediately and cached in dscr. */
1868 retval = cortex_a_wait_dscr_bits(target, DSCR_DTRRX_FULL_LATCHED, 0, dscr);
1869 if (retval != ERROR_OK)
1870 return retval;
1871
1872 return ERROR_OK;
1873 }
1874
1875 static int cortex_a_write_dfar_dfsr(struct target *target, uint32_t dfar,
1876 uint32_t dfsr, uint32_t *dscr)
1877 {
1878 int retval;
1879
1880 retval = cortex_a_write_copro(target, ARMV4_5_MCR(15, 0, 0, 6, 0, 0), dfar, dscr);
1881 if (retval != ERROR_OK)
1882 return retval;
1883
1884 retval = cortex_a_write_copro(target, ARMV4_5_MCR(15, 0, 0, 5, 0, 0), dfsr, dscr);
1885 if (retval != ERROR_OK)
1886 return retval;
1887
1888 return ERROR_OK;
1889 }
1890
1891 static int cortex_a_dfsr_to_error_code(uint32_t dfsr)
1892 {
1893 uint32_t status, upper4;
1894
1895 if (dfsr & (1 << 9)) {
1896 /* LPAE format. */
1897 status = dfsr & 0x3f;
1898 upper4 = status >> 2;
1899 if (upper4 == 1 || upper4 == 2 || upper4 == 3 || upper4 == 15)
1900 return ERROR_TARGET_TRANSLATION_FAULT;
1901 else if (status == 33)
1902 return ERROR_TARGET_UNALIGNED_ACCESS;
1903 else
1904 return ERROR_TARGET_DATA_ABORT;
1905 } else {
1906 /* Normal format. */
1907 status = ((dfsr >> 6) & 0x10) | (dfsr & 0xf);
1908 if (status == 1)
1909 return ERROR_TARGET_UNALIGNED_ACCESS;
1910 else if (status == 5 || status == 7 || status == 3 || status == 6 ||
1911 status == 9 || status == 11 || status == 13 || status == 15)
1912 return ERROR_TARGET_TRANSLATION_FAULT;
1913 else
1914 return ERROR_TARGET_DATA_ABORT;
1915 }
1916 }
1917
1918 static int cortex_a_write_cpu_memory_slow(struct target *target,
1919 uint32_t size, uint32_t count, const uint8_t *buffer, uint32_t *dscr)
1920 {
1921 /* Writes count objects of size size from *buffer. Old value of DSCR must
1922 * be in *dscr; updated to new value. This is slow because it works for
1923 * non-word-sized objects. Avoid unaligned accesses as they do not work
1924 * on memory address space without "Normal" attribute. If size == 4 and
1925 * the address is aligned, cortex_a_write_cpu_memory_fast should be
1926 * preferred.
1927 * Preconditions:
1928 * - Address is in R0.
1929 * - R0 is marked dirty.
1930 */
1931 struct armv7a_common *armv7a = target_to_armv7a(target);
1932 struct arm *arm = &armv7a->arm;
1933 int retval;
1934
1935 /* Mark register R1 as dirty, to use for transferring data. */
1936 arm_reg_current(arm, 1)->dirty = true;
1937
1938 /* Switch to non-blocking mode if not already in that mode. */
1939 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, dscr);
1940 if (retval != ERROR_OK)
1941 return retval;
1942
1943 /* Go through the objects. */
1944 while (count) {
1945 /* Write the value to store into DTRRX. */
1946 uint32_t data, opcode;
1947 if (size == 1)
1948 data = *buffer;
1949 else if (size == 2)
1950 data = target_buffer_get_u16(target, buffer);
1951 else
1952 data = target_buffer_get_u32(target, buffer);
1953 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
1954 armv7a->debug_base + CPUDBG_DTRRX, data);
1955 if (retval != ERROR_OK)
1956 return retval;
1957
1958 /* Transfer the value from DTRRX to R1. */
1959 retval = cortex_a_exec_opcode(target, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), dscr);
1960 if (retval != ERROR_OK)
1961 return retval;
1962
1963 /* Write the value transferred to R1 into memory. */
1964 if (size == 1)
1965 opcode = ARMV4_5_STRB_IP(1, 0);
1966 else if (size == 2)
1967 opcode = ARMV4_5_STRH_IP(1, 0);
1968 else
1969 opcode = ARMV4_5_STRW_IP(1, 0);
1970 retval = cortex_a_exec_opcode(target, opcode, dscr);
1971 if (retval != ERROR_OK)
1972 return retval;
1973
1974 /* Check for faults and return early. */
1975 if (*dscr & (DSCR_STICKY_ABORT_PRECISE | DSCR_STICKY_ABORT_IMPRECISE))
1976 return ERROR_OK; /* A data fault is not considered a system failure. */
1977
1978 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture
1979 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
1980 * must also check RXfull_l). Most of the time this will be free
1981 * because RXfull_l will be cleared immediately and cached in dscr. */
1982 retval = cortex_a_wait_dscr_bits(target, DSCR_DTRRX_FULL_LATCHED, 0, dscr);
1983 if (retval != ERROR_OK)
1984 return retval;
1985
1986 /* Advance. */
1987 buffer += size;
1988 --count;
1989 }
1990
1991 return ERROR_OK;
1992 }
1993
1994 static int cortex_a_write_cpu_memory_fast(struct target *target,
1995 uint32_t count, const uint8_t *buffer, uint32_t *dscr)
1996 {
1997 /* Writes count objects of size 4 from *buffer. Old value of DSCR must be
1998 * in *dscr; updated to new value. This is fast but only works for
1999 * word-sized objects at aligned addresses.
2000 * Preconditions:
2001 * - Address is in R0 and must be a multiple of 4.
2002 * - R0 is marked dirty.
2003 */
2004 struct armv7a_common *armv7a = target_to_armv7a(target);
2005 int retval;
2006
2007 /* Switch to fast mode if not already in that mode. */
2008 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_FAST_MODE, dscr);
2009 if (retval != ERROR_OK)
2010 return retval;
2011
2012 /* Latch STC instruction. */
2013 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
2014 armv7a->debug_base + CPUDBG_ITR, ARMV4_5_STC(0, 1, 0, 1, 14, 5, 0, 4));
2015 if (retval != ERROR_OK)
2016 return retval;
2017
2018 /* Transfer all the data and issue all the instructions. */
2019 return mem_ap_write_buf_noincr(armv7a->debug_ap, buffer,
2020 4, count, armv7a->debug_base + CPUDBG_DTRRX);
2021 }
2022
2023 static int cortex_a_write_cpu_memory(struct target *target,
2024 uint32_t address, uint32_t size,
2025 uint32_t count, const uint8_t *buffer)
2026 {
2027 /* Write memory through the CPU. */
2028 int retval, final_retval;
2029 struct armv7a_common *armv7a = target_to_armv7a(target);
2030 struct arm *arm = &armv7a->arm;
2031 uint32_t dscr, orig_dfar, orig_dfsr, fault_dscr, fault_dfar, fault_dfsr;
2032
2033 LOG_DEBUG("Writing CPU memory address 0x%" PRIx32 " size %" PRIu32 " count %" PRIu32,
2034 address, size, count);
2035 if (target->state != TARGET_HALTED) {
2036 LOG_WARNING("target not halted");
2037 return ERROR_TARGET_NOT_HALTED;
2038 }
2039
2040 if (!count)
2041 return ERROR_OK;
2042
2043 /* Clear any abort. */
2044 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
2045 armv7a->debug_base + CPUDBG_DRCR, DRCR_CLEAR_EXCEPTIONS);
2046 if (retval != ERROR_OK)
2047 return retval;
2048
2049 /* Read DSCR. */
2050 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2051 armv7a->debug_base + CPUDBG_DSCR, &dscr);
2052 if (retval != ERROR_OK)
2053 return retval;
2054
2055 /* Switch to non-blocking mode if not already in that mode. */
2056 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, &dscr);
2057 if (retval != ERROR_OK)
2058 goto out;
2059
2060 /* Mark R0 as dirty. */
2061 arm_reg_current(arm, 0)->dirty = true;
2062
2063 /* Read DFAR and DFSR, as they will be modified in the event of a fault. */
2064 retval = cortex_a_read_dfar_dfsr(target, &orig_dfar, &orig_dfsr, &dscr);
2065 if (retval != ERROR_OK)
2066 goto out;
2067
2068 /* Get the memory address into R0. */
2069 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
2070 armv7a->debug_base + CPUDBG_DTRRX, address);
2071 if (retval != ERROR_OK)
2072 goto out;
2073 retval = cortex_a_exec_opcode(target, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), &dscr);
2074 if (retval != ERROR_OK)
2075 goto out;
2076
2077 if (size == 4 && (address % 4) == 0) {
2078 /* We are doing a word-aligned transfer, so use fast mode. */
2079 retval = cortex_a_write_cpu_memory_fast(target, count, buffer, &dscr);
2080 } else {
2081 /* Use slow path. Adjust size for aligned accesses */
2082 switch (address % 4) {
2083 case 1:
2084 case 3:
2085 count *= size;
2086 size = 1;
2087 break;
2088 case 2:
2089 if (size == 4) {
2090 count *= 2;
2091 size = 2;
2092 }
2093 case 0:
2094 default:
2095 break;
2096 }
2097 retval = cortex_a_write_cpu_memory_slow(target, size, count, buffer, &dscr);
2098 }
2099
2100 out:
2101 final_retval = retval;
2102
2103 /* Switch to non-blocking mode if not already in that mode. */
2104 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, &dscr);
2105 if (final_retval == ERROR_OK)
2106 final_retval = retval;
2107
2108 /* Wait for last issued instruction to complete. */
2109 retval = cortex_a_wait_instrcmpl(target, &dscr, true);
2110 if (final_retval == ERROR_OK)
2111 final_retval = retval;
2112
2113 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture manual
2114 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
2115 * check RXfull_l). Most of the time this will be free because RXfull_l
2116 * will be cleared immediately and cached in dscr. However, don't do this
2117 * if there is fault, because then the instruction might not have completed
2118 * successfully. */
2119 if (!(dscr & DSCR_STICKY_ABORT_PRECISE)) {
2120 retval = cortex_a_wait_dscr_bits(target, DSCR_DTRRX_FULL_LATCHED, 0, &dscr);
2121 if (retval != ERROR_OK)
2122 return retval;
2123 }
2124
2125 /* If there were any sticky abort flags, clear them. */
2126 if (dscr & (DSCR_STICKY_ABORT_PRECISE | DSCR_STICKY_ABORT_IMPRECISE)) {
2127 fault_dscr = dscr;
2128 mem_ap_write_atomic_u32(armv7a->debug_ap,
2129 armv7a->debug_base + CPUDBG_DRCR, DRCR_CLEAR_EXCEPTIONS);
2130 dscr &= ~(DSCR_STICKY_ABORT_PRECISE | DSCR_STICKY_ABORT_IMPRECISE);
2131 } else {
2132 fault_dscr = 0;
2133 }
2134
2135 /* Handle synchronous data faults. */
2136 if (fault_dscr & DSCR_STICKY_ABORT_PRECISE) {
2137 if (final_retval == ERROR_OK) {
2138 /* Final return value will reflect cause of fault. */
2139 retval = cortex_a_read_dfar_dfsr(target, &fault_dfar, &fault_dfsr, &dscr);
2140 if (retval == ERROR_OK) {
2141 LOG_ERROR("data abort at 0x%08" PRIx32 ", dfsr = 0x%08" PRIx32, fault_dfar, fault_dfsr);
2142 final_retval = cortex_a_dfsr_to_error_code(fault_dfsr);
2143 } else
2144 final_retval = retval;
2145 }
2146 /* Fault destroyed DFAR/DFSR; restore them. */
2147 retval = cortex_a_write_dfar_dfsr(target, orig_dfar, orig_dfsr, &dscr);
2148 if (retval != ERROR_OK)
2149 LOG_ERROR("error restoring dfar/dfsr - dscr = 0x%08" PRIx32, dscr);
2150 }
2151
2152 /* Handle asynchronous data faults. */
2153 if (fault_dscr & DSCR_STICKY_ABORT_IMPRECISE) {
2154 if (final_retval == ERROR_OK)
2155 /* No other error has been recorded so far, so keep this one. */
2156 final_retval = ERROR_TARGET_DATA_ABORT;
2157 }
2158
2159 /* If the DCC is nonempty, clear it. */
2160 if (dscr & DSCR_DTRTX_FULL_LATCHED) {
2161 uint32_t dummy;
2162 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2163 armv7a->debug_base + CPUDBG_DTRTX, &dummy);
2164 if (final_retval == ERROR_OK)
2165 final_retval = retval;
2166 }
2167 if (dscr & DSCR_DTRRX_FULL_LATCHED) {
2168 retval = cortex_a_exec_opcode(target, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), &dscr);
2169 if (final_retval == ERROR_OK)
2170 final_retval = retval;
2171 }
2172
2173 /* Done. */
2174 return final_retval;
2175 }
2176
2177 static int cortex_a_read_cpu_memory_slow(struct target *target,
2178 uint32_t size, uint32_t count, uint8_t *buffer, uint32_t *dscr)
2179 {
2180 /* Reads count objects of size size into *buffer. Old value of DSCR must be
2181 * in *dscr; updated to new value. This is slow because it works for
2182 * non-word-sized objects. Avoid unaligned accesses as they do not work
2183 * on memory address space without "Normal" attribute. If size == 4 and
2184 * the address is aligned, cortex_a_read_cpu_memory_fast should be
2185 * preferred.
2186 * Preconditions:
2187 * - Address is in R0.
2188 * - R0 is marked dirty.
2189 */
2190 struct armv7a_common *armv7a = target_to_armv7a(target);
2191 struct arm *arm = &armv7a->arm;
2192 int retval;
2193
2194 /* Mark register R1 as dirty, to use for transferring data. */
2195 arm_reg_current(arm, 1)->dirty = true;
2196
2197 /* Switch to non-blocking mode if not already in that mode. */
2198 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, dscr);
2199 if (retval != ERROR_OK)
2200 return retval;
2201
2202 /* Go through the objects. */
2203 while (count) {
2204 /* Issue a load of the appropriate size to R1. */
2205 uint32_t opcode, data;
2206 if (size == 1)
2207 opcode = ARMV4_5_LDRB_IP(1, 0);
2208 else if (size == 2)
2209 opcode = ARMV4_5_LDRH_IP(1, 0);
2210 else
2211 opcode = ARMV4_5_LDRW_IP(1, 0);
2212 retval = cortex_a_exec_opcode(target, opcode, dscr);
2213 if (retval != ERROR_OK)
2214 return retval;
2215
2216 /* Issue a write of R1 to DTRTX. */
2217 retval = cortex_a_exec_opcode(target, ARMV4_5_MCR(14, 0, 1, 0, 5, 0), dscr);
2218 if (retval != ERROR_OK)
2219 return retval;
2220
2221 /* Check for faults and return early. */
2222 if (*dscr & (DSCR_STICKY_ABORT_PRECISE | DSCR_STICKY_ABORT_IMPRECISE))
2223 return ERROR_OK; /* A data fault is not considered a system failure. */
2224
2225 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture
2226 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
2227 * must also check TXfull_l). Most of the time this will be free
2228 * because TXfull_l will be set immediately and cached in dscr. */
2229 retval = cortex_a_wait_dscr_bits(target, DSCR_DTRTX_FULL_LATCHED,
2230 DSCR_DTRTX_FULL_LATCHED, dscr);
2231 if (retval != ERROR_OK)
2232 return retval;
2233
2234 /* Read the value transferred to DTRTX into the buffer. */
2235 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2236 armv7a->debug_base + CPUDBG_DTRTX, &data);
2237 if (retval != ERROR_OK)
2238 return retval;
2239 if (size == 1)
2240 *buffer = (uint8_t) data;
2241 else if (size == 2)
2242 target_buffer_set_u16(target, buffer, (uint16_t) data);
2243 else
2244 target_buffer_set_u32(target, buffer, data);
2245
2246 /* Advance. */
2247 buffer += size;
2248 --count;
2249 }
2250
2251 return ERROR_OK;
2252 }
2253
2254 static int cortex_a_read_cpu_memory_fast(struct target *target,
2255 uint32_t count, uint8_t *buffer, uint32_t *dscr)
2256 {
2257 /* Reads count objects of size 4 into *buffer. Old value of DSCR must be in
2258 * *dscr; updated to new value. This is fast but only works for word-sized
2259 * objects at aligned addresses.
2260 * Preconditions:
2261 * - Address is in R0 and must be a multiple of 4.
2262 * - R0 is marked dirty.
2263 */
2264 struct armv7a_common *armv7a = target_to_armv7a(target);
2265 uint32_t u32;
2266 int retval;
2267
2268 /* Switch to non-blocking mode if not already in that mode. */
2269 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, dscr);
2270 if (retval != ERROR_OK)
2271 return retval;
2272
2273 /* Issue the LDC instruction via a write to ITR. */
2274 retval = cortex_a_exec_opcode(target, ARMV4_5_LDC(0, 1, 0, 1, 14, 5, 0, 4), dscr);
2275 if (retval != ERROR_OK)
2276 return retval;
2277
2278 count--;
2279
2280 if (count > 0) {
2281 /* Switch to fast mode if not already in that mode. */
2282 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_FAST_MODE, dscr);
2283 if (retval != ERROR_OK)
2284 return retval;
2285
2286 /* Latch LDC instruction. */
2287 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
2288 armv7a->debug_base + CPUDBG_ITR, ARMV4_5_LDC(0, 1, 0, 1, 14, 5, 0, 4));
2289 if (retval != ERROR_OK)
2290 return retval;
2291
2292 /* Read the value transferred to DTRTX into the buffer. Due to fast
2293 * mode rules, this blocks until the instruction finishes executing and
2294 * then reissues the read instruction to read the next word from
2295 * memory. The last read of DTRTX in this call reads the second-to-last
2296 * word from memory and issues the read instruction for the last word.
2297 */
2298 retval = mem_ap_read_buf_noincr(armv7a->debug_ap, buffer,
2299 4, count, armv7a->debug_base + CPUDBG_DTRTX);
2300 if (retval != ERROR_OK)
2301 return retval;
2302
2303 /* Advance. */
2304 buffer += count * 4;
2305 }
2306
2307 /* Wait for last issued instruction to complete. */
2308 retval = cortex_a_wait_instrcmpl(target, dscr, false);
2309 if (retval != ERROR_OK)
2310 return retval;
2311
2312 /* Switch to non-blocking mode if not already in that mode. */
2313 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, dscr);
2314 if (retval != ERROR_OK)
2315 return retval;
2316
2317 /* Check for faults and return early. */
2318 if (*dscr & (DSCR_STICKY_ABORT_PRECISE | DSCR_STICKY_ABORT_IMPRECISE))
2319 return ERROR_OK; /* A data fault is not considered a system failure. */
2320
2321 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture manual
2322 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
2323 * check TXfull_l). Most of the time this will be free because TXfull_l
2324 * will be set immediately and cached in dscr. */
2325 retval = cortex_a_wait_dscr_bits(target, DSCR_DTRTX_FULL_LATCHED,
2326 DSCR_DTRTX_FULL_LATCHED, dscr);
2327 if (retval != ERROR_OK)
2328 return retval;
2329
2330 /* Read the value transferred to DTRTX into the buffer. This is the last
2331 * word. */
2332 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2333 armv7a->debug_base + CPUDBG_DTRTX, &u32);
2334 if (retval != ERROR_OK)
2335 return retval;
2336 target_buffer_set_u32(target, buffer, u32);
2337
2338 return ERROR_OK;
2339 }
2340
2341 static int cortex_a_read_cpu_memory(struct target *target,
2342 uint32_t address, uint32_t size,
2343 uint32_t count, uint8_t *buffer)
2344 {
2345 /* Read memory through the CPU. */
2346 int retval, final_retval;
2347 struct armv7a_common *armv7a = target_to_armv7a(target);
2348 struct arm *arm = &armv7a->arm;
2349 uint32_t dscr, orig_dfar, orig_dfsr, fault_dscr, fault_dfar, fault_dfsr;
2350
2351 LOG_DEBUG("Reading CPU memory address 0x%" PRIx32 " size %" PRIu32 " count %" PRIu32,
2352 address, size, count);
2353 if (target->state != TARGET_HALTED) {
2354 LOG_WARNING("target not halted");
2355 return ERROR_TARGET_NOT_HALTED;
2356 }
2357
2358 if (!count)
2359 return ERROR_OK;
2360
2361 /* Clear any abort. */
2362 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
2363 armv7a->debug_base + CPUDBG_DRCR, DRCR_CLEAR_EXCEPTIONS);
2364 if (retval != ERROR_OK)
2365 return retval;
2366
2367 /* Read DSCR */
2368 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2369 armv7a->debug_base + CPUDBG_DSCR, &dscr);
2370 if (retval != ERROR_OK)
2371 return retval;
2372
2373 /* Switch to non-blocking mode if not already in that mode. */
2374 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, &dscr);
2375 if (retval != ERROR_OK)
2376 goto out;
2377
2378 /* Mark R0 as dirty. */
2379 arm_reg_current(arm, 0)->dirty = true;
2380
2381 /* Read DFAR and DFSR, as they will be modified in the event of a fault. */
2382 retval = cortex_a_read_dfar_dfsr(target, &orig_dfar, &orig_dfsr, &dscr);
2383 if (retval != ERROR_OK)
2384 goto out;
2385
2386 /* Get the memory address into R0. */
2387 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
2388 armv7a->debug_base + CPUDBG_DTRRX, address);
2389 if (retval != ERROR_OK)
2390 goto out;
2391 retval = cortex_a_exec_opcode(target, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), &dscr);
2392 if (retval != ERROR_OK)
2393 goto out;
2394
2395 if (size == 4 && (address % 4) == 0) {
2396 /* We are doing a word-aligned transfer, so use fast mode. */
2397 retval = cortex_a_read_cpu_memory_fast(target, count, buffer, &dscr);
2398 } else {
2399 /* Use slow path. Adjust size for aligned accesses */
2400 switch (address % 4) {
2401 case 1:
2402 case 3:
2403 count *= size;
2404 size = 1;
2405 break;
2406 case 2:
2407 if (size == 4) {
2408 count *= 2;
2409 size = 2;
2410 }
2411 break;
2412 case 0:
2413 default:
2414 break;
2415 }
2416 retval = cortex_a_read_cpu_memory_slow(target, size, count, buffer, &dscr);
2417 }
2418
2419 out:
2420 final_retval = retval;
2421
2422 /* Switch to non-blocking mode if not already in that mode. */
2423 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, &dscr);
2424 if (final_retval == ERROR_OK)
2425 final_retval = retval;
2426
2427 /* Wait for last issued instruction to complete. */
2428 retval = cortex_a_wait_instrcmpl(target, &dscr, true);
2429 if (final_retval == ERROR_OK)
2430 final_retval = retval;
2431
2432 /* If there were any sticky abort flags, clear them. */
2433 if (dscr & (DSCR_STICKY_ABORT_PRECISE | DSCR_STICKY_ABORT_IMPRECISE)) {
2434 fault_dscr = dscr;
2435 mem_ap_write_atomic_u32(armv7a->debug_ap,
2436 armv7a->debug_base + CPUDBG_DRCR, DRCR_CLEAR_EXCEPTIONS);
2437 dscr &= ~(DSCR_STICKY_ABORT_PRECISE | DSCR_STICKY_ABORT_IMPRECISE);
2438 } else {
2439 fault_dscr = 0;
2440 }
2441
2442 /* Handle synchronous data faults. */
2443 if (fault_dscr & DSCR_STICKY_ABORT_PRECISE) {
2444 if (final_retval == ERROR_OK) {
2445 /* Final return value will reflect cause of fault. */
2446 retval = cortex_a_read_dfar_dfsr(target, &fault_dfar, &fault_dfsr, &dscr);
2447 if (retval == ERROR_OK) {
2448 LOG_ERROR("data abort at 0x%08" PRIx32 ", dfsr = 0x%08" PRIx32, fault_dfar, fault_dfsr);
2449 final_retval = cortex_a_dfsr_to_error_code(fault_dfsr);
2450 } else
2451 final_retval = retval;
2452 }
2453 /* Fault destroyed DFAR/DFSR; restore them. */
2454 retval = cortex_a_write_dfar_dfsr(target, orig_dfar, orig_dfsr, &dscr);
2455 if (retval != ERROR_OK)
2456 LOG_ERROR("error restoring dfar/dfsr - dscr = 0x%08" PRIx32, dscr);
2457 }
2458
2459 /* Handle asynchronous data faults. */
2460 if (fault_dscr & DSCR_STICKY_ABORT_IMPRECISE) {
2461 if (final_retval == ERROR_OK)
2462 /* No other error has been recorded so far, so keep this one. */
2463 final_retval = ERROR_TARGET_DATA_ABORT;
2464 }
2465
2466 /* If the DCC is nonempty, clear it. */
2467 if (dscr & DSCR_DTRTX_FULL_LATCHED) {
2468 uint32_t dummy;
2469 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2470 armv7a->debug_base + CPUDBG_DTRTX, &dummy);
2471 if (final_retval == ERROR_OK)
2472 final_retval = retval;
2473 }
2474 if (dscr & DSCR_DTRRX_FULL_LATCHED) {
2475 retval = cortex_a_exec_opcode(target, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), &dscr);
2476 if (final_retval == ERROR_OK)
2477 final_retval = retval;
2478 }
2479
2480 /* Done. */
2481 return final_retval;
2482 }
2483
2484
2485 /*
2486 * Cortex-A Memory access
2487 *
2488 * This is same Cortex-M3 but we must also use the correct
2489 * ap number for every access.
2490 */
2491
2492 static int cortex_a_read_phys_memory(struct target *target,
2493 target_addr_t address, uint32_t size,
2494 uint32_t count, uint8_t *buffer)
2495 {
2496 int retval;
2497
2498 if (!count || !buffer)
2499 return ERROR_COMMAND_SYNTAX_ERROR;
2500
2501 LOG_DEBUG("Reading memory at real address " TARGET_ADDR_FMT "; size %" PRIu32 "; count %" PRIu32,
2502 address, size, count);
2503
2504 /* read memory through the CPU */
2505 cortex_a_prep_memaccess(target, 1);
2506 retval = cortex_a_read_cpu_memory(target, address, size, count, buffer);
2507 cortex_a_post_memaccess(target, 1);
2508
2509 return retval;
2510 }
2511
2512 static int cortex_a_read_memory(struct target *target, target_addr_t address,
2513 uint32_t size, uint32_t count, uint8_t *buffer)
2514 {
2515 int retval;
2516
2517 /* cortex_a handles unaligned memory access */
2518 LOG_DEBUG("Reading memory at address " TARGET_ADDR_FMT "; size %" PRIu32 "; count %" PRIu32,
2519 address, size, count);
2520
2521 cortex_a_prep_memaccess(target, 0);
2522 retval = cortex_a_read_cpu_memory(target, address, size, count, buffer);
2523 cortex_a_post_memaccess(target, 0);
2524
2525 return retval;
2526 }
2527
2528 static int cortex_a_write_phys_memory(struct target *target,
2529 target_addr_t address, uint32_t size,
2530 uint32_t count, const uint8_t *buffer)
2531 {
2532 int retval;
2533
2534 if (!count || !buffer)
2535 return ERROR_COMMAND_SYNTAX_ERROR;
2536
2537 LOG_DEBUG("Writing memory to real address " TARGET_ADDR_FMT "; size %" PRIu32 "; count %" PRIu32,
2538 address, size, count);
2539
2540 /* write memory through the CPU */
2541 cortex_a_prep_memaccess(target, 1);
2542 retval = cortex_a_write_cpu_memory(target, address, size, count, buffer);
2543 cortex_a_post_memaccess(target, 1);
2544
2545 return retval;
2546 }
2547
2548 static int cortex_a_write_memory(struct target *target, target_addr_t address,
2549 uint32_t size, uint32_t count, const uint8_t *buffer)
2550 {
2551 int retval;
2552
2553 /* cortex_a handles unaligned memory access */
2554 LOG_DEBUG("Writing memory at address " TARGET_ADDR_FMT "; size %" PRIu32 "; count %" PRIu32,
2555 address, size, count);
2556
2557 /* memory writes bypass the caches, must flush before writing */
2558 armv7a_cache_auto_flush_on_write(target, address, size * count);
2559
2560 cortex_a_prep_memaccess(target, 0);
2561 retval = cortex_a_write_cpu_memory(target, address, size, count, buffer);
2562 cortex_a_post_memaccess(target, 0);
2563 return retval;
2564 }
2565
2566 static int cortex_a_read_buffer(struct target *target, target_addr_t address,
2567 uint32_t count, uint8_t *buffer)
2568 {
2569 uint32_t size;
2570
2571 /* Align up to maximum 4 bytes. The loop condition makes sure the next pass
2572 * will have something to do with the size we leave to it. */
2573 for (size = 1; size < 4 && count >= size * 2 + (address & size); size *= 2) {
2574 if (address & size) {
2575 int retval = target_read_memory(target, address, size, 1, buffer);
2576 if (retval != ERROR_OK)
2577 return retval;
2578 address += size;
2579 count -= size;
2580 buffer += size;
2581 }
2582 }
2583
2584 /* Read the data with as large access size as possible. */
2585 for (; size > 0; size /= 2) {
2586 uint32_t aligned = count - count % size;
2587 if (aligned > 0) {
2588 int retval = target_read_memory(target, address, size, aligned / size, buffer);
2589 if (retval != ERROR_OK)
2590 return retval;
2591 address += aligned;
2592 count -= aligned;
2593 buffer += aligned;
2594 }
2595 }
2596
2597 return ERROR_OK;
2598 }
2599
2600 static int cortex_a_write_buffer(struct target *target, target_addr_t address,
2601 uint32_t count, const uint8_t *buffer)
2602 {
2603 uint32_t size;
2604
2605 /* Align up to maximum 4 bytes. The loop condition makes sure the next pass
2606 * will have something to do with the size we leave to it. */
2607 for (size = 1; size < 4 && count >= size * 2 + (address & size); size *= 2) {
2608 if (address & size) {
2609 int retval = target_write_memory(target, address, size, 1, buffer);
2610 if (retval != ERROR_OK)
2611 return retval;
2612 address += size;
2613 count -= size;
2614 buffer += size;
2615 }
2616 }
2617
2618 /* Write the data with as large access size as possible. */
2619 for (; size > 0; size /= 2) {
2620 uint32_t aligned = count - count % size;
2621 if (aligned > 0) {
2622 int retval = target_write_memory(target, address, size, aligned / size, buffer);
2623 if (retval != ERROR_OK)
2624 return retval;
2625 address += aligned;
2626 count -= aligned;
2627 buffer += aligned;
2628 }
2629 }
2630
2631 return ERROR_OK;
2632 }
2633
2634 static int cortex_a_handle_target_request(void *priv)
2635 {
2636 struct target *target = priv;
2637 struct armv7a_common *armv7a = target_to_armv7a(target);
2638 int retval;
2639
2640 if (!target_was_examined(target))
2641 return ERROR_OK;
2642 if (!target->dbg_msg_enabled)
2643 return ERROR_OK;
2644
2645 if (target->state == TARGET_RUNNING) {
2646 uint32_t request;
2647 uint32_t dscr;
2648 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2649 armv7a->debug_base + CPUDBG_DSCR, &dscr);
2650
2651 /* check if we have data */
2652 int64_t then = timeval_ms();
2653 while ((dscr & DSCR_DTR_TX_FULL) && (retval == ERROR_OK)) {
2654 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2655 armv7a->debug_base + CPUDBG_DTRTX, &request);
2656 if (retval == ERROR_OK) {
2657 target_request(target, request);
2658 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2659 armv7a->debug_base + CPUDBG_DSCR, &dscr);
2660 }
2661 if (timeval_ms() > then + 1000) {
2662 LOG_ERROR("Timeout waiting for dtr tx full");
2663 return ERROR_FAIL;
2664 }
2665 }
2666 }
2667
2668 return ERROR_OK;
2669 }
2670
2671 /*
2672 * Cortex-A target information and configuration
2673 */
2674
2675 static int cortex_a_examine_first(struct target *target)
2676 {
2677 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
2678 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
2679 struct adiv5_dap *swjdp = armv7a->arm.dap;
2680
2681 int i;
2682 int retval = ERROR_OK;
2683 uint32_t didr, cpuid, dbg_osreg, dbg_idpfr1;
2684
2685 /* Search for the APB-AP - it is needed for access to debug registers */
2686 retval = dap_find_ap(swjdp, AP_TYPE_APB_AP, &armv7a->debug_ap);
2687 if (retval != ERROR_OK) {
2688 LOG_ERROR("Could not find APB-AP for debug access");
2689 return retval;
2690 }
2691
2692 retval = mem_ap_init(armv7a->debug_ap);
2693 if (retval != ERROR_OK) {
2694 LOG_ERROR("Could not initialize the APB-AP");
2695 return retval;
2696 }
2697
2698 armv7a->debug_ap->memaccess_tck = 80;
2699
2700 if (!target->dbgbase_set) {
2701 uint32_t dbgbase;
2702 /* Get ROM Table base */
2703 uint32_t apid;
2704 int32_t coreidx = target->coreid;
2705 LOG_DEBUG("%s's dbgbase is not set, trying to detect using the ROM table",
2706 target->cmd_name);
2707 retval = dap_get_debugbase(armv7a->debug_ap, &dbgbase, &apid);
2708 if (retval != ERROR_OK)
2709 return retval;
2710 /* Lookup 0x15 -- Processor DAP */
2711 retval = dap_lookup_cs_component(armv7a->debug_ap, dbgbase, 0x15,
2712 &armv7a->debug_base, &coreidx);
2713 if (retval != ERROR_OK) {
2714 LOG_ERROR("Can't detect %s's dbgbase from the ROM table; you need to specify it explicitly.",
2715 target->cmd_name);
2716 return retval;
2717 }
2718 LOG_DEBUG("Detected core %" PRId32 " dbgbase: %08" PRIx32,
2719 target->coreid, armv7a->debug_base);
2720 } else
2721 armv7a->debug_base = target->dbgbase;
2722
2723 if ((armv7a->debug_base & (1UL<<31)) == 0)
2724 LOG_WARNING("Debug base address for target %s has bit 31 set to 0. Access to debug registers will likely fail!\n"
2725 "Please fix the target configuration.", target_name(target));
2726
2727 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2728 armv7a->debug_base + CPUDBG_DIDR, &didr);
2729 if (retval != ERROR_OK) {
2730 LOG_DEBUG("Examine %s failed", "DIDR");
2731 return retval;
2732 }
2733
2734 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2735 armv7a->debug_base + CPUDBG_CPUID, &cpuid);
2736 if (retval != ERROR_OK) {
2737 LOG_DEBUG("Examine %s failed", "CPUID");
2738 return retval;
2739 }
2740
2741 LOG_DEBUG("didr = 0x%08" PRIx32, didr);
2742 LOG_DEBUG("cpuid = 0x%08" PRIx32, cpuid);
2743
2744 cortex_a->didr = didr;
2745 cortex_a->cpuid = cpuid;
2746
2747 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2748 armv7a->debug_base + CPUDBG_PRSR, &dbg_osreg);
2749 if (retval != ERROR_OK)
2750 return retval;
2751 LOG_DEBUG("target->coreid %" PRId32 " DBGPRSR 0x%" PRIx32, target->coreid, dbg_osreg);
2752
2753 if ((dbg_osreg & PRSR_POWERUP_STATUS) == 0) {
2754 LOG_ERROR("target->coreid %" PRId32 " powered down!", target->coreid);
2755 target->state = TARGET_UNKNOWN; /* TARGET_NO_POWER? */
2756 return ERROR_TARGET_INIT_FAILED;
2757 }
2758
2759 if (dbg_osreg & PRSR_STICKY_RESET_STATUS)
2760 LOG_DEBUG("target->coreid %" PRId32 " was reset!", target->coreid);
2761
2762 /* Read DBGOSLSR and check if OSLK is implemented */
2763 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2764 armv7a->debug_base + CPUDBG_OSLSR, &dbg_osreg);
2765 if (retval != ERROR_OK)
2766 return retval;
2767 LOG_DEBUG("target->coreid %" PRId32 " DBGOSLSR 0x%" PRIx32, target->coreid, dbg_osreg);
2768
2769 /* check if OS Lock is implemented */
2770 if ((dbg_osreg & OSLSR_OSLM) == OSLSR_OSLM0 || (dbg_osreg & OSLSR_OSLM) == OSLSR_OSLM1) {
2771 /* check if OS Lock is set */
2772 if (dbg_osreg & OSLSR_OSLK) {
2773 LOG_DEBUG("target->coreid %" PRId32 " OSLock set! Trying to unlock", target->coreid);
2774
2775 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
2776 armv7a->debug_base + CPUDBG_OSLAR,
2777 0);
2778 if (retval == ERROR_OK)
2779 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2780 armv7a->debug_base + CPUDBG_OSLSR, &dbg_osreg);
2781
2782 /* if we fail to access the register or cannot reset the OSLK bit, bail out */
2783 if (retval != ERROR_OK || (dbg_osreg & OSLSR_OSLK) != 0) {
2784 LOG_ERROR("target->coreid %" PRId32 " OSLock sticky, core not powered?",
2785 target->coreid);
2786 target->state = TARGET_UNKNOWN; /* TARGET_NO_POWER? */
2787 return ERROR_TARGET_INIT_FAILED;
2788 }
2789 }
2790 }
2791
2792 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2793 armv7a->debug_base + CPUDBG_ID_PFR1, &dbg_idpfr1);
2794 if (retval != ERROR_OK)
2795 return retval;
2796
2797 if (dbg_idpfr1 & 0x000000f0) {
2798 LOG_DEBUG("target->coreid %" PRId32 " has security extensions",
2799 target->coreid);
2800 armv7a->arm.core_type = ARM_CORE_TYPE_SEC_EXT;
2801 }
2802 if (dbg_idpfr1 & 0x0000f000) {
2803 LOG_DEBUG("target->coreid %" PRId32 " has virtualization extensions",
2804 target->coreid);
2805 /*
2806 * overwrite and simplify the checks.
2807 * virtualization extensions require implementation of security extension
2808 */
2809 armv7a->arm.core_type = ARM_CORE_TYPE_VIRT_EXT;
2810 }
2811
2812 /* Avoid recreating the registers cache */
2813 if (!target_was_examined(target)) {
2814 retval = cortex_a_dpm_setup(cortex_a, didr);
2815 if (retval != ERROR_OK)
2816 return retval;
2817 }
2818
2819 /* Setup Breakpoint Register Pairs */
2820 cortex_a->brp_num = ((didr >> 24) & 0x0F) + 1;
2821 cortex_a->brp_num_context = ((didr >> 20) & 0x0F) + 1;
2822 cortex_a->brp_num_available = cortex_a->brp_num;
2823 free(cortex_a->brp_list);
2824 cortex_a->brp_list = calloc(cortex_a->brp_num, sizeof(struct cortex_a_brp));
2825 /* cortex_a->brb_enabled = ????; */
2826 for (i = 0; i < cortex_a->brp_num; i++) {
2827 cortex_a->brp_list[i].used = 0;
2828 if (i < (cortex_a->brp_num-cortex_a->brp_num_context))
2829 cortex_a->brp_list[i].type = BRP_NORMAL;
2830 else
2831 cortex_a->brp_list[i].type = BRP_CONTEXT;
2832 cortex_a->brp_list[i].value = 0;
2833 cortex_a->brp_list[i].control = 0;
2834 cortex_a->brp_list[i].BRPn = i;
2835 }
2836
2837 LOG_DEBUG("Configured %i hw breakpoints", cortex_a->brp_num);
2838
2839 /* select debug_ap as default */
2840 swjdp->apsel = armv7a->debug_ap->ap_num;
2841
2842 target_set_examined(target);
2843 return ERROR_OK;
2844 }
2845
2846 static int cortex_a_examine(struct target *target)
2847 {
2848 int retval = ERROR_OK;
2849
2850 /* Reestablish communication after target reset */
2851 retval = cortex_a_examine_first(target);
2852
2853 /* Configure core debug access */
2854 if (retval == ERROR_OK)
2855 retval = cortex_a_init_debug_access(target);
2856
2857 return retval;
2858 }
2859
2860 /*
2861 * Cortex-A target creation and initialization
2862 */
2863
2864 static int cortex_a_init_target(struct command_context *cmd_ctx,
2865 struct target *target)
2866 {
2867 /* examine_first() does a bunch of this */
2868 arm_semihosting_init(target);
2869 return ERROR_OK;
2870 }
2871
2872 static int cortex_a_init_arch_info(struct target *target,
2873 struct cortex_a_common *cortex_a, struct adiv5_dap *dap)
2874 {
2875 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
2876
2877 /* Setup struct cortex_a_common */
2878 cortex_a->common_magic = CORTEX_A_COMMON_MAGIC;
2879 armv7a->arm.dap = dap;
2880
2881 /* register arch-specific functions */
2882 armv7a->examine_debug_reason = NULL;
2883
2884 armv7a->post_debug_entry = cortex_a_post_debug_entry;
2885
2886 armv7a->pre_restore_context = NULL;
2887
2888 armv7a->armv7a_mmu.read_physical_memory = cortex_a_read_phys_memory;
2889
2890
2891 /* arm7_9->handle_target_request = cortex_a_handle_target_request; */
2892
2893 /* REVISIT v7a setup should be in a v7a-specific routine */
2894 armv7a_init_arch_info(target, armv7a);
2895 target_register_timer_callback(cortex_a_handle_target_request, 1,
2896 TARGET_TIMER_TYPE_PERIODIC, target);
2897
2898 return ERROR_OK;
2899 }
2900
2901 static int cortex_a_target_create(struct target *target, Jim_Interp *interp)
2902 {
2903 struct cortex_a_common *cortex_a;
2904 struct adiv5_private_config *pc;
2905
2906 if (target->private_config == NULL)
2907 return ERROR_FAIL;
2908
2909 pc = (struct adiv5_private_config *)target->private_config;
2910
2911 cortex_a = calloc(1, sizeof(struct cortex_a_common));
2912 if (cortex_a == NULL) {
2913 LOG_ERROR("Out of memory");
2914 return ERROR_FAIL;
2915 }
2916 cortex_a->common_magic = CORTEX_A_COMMON_MAGIC;
2917 cortex_a->armv7a_common.is_armv7r = false;
2918 cortex_a->armv7a_common.arm.arm_vfp_version = ARM_VFP_V3;
2919
2920 return cortex_a_init_arch_info(target, cortex_a, pc->dap);
2921 }
2922
2923 static int cortex_r4_target_create(struct target *target, Jim_Interp *interp)
2924 {
2925 struct cortex_a_common *cortex_a;
2926 struct adiv5_private_config *pc;
2927
2928 pc = (struct adiv5_private_config *)target->private_config;
2929 if (adiv5_verify_config(pc) != ERROR_OK)
2930 return ERROR_FAIL;
2931
2932 cortex_a = calloc(1, sizeof(struct cortex_a_common));
2933 if (cortex_a == NULL) {
2934 LOG_ERROR("Out of memory");
2935 return ERROR_FAIL;
2936 }
2937 cortex_a->common_magic = CORTEX_A_COMMON_MAGIC;
2938 cortex_a->armv7a_common.is_armv7r = true;
2939
2940 return cortex_a_init_arch_info(target, cortex_a, pc->dap);
2941 }
2942
2943 static void cortex_a_deinit_target(struct target *target)
2944 {
2945 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
2946 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
2947 struct arm_dpm *dpm = &armv7a->dpm;
2948 uint32_t dscr;
2949 int retval;
2950
2951 if (target_was_examined(target)) {
2952 /* Disable halt for breakpoint, watchpoint and vector catch */
2953 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2954 armv7a->debug_base + CPUDBG_DSCR, &dscr);
2955 if (retval == ERROR_OK)
2956 mem_ap_write_atomic_u32(armv7a->debug_ap,
2957 armv7a->debug_base + CPUDBG_DSCR,
2958 dscr & ~DSCR_HALT_DBG_MODE);
2959 }
2960
2961 free(cortex_a->brp_list);
2962 arm_free_reg_cache(dpm->arm);
2963 free(dpm->dbp);
2964 free(dpm->dwp);
2965 free(target->private_config);
2966 free(cortex_a);
2967 }
2968
2969 static int cortex_a_mmu(struct target *target, int *enabled)
2970 {
2971 struct armv7a_common *armv7a = target_to_armv7a(target);
2972
2973 if (target->state != TARGET_HALTED) {
2974 LOG_ERROR("%s: target not halted", __func__);
2975 return ERROR_TARGET_INVALID;
2976 }
2977
2978 if (armv7a->is_armv7r)
2979 *enabled = 0;
2980 else
2981 *enabled = target_to_cortex_a(target)->armv7a_common.armv7a_mmu.mmu_enabled;
2982
2983 return ERROR_OK;
2984 }
2985
2986 static int cortex_a_virt2phys(struct target *target,
2987 target_addr_t virt, target_addr_t *phys)
2988 {
2989 int retval;
2990 int mmu_enabled = 0;
2991
2992 /*
2993 * If the MMU was not enabled at debug entry, there is no
2994 * way of knowing if there was ever a valid configuration
2995 * for it and thus it's not safe to enable it. In this case,
2996 * just return the virtual address as physical.
2997 */
2998 cortex_a_mmu(target, &mmu_enabled);
2999 if (!mmu_enabled) {
3000 *phys = virt;
3001 return ERROR_OK;
3002 }
3003
3004 /* mmu must be enable in order to get a correct translation */
3005 retval = cortex_a_mmu_modify(target, 1);
3006 if (retval != ERROR_OK)
3007 return retval;
3008 return armv7a_mmu_translate_va_pa(target, (uint32_t)virt,
3009 phys, 1);
3010 }
3011
3012 COMMAND_HANDLER(cortex_a_handle_cache_info_command)
3013 {
3014 struct target *target = get_current_target(CMD_CTX);
3015 struct armv7a_common *armv7a = target_to_armv7a(target);
3016
3017 return armv7a_handle_cache_info_command(CMD,
3018 &armv7a->armv7a_mmu.armv7a_cache);
3019 }
3020
3021
3022 COMMAND_HANDLER(cortex_a_handle_dbginit_command)
3023 {
3024 struct target *target = get_current_target(CMD_CTX);
3025 if (!target_was_examined(target)) {
3026 LOG_ERROR("target not examined yet");
3027 return ERROR_FAIL;
3028 }
3029
3030 return cortex_a_init_debug_access(target);
3031 }
3032
3033 COMMAND_HANDLER(handle_cortex_a_mask_interrupts_command)
3034 {
3035 struct target *target = get_current_target(CMD_CTX);
3036 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
3037
3038 static const Jim_Nvp nvp_maskisr_modes[] = {
3039 { .name = "off", .value = CORTEX_A_ISRMASK_OFF },
3040 { .name = "on", .value = CORTEX_A_ISRMASK_ON },
3041 { .name = NULL, .value = -1 },
3042 };
3043 const Jim_Nvp *n;
3044
3045 if (CMD_ARGC > 0) {
3046 n = Jim_Nvp_name2value_simple(nvp_maskisr_modes, CMD_ARGV[0]);
3047 if (n->name == NULL) {
3048 LOG_ERROR("Unknown parameter: %s - should be off or on", CMD_ARGV[0]);
3049 return ERROR_COMMAND_SYNTAX_ERROR;
3050 }
3051
3052 cortex_a->isrmasking_mode = n->value;
3053 }
3054
3055 n = Jim_Nvp_value2name_simple(nvp_maskisr_modes, cortex_a->isrmasking_mode);
3056 command_print(CMD, "cortex_a interrupt mask %s", n->name);
3057
3058 return ERROR_OK;
3059 }
3060
3061 COMMAND_HANDLER(handle_cortex_a_dacrfixup_command)
3062 {
3063 struct target *target = get_current_target(CMD_CTX);
3064 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
3065
3066 static const Jim_Nvp nvp_dacrfixup_modes[] = {
3067 { .name = "off", .value = CORTEX_A_DACRFIXUP_OFF },
3068 { .name = "on", .value = CORTEX_A_DACRFIXUP_ON },
3069 { .name = NULL, .value = -1 },
3070 };
3071 const Jim_Nvp *n;
3072
3073 if (CMD_ARGC > 0) {
3074 n = Jim_Nvp_name2value_simple(nvp_dacrfixup_modes, CMD_ARGV[0]);
3075 if (n->name == NULL)
3076 return ERROR_COMMAND_SYNTAX_ERROR;
3077 cortex_a->dacrfixup_mode = n->value;
3078
3079 }
3080
3081 n = Jim_Nvp_value2name_simple(nvp_dacrfixup_modes, cortex_a->dacrfixup_mode);
3082 command_print(CMD, "cortex_a domain access control fixup %s", n->name);
3083
3084 return ERROR_OK;
3085 }
3086
3087 static const struct command_registration cortex_a_exec_command_handlers[] = {
3088 {
3089 .name = "cache_info",
3090 .handler = cortex_a_handle_cache_info_command,
3091 .mode = COMMAND_EXEC,
3092 .help = "display information about target caches",
3093 .usage = "",
3094 },
3095 {
3096 .name = "dbginit",
3097 .handler = cortex_a_handle_dbginit_command,
3098 .mode = COMMAND_EXEC,
3099 .help = "Initialize core debug",
3100 .usage = "",
3101 },
3102 {
3103 .name = "maskisr",
3104 .handler = handle_cortex_a_mask_interrupts_command,
3105 .mode = COMMAND_ANY,
3106 .help = "mask cortex_a interrupts",
3107 .usage = "['on'|'off']",
3108 },
3109 {
3110 .name = "dacrfixup",
3111 .handler = handle_cortex_a_dacrfixup_command,
3112 .mode = COMMAND_ANY,
3113 .help = "set domain access control (DACR) to all-manager "
3114 "on memory access",
3115 .usage = "['on'|'off']",
3116 },
3117 {
3118 .chain = armv7a_mmu_command_handlers,
3119 },
3120 {
3121 .chain = smp_command_handlers,
3122 },
3123
3124 COMMAND_REGISTRATION_DONE
3125 };
3126 static const struct command_registration cortex_a_command_handlers[] = {
3127 {
3128 .chain = arm_command_handlers,
3129 },
3130 {
3131 .chain = armv7a_command_handlers,
3132 },
3133 {
3134 .name = "cortex_a",
3135 .mode = COMMAND_ANY,
3136 .help = "Cortex-A command group",
3137 .usage = "",
3138 .chain = cortex_a_exec_command_handlers,
3139 },
3140 COMMAND_REGISTRATION_DONE
3141 };
3142
3143 struct target_type cortexa_target = {
3144 .name = "cortex_a",
3145 .deprecated_name = "cortex_a8",
3146
3147 .poll = cortex_a_poll,
3148 .arch_state = armv7a_arch_state,
3149
3150 .halt = cortex_a_halt,
3151 .resume = cortex_a_resume,
3152 .step = cortex_a_step,
3153
3154 .assert_reset = cortex_a_assert_reset,
3155 .deassert_reset = cortex_a_deassert_reset,
3156
3157 /* REVISIT allow exporting VFP3 registers ... */
3158 .get_gdb_arch = arm_get_gdb_arch,
3159 .get_gdb_reg_list = arm_get_gdb_reg_list,
3160
3161 .read_memory = cortex_a_read_memory,
3162 .write_memory = cortex_a_write_memory,
3163
3164 .read_buffer = cortex_a_read_buffer,
3165 .write_buffer = cortex_a_write_buffer,
3166
3167 .checksum_memory = arm_checksum_memory,
3168 .blank_check_memory = arm_blank_check_memory,
3169
3170 .run_algorithm = armv4_5_run_algorithm,
3171
3172 .add_breakpoint = cortex_a_add_breakpoint,
3173 .add_context_breakpoint = cortex_a_add_context_breakpoint,
3174 .add_hybrid_breakpoint = cortex_a_add_hybrid_breakpoint,
3175 .remove_breakpoint = cortex_a_remove_breakpoint,
3176 .add_watchpoint = NULL,
3177 .remove_watchpoint = NULL,
3178
3179 .commands = cortex_a_command_handlers,
3180 .target_create = cortex_a_target_create,
3181 .target_jim_configure = adiv5_jim_configure,
3182 .init_target = cortex_a_init_target,
3183 .examine = cortex_a_examine,
3184 .deinit_target = cortex_a_deinit_target,
3185
3186 .read_phys_memory = cortex_a_read_phys_memory,
3187 .write_phys_memory = cortex_a_write_phys_memory,
3188 .mmu = cortex_a_mmu,
3189 .virt2phys = cortex_a_virt2phys,
3190 };
3191
3192 static const struct command_registration cortex_r4_exec_command_handlers[] = {
3193 {
3194 .name = "dbginit",
3195 .handler = cortex_a_handle_dbginit_command,
3196 .mode = COMMAND_EXEC,
3197 .help = "Initialize core debug",
3198 .usage = "",
3199 },
3200 {
3201 .name = "maskisr",
3202 .handler = handle_cortex_a_mask_interrupts_command,
3203 .mode = COMMAND_EXEC,
3204 .help = "mask cortex_r4 interrupts",
3205 .usage = "['on'|'off']",
3206 },
3207
3208 COMMAND_REGISTRATION_DONE
3209 };
3210 static const struct command_registration cortex_r4_command_handlers[] = {
3211 {
3212 .chain = arm_command_handlers,
3213 },
3214 {
3215 .name = "cortex_r4",
3216 .mode = COMMAND_ANY,
3217 .help = "Cortex-R4 command group",
3218 .usage = "",
3219 .chain = cortex_r4_exec_command_handlers,
3220 },
3221 COMMAND_REGISTRATION_DONE
3222 };
3223
3224 struct target_type cortexr4_target = {
3225 .name = "cortex_r4",
3226
3227 .poll = cortex_a_poll,
3228 .arch_state = armv7a_arch_state,
3229
3230 .halt = cortex_a_halt,
3231 .resume = cortex_a_resume,
3232 .step = cortex_a_step,
3233
3234 .assert_reset = cortex_a_assert_reset,
3235 .deassert_reset = cortex_a_deassert_reset,
3236
3237 /* REVISIT allow exporting VFP3 registers ... */
3238 .get_gdb_arch = arm_get_gdb_arch,
3239 .get_gdb_reg_list = arm_get_gdb_reg_list,
3240
3241 .read_memory = cortex_a_read_phys_memory,
3242 .write_memory = cortex_a_write_phys_memory,
3243
3244 .checksum_memory = arm_checksum_memory,
3245 .blank_check_memory = arm_blank_check_memory,
3246
3247 .run_algorithm = armv4_5_run_algorithm,
3248
3249 .add_breakpoint = cortex_a_add_breakpoint,
3250 .add_context_breakpoint = cortex_a_add_context_breakpoint,
3251 .add_hybrid_breakpoint = cortex_a_add_hybrid_breakpoint,
3252 .remove_breakpoint = cortex_a_remove_breakpoint,
3253 .add_watchpoint = NULL,
3254 .remove_watchpoint = NULL,
3255
3256 .commands = cortex_r4_command_handlers,
3257 .target_create = cortex_r4_target_create,
3258 .target_jim_configure = adiv5_jim_configure,
3259 .init_target = cortex_a_init_target,
3260 .examine = cortex_a_examine,
3261 .deinit_target = cortex_a_deinit_target,
3262 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)