Code Review / openocd.git / blob
? search:


f39fd9b2b70c6b738b004c635fc1c09caabe196b
[openocd.git] / src / target / cortex_a.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * Copyright (C) 2006 by Magnus Lundin *
6 * lundin@mlu.mine.nu *
7 * *
8 * Copyright (C) 2008 by Spencer Oliver *
9 * spen@spen-soft.co.uk *
10 * *
11 * Copyright (C) 2009 by Dirk Behme *
12 * dirk.behme@gmail.com - copy from cortex_m3 *
13 * *
14 * Copyright (C) 2010 Øyvind Harboe *
15 * oyvind.harboe@zylin.com *
16 * *
17 * Copyright (C) ST-Ericsson SA 2011 *
18 * michel.jaouen@stericsson.com : smp minimum support *
19 * *
20 * Copyright (C) Broadcom 2012 *
21 * ehunter@broadcom.com : Cortex-R4 support *
22 * *
23 * Copyright (C) 2013 Kamal Dasu *
24 * kdasu.kdev@gmail.com *
25 * *
26 * This program is free software; you can redistribute it and/or modify *
27 * it under the terms of the GNU General Public License as published by *
28 * the Free Software Foundation; either version 2 of the License, or *
29 * (at your option) any later version. *
30 * *
31 * This program is distributed in the hope that it will be useful, *
32 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
33 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
34 * GNU General Public License for more details. *
35 * *
36 * You should have received a copy of the GNU General Public License *
37 * along with this program. If not, see <http://www.gnu.org/licenses/>. *
38 * *
39 * Cortex-A8(tm) TRM, ARM DDI 0344H *
40 * Cortex-A9(tm) TRM, ARM DDI 0407F *
41 * Cortex-A4(tm) TRM, ARM DDI 0363E *
42 * Cortex-A15(tm)TRM, ARM DDI 0438C *
43 * *
44 ***************************************************************************/
45
46 #ifdef HAVE_CONFIG_H
47 #include "config.h"
48 #endif
49
50 #include "breakpoints.h"
51 #include "cortex_a.h"
52 #include "register.h"
53 #include "armv7a_mmu.h"
54 #include "target_request.h"
55 #include "target_type.h"
56 #include "arm_opcodes.h"
57 #include "arm_semihosting.h"
58 #include "jtag/interface.h"
59 #include "transport/transport.h"
60 #include "smp.h"
61 #include <helper/time_support.h>
62
63 static int cortex_a_poll(struct target *target);
64 static int cortex_a_debug_entry(struct target *target);
65 static int cortex_a_restore_context(struct target *target, bool bpwp);
66 static int cortex_a_set_breakpoint(struct target *target,
67 struct breakpoint *breakpoint, uint8_t matchmode);
68 static int cortex_a_set_context_breakpoint(struct target *target,
69 struct breakpoint *breakpoint, uint8_t matchmode);
70 static int cortex_a_set_hybrid_breakpoint(struct target *target,
71 struct breakpoint *breakpoint);
72 static int cortex_a_unset_breakpoint(struct target *target,
73 struct breakpoint *breakpoint);
74 static int cortex_a_wait_dscr_bits(struct target *target, uint32_t mask,
75 uint32_t value, uint32_t *dscr);
76 static int cortex_a_mmu(struct target *target, int *enabled);
77 static int cortex_a_mmu_modify(struct target *target, int enable);
78 static int cortex_a_virt2phys(struct target *target,
79 target_addr_t virt, target_addr_t *phys);
80 static int cortex_a_read_cpu_memory(struct target *target,
81 uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer);
82
83
84 /* restore cp15_control_reg at resume */
85 static int cortex_a_restore_cp15_control_reg(struct target *target)
86 {
87 int retval = ERROR_OK;
88 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
89 struct armv7a_common *armv7a = target_to_armv7a(target);
90
91 if (cortex_a->cp15_control_reg != cortex_a->cp15_control_reg_curr) {
92 cortex_a->cp15_control_reg_curr = cortex_a->cp15_control_reg;
93 /* LOG_INFO("cp15_control_reg: %8.8" PRIx32, cortex_a->cp15_control_reg); */
94 retval = armv7a->arm.mcr(target, 15,
95 0, 0, /* op1, op2 */
96 1, 0, /* CRn, CRm */
97 cortex_a->cp15_control_reg);
98 }
99 return retval;
100 }
101
102 /*
103 * Set up ARM core for memory access.
104 * If !phys_access, switch to SVC mode and make sure MMU is on
105 * If phys_access, switch off mmu
106 */
107 static int cortex_a_prep_memaccess(struct target *target, int phys_access)
108 {
109 struct armv7a_common *armv7a = target_to_armv7a(target);
110 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
111 int mmu_enabled = 0;
112
113 if (phys_access == 0) {
114 arm_dpm_modeswitch(&armv7a->dpm, ARM_MODE_SVC);
115 cortex_a_mmu(target, &mmu_enabled);
116 if (mmu_enabled)
117 cortex_a_mmu_modify(target, 1);
118 if (cortex_a->dacrfixup_mode == CORTEX_A_DACRFIXUP_ON) {
119 /* overwrite DACR to all-manager */
120 armv7a->arm.mcr(target, 15,
121 0, 0, 3, 0,
122 0xFFFFFFFF);
123 }
124 } else {
125 cortex_a_mmu(target, &mmu_enabled);
126 if (mmu_enabled)
127 cortex_a_mmu_modify(target, 0);
128 }
129 return ERROR_OK;
130 }
131
132 /*
133 * Restore ARM core after memory access.
134 * If !phys_access, switch to previous mode
135 * If phys_access, restore MMU setting
136 */
137 static int cortex_a_post_memaccess(struct target *target, int phys_access)
138 {
139 struct armv7a_common *armv7a = target_to_armv7a(target);
140 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
141
142 if (phys_access == 0) {
143 if (cortex_a->dacrfixup_mode == CORTEX_A_DACRFIXUP_ON) {
144 /* restore */
145 armv7a->arm.mcr(target, 15,
146 0, 0, 3, 0,
147 cortex_a->cp15_dacr_reg);
148 }
149 arm_dpm_modeswitch(&armv7a->dpm, ARM_MODE_ANY);
150 } else {
151 int mmu_enabled = 0;
152 cortex_a_mmu(target, &mmu_enabled);
153 if (mmu_enabled)
154 cortex_a_mmu_modify(target, 1);
155 }
156 return ERROR_OK;
157 }
158
159
160 /* modify cp15_control_reg in order to enable or disable mmu for :
161 * - virt2phys address conversion
162 * - read or write memory in phys or virt address */
163 static int cortex_a_mmu_modify(struct target *target, int enable)
164 {
165 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
166 struct armv7a_common *armv7a = target_to_armv7a(target);
167 int retval = ERROR_OK;
168 int need_write = 0;
169
170 if (enable) {
171 /* if mmu enabled at target stop and mmu not enable */
172 if (!(cortex_a->cp15_control_reg & 0x1U)) {
173 LOG_ERROR("trying to enable mmu on target stopped with mmu disable");
174 return ERROR_FAIL;
175 }
176 if ((cortex_a->cp15_control_reg_curr & 0x1U) == 0) {
177 cortex_a->cp15_control_reg_curr |= 0x1U;
178 need_write = 1;
179 }
180 } else {
181 if ((cortex_a->cp15_control_reg_curr & 0x1U) == 0x1U) {
182 cortex_a->cp15_control_reg_curr &= ~0x1U;
183 need_write = 1;
184 }
185 }
186
187 if (need_write) {
188 LOG_DEBUG("%s, writing cp15 ctrl: %" PRIx32,
189 enable ? "enable mmu" : "disable mmu",
190 cortex_a->cp15_control_reg_curr);
191
192 retval = armv7a->arm.mcr(target, 15,
193 0, 0, /* op1, op2 */
194 1, 0, /* CRn, CRm */
195 cortex_a->cp15_control_reg_curr);
196 }
197 return retval;
198 }
199
200 /*
201 * Cortex-A Basic debug access, very low level assumes state is saved
202 */
203 static int cortex_a_init_debug_access(struct target *target)
204 {
205 struct armv7a_common *armv7a = target_to_armv7a(target);
206 uint32_t dscr;
207 int retval;
208
209 /* lock memory-mapped access to debug registers to prevent
210 * software interference */
211 retval = mem_ap_write_u32(armv7a->debug_ap,
212 armv7a->debug_base + CPUDBG_LOCKACCESS, 0);
213 if (retval != ERROR_OK)
214 return retval;
215
216 /* Disable cacheline fills and force cache write-through in debug state */
217 retval = mem_ap_write_u32(armv7a->debug_ap,
218 armv7a->debug_base + CPUDBG_DSCCR, 0);
219 if (retval != ERROR_OK)
220 return retval;
221
222 /* Disable TLB lookup and refill/eviction in debug state */
223 retval = mem_ap_write_u32(armv7a->debug_ap,
224 armv7a->debug_base + CPUDBG_DSMCR, 0);
225 if (retval != ERROR_OK)
226 return retval;
227
228 retval = dap_run(armv7a->debug_ap->dap);
229 if (retval != ERROR_OK)
230 return retval;
231
232 /* Enabling of instruction execution in debug mode is done in debug_entry code */
233
234 /* Resync breakpoint registers */
235
236 /* Enable halt for breakpoint, watchpoint and vector catch */
237 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
238 armv7a->debug_base + CPUDBG_DSCR, &dscr);
239 if (retval != ERROR_OK)
240 return retval;
241 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
242 armv7a->debug_base + CPUDBG_DSCR, dscr | DSCR_HALT_DBG_MODE);
243 if (retval != ERROR_OK)
244 return retval;
245
246 /* Since this is likely called from init or reset, update target state information*/
247 return cortex_a_poll(target);
248 }
249
250 static int cortex_a_wait_instrcmpl(struct target *target, uint32_t *dscr, bool force)
251 {
252 /* Waits until InstrCmpl_l becomes 1, indicating instruction is done.
253 * Writes final value of DSCR into *dscr. Pass force to force always
254 * reading DSCR at least once. */
255 struct armv7a_common *armv7a = target_to_armv7a(target);
256 int retval;
257
258 if (force) {
259 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
260 armv7a->debug_base + CPUDBG_DSCR, dscr);
261 if (retval != ERROR_OK) {
262 LOG_ERROR("Could not read DSCR register");
263 return retval;
264 }
265 }
266
267 retval = cortex_a_wait_dscr_bits(target, DSCR_INSTR_COMP, DSCR_INSTR_COMP, dscr);
268 if (retval != ERROR_OK)
269 LOG_ERROR("Error waiting for InstrCompl=1");
270 return retval;
271 }
272
273 /* To reduce needless round-trips, pass in a pointer to the current
274 * DSCR value. Initialize it to zero if you just need to know the
275 * value on return from this function; or DSCR_INSTR_COMP if you
276 * happen to know that no instruction is pending.
277 */
278 static int cortex_a_exec_opcode(struct target *target,
279 uint32_t opcode, uint32_t *dscr_p)
280 {
281 uint32_t dscr;
282 int retval;
283 struct armv7a_common *armv7a = target_to_armv7a(target);
284
285 dscr = dscr_p ? *dscr_p : 0;
286
287 LOG_DEBUG("exec opcode 0x%08" PRIx32, opcode);
288
289 /* Wait for InstrCompl bit to be set */
290 retval = cortex_a_wait_instrcmpl(target, dscr_p, false);
291 if (retval != ERROR_OK)
292 return retval;
293
294 retval = mem_ap_write_u32(armv7a->debug_ap,
295 armv7a->debug_base + CPUDBG_ITR, opcode);
296 if (retval != ERROR_OK)
297 return retval;
298
299 /* Wait for InstrCompl bit to be set */
300 retval = cortex_a_wait_instrcmpl(target, &dscr, true);
301 if (retval != ERROR_OK) {
302 LOG_ERROR("Error waiting for cortex_a_exec_opcode");
303 return retval;
304 }
305
306 if (dscr_p)
307 *dscr_p = dscr;
308
309 return retval;
310 }
311
312 /* Write to memory mapped registers directly with no cache or mmu handling */
313 static int cortex_a_dap_write_memap_register_u32(struct target *target,
314 uint32_t address,
315 uint32_t value)
316 {
317 int retval;
318 struct armv7a_common *armv7a = target_to_armv7a(target);
319
320 retval = mem_ap_write_atomic_u32(armv7a->debug_ap, address, value);
321
322 return retval;
323 }
324
325 /*
326 * Cortex-A implementation of Debug Programmer's Model
327 *
328 * NOTE the invariant: these routines return with DSCR_INSTR_COMP set,
329 * so there's no need to poll for it before executing an instruction.
330 *
331 * NOTE that in several of these cases the "stall" mode might be useful.
332 * It'd let us queue a few operations together... prepare/finish might
333 * be the places to enable/disable that mode.
334 */
335
336 static inline struct cortex_a_common *dpm_to_a(struct arm_dpm *dpm)
337 {
338 return container_of(dpm, struct cortex_a_common, armv7a_common.dpm);
339 }
340
341 static int cortex_a_write_dcc(struct cortex_a_common *a, uint32_t data)
342 {
343 LOG_DEBUG("write DCC 0x%08" PRIx32, data);
344 return mem_ap_write_u32(a->armv7a_common.debug_ap,
345 a->armv7a_common.debug_base + CPUDBG_DTRRX, data);
346 }
347
348 static int cortex_a_read_dcc(struct cortex_a_common *a, uint32_t *data,
349 uint32_t *dscr_p)
350 {
351 uint32_t dscr = DSCR_INSTR_COMP;
352 int retval;
353
354 if (dscr_p)
355 dscr = *dscr_p;
356
357 /* Wait for DTRRXfull */
358 retval = cortex_a_wait_dscr_bits(a->armv7a_common.arm.target,
359 DSCR_DTR_TX_FULL, DSCR_DTR_TX_FULL, &dscr);
360 if (retval != ERROR_OK) {
361 LOG_ERROR("Error waiting for read dcc");
362 return retval;
363 }
364
365 retval = mem_ap_read_atomic_u32(a->armv7a_common.debug_ap,
366 a->armv7a_common.debug_base + CPUDBG_DTRTX, data);
367 if (retval != ERROR_OK)
368 return retval;
369 /* LOG_DEBUG("read DCC 0x%08" PRIx32, *data); */
370
371 if (dscr_p)
372 *dscr_p = dscr;
373
374 return retval;
375 }
376
377 static int cortex_a_dpm_prepare(struct arm_dpm *dpm)
378 {
379 struct cortex_a_common *a = dpm_to_a(dpm);
380 uint32_t dscr;
381 int retval;
382
383 /* set up invariant: INSTR_COMP is set after ever DPM operation */
384 retval = cortex_a_wait_instrcmpl(dpm->arm->target, &dscr, true);
385 if (retval != ERROR_OK) {
386 LOG_ERROR("Error waiting for dpm prepare");
387 return retval;
388 }
389
390 /* this "should never happen" ... */
391 if (dscr & DSCR_DTR_RX_FULL) {
392 LOG_ERROR("DSCR_DTR_RX_FULL, dscr 0x%08" PRIx32, dscr);
393 /* Clear DCCRX */
394 retval = cortex_a_exec_opcode(
395 a->armv7a_common.arm.target,
396 ARMV4_5_MRC(14, 0, 0, 0, 5, 0),
397 &dscr);
398 if (retval != ERROR_OK)
399 return retval;
400 }
401
402 return retval;
403 }
404
405 static int cortex_a_dpm_finish(struct arm_dpm *dpm)
406 {
407 /* REVISIT what could be done here? */
408 return ERROR_OK;
409 }
410
411 static int cortex_a_instr_write_data_dcc(struct arm_dpm *dpm,
412 uint32_t opcode, uint32_t data)
413 {
414 struct cortex_a_common *a = dpm_to_a(dpm);
415 int retval;
416 uint32_t dscr = DSCR_INSTR_COMP;
417
418 retval = cortex_a_write_dcc(a, data);
419 if (retval != ERROR_OK)
420 return retval;
421
422 return cortex_a_exec_opcode(
423 a->armv7a_common.arm.target,
424 opcode,
425 &dscr);
426 }
427
428 static int cortex_a_instr_write_data_rt_dcc(struct arm_dpm *dpm,
429 uint8_t rt, uint32_t data)
430 {
431 struct cortex_a_common *a = dpm_to_a(dpm);
432 uint32_t dscr = DSCR_INSTR_COMP;
433 int retval;
434
435 if (rt > 15)
436 return ERROR_TARGET_INVALID;
437
438 retval = cortex_a_write_dcc(a, data);
439 if (retval != ERROR_OK)
440 return retval;
441
442 /* DCCRX to Rt, "MCR p14, 0, R0, c0, c5, 0", 0xEE000E15 */
443 return cortex_a_exec_opcode(
444 a->armv7a_common.arm.target,
445 ARMV4_5_MRC(14, 0, rt, 0, 5, 0),
446 &dscr);
447 }
448
449 static int cortex_a_instr_write_data_r0(struct arm_dpm *dpm,
450 uint32_t opcode, uint32_t data)
451 {
452 struct cortex_a_common *a = dpm_to_a(dpm);
453 uint32_t dscr = DSCR_INSTR_COMP;
454 int retval;
455
456 retval = cortex_a_instr_write_data_rt_dcc(dpm, 0, data);
457 if (retval != ERROR_OK)
458 return retval;
459
460 /* then the opcode, taking data from R0 */
461 retval = cortex_a_exec_opcode(
462 a->armv7a_common.arm.target,
463 opcode,
464 &dscr);
465
466 return retval;
467 }
468
469 static int cortex_a_instr_cpsr_sync(struct arm_dpm *dpm)
470 {
471 struct target *target = dpm->arm->target;
472 uint32_t dscr = DSCR_INSTR_COMP;
473
474 /* "Prefetch flush" after modifying execution status in CPSR */
475 return cortex_a_exec_opcode(target,
476 ARMV4_5_MCR(15, 0, 0, 7, 5, 4),
477 &dscr);
478 }
479
480 static int cortex_a_instr_read_data_dcc(struct arm_dpm *dpm,
481 uint32_t opcode, uint32_t *data)
482 {
483 struct cortex_a_common *a = dpm_to_a(dpm);
484 int retval;
485 uint32_t dscr = DSCR_INSTR_COMP;
486
487 /* the opcode, writing data to DCC */
488 retval = cortex_a_exec_opcode(
489 a->armv7a_common.arm.target,
490 opcode,
491 &dscr);
492 if (retval != ERROR_OK)
493 return retval;
494
495 return cortex_a_read_dcc(a, data, &dscr);
496 }
497
498 static int cortex_a_instr_read_data_rt_dcc(struct arm_dpm *dpm,
499 uint8_t rt, uint32_t *data)
500 {
501 struct cortex_a_common *a = dpm_to_a(dpm);
502 uint32_t dscr = DSCR_INSTR_COMP;
503 int retval;
504
505 if (rt > 15)
506 return ERROR_TARGET_INVALID;
507
508 retval = cortex_a_exec_opcode(
509 a->armv7a_common.arm.target,
510 ARMV4_5_MCR(14, 0, rt, 0, 5, 0),
511 &dscr);
512 if (retval != ERROR_OK)
513 return retval;
514
515 return cortex_a_read_dcc(a, data, &dscr);
516 }
517
518 static int cortex_a_instr_read_data_r0(struct arm_dpm *dpm,
519 uint32_t opcode, uint32_t *data)
520 {
521 struct cortex_a_common *a = dpm_to_a(dpm);
522 uint32_t dscr = DSCR_INSTR_COMP;
523 int retval;
524
525 /* the opcode, writing data to R0 */
526 retval = cortex_a_exec_opcode(
527 a->armv7a_common.arm.target,
528 opcode,
529 &dscr);
530 if (retval != ERROR_OK)
531 return retval;
532
533 /* write R0 to DCC */
534 return cortex_a_instr_read_data_rt_dcc(dpm, 0, data);
535 }
536
537 static int cortex_a_bpwp_enable(struct arm_dpm *dpm, unsigned index_t,
538 uint32_t addr, uint32_t control)
539 {
540 struct cortex_a_common *a = dpm_to_a(dpm);
541 uint32_t vr = a->armv7a_common.debug_base;
542 uint32_t cr = a->armv7a_common.debug_base;
543 int retval;
544
545 switch (index_t) {
546 case 0 ... 15: /* breakpoints */
547 vr += CPUDBG_BVR_BASE;
548 cr += CPUDBG_BCR_BASE;
549 break;
550 case 16 ... 31: /* watchpoints */
551 vr += CPUDBG_WVR_BASE;
552 cr += CPUDBG_WCR_BASE;
553 index_t -= 16;
554 break;
555 default:
556 return ERROR_FAIL;
557 }
558 vr += 4 * index_t;
559 cr += 4 * index_t;
560
561 LOG_DEBUG("A: bpwp enable, vr %08x cr %08x",
562 (unsigned) vr, (unsigned) cr);
563
564 retval = cortex_a_dap_write_memap_register_u32(dpm->arm->target,
565 vr, addr);
566 if (retval != ERROR_OK)
567 return retval;
568 retval = cortex_a_dap_write_memap_register_u32(dpm->arm->target,
569 cr, control);
570 return retval;
571 }
572
573 static int cortex_a_bpwp_disable(struct arm_dpm *dpm, unsigned index_t)
574 {
575 struct cortex_a_common *a = dpm_to_a(dpm);
576 uint32_t cr;
577
578 switch (index_t) {
579 case 0 ... 15:
580 cr = a->armv7a_common.debug_base + CPUDBG_BCR_BASE;
581 break;
582 case 16 ... 31:
583 cr = a->armv7a_common.debug_base + CPUDBG_WCR_BASE;
584 index_t -= 16;
585 break;
586 default:
587 return ERROR_FAIL;
588 }
589 cr += 4 * index_t;
590
591 LOG_DEBUG("A: bpwp disable, cr %08x", (unsigned) cr);
592
593 /* clear control register */
594 return cortex_a_dap_write_memap_register_u32(dpm->arm->target, cr, 0);
595 }
596
597 static int cortex_a_dpm_setup(struct cortex_a_common *a, uint32_t didr)
598 {
599 struct arm_dpm *dpm = &a->armv7a_common.dpm;
600 int retval;
601
602 dpm->arm = &a->armv7a_common.arm;
603 dpm->didr = didr;
604
605 dpm->prepare = cortex_a_dpm_prepare;
606 dpm->finish = cortex_a_dpm_finish;
607
608 dpm->instr_write_data_dcc = cortex_a_instr_write_data_dcc;
609 dpm->instr_write_data_r0 = cortex_a_instr_write_data_r0;
610 dpm->instr_cpsr_sync = cortex_a_instr_cpsr_sync;
611
612 dpm->instr_read_data_dcc = cortex_a_instr_read_data_dcc;
613 dpm->instr_read_data_r0 = cortex_a_instr_read_data_r0;
614
615 dpm->bpwp_enable = cortex_a_bpwp_enable;
616 dpm->bpwp_disable = cortex_a_bpwp_disable;
617
618 retval = arm_dpm_setup(dpm);
619 if (retval == ERROR_OK)
620 retval = arm_dpm_initialize(dpm);
621
622 return retval;
623 }
624 static struct target *get_cortex_a(struct target *target, int32_t coreid)
625 {
626 struct target_list *head;
627 struct target *curr;
628
629 head = target->head;
630 while (head != (struct target_list *)NULL) {
631 curr = head->target;
632 if ((curr->coreid == coreid) && (curr->state == TARGET_HALTED))
633 return curr;
634 head = head->next;
635 }
636 return target;
637 }
638 static int cortex_a_halt(struct target *target);
639
640 static int cortex_a_halt_smp(struct target *target)
641 {
642 int retval = 0;
643 struct target_list *head;
644 struct target *curr;
645 head = target->head;
646 while (head != (struct target_list *)NULL) {
647 curr = head->target;
648 if ((curr != target) && (curr->state != TARGET_HALTED)
649 && target_was_examined(curr))
650 retval += cortex_a_halt(curr);
651 head = head->next;
652 }
653 return retval;
654 }
655
656 static int update_halt_gdb(struct target *target)
657 {
658 struct target *gdb_target = NULL;
659 struct target_list *head;
660 struct target *curr;
661 int retval = 0;
662
663 if (target->gdb_service && target->gdb_service->core[0] == -1) {
664 target->gdb_service->target = target;
665 target->gdb_service->core[0] = target->coreid;
666 retval += cortex_a_halt_smp(target);
667 }
668
669 if (target->gdb_service)
670 gdb_target = target->gdb_service->target;
671
672 foreach_smp_target(head, target->head) {
673 curr = head->target;
674 /* skip calling context */
675 if (curr == target)
676 continue;
677 if (!target_was_examined(curr))
678 continue;
679 /* skip targets that were already halted */
680 if (curr->state == TARGET_HALTED)
681 continue;
682 /* Skip gdb_target; it alerts GDB so has to be polled as last one */
683 if (curr == gdb_target)
684 continue;
685
686 /* avoid recursion in cortex_a_poll() */
687 curr->smp = 0;
688 cortex_a_poll(curr);
689 curr->smp = 1;
690 }
691
692 /* after all targets were updated, poll the gdb serving target */
693 if (gdb_target != NULL && gdb_target != target)
694 cortex_a_poll(gdb_target);
695 return retval;
696 }
697
698 /*
699 * Cortex-A Run control
700 */
701
702 static int cortex_a_poll(struct target *target)
703 {
704 int retval = ERROR_OK;
705 uint32_t dscr;
706 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
707 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
708 enum target_state prev_target_state = target->state;
709 /* toggle to another core is done by gdb as follow */
710 /* maint packet J core_id */
711 /* continue */
712 /* the next polling trigger an halt event sent to gdb */
713 if ((target->state == TARGET_HALTED) && (target->smp) &&
714 (target->gdb_service) &&
715 (target->gdb_service->target == NULL)) {
716 target->gdb_service->target =
717 get_cortex_a(target, target->gdb_service->core[1]);
718 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
719 return retval;
720 }
721 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
722 armv7a->debug_base + CPUDBG_DSCR, &dscr);
723 if (retval != ERROR_OK)
724 return retval;
725 cortex_a->cpudbg_dscr = dscr;
726
727 if (DSCR_RUN_MODE(dscr) == (DSCR_CORE_HALTED | DSCR_CORE_RESTARTED)) {
728 if (prev_target_state != TARGET_HALTED) {
729 /* We have a halting debug event */
730 LOG_DEBUG("Target halted");
731 target->state = TARGET_HALTED;
732
733 retval = cortex_a_debug_entry(target);
734 if (retval != ERROR_OK)
735 return retval;
736
737 if (target->smp) {
738 retval = update_halt_gdb(target);
739 if (retval != ERROR_OK)
740 return retval;
741 }
742
743 if (prev_target_state == TARGET_DEBUG_RUNNING) {
744 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
745 } else { /* prev_target_state is RUNNING, UNKNOWN or RESET */
746 if (arm_semihosting(target, &retval) != 0)
747 return retval;
748
749 target_call_event_callbacks(target,
750 TARGET_EVENT_HALTED);
751 }
752 }
753 } else
754 target->state = TARGET_RUNNING;
755
756 return retval;
757 }
758
759 static int cortex_a_halt(struct target *target)
760 {
761 int retval;
762 uint32_t dscr;
763 struct armv7a_common *armv7a = target_to_armv7a(target);
764
765 /*
766 * Tell the core to be halted by writing DRCR with 0x1
767 * and then wait for the core to be halted.
768 */
769 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
770 armv7a->debug_base + CPUDBG_DRCR, DRCR_HALT);
771 if (retval != ERROR_OK)
772 return retval;
773
774 dscr = 0; /* force read of dscr */
775 retval = cortex_a_wait_dscr_bits(target, DSCR_CORE_HALTED,
776 DSCR_CORE_HALTED, &dscr);
777 if (retval != ERROR_OK) {
778 LOG_ERROR("Error waiting for halt");
779 return retval;
780 }
781
782 target->debug_reason = DBG_REASON_DBGRQ;
783
784 return ERROR_OK;
785 }
786
787 static int cortex_a_internal_restore(struct target *target, int current,
788 target_addr_t *address, int handle_breakpoints, int debug_execution)
789 {
790 struct armv7a_common *armv7a = target_to_armv7a(target);
791 struct arm *arm = &armv7a->arm;
792 int retval;
793 uint32_t resume_pc;
794
795 if (!debug_execution)
796 target_free_all_working_areas(target);
797
798 #if 0
799 if (debug_execution) {
800 /* Disable interrupts */
801 /* We disable interrupts in the PRIMASK register instead of
802 * masking with C_MASKINTS,
803 * This is probably the same issue as Cortex-M3 Errata 377493:
804 * C_MASKINTS in parallel with disabled interrupts can cause
805 * local faults to not be taken. */
806 buf_set_u32(armv7m->core_cache->reg_list[ARMV7M_PRIMASK].value, 0, 32, 1);
807 armv7m->core_cache->reg_list[ARMV7M_PRIMASK].dirty = true;
808 armv7m->core_cache->reg_list[ARMV7M_PRIMASK].valid = true;
809
810 /* Make sure we are in Thumb mode */
811 buf_set_u32(armv7m->core_cache->reg_list[ARMV7M_xPSR].value, 0, 32,
812 buf_get_u32(armv7m->core_cache->reg_list[ARMV7M_xPSR].value, 0,
813 32) | (1 << 24));
814 armv7m->core_cache->reg_list[ARMV7M_xPSR].dirty = true;
815 armv7m->core_cache->reg_list[ARMV7M_xPSR].valid = true;
816 }
817 #endif
818
819 /* current = 1: continue on current pc, otherwise continue at <address> */
820 resume_pc = buf_get_u32(arm->pc->value, 0, 32);
821 if (!current)
822 resume_pc = *address;
823 else
824 *address = resume_pc;
825
826 /* Make sure that the Armv7 gdb thumb fixups does not
827 * kill the return address
828 */
829 switch (arm->core_state) {
830 case ARM_STATE_ARM:
831 resume_pc &= 0xFFFFFFFC;
832 break;
833 case ARM_STATE_THUMB:
834 case ARM_STATE_THUMB_EE:
835 /* When the return address is loaded into PC
836 * bit 0 must be 1 to stay in Thumb state
837 */
838 resume_pc |= 0x1;
839 break;
840 case ARM_STATE_JAZELLE:
841 LOG_ERROR("How do I resume into Jazelle state??");
842 return ERROR_FAIL;
843 case ARM_STATE_AARCH64:
844 LOG_ERROR("Shouldn't be in AARCH64 state");
845 return ERROR_FAIL;
846 }
847 LOG_DEBUG("resume pc = 0x%08" PRIx32, resume_pc);
848 buf_set_u32(arm->pc->value, 0, 32, resume_pc);
849 arm->pc->dirty = true;
850 arm->pc->valid = true;
851
852 /* restore dpm_mode at system halt */
853 arm_dpm_modeswitch(&armv7a->dpm, ARM_MODE_ANY);
854 /* called it now before restoring context because it uses cpu
855 * register r0 for restoring cp15 control register */
856 retval = cortex_a_restore_cp15_control_reg(target);
857 if (retval != ERROR_OK)
858 return retval;
859 retval = cortex_a_restore_context(target, handle_breakpoints);
860 if (retval != ERROR_OK)
861 return retval;
862 target->debug_reason = DBG_REASON_NOTHALTED;
863 target->state = TARGET_RUNNING;
864
865 /* registers are now invalid */
866 register_cache_invalidate(arm->core_cache);
867
868 #if 0
869 /* the front-end may request us not to handle breakpoints */
870 if (handle_breakpoints) {
871 /* Single step past breakpoint at current address */
872 breakpoint = breakpoint_find(target, resume_pc);
873 if (breakpoint) {
874 LOG_DEBUG("unset breakpoint at 0x%8.8x", breakpoint->address);
875 cortex_m3_unset_breakpoint(target, breakpoint);
876 cortex_m3_single_step_core(target);
877 cortex_m3_set_breakpoint(target, breakpoint);
878 }
879 }
880
881 #endif
882 return retval;
883 }
884
885 static int cortex_a_internal_restart(struct target *target)
886 {
887 struct armv7a_common *armv7a = target_to_armv7a(target);
888 struct arm *arm = &armv7a->arm;
889 int retval;
890 uint32_t dscr;
891 /*
892 * * Restart core and wait for it to be started. Clear ITRen and sticky
893 * * exception flags: see ARMv7 ARM, C5.9.
894 *
895 * REVISIT: for single stepping, we probably want to
896 * disable IRQs by default, with optional override...
897 */
898
899 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
900 armv7a->debug_base + CPUDBG_DSCR, &dscr);
901 if (retval != ERROR_OK)
902 return retval;
903
904 if ((dscr & DSCR_INSTR_COMP) == 0)
905 LOG_ERROR("DSCR InstrCompl must be set before leaving debug!");
906
907 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
908 armv7a->debug_base + CPUDBG_DSCR, dscr & ~DSCR_ITR_EN);
909 if (retval != ERROR_OK)
910 return retval;
911
912 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
913 armv7a->debug_base + CPUDBG_DRCR, DRCR_RESTART |
914 DRCR_CLEAR_EXCEPTIONS);
915 if (retval != ERROR_OK)
916 return retval;
917
918 dscr = 0; /* force read of dscr */
919 retval = cortex_a_wait_dscr_bits(target, DSCR_CORE_RESTARTED,
920 DSCR_CORE_RESTARTED, &dscr);
921 if (retval != ERROR_OK) {
922 LOG_ERROR("Error waiting for resume");
923 return retval;
924 }
925
926 target->debug_reason = DBG_REASON_NOTHALTED;
927 target->state = TARGET_RUNNING;
928
929 /* registers are now invalid */
930 register_cache_invalidate(arm->core_cache);
931
932 return ERROR_OK;
933 }
934
935 static int cortex_a_restore_smp(struct target *target, int handle_breakpoints)
936 {
937 int retval = 0;
938 struct target_list *head;
939 struct target *curr;
940 target_addr_t address;
941 head = target->head;
942 while (head != (struct target_list *)NULL) {
943 curr = head->target;
944 if ((curr != target) && (curr->state != TARGET_RUNNING)
945 && target_was_examined(curr)) {
946 /* resume current address , not in step mode */
947 retval += cortex_a_internal_restore(curr, 1, &address,
948 handle_breakpoints, 0);
949 retval += cortex_a_internal_restart(curr);
950 }
951 head = head->next;
952
953 }
954 return retval;
955 }
956
957 static int cortex_a_resume(struct target *target, int current,
958 target_addr_t address, int handle_breakpoints, int debug_execution)
959 {
960 int retval = 0;
961 /* dummy resume for smp toggle in order to reduce gdb impact */
962 if ((target->smp) && (target->gdb_service->core[1] != -1)) {
963 /* simulate a start and halt of target */
964 target->gdb_service->target = NULL;
965 target->gdb_service->core[0] = target->gdb_service->core[1];
966 /* fake resume at next poll we play the target core[1], see poll*/
967 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
968 return 0;
969 }
970 cortex_a_internal_restore(target, current, &address, handle_breakpoints, debug_execution);
971 if (target->smp) {
972 target->gdb_service->core[0] = -1;
973 retval = cortex_a_restore_smp(target, handle_breakpoints);
974 if (retval != ERROR_OK)
975 return retval;
976 }
977 cortex_a_internal_restart(target);
978
979 if (!debug_execution) {
980 target->state = TARGET_RUNNING;
981 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
982 LOG_DEBUG("target resumed at " TARGET_ADDR_FMT, address);
983 } else {
984 target->state = TARGET_DEBUG_RUNNING;
985 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
986 LOG_DEBUG("target debug resumed at " TARGET_ADDR_FMT, address);
987 }
988
989 return ERROR_OK;
990 }
991
992 static int cortex_a_debug_entry(struct target *target)
993 {
994 uint32_t dscr;
995 int retval = ERROR_OK;
996 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
997 struct armv7a_common *armv7a = target_to_armv7a(target);
998 struct arm *arm = &armv7a->arm;
999
1000 LOG_DEBUG("dscr = 0x%08" PRIx32, cortex_a->cpudbg_dscr);
1001
1002 /* REVISIT surely we should not re-read DSCR !! */
1003 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
1004 armv7a->debug_base + CPUDBG_DSCR, &dscr);
1005 if (retval != ERROR_OK)
1006 return retval;
1007
1008 /* REVISIT see A TRM 12.11.4 steps 2..3 -- make sure that any
1009 * imprecise data aborts get discarded by issuing a Data
1010 * Synchronization Barrier: ARMV4_5_MCR(15, 0, 0, 7, 10, 4).
1011 */
1012
1013 /* Enable the ITR execution once we are in debug mode */
1014 dscr |= DSCR_ITR_EN;
1015 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
1016 armv7a->debug_base + CPUDBG_DSCR, dscr);
1017 if (retval != ERROR_OK)
1018 return retval;
1019
1020 /* Examine debug reason */
1021 arm_dpm_report_dscr(&armv7a->dpm, cortex_a->cpudbg_dscr);
1022
1023 /* save address of instruction that triggered the watchpoint? */
1024 if (target->debug_reason == DBG_REASON_WATCHPOINT) {
1025 uint32_t wfar;
1026
1027 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
1028 armv7a->debug_base + CPUDBG_WFAR,
1029 &wfar);
1030 if (retval != ERROR_OK)
1031 return retval;
1032 arm_dpm_report_wfar(&armv7a->dpm, wfar);
1033 }
1034
1035 /* First load register accessible through core debug port */
1036 retval = arm_dpm_read_current_registers(&armv7a->dpm);
1037 if (retval != ERROR_OK)
1038 return retval;
1039
1040 if (arm->spsr) {
1041 /* read SPSR */
1042 retval = arm_dpm_read_reg(&armv7a->dpm, arm->spsr, 17);
1043 if (retval != ERROR_OK)
1044 return retval;
1045 }
1046
1047 #if 0
1048 /* TODO, Move this */
1049 uint32_t cp15_control_register, cp15_cacr, cp15_nacr;
1050 cortex_a_read_cp(target, &cp15_control_register, 15, 0, 1, 0, 0);
1051 LOG_DEBUG("cp15_control_register = 0x%08x", cp15_control_register);
1052
1053 cortex_a_read_cp(target, &cp15_cacr, 15, 0, 1, 0, 2);
1054 LOG_DEBUG("cp15 Coprocessor Access Control Register = 0x%08x", cp15_cacr);
1055
1056 cortex_a_read_cp(target, &cp15_nacr, 15, 0, 1, 1, 2);
1057 LOG_DEBUG("cp15 Nonsecure Access Control Register = 0x%08x", cp15_nacr);
1058 #endif
1059
1060 /* Are we in an exception handler */
1061 /* armv4_5->exception_number = 0; */
1062 if (armv7a->post_debug_entry) {
1063 retval = armv7a->post_debug_entry(target);
1064 if (retval != ERROR_OK)
1065 return retval;
1066 }
1067
1068 return retval;
1069 }
1070
1071 static int cortex_a_post_debug_entry(struct target *target)
1072 {
1073 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1074 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
1075 int retval;
1076
1077 /* MRC p15,0,<Rt>,c1,c0,0 ; Read CP15 System Control Register */
1078 retval = armv7a->arm.mrc(target, 15,
1079 0, 0, /* op1, op2 */
1080 1, 0, /* CRn, CRm */
1081 &cortex_a->cp15_control_reg);
1082 if (retval != ERROR_OK)
1083 return retval;
1084 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32, cortex_a->cp15_control_reg);
1085 cortex_a->cp15_control_reg_curr = cortex_a->cp15_control_reg;
1086
1087 if (!armv7a->is_armv7r)
1088 armv7a_read_ttbcr(target);
1089
1090 if (armv7a->armv7a_mmu.armv7a_cache.info == -1)
1091 armv7a_identify_cache(target);
1092
1093 if (armv7a->is_armv7r) {
1094 armv7a->armv7a_mmu.mmu_enabled = 0;
1095 } else {
1096 armv7a->armv7a_mmu.mmu_enabled =
1097 (cortex_a->cp15_control_reg & 0x1U) ? 1 : 0;
1098 }
1099 armv7a->armv7a_mmu.armv7a_cache.d_u_cache_enabled =
1100 (cortex_a->cp15_control_reg & 0x4U) ? 1 : 0;
1101 armv7a->armv7a_mmu.armv7a_cache.i_cache_enabled =
1102 (cortex_a->cp15_control_reg & 0x1000U) ? 1 : 0;
1103 cortex_a->curr_mode = armv7a->arm.core_mode;
1104
1105 /* switch to SVC mode to read DACR */
1106 arm_dpm_modeswitch(&armv7a->dpm, ARM_MODE_SVC);
1107 armv7a->arm.mrc(target, 15,
1108 0, 0, 3, 0,
1109 &cortex_a->cp15_dacr_reg);
1110
1111 LOG_DEBUG("cp15_dacr_reg: %8.8" PRIx32,
1112 cortex_a->cp15_dacr_reg);
1113
1114 arm_dpm_modeswitch(&armv7a->dpm, ARM_MODE_ANY);
1115 return ERROR_OK;
1116 }
1117
1118 static int cortex_a_set_dscr_bits(struct target *target,
1119 unsigned long bit_mask, unsigned long value)
1120 {
1121 struct armv7a_common *armv7a = target_to_armv7a(target);
1122 uint32_t dscr;
1123
1124 /* Read DSCR */
1125 int retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
1126 armv7a->debug_base + CPUDBG_DSCR, &dscr);
1127 if (ERROR_OK != retval)
1128 return retval;
1129
1130 /* clear bitfield */
1131 dscr &= ~bit_mask;
1132 /* put new value */
1133 dscr |= value & bit_mask;
1134
1135 /* write new DSCR */
1136 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
1137 armv7a->debug_base + CPUDBG_DSCR, dscr);
1138 return retval;
1139 }
1140
1141 static int cortex_a_step(struct target *target, int current, target_addr_t address,
1142 int handle_breakpoints)
1143 {
1144 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1145 struct armv7a_common *armv7a = target_to_armv7a(target);
1146 struct arm *arm = &armv7a->arm;
1147 struct breakpoint *breakpoint = NULL;
1148 struct breakpoint stepbreakpoint;
1149 struct reg *r;
1150 int retval;
1151
1152 if (target->state != TARGET_HALTED) {
1153 LOG_WARNING("target not halted");
1154 return ERROR_TARGET_NOT_HALTED;
1155 }
1156
1157 /* current = 1: continue on current pc, otherwise continue at <address> */
1158 r = arm->pc;
1159 if (!current)
1160 buf_set_u32(r->value, 0, 32, address);
1161 else
1162 address = buf_get_u32(r->value, 0, 32);
1163
1164 /* The front-end may request us not to handle breakpoints.
1165 * But since Cortex-A uses breakpoint for single step,
1166 * we MUST handle breakpoints.
1167 */
1168 handle_breakpoints = 1;
1169 if (handle_breakpoints) {
1170 breakpoint = breakpoint_find(target, address);
1171 if (breakpoint)
1172 cortex_a_unset_breakpoint(target, breakpoint);
1173 }
1174
1175 /* Setup single step breakpoint */
1176 stepbreakpoint.address = address;
1177 stepbreakpoint.asid = 0;
1178 stepbreakpoint.length = (arm->core_state == ARM_STATE_THUMB)
1179 ? 2 : 4;
1180 stepbreakpoint.type = BKPT_HARD;
1181 stepbreakpoint.set = 0;
1182
1183 /* Disable interrupts during single step if requested */
1184 if (cortex_a->isrmasking_mode == CORTEX_A_ISRMASK_ON) {
1185 retval = cortex_a_set_dscr_bits(target, DSCR_INT_DIS, DSCR_INT_DIS);
1186 if (ERROR_OK != retval)
1187 return retval;
1188 }
1189
1190 /* Break on IVA mismatch */
1191 cortex_a_set_breakpoint(target, &stepbreakpoint, 0x04);
1192
1193 target->debug_reason = DBG_REASON_SINGLESTEP;
1194
1195 retval = cortex_a_resume(target, 1, address, 0, 0);
1196 if (retval != ERROR_OK)
1197 return retval;
1198
1199 int64_t then = timeval_ms();
1200 while (target->state != TARGET_HALTED) {
1201 retval = cortex_a_poll(target);
1202 if (retval != ERROR_OK)
1203 return retval;
1204 if (target->state == TARGET_HALTED)
1205 break;
1206 if (timeval_ms() > then + 1000) {
1207 LOG_ERROR("timeout waiting for target halt");
1208 return ERROR_FAIL;
1209 }
1210 }
1211
1212 cortex_a_unset_breakpoint(target, &stepbreakpoint);
1213
1214 /* Re-enable interrupts if they were disabled */
1215 if (cortex_a->isrmasking_mode == CORTEX_A_ISRMASK_ON) {
1216 retval = cortex_a_set_dscr_bits(target, DSCR_INT_DIS, 0);
1217 if (ERROR_OK != retval)
1218 return retval;
1219 }
1220
1221
1222 target->debug_reason = DBG_REASON_BREAKPOINT;
1223
1224 if (breakpoint)
1225 cortex_a_set_breakpoint(target, breakpoint, 0);
1226
1227 if (target->state != TARGET_HALTED)
1228 LOG_DEBUG("target stepped");
1229
1230 return ERROR_OK;
1231 }
1232
1233 static int cortex_a_restore_context(struct target *target, bool bpwp)
1234 {
1235 struct armv7a_common *armv7a = target_to_armv7a(target);
1236
1237 LOG_DEBUG(" ");
1238
1239 if (armv7a->pre_restore_context)
1240 armv7a->pre_restore_context(target);
1241
1242 return arm_dpm_write_dirty_registers(&armv7a->dpm, bpwp);
1243 }
1244
1245 /*
1246 * Cortex-A Breakpoint and watchpoint functions
1247 */
1248
1249 /* Setup hardware Breakpoint Register Pair */
1250 static int cortex_a_set_breakpoint(struct target *target,
1251 struct breakpoint *breakpoint, uint8_t matchmode)
1252 {
1253 int retval;
1254 int brp_i = 0;
1255 uint32_t control;
1256 uint8_t byte_addr_select = 0x0F;
1257 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1258 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
1259 struct cortex_a_brp *brp_list = cortex_a->brp_list;
1260
1261 if (breakpoint->set) {
1262 LOG_WARNING("breakpoint already set");
1263 return ERROR_OK;
1264 }
1265
1266 if (breakpoint->type == BKPT_HARD) {
1267 while (brp_list[brp_i].used && (brp_i < cortex_a->brp_num))
1268 brp_i++;
1269 if (brp_i >= cortex_a->brp_num) {
1270 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1271 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1272 }
1273 breakpoint->set = brp_i + 1;
1274 if (breakpoint->length == 2)
1275 byte_addr_select = (3 << (breakpoint->address & 0x02));
1276 control = ((matchmode & 0x7) << 20)
1277 | (byte_addr_select << 5)
1278 | (3 << 1) | 1;
1279 brp_list[brp_i].used = 1;
1280 brp_list[brp_i].value = (breakpoint->address & 0xFFFFFFFC);
1281 brp_list[brp_i].control = control;
1282 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1283 + CPUDBG_BVR_BASE + 4 * brp_list[brp_i].BRPn,
1284 brp_list[brp_i].value);
1285 if (retval != ERROR_OK)
1286 return retval;
1287 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1288 + CPUDBG_BCR_BASE + 4 * brp_list[brp_i].BRPn,
1289 brp_list[brp_i].control);
1290 if (retval != ERROR_OK)
1291 return retval;
1292 LOG_DEBUG("brp %i control 0x%0" PRIx32 " value 0x%0" PRIx32, brp_i,
1293 brp_list[brp_i].control,
1294 brp_list[brp_i].value);
1295 } else if (breakpoint->type == BKPT_SOFT) {
1296 uint8_t code[4];
1297 /* length == 2: Thumb breakpoint */
1298 if (breakpoint->length == 2)
1299 buf_set_u32(code, 0, 32, ARMV5_T_BKPT(0x11));
1300 else
1301 /* length == 3: Thumb-2 breakpoint, actual encoding is
1302 * a regular Thumb BKPT instruction but we replace a
1303 * 32bit Thumb-2 instruction, so fix-up the breakpoint
1304 * length
1305 */
1306 if (breakpoint->length == 3) {
1307 buf_set_u32(code, 0, 32, ARMV5_T_BKPT(0x11));
1308 breakpoint->length = 4;
1309 } else
1310 /* length == 4, normal ARM breakpoint */
1311 buf_set_u32(code, 0, 32, ARMV5_BKPT(0x11));
1312
1313 retval = target_read_memory(target,
1314 breakpoint->address & 0xFFFFFFFE,
1315 breakpoint->length, 1,
1316 breakpoint->orig_instr);
1317 if (retval != ERROR_OK)
1318 return retval;
1319
1320 /* make sure data cache is cleaned & invalidated down to PoC */
1321 if (!armv7a->armv7a_mmu.armv7a_cache.auto_cache_enabled) {
1322 armv7a_cache_flush_virt(target, breakpoint->address,
1323 breakpoint->length);
1324 }
1325
1326 retval = target_write_memory(target,
1327 breakpoint->address & 0xFFFFFFFE,
1328 breakpoint->length, 1, code);
1329 if (retval != ERROR_OK)
1330 return retval;
1331
1332 /* update i-cache at breakpoint location */
1333 armv7a_l1_d_cache_inval_virt(target, breakpoint->address,
1334 breakpoint->length);
1335 armv7a_l1_i_cache_inval_virt(target, breakpoint->address,
1336 breakpoint->length);
1337
1338 breakpoint->set = 0x11; /* Any nice value but 0 */
1339 }
1340
1341 return ERROR_OK;
1342 }
1343
1344 static int cortex_a_set_context_breakpoint(struct target *target,
1345 struct breakpoint *breakpoint, uint8_t matchmode)
1346 {
1347 int retval = ERROR_FAIL;
1348 int brp_i = 0;
1349 uint32_t control;
1350 uint8_t byte_addr_select = 0x0F;
1351 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1352 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
1353 struct cortex_a_brp *brp_list = cortex_a->brp_list;
1354
1355 if (breakpoint->set) {
1356 LOG_WARNING("breakpoint already set");
1357 return retval;
1358 }
1359 /*check available context BRPs*/
1360 while ((brp_list[brp_i].used ||
1361 (brp_list[brp_i].type != BRP_CONTEXT)) && (brp_i < cortex_a->brp_num))
1362 brp_i++;
1363
1364 if (brp_i >= cortex_a->brp_num) {
1365 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1366 return ERROR_FAIL;
1367 }
1368
1369 breakpoint->set = brp_i + 1;
1370 control = ((matchmode & 0x7) << 20)
1371 | (byte_addr_select << 5)
1372 | (3 << 1) | 1;
1373 brp_list[brp_i].used = 1;
1374 brp_list[brp_i].value = (breakpoint->asid);
1375 brp_list[brp_i].control = control;
1376 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1377 + CPUDBG_BVR_BASE + 4 * brp_list[brp_i].BRPn,
1378 brp_list[brp_i].value);
1379 if (retval != ERROR_OK)
1380 return retval;
1381 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1382 + CPUDBG_BCR_BASE + 4 * brp_list[brp_i].BRPn,
1383 brp_list[brp_i].control);
1384 if (retval != ERROR_OK)
1385 return retval;
1386 LOG_DEBUG("brp %i control 0x%0" PRIx32 " value 0x%0" PRIx32, brp_i,
1387 brp_list[brp_i].control,
1388 brp_list[brp_i].value);
1389 return ERROR_OK;
1390
1391 }
1392
1393 static int cortex_a_set_hybrid_breakpoint(struct target *target, struct breakpoint *breakpoint)
1394 {
1395 int retval = ERROR_FAIL;
1396 int brp_1 = 0; /* holds the contextID pair */
1397 int brp_2 = 0; /* holds the IVA pair */
1398 uint32_t control_CTX, control_IVA;
1399 uint8_t CTX_byte_addr_select = 0x0F;
1400 uint8_t IVA_byte_addr_select = 0x0F;
1401 uint8_t CTX_machmode = 0x03;
1402 uint8_t IVA_machmode = 0x01;
1403 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1404 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
1405 struct cortex_a_brp *brp_list = cortex_a->brp_list;
1406
1407 if (breakpoint->set) {
1408 LOG_WARNING("breakpoint already set");
1409 return retval;
1410 }
1411 /*check available context BRPs*/
1412 while ((brp_list[brp_1].used ||
1413 (brp_list[brp_1].type != BRP_CONTEXT)) && (brp_1 < cortex_a->brp_num))
1414 brp_1++;
1415
1416 printf("brp(CTX) found num: %d\n", brp_1);
1417 if (brp_1 >= cortex_a->brp_num) {
1418 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1419 return ERROR_FAIL;
1420 }
1421
1422 while ((brp_list[brp_2].used ||
1423 (brp_list[brp_2].type != BRP_NORMAL)) && (brp_2 < cortex_a->brp_num))
1424 brp_2++;
1425
1426 printf("brp(IVA) found num: %d\n", brp_2);
1427 if (brp_2 >= cortex_a->brp_num) {
1428 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1429 return ERROR_FAIL;
1430 }
1431
1432 breakpoint->set = brp_1 + 1;
1433 breakpoint->linked_BRP = brp_2;
1434 control_CTX = ((CTX_machmode & 0x7) << 20)
1435 | (brp_2 << 16)
1436 | (0 << 14)
1437 | (CTX_byte_addr_select << 5)
1438 | (3 << 1) | 1;
1439 brp_list[brp_1].used = 1;
1440 brp_list[brp_1].value = (breakpoint->asid);
1441 brp_list[brp_1].control = control_CTX;
1442 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1443 + CPUDBG_BVR_BASE + 4 * brp_list[brp_1].BRPn,
1444 brp_list[brp_1].value);
1445 if (retval != ERROR_OK)
1446 return retval;
1447 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1448 + CPUDBG_BCR_BASE + 4 * brp_list[brp_1].BRPn,
1449 brp_list[brp_1].control);
1450 if (retval != ERROR_OK)
1451 return retval;
1452
1453 control_IVA = ((IVA_machmode & 0x7) << 20)
1454 | (brp_1 << 16)
1455 | (IVA_byte_addr_select << 5)
1456 | (3 << 1) | 1;
1457 brp_list[brp_2].used = 1;
1458 brp_list[brp_2].value = (breakpoint->address & 0xFFFFFFFC);
1459 brp_list[brp_2].control = control_IVA;
1460 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1461 + CPUDBG_BVR_BASE + 4 * brp_list[brp_2].BRPn,
1462 brp_list[brp_2].value);
1463 if (retval != ERROR_OK)
1464 return retval;
1465 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1466 + CPUDBG_BCR_BASE + 4 * brp_list[brp_2].BRPn,
1467 brp_list[brp_2].control);
1468 if (retval != ERROR_OK)
1469 return retval;
1470
1471 return ERROR_OK;
1472 }
1473
1474 static int cortex_a_unset_breakpoint(struct target *target, struct breakpoint *breakpoint)
1475 {
1476 int retval;
1477 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1478 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
1479 struct cortex_a_brp *brp_list = cortex_a->brp_list;
1480
1481 if (!breakpoint->set) {
1482 LOG_WARNING("breakpoint not set");
1483 return ERROR_OK;
1484 }
1485
1486 if (breakpoint->type == BKPT_HARD) {
1487 if ((breakpoint->address != 0) && (breakpoint->asid != 0)) {
1488 int brp_i = breakpoint->set - 1;
1489 int brp_j = breakpoint->linked_BRP;
1490 if ((brp_i < 0) || (brp_i >= cortex_a->brp_num)) {
1491 LOG_DEBUG("Invalid BRP number in breakpoint");
1492 return ERROR_OK;
1493 }
1494 LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%0" PRIx32, brp_i,
1495 brp_list[brp_i].control, brp_list[brp_i].value);
1496 brp_list[brp_i].used = 0;
1497 brp_list[brp_i].value = 0;
1498 brp_list[brp_i].control = 0;
1499 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1500 + CPUDBG_BCR_BASE + 4 * brp_list[brp_i].BRPn,
1501 brp_list[brp_i].control);
1502 if (retval != ERROR_OK)
1503 return retval;
1504 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1505 + CPUDBG_BVR_BASE + 4 * brp_list[brp_i].BRPn,
1506 brp_list[brp_i].value);
1507 if (retval != ERROR_OK)
1508 return retval;
1509 if ((brp_j < 0) || (brp_j >= cortex_a->brp_num)) {
1510 LOG_DEBUG("Invalid BRP number in breakpoint");
1511 return ERROR_OK;
1512 }
1513 LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%0" PRIx32, brp_j,
1514 brp_list[brp_j].control, brp_list[brp_j].value);
1515 brp_list[brp_j].used = 0;
1516 brp_list[brp_j].value = 0;
1517 brp_list[brp_j].control = 0;
1518 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1519 + CPUDBG_BCR_BASE + 4 * brp_list[brp_j].BRPn,
1520 brp_list[brp_j].control);
1521 if (retval != ERROR_OK)
1522 return retval;
1523 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1524 + CPUDBG_BVR_BASE + 4 * brp_list[brp_j].BRPn,
1525 brp_list[brp_j].value);
1526 if (retval != ERROR_OK)
1527 return retval;
1528 breakpoint->linked_BRP = 0;
1529 breakpoint->set = 0;
1530 return ERROR_OK;
1531
1532 } else {
1533 int brp_i = breakpoint->set - 1;
1534 if ((brp_i < 0) || (brp_i >= cortex_a->brp_num)) {
1535 LOG_DEBUG("Invalid BRP number in breakpoint");
1536 return ERROR_OK;
1537 }
1538 LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%0" PRIx32, brp_i,
1539 brp_list[brp_i].control, brp_list[brp_i].value);
1540 brp_list[brp_i].used = 0;
1541 brp_list[brp_i].value = 0;
1542 brp_list[brp_i].control = 0;
1543 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1544 + CPUDBG_BCR_BASE + 4 * brp_list[brp_i].BRPn,
1545 brp_list[brp_i].control);
1546 if (retval != ERROR_OK)
1547 return retval;
1548 retval = cortex_a_dap_write_memap_register_u32(target, armv7a->debug_base
1549 + CPUDBG_BVR_BASE + 4 * brp_list[brp_i].BRPn,
1550 brp_list[brp_i].value);
1551 if (retval != ERROR_OK)
1552 return retval;
1553 breakpoint->set = 0;
1554 return ERROR_OK;
1555 }
1556 } else {
1557
1558 /* make sure data cache is cleaned & invalidated down to PoC */
1559 if (!armv7a->armv7a_mmu.armv7a_cache.auto_cache_enabled) {
1560 armv7a_cache_flush_virt(target, breakpoint->address,
1561 breakpoint->length);
1562 }
1563
1564 /* restore original instruction (kept in target endianness) */
1565 if (breakpoint->length == 4) {
1566 retval = target_write_memory(target,
1567 breakpoint->address & 0xFFFFFFFE,
1568 4, 1, breakpoint->orig_instr);
1569 if (retval != ERROR_OK)
1570 return retval;
1571 } else {
1572 retval = target_write_memory(target,
1573 breakpoint->address & 0xFFFFFFFE,
1574 2, 1, breakpoint->orig_instr);
1575 if (retval != ERROR_OK)
1576 return retval;
1577 }
1578
1579 /* update i-cache at breakpoint location */
1580 armv7a_l1_d_cache_inval_virt(target, breakpoint->address,
1581 breakpoint->length);
1582 armv7a_l1_i_cache_inval_virt(target, breakpoint->address,
1583 breakpoint->length);
1584 }
1585 breakpoint->set = 0;
1586
1587 return ERROR_OK;
1588 }
1589
1590 static int cortex_a_add_breakpoint(struct target *target,
1591 struct breakpoint *breakpoint)
1592 {
1593 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1594
1595 if ((breakpoint->type == BKPT_HARD) && (cortex_a->brp_num_available < 1)) {
1596 LOG_INFO("no hardware breakpoint available");
1597 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1598 }
1599
1600 if (breakpoint->type == BKPT_HARD)
1601 cortex_a->brp_num_available--;
1602
1603 return cortex_a_set_breakpoint(target, breakpoint, 0x00); /* Exact match */
1604 }
1605
1606 static int cortex_a_add_context_breakpoint(struct target *target,
1607 struct breakpoint *breakpoint)
1608 {
1609 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1610
1611 if ((breakpoint->type == BKPT_HARD) && (cortex_a->brp_num_available < 1)) {
1612 LOG_INFO("no hardware breakpoint available");
1613 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1614 }
1615
1616 if (breakpoint->type == BKPT_HARD)
1617 cortex_a->brp_num_available--;
1618
1619 return cortex_a_set_context_breakpoint(target, breakpoint, 0x02); /* asid match */
1620 }
1621
1622 static int cortex_a_add_hybrid_breakpoint(struct target *target,
1623 struct breakpoint *breakpoint)
1624 {
1625 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1626
1627 if ((breakpoint->type == BKPT_HARD) && (cortex_a->brp_num_available < 1)) {
1628 LOG_INFO("no hardware breakpoint available");
1629 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1630 }
1631
1632 if (breakpoint->type == BKPT_HARD)
1633 cortex_a->brp_num_available--;
1634
1635 return cortex_a_set_hybrid_breakpoint(target, breakpoint); /* ??? */
1636 }
1637
1638
1639 static int cortex_a_remove_breakpoint(struct target *target, struct breakpoint *breakpoint)
1640 {
1641 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
1642
1643 #if 0
1644 /* It is perfectly possible to remove breakpoints while the target is running */
1645 if (target->state != TARGET_HALTED) {
1646 LOG_WARNING("target not halted");
1647 return ERROR_TARGET_NOT_HALTED;
1648 }
1649 #endif
1650
1651 if (breakpoint->set) {
1652 cortex_a_unset_breakpoint(target, breakpoint);
1653 if (breakpoint->type == BKPT_HARD)
1654 cortex_a->brp_num_available++;
1655 }
1656
1657
1658 return ERROR_OK;
1659 }
1660
1661 /*
1662 * Cortex-A Reset functions
1663 */
1664
1665 static int cortex_a_assert_reset(struct target *target)
1666 {
1667 struct armv7a_common *armv7a = target_to_armv7a(target);
1668
1669 LOG_DEBUG(" ");
1670
1671 /* FIXME when halt is requested, make it work somehow... */
1672
1673 /* This function can be called in "target not examined" state */
1674
1675 /* Issue some kind of warm reset. */
1676 if (target_has_event_action(target, TARGET_EVENT_RESET_ASSERT))
1677 target_handle_event(target, TARGET_EVENT_RESET_ASSERT);
1678 else if (jtag_get_reset_config() & RESET_HAS_SRST) {
1679 /* REVISIT handle "pulls" cases, if there's
1680 * hardware that needs them to work.
1681 */
1682
1683 /*
1684 * FIXME: fix reset when transport is SWD. This is a temporary
1685 * work-around for release v0.10 that is not intended to stay!
1686 */
1687 if (transport_is_swd() ||
1688 (target->reset_halt && (jtag_get_reset_config() & RESET_SRST_NO_GATING)))
1689 adapter_assert_reset();
1690
1691 } else {
1692 LOG_ERROR("%s: how to reset?", target_name(target));
1693 return ERROR_FAIL;
1694 }
1695
1696 /* registers are now invalid */
1697 if (target_was_examined(target))
1698 register_cache_invalidate(armv7a->arm.core_cache);
1699
1700 target->state = TARGET_RESET;
1701
1702 return ERROR_OK;
1703 }
1704
1705 static int cortex_a_deassert_reset(struct target *target)
1706 {
1707 struct armv7a_common *armv7a = target_to_armv7a(target);
1708 int retval;
1709
1710 LOG_DEBUG(" ");
1711
1712 /* be certain SRST is off */
1713 adapter_deassert_reset();
1714
1715 if (target_was_examined(target)) {
1716 retval = cortex_a_poll(target);
1717 if (retval != ERROR_OK)
1718 return retval;
1719 }
1720
1721 if (target->reset_halt) {
1722 if (target->state != TARGET_HALTED) {
1723 LOG_WARNING("%s: ran after reset and before halt ...",
1724 target_name(target));
1725 if (target_was_examined(target)) {
1726 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
1727 armv7a->debug_base + CPUDBG_DRCR, DRCR_HALT);
1728 if (retval != ERROR_OK)
1729 return retval;
1730 } else
1731 target->state = TARGET_UNKNOWN;
1732 }
1733 }
1734
1735 return ERROR_OK;
1736 }
1737
1738 static int cortex_a_set_dcc_mode(struct target *target, uint32_t mode, uint32_t *dscr)
1739 {
1740 /* Changes the mode of the DCC between non-blocking, stall, and fast mode.
1741 * New desired mode must be in mode. Current value of DSCR must be in
1742 * *dscr, which is updated with new value.
1743 *
1744 * This function elides actually sending the mode-change over the debug
1745 * interface if the mode is already set as desired.
1746 */
1747 uint32_t new_dscr = (*dscr & ~DSCR_EXT_DCC_MASK) | mode;
1748 if (new_dscr != *dscr) {
1749 struct armv7a_common *armv7a = target_to_armv7a(target);
1750 int retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
1751 armv7a->debug_base + CPUDBG_DSCR, new_dscr);
1752 if (retval == ERROR_OK)
1753 *dscr = new_dscr;
1754 return retval;
1755 } else {
1756 return ERROR_OK;
1757 }
1758 }
1759
1760 static int cortex_a_wait_dscr_bits(struct target *target, uint32_t mask,
1761 uint32_t value, uint32_t *dscr)
1762 {
1763 /* Waits until the specified bit(s) of DSCR take on a specified value. */
1764 struct armv7a_common *armv7a = target_to_armv7a(target);
1765 int64_t then;
1766 int retval;
1767
1768 if ((*dscr & mask) == value)
1769 return ERROR_OK;
1770
1771 then = timeval_ms();
1772 while (1) {
1773 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
1774 armv7a->debug_base + CPUDBG_DSCR, dscr);
1775 if (retval != ERROR_OK) {
1776 LOG_ERROR("Could not read DSCR register");
1777 return retval;
1778 }
1779 if ((*dscr & mask) == value)
1780 break;
1781 if (timeval_ms() > then + 1000) {
1782 LOG_ERROR("timeout waiting for DSCR bit change");
1783 return ERROR_FAIL;
1784 }
1785 }
1786 return ERROR_OK;
1787 }
1788
1789 static int cortex_a_read_copro(struct target *target, uint32_t opcode,
1790 uint32_t *data, uint32_t *dscr)
1791 {
1792 int retval;
1793 struct armv7a_common *armv7a = target_to_armv7a(target);
1794
1795 /* Move from coprocessor to R0. */
1796 retval = cortex_a_exec_opcode(target, opcode, dscr);
1797 if (retval != ERROR_OK)
1798 return retval;
1799
1800 /* Move from R0 to DTRTX. */
1801 retval = cortex_a_exec_opcode(target, ARMV4_5_MCR(14, 0, 0, 0, 5, 0), dscr);
1802 if (retval != ERROR_OK)
1803 return retval;
1804
1805 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture
1806 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
1807 * must also check TXfull_l). Most of the time this will be free
1808 * because TXfull_l will be set immediately and cached in dscr. */
1809 retval = cortex_a_wait_dscr_bits(target, DSCR_DTRTX_FULL_LATCHED,
1810 DSCR_DTRTX_FULL_LATCHED, dscr);
1811 if (retval != ERROR_OK)
1812 return retval;
1813
1814 /* Read the value transferred to DTRTX. */
1815 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
1816 armv7a->debug_base + CPUDBG_DTRTX, data);
1817 if (retval != ERROR_OK)
1818 return retval;
1819
1820 return ERROR_OK;
1821 }
1822
1823 static int cortex_a_read_dfar_dfsr(struct target *target, uint32_t *dfar,
1824 uint32_t *dfsr, uint32_t *dscr)
1825 {
1826 int retval;
1827
1828 if (dfar) {
1829 retval = cortex_a_read_copro(target, ARMV4_5_MRC(15, 0, 0, 6, 0, 0), dfar, dscr);
1830 if (retval != ERROR_OK)
1831 return retval;
1832 }
1833
1834 if (dfsr) {
1835 retval = cortex_a_read_copro(target, ARMV4_5_MRC(15, 0, 0, 5, 0, 0), dfsr, dscr);
1836 if (retval != ERROR_OK)
1837 return retval;
1838 }
1839
1840 return ERROR_OK;
1841 }
1842
1843 static int cortex_a_write_copro(struct target *target, uint32_t opcode,
1844 uint32_t data, uint32_t *dscr)
1845 {
1846 int retval;
1847 struct armv7a_common *armv7a = target_to_armv7a(target);
1848
1849 /* Write the value into DTRRX. */
1850 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
1851 armv7a->debug_base + CPUDBG_DTRRX, data);
1852 if (retval != ERROR_OK)
1853 return retval;
1854
1855 /* Move from DTRRX to R0. */
1856 retval = cortex_a_exec_opcode(target, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), dscr);
1857 if (retval != ERROR_OK)
1858 return retval;
1859
1860 /* Move from R0 to coprocessor. */
1861 retval = cortex_a_exec_opcode(target, opcode, dscr);
1862 if (retval != ERROR_OK)
1863 return retval;
1864
1865 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture manual
1866 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
1867 * check RXfull_l). Most of the time this will be free because RXfull_l
1868 * will be cleared immediately and cached in dscr. */
1869 retval = cortex_a_wait_dscr_bits(target, DSCR_DTRRX_FULL_LATCHED, 0, dscr);
1870 if (retval != ERROR_OK)
1871 return retval;
1872
1873 return ERROR_OK;
1874 }
1875
1876 static int cortex_a_write_dfar_dfsr(struct target *target, uint32_t dfar,
1877 uint32_t dfsr, uint32_t *dscr)
1878 {
1879 int retval;
1880
1881 retval = cortex_a_write_copro(target, ARMV4_5_MCR(15, 0, 0, 6, 0, 0), dfar, dscr);
1882 if (retval != ERROR_OK)
1883 return retval;
1884
1885 retval = cortex_a_write_copro(target, ARMV4_5_MCR(15, 0, 0, 5, 0, 0), dfsr, dscr);
1886 if (retval != ERROR_OK)
1887 return retval;
1888
1889 return ERROR_OK;
1890 }
1891
1892 static int cortex_a_dfsr_to_error_code(uint32_t dfsr)
1893 {
1894 uint32_t status, upper4;
1895
1896 if (dfsr & (1 << 9)) {
1897 /* LPAE format. */
1898 status = dfsr & 0x3f;
1899 upper4 = status >> 2;
1900 if (upper4 == 1 || upper4 == 2 || upper4 == 3 || upper4 == 15)
1901 return ERROR_TARGET_TRANSLATION_FAULT;
1902 else if (status == 33)
1903 return ERROR_TARGET_UNALIGNED_ACCESS;
1904 else
1905 return ERROR_TARGET_DATA_ABORT;
1906 } else {
1907 /* Normal format. */
1908 status = ((dfsr >> 6) & 0x10) | (dfsr & 0xf);
1909 if (status == 1)
1910 return ERROR_TARGET_UNALIGNED_ACCESS;
1911 else if (status == 5 || status == 7 || status == 3 || status == 6 ||
1912 status == 9 || status == 11 || status == 13 || status == 15)
1913 return ERROR_TARGET_TRANSLATION_FAULT;
1914 else
1915 return ERROR_TARGET_DATA_ABORT;
1916 }
1917 }
1918
1919 static int cortex_a_write_cpu_memory_slow(struct target *target,
1920 uint32_t size, uint32_t count, const uint8_t *buffer, uint32_t *dscr)
1921 {
1922 /* Writes count objects of size size from *buffer. Old value of DSCR must
1923 * be in *dscr; updated to new value. This is slow because it works for
1924 * non-word-sized objects. Avoid unaligned accesses as they do not work
1925 * on memory address space without "Normal" attribute. If size == 4 and
1926 * the address is aligned, cortex_a_write_cpu_memory_fast should be
1927 * preferred.
1928 * Preconditions:
1929 * - Address is in R0.
1930 * - R0 is marked dirty.
1931 */
1932 struct armv7a_common *armv7a = target_to_armv7a(target);
1933 struct arm *arm = &armv7a->arm;
1934 int retval;
1935
1936 /* Mark register R1 as dirty, to use for transferring data. */
1937 arm_reg_current(arm, 1)->dirty = true;
1938
1939 /* Switch to non-blocking mode if not already in that mode. */
1940 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, dscr);
1941 if (retval != ERROR_OK)
1942 return retval;
1943
1944 /* Go through the objects. */
1945 while (count) {
1946 /* Write the value to store into DTRRX. */
1947 uint32_t data, opcode;
1948 if (size == 1)
1949 data = *buffer;
1950 else if (size == 2)
1951 data = target_buffer_get_u16(target, buffer);
1952 else
1953 data = target_buffer_get_u32(target, buffer);
1954 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
1955 armv7a->debug_base + CPUDBG_DTRRX, data);
1956 if (retval != ERROR_OK)
1957 return retval;
1958
1959 /* Transfer the value from DTRRX to R1. */
1960 retval = cortex_a_exec_opcode(target, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), dscr);
1961 if (retval != ERROR_OK)
1962 return retval;
1963
1964 /* Write the value transferred to R1 into memory. */
1965 if (size == 1)
1966 opcode = ARMV4_5_STRB_IP(1, 0);
1967 else if (size == 2)
1968 opcode = ARMV4_5_STRH_IP(1, 0);
1969 else
1970 opcode = ARMV4_5_STRW_IP(1, 0);
1971 retval = cortex_a_exec_opcode(target, opcode, dscr);
1972 if (retval != ERROR_OK)
1973 return retval;
1974
1975 /* Check for faults and return early. */
1976 if (*dscr & (DSCR_STICKY_ABORT_PRECISE | DSCR_STICKY_ABORT_IMPRECISE))
1977 return ERROR_OK; /* A data fault is not considered a system failure. */
1978
1979 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture
1980 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
1981 * must also check RXfull_l). Most of the time this will be free
1982 * because RXfull_l will be cleared immediately and cached in dscr. */
1983 retval = cortex_a_wait_dscr_bits(target, DSCR_DTRRX_FULL_LATCHED, 0, dscr);
1984 if (retval != ERROR_OK)
1985 return retval;
1986
1987 /* Advance. */
1988 buffer += size;
1989 --count;
1990 }
1991
1992 return ERROR_OK;
1993 }
1994
1995 static int cortex_a_write_cpu_memory_fast(struct target *target,
1996 uint32_t count, const uint8_t *buffer, uint32_t *dscr)
1997 {
1998 /* Writes count objects of size 4 from *buffer. Old value of DSCR must be
1999 * in *dscr; updated to new value. This is fast but only works for
2000 * word-sized objects at aligned addresses.
2001 * Preconditions:
2002 * - Address is in R0 and must be a multiple of 4.
2003 * - R0 is marked dirty.
2004 */
2005 struct armv7a_common *armv7a = target_to_armv7a(target);
2006 int retval;
2007
2008 /* Switch to fast mode if not already in that mode. */
2009 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_FAST_MODE, dscr);
2010 if (retval != ERROR_OK)
2011 return retval;
2012
2013 /* Latch STC instruction. */
2014 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
2015 armv7a->debug_base + CPUDBG_ITR, ARMV4_5_STC(0, 1, 0, 1, 14, 5, 0, 4));
2016 if (retval != ERROR_OK)
2017 return retval;
2018
2019 /* Transfer all the data and issue all the instructions. */
2020 return mem_ap_write_buf_noincr(armv7a->debug_ap, buffer,
2021 4, count, armv7a->debug_base + CPUDBG_DTRRX);
2022 }
2023
2024 static int cortex_a_write_cpu_memory(struct target *target,
2025 uint32_t address, uint32_t size,
2026 uint32_t count, const uint8_t *buffer)
2027 {
2028 /* Write memory through the CPU. */
2029 int retval, final_retval;
2030 struct armv7a_common *armv7a = target_to_armv7a(target);
2031 struct arm *arm = &armv7a->arm;
2032 uint32_t dscr, orig_dfar, orig_dfsr, fault_dscr, fault_dfar, fault_dfsr;
2033
2034 LOG_DEBUG("Writing CPU memory address 0x%" PRIx32 " size %" PRIu32 " count %" PRIu32,
2035 address, size, count);
2036 if (target->state != TARGET_HALTED) {
2037 LOG_WARNING("target not halted");
2038 return ERROR_TARGET_NOT_HALTED;
2039 }
2040
2041 if (!count)
2042 return ERROR_OK;
2043
2044 /* Clear any abort. */
2045 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
2046 armv7a->debug_base + CPUDBG_DRCR, DRCR_CLEAR_EXCEPTIONS);
2047 if (retval != ERROR_OK)
2048 return retval;
2049
2050 /* Read DSCR. */
2051 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2052 armv7a->debug_base + CPUDBG_DSCR, &dscr);
2053 if (retval != ERROR_OK)
2054 return retval;
2055
2056 /* Switch to non-blocking mode if not already in that mode. */
2057 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, &dscr);
2058 if (retval != ERROR_OK)
2059 goto out;
2060
2061 /* Mark R0 as dirty. */
2062 arm_reg_current(arm, 0)->dirty = true;
2063
2064 /* Read DFAR and DFSR, as they will be modified in the event of a fault. */
2065 retval = cortex_a_read_dfar_dfsr(target, &orig_dfar, &orig_dfsr, &dscr);
2066 if (retval != ERROR_OK)
2067 goto out;
2068
2069 /* Get the memory address into R0. */
2070 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
2071 armv7a->debug_base + CPUDBG_DTRRX, address);
2072 if (retval != ERROR_OK)
2073 goto out;
2074 retval = cortex_a_exec_opcode(target, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), &dscr);
2075 if (retval != ERROR_OK)
2076 goto out;
2077
2078 if (size == 4 && (address % 4) == 0) {
2079 /* We are doing a word-aligned transfer, so use fast mode. */
2080 retval = cortex_a_write_cpu_memory_fast(target, count, buffer, &dscr);
2081 } else {
2082 /* Use slow path. Adjust size for aligned accesses */
2083 switch (address % 4) {
2084 case 1:
2085 case 3:
2086 count *= size;
2087 size = 1;
2088 break;
2089 case 2:
2090 if (size == 4) {
2091 count *= 2;
2092 size = 2;
2093 }
2094 case 0:
2095 default:
2096 break;
2097 }
2098 retval = cortex_a_write_cpu_memory_slow(target, size, count, buffer, &dscr);
2099 }
2100
2101 out:
2102 final_retval = retval;
2103
2104 /* Switch to non-blocking mode if not already in that mode. */
2105 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, &dscr);
2106 if (final_retval == ERROR_OK)
2107 final_retval = retval;
2108
2109 /* Wait for last issued instruction to complete. */
2110 retval = cortex_a_wait_instrcmpl(target, &dscr, true);
2111 if (final_retval == ERROR_OK)
2112 final_retval = retval;
2113
2114 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture manual
2115 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
2116 * check RXfull_l). Most of the time this will be free because RXfull_l
2117 * will be cleared immediately and cached in dscr. However, don't do this
2118 * if there is fault, because then the instruction might not have completed
2119 * successfully. */
2120 if (!(dscr & DSCR_STICKY_ABORT_PRECISE)) {
2121 retval = cortex_a_wait_dscr_bits(target, DSCR_DTRRX_FULL_LATCHED, 0, &dscr);
2122 if (retval != ERROR_OK)
2123 return retval;
2124 }
2125
2126 /* If there were any sticky abort flags, clear them. */
2127 if (dscr & (DSCR_STICKY_ABORT_PRECISE | DSCR_STICKY_ABORT_IMPRECISE)) {
2128 fault_dscr = dscr;
2129 mem_ap_write_atomic_u32(armv7a->debug_ap,
2130 armv7a->debug_base + CPUDBG_DRCR, DRCR_CLEAR_EXCEPTIONS);
2131 dscr &= ~(DSCR_STICKY_ABORT_PRECISE | DSCR_STICKY_ABORT_IMPRECISE);
2132 } else {
2133 fault_dscr = 0;
2134 }
2135
2136 /* Handle synchronous data faults. */
2137 if (fault_dscr & DSCR_STICKY_ABORT_PRECISE) {
2138 if (final_retval == ERROR_OK) {
2139 /* Final return value will reflect cause of fault. */
2140 retval = cortex_a_read_dfar_dfsr(target, &fault_dfar, &fault_dfsr, &dscr);
2141 if (retval == ERROR_OK) {
2142 LOG_ERROR("data abort at 0x%08" PRIx32 ", dfsr = 0x%08" PRIx32, fault_dfar, fault_dfsr);
2143 final_retval = cortex_a_dfsr_to_error_code(fault_dfsr);
2144 } else
2145 final_retval = retval;
2146 }
2147 /* Fault destroyed DFAR/DFSR; restore them. */
2148 retval = cortex_a_write_dfar_dfsr(target, orig_dfar, orig_dfsr, &dscr);
2149 if (retval != ERROR_OK)
2150 LOG_ERROR("error restoring dfar/dfsr - dscr = 0x%08" PRIx32, dscr);
2151 }
2152
2153 /* Handle asynchronous data faults. */
2154 if (fault_dscr & DSCR_STICKY_ABORT_IMPRECISE) {
2155 if (final_retval == ERROR_OK)
2156 /* No other error has been recorded so far, so keep this one. */
2157 final_retval = ERROR_TARGET_DATA_ABORT;
2158 }
2159
2160 /* If the DCC is nonempty, clear it. */
2161 if (dscr & DSCR_DTRTX_FULL_LATCHED) {
2162 uint32_t dummy;
2163 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2164 armv7a->debug_base + CPUDBG_DTRTX, &dummy);
2165 if (final_retval == ERROR_OK)
2166 final_retval = retval;
2167 }
2168 if (dscr & DSCR_DTRRX_FULL_LATCHED) {
2169 retval = cortex_a_exec_opcode(target, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), &dscr);
2170 if (final_retval == ERROR_OK)
2171 final_retval = retval;
2172 }
2173
2174 /* Done. */
2175 return final_retval;
2176 }
2177
2178 static int cortex_a_read_cpu_memory_slow(struct target *target,
2179 uint32_t size, uint32_t count, uint8_t *buffer, uint32_t *dscr)
2180 {
2181 /* Reads count objects of size size into *buffer. Old value of DSCR must be
2182 * in *dscr; updated to new value. This is slow because it works for
2183 * non-word-sized objects. Avoid unaligned accesses as they do not work
2184 * on memory address space without "Normal" attribute. If size == 4 and
2185 * the address is aligned, cortex_a_read_cpu_memory_fast should be
2186 * preferred.
2187 * Preconditions:
2188 * - Address is in R0.
2189 * - R0 is marked dirty.
2190 */
2191 struct armv7a_common *armv7a = target_to_armv7a(target);
2192 struct arm *arm = &armv7a->arm;
2193 int retval;
2194
2195 /* Mark register R1 as dirty, to use for transferring data. */
2196 arm_reg_current(arm, 1)->dirty = true;
2197
2198 /* Switch to non-blocking mode if not already in that mode. */
2199 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, dscr);
2200 if (retval != ERROR_OK)
2201 return retval;
2202
2203 /* Go through the objects. */
2204 while (count) {
2205 /* Issue a load of the appropriate size to R1. */
2206 uint32_t opcode, data;
2207 if (size == 1)
2208 opcode = ARMV4_5_LDRB_IP(1, 0);
2209 else if (size == 2)
2210 opcode = ARMV4_5_LDRH_IP(1, 0);
2211 else
2212 opcode = ARMV4_5_LDRW_IP(1, 0);
2213 retval = cortex_a_exec_opcode(target, opcode, dscr);
2214 if (retval != ERROR_OK)
2215 return retval;
2216
2217 /* Issue a write of R1 to DTRTX. */
2218 retval = cortex_a_exec_opcode(target, ARMV4_5_MCR(14, 0, 1, 0, 5, 0), dscr);
2219 if (retval != ERROR_OK)
2220 return retval;
2221
2222 /* Check for faults and return early. */
2223 if (*dscr & (DSCR_STICKY_ABORT_PRECISE | DSCR_STICKY_ABORT_IMPRECISE))
2224 return ERROR_OK; /* A data fault is not considered a system failure. */
2225
2226 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture
2227 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
2228 * must also check TXfull_l). Most of the time this will be free
2229 * because TXfull_l will be set immediately and cached in dscr. */
2230 retval = cortex_a_wait_dscr_bits(target, DSCR_DTRTX_FULL_LATCHED,
2231 DSCR_DTRTX_FULL_LATCHED, dscr);
2232 if (retval != ERROR_OK)
2233 return retval;
2234
2235 /* Read the value transferred to DTRTX into the buffer. */
2236 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2237 armv7a->debug_base + CPUDBG_DTRTX, &data);
2238 if (retval != ERROR_OK)
2239 return retval;
2240 if (size == 1)
2241 *buffer = (uint8_t) data;
2242 else if (size == 2)
2243 target_buffer_set_u16(target, buffer, (uint16_t) data);
2244 else
2245 target_buffer_set_u32(target, buffer, data);
2246
2247 /* Advance. */
2248 buffer += size;
2249 --count;
2250 }
2251
2252 return ERROR_OK;
2253 }
2254
2255 static int cortex_a_read_cpu_memory_fast(struct target *target,
2256 uint32_t count, uint8_t *buffer, uint32_t *dscr)
2257 {
2258 /* Reads count objects of size 4 into *buffer. Old value of DSCR must be in
2259 * *dscr; updated to new value. This is fast but only works for word-sized
2260 * objects at aligned addresses.
2261 * Preconditions:
2262 * - Address is in R0 and must be a multiple of 4.
2263 * - R0 is marked dirty.
2264 */
2265 struct armv7a_common *armv7a = target_to_armv7a(target);
2266 uint32_t u32;
2267 int retval;
2268
2269 /* Switch to non-blocking mode if not already in that mode. */
2270 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, dscr);
2271 if (retval != ERROR_OK)
2272 return retval;
2273
2274 /* Issue the LDC instruction via a write to ITR. */
2275 retval = cortex_a_exec_opcode(target, ARMV4_5_LDC(0, 1, 0, 1, 14, 5, 0, 4), dscr);
2276 if (retval != ERROR_OK)
2277 return retval;
2278
2279 count--;
2280
2281 if (count > 0) {
2282 /* Switch to fast mode if not already in that mode. */
2283 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_FAST_MODE, dscr);
2284 if (retval != ERROR_OK)
2285 return retval;
2286
2287 /* Latch LDC instruction. */
2288 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
2289 armv7a->debug_base + CPUDBG_ITR, ARMV4_5_LDC(0, 1, 0, 1, 14, 5, 0, 4));
2290 if (retval != ERROR_OK)
2291 return retval;
2292
2293 /* Read the value transferred to DTRTX into the buffer. Due to fast
2294 * mode rules, this blocks until the instruction finishes executing and
2295 * then reissues the read instruction to read the next word from
2296 * memory. The last read of DTRTX in this call reads the second-to-last
2297 * word from memory and issues the read instruction for the last word.
2298 */
2299 retval = mem_ap_read_buf_noincr(armv7a->debug_ap, buffer,
2300 4, count, armv7a->debug_base + CPUDBG_DTRTX);
2301 if (retval != ERROR_OK)
2302 return retval;
2303
2304 /* Advance. */
2305 buffer += count * 4;
2306 }
2307
2308 /* Wait for last issued instruction to complete. */
2309 retval = cortex_a_wait_instrcmpl(target, dscr, false);
2310 if (retval != ERROR_OK)
2311 return retval;
2312
2313 /* Switch to non-blocking mode if not already in that mode. */
2314 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, dscr);
2315 if (retval != ERROR_OK)
2316 return retval;
2317
2318 /* Check for faults and return early. */
2319 if (*dscr & (DSCR_STICKY_ABORT_PRECISE | DSCR_STICKY_ABORT_IMPRECISE))
2320 return ERROR_OK; /* A data fault is not considered a system failure. */
2321
2322 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture manual
2323 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
2324 * check TXfull_l). Most of the time this will be free because TXfull_l
2325 * will be set immediately and cached in dscr. */
2326 retval = cortex_a_wait_dscr_bits(target, DSCR_DTRTX_FULL_LATCHED,
2327 DSCR_DTRTX_FULL_LATCHED, dscr);
2328 if (retval != ERROR_OK)
2329 return retval;
2330
2331 /* Read the value transferred to DTRTX into the buffer. This is the last
2332 * word. */
2333 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2334 armv7a->debug_base + CPUDBG_DTRTX, &u32);
2335 if (retval != ERROR_OK)
2336 return retval;
2337 target_buffer_set_u32(target, buffer, u32);
2338
2339 return ERROR_OK;
2340 }
2341
2342 static int cortex_a_read_cpu_memory(struct target *target,
2343 uint32_t address, uint32_t size,
2344 uint32_t count, uint8_t *buffer)
2345 {
2346 /* Read memory through the CPU. */
2347 int retval, final_retval;
2348 struct armv7a_common *armv7a = target_to_armv7a(target);
2349 struct arm *arm = &armv7a->arm;
2350 uint32_t dscr, orig_dfar, orig_dfsr, fault_dscr, fault_dfar, fault_dfsr;
2351
2352 LOG_DEBUG("Reading CPU memory address 0x%" PRIx32 " size %" PRIu32 " count %" PRIu32,
2353 address, size, count);
2354 if (target->state != TARGET_HALTED) {
2355 LOG_WARNING("target not halted");
2356 return ERROR_TARGET_NOT_HALTED;
2357 }
2358
2359 if (!count)
2360 return ERROR_OK;
2361
2362 /* Clear any abort. */
2363 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
2364 armv7a->debug_base + CPUDBG_DRCR, DRCR_CLEAR_EXCEPTIONS);
2365 if (retval != ERROR_OK)
2366 return retval;
2367
2368 /* Read DSCR */
2369 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2370 armv7a->debug_base + CPUDBG_DSCR, &dscr);
2371 if (retval != ERROR_OK)
2372 return retval;
2373
2374 /* Switch to non-blocking mode if not already in that mode. */
2375 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, &dscr);
2376 if (retval != ERROR_OK)
2377 goto out;
2378
2379 /* Mark R0 as dirty. */
2380 arm_reg_current(arm, 0)->dirty = true;
2381
2382 /* Read DFAR and DFSR, as they will be modified in the event of a fault. */
2383 retval = cortex_a_read_dfar_dfsr(target, &orig_dfar, &orig_dfsr, &dscr);
2384 if (retval != ERROR_OK)
2385 goto out;
2386
2387 /* Get the memory address into R0. */
2388 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
2389 armv7a->debug_base + CPUDBG_DTRRX, address);
2390 if (retval != ERROR_OK)
2391 goto out;
2392 retval = cortex_a_exec_opcode(target, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), &dscr);
2393 if (retval != ERROR_OK)
2394 goto out;
2395
2396 if (size == 4 && (address % 4) == 0) {
2397 /* We are doing a word-aligned transfer, so use fast mode. */
2398 retval = cortex_a_read_cpu_memory_fast(target, count, buffer, &dscr);
2399 } else {
2400 /* Use slow path. Adjust size for aligned accesses */
2401 switch (address % 4) {
2402 case 1:
2403 case 3:
2404 count *= size;
2405 size = 1;
2406 break;
2407 case 2:
2408 if (size == 4) {
2409 count *= 2;
2410 size = 2;
2411 }
2412 break;
2413 case 0:
2414 default:
2415 break;
2416 }
2417 retval = cortex_a_read_cpu_memory_slow(target, size, count, buffer, &dscr);
2418 }
2419
2420 out:
2421 final_retval = retval;
2422
2423 /* Switch to non-blocking mode if not already in that mode. */
2424 retval = cortex_a_set_dcc_mode(target, DSCR_EXT_DCC_NON_BLOCKING, &dscr);
2425 if (final_retval == ERROR_OK)
2426 final_retval = retval;
2427
2428 /* Wait for last issued instruction to complete. */
2429 retval = cortex_a_wait_instrcmpl(target, &dscr, true);
2430 if (final_retval == ERROR_OK)
2431 final_retval = retval;
2432
2433 /* If there were any sticky abort flags, clear them. */
2434 if (dscr & (DSCR_STICKY_ABORT_PRECISE | DSCR_STICKY_ABORT_IMPRECISE)) {
2435 fault_dscr = dscr;
2436 mem_ap_write_atomic_u32(armv7a->debug_ap,
2437 armv7a->debug_base + CPUDBG_DRCR, DRCR_CLEAR_EXCEPTIONS);
2438 dscr &= ~(DSCR_STICKY_ABORT_PRECISE | DSCR_STICKY_ABORT_IMPRECISE);
2439 } else {
2440 fault_dscr = 0;
2441 }
2442
2443 /* Handle synchronous data faults. */
2444 if (fault_dscr & DSCR_STICKY_ABORT_PRECISE) {
2445 if (final_retval == ERROR_OK) {
2446 /* Final return value will reflect cause of fault. */
2447 retval = cortex_a_read_dfar_dfsr(target, &fault_dfar, &fault_dfsr, &dscr);
2448 if (retval == ERROR_OK) {
2449 LOG_ERROR("data abort at 0x%08" PRIx32 ", dfsr = 0x%08" PRIx32, fault_dfar, fault_dfsr);
2450 final_retval = cortex_a_dfsr_to_error_code(fault_dfsr);
2451 } else
2452 final_retval = retval;
2453 }
2454 /* Fault destroyed DFAR/DFSR; restore them. */
2455 retval = cortex_a_write_dfar_dfsr(target, orig_dfar, orig_dfsr, &dscr);
2456 if (retval != ERROR_OK)
2457 LOG_ERROR("error restoring dfar/dfsr - dscr = 0x%08" PRIx32, dscr);
2458 }
2459
2460 /* Handle asynchronous data faults. */
2461 if (fault_dscr & DSCR_STICKY_ABORT_IMPRECISE) {
2462 if (final_retval == ERROR_OK)
2463 /* No other error has been recorded so far, so keep this one. */
2464 final_retval = ERROR_TARGET_DATA_ABORT;
2465 }
2466
2467 /* If the DCC is nonempty, clear it. */
2468 if (dscr & DSCR_DTRTX_FULL_LATCHED) {
2469 uint32_t dummy;
2470 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2471 armv7a->debug_base + CPUDBG_DTRTX, &dummy);
2472 if (final_retval == ERROR_OK)
2473 final_retval = retval;
2474 }
2475 if (dscr & DSCR_DTRRX_FULL_LATCHED) {
2476 retval = cortex_a_exec_opcode(target, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), &dscr);
2477 if (final_retval == ERROR_OK)
2478 final_retval = retval;
2479 }
2480
2481 /* Done. */
2482 return final_retval;
2483 }
2484
2485
2486 /*
2487 * Cortex-A Memory access
2488 *
2489 * This is same Cortex-M3 but we must also use the correct
2490 * ap number for every access.
2491 */
2492
2493 static int cortex_a_read_phys_memory(struct target *target,
2494 target_addr_t address, uint32_t size,
2495 uint32_t count, uint8_t *buffer)
2496 {
2497 int retval;
2498
2499 if (!count || !buffer)
2500 return ERROR_COMMAND_SYNTAX_ERROR;
2501
2502 LOG_DEBUG("Reading memory at real address " TARGET_ADDR_FMT "; size %" PRIu32 "; count %" PRIu32,
2503 address, size, count);
2504
2505 /* read memory through the CPU */
2506 cortex_a_prep_memaccess(target, 1);
2507 retval = cortex_a_read_cpu_memory(target, address, size, count, buffer);
2508 cortex_a_post_memaccess(target, 1);
2509
2510 return retval;
2511 }
2512
2513 static int cortex_a_read_memory(struct target *target, target_addr_t address,
2514 uint32_t size, uint32_t count, uint8_t *buffer)
2515 {
2516 int retval;
2517
2518 /* cortex_a handles unaligned memory access */
2519 LOG_DEBUG("Reading memory at address " TARGET_ADDR_FMT "; size %" PRIu32 "; count %" PRIu32,
2520 address, size, count);
2521
2522 cortex_a_prep_memaccess(target, 0);
2523 retval = cortex_a_read_cpu_memory(target, address, size, count, buffer);
2524 cortex_a_post_memaccess(target, 0);
2525
2526 return retval;
2527 }
2528
2529 static int cortex_a_write_phys_memory(struct target *target,
2530 target_addr_t address, uint32_t size,
2531 uint32_t count, const uint8_t *buffer)
2532 {
2533 int retval;
2534
2535 if (!count || !buffer)
2536 return ERROR_COMMAND_SYNTAX_ERROR;
2537
2538 LOG_DEBUG("Writing memory to real address " TARGET_ADDR_FMT "; size %" PRIu32 "; count %" PRIu32,
2539 address, size, count);
2540
2541 /* write memory through the CPU */
2542 cortex_a_prep_memaccess(target, 1);
2543 retval = cortex_a_write_cpu_memory(target, address, size, count, buffer);
2544 cortex_a_post_memaccess(target, 1);
2545
2546 return retval;
2547 }
2548
2549 static int cortex_a_write_memory(struct target *target, target_addr_t address,
2550 uint32_t size, uint32_t count, const uint8_t *buffer)
2551 {
2552 int retval;
2553
2554 /* cortex_a handles unaligned memory access */
2555 LOG_DEBUG("Writing memory at address " TARGET_ADDR_FMT "; size %" PRIu32 "; count %" PRIu32,
2556 address, size, count);
2557
2558 /* memory writes bypass the caches, must flush before writing */
2559 armv7a_cache_auto_flush_on_write(target, address, size * count);
2560
2561 cortex_a_prep_memaccess(target, 0);
2562 retval = cortex_a_write_cpu_memory(target, address, size, count, buffer);
2563 cortex_a_post_memaccess(target, 0);
2564 return retval;
2565 }
2566
2567 static int cortex_a_read_buffer(struct target *target, target_addr_t address,
2568 uint32_t count, uint8_t *buffer)
2569 {
2570 uint32_t size;
2571
2572 /* Align up to maximum 4 bytes. The loop condition makes sure the next pass
2573 * will have something to do with the size we leave to it. */
2574 for (size = 1; size < 4 && count >= size * 2 + (address & size); size *= 2) {
2575 if (address & size) {
2576 int retval = target_read_memory(target, address, size, 1, buffer);
2577 if (retval != ERROR_OK)
2578 return retval;
2579 address += size;
2580 count -= size;
2581 buffer += size;
2582 }
2583 }
2584
2585 /* Read the data with as large access size as possible. */
2586 for (; size > 0; size /= 2) {
2587 uint32_t aligned = count - count % size;
2588 if (aligned > 0) {
2589 int retval = target_read_memory(target, address, size, aligned / size, buffer);
2590 if (retval != ERROR_OK)
2591 return retval;
2592 address += aligned;
2593 count -= aligned;
2594 buffer += aligned;
2595 }
2596 }
2597
2598 return ERROR_OK;
2599 }
2600
2601 static int cortex_a_write_buffer(struct target *target, target_addr_t address,
2602 uint32_t count, const uint8_t *buffer)
2603 {
2604 uint32_t size;
2605
2606 /* Align up to maximum 4 bytes. The loop condition makes sure the next pass
2607 * will have something to do with the size we leave to it. */
2608 for (size = 1; size < 4 && count >= size * 2 + (address & size); size *= 2) {
2609 if (address & size) {
2610 int retval = target_write_memory(target, address, size, 1, buffer);
2611 if (retval != ERROR_OK)
2612 return retval;
2613 address += size;
2614 count -= size;
2615 buffer += size;
2616 }
2617 }
2618
2619 /* Write the data with as large access size as possible. */
2620 for (; size > 0; size /= 2) {
2621 uint32_t aligned = count - count % size;
2622 if (aligned > 0) {
2623 int retval = target_write_memory(target, address, size, aligned / size, buffer);
2624 if (retval != ERROR_OK)
2625 return retval;
2626 address += aligned;
2627 count -= aligned;
2628 buffer += aligned;
2629 }
2630 }
2631
2632 return ERROR_OK;
2633 }
2634
2635 static int cortex_a_handle_target_request(void *priv)
2636 {
2637 struct target *target = priv;
2638 struct armv7a_common *armv7a = target_to_armv7a(target);
2639 int retval;
2640
2641 if (!target_was_examined(target))
2642 return ERROR_OK;
2643 if (!target->dbg_msg_enabled)
2644 return ERROR_OK;
2645
2646 if (target->state == TARGET_RUNNING) {
2647 uint32_t request;
2648 uint32_t dscr;
2649 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2650 armv7a->debug_base + CPUDBG_DSCR, &dscr);
2651
2652 /* check if we have data */
2653 int64_t then = timeval_ms();
2654 while ((dscr & DSCR_DTR_TX_FULL) && (retval == ERROR_OK)) {
2655 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2656 armv7a->debug_base + CPUDBG_DTRTX, &request);
2657 if (retval == ERROR_OK) {
2658 target_request(target, request);
2659 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2660 armv7a->debug_base + CPUDBG_DSCR, &dscr);
2661 }
2662 if (timeval_ms() > then + 1000) {
2663 LOG_ERROR("Timeout waiting for dtr tx full");
2664 return ERROR_FAIL;
2665 }
2666 }
2667 }
2668
2669 return ERROR_OK;
2670 }
2671
2672 /*
2673 * Cortex-A target information and configuration
2674 */
2675
2676 static int cortex_a_examine_first(struct target *target)
2677 {
2678 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
2679 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
2680 struct adiv5_dap *swjdp = armv7a->arm.dap;
2681
2682 int i;
2683 int retval = ERROR_OK;
2684 uint32_t didr, cpuid, dbg_osreg, dbg_idpfr1;
2685
2686 /* Search for the APB-AP - it is needed for access to debug registers */
2687 retval = dap_find_ap(swjdp, AP_TYPE_APB_AP, &armv7a->debug_ap);
2688 if (retval != ERROR_OK) {
2689 LOG_ERROR("Could not find APB-AP for debug access");
2690 return retval;
2691 }
2692
2693 retval = mem_ap_init(armv7a->debug_ap);
2694 if (retval != ERROR_OK) {
2695 LOG_ERROR("Could not initialize the APB-AP");
2696 return retval;
2697 }
2698
2699 armv7a->debug_ap->memaccess_tck = 80;
2700
2701 if (!target->dbgbase_set) {
2702 uint32_t dbgbase;
2703 /* Get ROM Table base */
2704 uint32_t apid;
2705 int32_t coreidx = target->coreid;
2706 LOG_DEBUG("%s's dbgbase is not set, trying to detect using the ROM table",
2707 target->cmd_name);
2708 retval = dap_get_debugbase(armv7a->debug_ap, &dbgbase, &apid);
2709 if (retval != ERROR_OK)
2710 return retval;
2711 /* Lookup 0x15 -- Processor DAP */
2712 retval = dap_lookup_cs_component(armv7a->debug_ap, dbgbase, 0x15,
2713 &armv7a->debug_base, &coreidx);
2714 if (retval != ERROR_OK) {
2715 LOG_ERROR("Can't detect %s's dbgbase from the ROM table; you need to specify it explicitly.",
2716 target->cmd_name);
2717 return retval;
2718 }
2719 LOG_DEBUG("Detected core %" PRId32 " dbgbase: %08" PRIx32,
2720 target->coreid, armv7a->debug_base);
2721 } else
2722 armv7a->debug_base = target->dbgbase;
2723
2724 if ((armv7a->debug_base & (1UL<<31)) == 0)
2725 LOG_WARNING("Debug base address for target %s has bit 31 set to 0. Access to debug registers will likely fail!\n"
2726 "Please fix the target configuration.", target_name(target));
2727
2728 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2729 armv7a->debug_base + CPUDBG_DIDR, &didr);
2730 if (retval != ERROR_OK) {
2731 LOG_DEBUG("Examine %s failed", "DIDR");
2732 return retval;
2733 }
2734
2735 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2736 armv7a->debug_base + CPUDBG_CPUID, &cpuid);
2737 if (retval != ERROR_OK) {
2738 LOG_DEBUG("Examine %s failed", "CPUID");
2739 return retval;
2740 }
2741
2742 LOG_DEBUG("didr = 0x%08" PRIx32, didr);
2743 LOG_DEBUG("cpuid = 0x%08" PRIx32, cpuid);
2744
2745 cortex_a->didr = didr;
2746 cortex_a->cpuid = cpuid;
2747
2748 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2749 armv7a->debug_base + CPUDBG_PRSR, &dbg_osreg);
2750 if (retval != ERROR_OK)
2751 return retval;
2752 LOG_DEBUG("target->coreid %" PRId32 " DBGPRSR 0x%" PRIx32, target->coreid, dbg_osreg);
2753
2754 if ((dbg_osreg & PRSR_POWERUP_STATUS) == 0) {
2755 LOG_ERROR("target->coreid %" PRId32 " powered down!", target->coreid);
2756 target->state = TARGET_UNKNOWN; /* TARGET_NO_POWER? */
2757 return ERROR_TARGET_INIT_FAILED;
2758 }
2759
2760 if (dbg_osreg & PRSR_STICKY_RESET_STATUS)
2761 LOG_DEBUG("target->coreid %" PRId32 " was reset!", target->coreid);
2762
2763 /* Read DBGOSLSR and check if OSLK is implemented */
2764 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2765 armv7a->debug_base + CPUDBG_OSLSR, &dbg_osreg);
2766 if (retval != ERROR_OK)
2767 return retval;
2768 LOG_DEBUG("target->coreid %" PRId32 " DBGOSLSR 0x%" PRIx32, target->coreid, dbg_osreg);
2769
2770 /* check if OS Lock is implemented */
2771 if ((dbg_osreg & OSLSR_OSLM) == OSLSR_OSLM0 || (dbg_osreg & OSLSR_OSLM) == OSLSR_OSLM1) {
2772 /* check if OS Lock is set */
2773 if (dbg_osreg & OSLSR_OSLK) {
2774 LOG_DEBUG("target->coreid %" PRId32 " OSLock set! Trying to unlock", target->coreid);
2775
2776 retval = mem_ap_write_atomic_u32(armv7a->debug_ap,
2777 armv7a->debug_base + CPUDBG_OSLAR,
2778 0);
2779 if (retval == ERROR_OK)
2780 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2781 armv7a->debug_base + CPUDBG_OSLSR, &dbg_osreg);
2782
2783 /* if we fail to access the register or cannot reset the OSLK bit, bail out */
2784 if (retval != ERROR_OK || (dbg_osreg & OSLSR_OSLK) != 0) {
2785 LOG_ERROR("target->coreid %" PRId32 " OSLock sticky, core not powered?",
2786 target->coreid);
2787 target->state = TARGET_UNKNOWN; /* TARGET_NO_POWER? */
2788 return ERROR_TARGET_INIT_FAILED;
2789 }
2790 }
2791 }
2792
2793 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2794 armv7a->debug_base + CPUDBG_ID_PFR1, &dbg_idpfr1);
2795 if (retval != ERROR_OK)
2796 return retval;
2797
2798 if (dbg_idpfr1 & 0x000000f0) {
2799 LOG_DEBUG("target->coreid %" PRId32 " has security extensions",
2800 target->coreid);
2801 armv7a->arm.core_type = ARM_CORE_TYPE_SEC_EXT;
2802 }
2803 if (dbg_idpfr1 & 0x0000f000) {
2804 LOG_DEBUG("target->coreid %" PRId32 " has virtualization extensions",
2805 target->coreid);
2806 /*
2807 * overwrite and simplify the checks.
2808 * virtualization extensions require implementation of security extension
2809 */
2810 armv7a->arm.core_type = ARM_CORE_TYPE_VIRT_EXT;
2811 }
2812
2813 /* Avoid recreating the registers cache */
2814 if (!target_was_examined(target)) {
2815 retval = cortex_a_dpm_setup(cortex_a, didr);
2816 if (retval != ERROR_OK)
2817 return retval;
2818 }
2819
2820 /* Setup Breakpoint Register Pairs */
2821 cortex_a->brp_num = ((didr >> 24) & 0x0F) + 1;
2822 cortex_a->brp_num_context = ((didr >> 20) & 0x0F) + 1;
2823 cortex_a->brp_num_available = cortex_a->brp_num;
2824 free(cortex_a->brp_list);
2825 cortex_a->brp_list = calloc(cortex_a->brp_num, sizeof(struct cortex_a_brp));
2826 /* cortex_a->brb_enabled = ????; */
2827 for (i = 0; i < cortex_a->brp_num; i++) {
2828 cortex_a->brp_list[i].used = 0;
2829 if (i < (cortex_a->brp_num-cortex_a->brp_num_context))
2830 cortex_a->brp_list[i].type = BRP_NORMAL;
2831 else
2832 cortex_a->brp_list[i].type = BRP_CONTEXT;
2833 cortex_a->brp_list[i].value = 0;
2834 cortex_a->brp_list[i].control = 0;
2835 cortex_a->brp_list[i].BRPn = i;
2836 }
2837
2838 LOG_DEBUG("Configured %i hw breakpoints", cortex_a->brp_num);
2839
2840 /* select debug_ap as default */
2841 swjdp->apsel = armv7a->debug_ap->ap_num;
2842
2843 target_set_examined(target);
2844 return ERROR_OK;
2845 }
2846
2847 static int cortex_a_examine(struct target *target)
2848 {
2849 int retval = ERROR_OK;
2850
2851 /* Reestablish communication after target reset */
2852 retval = cortex_a_examine_first(target);
2853
2854 /* Configure core debug access */
2855 if (retval == ERROR_OK)
2856 retval = cortex_a_init_debug_access(target);
2857
2858 return retval;
2859 }
2860
2861 /*
2862 * Cortex-A target creation and initialization
2863 */
2864
2865 static int cortex_a_init_target(struct command_context *cmd_ctx,
2866 struct target *target)
2867 {
2868 /* examine_first() does a bunch of this */
2869 arm_semihosting_init(target);
2870 return ERROR_OK;
2871 }
2872
2873 static int cortex_a_init_arch_info(struct target *target,
2874 struct cortex_a_common *cortex_a, struct adiv5_dap *dap)
2875 {
2876 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
2877
2878 /* Setup struct cortex_a_common */
2879 cortex_a->common_magic = CORTEX_A_COMMON_MAGIC;
2880 armv7a->arm.dap = dap;
2881
2882 /* register arch-specific functions */
2883 armv7a->examine_debug_reason = NULL;
2884
2885 armv7a->post_debug_entry = cortex_a_post_debug_entry;
2886
2887 armv7a->pre_restore_context = NULL;
2888
2889 armv7a->armv7a_mmu.read_physical_memory = cortex_a_read_phys_memory;
2890
2891
2892 /* arm7_9->handle_target_request = cortex_a_handle_target_request; */
2893
2894 /* REVISIT v7a setup should be in a v7a-specific routine */
2895 armv7a_init_arch_info(target, armv7a);
2896 target_register_timer_callback(cortex_a_handle_target_request, 1,
2897 TARGET_TIMER_TYPE_PERIODIC, target);
2898
2899 return ERROR_OK;
2900 }
2901
2902 static int cortex_a_target_create(struct target *target, Jim_Interp *interp)
2903 {
2904 struct cortex_a_common *cortex_a;
2905 struct adiv5_private_config *pc;
2906
2907 if (target->private_config == NULL)
2908 return ERROR_FAIL;
2909
2910 pc = (struct adiv5_private_config *)target->private_config;
2911
2912 cortex_a = calloc(1, sizeof(struct cortex_a_common));
2913 if (cortex_a == NULL) {
2914 LOG_ERROR("Out of memory");
2915 return ERROR_FAIL;
2916 }
2917 cortex_a->common_magic = CORTEX_A_COMMON_MAGIC;
2918 cortex_a->armv7a_common.is_armv7r = false;
2919 cortex_a->armv7a_common.arm.arm_vfp_version = ARM_VFP_V3;
2920
2921 return cortex_a_init_arch_info(target, cortex_a, pc->dap);
2922 }
2923
2924 static int cortex_r4_target_create(struct target *target, Jim_Interp *interp)
2925 {
2926 struct cortex_a_common *cortex_a;
2927 struct adiv5_private_config *pc;
2928
2929 pc = (struct adiv5_private_config *)target->private_config;
2930 if (adiv5_verify_config(pc) != ERROR_OK)
2931 return ERROR_FAIL;
2932
2933 cortex_a = calloc(1, sizeof(struct cortex_a_common));
2934 if (cortex_a == NULL) {
2935 LOG_ERROR("Out of memory");
2936 return ERROR_FAIL;
2937 }
2938 cortex_a->common_magic = CORTEX_A_COMMON_MAGIC;
2939 cortex_a->armv7a_common.is_armv7r = true;
2940
2941 return cortex_a_init_arch_info(target, cortex_a, pc->dap);
2942 }
2943
2944 static void cortex_a_deinit_target(struct target *target)
2945 {
2946 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
2947 struct armv7a_common *armv7a = &cortex_a->armv7a_common;
2948 struct arm_dpm *dpm = &armv7a->dpm;
2949 uint32_t dscr;
2950 int retval;
2951
2952 if (target_was_examined(target)) {
2953 /* Disable halt for breakpoint, watchpoint and vector catch */
2954 retval = mem_ap_read_atomic_u32(armv7a->debug_ap,
2955 armv7a->debug_base + CPUDBG_DSCR, &dscr);
2956 if (retval == ERROR_OK)
2957 mem_ap_write_atomic_u32(armv7a->debug_ap,
2958 armv7a->debug_base + CPUDBG_DSCR,
2959 dscr & ~DSCR_HALT_DBG_MODE);
2960 }
2961
2962 free(cortex_a->brp_list);
2963 arm_free_reg_cache(dpm->arm);
2964 free(dpm->dbp);
2965 free(dpm->dwp);
2966 free(target->private_config);
2967 free(cortex_a);
2968 }
2969
2970 static int cortex_a_mmu(struct target *target, int *enabled)
2971 {
2972 struct armv7a_common *armv7a = target_to_armv7a(target);
2973
2974 if (target->state != TARGET_HALTED) {
2975 LOG_ERROR("%s: target not halted", __func__);
2976 return ERROR_TARGET_INVALID;
2977 }
2978
2979 if (armv7a->is_armv7r)
2980 *enabled = 0;
2981 else
2982 *enabled = target_to_cortex_a(target)->armv7a_common.armv7a_mmu.mmu_enabled;
2983
2984 return ERROR_OK;
2985 }
2986
2987 static int cortex_a_virt2phys(struct target *target,
2988 target_addr_t virt, target_addr_t *phys)
2989 {
2990 int retval;
2991 int mmu_enabled = 0;
2992
2993 /*
2994 * If the MMU was not enabled at debug entry, there is no
2995 * way of knowing if there was ever a valid configuration
2996 * for it and thus it's not safe to enable it. In this case,
2997 * just return the virtual address as physical.
2998 */
2999 cortex_a_mmu(target, &mmu_enabled);
3000 if (!mmu_enabled) {
3001 *phys = virt;
3002 return ERROR_OK;
3003 }
3004
3005 /* mmu must be enable in order to get a correct translation */
3006 retval = cortex_a_mmu_modify(target, 1);
3007 if (retval != ERROR_OK)
3008 return retval;
3009 return armv7a_mmu_translate_va_pa(target, (uint32_t)virt,
3010 phys, 1);
3011 }
3012
3013 COMMAND_HANDLER(cortex_a_handle_cache_info_command)
3014 {
3015 struct target *target = get_current_target(CMD_CTX);
3016 struct armv7a_common *armv7a = target_to_armv7a(target);
3017
3018 return armv7a_handle_cache_info_command(CMD,
3019 &armv7a->armv7a_mmu.armv7a_cache);
3020 }
3021
3022
3023 COMMAND_HANDLER(cortex_a_handle_dbginit_command)
3024 {
3025 struct target *target = get_current_target(CMD_CTX);
3026 if (!target_was_examined(target)) {
3027 LOG_ERROR("target not examined yet");
3028 return ERROR_FAIL;
3029 }
3030
3031 return cortex_a_init_debug_access(target);
3032 }
3033
3034 COMMAND_HANDLER(handle_cortex_a_mask_interrupts_command)
3035 {
3036 struct target *target = get_current_target(CMD_CTX);
3037 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
3038
3039 static const Jim_Nvp nvp_maskisr_modes[] = {
3040 { .name = "off", .value = CORTEX_A_ISRMASK_OFF },
3041 { .name = "on", .value = CORTEX_A_ISRMASK_ON },
3042 { .name = NULL, .value = -1 },
3043 };
3044 const Jim_Nvp *n;
3045
3046 if (CMD_ARGC > 0) {
3047 n = Jim_Nvp_name2value_simple(nvp_maskisr_modes, CMD_ARGV[0]);
3048 if (n->name == NULL) {
3049 LOG_ERROR("Unknown parameter: %s - should be off or on", CMD_ARGV[0]);
3050 return ERROR_COMMAND_SYNTAX_ERROR;
3051 }
3052
3053 cortex_a->isrmasking_mode = n->value;
3054 }
3055
3056 n = Jim_Nvp_value2name_simple(nvp_maskisr_modes, cortex_a->isrmasking_mode);
3057 command_print(CMD, "cortex_a interrupt mask %s", n->name);
3058
3059 return ERROR_OK;
3060 }
3061
3062 COMMAND_HANDLER(handle_cortex_a_dacrfixup_command)
3063 {
3064 struct target *target = get_current_target(CMD_CTX);
3065 struct cortex_a_common *cortex_a = target_to_cortex_a(target);
3066
3067 static const Jim_Nvp nvp_dacrfixup_modes[] = {
3068 { .name = "off", .value = CORTEX_A_DACRFIXUP_OFF },
3069 { .name = "on", .value = CORTEX_A_DACRFIXUP_ON },
3070 { .name = NULL, .value = -1 },
3071 };
3072 const Jim_Nvp *n;
3073
3074 if (CMD_ARGC > 0) {
3075 n = Jim_Nvp_name2value_simple(nvp_dacrfixup_modes, CMD_ARGV[0]);
3076 if (n->name == NULL)
3077 return ERROR_COMMAND_SYNTAX_ERROR;
3078 cortex_a->dacrfixup_mode = n->value;
3079
3080 }
3081
3082 n = Jim_Nvp_value2name_simple(nvp_dacrfixup_modes, cortex_a->dacrfixup_mode);
3083 command_print(CMD, "cortex_a domain access control fixup %s", n->name);
3084
3085 return ERROR_OK;
3086 }
3087
3088 static const struct command_registration cortex_a_exec_command_handlers[] = {
3089 {
3090 .name = "cache_info",
3091 .handler = cortex_a_handle_cache_info_command,
3092 .mode = COMMAND_EXEC,
3093 .help = "display information about target caches",
3094 .usage = "",
3095 },
3096 {
3097 .name = "dbginit",
3098 .handler = cortex_a_handle_dbginit_command,
3099 .mode = COMMAND_EXEC,
3100 .help = "Initialize core debug",
3101 .usage = "",
3102 },
3103 {
3104 .name = "maskisr",
3105 .handler = handle_cortex_a_mask_interrupts_command,
3106 .mode = COMMAND_ANY,
3107 .help = "mask cortex_a interrupts",
3108 .usage = "['on'|'off']",
3109 },
3110 {
3111 .name = "dacrfixup",
3112 .handler = handle_cortex_a_dacrfixup_command,
3113 .mode = COMMAND_ANY,
3114 .help = "set domain access control (DACR) to all-manager "
3115 "on memory access",
3116 .usage = "['on'|'off']",
3117 },
3118 {
3119 .chain = armv7a_mmu_command_handlers,
3120 },
3121 {
3122 .chain = smp_command_handlers,
3123 },
3124
3125 COMMAND_REGISTRATION_DONE
3126 };
3127 static const struct command_registration cortex_a_command_handlers[] = {
3128 {
3129 .chain = arm_command_handlers,
3130 },
3131 {
3132 .chain = armv7a_command_handlers,
3133 },
3134 {
3135 .name = "cortex_a",
3136 .mode = COMMAND_ANY,
3137 .help = "Cortex-A command group",
3138 .usage = "",
3139 .chain = cortex_a_exec_command_handlers,
3140 },
3141 COMMAND_REGISTRATION_DONE
3142 };
3143
3144 struct target_type cortexa_target = {
3145 .name = "cortex_a",
3146 .deprecated_name = "cortex_a8",
3147
3148 .poll = cortex_a_poll,
3149 .arch_state = armv7a_arch_state,
3150
3151 .halt = cortex_a_halt,
3152 .resume = cortex_a_resume,
3153 .step = cortex_a_step,
3154
3155 .assert_reset = cortex_a_assert_reset,
3156 .deassert_reset = cortex_a_deassert_reset,
3157
3158 /* REVISIT allow exporting VFP3 registers ... */
3159 .get_gdb_arch = arm_get_gdb_arch,
3160 .get_gdb_reg_list = arm_get_gdb_reg_list,
3161
3162 .read_memory = cortex_a_read_memory,
3163 .write_memory = cortex_a_write_memory,
3164
3165 .read_buffer = cortex_a_read_buffer,
3166 .write_buffer = cortex_a_write_buffer,
3167
3168 .checksum_memory = arm_checksum_memory,
3169 .blank_check_memory = arm_blank_check_memory,
3170
3171 .run_algorithm = armv4_5_run_algorithm,
3172
3173 .add_breakpoint = cortex_a_add_breakpoint,
3174 .add_context_breakpoint = cortex_a_add_context_breakpoint,
3175 .add_hybrid_breakpoint = cortex_a_add_hybrid_breakpoint,
3176 .remove_breakpoint = cortex_a_remove_breakpoint,
3177 .add_watchpoint = NULL,
3178 .remove_watchpoint = NULL,
3179
3180 .commands = cortex_a_command_handlers,
3181 .target_create = cortex_a_target_create,
3182 .target_jim_configure = adiv5_jim_configure,
3183 .init_target = cortex_a_init_target,
3184 .examine = cortex_a_examine,
3185 .deinit_target = cortex_a_deinit_target,
3186
3187 .read_phys_memory = cortex_a_read_phys_memory,
3188 .write_phys_memory = cortex_a_write_phys_memory,
3189 .mmu = cortex_a_mmu,
3190 .virt2phys = cortex_a_virt2phys,
3191 };
3192
3193 static const struct command_registration cortex_r4_exec_command_handlers[] = {
3194 {
3195 .name = "dbginit",
3196 .handler = cortex_a_handle_dbginit_command,
3197 .mode = COMMAND_EXEC,
3198 .help = "Initialize core debug",
3199 .usage = "",
3200 },
3201 {
3202 .name = "maskisr",
3203 .handler = handle_cortex_a_mask_interrupts_command,
3204 .mode = COMMAND_EXEC,
3205 .help = "mask cortex_r4 interrupts",
3206 .usage = "['on'|'off']",
3207 },
3208
3209 COMMAND_REGISTRATION_DONE
3210 };
3211 static const struct command_registration cortex_r4_command_handlers[] = {
3212 {
3213 .chain = arm_command_handlers,
3214 },
3215 {
3216 .name = "cortex_r4",
3217 .mode = COMMAND_ANY,
3218 .help = "Cortex-R4 command group",
3219 .usage = "",
3220 .chain = cortex_r4_exec_command_handlers,
3221 },
3222 COMMAND_REGISTRATION_DONE
3223 };
3224
3225 struct target_type cortexr4_target = {
3226 .name = "cortex_r4",
3227
3228 .poll = cortex_a_poll,
3229 .arch_state = armv7a_arch_state,
3230
3231 .halt = cortex_a_halt,
3232 .resume = cortex_a_resume,
3233 .step = cortex_a_step,
3234
3235 .assert_reset = cortex_a_assert_reset,
3236 .deassert_reset = cortex_a_deassert_reset,
3237
3238 /* REVISIT allow exporting VFP3 registers ... */
3239 .get_gdb_arch = arm_get_gdb_arch,
3240 .get_gdb_reg_list = arm_get_gdb_reg_list,
3241
3242 .read_memory = cortex_a_read_phys_memory,
3243 .write_memory = cortex_a_write_phys_memory,
3244
3245 .checksum_memory = arm_checksum_memory,
3246 .blank_check_memory = arm_blank_check_memory,
3247
3248 .run_algorithm = armv4_5_run_algorithm,
3249
3250 .add_breakpoint = cortex_a_add_breakpoint,
3251 .add_context_breakpoint = cortex_a_add_context_breakpoint,
3252 .add_hybrid_breakpoint = cortex_a_add_hybrid_breakpoint,
3253 .remove_breakpoint = cortex_a_remove_breakpoint,
3254 .add_watchpoint = NULL,
3255 .remove_watchpoint = NULL,
3256
3257 .commands = cortex_r4_command_handlers,
3258 .target_create = cortex_r4_target_create,
3259 .target_jim_configure = adiv5_jim_configure,
3260 .init_target = cortex_a_init_target,
3261 .examine = cortex_a_examine,
3262 .deinit_target = cortex_a_deinit_target,
3263 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)