1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * Copyright (C) 2008 by Spencer Oliver *
9 * spen@spen-soft.co.uk *
11 * This program is free software; you can redistribute it and/or modify *
12 * it under the terms of the GNU General Public License as published by *
13 * the Free Software Foundation; either version 2 of the License, or *
14 * (at your option) any later version. *
16 * This program is distributed in the hope that it will be useful, *
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
19 * GNU General Public License for more details. *
21 * You should have received a copy of the GNU General Public License *
22 * along with this program; if not, write to the *
23 * Free Software Foundation, Inc., *
24 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
25 ***************************************************************************/
30 #include "embeddedice.h"
32 #define ARRAY_SIZE(x) ((int)(sizeof(x)/sizeof((x)[0])))
35 static bitfield_desc_t embeddedice_comms_ctrl_bitfield_desc
[] =
45 * From: ARM9E-S TRM, DDI 0165, table C-4 (and similar, for other cores)
55 /* width is assigned based on EICE version */
58 .name
= "debug_status",
60 /* width is assigned based on EICE version */
72 [EICE_W0_ADDR_VALUE
] = {
73 .name
= "watch_0_addr_value",
77 [EICE_W0_ADDR_MASK
] = {
78 .name
= "watch_0_addr_mask",
82 [EICE_W0_DATA_VALUE
] = {
83 .name
= "watch_0_data_value",
87 [EICE_W0_DATA_MASK
] = {
88 .name
= "watch_0_data_mask",
92 [EICE_W0_CONTROL_VALUE
] = {
93 .name
= "watch_0_control_value",
97 [EICE_W0_CONTROL_MASK
] = {
98 .name
= "watch_0_control_mask",
102 [EICE_W1_ADDR_VALUE
] = {
103 .name
= "watch_1_addr_value",
107 [EICE_W1_ADDR_MASK
] = {
108 .name
= "watch_1_addr_mask",
112 [EICE_W1_DATA_VALUE
] = {
113 .name
= "watch_1_data_value",
117 [EICE_W1_DATA_MASK
] = {
118 .name
= "watch_1_data_mask",
122 [EICE_W1_CONTROL_VALUE
] = {
123 .name
= "watch_1_control_value",
127 [EICE_W1_CONTROL_MASK
] = {
128 .name
= "watch_1_control_mask",
132 /* vector_catch isn't always present */
134 .name
= "vector_catch",
141 static int embeddedice_reg_arch_type
= -1;
143 static int embeddedice_get_reg(reg_t
*reg
);
145 reg_cache_t
* embeddedice_build_reg_cache(target_t
*target
, arm7_9_common_t
*arm7_9
)
148 reg_cache_t
*reg_cache
= malloc(sizeof(reg_cache_t
));
149 reg_t
*reg_list
= NULL
;
150 embeddedice_reg_t
*arch_info
= NULL
;
151 arm_jtag_t
*jtag_info
= &arm7_9
->jtag_info
;
152 int num_regs
= ARRAY_SIZE(eice_regs
);
154 int eice_version
= 0;
156 /* register a register arch-type for EmbeddedICE registers only once */
157 if (embeddedice_reg_arch_type
== -1)
158 embeddedice_reg_arch_type
= register_reg_arch_type(
159 embeddedice_get_reg
, embeddedice_set_reg_w_exec
);
161 /* vector_catch isn't always present */
162 if (!arm7_9
->has_vector_catch
)
165 /* the actual registers are kept in two arrays */
166 reg_list
= calloc(num_regs
, sizeof(reg_t
));
167 arch_info
= calloc(num_regs
, sizeof(embeddedice_reg_t
));
169 /* fill in values for the reg cache */
170 reg_cache
->name
= "EmbeddedICE registers";
171 reg_cache
->next
= NULL
;
172 reg_cache
->reg_list
= reg_list
;
173 reg_cache
->num_regs
= num_regs
;
175 /* set up registers */
176 for (i
= 0; i
< num_regs
; i
++)
178 reg_list
[i
].name
= eice_regs
[i
].name
;
179 reg_list
[i
].size
= eice_regs
[i
].width
;
180 reg_list
[i
].dirty
= 0;
181 reg_list
[i
].valid
= 0;
182 reg_list
[i
].bitfield_desc
= NULL
;
183 reg_list
[i
].num_bitfields
= 0;
184 reg_list
[i
].value
= calloc(1, 4);
185 reg_list
[i
].arch_info
= &arch_info
[i
];
186 reg_list
[i
].arch_type
= embeddedice_reg_arch_type
;
187 arch_info
[i
].addr
= eice_regs
[i
].addr
;
188 arch_info
[i
].jtag_info
= jtag_info
;
191 /* identify EmbeddedICE version by reading DCC control register */
192 embeddedice_read_reg(®_list
[EICE_COMMS_CTRL
]);
193 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
195 for (i
= 0; i
< num_regs
; i
++)
197 free(reg_list
[i
].value
);
205 eice_version
= buf_get_u32(reg_list
[EICE_COMMS_CTRL
].value
, 28, 4);
206 LOG_DEBUG("Embedded ICE version %d", eice_version
);
208 switch (eice_version
)
211 /* ARM7TDMI r3, ARM7TDMI-S r3
213 * REVISIT docs say ARM7TDMI-S r4 uses version 1 but
214 * that it has 6-bit CTRL and 5-bit STAT... doc bug?
215 * ARM7TDMI r4 docs say EICE v4.
217 reg_list
[EICE_DBG_CTRL
].size
= 3;
218 reg_list
[EICE_DBG_STAT
].size
= 5;
222 reg_list
[EICE_DBG_CTRL
].size
= 4;
223 reg_list
[EICE_DBG_STAT
].size
= 5;
224 arm7_9
->has_single_step
= 1;
227 LOG_ERROR("EmbeddedICE v%d handling might be broken",
229 reg_list
[EICE_DBG_CTRL
].size
= 6;
230 reg_list
[EICE_DBG_STAT
].size
= 5;
231 arm7_9
->has_single_step
= 1;
232 arm7_9
->has_monitor_mode
= 1;
236 reg_list
[EICE_DBG_CTRL
].size
= 6;
237 reg_list
[EICE_DBG_STAT
].size
= 5;
238 arm7_9
->has_monitor_mode
= 1;
242 reg_list
[EICE_DBG_CTRL
].size
= 6;
243 reg_list
[EICE_DBG_STAT
].size
= 5;
244 arm7_9
->has_single_step
= 1;
245 arm7_9
->has_monitor_mode
= 1;
248 /* ARM7EJ-S, ARM9E-S rev 2, ARM9EJ-S */
249 reg_list
[EICE_DBG_CTRL
].size
= 6;
250 reg_list
[EICE_DBG_STAT
].size
= 10;
251 /* DBG_STAT has MOE bits */
252 arm7_9
->has_monitor_mode
= 1;
255 LOG_ERROR("EmbeddedICE v%d handling might be broken",
257 reg_list
[EICE_DBG_CTRL
].size
= 6;
258 reg_list
[EICE_DBG_STAT
].size
= 5;
259 arm7_9
->has_monitor_mode
= 1;
263 * The Feroceon implementation has the version number
264 * in some unusual bits. Let feroceon.c validate it
265 * and do the appropriate setup itself.
267 if (strcmp(target_get_name(target
), "feroceon") == 0)
269 LOG_ERROR("unknown EmbeddedICE version (comms ctrl: 0x%8.8" PRIx32
")", buf_get_u32(reg_list
[EICE_COMMS_CTRL
].value
, 0, 32));
275 int embeddedice_setup(target_t
*target
)
278 armv4_5_common_t
*armv4_5
= target
->arch_info
;
279 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
281 /* explicitly disable monitor mode */
282 if (arm7_9
->has_monitor_mode
)
284 reg_t
*dbg_ctrl
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_CTRL
];
286 embeddedice_read_reg(dbg_ctrl
);
287 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
289 buf_set_u32(dbg_ctrl
->value
, 4, 1, 0);
290 embeddedice_set_reg_w_exec(dbg_ctrl
, dbg_ctrl
->value
);
292 return jtag_execute_queue();
295 static int embeddedice_get_reg(reg_t
*reg
)
298 if ((retval
= embeddedice_read_reg(reg
)) != ERROR_OK
)
300 LOG_ERROR("BUG: error scheduling EmbeddedICE register read");
304 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
306 LOG_ERROR("register read failed");
313 int embeddedice_read_reg_w_check(reg_t
*reg
, uint8_t* check_value
, uint8_t* check_mask
)
315 embeddedice_reg_t
*ice_reg
= reg
->arch_info
;
316 uint8_t reg_addr
= ice_reg
->addr
& 0x1f;
317 scan_field_t fields
[3];
318 uint8_t field1_out
[1];
319 uint8_t field2_out
[1];
321 jtag_set_end_state(TAP_IDLE
);
322 arm_jtag_scann(ice_reg
->jtag_info
, 0x2);
324 arm_jtag_set_instr(ice_reg
->jtag_info
, ice_reg
->jtag_info
->intest_instr
, NULL
);
326 fields
[0].tap
= ice_reg
->jtag_info
->tap
;
327 fields
[0].num_bits
= 32;
328 fields
[0].out_value
= reg
->value
;
329 fields
[0].in_value
= NULL
;
330 fields
[0].check_value
= NULL
;
331 fields
[0].check_mask
= NULL
;
333 fields
[1].tap
= ice_reg
->jtag_info
->tap
;
334 fields
[1].num_bits
= 5;
335 fields
[1].out_value
= field1_out
;
336 buf_set_u32(fields
[1].out_value
, 0, 5, reg_addr
);
337 fields
[1].in_value
= NULL
;
338 fields
[1].check_value
= NULL
;
339 fields
[1].check_mask
= NULL
;
341 fields
[2].tap
= ice_reg
->jtag_info
->tap
;
342 fields
[2].num_bits
= 1;
343 fields
[2].out_value
= field2_out
;
344 buf_set_u32(fields
[2].out_value
, 0, 1, 0);
345 fields
[2].in_value
= NULL
;
346 fields
[2].check_value
= NULL
;
347 fields
[2].check_mask
= NULL
;
349 jtag_add_dr_scan(3, fields
, jtag_get_end_state());
351 fields
[0].in_value
= reg
->value
;
352 fields
[0].check_value
= check_value
;
353 fields
[0].check_mask
= check_mask
;
355 /* when reading the DCC data register, leaving the address field set to
356 * EICE_COMMS_DATA would read the register twice
357 * reading the control register is safe
359 buf_set_u32(fields
[1].out_value
, 0, 5, eice_regs
[EICE_COMMS_CTRL
].addr
);
361 jtag_add_dr_scan_check(3, fields
, jtag_get_end_state());
366 /* receive <size> words of 32 bit from the DCC
367 * we pretend the target is always going to be fast enough
368 * (relative to the JTAG clock), so we don't need to handshake
370 int embeddedice_receive(arm_jtag_t
*jtag_info
, uint32_t *data
, uint32_t size
)
372 scan_field_t fields
[3];
373 uint8_t field1_out
[1];
374 uint8_t field2_out
[1];
376 jtag_set_end_state(TAP_IDLE
);
377 arm_jtag_scann(jtag_info
, 0x2);
378 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
);
380 fields
[0].tap
= jtag_info
->tap
;
381 fields
[0].num_bits
= 32;
382 fields
[0].out_value
= NULL
;
383 fields
[0].in_value
= NULL
;
385 fields
[1].tap
= jtag_info
->tap
;
386 fields
[1].num_bits
= 5;
387 fields
[1].out_value
= field1_out
;
388 buf_set_u32(fields
[1].out_value
, 0, 5, eice_regs
[EICE_COMMS_DATA
].addr
);
389 fields
[1].in_value
= NULL
;
391 fields
[2].tap
= jtag_info
->tap
;
392 fields
[2].num_bits
= 1;
393 fields
[2].out_value
= field2_out
;
394 buf_set_u32(fields
[2].out_value
, 0, 1, 0);
395 fields
[2].in_value
= NULL
;
397 jtag_add_dr_scan(3, fields
, jtag_get_end_state());
401 /* when reading the last item, set the register address to the DCC control reg,
402 * to avoid reading additional data from the DCC data reg
405 buf_set_u32(fields
[1].out_value
, 0, 5,
406 eice_regs
[EICE_COMMS_CTRL
].addr
);
408 fields
[0].in_value
= (uint8_t *)data
;
409 jtag_add_dr_scan(3, fields
, jtag_get_end_state());
410 jtag_add_callback(arm_le_to_h_u32
, (jtag_callback_data_t
)data
);
416 return jtag_execute_queue();
419 int embeddedice_read_reg(reg_t
*reg
)
421 return embeddedice_read_reg_w_check(reg
, NULL
, NULL
);
424 void embeddedice_set_reg(reg_t
*reg
, uint32_t value
)
426 embeddedice_write_reg(reg
, value
);
428 buf_set_u32(reg
->value
, 0, reg
->size
, value
);
434 int embeddedice_set_reg_w_exec(reg_t
*reg
, uint8_t *buf
)
437 embeddedice_set_reg(reg
, buf_get_u32(buf
, 0, reg
->size
));
439 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
441 LOG_ERROR("register write failed");
447 void embeddedice_write_reg(reg_t
*reg
, uint32_t value
)
449 embeddedice_reg_t
*ice_reg
= reg
->arch_info
;
451 LOG_DEBUG("%i: 0x%8.8" PRIx32
"", ice_reg
->addr
, value
);
453 jtag_set_end_state(TAP_IDLE
);
454 arm_jtag_scann(ice_reg
->jtag_info
, 0x2);
456 arm_jtag_set_instr(ice_reg
->jtag_info
, ice_reg
->jtag_info
->intest_instr
, NULL
);
458 uint8_t reg_addr
= ice_reg
->addr
& 0x1f;
459 embeddedice_write_reg_inner(ice_reg
->jtag_info
->tap
, reg_addr
, value
);
463 void embeddedice_store_reg(reg_t
*reg
)
465 embeddedice_write_reg(reg
, buf_get_u32(reg
->value
, 0, reg
->size
));
468 /* send <size> words of 32 bit to the DCC
469 * we pretend the target is always going to be fast enough
470 * (relative to the JTAG clock), so we don't need to handshake
472 int embeddedice_send(arm_jtag_t
*jtag_info
, uint32_t *data
, uint32_t size
)
474 scan_field_t fields
[3];
475 uint8_t field0_out
[4];
476 uint8_t field1_out
[1];
477 uint8_t field2_out
[1];
479 jtag_set_end_state(TAP_IDLE
);
480 arm_jtag_scann(jtag_info
, 0x2);
481 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
);
483 fields
[0].tap
= jtag_info
->tap
;
484 fields
[0].num_bits
= 32;
485 fields
[0].out_value
= field0_out
;
486 fields
[0].in_value
= NULL
;
488 fields
[1].tap
= jtag_info
->tap
;
489 fields
[1].num_bits
= 5;
490 fields
[1].out_value
= field1_out
;
491 buf_set_u32(fields
[1].out_value
, 0, 5, eice_regs
[EICE_COMMS_DATA
].addr
);
492 fields
[1].in_value
= NULL
;
494 fields
[2].tap
= jtag_info
->tap
;
495 fields
[2].num_bits
= 1;
496 fields
[2].out_value
= field2_out
;
497 buf_set_u32(fields
[2].out_value
, 0, 1, 1);
499 fields
[2].in_value
= NULL
;
503 buf_set_u32(fields
[0].out_value
, 0, 32, *data
);
504 jtag_add_dr_scan(3, fields
, jtag_get_end_state());
510 /* call to jtag_execute_queue() intentionally omitted */
514 /* wait for DCC control register R/W handshake bit to become active
516 int embeddedice_handshake(arm_jtag_t
*jtag_info
, int hsbit
, uint32_t timeout
)
518 scan_field_t fields
[3];
519 uint8_t field0_in
[4];
520 uint8_t field1_out
[1];
521 uint8_t field2_out
[1];
527 if (hsbit
== EICE_COMM_CTRL_WBIT
)
529 else if (hsbit
== EICE_COMM_CTRL_RBIT
)
532 return ERROR_INVALID_ARGUMENTS
;
534 jtag_set_end_state(TAP_IDLE
);
535 arm_jtag_scann(jtag_info
, 0x2);
536 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
);
538 fields
[0].tap
= jtag_info
->tap
;
539 fields
[0].num_bits
= 32;
540 fields
[0].out_value
= NULL
;
541 fields
[0].in_value
= field0_in
;
543 fields
[1].tap
= jtag_info
->tap
;
544 fields
[1].num_bits
= 5;
545 fields
[1].out_value
= field1_out
;
546 buf_set_u32(fields
[1].out_value
, 0, 5, eice_regs
[EICE_COMMS_DATA
].addr
);
547 fields
[1].in_value
= NULL
;
549 fields
[2].tap
= jtag_info
->tap
;
550 fields
[2].num_bits
= 1;
551 fields
[2].out_value
= field2_out
;
552 buf_set_u32(fields
[2].out_value
, 0, 1, 0);
553 fields
[2].in_value
= NULL
;
555 jtag_add_dr_scan(3, fields
, jtag_get_end_state());
556 gettimeofday(&lap
, NULL
);
559 jtag_add_dr_scan(3, fields
, jtag_get_end_state());
560 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
563 if (buf_get_u32(field0_in
, hsbit
, 1) == hsact
)
566 gettimeofday(&now
, NULL
);
568 while ((uint32_t)((now
.tv_sec
-lap
.tv_sec
)*1000 + (now
.tv_usec
-lap
.tv_usec
)/1000) <= timeout
);
570 return ERROR_TARGET_TIMEOUT
;
573 #ifndef HAVE_JTAG_MINIDRIVER_H
574 /* this is the inner loop of the open loop DCC write of data to target */
575 void embeddedice_write_dcc(jtag_tap_t
*tap
, int reg_addr
, uint8_t *buffer
, int little
, int count
)
578 for (i
= 0; i
< count
; i
++)
580 embeddedice_write_reg_inner(tap
, reg_addr
, fast_target_buffer_get_u32(buffer
, little
));
585 /* provided by minidriver */
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)