+/***************************************************************************\r
+ * Copyright (C) 2009 by Simon Qian *\r
+ * SimonQian@SimonQian.com *\r
+ * *\r
+ * This program is free software; you can redistribute it and/or modify *\r
+ * it under the terms of the GNU General Public License as published by *\r
+ * the Free Software Foundation; either version 2 of the License, or *\r
+ * (at your option) any later version. *\r
+ * *\r
+ * This program is distributed in the hope that it will be useful, *\r
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *\r
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *\r
+ * GNU General Public License for more details. *\r
+ * *\r
+ * You should have received a copy of the GNU General Public License *\r
+ * along with this program; if not, write to the *\r
+ * Free Software Foundation, Inc., *\r
+ * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *\r
+ ***************************************************************************/\r
+#ifdef HAVE_CONFIG_H\r
+#include "config.h"\r
+#endif\r
+\r
+#include "replacements.h"\r
+\r
+#include "avrf.h"\r
+#include "avrt.h"\r
+#include "flash.h"\r
+#include "target.h"\r
+#include "log.h"\r
+#include "algorithm.h"\r
+#include "binarybuffer.h"\r
+\r
+#include <stdlib.h>\r
+#include <string.h>\r
+\r
+/* AVR_JTAG_Instructions */\r
+#define AVR_JTAG_INS_LEN 4\r
+// Public Instructions:\r
+#define AVR_JTAG_INS_EXTEST 0x00\r
+#define AVR_JTAG_INS_IDCODE 0x01\r
+#define AVR_JTAG_INS_SAMPLE_PRELOAD 0x02\r
+#define AVR_JTAG_INS_BYPASS 0x0F\r
+// AVR Specified Public Instructions:\r
+#define AVR_JTAG_INS_AVR_RESET 0x0C\r
+#define AVR_JTAG_INS_PROG_ENABLE 0x04\r
+#define AVR_JTAG_INS_PROG_COMMANDS 0x05\r
+#define AVR_JTAG_INS_PROG_PAGELOAD 0x06\r
+#define AVR_JTAG_INS_PROG_PAGEREAD 0x07\r
+\r
+// Data Registers:\r
+#define AVR_JTAG_REG_Bypass_Len 1\r
+#define AVR_JTAG_REG_DeviceID_Len 32\r
+\r
+#define AVR_JTAG_REG_Reset_Len 1\r
+#define AVR_JTAG_REG_JTAGID_Len 32\r
+#define AVR_JTAG_REG_ProgrammingEnable_Len 16\r
+#define AVR_JTAG_REG_ProgrammingCommand_Len 15\r
+#define AVR_JTAG_REG_FlashDataByte_Len 16\r
+\r
+avrf_type_t avft_chips_info[] = \r
+{\r
+// name, chip_id, flash_page_size, flash_page_num, eeprom_page_size, eeprom_page_num\r
+ {"atmega128", 0x9702, 256, 512, 8, 512},\r
+};\r
+\r
+static int avrf_register_commands(struct command_context_s *cmd_ctx);\r
+static int avrf_flash_bank_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc, struct flash_bank_s *bank);\r
+static int avrf_erase(struct flash_bank_s *bank, int first, int last);\r
+static int avrf_protect(struct flash_bank_s *bank, int set, int first, int last);\r
+static int avrf_write(struct flash_bank_s *bank, u8 *buffer, u32 offset, u32 count);\r
+static int avrf_probe(struct flash_bank_s *bank);\r
+static int avrf_auto_probe(struct flash_bank_s *bank);\r
+//static int avrf_handle_part_id_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);\r
+static int avrf_protect_check(struct flash_bank_s *bank);\r
+static int avrf_info(struct flash_bank_s *bank, char *buf, int buf_size);\r
+\r
+static int avrf_handle_mass_erase_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);\r
+\r
+extern int avr_jtag_sendinstr(jtag_tap_t *tap, u8 *ir_in, u8 ir_out);\r
+extern int avr_jtag_senddat(jtag_tap_t *tap, u32 *dr_in, u32 dr_out, int len);\r
+\r
+extern int mcu_write_ir(jtag_tap_t *tap, u8 *ir_in, u8 *ir_out, int ir_len, int rti);\r
+extern int mcu_write_dr(jtag_tap_t *tap, u8 *ir_in, u8 *ir_out, int dr_len, int rti);\r
+extern int mcu_write_ir_u8(jtag_tap_t *tap, u8 *ir_in, u8 ir_out, int ir_len, int rti);\r
+extern int mcu_write_dr_u8(jtag_tap_t *tap, u8 *ir_in, u8 ir_out, int dr_len, int rti);\r
+extern int mcu_write_ir_u16(jtag_tap_t *tap, u16 *ir_in, u16 ir_out, int ir_len, int rti);\r
+extern int mcu_write_dr_u16(jtag_tap_t *tap, u16 *ir_in, u16 ir_out, int dr_len, int rti);\r
+extern int mcu_write_ir_u32(jtag_tap_t *tap, u32 *ir_in, u32 ir_out, int ir_len, int rti);\r
+extern int mcu_write_dr_u32(jtag_tap_t *tap, u32 *ir_in, u32 ir_out, int dr_len, int rti);\r
+extern int mcu_execute_queue(void);\r
+\r
+flash_driver_t avr_flash =\r
+{\r
+ .name = "avr",\r
+ .register_commands = avrf_register_commands,\r
+ .flash_bank_command = avrf_flash_bank_command,\r
+ .erase = avrf_erase,\r
+ .protect = avrf_protect,\r
+ .write = avrf_write,\r
+ .probe = avrf_probe,\r
+ .auto_probe = avrf_auto_probe,\r
+ .erase_check = default_flash_mem_blank_check,\r
+ .protect_check = avrf_protect_check,\r
+ .info = avrf_info\r
+};\r
+\r
+/* avr program functions */\r
+static int avr_jtag_reset(avr_common_t *avr, u32 reset)\r
+{\r
+ avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_AVR_RESET);\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, reset ,AVR_JTAG_REG_Reset_Len);\r
+ \r
+ return ERROR_OK;\r
+}\r
+\r
+static int avr_jtag_read_jtagid(avr_common_t *avr, u32 *id)\r
+{\r
+ avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_IDCODE);\r
+ avr_jtag_senddat(avr->jtag_info.tap, id, 0, AVR_JTAG_REG_JTAGID_Len);\r
+ \r
+ return ERROR_OK;\r
+}\r
+\r
+static int avr_jtagprg_enterprogmode(avr_common_t *avr)\r
+{\r
+ avr_jtag_reset(avr, 1);\r
+ \r
+ avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_PROG_ENABLE);\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0xA370, AVR_JTAG_REG_ProgrammingEnable_Len);\r
+ \r
+ return ERROR_OK;\r
+}\r
+\r
+static int avr_jtagprg_leaveprogmode(avr_common_t *avr)\r
+{\r
+ avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_PROG_COMMANDS);\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x2300, AVR_JTAG_REG_ProgrammingCommand_Len);\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3300, AVR_JTAG_REG_ProgrammingCommand_Len);\r
+\r
+ avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_PROG_ENABLE);\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0, AVR_JTAG_REG_ProgrammingEnable_Len);\r
+\r
+ avr_jtag_reset(avr, 0);\r
+ \r
+ return ERROR_OK;\r
+}\r
+\r
+static int avr_jtagprg_chiperase(avr_common_t *avr)\r
+{\r
+ u32 poll_value;\r
+ \r
+ avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_PROG_COMMANDS);\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x2380, AVR_JTAG_REG_ProgrammingCommand_Len);\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3180, AVR_JTAG_REG_ProgrammingCommand_Len);\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3380, AVR_JTAG_REG_ProgrammingCommand_Len);\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3380, AVR_JTAG_REG_ProgrammingCommand_Len);\r
+ \r
+ do{\r
+ poll_value = 0;\r
+ avr_jtag_senddat(avr->jtag_info.tap, &poll_value, 0x3380, AVR_JTAG_REG_ProgrammingCommand_Len);\r
+ if (ERROR_OK != mcu_execute_queue())\r
+ {\r
+ return ERROR_FAIL;\r
+ }\r
+ LOG_DEBUG("poll_value = 0x%04X", poll_value);\r
+ }while(!(poll_value & 0x0200));\r
+ \r
+ return ERROR_OK;\r
+}\r
+\r
+static int avr_jtagprg_writeflashpage(avr_common_t *avr, u8 *page_buf, u32 buf_size, u32 addr, u32 page_size)\r
+{\r
+ u32 i, poll_value;\r
+ \r
+ avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_PROG_COMMANDS);\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x2310, AVR_JTAG_REG_ProgrammingCommand_Len);\r
+ \r
+ // load addr high byte\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x0700 | ((addr >> 9) & 0xFF), AVR_JTAG_REG_ProgrammingCommand_Len);\r
+ \r
+ // load addr low byte\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x0300 | ((addr >> 1) & 0xFF), AVR_JTAG_REG_ProgrammingCommand_Len);\r
+ \r
+ avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_PROG_PAGELOAD);\r
+ \r
+ for (i = 0; i < page_size; i++)\r
+ {\r
+ if (i < buf_size)\r
+ {\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, page_buf[i], 8);\r
+ }\r
+ else\r
+ {\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0xFF, 8);\r
+ }\r
+ }\r
+ \r
+ avr_jtag_sendinstr(avr->jtag_info.tap, NULL, AVR_JTAG_INS_PROG_COMMANDS);\r
+ \r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3700, AVR_JTAG_REG_ProgrammingCommand_Len);\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3500, AVR_JTAG_REG_ProgrammingCommand_Len);\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3700, AVR_JTAG_REG_ProgrammingCommand_Len);\r
+ avr_jtag_senddat(avr->jtag_info.tap, NULL, 0x3700, AVR_JTAG_REG_ProgrammingCommand_Len);\r
+ \r
+ do{\r
+ poll_value = 0;\r
+ avr_jtag_senddat(avr->jtag_info.tap, &poll_value, 0x3700, AVR_JTAG_REG_ProgrammingCommand_Len);\r
+ if (ERROR_OK != mcu_execute_queue())\r
+ {\r
+ return ERROR_FAIL;\r
+ }\r
+ LOG_DEBUG("poll_value = 0x%04X", poll_value);\r
+ }while(!(poll_value & 0x0200));\r
+ \r
+ return ERROR_OK;\r
+}\r
+\r
+/* interface command */\r
+static int avrf_register_commands(struct command_context_s *cmd_ctx)\r
+{\r
+ command_t *avr_cmd = register_command(cmd_ctx, NULL, "avr", NULL, COMMAND_ANY, "avr flash specific commands");\r
+ \r
+ register_command(cmd_ctx, avr_cmd, "mass_erase", avrf_handle_mass_erase_command, COMMAND_EXEC,\r
+ "mass erase device");\r
+ \r
+ return ERROR_OK;\r
+}\r
+\r
+static int avrf_flash_bank_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc, struct flash_bank_s *bank)\r
+{\r
+ avrf_flash_bank_t *avrf_info;\r
+ \r
+ if (argc < 6)\r
+ {\r
+ LOG_WARNING("incomplete flash_bank avr configuration");\r
+ return ERROR_FLASH_BANK_INVALID;\r
+ }\r
+ \r
+ avrf_info = malloc(sizeof(avrf_flash_bank_t));\r
+ bank->driver_priv = avrf_info;\r
+ \r
+ avrf_info->probed = 0;\r
+ \r
+ return ERROR_OK;\r
+}\r
+\r
+static int avrf_erase(struct flash_bank_s *bank, int first, int last)\r
+{\r
+ LOG_INFO(__FUNCTION__);\r
+ return ERROR_OK;\r
+}\r
+\r
+static int avrf_protect(struct flash_bank_s *bank, int set, int first, int last)\r
+{\r
+ LOG_INFO(__FUNCTION__);\r
+ return ERROR_OK;\r
+}\r
+\r
+static int avrf_write(struct flash_bank_s *bank, u8 *buffer, u32 offset, u32 count)\r
+{\r
+ target_t *target = bank->target;\r
+ avr_common_t *avr = target->arch_info;\r
+ u32 cur_size, cur_buffer_size, page_size;\r
+ \r
+ if (bank->target->state != TARGET_HALTED)\r
+ {\r
+ LOG_ERROR("Target not halted");\r
+ return ERROR_TARGET_NOT_HALTED;\r
+ }\r
+ \r
+ page_size = bank->sectors[0].size;\r
+ if ((offset % page_size) != 0)\r
+ {\r
+ LOG_WARNING("offset 0x%x breaks required %d-byte alignment", offset, page_size);\r
+ return ERROR_FLASH_DST_BREAKS_ALIGNMENT;\r
+ }\r
+ \r
+ LOG_DEBUG("offset is 0x%08X", offset);\r
+ LOG_DEBUG("count is %d", count);\r
+ \r
+ if (ERROR_OK != avr_jtagprg_enterprogmode(avr))\r
+ {\r
+ return ERROR_FAIL;\r
+ }\r
+ \r
+ cur_size = 0;\r
+ while(count > 0)\r
+ {\r
+ if (count > page_size)\r
+ {\r
+ cur_buffer_size = page_size;\r
+ }\r
+ else\r
+ {\r
+ cur_buffer_size = count;\r
+ }\r
+ avr_jtagprg_writeflashpage(avr, buffer + cur_size, cur_buffer_size, offset + cur_size, page_size);\r
+ count -= cur_buffer_size;\r
+ cur_size += cur_buffer_size;\r
+ \r
+ keep_alive();\r
+ }\r
+ \r
+ return avr_jtagprg_leaveprogmode(avr);\r
+}\r
+\r
+#define EXTRACT_MFG(X) (((X) & 0xffe) >> 1)\r
+#define EXTRACT_PART(X) (((X) & 0xffff000) >> 12)\r
+#define EXTRACT_VER(X) (((X) & 0xf0000000) >> 28)\r
+static int avrf_probe(struct flash_bank_s *bank)\r
+{\r
+ target_t *target = bank->target;\r
+ avrf_flash_bank_t *avrf_info = bank->driver_priv;\r
+ avr_common_t *avr = target->arch_info;\r
+ avrf_type_t *avr_info;\r
+ int i;\r
+ u32 device_id;\r
+ \r
+ if (bank->target->state != TARGET_HALTED)\r
+ {\r
+ LOG_ERROR("Target not halted");\r
+ return ERROR_TARGET_NOT_HALTED;\r
+ }\r
+\r
+ avrf_info->probed = 0;\r
+ \r
+ avr_jtag_read_jtagid(avr, &device_id);\r
+ if (ERROR_OK != mcu_execute_queue())\r
+ {\r
+ return ERROR_FAIL;\r
+ }\r
+ \r
+ LOG_INFO( "device id = 0x%08x", device_id );\r
+ if (EXTRACT_MFG(device_id) != 0x1F)\r
+ {\r
+ LOG_ERROR("0x%X is invalid Manufacturer for avr, 0x%X is expected", EXTRACT_MFG(device_id), 0x1F);\r
+ }\r
+ \r
+ for (i = 0; i < (int)(sizeof(avft_chips_info) / sizeof(avft_chips_info[0])); i++)\r
+ {\r
+ if (avft_chips_info[i].chip_id == EXTRACT_PART(device_id))\r
+ {\r
+ avr_info = &avft_chips_info[i];\r
+ LOG_INFO("target device is %s", avr_info->name);\r
+ break;\r
+ }\r
+ }\r
+ \r
+ if (i < (int)(sizeof(avft_chips_info) / sizeof(avft_chips_info[0])))\r
+ {\r
+ // chip found\r
+ bank->base = 0x00000000;\r
+ bank->size = (avr_info->flash_page_size * avr_info->flash_page_num);\r
+ bank->num_sectors = avr_info->flash_page_num;\r
+ bank->sectors = malloc(sizeof(flash_sector_t) * avr_info->flash_page_num);\r
+ \r
+ for (i = 0; i < avr_info->flash_page_num; i++)\r
+ {\r
+ bank->sectors[i].offset = i * avr_info->flash_page_size;\r
+ bank->sectors[i].size = avr_info->flash_page_size;\r
+ bank->sectors[i].is_erased = -1;\r
+ bank->sectors[i].is_protected = 1;\r
+ }\r
+ \r
+ avrf_info->probed = 1;\r
+ return ERROR_OK;\r
+ }\r
+ else\r
+ {\r
+ // chip not supported\r
+ LOG_ERROR("0x%X is not support for avr", EXTRACT_PART(device_id));\r
+ \r
+ avrf_info->probed = 1;\r
+ return ERROR_FAIL;\r
+ }\r
+}\r
+\r
+static int avrf_auto_probe(struct flash_bank_s *bank)\r
+{\r
+ avrf_flash_bank_t *avrf_info = bank->driver_priv;\r
+ if (avrf_info->probed)\r
+ return ERROR_OK;\r
+ return avrf_probe(bank);\r
+}\r
+\r
+static int avrf_protect_check(struct flash_bank_s *bank)\r
+{\r
+ LOG_INFO(__FUNCTION__);\r
+ return ERROR_OK;\r
+}\r
+\r
+static int avrf_info(struct flash_bank_s *bank, char *buf, int buf_size)\r
+{\r
+ target_t *target = bank->target;\r
+ avr_common_t *avr = target->arch_info;\r
+ avrf_type_t *avr_info;\r
+ int i;\r
+ u32 device_id;\r
+ \r
+ if (bank->target->state != TARGET_HALTED)\r
+ {\r
+ LOG_ERROR("Target not halted");\r
+ return ERROR_TARGET_NOT_HALTED;\r
+ }\r
+ \r
+ avr_jtag_read_jtagid(avr, &device_id);\r
+ if (ERROR_OK != mcu_execute_queue())\r
+ {\r
+ return ERROR_FAIL;\r
+ }\r
+ \r
+ LOG_INFO( "device id = 0x%08x", device_id );\r
+ if (EXTRACT_MFG(device_id) != 0x1F)\r
+ {\r
+ LOG_ERROR("0x%X is invalid Manufacturer for avr, 0x%X is expected", EXTRACT_MFG(device_id), 0x1F);\r
+ }\r
+ \r
+ for (i = 0; i < (int)(sizeof(avft_chips_info) / sizeof(avft_chips_info[0])); i++)\r
+ {\r
+ if (avft_chips_info[i].chip_id == EXTRACT_PART(device_id))\r
+ {\r
+ avr_info = &avft_chips_info[i];\r
+ LOG_INFO("target device is %s", avr_info->name);\r
+ \r
+ return ERROR_OK;\r
+ }\r
+ }\r
+ \r
+ if (i < (int)(sizeof(avft_chips_info) / sizeof(avft_chips_info[0])))\r
+ {\r
+ // chip found\r
+ snprintf(buf, buf_size, "%s - Rev: 0x%X", avr_info->name, EXTRACT_VER(device_id));\r
+ return ERROR_OK;\r
+ }\r
+ else\r
+ {\r
+ // chip not supported\r
+ snprintf(buf, buf_size, "Cannot identify target as a avr\n");\r
+ return ERROR_FLASH_OPERATION_FAILED;\r
+ }\r
+}\r
+\r
+static int avrf_mass_erase(struct flash_bank_s *bank)\r
+{\r
+ target_t *target = bank->target;\r
+ avr_common_t *avr = target->arch_info;\r
+ \r
+ if (target->state != TARGET_HALTED)\r
+ {\r
+ LOG_ERROR("Target not halted");\r
+ return ERROR_TARGET_NOT_HALTED;\r
+ }\r
+ \r
+ if ((ERROR_OK != avr_jtagprg_enterprogmode(avr))\r
+ || (ERROR_OK != avr_jtagprg_chiperase(avr))\r
+ || (ERROR_OK != avr_jtagprg_leaveprogmode(avr)))\r
+ {\r
+ return ERROR_FAIL;\r
+ }\r
+ \r
+ return ERROR_OK;\r
+}\r
+\r
+static int avrf_handle_mass_erase_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)\r
+{\r
+ flash_bank_t *bank;\r
+ int i;\r
+ \r
+ if (argc < 1)\r
+ {\r
+ command_print(cmd_ctx, "avr mass_erase <bank>");\r
+ return ERROR_OK; \r
+ }\r
+ \r
+ bank = get_flash_bank_by_num(strtoul(args[0], NULL, 0));\r
+ if (!bank)\r
+ {\r
+ command_print(cmd_ctx, "flash bank '#%s' is out of bounds", args[0]);\r
+ return ERROR_OK;\r
+ }\r
+ \r
+ if (avrf_mass_erase(bank) == ERROR_OK)\r
+ {\r
+ /* set all sectors as erased */\r
+ for (i = 0; i < bank->num_sectors; i++)\r
+ {\r
+ bank->sectors[i].is_erased = 1;\r
+ }\r
+ \r
+ command_print(cmd_ctx, "avr mass erase complete");\r
+ }\r
+ else\r
+ {\r
+ command_print(cmd_ctx, "avr mass erase failed");\r
+ }\r
+ \r
+ LOG_DEBUG(__FUNCTION__);\r
+ return ERROR_OK;\r
+}\r