int embeddedice_read_reg_w_check(reg_t *reg, u8* check_value, u8* check_mask)
{
embeddedice_reg_t *ice_reg = reg->arch_info;
u8 reg_addr = ice_reg->addr & 0x1f;
scan_field_t fields[3];
u8 field1_out[1];
u8 field2_out[1];
jtag_add_end_state(TAP_IDLE);
arm_jtag_scann(ice_reg->jtag_info, 0x2);
arm_jtag_set_instr(ice_reg->jtag_info, ice_reg->jtag_info->intest_instr, NULL);
fields[0].tap = ice_reg->jtag_info->tap;
fields[0].num_bits = 32;
fields[0].out_value = reg->value;
fields[0].out_mask = NULL;
fields[0].in_value = NULL;
fields[0].in_check_value = NULL;
fields[0].in_check_mask = NULL;
fields[0].in_handler = NULL;
fields[0].in_handler_priv = NULL;
fields[1].tap = ice_reg->jtag_info->tap;
fields[1].num_bits = 5;
fields[1].out_value = field1_out;
buf_set_u32(fields[1].out_value, 0, 5, reg_addr);
fields[1].out_mask = NULL;
fields[1].in_value = NULL;
fields[1].in_check_value = NULL;
fields[1].in_check_mask = NULL;
fields[1].in_handler = NULL;
fields[1].in_handler_priv = NULL;
fields[2].tap = ice_reg->jtag_info->tap;
fields[2].num_bits = 1;
fields[2].out_value = field2_out;
buf_set_u32(fields[2].out_value, 0, 1, 0);
fields[2].out_mask = NULL;
fields[2].in_value = NULL;
fields[2].in_check_value = NULL;
fields[2].in_check_mask = NULL;
fields[2].in_handler = NULL;
fields[2].in_handler_priv = NULL;
jtag_add_dr_scan(3, fields, -1);
fields[0].in_value = reg->value;
jtag_set_check_value(fields+0, check_value, check_mask, NULL);
/* when reading the DCC data register, leaving the address field set to
* EICE_COMMS_DATA would read the register twice
* reading the control register is safe
*/
buf_set_u32(fields[1].out_value, 0, 5, embeddedice_reg_arch_info[EICE_COMMS_CTRL]);
jtag_add_dr_scan(3, fields, -1);
return ERROR_OK;
}
static int str9xpec_blank_check(struct flash_bank *bank, int first, int last)
{
struct scan_field field;
uint8_t status;
struct jtag_tap *tap;
int i;
uint8_t *buffer = NULL;
struct str9xpec_flash_controller *str9xpec_info = bank->driver_priv;
tap = str9xpec_info->tap;
if (!str9xpec_info->isc_enable)
str9xpec_isc_enable(bank);
if (!str9xpec_info->isc_enable)
return ERROR_FLASH_OPERATION_FAILED;
buffer = calloc(DIV_ROUND_UP(64, 8), 1);
LOG_DEBUG("blank check: first_bank: %i, last_bank: %i", first, last);
for (i = first; i <= last; i++)
buf_set_u32(buffer, str9xpec_info->sector_bits[i], 1, 1);
/* execute ISC_BLANK_CHECK command */
str9xpec_set_instr(tap, ISC_BLANK_CHECK, TAP_IRPAUSE);
field.num_bits = 64;
field.out_value = buffer;
field.in_value = NULL;
jtag_add_dr_scan(tap, 1, &field, TAP_IDLE);
jtag_add_sleep(40000);
/* read blank check result */
field.num_bits = 64;
field.out_value = NULL;
field.in_value = buffer;
jtag_add_dr_scan(tap, 1, &field, TAP_IRPAUSE);
jtag_execute_queue();
status = str9xpec_isc_status(tap);
for (i = first; i <= last; i++) {
if (buf_get_u32(buffer, str9xpec_info->sector_bits[i], 1))
bank->sectors[i].is_erased = 0;
else
bank->sectors[i].is_erased = 1;
}
free(buffer);
str9xpec_isc_disable(bank);
if ((status & ISC_STATUS_ERROR) != STR9XPEC_ISC_SUCCESS)
return ERROR_FLASH_OPERATION_FAILED;
return ERROR_OK;
}
/**
* Poll DCC control register until read or write handshake completes.
*/
int embeddedice_handshake(struct arm_jtag *jtag_info, int hsbit, uint32_t timeout)
{
struct scan_field fields[3];
uint8_t field0_in[4];
uint8_t field1_out[1];
uint8_t field2_out[1];
int retval;
uint32_t hsact;
struct timeval lap;
struct timeval now;
if (hsbit == EICE_COMM_CTRL_WBIT)
hsact = 1;
else if (hsbit == EICE_COMM_CTRL_RBIT)
hsact = 0;
else {
LOG_ERROR("Invalid arguments");
return ERROR_COMMAND_SYNTAX_ERROR;
}
retval = arm_jtag_scann(jtag_info, 0x2, TAP_IDLE);
if (retval != ERROR_OK)
return retval;
retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_IDLE);
if (retval != ERROR_OK)
return retval;
fields[0].num_bits = 32;
fields[0].out_value = NULL;
fields[0].in_value = field0_in;
fields[1].num_bits = 5;
fields[1].out_value = field1_out;
field1_out[0] = eice_regs[EICE_COMMS_DATA].addr;
fields[1].in_value = NULL;
fields[2].num_bits = 1;
fields[2].out_value = field2_out;
field2_out[0] = 0;
fields[2].in_value = NULL;
jtag_add_dr_scan(jtag_info->tap, 3, fields, TAP_IDLE);
gettimeofday(&lap, NULL);
do {
jtag_add_dr_scan(jtag_info->tap, 3, fields, TAP_IDLE);
retval = jtag_execute_queue();
if (retval != ERROR_OK)
return retval;
if (buf_get_u32(field0_in, hsbit, 1) == hsact)
return ERROR_OK;
gettimeofday(&now, NULL);
} while ((uint32_t)((now.tv_sec - lap.tv_sec) * 1000
+ (now.tv_usec - lap.tv_usec) / 1000) <= timeout);
LOG_ERROR("embeddedice handshake timeout");
return ERROR_TARGET_TIMEOUT;
}
/** Execute one instruction via ITR repeatedly while
* passing data to the core via DTR on each execution.
*
* No Ready check during transmission.
*
* The executed instruction \em must read data from DTR.
*
* \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
*
* \param arm11 Target state variable.
* \param opcode ARM opcode
* \param data Pointer to the data words to be passed to the core
* \param count Number of data words and instruction repetitions
*
*/
void arm11_run_instr_data_to_core_noack(arm11_common_t * arm11, u32 opcode, u32 * data, size_t count)
{
arm11_add_IR(arm11, ARM11_ITRSEL, -1);
arm11_add_debug_INST(arm11, opcode, NULL, TAP_DRPAUSE);
arm11_add_IR(arm11, ARM11_EXTEST, -1);
scan_field_t chain5_fields[3];
arm11_setup_field(arm11, 32, NULL/*&Data*/, NULL, chain5_fields + 0);
arm11_setup_field(arm11, 1, NULL, NULL /*&Ready*/, chain5_fields + 1);
arm11_setup_field(arm11, 1, NULL, NULL, chain5_fields + 2);
u8 Readies[count + 1];
u8 * ReadyPos = Readies;
while (count--)
{
chain5_fields[0].out_value = (void *)(data++);
chain5_fields[1].in_value = ReadyPos++;
if (count)
{
jtag_add_dr_scan(asizeof(chain5_fields), chain5_fields, TAP_DRPAUSE);
jtag_add_pathmove(asizeof(arm11_MOVE_DRPAUSE_IDLE_DRPAUSE_with_delay),
arm11_MOVE_DRPAUSE_IDLE_DRPAUSE_with_delay);
}
else
{
jtag_add_dr_scan(asizeof(chain5_fields), chain5_fields, TAP_IDLE);
}
}
arm11_add_IR(arm11, ARM11_INTEST, -1);
chain5_fields[0].out_value = 0;
chain5_fields[1].in_value = ReadyPos++;
arm11_add_dr_scan_vc(asizeof(chain5_fields), chain5_fields, TAP_DRPAUSE);
jtag_execute_queue();
size_t error_count = 0;
{size_t i;
for (i = 0; i < asizeof(Readies); i++)
{
if (Readies[i] != 1)
{
error_count++;
}
}}
if (error_count)
LOG_ERROR("Transfer errors " ZU, error_count);
}
int arm9tdmi_examine_debug_reason(struct target *target)
{
int retval = ERROR_OK;
struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
/* only check the debug reason if we don't know it already */
if ((target->debug_reason != DBG_REASON_DBGRQ)
&& (target->debug_reason != DBG_REASON_SINGLESTEP)) {
struct scan_field fields[3];
uint8_t databus[4];
uint8_t instructionbus[4];
uint8_t debug_reason;
fields[0].num_bits = 32;
fields[0].out_value = NULL;
fields[0].in_value = databus;
fields[1].num_bits = 3;
fields[1].out_value = NULL;
fields[1].in_value = &debug_reason;
fields[2].num_bits = 32;
fields[2].out_value = NULL;
fields[2].in_value = instructionbus;
retval = arm_jtag_scann(&arm7_9->jtag_info, 0x1, TAP_DRPAUSE);
if (retval != ERROR_OK)
return retval;
retval = arm_jtag_set_instr(arm7_9->jtag_info.tap, arm7_9->jtag_info.intest_instr, NULL, TAP_DRPAUSE);
if (retval != ERROR_OK)
return retval;
jtag_add_dr_scan(arm7_9->jtag_info.tap, 3, fields, TAP_DRPAUSE);
retval = jtag_execute_queue();
if (retval != ERROR_OK)
return retval;
fields[0].in_value = NULL;
fields[0].out_value = databus;
fields[1].in_value = NULL;
fields[1].out_value = &debug_reason;
fields[2].in_value = NULL;
fields[2].out_value = instructionbus;
jtag_add_dr_scan(arm7_9->jtag_info.tap, 3, fields, TAP_DRPAUSE);
if (debug_reason & 0x4)
if (debug_reason & 0x2)
target->debug_reason = DBG_REASON_WPTANDBKPT;
else
target->debug_reason = DBG_REASON_WATCHPOINT;
else
target->debug_reason = DBG_REASON_BREAKPOINT;
}
return ERROR_OK;
}
static int str9xpec_write_options(struct flash_bank *bank)
{
struct scan_field field;
uint8_t status;
struct jtag_tap *tap;
struct str9xpec_flash_controller *str9xpec_info = NULL;
str9xpec_info = bank->driver_priv;
tap = str9xpec_info->tap;
/* erase config options first */
status = str9xpec_erase_area(bank, 0xFE, 0xFE);
if ((status & ISC_STATUS_ERROR) != STR9XPEC_ISC_SUCCESS)
return status;
if (!str9xpec_info->isc_enable)
str9xpec_isc_enable(bank);
if (!str9xpec_info->isc_enable)
return ISC_STATUS_ERROR;
/* according to data 64th bit has to be set */
buf_set_u32(str9xpec_info->options, 63, 1, 1);
/* set option byte address */
str9xpec_set_address(bank, 0x50);
/* execute ISC_PROGRAM command */
str9xpec_set_instr(tap, ISC_PROGRAM, TAP_IRPAUSE);
field.num_bits = 64;
field.out_value = str9xpec_info->options;
field.in_value = NULL;
jtag_add_dr_scan(tap, 1, &field, TAP_IDLE);
/* small delay before polling */
jtag_add_sleep(50);
str9xpec_set_instr(tap, ISC_NOOP, TAP_IRPAUSE);
do {
field.num_bits = 8;
field.out_value = NULL;
field.in_value = &status;
jtag_add_dr_scan(tap, 1, &field, TAP_IRPAUSE);
jtag_execute_queue();
} while (!(status & ISC_STATUS_BUSY));
str9xpec_isc_disable(bank);
return status;
}
static int arm720t_scan_cp15(struct target *target,
uint32_t out, uint32_t *in, int instruction, int clock_arg)
{
int retval;
struct arm720t_common *arm720t = target_to_arm720(target);
struct arm_jtag *jtag_info;
struct scan_field fields[2];
uint8_t out_buf[4];
uint8_t instruction_buf = instruction;
jtag_info = &arm720t->arm7_9_common.jtag_info;
buf_set_u32(out_buf, 0, 32, flip_u32(out, 32));
retval = arm_jtag_scann(jtag_info, 0xf, TAP_DRPAUSE);
if (retval != ERROR_OK)
return retval;
retval = arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_DRPAUSE);
if (retval != ERROR_OK)
return retval;
fields[0].num_bits = 1;
fields[0].out_value = &instruction_buf;
fields[0].in_value = NULL;
fields[1].num_bits = 32;
fields[1].out_value = out_buf;
fields[1].in_value = NULL;
if (in) {
fields[1].in_value = (uint8_t *)in;
jtag_add_dr_scan(jtag_info->tap, 2, fields, TAP_DRPAUSE);
jtag_add_callback(arm7flip32, (jtag_callback_data_t)in);
} else
jtag_add_dr_scan(jtag_info->tap, 2, fields, TAP_DRPAUSE);
if (clock_arg)
jtag_add_runtest(0, TAP_DRPAUSE);
#ifdef _DEBUG_INSTRUCTION_EXECUTION_
retval = jtag_execute_queue();
if (retval != ERROR_OK)
return retval;
if (in)
LOG_DEBUG("out: %8.8x, in: %8.8x, instruction: %i, clock: %i", out, *in, instruction, clock);
else
LOG_DEBUG("out: %8.8x, instruction: %i, clock: %i", out, instruction, clock_arg);
#else
LOG_DEBUG("out: %8.8" PRIx32 ", instruction: %i, clock: %i", out, instruction, clock_arg);
#endif
return ERROR_OK;
}
static int arm920t_read_cp15_physical(struct target *target,
int reg_addr, uint32_t *value)
{
struct arm920t_common *arm920t = target_to_arm920(target);
struct arm_jtag *jtag_info;
struct scan_field fields[4];
uint8_t access_type_buf = 1;
uint8_t reg_addr_buf = reg_addr & 0x3f;
uint8_t nr_w_buf = 0;
int retval;
jtag_info = &arm920t->arm7_9_common.jtag_info;
retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
if (retval != ERROR_OK)
return retval;
retval = arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);
if (retval != ERROR_OK)
return retval;
fields[0].num_bits = 1;
fields[0].out_value = &access_type_buf;
fields[0].in_value = NULL;
fields[1].num_bits = 32;
fields[1].out_value = NULL;
fields[1].in_value = NULL;
fields[2].num_bits = 6;
fields[2].out_value = ®_addr_buf;
fields[2].in_value = NULL;
fields[3].num_bits = 1;
fields[3].out_value = &nr_w_buf;
fields[3].in_value = NULL;
jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
fields[1].in_value = (uint8_t *)value;
jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
#ifdef _DEBUG_INSTRUCTION_EXECUTION_
jtag_execute_queue();
LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
#endif
return ERROR_OK;
}
static int arm966e_read_cp15(struct target *target, int reg_addr, uint32_t *value)
{
int retval = ERROR_OK;
struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
struct arm_jtag *jtag_info = &arm7_9->jtag_info;
struct scan_field fields[3];
uint8_t reg_addr_buf = reg_addr & 0x3f;
uint8_t nr_w_buf = 0;
retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
if (retval != ERROR_OK)
return retval;
retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_IDLE);
if (retval != ERROR_OK)
return retval;
fields[0].num_bits = 32;
/* REVISIT: table 7-2 shows that bits 31-31 need to be
* specified for accessing BIST registers ...
*/
fields[0].out_value = NULL;
fields[0].in_value = NULL;
fields[1].num_bits = 6;
fields[1].out_value = ®_addr_buf;
fields[1].in_value = NULL;
fields[2].num_bits = 1;
fields[2].out_value = &nr_w_buf;
fields[2].in_value = NULL;
jtag_add_dr_scan(jtag_info->tap, 3, fields, TAP_IDLE);
fields[1].in_value = (uint8_t *)value;
jtag_add_dr_scan(jtag_info->tap, 3, fields, TAP_IDLE);
jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
#ifdef _DEBUG_INSTRUCTION_EXECUTION_
retval = jtag_execute_queue();
if (retval != ERROR_OK)
return retval;
LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
#endif
return ERROR_OK;
}
int avr32_jtag_nexus_set_address(struct avr32_jtag *jtag_info,
uint32_t addr, int mode)
{
struct scan_field fields[2];
uint8_t addr_buf[4];
uint8_t busy_buf[4];
int busy;
memset(fields, 0, sizeof(fields));
do {
memset(addr_buf, 0, sizeof(addr_buf));
memset(busy_buf, 0, sizeof(busy_buf));
buf_set_u32(addr_buf, 0, 1, mode);
buf_set_u32(addr_buf, 1, 7, addr);
fields[0].num_bits = 26;
fields[0].in_value = NULL;
fields[0].out_value = NULL;
fields[1].num_bits = 8;
fields[1].in_value = busy_buf;
fields[1].out_value = addr_buf;
jtag_add_dr_scan(jtag_info->tap, 2, fields, TAP_IDLE);
if (jtag_execute_queue() != ERROR_OK) {
LOG_ERROR("%s: setting address failed", __func__);
return ERROR_FAIL;
}
busy = buf_get_u32(busy_buf, 6, 1);
} while (busy);
return ERROR_OK;
}
/**
* Set transaction in command register. This function sets instruction register
* and then transaction register, there is no need to invoke write_ir before
* invoking this function.
*
* @param jtag_info
* @param new_trans Transaction to write to transaction command register.
* @param end_state End state after writing.
*/
static void arc_jtag_set_transaction(struct arc_jtag *jtag_info,
arc_jtag_transaction_t new_trans, tap_state_t end_state)
{
assert(jtag_info != NULL);
assert(jtag_info->tap != NULL);
/* No need to do anything. */
if (jtag_info->cur_trans == new_trans)
return;
/* Set instruction. We used to call write_ir at upper levels, however
* write_ir-write_transaction were constantly in pair, so to avoid code
* duplication this function does it self. For this reasons it is "set"
* instead of "write". */
arc_jtag_write_ir(jtag_info, ARC_TRANSACTION_CMD_REG);
jtag_info->tap_end_state = end_state;
uint8_t out_value[4];
buf_set_u32(out_value, 0, ARC_TRANSACTION_CMD_REG_LENGTH, new_trans);
struct scan_field field;
field.num_bits = ARC_TRANSACTION_CMD_REG_LENGTH;
field.out_value = out_value;
field.in_value = NULL;
jtag_add_dr_scan(jtag_info->tap, 1, &field, jtag_info->tap_end_state);
jtag_info->cur_trans = new_trans;
}
int riscv_batch_run(struct riscv_batch *batch)
{
if (batch->used_scans == 0) {
LOG_DEBUG("Ignoring empty batch.");
return ERROR_OK;
}
keep_alive();
LOG_DEBUG("running a batch of %ld scans", (long)batch->used_scans);
riscv_batch_add_nop(batch);
for (size_t i = 0; i < batch->used_scans; ++i) {
jtag_add_dr_scan(batch->target->tap, 1, batch->fields + i, TAP_IDLE);
if (batch->idle_count > 0)
jtag_add_runtest(batch->idle_count, TAP_IDLE);
}
LOG_DEBUG("executing queue");
if (jtag_execute_queue() != ERROR_OK) {
LOG_ERROR("Unable to execute JTAG queue");
return ERROR_FAIL;
}
for (size_t i = 0; i < batch->used_scans; ++i)
dump_field(batch->fields + i);
return ERROR_OK;
}
u8 str9xpec_isc_status(jtag_tap_t *tap)
{
scan_field_t field;
u8 status;
if (str9xpec_set_instr(tap, ISC_NOOP, TAP_IRPAUSE) != ERROR_OK)
return ISC_STATUS_ERROR;
field.tap = tap;
field.num_bits = 8;
field.out_value = NULL;
field.out_mask = NULL;
field.in_value = &status;
field.in_check_value = NULL;
field.in_check_mask = NULL;
field.in_handler = NULL;
field.in_handler_priv = NULL;
jtag_add_dr_scan(1, &field, TAP_IDLE);
jtag_execute_queue();
LOG_DEBUG("status: 0x%2.2x", status);
if (status & ISC_STATUS_SECURITY)
LOG_INFO("Device Security Bit Set");
return status;
}
int str9xpec_read_config(struct flash_bank_s *bank)
{
scan_field_t field;
u8 status;
jtag_tap_t *tap;
str9xpec_flash_controller_t *str9xpec_info = bank->driver_priv;
tap = str9xpec_info->tap;
LOG_DEBUG("ISC_CONFIGURATION");
/* execute ISC_CONFIGURATION command */
str9xpec_set_instr(tap, ISC_CONFIGURATION, TAP_IRPAUSE);
field.tap = tap;
field.num_bits = 64;
field.out_value = NULL;
field.out_mask = NULL;
field.in_value = str9xpec_info->options;
field.in_check_value = NULL;
field.in_check_mask = NULL;
field.in_handler = NULL;
field.in_handler_priv = NULL;
jtag_add_dr_scan(1, &field, TAP_IDLE);
jtag_execute_queue();
status = str9xpec_isc_status(tap);
return status;
}
int str9xpec_set_address(struct flash_bank_s *bank, u8 sector)
{
jtag_tap_t *tap;
scan_field_t field;
str9xpec_flash_controller_t *str9xpec_info = bank->driver_priv;
tap = str9xpec_info->tap;
/* set flash controller address */
str9xpec_set_instr(tap, ISC_ADDRESS_SHIFT, TAP_IRPAUSE);
field.tap = tap;
field.num_bits = 8;
field.out_value = §or;
field.out_mask = NULL;
field.in_value = NULL;
field.in_check_value = NULL;
field.in_check_mask = NULL;
field.in_handler = NULL;
field.in_handler_priv = NULL;
jtag_add_dr_scan(1, &field, -1);
return ERROR_OK;
}
static int str9xpec_read_config(struct flash_bank *bank)
{
struct scan_field field;
uint8_t status;
struct jtag_tap *tap;
struct str9xpec_flash_controller *str9xpec_info = bank->driver_priv;
tap = str9xpec_info->tap;
LOG_DEBUG("ISC_CONFIGURATION");
/* execute ISC_CONFIGURATION command */
str9xpec_set_instr(tap, ISC_CONFIGURATION, TAP_IRPAUSE);
field.num_bits = 64;
field.out_value = NULL;
field.in_value = str9xpec_info->options;
jtag_add_dr_scan(tap, 1, &field, TAP_IDLE);
jtag_execute_queue();
status = str9xpec_isc_status(tap);
return status;
}
/* just read data (instruction and data-out = don't care) */
int arm9tdmi_clock_data_in(arm_jtag_t *jtag_info, u32 *in)
{
scan_field_t fields[3];
jtag_add_end_state(TAP_PD);
arm_jtag_scann(jtag_info, 0x1);
arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
fields[0].device = jtag_info->chain_pos;
fields[0].num_bits = 32;
fields[0].out_value = NULL;
fields[0].out_mask = NULL;
fields[0].in_value = NULL;
fields[0].in_handler = arm_jtag_buf_to_u32;
fields[0].in_handler_priv = in;
fields[0].in_check_value = NULL;
fields[0].in_check_mask = NULL;
fields[1].device = jtag_info->chain_pos;
fields[1].num_bits = 3;
fields[1].out_value = NULL;
fields[1].out_mask = NULL;
fields[1].in_value = NULL;
fields[1].in_handler = NULL;
fields[1].in_handler_priv = NULL;
fields[1].in_check_value = NULL;
fields[1].in_check_mask = NULL;
fields[2].device = jtag_info->chain_pos;
fields[2].num_bits = 32;
fields[2].out_value = NULL;
fields[2].out_mask = NULL;
fields[2].in_value = NULL;
fields[2].in_check_value = NULL;
fields[2].in_check_mask = NULL;
fields[2].in_handler = NULL;
fields[2].in_handler_priv = NULL;
jtag_add_dr_scan(3, fields, -1, NULL);
jtag_add_runtest(0, -1);
#ifdef _DEBUG_INSTRUCTION_EXECUTION_
{
jtag_execute_queue();
if (in)
{
DEBUG("in: 0x%8.8x", *in);
}
else
{
ERROR("BUG: called with in == NULL");
}
}
#endif
return ERROR_OK;
}
static int virtex2_receive_32(struct pld_device *pld_device,
int num_words, uint32_t *words)
{
struct virtex2_pld_device *virtex2_info = pld_device->driver_priv;
struct scan_field scan_field;
scan_field.tap = virtex2_info->tap;
scan_field.num_bits = 32;
scan_field.out_value = NULL;
scan_field.in_value = NULL;
virtex2_set_instr(virtex2_info->tap, 0x4); /* CFG_OUT */
while (num_words--)
{
scan_field.in_value = (uint8_t *)words;
jtag_add_dr_scan(1, &scan_field, jtag_set_end_state(TAP_DRPAUSE));
jtag_add_callback(virtexflip32, (jtag_callback_data_t)words);
words++;;
}
return ERROR_OK;
}
int mips_ejtag_drscan_8(struct mips_ejtag *ejtag_info, uint32_t *data)
{
// LOG_DEBUG("mips_ejtag_drscan_8");
struct jtag_tap *tap;
tap = ejtag_info->tap;
assert(tap != NULL);
struct scan_field field;
uint8_t t[4] = {0, 0, 0, 0}, r[4];
int retval;
field.num_bits = 8;
field.out_value = t;
buf_set_u32(t, 0, field.num_bits, *data);
field.in_value = r;
jtag_add_dr_scan(tap, 1, &field, TAP_IDLE);
retval = jtag_execute_queue();
if (retval != ERROR_OK) {
LOG_ERROR("register read failed");
return retval;
}
*data = buf_get_u32(field.in_value, 0, 32);
return ERROR_OK;
}
static int virtex2_send_32(struct pld_device *pld_device,
int num_words, uint32_t *words)
{
struct virtex2_pld_device *virtex2_info = pld_device->driver_priv;
struct scan_field scan_field;
uint8_t *values;
int i;
values = malloc(num_words * 4);
scan_field.tap = virtex2_info->tap;
scan_field.num_bits = num_words * 32;
scan_field.out_value = values;
scan_field.in_value = NULL;
for (i = 0; i < num_words; i++)
buf_set_u32(values + 4 * i, 0, 32, flip_u32(*words++, 32));
virtex2_set_instr(virtex2_info->tap, 0x5); /* CFG_IN */
jtag_add_dr_scan(1, &scan_field, jtag_set_end_state(TAP_DRPAUSE));
free(values);
return ERROR_OK;
}
int mips_ejtag_drscan_38(struct mips_ejtag *ejtag_info, uint64_t *data)
{
struct jtag_tap *tap;
tap = ejtag_info->tap;
if (tap == NULL)
return ERROR_FAIL;
mips_ejtag_set_instr(ejtag_info, EJTAG_DCR_FDC);
struct scan_field field;
uint8_t t[5], r[5];
int retval;
field.num_bits = 38;
field.out_value = &t;
buf_set_u64(t, 0, field.num_bits, *data);
field.in_value = r;
jtag_add_dr_scan(tap, 1, &field, TAP_IDLE);
retval = jtag_execute_queue();
if (retval != ERROR_OK) {
LOG_ERROR("register read failed");
return retval;
}
*data = buf_get_u64(field.in_value, 0, 64);
keep_alive();
return ERROR_OK;
}
/**
* Receive a block of size 32-bit words from the DCC.
* We assume the target is always going to be fast enough (relative to
* the JTAG clock) that the debugger won't need to poll the handshake
* bit. The JTAG clock is usually at least six times slower than the
* functional clock, so the 50+ JTAG clocks needed to receive the word
* allow hundreds of instruction cycles (per word) in the target.
*/
int embeddedice_receive(struct arm_jtag *jtag_info, uint32_t *data, uint32_t size)
{
struct scan_field fields[3];
uint8_t field1_out[1];
uint8_t field2_out[1];
int retval;
retval = arm_jtag_scann(jtag_info, 0x2, TAP_IDLE);
if (retval != ERROR_OK)
return retval;
retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_IDLE);
if (retval != ERROR_OK)
return retval;
fields[0].num_bits = 32;
fields[0].out_value = NULL;
fields[0].in_value = NULL;
fields[1].num_bits = 5;
fields[1].out_value = field1_out;
field1_out[0] = eice_regs[EICE_COMMS_DATA].addr;
fields[1].in_value = NULL;
fields[2].num_bits = 1;
fields[2].out_value = field2_out;
field2_out[0] = 0;
fields[2].in_value = NULL;
jtag_add_dr_scan(jtag_info->tap, 3, fields, TAP_IDLE);
while (size > 0) {
/* when reading the last item, set the register address to the DCC control reg,
* to avoid reading additional data from the DCC data reg
*/
if (size == 1)
field1_out[0] = eice_regs[EICE_COMMS_CTRL].addr;
fields[0].in_value = (uint8_t *)data;
jtag_add_dr_scan(jtag_info->tap, 3, fields, TAP_IDLE);
jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)data);
data++;
size--;
}
return jtag_execute_queue();
}
/* clock the target, and read the databus
* the *in pointer points to a buffer where elements of 'size' bytes
* are stored in big (be == 1) or little (be == 0) endianness
*/
int arm9tdmi_clock_data_in_endianness(struct arm_jtag *jtag_info,
void *in, int size, int be)
{
int retval = ERROR_OK;
struct scan_field fields[2];
retval = arm_jtag_scann(jtag_info, 0x1, TAP_DRPAUSE);
if (retval != ERROR_OK)
return retval;
retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_DRPAUSE);
if (retval != ERROR_OK)
return retval;
if (size == 4) {
fields[0].num_bits = 32;
fields[0].out_value = NULL;
fields[0].in_value = in;
fields[1].num_bits = 3 + 32;
fields[1].out_value = NULL;
fields[1].in_value = NULL;
} else {
/* Discard irrelevant bits of the scan, making sure we don't write more
* than size bytes to in */
fields[0].num_bits = size * 8;
fields[0].out_value = NULL;
fields[0].in_value = in;
fields[1].num_bits = 3 + 32 + 32 - size * 8;
fields[1].out_value = NULL;
fields[1].in_value = NULL;
}
jtag_add_dr_scan(jtag_info->tap, 2, fields, TAP_DRPAUSE);
jtag_add_callback4(arm7_9_endianness_callback,
(jtag_callback_data_t)in,
(jtag_callback_data_t)size,
(jtag_callback_data_t)be,
(jtag_callback_data_t)0);
jtag_add_runtest(0, TAP_DRPAUSE);
#ifdef _DEBUG_INSTRUCTION_EXECUTION_
{
retval = jtag_execute_queue();
if (retval != ERROR_OK)
return retval;
if (in)
LOG_DEBUG("in: 0x%8.8x", *(uint32_t *)in);
else
LOG_ERROR("BUG: called with in == NULL");
}
#endif
return ERROR_OK;
}
/* REVISIT no error handling here! */
void arm11_add_dr_scan_vc(int num_fields, struct scan_field *fields,
tap_state_t state)
{
if (cmd_queue_cur_state == TAP_DRPAUSE)
jtag_add_pathmove(ARRAY_SIZE(arm11_move_pd_to_sd_via_cd), arm11_move_pd_to_sd_via_cd);
jtag_add_dr_scan(num_fields, fields, state);
}
int arm11_add_dr_scan_vc(int num_fields, scan_field_t *fields, tap_state_t state)
{
if (cmd_queue_cur_state == TAP_DRPAUSE)
jtag_add_pathmove(asizeof(arm11_move_pd_to_sd_via_cd), arm11_move_pd_to_sd_via_cd);
jtag_add_dr_scan(num_fields, fields, state);
return ERROR_OK;
}
static int jtagspi_cmd(struct flash_bank *bank, uint8_t cmd,
uint32_t *addr, uint8_t *data, int len)
{
struct jtagspi_flash_bank *info = bank->driver_priv;
struct scan_field fields[3];
uint8_t cmd_buf[4];
uint8_t *data_buf;
int is_read, lenb, n;
/* LOG_DEBUG("cmd=0x%02x len=%i", cmd, len); */
n = 0;
fields[n].num_bits = 8;
cmd_buf[0] = cmd;
if (addr) {
h_u24_to_be(cmd_buf + 1, *addr);
fields[n].num_bits += 24;
}
flip_u8(cmd_buf, cmd_buf, 4);
fields[n].out_value = cmd_buf;
fields[n].in_value = NULL;
n++;
is_read = (len < 0);
if (is_read)
len = -len;
lenb = DIV_ROUND_UP(len, 8);
data_buf = malloc(lenb);
if (lenb > 0) {
if (data_buf == NULL) {
LOG_ERROR("no memory for spi buffer");
return ERROR_FAIL;
}
if (is_read) {
fields[n].num_bits = info->dr_len;
fields[n].out_value = NULL;
fields[n].in_value = NULL;
n++;
fields[n].out_value = NULL;
fields[n].in_value = data_buf;
} else {
flip_u8(data, data_buf, lenb);
fields[n].out_value = data_buf;
fields[n].in_value = NULL;
}
fields[n].num_bits = len;
n++;
}
jtagspi_set_ir(bank);
jtag_add_dr_scan(info->tap, n, fields, TAP_IDLE);
jtag_execute_queue();
if (is_read)
flip_u8(data_buf, data, lenb);
free(data_buf);
return ERROR_OK;
}
static int str9xpec_erase_area(struct flash_bank *bank, int first, int last)
{
struct scan_field field;
uint8_t status;
struct jtag_tap *tap;
int i;
uint8_t *buffer = NULL;
struct str9xpec_flash_controller *str9xpec_info = bank->driver_priv;
tap = str9xpec_info->tap;
if (!str9xpec_info->isc_enable)
str9xpec_isc_enable(bank);
if (!str9xpec_info->isc_enable)
return ISC_STATUS_ERROR;
buffer = calloc(DIV_ROUND_UP(64, 8), 1);
LOG_DEBUG("erase: first_bank: %i, last_bank: %i", first, last);
/* last bank: 0xFF signals a full erase (unlock complete device) */
/* last bank: 0xFE signals a option byte erase */
if (last == 0xFF) {
for (i = 0; i < 64; i++)
buf_set_u32(buffer, i, 1, 1);
} else if (last == 0xFE)
buf_set_u32(buffer, 49, 1, 1);
else {
for (i = first; i <= last; i++)
buf_set_u32(buffer, str9xpec_info->sector_bits[i], 1, 1);
}
LOG_DEBUG("ISC_ERASE");
/* execute ISC_ERASE command */
str9xpec_set_instr(tap, ISC_ERASE, TAP_IRPAUSE);
field.num_bits = 64;
field.out_value = buffer;
field.in_value = NULL;
jtag_add_dr_scan(tap, 1, &field, TAP_IDLE);
jtag_execute_queue();
jtag_add_sleep(10);
/* wait for erase completion */
while (!((status = str9xpec_isc_status(tap)) & ISC_STATUS_BUSY))
alive_sleep(1);
free(buffer);
str9xpec_isc_disable(bank);
return status;
}
void jtag_add_dr_scan_check(struct jtag_tap *active,
int in_num_fields,
struct scan_field *in_fields,
tap_state_t state)
{
if (jtag_verify)
jtag_add_scan_check(active, jtag_add_dr_scan, in_num_fields, in_fields, state);
else
jtag_add_dr_scan(active, in_num_fields, in_fields, state);
}
/* send <size> words of 32 bit to the DCC
* we pretend the target is always going to be fast enough
* (relative to the JTAG clock), so we don't need to handshake
*/
int embeddedice_send(arm_jtag_t *jtag_info, u32 *data, u32 size)
{
scan_field_t fields[3];
u8 field0_out[4];
u8 field1_out[1];
u8 field2_out[1];
jtag_add_end_state(TAP_IDLE);
arm_jtag_scann(jtag_info, 0x2);
arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
fields[0].tap = jtag_info->tap;
fields[0].num_bits = 32;
fields[0].out_value = field0_out;
fields[0].out_mask = NULL;
fields[0].in_value = NULL;
fields[0].in_check_value = NULL;
fields[0].in_check_mask = NULL;
fields[0].in_handler = NULL;
fields[0].in_handler_priv = NULL;
fields[1].tap = jtag_info->tap;
fields[1].num_bits = 5;
fields[1].out_value = field1_out;
buf_set_u32(fields[1].out_value, 0, 5, embeddedice_reg_arch_info[EICE_COMMS_DATA]);
fields[1].out_mask = NULL;
fields[1].in_value = NULL;
fields[1].in_check_value = NULL;
fields[1].in_check_mask = NULL;
fields[1].in_handler = NULL;
fields[1].in_handler_priv = NULL;
fields[2].tap = jtag_info->tap;
fields[2].num_bits = 1;
fields[2].out_value = field2_out;
buf_set_u32(fields[2].out_value, 0, 1, 1);
fields[2].out_mask = NULL;
fields[2].in_value = NULL;
fields[2].in_check_value = NULL;
fields[2].in_check_mask = NULL;
fields[2].in_handler = NULL;
fields[2].in_handler_priv = NULL;
while (size > 0)
{
buf_set_u32(fields[0].out_value, 0, 32, *data);
jtag_add_dr_scan(3, fields, -1);
data++;
size--;
}
/* call to jtag_execute_queue() intentionally omitted */
return ERROR_OK;
}
/* See table 9-10 for scan chain 15 format during interpreted access mode.
* If the TESTSTATE register is set for interpreted access, certain CP15
* MRC and MCR instructions may be executed through scan chain 15.
*
* Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
* executed using scan chain 15 interpreted mode.
*/
static int arm920t_execute_cp15(struct target *target, uint32_t cp15_opcode,
uint32_t arm_opcode)
{
int retval;
struct arm920t_common *arm920t = target_to_arm920(target);
struct arm_jtag *jtag_info;
struct scan_field fields[4];
uint8_t access_type_buf = 0; /* interpreted access */
uint8_t reg_addr_buf = 0x0;
uint8_t nr_w_buf = 0;
uint8_t cp15_opcode_buf[4];
jtag_info = &arm920t->arm7_9_common.jtag_info;
retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
if (retval != ERROR_OK)
return retval;
retval = arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);
if (retval != ERROR_OK)
return retval;
buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
fields[0].num_bits = 1;
fields[0].out_value = &access_type_buf;
fields[0].in_value = NULL;
fields[1].num_bits = 32;
fields[1].out_value = cp15_opcode_buf;
fields[1].in_value = NULL;
fields[2].num_bits = 6;
fields[2].out_value = ®_addr_buf;
fields[2].in_value = NULL;
fields[3].num_bits = 1;
fields[3].out_value = &nr_w_buf;
fields[3].in_value = NULL;
jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
retval = arm7_9_execute_sys_speed(target);
if (retval != ERROR_OK)
return retval;
if ((retval = jtag_execute_queue()) != ERROR_OK)
{
LOG_ERROR("failed executing JTAG queue");
return retval;
}
return ERROR_OK;
}
