1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath <Dominic.Rath@gmx.de> *
3 * Copyright (C) 2007-2010 Øyvind Harboe <oyvind.harboe@zylin.com> *
4 * Copyright (C) 2008 by Spencer Oliver <spen@spen-soft.co.uk> *
5 * Copyright (C) 2009 Zachary T Welch <zw@superlucidity.net> *
7 * This program is free software; you can redistribute it and/or modify *
8 * it under the terms of the GNU General Public License as published by *
9 * the Free Software Foundation; either version 2 of the License, or *
10 * (at your option) any later version. *
12 * This program is distributed in the hope that it will be useful, *
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
15 * GNU General Public License for more details. *
17 * You should have received a copy of the GNU General Public License *
18 * along with this program; if not, write to the *
19 * Free Software Foundation, Inc., *
20 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
21 ***************************************************************************/
26 #include <flash/common.h>
27 #include <flash/nor/core.h>
28 #include <flash/nor/imp.h>
29 #include <target/image.h>
34 * Upper level of NOR flash framework.
35 * The lower level interfaces are to drivers. These upper level ones
36 * primarily support access from Tcl scripts or from GDB.
39 static struct flash_bank *flash_banks;
41 int flash_driver_erase(struct flash_bank *bank, int first, int last)
45 retval = bank->driver->erase(bank, first, last);
46 if (retval != ERROR_OK)
48 LOG_ERROR("failed erasing sectors %d to %d (%d)", first, last, retval);
54 int flash_driver_protect(struct flash_bank *bank, int set, int first, int last)
59 /* NOTE: "first == last" means (un?)protect just that sector.
60 code including Lower level ddrivers may rely on this "first <= last"
64 /* callers may not supply illegal parameters ... */
65 if (first < 0 || first > last || last >= bank->num_sectors)
68 /* force "set" to 0/1 */
72 * Filter out what trivial nonsense we can, so drivers don't have to.
74 * Don't tell drivers to change to the current state... it's needless,
75 * and reducing the amount of work to be done (potentially to nothing)
76 * speeds at least some things up.
79 for (int i = first; i <= last; i++) {
80 struct flash_sector *sector = bank->sectors + i;
82 /* Only filter requests to protect the already-protected, or
83 * to unprotect the already-unprotected. Changing from the
84 * unknown state (-1) to a known one is unwise but allowed;
85 * protection status is best checked first.
87 if (sector->is_protected != set)
90 /* Shrink this range of sectors from the start; don't overrun
91 * the end. Also shrink from the end; don't overun the start.
93 * REVISIT we could handle discontiguous regions by issuing
94 * more than one driver request. How much would that matter?
96 if (i == first && i != last) {
99 } else if (i == last && i != first) {
105 /* updating the range affects the tests in the scan loop above; so
106 * re-scan, to make sure we didn't miss anything.
113 /* Single sector, already protected? Nothing to do!
114 * We may have trimmed our parameters into this degenerate case.
116 * FIXME repeating the "is_protected==set" test is a giveaway that
117 * this fast-exit belongs earlier, in the trim-it-down loop; mve.
119 if (first == last && bank->sectors[first].is_protected == set)
123 /* Note that we don't pass illegal parameters to drivers; any
124 * trimming just turns one valid range into another one.
126 retval = bank->driver->protect(bank, set, first, last);
127 if (retval != ERROR_OK)
129 LOG_ERROR("failed setting protection for areas %d to %d (%d)", first, last, retval);
135 int flash_driver_write(struct flash_bank *bank,
136 uint8_t *buffer, uint32_t offset, uint32_t count)
140 retval = bank->driver->write(bank, buffer, offset, count);
141 if (retval != ERROR_OK)
143 LOG_ERROR("error writing to flash at address 0x%08" PRIx32 " at offset 0x%8.8" PRIx32 " (%d)",
144 bank->base, offset, retval);
150 void flash_bank_add(struct flash_bank *bank)
152 /* put flash bank in linked list */
153 unsigned bank_num = 0;
156 /* find last flash bank */
157 struct flash_bank *p = flash_banks;
158 while (NULL != p->next)
169 bank->bank_number = bank_num;
172 struct flash_bank *flash_bank_list(void)
177 struct flash_bank *get_flash_bank_by_num_noprobe(int num)
179 struct flash_bank *p;
182 for (p = flash_banks; p; p = p->next)
189 LOG_ERROR("flash bank %d does not exist", num);
193 int flash_get_bank_count(void)
195 struct flash_bank *p;
197 for (p = flash_banks; p; p = p->next)
204 struct flash_bank *get_flash_bank_by_name(const char *name)
206 unsigned requested = get_flash_name_index(name);
209 struct flash_bank *bank;
210 for (bank = flash_banks; NULL != bank; bank = bank->next)
212 if (strcmp(bank->name, name) == 0)
214 if (!flash_driver_name_matches(bank->driver->name, name))
216 if (++found < requested)
223 int get_flash_bank_by_num(int num, struct flash_bank **bank)
225 struct flash_bank *p = get_flash_bank_by_num_noprobe(num);
233 retval = p->driver->auto_probe(p);
235 if (retval != ERROR_OK)
237 LOG_ERROR("auto_probe failed %d\n", retval);
244 /* lookup flash bank by address */
245 struct flash_bank *get_flash_bank_by_addr(struct target *target, uint32_t addr)
247 struct flash_bank *c;
249 /* cycle through bank list */
250 for (c = flash_banks; c; c = c->next)
253 retval = c->driver->auto_probe(c);
255 if (retval != ERROR_OK)
257 LOG_ERROR("auto_probe failed %d\n", retval);
260 /* check whether address belongs to this flash bank */
261 if ((addr >= c->base) && (addr <= c->base + (c->size - 1)) && target == c->target)
264 LOG_ERROR("No flash at address 0x%08" PRIx32 "\n", addr);
268 int default_flash_mem_blank_check(struct flash_bank *bank)
270 struct target *target = bank->target;
271 const int buffer_size = 1024;
274 int retval = ERROR_OK;
276 if (bank->target->state != TARGET_HALTED)
278 LOG_ERROR("Target not halted");
279 return ERROR_TARGET_NOT_HALTED;
282 uint8_t *buffer = malloc(buffer_size);
284 for (i = 0; i < bank->num_sectors; i++)
287 bank->sectors[i].is_erased = 1;
289 for (j = 0; j < bank->sectors[i].size; j += buffer_size)
293 if (chunk > (j - bank->sectors[i].size))
295 chunk = (j - bank->sectors[i].size);
298 retval = target_read_memory(target, bank->base + bank->sectors[i].offset + j, 4, chunk/4, buffer);
299 if (retval != ERROR_OK)
304 for (nBytes = 0; nBytes < chunk; nBytes++)
306 if (buffer[nBytes] != 0xFF)
308 bank->sectors[i].is_erased = 0;
321 int default_flash_blank_check(struct flash_bank *bank)
323 struct target *target = bank->target;
329 if (bank->target->state != TARGET_HALTED)
331 LOG_ERROR("Target not halted");
332 return ERROR_TARGET_NOT_HALTED;
335 for (i = 0; i < bank->num_sectors; i++)
337 uint32_t address = bank->base + bank->sectors[i].offset;
338 uint32_t size = bank->sectors[i].size;
340 if ((retval = target_blank_check_memory(target, address, size, &blank)) != ERROR_OK)
346 bank->sectors[i].is_erased = 1;
348 bank->sectors[i].is_erased = 0;
354 LOG_USER("Running slow fallback erase check - add working memory");
355 return default_flash_mem_blank_check(bank);
361 /* Manipulate given flash region, selecting the bank according to target
362 * and address. Maps an address range to a set of sectors, and issues
363 * the callback() on that set ... e.g. to erase or unprotect its members.
365 * (Note a current bad assumption: that protection operates on the same
366 * size sectors as erase operations use.)
368 * The "pad_reason" parameter is a kind of boolean: when it's NULL, the
369 * range must fit those sectors exactly. This is clearly safe; it can't
370 * erase data which the caller said to leave alone, for example. If it's
371 * non-NULL, rather than failing, extra data in the first and/or last
372 * sectors will be added to the range, and that reason string is used when
373 * warning about those additions.
375 static int flash_iterate_address_range(struct target *target,
376 char *pad_reason, uint32_t addr, uint32_t length,
377 int (*callback)(struct flash_bank *bank, int first, int last))
379 struct flash_bank *c;
380 uint32_t last_addr = addr + length; /* first address AFTER end */
385 if ((c = get_flash_bank_by_addr(target, addr)) == NULL)
386 return ERROR_FLASH_DST_OUT_OF_BANK; /* no corresponding bank found */
388 if (c->size == 0 || c->num_sectors == 0)
390 LOG_ERROR("Bank is invalid");
391 return ERROR_FLASH_BANK_INVALID;
396 /* special case, erase whole bank when length is zero */
399 LOG_ERROR("Whole bank access must start at beginning of bank.");
400 return ERROR_FLASH_DST_BREAKS_ALIGNMENT;
403 return callback(c, 0, c->num_sectors - 1);
406 /* check whether it all fits in this bank */
407 if (addr + length - 1 > c->base + c->size - 1)
409 LOG_ERROR("Flash access does not fit into bank.");
410 return ERROR_FLASH_DST_BREAKS_ALIGNMENT;
413 /** @todo: handle erasures that cross into adjacent banks */
416 last_addr -= c->base;
418 for (i = 0; i < c->num_sectors; i++)
420 struct flash_sector *f = c->sectors + i;
421 uint32_t end = f->offset + f->size;
423 /* start only on a sector boundary */
425 /* scanned past the first sector? */
426 if (addr < f->offset)
429 /* is this the first sector? */
430 if (addr == f->offset)
433 /* Does this need head-padding? If so, pad and warn;
434 * or else force an error.
436 * Such padding can make trouble, since *WE* can't
437 * ever know if that data was in use. The warning
438 * should help users sort out messes later.
440 else if (addr < end && pad_reason) {
441 /* FIXME say how many bytes (e.g. 80 KB) */
442 LOG_WARNING("Adding extra %s range, "
445 (unsigned) f->offset,
446 (unsigned) addr - 1);
452 /* is this (also?) the last sector? */
453 if (last_addr == end) {
458 /* Does this need tail-padding? If so, pad and warn;
459 * or else force an error.
461 if (last_addr < end && pad_reason) {
462 /* FIXME say how many bytes (e.g. 80 KB) */
463 LOG_WARNING("Adding extra %s range, "
466 (unsigned) last_addr,
472 /* MUST finish on a sector boundary */
473 if (last_addr <= f->offset)
477 /* invalid start or end address? */
478 if (first == -1 || last == -1) {
479 LOG_ERROR("address range 0x%8.8x .. 0x%8.8x "
480 "is not sector-aligned",
481 (unsigned) (c->base + addr),
482 (unsigned) (c->base + last_addr - 1));
483 return ERROR_FLASH_DST_BREAKS_ALIGNMENT;
486 /* The NOR driver may trim this range down, based on what
487 * sectors are already erased/unprotected. GDB currently
488 * blocks such optimizations.
490 return callback(c, first, last);
493 int flash_erase_address_range(struct target *target,
494 bool pad, uint32_t addr, uint32_t length)
496 return flash_iterate_address_range(target, pad ? "erase" : NULL,
497 addr, length, &flash_driver_erase);
500 static int flash_driver_unprotect(struct flash_bank *bank, int first, int last)
502 return flash_driver_protect(bank, 0, first, last);
505 int flash_unlock_address_range(struct target *target, uint32_t addr, uint32_t length)
507 /* By default, pad to sector boundaries ... the real issue here
508 * is that our (only) caller *permanently* removes protection,
509 * and doesn't restore it.
511 return flash_iterate_address_range(target, "unprotect",
512 addr, length, &flash_driver_unprotect);
515 static int compare_section (const void * a, const void * b)
517 struct imageection *b1, *b2;
518 b1=*((struct imageection **)a);
519 b2=*((struct imageection **)b);
521 if (b1->base_address == b2->base_address)
524 } else if (b1->base_address > b2->base_address)
534 int flash_write_unlock(struct target *target, struct image *image,
535 uint32_t *written, int erase, bool unlock)
537 int retval = ERROR_OK;
540 uint32_t section_offset;
541 struct flash_bank *c;
552 /* assume all sectors need erasing - stops any problems
553 * when flash_write is called multiple times */
558 /* allocate padding array */
559 padding = calloc(image->num_sections, sizeof(*padding));
561 /* This fn requires all sections to be in ascending order of addresses,
562 * whereas an image can have sections out of order. */
563 struct imageection **sections = malloc(sizeof(struct imageection *) *
564 image->num_sections);
566 for (i = 0; i < image->num_sections; i++)
568 sections[i] = &image->sections[i];
571 qsort(sections, image->num_sections, sizeof(struct imageection *),
574 /* loop until we reach end of the image */
575 while (section < image->num_sections)
577 uint32_t buffer_size;
581 uint32_t run_address = sections[section]->base_address + section_offset;
582 uint32_t run_size = sections[section]->size - section_offset;
585 if (sections[section]->size == 0)
587 LOG_WARNING("empty section %d", section);
593 /* find the corresponding flash bank */
594 if ((c = get_flash_bank_by_addr(target, run_address)) == NULL)
596 section++; /* and skip it */
601 /* collect consecutive sections which fall into the same bank */
602 section_first = section;
603 section_last = section;
604 padding[section] = 0;
605 while ((run_address + run_size - 1 < c->base + c->size - 1)
606 && (section_last + 1 < image->num_sections))
608 /* sections are sorted */
609 assert(sections[section_last + 1]->base_address >= c->base);
610 if (sections[section_last + 1]->base_address >= (c->base + c->size))
612 /* Done with this bank */
616 /* FIXME This needlessly touches sectors BETWEEN the
617 * sections it's writing. Without auto erase, it just
618 * writes ones. That WILL INVALIDATE data in cases
619 * like Stellaris Tempest chips, corrupting internal
620 * ECC codes; and at least FreeScale suggests issues
621 * with that approach (in HC11 documentation).
623 * With auto erase enabled, data in those sectors will
624 * be needlessly destroyed; and some of the limited
625 * number of flash erase cycles will be wasted...
627 * In both cases, the extra writes slow things down.
630 /* if we have multiple sections within our image,
631 * flash programming could fail due to alignment issues
632 * attempt to rebuild a consecutive buffer for the flash loader */
633 pad_bytes = (sections[section_last + 1]->base_address) - (run_address + run_size);
634 padding[section_last] = pad_bytes;
635 run_size += sections[++section_last]->size;
636 run_size += pad_bytes;
639 LOG_INFO("Padding image section %d with %d bytes", section_last-1, pad_bytes);
642 assert (run_address + run_size - 1 <= c->base + c->size - 1);
644 /* If we're applying any sector automagic, then pad this
645 * (maybe-combined) segment to the end of its last sector.
647 if (unlock || erase) {
649 uint32_t offset_start = run_address - c->base;
650 uint32_t offset_end = offset_start + run_size;
651 uint32_t end = offset_end, delta;
653 for (sector = 0; sector < c->num_sectors; sector++) {
654 end = c->sectors[sector].offset
655 + c->sectors[sector].size;
656 if (offset_end <= end)
660 delta = end - offset_end;
661 padding[section_last] += delta;
665 /* allocate buffer */
666 buffer = malloc(run_size);
669 /* read sections to the buffer */
670 while (buffer_size < run_size)
674 size_read = run_size - buffer_size;
675 if (size_read > sections[section]->size - section_offset)
676 size_read = sections[section]->size - section_offset;
680 * #¤%#"%¤% we have to figure out the section # from the sorted
681 * list of pointers to sections to invoke image_read_section()...
683 intptr_t diff = (intptr_t)sections[section] - (intptr_t)image->sections;
684 int t_section_num = diff / sizeof(struct imageection);
686 LOG_DEBUG("image_read_section: section = %d, t_section_num = %d, section_offset = %d, buffer_size = %d, size_read = %d",
688 (int)t_section_num, (int)section_offset, (int)buffer_size, (int)size_read);
689 if ((retval = image_read_section(image, t_section_num, section_offset,
690 size_read, buffer + buffer_size, &size_read)) != ERROR_OK || size_read == 0)
696 /* see if we need to pad the section */
697 while (padding[section]--)
698 (buffer + buffer_size)[size_read++] = 0xff;
700 buffer_size += size_read;
701 section_offset += size_read;
703 if (section_offset >= sections[section]->size)
714 retval = flash_unlock_address_range(target, run_address, run_size);
716 if (retval == ERROR_OK)
720 /* calculate and erase sectors */
721 retval = flash_erase_address_range(target,
722 true, run_address, run_size);
726 if (retval == ERROR_OK)
728 /* write flash sectors */
729 retval = flash_driver_write(c, buffer, run_address - c->base, run_size);
734 if (retval != ERROR_OK)
736 /* abort operation */
741 *written += run_size; /* add run size to total written counter */
752 int flash_write(struct target *target, struct image *image,
753 uint32_t *written, int erase)
755 return flash_write_unlock(target, image, written, erase, false);
759 * Invalidates cached flash state which a target can change as it runs.
761 * @param target The target being resumed
763 * OpenOCD caches some flash state for brief periods. For example, a sector
764 * that is protected must be unprotected before OpenOCD tries to write it,
765 * Also, a sector that's not erased must be erased before it's written.
767 * As a rule, OpenOCD and target firmware can both modify the flash, so when
768 * a target starts running, OpenOCD needs to invalidate its cached state.
770 void nor_resume(struct target *target)
772 struct flash_bank *bank;
774 for (bank = flash_banks; bank; bank = bank->next) {
777 if (bank->target != target)
780 for (i = 0; i < bank->num_sectors; i++) {
781 struct flash_sector *sector = bank->sectors + i;
783 sector->is_erased = -1;
784 sector->is_protected = -1;
projects / openocd / blob