git.sur5r.net Git - openocd/blob - src/target/aarch64.c

   1 /***************************************************************************
   2  *   Copyright (C) 2015 by David Ung                                       *
   3  *                                                                         *
   4  *   This program is free software; you can redistribute it and/or modify  *
   5  *   it under the terms of the GNU General Public License as published by  *
   6  *   the Free Software Foundation; either version 2 of the License, or     *
   7  *   (at your option) any later version.                                   *
   8  *                                                                         *
   9  *   This program is distributed in the hope that it will be useful,       *
  10  *   but WITHOUT ANY WARRANTY; without even the implied warranty of        *
  11  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         *
  12  *   GNU General Public License for more details.                          *
  13  *                                                                         *
  14  *   You should have received a copy of the GNU General Public License     *
  15  *   along with this program; if not, write to the                         *
  16  *   Free Software Foundation, Inc.,                                       *
  17  *                                                                         *
  18  ***************************************************************************/
  19
  20 #ifdef HAVE_CONFIG_H
  21 #include "config.h"
  22 #endif
  23
  24 #include "breakpoints.h"
  25 #include "aarch64.h"
  26 #include "register.h"
  27 #include "target_request.h"
  28 #include "target_type.h"
  29 #include "armv8_opcodes.h"
  30 #include "armv8_cache.h"
  31 #include <helper/time_support.h>
  32
  33 #define __unused __attribute((unused))
  34
  35 enum restart_mode {
  36         RESTART_LAZY,
  37         RESTART_SYNC,
  38 };
  39
  40 enum halt_mode {
  41         HALT_LAZY,
  42         HALT_SYNC,
  43 };
  44
  45 static int aarch64_poll(struct target *target);
  46 static int aarch64_debug_entry(struct target *target);
  47 static int aarch64_restore_context(struct target *target, bool bpwp);
  48 static int aarch64_set_breakpoint(struct target *target,
  49         struct breakpoint *breakpoint, uint8_t matchmode);
  50 static int aarch64_set_context_breakpoint(struct target *target,
  51         struct breakpoint *breakpoint, uint8_t matchmode);
  52 static int aarch64_set_hybrid_breakpoint(struct target *target,
  53         struct breakpoint *breakpoint);
  54 static int aarch64_unset_breakpoint(struct target *target,
  55         struct breakpoint *breakpoint);
  56 static int aarch64_mmu(struct target *target, int *enabled);
  57 static int aarch64_virt2phys(struct target *target,
  58         target_addr_t virt, target_addr_t *phys);
  59 static int aarch64_read_apb_ap_memory(struct target *target,
  60         uint64_t address, uint32_t size, uint32_t count, uint8_t *buffer);
  61
  62 #define foreach_smp_target(pos, head) \
  63         for (pos = head; (pos != NULL); pos = pos->next)
  64
  65 static int aarch64_restore_system_control_reg(struct target *target)
  66 {
  67         enum arm_mode target_mode = ARM_MODE_ANY;
  68         int retval = ERROR_OK;
  69         uint32_t instr;
  70
  71         struct aarch64_common *aarch64 = target_to_aarch64(target);
  72         struct armv8_common *armv8 = target_to_armv8(target);
  73
  74         if (aarch64->system_control_reg != aarch64->system_control_reg_curr) {
  75                 aarch64->system_control_reg_curr = aarch64->system_control_reg;
  76                 /* LOG_INFO("cp15_control_reg: %8.8" PRIx32, cortex_v8->cp15_control_reg); */
  77
  78                 switch (armv8->arm.core_mode) {
  79                 case ARMV8_64_EL0T:
  80                         target_mode = ARMV8_64_EL1H;
  81                         /* fall through */
  82                 case ARMV8_64_EL1T:
  83                 case ARMV8_64_EL1H:
  84                         instr = ARMV8_MSR_GP(SYSTEM_SCTLR_EL1, 0);
  85                         break;
  86                 case ARMV8_64_EL2T:
  87                 case ARMV8_64_EL2H:
  88                         instr = ARMV8_MSR_GP(SYSTEM_SCTLR_EL2, 0);
  89                         break;
  90                 case ARMV8_64_EL3H:
  91                 case ARMV8_64_EL3T:
  92                         instr = ARMV8_MSR_GP(SYSTEM_SCTLR_EL3, 0);
  93                         break;
  94
  95                 case ARM_MODE_SVC:
  96                 case ARM_MODE_ABT:
  97                 case ARM_MODE_FIQ:
  98                 case ARM_MODE_IRQ:
  99                         instr = ARMV4_5_MCR(15, 0, 0, 1, 0, 0);
 100                         break;
 101
 102                 default:
 103                         LOG_INFO("cannot read system control register in this mode");
 104                         return ERROR_FAIL;
 105                 }
 106
 107                 if (target_mode != ARM_MODE_ANY)
 108                         armv8_dpm_modeswitch(&armv8->dpm, target_mode);
 109
 110                 retval = armv8->dpm.instr_write_data_r0(&armv8->dpm, instr, aarch64->system_control_reg);
 111                 if (retval != ERROR_OK)
 112                         return retval;
 113
 114                 if (target_mode != ARM_MODE_ANY)
 115                         armv8_dpm_modeswitch(&armv8->dpm, ARM_MODE_ANY);
 116         }
 117
 118         return retval;
 119 }
 120
 121 /*  modify system_control_reg in order to enable or disable mmu for :
 122  *  - virt2phys address conversion
 123  *  - read or write memory in phys or virt address */
 124 static int aarch64_mmu_modify(struct target *target, int enable)
 125 {
 126         struct aarch64_common *aarch64 = target_to_aarch64(target);
 127         struct armv8_common *armv8 = &aarch64->armv8_common;
 128         int retval = ERROR_OK;
 129         uint32_t instr = 0;
 130
 131         if (enable) {
 132                 /*      if mmu enabled at target stop and mmu not enable */
 133                 if (!(aarch64->system_control_reg & 0x1U)) {
 134                         LOG_ERROR("trying to enable mmu on target stopped with mmu disable");
 135                         return ERROR_FAIL;
 136                 }
 137                 if (!(aarch64->system_control_reg_curr & 0x1U))
 138                         aarch64->system_control_reg_curr |= 0x1U;
 139         } else {
 140                 if (aarch64->system_control_reg_curr & 0x4U) {
 141                         /*  data cache is active */
 142                         aarch64->system_control_reg_curr &= ~0x4U;
 143                         /* flush data cache armv8 function to be called */
 144                         if (armv8->armv8_mmu.armv8_cache.flush_all_data_cache)
 145                                 armv8->armv8_mmu.armv8_cache.flush_all_data_cache(target);
 146                 }
 147                 if ((aarch64->system_control_reg_curr & 0x1U)) {
 148                         aarch64->system_control_reg_curr &= ~0x1U;
 149                 }
 150         }
 151
 152         switch (armv8->arm.core_mode) {
 153         case ARMV8_64_EL0T:
 154         case ARMV8_64_EL1T:
 155         case ARMV8_64_EL1H:
 156                 instr = ARMV8_MSR_GP(SYSTEM_SCTLR_EL1, 0);
 157                 break;
 158         case ARMV8_64_EL2T:
 159         case ARMV8_64_EL2H:
 160                 instr = ARMV8_MSR_GP(SYSTEM_SCTLR_EL2, 0);
 161                 break;
 162         case ARMV8_64_EL3H:
 163         case ARMV8_64_EL3T:
 164                 instr = ARMV8_MSR_GP(SYSTEM_SCTLR_EL3, 0);
 165                 break;
 166         default:
 167                 LOG_DEBUG("unknown cpu state 0x%x" PRIx32, armv8->arm.core_state);
 168                 break;
 169         }
 170
 171         retval = armv8->dpm.instr_write_data_r0(&armv8->dpm, instr,
 172                                 aarch64->system_control_reg_curr);
 173         return retval;
 174 }
 175
 176 /*
 177  * Basic debug access, very low level assumes state is saved
 178  */
 179 static int aarch64_init_debug_access(struct target *target)
 180 {
 181         struct armv8_common *armv8 = target_to_armv8(target);
 182         int retval;
 183         uint32_t dummy;
 184
 185         LOG_DEBUG(" ");
 186
 187         retval = mem_ap_write_atomic_u32(armv8->debug_ap,
 188                         armv8->debug_base + CPUV8_DBG_OSLAR, 0);
 189         if (retval != ERROR_OK) {
 190                 LOG_DEBUG("Examine %s failed", "oslock");
 191                 return retval;
 192         }
 193
 194         /* Clear Sticky Power Down status Bit in PRSR to enable access to
 195            the registers in the Core Power Domain */
 196         retval = mem_ap_read_atomic_u32(armv8->debug_ap,
 197                         armv8->debug_base + CPUV8_DBG_PRSR, &dummy);
 198         if (retval != ERROR_OK)
 199                 return retval;
 200
 201         /*
 202          * Static CTI configuration:
 203          * Channel 0 -> trigger outputs HALT request to PE
 204          * Channel 1 -> trigger outputs Resume request to PE
 205          * Gate all channel trigger events from entering the CTM
 206          */
 207
 208         /* Enable CTI */
 209         retval = arm_cti_enable(armv8->cti, true);
 210         /* By default, gate all channel events to and from the CTM */
 211         if (retval == ERROR_OK)
 212                 retval = arm_cti_write_reg(armv8->cti, CTI_GATE, 0);
 213         /* output halt requests to PE on channel 0 event */
 214         if (retval == ERROR_OK)
 215                 retval = arm_cti_write_reg(armv8->cti, CTI_OUTEN0, CTI_CHNL(0));
 216         /* output restart requests to PE on channel 1 event */
 217         if (retval == ERROR_OK)
 218                 retval = arm_cti_write_reg(armv8->cti, CTI_OUTEN1, CTI_CHNL(1));
 219         if (retval != ERROR_OK)
 220                 return retval;
 221
 222         /* Resync breakpoint registers */
 223
 224         return ERROR_OK;
 225 }
 226
 227 /* Write to memory mapped registers directly with no cache or mmu handling */
 228 static int aarch64_dap_write_memap_register_u32(struct target *target,
 229         uint32_t address,
 230         uint32_t value)
 231 {
 232         int retval;
 233         struct armv8_common *armv8 = target_to_armv8(target);
 234
 235         retval = mem_ap_write_atomic_u32(armv8->debug_ap, address, value);
 236
 237         return retval;
 238 }
 239
 240 static int aarch64_dpm_setup(struct aarch64_common *a8, uint64_t debug)
 241 {
 242         struct arm_dpm *dpm = &a8->armv8_common.dpm;
 243         int retval;
 244
 245         dpm->arm = &a8->armv8_common.arm;
 246         dpm->didr = debug;
 247
 248         retval = armv8_dpm_setup(dpm);
 249         if (retval == ERROR_OK)
 250                 retval = armv8_dpm_initialize(dpm);
 251
 252         return retval;
 253 }
 254
 255 static int aarch64_set_dscr_bits(struct target *target, unsigned long bit_mask, unsigned long value)
 256 {
 257         struct armv8_common *armv8 = target_to_armv8(target);
 258         return armv8_set_dbgreg_bits(armv8, CPUV8_DBG_DSCR, bit_mask, value);
 259 }
 260
 261 static int aarch64_check_state_one(struct target *target,
 262                 uint32_t mask, uint32_t val, int *p_result, uint32_t *p_prsr)
 263 {
 264         struct armv8_common *armv8 = target_to_armv8(target);
 265         uint32_t prsr;
 266         int retval;
 267
 268         retval = mem_ap_read_atomic_u32(armv8->debug_ap,
 269                         armv8->debug_base + CPUV8_DBG_PRSR, &prsr);
 270         if (retval != ERROR_OK)
 271                 return retval;
 272
 273         if (p_prsr)
 274                 *p_prsr = prsr;
 275
 276         if (p_result)
 277                 *p_result = (prsr & mask) == (val & mask);
 278
 279         return ERROR_OK;
 280 }
 281
 282 static int aarch64_wait_halt_one(struct target *target)
 283 {
 284         int retval = ERROR_OK;
 285         uint32_t prsr;
 286
 287         int64_t then = timeval_ms();
 288         for (;;) {
 289                 int halted;
 290
 291                 retval = aarch64_check_state_one(target, PRSR_HALT, PRSR_HALT, &halted, &prsr);
 292                 if (retval != ERROR_OK || halted)
 293                         break;
 294
 295                 if (timeval_ms() > then + 1000) {
 296                         retval = ERROR_TARGET_TIMEOUT;
 297                         LOG_DEBUG("target %s timeout, prsr=0x%08"PRIx32, target_name(target), prsr);
 298                         break;
 299                 }
 300         }
 301         return retval;
 302 }
 303
 304 static int aarch64_prepare_halt_smp(struct target *target, bool exc_target, struct target **p_first)
 305 {
 306         int retval = ERROR_OK;
 307         struct target_list *head = target->head;
 308         struct target *first = NULL;
 309
 310         LOG_DEBUG("target %s exc %i", target_name(target), exc_target);
 311
 312         while (head != NULL) {
 313                 struct target *curr = head->target;
 314                 struct armv8_common *armv8 = target_to_armv8(curr);
 315                 head = head->next;
 316
 317                 if (exc_target && curr == target)
 318                         continue;
 319                 if (!target_was_examined(curr))
 320                         continue;
 321                 if (curr->state != TARGET_RUNNING)
 322                         continue;
 323
 324                 /* HACK: mark this target as prepared for halting */
 325                 curr->debug_reason = DBG_REASON_DBGRQ;
 326
 327                 /* open the gate for channel 0 to let HALT requests pass to the CTM */
 328                 retval = arm_cti_ungate_channel(armv8->cti, 0);
 329                 if (retval == ERROR_OK)
 330                         retval = aarch64_set_dscr_bits(curr, DSCR_HDE, DSCR_HDE);
 331                 if (retval != ERROR_OK)
 332                         break;
 333
 334                 LOG_DEBUG("target %s prepared", target_name(curr));
 335
 336                 if (first == NULL)
 337                         first = curr;
 338         }
 339
 340         if (p_first) {
 341                 if (exc_target && first)
 342                         *p_first = first;
 343                 else
 344                         *p_first = target;
 345         }
 346
 347         return retval;
 348 }
 349
 350 static int aarch64_halt_one(struct target *target, enum halt_mode mode)
 351 {
 352         int retval = ERROR_OK;
 353         struct armv8_common *armv8 = target_to_armv8(target);
 354
 355         LOG_DEBUG("%s", target_name(target));
 356
 357         /* allow Halting Debug Mode */
 358         retval = aarch64_set_dscr_bits(target, DSCR_HDE, DSCR_HDE);
 359         if (retval != ERROR_OK)
 360                 return retval;
 361
 362         /* trigger an event on channel 0, this outputs a halt request to the PE */
 363         retval = arm_cti_pulse_channel(armv8->cti, 0);
 364         if (retval != ERROR_OK)
 365                 return retval;
 366
 367         if (mode == HALT_SYNC) {
 368                 retval = aarch64_wait_halt_one(target);
 369                 if (retval != ERROR_OK) {
 370                         if (retval == ERROR_TARGET_TIMEOUT)
 371                                 LOG_ERROR("Timeout waiting for target %s halt", target_name(target));
 372                         return retval;
 373                 }
 374         }
 375
 376         return ERROR_OK;
 377 }
 378
 379 static int aarch64_halt_smp(struct target *target, bool exc_target)
 380 {
 381         struct target *next = target;
 382         int retval;
 383
 384         /* prepare halt on all PEs of the group */
 385         retval = aarch64_prepare_halt_smp(target, exc_target, &next);
 386
 387         if (exc_target && next == target)
 388                 return retval;
 389
 390         /* halt the target PE */
 391         if (retval == ERROR_OK)
 392                 retval = aarch64_halt_one(next, HALT_LAZY);
 393
 394         if (retval != ERROR_OK)
 395                 return retval;
 396
 397         /* wait for all PEs to halt */
 398         int64_t then = timeval_ms();
 399         for (;;) {
 400                 bool all_halted = true;
 401                 struct target_list *head;
 402                 struct target *curr;
 403
 404                 foreach_smp_target(head, target->head) {
 405                         int halted;
 406
 407                         curr = head->target;
 408
 409                         if (!target_was_examined(curr))
 410                                 continue;
 411
 412                         retval = aarch64_check_state_one(curr, PRSR_HALT, PRSR_HALT, &halted, NULL);
 413                         if (retval != ERROR_OK || !halted) {
 414                                 all_halted = false;
 415                                 break;
 416                         }
 417                 }
 418
 419                 if (all_halted)
 420                         break;
 421
 422                 if (timeval_ms() > then + 1000) {
 423                         retval = ERROR_TARGET_TIMEOUT;
 424                         break;
 425                 }
 426
 427                 /*
 428                  * HACK: on Hi6220 there are 8 cores organized in 2 clusters
 429                  * and it looks like the CTI's are not connected by a common
 430                  * trigger matrix. It seems that we need to halt one core in each
 431                  * cluster explicitly. So if we find that a core has not halted
 432                  * yet, we trigger an explicit halt for the second cluster.
 433                  */
 434                 retval = aarch64_halt_one(curr, HALT_LAZY);
 435                 if (retval != ERROR_OK)
 436                         break;
 437         }
 438
 439         return retval;
 440 }
 441
 442 static int update_halt_gdb(struct target *target, enum target_debug_reason debug_reason)
 443 {
 444         struct target *gdb_target = NULL;
 445         struct target_list *head;
 446         struct target *curr;
 447
 448         if (debug_reason == DBG_REASON_NOTHALTED) {
 449                 LOG_INFO("Halting remaining targets in SMP group");
 450                 aarch64_halt_smp(target, true);
 451         }
 452
 453         /* poll all targets in the group, but skip the target that serves GDB */
 454         foreach_smp_target(head, target->head) {
 455                 curr = head->target;
 456                 /* skip calling context */
 457                 if (curr == target)
 458                         continue;
 459                 if (!target_was_examined(curr))
 460                         continue;
 461                 /* skip targets that were already halted */
 462                 if (curr->state == TARGET_HALTED)
 463                         continue;
 464                 /* remember the gdb_service->target */
 465                 if (curr->gdb_service != NULL)
 466                         gdb_target = curr->gdb_service->target;
 467                 /* skip it */
 468                 if (curr == gdb_target)
 469                         continue;
 470
 471                 /* avoid recursion in aarch64_poll() */
 472                 curr->smp = 0;
 473                 aarch64_poll(curr);
 474                 curr->smp = 1;
 475         }
 476
 477         /* after all targets were updated, poll the gdb serving target */
 478         if (gdb_target != NULL && gdb_target != target)
 479                 aarch64_poll(gdb_target);
 480
 481         return ERROR_OK;
 482 }
 483
 484 /*
 485  * Aarch64 Run control
 486  */
 487
 488 static int aarch64_poll(struct target *target)
 489 {
 490         enum target_state prev_target_state;
 491         int retval = ERROR_OK;
 492         int halted;
 493
 494         retval = aarch64_check_state_one(target,
 495                                 PRSR_HALT, PRSR_HALT, &halted, NULL);
 496         if (retval != ERROR_OK)
 497                 return retval;
 498
 499         if (halted) {
 500                 prev_target_state = target->state;
 501                 if (prev_target_state != TARGET_HALTED) {
 502                         enum target_debug_reason debug_reason = target->debug_reason;
 503
 504                         /* We have a halting debug event */
 505                         target->state = TARGET_HALTED;
 506                         LOG_DEBUG("Target %s halted", target_name(target));
 507                         retval = aarch64_debug_entry(target);
 508                         if (retval != ERROR_OK)
 509                                 return retval;
 510
 511                         if (target->smp)
 512                                 update_halt_gdb(target, debug_reason);
 513
 514                         switch (prev_target_state) {
 515                         case TARGET_RUNNING:
 516                         case TARGET_UNKNOWN:
 517                         case TARGET_RESET:
 518                                 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
 519                                 break;
 520                         case TARGET_DEBUG_RUNNING:
 521                                 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
 522                                 break;
 523                         default:
 524                                 break;
 525                         }
 526                 }
 527         } else
 528                 target->state = TARGET_RUNNING;
 529
 530         return retval;
 531 }
 532
 533 static int aarch64_halt(struct target *target)
 534 {
 535         if (target->smp)
 536                 return aarch64_halt_smp(target, false);
 537
 538         return aarch64_halt_one(target, HALT_SYNC);
 539 }
 540
 541 static int aarch64_restore_one(struct target *target, int current,
 542         uint64_t *address, int handle_breakpoints, int debug_execution)
 543 {
 544         struct armv8_common *armv8 = target_to_armv8(target);
 545         struct arm *arm = &armv8->arm;
 546         int retval;
 547         uint64_t resume_pc;
 548
 549         LOG_DEBUG("%s", target_name(target));
 550
 551         if (!debug_execution)
 552                 target_free_all_working_areas(target);
 553
 554         /* current = 1: continue on current pc, otherwise continue at <address> */
 555         resume_pc = buf_get_u64(arm->pc->value, 0, 64);
 556         if (!current)
 557                 resume_pc = *address;
 558         else
 559                 *address = resume_pc;
 560
 561         /* Make sure that the Armv7 gdb thumb fixups does not
 562          * kill the return address
 563          */
 564         switch (arm->core_state) {
 565                 case ARM_STATE_ARM:
 566                         resume_pc &= 0xFFFFFFFC;
 567                         break;
 568                 case ARM_STATE_AARCH64:
 569                         resume_pc &= 0xFFFFFFFFFFFFFFFC;
 570                         break;
 571                 case ARM_STATE_THUMB:
 572                 case ARM_STATE_THUMB_EE:
 573                         /* When the return address is loaded into PC
 574                          * bit 0 must be 1 to stay in Thumb state
 575                          */
 576                         resume_pc |= 0x1;
 577                         break;
 578                 case ARM_STATE_JAZELLE:
 579                         LOG_ERROR("How do I resume into Jazelle state??");
 580                         return ERROR_FAIL;
 581         }
 582         LOG_DEBUG("resume pc = 0x%016" PRIx64, resume_pc);
 583         buf_set_u64(arm->pc->value, 0, 64, resume_pc);
 584         arm->pc->dirty = 1;
 585         arm->pc->valid = 1;
 586
 587         /* called it now before restoring context because it uses cpu
 588          * register r0 for restoring system control register */
 589         retval = aarch64_restore_system_control_reg(target);
 590         if (retval == ERROR_OK)
 591                 retval = aarch64_restore_context(target, handle_breakpoints);
 592
 593         return retval;
 594 }
 595
 596 /**
 597  * prepare single target for restart
 598  *
 599  *
 600  */
 601 static int aarch64_prepare_restart_one(struct target *target)
 602 {
 603         struct armv8_common *armv8 = target_to_armv8(target);
 604         int retval;
 605         uint32_t dscr;
 606         uint32_t tmp;
 607
 608         LOG_DEBUG("%s", target_name(target));
 609
 610         retval = mem_ap_read_atomic_u32(armv8->debug_ap,
 611                         armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
 612         if (retval != ERROR_OK)
 613                 return retval;
 614
 615         if ((dscr & DSCR_ITE) == 0)
 616                 LOG_ERROR("DSCR.ITE must be set before leaving debug!");
 617         if ((dscr & DSCR_ERR) != 0)
 618                 LOG_ERROR("DSCR.ERR must be cleared before leaving debug!");
 619
 620         /* acknowledge a pending CTI halt event */
 621         retval = arm_cti_ack_events(armv8->cti, CTI_TRIG(HALT));
 622         /*
 623          * open the CTI gate for channel 1 so that the restart events
 624          * get passed along to all PEs. Also close gate for channel 0
 625          * to isolate the PE from halt events.
 626          */
 627         if (retval == ERROR_OK)
 628                 retval = arm_cti_ungate_channel(armv8->cti, 1);
 629         if (retval == ERROR_OK)
 630                 retval = arm_cti_gate_channel(armv8->cti, 0);
 631
 632         /* make sure that DSCR.HDE is set */
 633         if (retval == ERROR_OK) {
 634                 dscr |= DSCR_HDE;
 635                 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
 636                                 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
 637         }
 638
 639         /* clear sticky bits in PRSR, SDR is now 0 */
 640         retval = mem_ap_read_atomic_u32(armv8->debug_ap,
 641                         armv8->debug_base + CPUV8_DBG_PRSR, &tmp);
 642
 643         return retval;
 644 }
 645
 646 static int aarch64_do_restart_one(struct target *target, enum restart_mode mode)
 647 {
 648         struct armv8_common *armv8 = target_to_armv8(target);
 649         int retval;
 650
 651         LOG_DEBUG("%s", target_name(target));
 652
 653         /* trigger an event on channel 1, generates a restart request to the PE */
 654         retval = arm_cti_pulse_channel(armv8->cti, 1);
 655         if (retval != ERROR_OK)
 656                 return retval;
 657
 658         if (mode == RESTART_SYNC) {
 659                 int64_t then = timeval_ms();
 660                 for (;;) {
 661                         int resumed;
 662                         /*
 663                          * if PRSR.SDR is set now, the target did restart, even
 664                          * if it's now already halted again (e.g. due to breakpoint)
 665                          */
 666                         retval = aarch64_check_state_one(target,
 667                                                 PRSR_SDR, PRSR_SDR, &resumed, NULL);
 668                         if (retval != ERROR_OK || resumed)
 669                                 break;
 670
 671                         if (timeval_ms() > then + 1000) {
 672                                 LOG_ERROR("%s: Timeout waiting for resume"PRIx32, target_name(target));
 673                                 retval = ERROR_TARGET_TIMEOUT;
 674                                 break;
 675                         }
 676                 }
 677         }
 678
 679         if (retval != ERROR_OK)
 680                 return retval;
 681
 682         target->debug_reason = DBG_REASON_NOTHALTED;
 683         target->state = TARGET_RUNNING;
 684
 685         return ERROR_OK;
 686 }
 687
 688 static int aarch64_restart_one(struct target *target, enum restart_mode mode)
 689 {
 690         int retval;
 691
 692         LOG_DEBUG("%s", target_name(target));
 693
 694         retval = aarch64_prepare_restart_one(target);
 695         if (retval == ERROR_OK)
 696                 retval = aarch64_do_restart_one(target, mode);
 697
 698         return retval;
 699 }
 700
 701 /*
 702  * prepare all but the current target for restart
 703  */
 704 static int aarch64_prep_restart_smp(struct target *target, int handle_breakpoints, struct target **p_first)
 705 {
 706         int retval = ERROR_OK;
 707         struct target_list *head;
 708         struct target *first = NULL;
 709         uint64_t address;
 710
 711         foreach_smp_target(head, target->head) {
 712                 struct target *curr = head->target;
 713
 714                 /* skip calling target */
 715                 if (curr == target)
 716                         continue;
 717                 if (!target_was_examined(curr))
 718                         continue;
 719                 if (curr->state != TARGET_HALTED)
 720                         continue;
 721
 722                 /*  resume at current address, not in step mode */
 723                 retval = aarch64_restore_one(curr, 1, &address, handle_breakpoints, 0);
 724                 if (retval == ERROR_OK)
 725                         retval = aarch64_prepare_restart_one(curr);
 726                 if (retval != ERROR_OK) {
 727                         LOG_ERROR("failed to restore target %s", target_name(curr));
 728                         break;
 729                 }
 730                 /* remember the first valid target in the group */
 731                 if (first == NULL)
 732                         first = curr;
 733         }
 734
 735         if (p_first)
 736                 *p_first = first;
 737
 738         return retval;
 739 }
 740
 741
 742 static int aarch64_step_restart_smp(struct target *target)
 743 {
 744         int retval = ERROR_OK;
 745         struct target_list *head;
 746         struct target *first = NULL;
 747
 748         LOG_DEBUG("%s", target_name(target));
 749
 750         retval = aarch64_prep_restart_smp(target, 0, &first);
 751         if (retval != ERROR_OK)
 752                 return retval;
 753
 754         if (first != NULL)
 755                 retval = aarch64_do_restart_one(first, RESTART_LAZY);
 756         if (retval != ERROR_OK) {
 757                 LOG_DEBUG("error restarting target %s", target_name(first));
 758                 return retval;
 759         }
 760
 761         int64_t then = timeval_ms();
 762         for (;;) {
 763                 struct target *curr = target;
 764                 bool all_resumed = true;
 765
 766                 foreach_smp_target(head, target->head) {
 767                         uint32_t prsr;
 768                         int resumed;
 769
 770                         curr = head->target;
 771
 772                         if (curr == target)
 773                                 continue;
 774
 775                         retval = aarch64_check_state_one(curr,
 776                                         PRSR_SDR, PRSR_SDR, &resumed, &prsr);
 777                         if (retval != ERROR_OK || (!resumed && (prsr & PRSR_HALT))) {
 778                                 all_resumed = false;
 779                                 break;
 780                         }
 781
 782                         if (curr->state != TARGET_RUNNING) {
 783                                 curr->state = TARGET_RUNNING;
 784                                 curr->debug_reason = DBG_REASON_NOTHALTED;
 785                                 target_call_event_callbacks(curr, TARGET_EVENT_RESUMED);
 786                         }
 787                 }
 788
 789                 if (all_resumed)
 790                         break;
 791
 792                 if (timeval_ms() > then + 1000) {
 793                         LOG_ERROR("%s: timeout waiting for target resume", __func__);
 794                         retval = ERROR_TARGET_TIMEOUT;
 795                         break;
 796                 }
 797                 /*
 798                  * HACK: on Hi6220 there are 8 cores organized in 2 clusters
 799                  * and it looks like the CTI's are not connected by a common
 800                  * trigger matrix. It seems that we need to halt one core in each
 801                  * cluster explicitly. So if we find that a core has not halted
 802                  * yet, we trigger an explicit resume for the second cluster.
 803                  */
 804                 retval = aarch64_do_restart_one(curr, RESTART_LAZY);
 805                 if (retval != ERROR_OK)
 806                         break;
 807 }
 808
 809         return retval;
 810 }
 811
 812 static int aarch64_resume(struct target *target, int current,
 813         target_addr_t address, int handle_breakpoints, int debug_execution)
 814 {
 815         int retval = 0;
 816         uint64_t addr = address;
 817
 818         if (target->state != TARGET_HALTED)
 819                 return ERROR_TARGET_NOT_HALTED;
 820
 821         /*
 822          * If this target is part of a SMP group, prepare the others
 823          * targets for resuming. This involves restoring the complete
 824          * target register context and setting up CTI gates to accept
 825          * resume events from the trigger matrix.
 826          */
 827         if (target->smp) {
 828                 retval = aarch64_prep_restart_smp(target, handle_breakpoints, NULL);
 829                 if (retval != ERROR_OK)
 830                         return retval;
 831         }
 832
 833         /* all targets prepared, restore and restart the current target */
 834         retval = aarch64_restore_one(target, current, &addr, handle_breakpoints,
 835                                  debug_execution);
 836         if (retval == ERROR_OK)
 837                 retval = aarch64_restart_one(target, RESTART_SYNC);
 838         if (retval != ERROR_OK)
 839                 return retval;
 840
 841         if (target->smp) {
 842                 int64_t then = timeval_ms();
 843                 for (;;) {
 844                         struct target *curr = target;
 845                         struct target_list *head;
 846                         bool all_resumed = true;
 847
 848                         foreach_smp_target(head, target->head) {
 849                                 uint32_t prsr;
 850                                 int resumed;
 851
 852                                 curr = head->target;
 853                                 if (curr == target)
 854                                         continue;
 855                                 if (!target_was_examined(curr))
 856                                         continue;
 857
 858                                 retval = aarch64_check_state_one(curr,
 859                                                 PRSR_SDR, PRSR_SDR, &resumed, &prsr);
 860                                 if (retval != ERROR_OK || (!resumed && (prsr & PRSR_HALT))) {
 861                                         all_resumed = false;
 862                                         break;
 863                                 }
 864
 865                                 if (curr->state != TARGET_RUNNING) {
 866                                         curr->state = TARGET_RUNNING;
 867                                         curr->debug_reason = DBG_REASON_NOTHALTED;
 868                                         target_call_event_callbacks(curr, TARGET_EVENT_RESUMED);
 869                                 }
 870                         }
 871
 872                         if (all_resumed)
 873                                 break;
 874
 875                         if (timeval_ms() > then + 1000) {
 876                                 LOG_ERROR("%s: timeout waiting for target %s to resume", __func__, target_name(curr));
 877                                 retval = ERROR_TARGET_TIMEOUT;
 878                                 break;
 879                         }
 880
 881                         /*
 882                          * HACK: on Hi6220 there are 8 cores organized in 2 clusters
 883                          * and it looks like the CTI's are not connected by a common
 884                          * trigger matrix. It seems that we need to halt one core in each
 885                          * cluster explicitly. So if we find that a core has not halted
 886                          * yet, we trigger an explicit resume for the second cluster.
 887                          */
 888                         retval = aarch64_do_restart_one(curr, RESTART_LAZY);
 889                         if (retval != ERROR_OK)
 890                                 break;
 891                 }
 892         }
 893
 894         if (retval != ERROR_OK)
 895                 return retval;
 896
 897         target->debug_reason = DBG_REASON_NOTHALTED;
 898
 899         if (!debug_execution) {
 900                 target->state = TARGET_RUNNING;
 901                 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
 902                 LOG_DEBUG("target resumed at 0x%" PRIx64, addr);
 903         } else {
 904                 target->state = TARGET_DEBUG_RUNNING;
 905                 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
 906                 LOG_DEBUG("target debug resumed at 0x%" PRIx64, addr);
 907         }
 908
 909         return ERROR_OK;
 910 }
 911
 912 static int aarch64_debug_entry(struct target *target)
 913 {
 914         int retval = ERROR_OK;
 915         struct armv8_common *armv8 = target_to_armv8(target);
 916         struct arm_dpm *dpm = &armv8->dpm;
 917         enum arm_state core_state;
 918         uint32_t dscr;
 919
 920         /* make sure to clear all sticky errors */
 921         retval = mem_ap_write_atomic_u32(armv8->debug_ap,
 922                         armv8->debug_base + CPUV8_DBG_DRCR, DRCR_CSE);
 923         if (retval == ERROR_OK)
 924                 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
 925                                 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
 926         if (retval == ERROR_OK)
 927                 retval = arm_cti_ack_events(armv8->cti, CTI_TRIG(HALT));
 928
 929         if (retval != ERROR_OK)
 930                 return retval;
 931
 932         LOG_DEBUG("%s dscr = 0x%08" PRIx32, target_name(target), dscr);
 933
 934         dpm->dscr = dscr;
 935         core_state = armv8_dpm_get_core_state(dpm);
 936         armv8_select_opcodes(armv8, core_state == ARM_STATE_AARCH64);
 937         armv8_select_reg_access(armv8, core_state == ARM_STATE_AARCH64);
 938
 939         /* close the CTI gate for all events */
 940         if (retval == ERROR_OK)
 941                 retval = arm_cti_write_reg(armv8->cti, CTI_GATE, 0);
 942         /* discard async exceptions */
 943         if (retval == ERROR_OK)
 944                 retval = dpm->instr_cpsr_sync(dpm);
 945         if (retval != ERROR_OK)
 946                 return retval;
 947
 948         /* Examine debug reason */
 949         armv8_dpm_report_dscr(dpm, dscr);
 950
 951         /* save address of instruction that triggered the watchpoint? */
 952         if (target->debug_reason == DBG_REASON_WATCHPOINT) {
 953                 uint32_t tmp;
 954                 uint64_t wfar = 0;
 955
 956                 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
 957                                 armv8->debug_base + CPUV8_DBG_WFAR1,
 958                                 &tmp);
 959                 if (retval != ERROR_OK)
 960                         return retval;
 961                 wfar = tmp;
 962                 wfar = (wfar << 32);
 963                 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
 964                                 armv8->debug_base + CPUV8_DBG_WFAR0,
 965                                 &tmp);
 966                 if (retval != ERROR_OK)
 967                         return retval;
 968                 wfar |= tmp;
 969                 armv8_dpm_report_wfar(&armv8->dpm, wfar);
 970         }
 971
 972         retval = armv8_dpm_read_current_registers(&armv8->dpm);
 973
 974         if (retval == ERROR_OK && armv8->post_debug_entry)
 975                 retval = armv8->post_debug_entry(target);
 976
 977         return retval;
 978 }
 979
 980 static int aarch64_post_debug_entry(struct target *target)
 981 {
 982         struct aarch64_common *aarch64 = target_to_aarch64(target);
 983         struct armv8_common *armv8 = &aarch64->armv8_common;
 984         int retval;
 985         enum arm_mode target_mode = ARM_MODE_ANY;
 986         uint32_t instr;
 987
 988         switch (armv8->arm.core_mode) {
 989         case ARMV8_64_EL0T:
 990                 target_mode = ARMV8_64_EL1H;
 991                 /* fall through */
 992         case ARMV8_64_EL1T:
 993         case ARMV8_64_EL1H:
 994                 instr = ARMV8_MRS(SYSTEM_SCTLR_EL1, 0);
 995                 break;
 996         case ARMV8_64_EL2T:
 997         case ARMV8_64_EL2H:
 998                 instr = ARMV8_MRS(SYSTEM_SCTLR_EL2, 0);
 999                 break;
1000         case ARMV8_64_EL3H:
1001         case ARMV8_64_EL3T:
1002                 instr = ARMV8_MRS(SYSTEM_SCTLR_EL3, 0);
1003                 break;
1004
1005         case ARM_MODE_SVC:
1006         case ARM_MODE_ABT:
1007         case ARM_MODE_FIQ:
1008         case ARM_MODE_IRQ:
1009                 instr = ARMV4_5_MRC(15, 0, 0, 1, 0, 0);
1010                 break;
1011
1012         default:
1013                 LOG_INFO("cannot read system control register in this mode");
1014                 return ERROR_FAIL;
1015         }
1016
1017         if (target_mode != ARM_MODE_ANY)
1018                 armv8_dpm_modeswitch(&armv8->dpm, target_mode);
1019
1020         retval = armv8->dpm.instr_read_data_r0(&armv8->dpm, instr, &aarch64->system_control_reg);
1021         if (retval != ERROR_OK)
1022                 return retval;
1023
1024         if (target_mode != ARM_MODE_ANY)
1025                 armv8_dpm_modeswitch(&armv8->dpm, ARM_MODE_ANY);
1026
1027         LOG_DEBUG("System_register: %8.8" PRIx32, aarch64->system_control_reg);
1028         aarch64->system_control_reg_curr = aarch64->system_control_reg;
1029
1030         if (armv8->armv8_mmu.armv8_cache.info == -1) {
1031                 armv8_identify_cache(armv8);
1032                 armv8_read_mpidr(armv8);
1033         }
1034
1035         armv8->armv8_mmu.mmu_enabled =
1036                         (aarch64->system_control_reg & 0x1U) ? 1 : 0;
1037         armv8->armv8_mmu.armv8_cache.d_u_cache_enabled =
1038                 (aarch64->system_control_reg & 0x4U) ? 1 : 0;
1039         armv8->armv8_mmu.armv8_cache.i_cache_enabled =
1040                 (aarch64->system_control_reg & 0x1000U) ? 1 : 0;
1041         return ERROR_OK;
1042 }
1043
1044 /*
1045  * single-step a target
1046  */
1047 static int aarch64_step(struct target *target, int current, target_addr_t address,
1048         int handle_breakpoints)
1049 {
1050         struct armv8_common *armv8 = target_to_armv8(target);
1051         int saved_retval = ERROR_OK;
1052         int retval;
1053         uint32_t edecr;
1054
1055         if (target->state != TARGET_HALTED) {
1056                 LOG_WARNING("target not halted");
1057                 return ERROR_TARGET_NOT_HALTED;
1058         }
1059
1060         retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1061                         armv8->debug_base + CPUV8_DBG_EDECR, &edecr);
1062         /* make sure EDECR.SS is not set when restoring the register */
1063
1064         if (retval == ERROR_OK) {
1065                 edecr &= ~0x4;
1066                 /* set EDECR.SS to enter hardware step mode */
1067                 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1068                                 armv8->debug_base + CPUV8_DBG_EDECR, (edecr|0x4));
1069         }
1070         /* disable interrupts while stepping */
1071         if (retval == ERROR_OK)
1072                 retval = aarch64_set_dscr_bits(target, 0x3 << 22, 0x3 << 22);
1073         /* bail out if stepping setup has failed */
1074         if (retval != ERROR_OK)
1075                 return retval;
1076
1077         if (target->smp && !handle_breakpoints) {
1078                 /*
1079                  * isolate current target so that it doesn't get resumed
1080                  * together with the others
1081                  */
1082                 retval = arm_cti_gate_channel(armv8->cti, 1);
1083                 /* resume all other targets in the group */
1084                 if (retval == ERROR_OK)
1085                         retval = aarch64_step_restart_smp(target);
1086                 if (retval != ERROR_OK) {
1087                         LOG_ERROR("Failed to restart non-stepping targets in SMP group");
1088                         return retval;
1089                 }
1090                 LOG_DEBUG("Restarted all non-stepping targets in SMP group");
1091         }
1092
1093         /* all other targets running, restore and restart the current target */
1094         retval = aarch64_restore_one(target, current, &address, 0, 0);
1095         if (retval == ERROR_OK)
1096                 retval = aarch64_restart_one(target, RESTART_LAZY);
1097
1098         if (retval != ERROR_OK)
1099                 return retval;
1100
1101         LOG_DEBUG("target step-resumed at 0x%" PRIx64, address);
1102         if (!handle_breakpoints)
1103                 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1104
1105         int64_t then = timeval_ms();
1106         for (;;) {
1107                 int stepped;
1108                 uint32_t prsr;
1109
1110                 retval = aarch64_check_state_one(target,
1111                                         PRSR_SDR|PRSR_HALT, PRSR_SDR|PRSR_HALT, &stepped, &prsr);
1112                 if (retval != ERROR_OK || stepped)
1113                         break;
1114
1115                 if (timeval_ms() > then + 1000) {
1116                         LOG_ERROR("timeout waiting for target %s halt after step",
1117                                         target_name(target));
1118                         retval = ERROR_TARGET_TIMEOUT;
1119                         break;
1120                 }
1121         }
1122
1123         if (retval == ERROR_TARGET_TIMEOUT)
1124                 saved_retval = retval;
1125
1126         /* restore EDECR */
1127         retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1128                         armv8->debug_base + CPUV8_DBG_EDECR, edecr);
1129         if (retval != ERROR_OK)
1130                 return retval;
1131
1132         /* restore interrupts */
1133         retval = aarch64_set_dscr_bits(target, 0x3 << 22, 0);
1134         if (retval != ERROR_OK)
1135                 return ERROR_OK;
1136
1137         if (saved_retval != ERROR_OK)
1138                 return saved_retval;
1139
1140         return aarch64_poll(target);
1141 }
1142
1143 static int aarch64_restore_context(struct target *target, bool bpwp)
1144 {
1145         struct armv8_common *armv8 = target_to_armv8(target);
1146         struct arm *arm = &armv8->arm;
1147
1148         int retval;
1149
1150         LOG_DEBUG("%s", target_name(target));
1151
1152         if (armv8->pre_restore_context)
1153                 armv8->pre_restore_context(target);
1154
1155         retval = armv8_dpm_write_dirty_registers(&armv8->dpm, bpwp);
1156         if (retval == ERROR_OK) {
1157                 /* registers are now invalid */
1158                 register_cache_invalidate(arm->core_cache);
1159                 register_cache_invalidate(arm->core_cache->next);
1160         }
1161
1162         return retval;
1163 }
1164
1165 /*
1166  * Cortex-A8 Breakpoint and watchpoint functions
1167  */
1168
1169 /* Setup hardware Breakpoint Register Pair */
1170 static int aarch64_set_breakpoint(struct target *target,
1171         struct breakpoint *breakpoint, uint8_t matchmode)
1172 {
1173         int retval;
1174         int brp_i = 0;
1175         uint32_t control;
1176         uint8_t byte_addr_select = 0x0F;
1177         struct aarch64_common *aarch64 = target_to_aarch64(target);
1178         struct armv8_common *armv8 = &aarch64->armv8_common;
1179         struct aarch64_brp *brp_list = aarch64->brp_list;
1180
1181         if (breakpoint->set) {
1182                 LOG_WARNING("breakpoint already set");
1183                 return ERROR_OK;
1184         }
1185
1186         if (breakpoint->type == BKPT_HARD) {
1187                 int64_t bpt_value;
1188                 while (brp_list[brp_i].used && (brp_i < aarch64->brp_num))
1189                         brp_i++;
1190                 if (brp_i >= aarch64->brp_num) {
1191                         LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1192                         return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1193                 }
1194                 breakpoint->set = brp_i + 1;
1195                 if (breakpoint->length == 2)
1196                         byte_addr_select = (3 << (breakpoint->address & 0x02));
1197                 control = ((matchmode & 0x7) << 20)
1198                         | (1 << 13)
1199                         | (byte_addr_select << 5)
1200                         | (3 << 1) | 1;
1201                 brp_list[brp_i].used = 1;
1202                 brp_list[brp_i].value = breakpoint->address & 0xFFFFFFFFFFFFFFFC;
1203                 brp_list[brp_i].control = control;
1204                 bpt_value = brp_list[brp_i].value;
1205
1206                 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1207                                 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_i].BRPn,
1208                                 (uint32_t)(bpt_value & 0xFFFFFFFF));
1209                 if (retval != ERROR_OK)
1210                         return retval;
1211                 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1212                                 + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_i].BRPn,
1213                                 (uint32_t)(bpt_value >> 32));
1214                 if (retval != ERROR_OK)
1215                         return retval;
1216
1217                 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1218                                 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_i].BRPn,
1219                                 brp_list[brp_i].control);
1220                 if (retval != ERROR_OK)
1221                         return retval;
1222                 LOG_DEBUG("brp %i control 0x%0" PRIx32 " value 0x%" TARGET_PRIxADDR, brp_i,
1223                         brp_list[brp_i].control,
1224                         brp_list[brp_i].value);
1225
1226         } else if (breakpoint->type == BKPT_SOFT) {
1227                 uint8_t code[4];
1228
1229                 buf_set_u32(code, 0, 32, armv8_opcode(armv8, ARMV8_OPC_HLT));
1230                 retval = target_read_memory(target,
1231                                 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1232                                 breakpoint->length, 1,
1233                                 breakpoint->orig_instr);
1234                 if (retval != ERROR_OK)
1235                         return retval;
1236
1237                 armv8_cache_d_inner_flush_virt(armv8,
1238                                 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1239                                 breakpoint->length);
1240
1241                 retval = target_write_memory(target,
1242                                 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1243                                 breakpoint->length, 1, code);
1244                 if (retval != ERROR_OK)
1245                         return retval;
1246
1247                 armv8_cache_d_inner_flush_virt(armv8,
1248                                 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1249                                 breakpoint->length);
1250
1251                 armv8_cache_i_inner_inval_virt(armv8,
1252                                 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1253                                 breakpoint->length);
1254
1255                 breakpoint->set = 0x11; /* Any nice value but 0 */
1256         }
1257
1258         /* Ensure that halting debug mode is enable */
1259         retval = aarch64_set_dscr_bits(target, DSCR_HDE, DSCR_HDE);
1260         if (retval != ERROR_OK) {
1261                 LOG_DEBUG("Failed to set DSCR.HDE");
1262                 return retval;
1263         }
1264
1265         return ERROR_OK;
1266 }
1267
1268 static int aarch64_set_context_breakpoint(struct target *target,
1269         struct breakpoint *breakpoint, uint8_t matchmode)
1270 {
1271         int retval = ERROR_FAIL;
1272         int brp_i = 0;
1273         uint32_t control;
1274         uint8_t byte_addr_select = 0x0F;
1275         struct aarch64_common *aarch64 = target_to_aarch64(target);
1276         struct armv8_common *armv8 = &aarch64->armv8_common;
1277         struct aarch64_brp *brp_list = aarch64->brp_list;
1278
1279         if (breakpoint->set) {
1280                 LOG_WARNING("breakpoint already set");
1281                 return retval;
1282         }
1283         /*check available context BRPs*/
1284         while ((brp_list[brp_i].used ||
1285                 (brp_list[brp_i].type != BRP_CONTEXT)) && (brp_i < aarch64->brp_num))
1286                 brp_i++;
1287
1288         if (brp_i >= aarch64->brp_num) {
1289                 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1290                 return ERROR_FAIL;
1291         }
1292
1293         breakpoint->set = brp_i + 1;
1294         control = ((matchmode & 0x7) << 20)
1295                 | (1 << 13)
1296                 | (byte_addr_select << 5)
1297                 | (3 << 1) | 1;
1298         brp_list[brp_i].used = 1;
1299         brp_list[brp_i].value = (breakpoint->asid);
1300         brp_list[brp_i].control = control;
1301         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1302                         + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_i].BRPn,
1303                         brp_list[brp_i].value);
1304         if (retval != ERROR_OK)
1305                 return retval;
1306         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1307                         + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_i].BRPn,
1308                         brp_list[brp_i].control);
1309         if (retval != ERROR_OK)
1310                 return retval;
1311         LOG_DEBUG("brp %i control 0x%0" PRIx32 " value 0x%" TARGET_PRIxADDR, brp_i,
1312                 brp_list[brp_i].control,
1313                 brp_list[brp_i].value);
1314         return ERROR_OK;
1315
1316 }
1317
1318 static int aarch64_set_hybrid_breakpoint(struct target *target, struct breakpoint *breakpoint)
1319 {
1320         int retval = ERROR_FAIL;
1321         int brp_1 = 0;  /* holds the contextID pair */
1322         int brp_2 = 0;  /* holds the IVA pair */
1323         uint32_t control_CTX, control_IVA;
1324         uint8_t CTX_byte_addr_select = 0x0F;
1325         uint8_t IVA_byte_addr_select = 0x0F;
1326         uint8_t CTX_machmode = 0x03;
1327         uint8_t IVA_machmode = 0x01;
1328         struct aarch64_common *aarch64 = target_to_aarch64(target);
1329         struct armv8_common *armv8 = &aarch64->armv8_common;
1330         struct aarch64_brp *brp_list = aarch64->brp_list;
1331
1332         if (breakpoint->set) {
1333                 LOG_WARNING("breakpoint already set");
1334                 return retval;
1335         }
1336         /*check available context BRPs*/
1337         while ((brp_list[brp_1].used ||
1338                 (brp_list[brp_1].type != BRP_CONTEXT)) && (brp_1 < aarch64->brp_num))
1339                 brp_1++;
1340
1341         printf("brp(CTX) found num: %d\n", brp_1);
1342         if (brp_1 >= aarch64->brp_num) {
1343                 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1344                 return ERROR_FAIL;
1345         }
1346
1347         while ((brp_list[brp_2].used ||
1348                 (brp_list[brp_2].type != BRP_NORMAL)) && (brp_2 < aarch64->brp_num))
1349                 brp_2++;
1350
1351         printf("brp(IVA) found num: %d\n", brp_2);
1352         if (brp_2 >= aarch64->brp_num) {
1353                 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1354                 return ERROR_FAIL;
1355         }
1356
1357         breakpoint->set = brp_1 + 1;
1358         breakpoint->linked_BRP = brp_2;
1359         control_CTX = ((CTX_machmode & 0x7) << 20)
1360                 | (brp_2 << 16)
1361                 | (0 << 14)
1362                 | (CTX_byte_addr_select << 5)
1363                 | (3 << 1) | 1;
1364         brp_list[brp_1].used = 1;
1365         brp_list[brp_1].value = (breakpoint->asid);
1366         brp_list[brp_1].control = control_CTX;
1367         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1368                         + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_1].BRPn,
1369                         brp_list[brp_1].value);
1370         if (retval != ERROR_OK)
1371                 return retval;
1372         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1373                         + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_1].BRPn,
1374                         brp_list[brp_1].control);
1375         if (retval != ERROR_OK)
1376                 return retval;
1377
1378         control_IVA = ((IVA_machmode & 0x7) << 20)
1379                 | (brp_1 << 16)
1380                 | (1 << 13)
1381                 | (IVA_byte_addr_select << 5)
1382                 | (3 << 1) | 1;
1383         brp_list[brp_2].used = 1;
1384         brp_list[brp_2].value = breakpoint->address & 0xFFFFFFFFFFFFFFFC;
1385         brp_list[brp_2].control = control_IVA;
1386         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1387                         + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_2].BRPn,
1388                         brp_list[brp_2].value & 0xFFFFFFFF);
1389         if (retval != ERROR_OK)
1390                 return retval;
1391         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1392                         + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_2].BRPn,
1393                         brp_list[brp_2].value >> 32);
1394         if (retval != ERROR_OK)
1395                 return retval;
1396         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1397                         + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_2].BRPn,
1398                         brp_list[brp_2].control);
1399         if (retval != ERROR_OK)
1400                 return retval;
1401
1402         return ERROR_OK;
1403 }
1404
1405 static int aarch64_unset_breakpoint(struct target *target, struct breakpoint *breakpoint)
1406 {
1407         int retval;
1408         struct aarch64_common *aarch64 = target_to_aarch64(target);
1409         struct armv8_common *armv8 = &aarch64->armv8_common;
1410         struct aarch64_brp *brp_list = aarch64->brp_list;
1411
1412         if (!breakpoint->set) {
1413                 LOG_WARNING("breakpoint not set");
1414                 return ERROR_OK;
1415         }
1416
1417         if (breakpoint->type == BKPT_HARD) {
1418                 if ((breakpoint->address != 0) && (breakpoint->asid != 0)) {
1419                         int brp_i = breakpoint->set - 1;
1420                         int brp_j = breakpoint->linked_BRP;
1421                         if ((brp_i < 0) || (brp_i >= aarch64->brp_num)) {
1422                                 LOG_DEBUG("Invalid BRP number in breakpoint");
1423                                 return ERROR_OK;
1424                         }
1425                         LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%" TARGET_PRIxADDR, brp_i,
1426                                 brp_list[brp_i].control, brp_list[brp_i].value);
1427                         brp_list[brp_i].used = 0;
1428                         brp_list[brp_i].value = 0;
1429                         brp_list[brp_i].control = 0;
1430                         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1431                                         + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_i].BRPn,
1432                                         brp_list[brp_i].control);
1433                         if (retval != ERROR_OK)
1434                                 return retval;
1435                         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1436                                         + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_i].BRPn,
1437                                         (uint32_t)brp_list[brp_i].value);
1438                         if (retval != ERROR_OK)
1439                                 return retval;
1440                         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1441                                         + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_i].BRPn,
1442                                         (uint32_t)brp_list[brp_i].value);
1443                         if (retval != ERROR_OK)
1444                                 return retval;
1445                         if ((brp_j < 0) || (brp_j >= aarch64->brp_num)) {
1446                                 LOG_DEBUG("Invalid BRP number in breakpoint");
1447                                 return ERROR_OK;
1448                         }
1449                         LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%0" PRIx64, brp_j,
1450                                 brp_list[brp_j].control, brp_list[brp_j].value);
1451                         brp_list[brp_j].used = 0;
1452                         brp_list[brp_j].value = 0;
1453                         brp_list[brp_j].control = 0;
1454                         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1455                                         + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_j].BRPn,
1456                                         brp_list[brp_j].control);
1457                         if (retval != ERROR_OK)
1458                                 return retval;
1459                         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1460                                         + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_j].BRPn,
1461                                         (uint32_t)brp_list[brp_j].value);
1462                         if (retval != ERROR_OK)
1463                                 return retval;
1464                         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1465                                         + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_j].BRPn,
1466                                         (uint32_t)brp_list[brp_j].value);
1467                         if (retval != ERROR_OK)
1468                                 return retval;
1469
1470                         breakpoint->linked_BRP = 0;
1471                         breakpoint->set = 0;
1472                         return ERROR_OK;
1473
1474                 } else {
1475                         int brp_i = breakpoint->set - 1;
1476                         if ((brp_i < 0) || (brp_i >= aarch64->brp_num)) {
1477                                 LOG_DEBUG("Invalid BRP number in breakpoint");
1478                                 return ERROR_OK;
1479                         }
1480                         LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%0" PRIx64, brp_i,
1481                                 brp_list[brp_i].control, brp_list[brp_i].value);
1482                         brp_list[brp_i].used = 0;
1483                         brp_list[brp_i].value = 0;
1484                         brp_list[brp_i].control = 0;
1485                         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1486                                         + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_i].BRPn,
1487                                         brp_list[brp_i].control);
1488                         if (retval != ERROR_OK)
1489                                 return retval;
1490                         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1491                                         + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_i].BRPn,
1492                                         brp_list[brp_i].value);
1493                         if (retval != ERROR_OK)
1494                                 return retval;
1495
1496                         retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1497                                         + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_i].BRPn,
1498                                         (uint32_t)brp_list[brp_i].value);
1499                         if (retval != ERROR_OK)
1500                                 return retval;
1501                         breakpoint->set = 0;
1502                         return ERROR_OK;
1503                 }
1504         } else {
1505                 /* restore original instruction (kept in target endianness) */
1506
1507                 armv8_cache_d_inner_flush_virt(armv8,
1508                                 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1509                                 breakpoint->length);
1510
1511                 if (breakpoint->length == 4) {
1512                         retval = target_write_memory(target,
1513                                         breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1514                                         4, 1, breakpoint->orig_instr);
1515                         if (retval != ERROR_OK)
1516                                 return retval;
1517                 } else {
1518                         retval = target_write_memory(target,
1519                                         breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1520                                         2, 1, breakpoint->orig_instr);
1521                         if (retval != ERROR_OK)
1522                                 return retval;
1523                 }
1524
1525                 armv8_cache_d_inner_flush_virt(armv8,
1526                                 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1527                                 breakpoint->length);
1528
1529                 armv8_cache_i_inner_inval_virt(armv8,
1530                                 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1531                                 breakpoint->length);
1532         }
1533         breakpoint->set = 0;
1534
1535         return ERROR_OK;
1536 }
1537
1538 static int aarch64_add_breakpoint(struct target *target,
1539         struct breakpoint *breakpoint)
1540 {
1541         struct aarch64_common *aarch64 = target_to_aarch64(target);
1542
1543         if ((breakpoint->type == BKPT_HARD) && (aarch64->brp_num_available < 1)) {
1544                 LOG_INFO("no hardware breakpoint available");
1545                 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1546         }
1547
1548         if (breakpoint->type == BKPT_HARD)
1549                 aarch64->brp_num_available--;
1550
1551         return aarch64_set_breakpoint(target, breakpoint, 0x00);        /* Exact match */
1552 }
1553
1554 static int aarch64_add_context_breakpoint(struct target *target,
1555         struct breakpoint *breakpoint)
1556 {
1557         struct aarch64_common *aarch64 = target_to_aarch64(target);
1558
1559         if ((breakpoint->type == BKPT_HARD) && (aarch64->brp_num_available < 1)) {
1560                 LOG_INFO("no hardware breakpoint available");
1561                 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1562         }
1563
1564         if (breakpoint->type == BKPT_HARD)
1565                 aarch64->brp_num_available--;
1566
1567         return aarch64_set_context_breakpoint(target, breakpoint, 0x02);        /* asid match */
1568 }
1569
1570 static int aarch64_add_hybrid_breakpoint(struct target *target,
1571         struct breakpoint *breakpoint)
1572 {
1573         struct aarch64_common *aarch64 = target_to_aarch64(target);
1574
1575         if ((breakpoint->type == BKPT_HARD) && (aarch64->brp_num_available < 1)) {
1576                 LOG_INFO("no hardware breakpoint available");
1577                 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1578         }
1579
1580         if (breakpoint->type == BKPT_HARD)
1581                 aarch64->brp_num_available--;
1582
1583         return aarch64_set_hybrid_breakpoint(target, breakpoint);       /* ??? */
1584 }
1585
1586
1587 static int aarch64_remove_breakpoint(struct target *target, struct breakpoint *breakpoint)
1588 {
1589         struct aarch64_common *aarch64 = target_to_aarch64(target);
1590
1591 #if 0
1592 /* It is perfectly possible to remove breakpoints while the target is running */
1593         if (target->state != TARGET_HALTED) {
1594                 LOG_WARNING("target not halted");
1595                 return ERROR_TARGET_NOT_HALTED;
1596         }
1597 #endif
1598
1599         if (breakpoint->set) {
1600                 aarch64_unset_breakpoint(target, breakpoint);
1601                 if (breakpoint->type == BKPT_HARD)
1602                         aarch64->brp_num_available++;
1603         }
1604
1605         return ERROR_OK;
1606 }
1607
1608 /*
1609  * Cortex-A8 Reset functions
1610  */
1611
1612 static int aarch64_assert_reset(struct target *target)
1613 {
1614         struct armv8_common *armv8 = target_to_armv8(target);
1615
1616         LOG_DEBUG(" ");
1617
1618         /* FIXME when halt is requested, make it work somehow... */
1619
1620         /* Issue some kind of warm reset. */
1621         if (target_has_event_action(target, TARGET_EVENT_RESET_ASSERT))
1622                 target_handle_event(target, TARGET_EVENT_RESET_ASSERT);
1623         else if (jtag_get_reset_config() & RESET_HAS_SRST) {
1624                 /* REVISIT handle "pulls" cases, if there's
1625                  * hardware that needs them to work.
1626                  */
1627                 jtag_add_reset(0, 1);
1628         } else {
1629                 LOG_ERROR("%s: how to reset?", target_name(target));
1630                 return ERROR_FAIL;
1631         }
1632
1633         /* registers are now invalid */
1634         if (target_was_examined(target)) {
1635                 register_cache_invalidate(armv8->arm.core_cache);
1636                 register_cache_invalidate(armv8->arm.core_cache->next);
1637         }
1638
1639         target->state = TARGET_RESET;
1640
1641         return ERROR_OK;
1642 }
1643
1644 static int aarch64_deassert_reset(struct target *target)
1645 {
1646         int retval;
1647
1648         LOG_DEBUG(" ");
1649
1650         /* be certain SRST is off */
1651         jtag_add_reset(0, 0);
1652
1653         if (!target_was_examined(target))
1654                 return ERROR_OK;
1655
1656         retval = aarch64_poll(target);
1657         if (retval != ERROR_OK)
1658                 return retval;
1659
1660         if (target->reset_halt) {
1661                 if (target->state != TARGET_HALTED) {
1662                         LOG_WARNING("%s: ran after reset and before halt ...",
1663                                 target_name(target));
1664                         retval = target_halt(target);
1665                         if (retval != ERROR_OK)
1666                                 return retval;
1667                 }
1668         }
1669
1670         return aarch64_init_debug_access(target);
1671 }
1672
1673 static int aarch64_write_apb_ap_memory(struct target *target,
1674         uint64_t address, uint32_t size,
1675         uint32_t count, const uint8_t *buffer)
1676 {
1677         /* write memory through APB-AP */
1678         int retval = ERROR_COMMAND_SYNTAX_ERROR;
1679         struct armv8_common *armv8 = target_to_armv8(target);
1680         struct arm_dpm *dpm = &armv8->dpm;
1681         struct arm *arm = &armv8->arm;
1682         int total_bytes = count * size;
1683         int total_u32;
1684         int start_byte = address & 0x3;
1685         int end_byte   = (address + total_bytes) & 0x3;
1686         struct reg *reg;
1687         uint32_t dscr;
1688         uint8_t *tmp_buff = NULL;
1689
1690         if (target->state != TARGET_HALTED) {
1691                 LOG_WARNING("target not halted");
1692                 return ERROR_TARGET_NOT_HALTED;
1693         }
1694
1695         total_u32 = DIV_ROUND_UP((address & 3) + total_bytes, 4);
1696
1697         /* Mark register R0 as dirty, as it will be used
1698          * for transferring the data.
1699          * It will be restored automatically when exiting
1700          * debug mode
1701          */
1702         reg = armv8_reg_current(arm, 1);
1703         reg->dirty = true;
1704
1705         reg = armv8_reg_current(arm, 0);
1706         reg->dirty = true;
1707
1708         /* This algorithm comes from DDI0487A.g, chapter J9.1 */
1709
1710         /* The algorithm only copies 32 bit words, so the buffer
1711          * should be expanded to include the words at either end.
1712          * The first and last words will be read first to avoid
1713          * corruption if needed.
1714          */
1715         tmp_buff = malloc(total_u32 * 4);
1716
1717         if ((start_byte != 0) && (total_u32 > 1)) {
1718                 /* First bytes not aligned - read the 32 bit word to avoid corrupting
1719                  * the other bytes in the word.
1720                  */
1721                 retval = aarch64_read_apb_ap_memory(target, (address & ~0x3), 4, 1, tmp_buff);
1722                 if (retval != ERROR_OK)
1723                         goto error_free_buff_w;
1724         }
1725
1726         /* If end of write is not aligned, or the write is less than 4 bytes */
1727         if ((end_byte != 0) ||
1728                 ((total_u32 == 1) && (total_bytes != 4))) {
1729
1730                 /* Read the last word to avoid corruption during 32 bit write */
1731                 int mem_offset = (total_u32-1) * 4;
1732                 retval = aarch64_read_apb_ap_memory(target, (address & ~0x3) + mem_offset, 4, 1, &tmp_buff[mem_offset]);
1733                 if (retval != ERROR_OK)
1734                         goto error_free_buff_w;
1735         }
1736
1737         /* Copy the write buffer over the top of the temporary buffer */
1738         memcpy(&tmp_buff[start_byte], buffer, total_bytes);
1739
1740         /* We now have a 32 bit aligned buffer that can be written */
1741
1742         /* Read DSCR */
1743         retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1744                         armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1745         if (retval != ERROR_OK)
1746                 goto error_free_buff_w;
1747
1748         /* Set Normal access mode  */
1749         dscr = (dscr & ~DSCR_MA);
1750         retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1751                         armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1752
1753         if (arm->core_state == ARM_STATE_AARCH64) {
1754                 /* Write X0 with value 'address' using write procedure */
1755                 /* Step 1.a+b - Write the address for read access into DBGDTR_EL0 */
1756                 /* Step 1.c   - Copy value from DTR to R0 using instruction mrs DBGDTR_EL0, x0 */
1757                 retval = dpm->instr_write_data_dcc_64(dpm,
1758                                 ARMV8_MRS(SYSTEM_DBG_DBGDTR_EL0, 0), address & ~0x3ULL);
1759         } else {
1760                 /* Write R0 with value 'address' using write procedure */
1761                 /* Step 1.a+b - Write the address for read access into DBGDTRRX */
1762                 /* Step 1.c   - Copy value from DTR to R0 using instruction mrc DBGDTRTXint, r0 */
1763                 dpm->instr_write_data_dcc(dpm,
1764                                 ARMV4_5_MRC(14, 0, 0, 0, 5, 0), address & ~0x3ULL);
1765
1766         }
1767         /* Step 1.d   - Change DCC to memory mode */
1768         dscr = dscr | DSCR_MA;
1769         retval +=  mem_ap_write_atomic_u32(armv8->debug_ap,
1770                         armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1771         if (retval != ERROR_OK)
1772                 goto error_unset_dtr_w;
1773
1774
1775         /* Step 2.a   - Do the write */
1776         retval = mem_ap_write_buf_noincr(armv8->debug_ap,
1777                                         tmp_buff, 4, total_u32, armv8->debug_base + CPUV8_DBG_DTRRX);
1778         if (retval != ERROR_OK)
1779                 goto error_unset_dtr_w;
1780
1781         /* Step 3.a   - Switch DTR mode back to Normal mode */
1782         dscr = (dscr & ~DSCR_MA);
1783         retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1784                                 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1785         if (retval != ERROR_OK)
1786                 goto error_unset_dtr_w;
1787
1788         /* Check for sticky abort flags in the DSCR */
1789         retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1790                                 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1791         if (retval != ERROR_OK)
1792                 goto error_free_buff_w;
1793
1794         dpm->dscr = dscr;
1795         if (dscr & (DSCR_ERR | DSCR_SYS_ERROR_PEND)) {
1796                 /* Abort occurred - clear it and exit */
1797                 LOG_ERROR("abort occurred - dscr = 0x%08" PRIx32, dscr);
1798                 armv8_dpm_handle_exception(dpm);
1799                 goto error_free_buff_w;
1800         }
1801
1802         /* Done */
1803         free(tmp_buff);
1804         return ERROR_OK;
1805
1806 error_unset_dtr_w:
1807         /* Unset DTR mode */
1808         mem_ap_read_atomic_u32(armv8->debug_ap,
1809                                 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1810         dscr = (dscr & ~DSCR_MA);
1811         mem_ap_write_atomic_u32(armv8->debug_ap,
1812                                 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1813 error_free_buff_w:
1814         LOG_ERROR("error");
1815         free(tmp_buff);
1816         return ERROR_FAIL;
1817 }
1818
1819 static int aarch64_read_apb_ap_memory(struct target *target,
1820         target_addr_t address, uint32_t size,
1821         uint32_t count, uint8_t *buffer)
1822 {
1823         /* read memory through APB-AP */
1824         int retval = ERROR_COMMAND_SYNTAX_ERROR;
1825         struct armv8_common *armv8 = target_to_armv8(target);
1826         struct arm_dpm *dpm = &armv8->dpm;
1827         struct arm *arm = &armv8->arm;
1828         int total_bytes = count * size;
1829         int total_u32;
1830         int start_byte = address & 0x3;
1831         int end_byte   = (address + total_bytes) & 0x3;
1832         struct reg *reg;
1833         uint32_t dscr;
1834         uint8_t *tmp_buff = NULL;
1835         uint8_t *u8buf_ptr;
1836         uint32_t value;
1837
1838         if (target->state != TARGET_HALTED) {
1839                 LOG_WARNING("target not halted");
1840                 return ERROR_TARGET_NOT_HALTED;
1841         }
1842
1843         total_u32 = DIV_ROUND_UP((address & 3) + total_bytes, 4);
1844         /* Mark register X0, X1 as dirty, as it will be used
1845          * for transferring the data.
1846          * It will be restored automatically when exiting
1847          * debug mode
1848          */
1849         reg = armv8_reg_current(arm, 1);
1850         reg->dirty = true;
1851
1852         reg = armv8_reg_current(arm, 0);
1853         reg->dirty = true;
1854
1855         /* Read DSCR */
1856         retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1857                                 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1858
1859         /* This algorithm comes from DDI0487A.g, chapter J9.1 */
1860
1861         /* Set Normal access mode  */
1862         dscr = (dscr & ~DSCR_MA);
1863         retval +=  mem_ap_write_atomic_u32(armv8->debug_ap,
1864                         armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1865
1866         if (arm->core_state == ARM_STATE_AARCH64) {
1867                 /* Write X0 with value 'address' using write procedure */
1868                 /* Step 1.a+b - Write the address for read access into DBGDTR_EL0 */
1869                 /* Step 1.c   - Copy value from DTR to R0 using instruction mrs DBGDTR_EL0, x0 */
1870                 retval += dpm->instr_write_data_dcc_64(dpm,
1871                                 ARMV8_MRS(SYSTEM_DBG_DBGDTR_EL0, 0), address & ~0x3ULL);
1872                 /* Step 1.d - Dummy operation to ensure EDSCR.Txfull == 1 */
1873                 retval += dpm->instr_execute(dpm, ARMV8_MSR_GP(SYSTEM_DBG_DBGDTR_EL0, 0));
1874                 /* Step 1.e - Change DCC to memory mode */
1875                 dscr = dscr | DSCR_MA;
1876                 retval +=  mem_ap_write_atomic_u32(armv8->debug_ap,
1877                                 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1878                 /* Step 1.f - read DBGDTRTX and discard the value */
1879                 retval += mem_ap_read_atomic_u32(armv8->debug_ap,
1880                                 armv8->debug_base + CPUV8_DBG_DTRTX, &value);
1881         } else {
1882                 /* Write R0 with value 'address' using write procedure */
1883                 /* Step 1.a+b - Write the address for read access into DBGDTRRXint */
1884                 /* Step 1.c   - Copy value from DTR to R0 using instruction mrc DBGDTRTXint, r0 */
1885                 retval += dpm->instr_write_data_dcc(dpm,
1886                                 ARMV4_5_MRC(14, 0, 0, 0, 5, 0), address & ~0x3ULL);
1887                 /* Step 1.d - Dummy operation to ensure EDSCR.Txfull == 1 */
1888                 retval += dpm->instr_execute(dpm, ARMV4_5_MCR(14, 0, 0, 0, 5, 0));
1889                 /* Step 1.e - Change DCC to memory mode */
1890                 dscr = dscr | DSCR_MA;
1891                 retval +=  mem_ap_write_atomic_u32(armv8->debug_ap,
1892                                 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1893                 /* Step 1.f - read DBGDTRTX and discard the value */
1894                 retval += mem_ap_read_atomic_u32(armv8->debug_ap,
1895                                 armv8->debug_base + CPUV8_DBG_DTRTX, &value);
1896
1897         }
1898         if (retval != ERROR_OK)
1899                 goto error_unset_dtr_r;
1900
1901         /* Optimize the read as much as we can, either way we read in a single pass  */
1902         if ((start_byte) || (end_byte)) {
1903                 /* The algorithm only copies 32 bit words, so the buffer
1904                  * should be expanded to include the words at either end.
1905                  * The first and last words will be read into a temp buffer
1906                  * to avoid corruption
1907                  */
1908                 tmp_buff = malloc(total_u32 * 4);
1909                 if (!tmp_buff)
1910                         goto error_unset_dtr_r;
1911
1912                 /* use the tmp buffer to read the entire data */
1913                 u8buf_ptr = tmp_buff;
1914         } else
1915                 /* address and read length are aligned so read directly into the passed buffer */
1916                 u8buf_ptr = buffer;
1917
1918         /* Read the data - Each read of the DTRTX register causes the instruction to be reissued
1919          * Abort flags are sticky, so can be read at end of transactions
1920          *
1921          * This data is read in aligned to 32 bit boundary.
1922          */
1923
1924         /* Step 2.a - Loop n-1 times, each read of DBGDTRTX reads the data from [X0] and
1925          * increments X0 by 4. */
1926         retval = mem_ap_read_buf_noincr(armv8->debug_ap, u8buf_ptr, 4, total_u32-1,
1927                                                                         armv8->debug_base + CPUV8_DBG_DTRTX);
1928         if (retval != ERROR_OK)
1929                         goto error_unset_dtr_r;
1930
1931         /* Step 3.a - set DTR access mode back to Normal mode   */
1932         dscr = (dscr & ~DSCR_MA);
1933         retval =  mem_ap_write_atomic_u32(armv8->debug_ap,
1934                                         armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1935         if (retval != ERROR_OK)
1936                 goto error_free_buff_r;
1937
1938         /* Step 3.b - read DBGDTRTX for the final value */
1939         retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1940                         armv8->debug_base + CPUV8_DBG_DTRTX, &value);
1941         memcpy(u8buf_ptr + (total_u32-1) * 4, &value, 4);
1942
1943         /* Check for sticky abort flags in the DSCR */
1944         retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1945                                 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1946         if (retval != ERROR_OK)
1947                 goto error_free_buff_r;
1948
1949         dpm->dscr = dscr;
1950
1951         if (dscr & (DSCR_ERR | DSCR_SYS_ERROR_PEND)) {
1952                 /* Abort occurred - clear it and exit */
1953                 LOG_ERROR("abort occurred - dscr = 0x%08" PRIx32, dscr);
1954                 armv8_dpm_handle_exception(dpm);
1955                 goto error_free_buff_r;
1956         }
1957
1958         /* check if we need to copy aligned data by applying any shift necessary */
1959         if (tmp_buff) {
1960                 memcpy(buffer, tmp_buff + start_byte, total_bytes);
1961                 free(tmp_buff);
1962         }
1963
1964         /* Done */
1965         return ERROR_OK;
1966
1967 error_unset_dtr_r:
1968         /* Unset DTR mode */
1969         mem_ap_read_atomic_u32(armv8->debug_ap,
1970                                 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1971         dscr = (dscr & ~DSCR_MA);
1972         mem_ap_write_atomic_u32(armv8->debug_ap,
1973                                 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1974 error_free_buff_r:
1975         LOG_ERROR("error");
1976         free(tmp_buff);
1977         return ERROR_FAIL;
1978 }
1979
1980 static int aarch64_read_phys_memory(struct target *target,
1981         target_addr_t address, uint32_t size,
1982         uint32_t count, uint8_t *buffer)
1983 {
1984         int retval = ERROR_COMMAND_SYNTAX_ERROR;
1985
1986         if (count && buffer) {
1987                 /* read memory through APB-AP */
1988                 retval = aarch64_mmu_modify(target, 0);
1989                 if (retval != ERROR_OK)
1990                         return retval;
1991                 retval = aarch64_read_apb_ap_memory(target, address, size, count, buffer);
1992         }
1993         return retval;
1994 }
1995
1996 static int aarch64_read_memory(struct target *target, target_addr_t address,
1997         uint32_t size, uint32_t count, uint8_t *buffer)
1998 {
1999         int mmu_enabled = 0;
2000         int retval;
2001
2002         /* determine if MMU was enabled on target stop */
2003         retval = aarch64_mmu(target, &mmu_enabled);
2004         if (retval != ERROR_OK)
2005                 return retval;
2006
2007         if (mmu_enabled) {
2008                 /* enable MMU as we could have disabled it for phys access */
2009                 retval = aarch64_mmu_modify(target, 1);
2010                 if (retval != ERROR_OK)
2011                         return retval;
2012         }
2013         return aarch64_read_apb_ap_memory(target, address, size, count, buffer);
2014 }
2015
2016 static int aarch64_write_phys_memory(struct target *target,
2017         target_addr_t address, uint32_t size,
2018         uint32_t count, const uint8_t *buffer)
2019 {
2020         int retval = ERROR_COMMAND_SYNTAX_ERROR;
2021
2022         if (count && buffer) {
2023                 /* write memory through APB-AP */
2024                 retval = aarch64_mmu_modify(target, 0);
2025                 if (retval != ERROR_OK)
2026                         return retval;
2027                 return aarch64_write_apb_ap_memory(target, address, size, count, buffer);
2028         }
2029
2030         return retval;
2031 }
2032
2033 static int aarch64_write_memory(struct target *target, target_addr_t address,
2034         uint32_t size, uint32_t count, const uint8_t *buffer)
2035 {
2036         int mmu_enabled = 0;
2037         int retval;
2038
2039         /* determine if MMU was enabled on target stop */
2040         retval = aarch64_mmu(target, &mmu_enabled);
2041         if (retval != ERROR_OK)
2042                 return retval;
2043
2044         if (mmu_enabled) {
2045                 /* enable MMU as we could have disabled it for phys access */
2046                 retval = aarch64_mmu_modify(target, 1);
2047                 if (retval != ERROR_OK)
2048                         return retval;
2049         }
2050         return aarch64_write_apb_ap_memory(target, address, size, count, buffer);
2051 }
2052
2053 static int aarch64_handle_target_request(void *priv)
2054 {
2055         struct target *target = priv;
2056         struct armv8_common *armv8 = target_to_armv8(target);
2057         int retval;
2058
2059         if (!target_was_examined(target))
2060                 return ERROR_OK;
2061         if (!target->dbg_msg_enabled)
2062                 return ERROR_OK;
2063
2064         if (target->state == TARGET_RUNNING) {
2065                 uint32_t request;
2066                 uint32_t dscr;
2067                 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
2068                                 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
2069
2070                 /* check if we have data */
2071                 while ((dscr & DSCR_DTR_TX_FULL) && (retval == ERROR_OK)) {
2072                         retval = mem_ap_read_atomic_u32(armv8->debug_ap,
2073                                         armv8->debug_base + CPUV8_DBG_DTRTX, &request);
2074                         if (retval == ERROR_OK) {
2075                                 target_request(target, request);
2076                                 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
2077                                                 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
2078                         }
2079                 }
2080         }
2081
2082         return ERROR_OK;
2083 }
2084
2085 static int aarch64_examine_first(struct target *target)
2086 {
2087         struct aarch64_common *aarch64 = target_to_aarch64(target);
2088         struct armv8_common *armv8 = &aarch64->armv8_common;
2089         struct adiv5_dap *swjdp = armv8->arm.dap;
2090         uint32_t cti_base;
2091         int i;
2092         int retval = ERROR_OK;
2093         uint64_t debug, ttypr;
2094         uint32_t cpuid;
2095         uint32_t tmp0, tmp1;
2096         debug = ttypr = cpuid = 0;
2097
2098         retval = dap_dp_init(swjdp);
2099         if (retval != ERROR_OK)
2100                 return retval;
2101
2102         /* Search for the APB-AB - it is needed for access to debug registers */
2103         retval = dap_find_ap(swjdp, AP_TYPE_APB_AP, &armv8->debug_ap);
2104         if (retval != ERROR_OK) {
2105                 LOG_ERROR("Could not find APB-AP for debug access");
2106                 return retval;
2107         }
2108
2109         retval = mem_ap_init(armv8->debug_ap);
2110         if (retval != ERROR_OK) {
2111                 LOG_ERROR("Could not initialize the APB-AP");
2112                 return retval;
2113         }
2114
2115         armv8->debug_ap->memaccess_tck = 10;
2116
2117         if (!target->dbgbase_set) {
2118                 uint32_t dbgbase;
2119                 /* Get ROM Table base */
2120                 uint32_t apid;
2121                 int32_t coreidx = target->coreid;
2122                 retval = dap_get_debugbase(armv8->debug_ap, &dbgbase, &apid);
2123                 if (retval != ERROR_OK)
2124                         return retval;
2125                 /* Lookup 0x15 -- Processor DAP */
2126                 retval = dap_lookup_cs_component(armv8->debug_ap, dbgbase, 0x15,
2127                                 &armv8->debug_base, &coreidx);
2128                 if (retval != ERROR_OK)
2129                         return retval;
2130                 LOG_DEBUG("Detected core %" PRId32 " dbgbase: %08" PRIx32
2131                                 " apid: %08" PRIx32, coreidx, armv8->debug_base, apid);
2132         } else
2133                 armv8->debug_base = target->dbgbase;
2134
2135         uint32_t prsr;
2136         int64_t then = timeval_ms();
2137         do {
2138                 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
2139                                 armv8->debug_base + CPUV8_DBG_PRSR, &prsr);
2140                 if (retval == ERROR_OK) {
2141                         retval = mem_ap_write_atomic_u32(armv8->debug_ap,
2142                                         armv8->debug_base + CPUV8_DBG_PRCR, PRCR_COREPURQ|PRCR_CORENPDRQ);
2143                         if (retval != ERROR_OK) {
2144                                 LOG_DEBUG("write to PRCR failed");
2145                                 break;
2146                         }
2147                 }
2148
2149                 if (timeval_ms() > then + 1000) {
2150                         retval = ERROR_TARGET_TIMEOUT;
2151                         break;
2152                 }
2153
2154         } while ((prsr & PRSR_PU) == 0);
2155
2156         if (retval != ERROR_OK) {
2157                 LOG_ERROR("target %s: failed to set power state of the core.", target_name(target));
2158                 return retval;
2159         }
2160
2161         retval = mem_ap_write_atomic_u32(armv8->debug_ap,
2162                         armv8->debug_base + CPUV8_DBG_OSLAR, 0);
2163         if (retval != ERROR_OK) {
2164                 LOG_DEBUG("Examine %s failed", "oslock");
2165                 return retval;
2166         }
2167
2168         retval = mem_ap_read_atomic_u32(armv8->debug_ap,
2169                         armv8->debug_base + CPUV8_DBG_MAINID0, &cpuid);
2170         if (retval != ERROR_OK) {
2171                 LOG_DEBUG("Examine %s failed", "CPUID");
2172                 return retval;
2173         }
2174
2175         retval = mem_ap_read_atomic_u32(armv8->debug_ap,
2176                         armv8->debug_base + CPUV8_DBG_MEMFEATURE0, &tmp0);
2177         retval += mem_ap_read_atomic_u32(armv8->debug_ap,
2178                         armv8->debug_base + CPUV8_DBG_MEMFEATURE0 + 4, &tmp1);
2179         if (retval != ERROR_OK) {
2180                 LOG_DEBUG("Examine %s failed", "Memory Model Type");
2181                 return retval;
2182         }
2183         ttypr |= tmp1;
2184         ttypr = (ttypr << 32) | tmp0;
2185
2186         retval = mem_ap_read_atomic_u32(armv8->debug_ap,
2187                         armv8->debug_base + CPUV8_DBG_DBGFEATURE0, &tmp0);
2188         retval += mem_ap_read_atomic_u32(armv8->debug_ap,
2189                         armv8->debug_base + CPUV8_DBG_DBGFEATURE0 + 4, &tmp1);
2190         if (retval != ERROR_OK) {
2191                 LOG_DEBUG("Examine %s failed", "ID_AA64DFR0_EL1");
2192                 return retval;
2193         }
2194         debug |= tmp1;
2195         debug = (debug << 32) | tmp0;
2196
2197         LOG_DEBUG("cpuid = 0x%08" PRIx32, cpuid);
2198         LOG_DEBUG("ttypr = 0x%08" PRIx64, ttypr);
2199         LOG_DEBUG("debug = 0x%08" PRIx64, debug);
2200
2201         if (target->ctibase == 0) {
2202                 /* assume a v8 rom table layout */
2203                 cti_base = armv8->debug_base + 0x10000;
2204                 LOG_INFO("Target ctibase is not set, assuming 0x%0" PRIx32, cti_base);
2205         } else
2206                 cti_base = target->ctibase;
2207
2208         armv8->cti = arm_cti_create(armv8->debug_ap, cti_base);
2209         if (armv8->cti == NULL)
2210                 return ERROR_FAIL;
2211
2212         retval = aarch64_dpm_setup(aarch64, debug);
2213         if (retval != ERROR_OK)
2214                 return retval;
2215
2216         /* Setup Breakpoint Register Pairs */
2217         aarch64->brp_num = (uint32_t)((debug >> 12) & 0x0F) + 1;
2218         aarch64->brp_num_context = (uint32_t)((debug >> 28) & 0x0F) + 1;
2219         aarch64->brp_num_available = aarch64->brp_num;
2220         aarch64->brp_list = calloc(aarch64->brp_num, sizeof(struct aarch64_brp));
2221         for (i = 0; i < aarch64->brp_num; i++) {
2222                 aarch64->brp_list[i].used = 0;
2223                 if (i < (aarch64->brp_num-aarch64->brp_num_context))
2224                         aarch64->brp_list[i].type = BRP_NORMAL;
2225                 else
2226                         aarch64->brp_list[i].type = BRP_CONTEXT;
2227                 aarch64->brp_list[i].value = 0;
2228                 aarch64->brp_list[i].control = 0;
2229                 aarch64->brp_list[i].BRPn = i;
2230         }
2231
2232         LOG_DEBUG("Configured %i hw breakpoints", aarch64->brp_num);
2233
2234         target->state = TARGET_RUNNING;
2235         target->debug_reason = DBG_REASON_NOTHALTED;
2236
2237         target_set_examined(target);
2238         return ERROR_OK;
2239 }
2240
2241 static int aarch64_examine(struct target *target)
2242 {
2243         int retval = ERROR_OK;
2244
2245         /* don't re-probe hardware after each reset */
2246         if (!target_was_examined(target))
2247                 retval = aarch64_examine_first(target);
2248
2249         /* Configure core debug access */
2250         if (retval == ERROR_OK)
2251                 retval = aarch64_init_debug_access(target);
2252
2253         return retval;
2254 }
2255
2256 /*
2257  *      Cortex-A8 target creation and initialization
2258  */
2259
2260 static int aarch64_init_target(struct command_context *cmd_ctx,
2261         struct target *target)
2262 {
2263         /* examine_first() does a bunch of this */
2264         return ERROR_OK;
2265 }
2266
2267 static int aarch64_init_arch_info(struct target *target,
2268         struct aarch64_common *aarch64, struct jtag_tap *tap)
2269 {
2270         struct armv8_common *armv8 = &aarch64->armv8_common;
2271
2272         /* Setup struct aarch64_common */
2273         aarch64->common_magic = AARCH64_COMMON_MAGIC;
2274         /*  tap has no dap initialized */
2275         if (!tap->dap) {
2276                 tap->dap = dap_init();
2277                 tap->dap->tap = tap;
2278         }
2279         armv8->arm.dap = tap->dap;
2280
2281         /* register arch-specific functions */
2282         armv8->examine_debug_reason = NULL;
2283         armv8->post_debug_entry = aarch64_post_debug_entry;
2284         armv8->pre_restore_context = NULL;
2285         armv8->armv8_mmu.read_physical_memory = aarch64_read_phys_memory;
2286
2287         armv8_init_arch_info(target, armv8);
2288         target_register_timer_callback(aarch64_handle_target_request, 1, 1, target);
2289
2290         return ERROR_OK;
2291 }
2292
2293 static int aarch64_target_create(struct target *target, Jim_Interp *interp)
2294 {
2295         struct aarch64_common *aarch64 = calloc(1, sizeof(struct aarch64_common));
2296
2297         return aarch64_init_arch_info(target, aarch64, target->tap);
2298 }
2299
2300 static int aarch64_mmu(struct target *target, int *enabled)
2301 {
2302         if (target->state != TARGET_HALTED) {
2303                 LOG_ERROR("%s: target %s not halted", __func__, target_name(target));
2304                 return ERROR_TARGET_INVALID;
2305         }
2306
2307         *enabled = target_to_aarch64(target)->armv8_common.armv8_mmu.mmu_enabled;
2308         return ERROR_OK;
2309 }
2310
2311 static int aarch64_virt2phys(struct target *target, target_addr_t virt,
2312                              target_addr_t *phys)
2313 {
2314         return armv8_mmu_translate_va_pa(target, virt, phys, 1);
2315 }
2316
2317 COMMAND_HANDLER(aarch64_handle_cache_info_command)
2318 {
2319         struct target *target = get_current_target(CMD_CTX);
2320         struct armv8_common *armv8 = target_to_armv8(target);
2321
2322         return armv8_handle_cache_info_command(CMD_CTX,
2323                         &armv8->armv8_mmu.armv8_cache);
2324 }
2325
2326
2327 COMMAND_HANDLER(aarch64_handle_dbginit_command)
2328 {
2329         struct target *target = get_current_target(CMD_CTX);
2330         if (!target_was_examined(target)) {
2331                 LOG_ERROR("target not examined yet");
2332                 return ERROR_FAIL;
2333         }
2334
2335         return aarch64_init_debug_access(target);
2336 }
2337 COMMAND_HANDLER(aarch64_handle_smp_off_command)
2338 {
2339         struct target *target = get_current_target(CMD_CTX);
2340         /* check target is an smp target */
2341         struct target_list *head;
2342         struct target *curr;
2343         head = target->head;
2344         target->smp = 0;
2345         if (head != (struct target_list *)NULL) {
2346                 while (head != (struct target_list *)NULL) {
2347                         curr = head->target;
2348                         curr->smp = 0;
2349                         head = head->next;
2350                 }
2351                 /*  fixes the target display to the debugger */
2352                 target->gdb_service->target = target;
2353         }
2354         return ERROR_OK;
2355 }
2356
2357 COMMAND_HANDLER(aarch64_handle_smp_on_command)
2358 {
2359         struct target *target = get_current_target(CMD_CTX);
2360         struct target_list *head;
2361         struct target *curr;
2362         head = target->head;
2363         if (head != (struct target_list *)NULL) {
2364                 target->smp = 1;
2365                 while (head != (struct target_list *)NULL) {
2366                         curr = head->target;
2367                         curr->smp = 1;
2368                         head = head->next;
2369                 }
2370         }
2371         return ERROR_OK;
2372 }
2373
2374 static const struct command_registration aarch64_exec_command_handlers[] = {
2375         {
2376                 .name = "cache_info",
2377                 .handler = aarch64_handle_cache_info_command,
2378                 .mode = COMMAND_EXEC,
2379                 .help = "display information about target caches",
2380                 .usage = "",
2381         },
2382         {
2383                 .name = "dbginit",
2384                 .handler = aarch64_handle_dbginit_command,
2385                 .mode = COMMAND_EXEC,
2386                 .help = "Initialize core debug",
2387                 .usage = "",
2388         },
2389         {       .name = "smp_off",
2390                 .handler = aarch64_handle_smp_off_command,
2391                 .mode = COMMAND_EXEC,
2392                 .help = "Stop smp handling",
2393                 .usage = "",
2394         },
2395         {
2396                 .name = "smp_on",
2397                 .handler = aarch64_handle_smp_on_command,
2398                 .mode = COMMAND_EXEC,
2399                 .help = "Restart smp handling",
2400                 .usage = "",
2401         },
2402
2403         COMMAND_REGISTRATION_DONE
2404 };
2405 static const struct command_registration aarch64_command_handlers[] = {
2406         {
2407                 .chain = armv8_command_handlers,
2408         },
2409         {
2410                 .name = "aarch64",
2411                 .mode = COMMAND_ANY,
2412                 .help = "Aarch64 command group",
2413                 .usage = "",
2414                 .chain = aarch64_exec_command_handlers,
2415         },
2416         COMMAND_REGISTRATION_DONE
2417 };
2418
2419 struct target_type aarch64_target = {
2420         .name = "aarch64",
2421
2422         .poll = aarch64_poll,
2423         .arch_state = armv8_arch_state,
2424
2425         .halt = aarch64_halt,
2426         .resume = aarch64_resume,
2427         .step = aarch64_step,
2428
2429         .assert_reset = aarch64_assert_reset,
2430         .deassert_reset = aarch64_deassert_reset,
2431
2432         /* REVISIT allow exporting VFP3 registers ... */
2433         .get_gdb_reg_list = armv8_get_gdb_reg_list,
2434
2435         .read_memory = aarch64_read_memory,
2436         .write_memory = aarch64_write_memory,
2437
2438         .add_breakpoint = aarch64_add_breakpoint,
2439         .add_context_breakpoint = aarch64_add_context_breakpoint,
2440         .add_hybrid_breakpoint = aarch64_add_hybrid_breakpoint,
2441         .remove_breakpoint = aarch64_remove_breakpoint,
2442         .add_watchpoint = NULL,
2443         .remove_watchpoint = NULL,
2444
2445         .commands = aarch64_command_handlers,
2446         .target_create = aarch64_target_create,
2447         .init_target = aarch64_init_target,
2448         .examine = aarch64_examine,
2449
2450         .read_phys_memory = aarch64_read_phys_memory,
2451         .write_phys_memory = aarch64_write_phys_memory,
2452         .mmu = aarch64_mmu,
2453         .virt2phys = aarch64_virt2phys,
2454 };