1 /***************************************************************************
2 * Copyright (C) 2006 by Magnus Lundin *
5 * Copyright (C) 2008 by Spencer Oliver *
6 * spen@spen-soft.co.uk *
8 * Copyright (C) 2009-2010 by Oyvind Harboe *
9 * oyvind.harboe@zylin.com *
11 * Copyright (C) 2009-2010 by David Brownell *
13 * Copyright (C) 2013 by Andreas Fritiofson *
14 * andreas.fritiofson@gmail.com *
16 * This program is free software; you can redistribute it and/or modify *
17 * it under the terms of the GNU General Public License as published by *
18 * the Free Software Foundation; either version 2 of the License, or *
19 * (at your option) any later version. *
21 * This program is distributed in the hope that it will be useful, *
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
24 * GNU General Public License for more details. *
26 * You should have received a copy of the GNU General Public License *
27 * along with this program; if not, write to the *
28 * Free Software Foundation, Inc., *
29 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. *
30 ***************************************************************************/
34 * This file implements support for the ARM Debug Interface version 5 (ADIv5)
35 * debugging architecture. Compared with previous versions, this includes
36 * a low pin-count Serial Wire Debug (SWD) alternative to JTAG for message
37 * transport, and focusses on memory mapped resources as defined by the
38 * CoreSight architecture.
40 * A key concept in ADIv5 is the Debug Access Port, or DAP. A DAP has two
41 * basic components: a Debug Port (DP) transporting messages to and from a
42 * debugger, and an Access Port (AP) accessing resources. Three types of DP
43 * are defined. One uses only JTAG for communication, and is called JTAG-DP.
44 * One uses only SWD for communication, and is called SW-DP. The third can
45 * use either SWD or JTAG, and is called SWJ-DP. The most common type of AP
46 * is used to access memory mapped resources and is called a MEM-AP. Also a
47 * JTAG-AP is also defined, bridging to JTAG resources; those are uncommon.
49 * This programming interface allows DAP pipelined operations through a
50 * transaction queue. This primarily affects AP operations (such as using
51 * a MEM-AP to access memory or registers). If the current transaction has
52 * not finished by the time the next one must begin, and the ORUNDETECT bit
53 * is set in the DP_CTRL_STAT register, the SSTICKYORUN status is set and
54 * further AP operations will fail. There are two basic methods to avoid
55 * such overrun errors. One involves polling for status instead of using
56 * transaction piplining. The other involves adding delays to ensure the
57 * AP has enough time to complete one operation before starting the next
58 * one. (For JTAG these delays are controlled by memaccess_tck.)
62 * Relevant specifications from ARM include:
64 * ARM(tm) Debug Interface v5 Architecture Specification ARM IHI 0031A
65 * CoreSight(tm) v1.0 Architecture Specification ARM IHI 0029B
67 * CoreSight(tm) DAP-Lite TRM, ARM DDI 0316D
68 * Cortex-M3(tm) TRM, ARM DDI 0337G
75 #include "jtag/interface.h"
77 #include "arm_adi_v5.h"
78 #include <helper/time_support.h>
80 /* ARM ADI Specification requires at least 10 bits used for TAR autoincrement */
83 uint32_t tar_block_size(uint32_t address)
84 Return the largest block starting at address that does not cross a tar block size alignment boundary
86 static uint32_t max_tar_block_size(uint32_t tar_autoincr_block, uint32_t address)
88 return tar_autoincr_block - ((tar_autoincr_block - 1) & address);
91 /***************************************************************************
93 * DP and MEM-AP register access through APACC and DPACC *
95 ***************************************************************************/
98 * Select one of the APs connected to the specified DAP. The
99 * selection is implicitly used with future AP transactions.
100 * This is a NOP if the specified AP is already selected.
103 * @param apsel Number of the AP to (implicitly) use with further
104 * transactions. This normally identifies a MEM-AP.
106 void dap_ap_select(struct adiv5_dap *dap, uint8_t ap)
108 uint32_t new_ap = (ap << 24) & 0xFF000000;
110 if (new_ap != dap->ap_current) {
111 dap->ap_current = new_ap;
112 /* Switching AP invalidates cached values.
113 * Values MUST BE UPDATED BEFORE AP ACCESS.
115 dap->ap_bank_value = -1;
116 dap->ap_csw_value = -1;
117 dap->ap_tar_value = -1;
121 static int dap_setup_accessport_csw(struct adiv5_dap *dap, uint32_t csw)
123 csw = csw | CSW_DBGSWENABLE | CSW_MASTER_DEBUG | CSW_HPROT |
124 dap->apcsw[dap->ap_current >> 24];
126 if (csw != dap->ap_csw_value) {
127 /* LOG_DEBUG("DAP: Set CSW %x",csw); */
128 int retval = dap_queue_ap_write(dap, AP_REG_CSW, csw);
129 if (retval != ERROR_OK)
131 dap->ap_csw_value = csw;
136 static int dap_setup_accessport_tar(struct adiv5_dap *dap, uint32_t tar)
138 if (tar != dap->ap_tar_value || dap->ap_csw_value & CSW_ADDRINC_MASK) {
139 /* LOG_DEBUG("DAP: Set TAR %x",tar); */
140 int retval = dap_queue_ap_write(dap, AP_REG_TAR, tar);
141 if (retval != ERROR_OK)
143 dap->ap_tar_value = tar;
149 * Queue transactions setting up transfer parameters for the
150 * currently selected MEM-AP.
152 * Subsequent transfers using registers like AP_REG_DRW or AP_REG_BD2
153 * initiate data reads or writes using memory or peripheral addresses.
154 * If the CSW is configured for it, the TAR may be automatically
155 * incremented after each transfer.
157 * @todo Rename to reflect it being specifically a MEM-AP function.
159 * @param dap The DAP connected to the MEM-AP.
160 * @param csw MEM-AP Control/Status Word (CSW) register to assign. If this
161 * matches the cached value, the register is not changed.
162 * @param tar MEM-AP Transfer Address Register (TAR) to assign. If this
163 * matches the cached address, the register is not changed.
165 * @return ERROR_OK if the transaction was properly queued, else a fault code.
167 int dap_setup_accessport(struct adiv5_dap *dap, uint32_t csw, uint32_t tar)
170 retval = dap_setup_accessport_csw(dap, csw);
171 if (retval != ERROR_OK)
173 retval = dap_setup_accessport_tar(dap, tar);
174 if (retval != ERROR_OK)
180 * Asynchronous (queued) read of a word from memory or a system register.
182 * @param dap The DAP connected to the MEM-AP performing the read.
183 * @param address Address of the 32-bit word to read; it must be
184 * readable by the currently selected MEM-AP.
185 * @param value points to where the word will be stored when the
186 * transaction queue is flushed (assuming no errors).
188 * @return ERROR_OK for success. Otherwise a fault code.
190 int mem_ap_read_u32(struct adiv5_dap *dap, uint32_t address,
195 /* Use banked addressing (REG_BDx) to avoid some link traffic
196 * (updating TAR) when reading several consecutive addresses.
198 retval = dap_setup_accessport(dap, CSW_32BIT | CSW_ADDRINC_OFF,
199 address & 0xFFFFFFF0);
200 if (retval != ERROR_OK)
203 return dap_queue_ap_read(dap, AP_REG_BD0 | (address & 0xC), value);
207 * Synchronous read of a word from memory or a system register.
208 * As a side effect, this flushes any queued transactions.
210 * @param dap The DAP connected to the MEM-AP performing the read.
211 * @param address Address of the 32-bit word to read; it must be
212 * readable by the currently selected MEM-AP.
213 * @param value points to where the result will be stored.
215 * @return ERROR_OK for success; *value holds the result.
216 * Otherwise a fault code.
218 int mem_ap_read_atomic_u32(struct adiv5_dap *dap, uint32_t address,
223 retval = mem_ap_read_u32(dap, address, value);
224 if (retval != ERROR_OK)
231 * Asynchronous (queued) write of a word to memory or a system register.
233 * @param dap The DAP connected to the MEM-AP.
234 * @param address Address to be written; it must be writable by
235 * the currently selected MEM-AP.
236 * @param value Word that will be written to the address when transaction
237 * queue is flushed (assuming no errors).
239 * @return ERROR_OK for success. Otherwise a fault code.
241 int mem_ap_write_u32(struct adiv5_dap *dap, uint32_t address,
246 /* Use banked addressing (REG_BDx) to avoid some link traffic
247 * (updating TAR) when writing several consecutive addresses.
249 retval = dap_setup_accessport(dap, CSW_32BIT | CSW_ADDRINC_OFF,
250 address & 0xFFFFFFF0);
251 if (retval != ERROR_OK)
254 return dap_queue_ap_write(dap, AP_REG_BD0 | (address & 0xC),
259 * Synchronous write of a word to memory or a system register.
260 * As a side effect, this flushes any queued transactions.
262 * @param dap The DAP connected to the MEM-AP.
263 * @param address Address to be written; it must be writable by
264 * the currently selected MEM-AP.
265 * @param value Word that will be written.
267 * @return ERROR_OK for success; the data was written. Otherwise a fault code.
269 int mem_ap_write_atomic_u32(struct adiv5_dap *dap, uint32_t address,
272 int retval = mem_ap_write_u32(dap, address, value);
274 if (retval != ERROR_OK)
281 * Synchronous write of a block of memory, using a specific access size.
283 * @param dap The DAP connected to the MEM-AP.
284 * @param buffer The data buffer to write. No particular alignment is assumed.
285 * @param size Which access size to use, in bytes. 1, 2 or 4.
286 * @param count The number of writes to do (in size units, not bytes).
287 * @param address Address to be written; it must be writable by the currently selected MEM-AP.
288 * @param addrinc Whether the target address should be increased for each write or not. This
289 * should normally be true, except when writing to e.g. a FIFO.
290 * @return ERROR_OK on success, otherwise an error code.
292 int mem_ap_write(struct adiv5_dap *dap, const uint8_t *buffer, uint32_t size, uint32_t count,
293 uint32_t address, bool addrinc)
295 size_t nbytes = size * count;
296 const uint32_t csw_addrincr = addrinc ? CSW_ADDRINC_SINGLE : CSW_ADDRINC_OFF;
301 /* TI BE-32 Quirks mode:
302 * Writes on big-endian TMS570 behave very strangely. Observed behavior:
303 * size write address bytes written in order
304 * 4 TAR ^ 0 (val >> 24), (val >> 16), (val >> 8), (val)
305 * 2 TAR ^ 2 (val >> 8), (val)
307 * For example, if you attempt to write a single byte to address 0, the processor
308 * will actually write a byte to address 3.
310 * To make writes of size < 4 work as expected, we xor a value with the address before
311 * setting the TAP, and we set the TAP after every transfer rather then relying on
312 * address increment. */
315 csw_size = CSW_32BIT;
317 } else if (size == 2) {
318 csw_size = CSW_16BIT;
319 addr_xor = dap->ti_be_32_quirks ? 2 : 0;
320 } else if (size == 1) {
322 addr_xor = dap->ti_be_32_quirks ? 3 : 0;
324 return ERROR_TARGET_UNALIGNED_ACCESS;
327 if (dap->unaligned_access_bad && (address % size != 0))
328 return ERROR_TARGET_UNALIGNED_ACCESS;
330 retval = dap_setup_accessport_tar(dap, address ^ addr_xor);
331 if (retval != ERROR_OK)
335 uint32_t this_size = size;
337 /* Select packed transfer if possible */
338 if (addrinc && dap->packed_transfers && nbytes >= 4
339 && max_tar_block_size(dap->tar_autoincr_block, address) >= 4) {
341 retval = dap_setup_accessport_csw(dap, csw_size | CSW_ADDRINC_PACKED);
343 retval = dap_setup_accessport_csw(dap, csw_size | csw_addrincr);
346 if (retval != ERROR_OK)
349 /* How many source bytes each transfer will consume, and their location in the DRW,
350 * depends on the type of transfer and alignment. See ARM document IHI0031C. */
351 uint32_t outvalue = 0;
352 if (dap->ti_be_32_quirks) {
355 outvalue |= (uint32_t)*buffer++ << 8 * (3 ^ (address++ & 3) ^ addr_xor);
356 outvalue |= (uint32_t)*buffer++ << 8 * (3 ^ (address++ & 3) ^ addr_xor);
357 outvalue |= (uint32_t)*buffer++ << 8 * (3 ^ (address++ & 3) ^ addr_xor);
358 outvalue |= (uint32_t)*buffer++ << 8 * (3 ^ (address++ & 3) ^ addr_xor);
361 outvalue |= (uint32_t)*buffer++ << 8 * (1 ^ (address++ & 3) ^ addr_xor);
362 outvalue |= (uint32_t)*buffer++ << 8 * (1 ^ (address++ & 3) ^ addr_xor);
365 outvalue |= (uint32_t)*buffer++ << 8 * (0 ^ (address++ & 3) ^ addr_xor);
371 outvalue |= (uint32_t)*buffer++ << 8 * (address++ & 3);
372 outvalue |= (uint32_t)*buffer++ << 8 * (address++ & 3);
374 outvalue |= (uint32_t)*buffer++ << 8 * (address++ & 3);
376 outvalue |= (uint32_t)*buffer++ << 8 * (address++ & 3);
382 retval = dap_queue_ap_write(dap, AP_REG_DRW, outvalue);
383 if (retval != ERROR_OK)
386 /* Rewrite TAR if it wrapped or we're xoring addresses */
387 if (addrinc && (addr_xor || (address % dap->tar_autoincr_block < size && nbytes > 0))) {
388 retval = dap_setup_accessport_tar(dap, address ^ addr_xor);
389 if (retval != ERROR_OK)
394 /* REVISIT: Might want to have a queued version of this function that does not run. */
395 if (retval == ERROR_OK)
396 retval = dap_run(dap);
398 if (retval != ERROR_OK) {
400 if (dap_queue_ap_read(dap, AP_REG_TAR, &tar) == ERROR_OK
401 && dap_run(dap) == ERROR_OK)
402 LOG_ERROR("Failed to write memory at 0x%08"PRIx32, tar);
404 LOG_ERROR("Failed to write memory and, additionally, failed to find out where");
411 * Synchronous read of a block of memory, using a specific access size.
413 * @param dap The DAP connected to the MEM-AP.
414 * @param buffer The data buffer to receive the data. No particular alignment is assumed.
415 * @param size Which access size to use, in bytes. 1, 2 or 4.
416 * @param count The number of reads to do (in size units, not bytes).
417 * @param address Address to be read; it must be readable by the currently selected MEM-AP.
418 * @param addrinc Whether the target address should be increased after each read or not. This
419 * should normally be true, except when reading from e.g. a FIFO.
420 * @return ERROR_OK on success, otherwise an error code.
422 int mem_ap_read(struct adiv5_dap *dap, uint8_t *buffer, uint32_t size, uint32_t count,
423 uint32_t adr, bool addrinc)
425 size_t nbytes = size * count;
426 const uint32_t csw_addrincr = addrinc ? CSW_ADDRINC_SINGLE : CSW_ADDRINC_OFF;
428 uint32_t address = adr;
431 /* TI BE-32 Quirks mode:
432 * Reads on big-endian TMS570 behave strangely differently than writes.
433 * They read from the physical address requested, but with DRW byte-reversed.
434 * For example, a byte read from address 0 will place the result in the high bytes of DRW.
435 * Also, packed 8-bit and 16-bit transfers seem to sometimes return garbage in some bytes,
439 csw_size = CSW_32BIT;
441 csw_size = CSW_16BIT;
445 return ERROR_TARGET_UNALIGNED_ACCESS;
447 if (dap->unaligned_access_bad && (adr % size != 0))
448 return ERROR_TARGET_UNALIGNED_ACCESS;
450 /* Allocate buffer to hold the sequence of DRW reads that will be made. This is a significant
451 * over-allocation if packed transfers are going to be used, but determining the real need at
452 * this point would be messy. */
453 uint32_t *read_buf = malloc(count * sizeof(uint32_t));
454 uint32_t *read_ptr = read_buf;
455 if (read_buf == NULL) {
456 LOG_ERROR("Failed to allocate read buffer");
460 retval = dap_setup_accessport_tar(dap, address);
461 if (retval != ERROR_OK) {
466 /* Queue up all reads. Each read will store the entire DRW word in the read buffer. How many
467 * useful bytes it contains, and their location in the word, depends on the type of transfer
470 uint32_t this_size = size;
472 /* Select packed transfer if possible */
473 if (addrinc && dap->packed_transfers && nbytes >= 4
474 && max_tar_block_size(dap->tar_autoincr_block, address) >= 4) {
476 retval = dap_setup_accessport_csw(dap, csw_size | CSW_ADDRINC_PACKED);
478 retval = dap_setup_accessport_csw(dap, csw_size | csw_addrincr);
480 if (retval != ERROR_OK)
483 retval = dap_queue_ap_read(dap, AP_REG_DRW, read_ptr++);
484 if (retval != ERROR_OK)
488 address += this_size;
490 /* Rewrite TAR if it wrapped */
491 if (addrinc && address % dap->tar_autoincr_block < size && nbytes > 0) {
492 retval = dap_setup_accessport_tar(dap, address);
493 if (retval != ERROR_OK)
498 if (retval == ERROR_OK)
499 retval = dap_run(dap);
503 nbytes = size * count;
506 /* If something failed, read TAR to find out how much data was successfully read, so we can
507 * at least give the caller what we have. */
508 if (retval != ERROR_OK) {
510 if (dap_queue_ap_read(dap, AP_REG_TAR, &tar) == ERROR_OK
511 && dap_run(dap) == ERROR_OK) {
512 LOG_ERROR("Failed to read memory at 0x%08"PRIx32, tar);
513 if (nbytes > tar - address)
514 nbytes = tar - address;
516 LOG_ERROR("Failed to read memory and, additionally, failed to find out where");
521 /* Replay loop to populate caller's buffer from the correct word and byte lane */
523 uint32_t this_size = size;
525 if (addrinc && dap->packed_transfers && nbytes >= 4
526 && max_tar_block_size(dap->tar_autoincr_block, address) >= 4) {
530 if (dap->ti_be_32_quirks) {
533 *buffer++ = *read_ptr >> 8 * (3 - (address++ & 3));
534 *buffer++ = *read_ptr >> 8 * (3 - (address++ & 3));
536 *buffer++ = *read_ptr >> 8 * (3 - (address++ & 3));
538 *buffer++ = *read_ptr >> 8 * (3 - (address++ & 3));
543 *buffer++ = *read_ptr >> 8 * (address++ & 3);
544 *buffer++ = *read_ptr >> 8 * (address++ & 3);
546 *buffer++ = *read_ptr >> 8 * (address++ & 3);
548 *buffer++ = *read_ptr >> 8 * (address++ & 3);
560 /*--------------------------------------------------------------------*/
561 /* Wrapping function with selection of AP */
562 /*--------------------------------------------------------------------*/
563 int mem_ap_sel_read_u32(struct adiv5_dap *swjdp, uint8_t ap,
564 uint32_t address, uint32_t *value)
566 dap_ap_select(swjdp, ap);
567 return mem_ap_read_u32(swjdp, address, value);
570 int mem_ap_sel_write_u32(struct adiv5_dap *swjdp, uint8_t ap,
571 uint32_t address, uint32_t value)
573 dap_ap_select(swjdp, ap);
574 return mem_ap_write_u32(swjdp, address, value);
577 int mem_ap_sel_read_atomic_u32(struct adiv5_dap *swjdp, uint8_t ap,
578 uint32_t address, uint32_t *value)
580 dap_ap_select(swjdp, ap);
581 return mem_ap_read_atomic_u32(swjdp, address, value);
584 int mem_ap_sel_write_atomic_u32(struct adiv5_dap *swjdp, uint8_t ap,
585 uint32_t address, uint32_t value)
587 dap_ap_select(swjdp, ap);
588 return mem_ap_write_atomic_u32(swjdp, address, value);
591 int mem_ap_sel_read_buf(struct adiv5_dap *swjdp, uint8_t ap,
592 uint8_t *buffer, uint32_t size, uint32_t count, uint32_t address)
594 dap_ap_select(swjdp, ap);
595 return mem_ap_read(swjdp, buffer, size, count, address, true);
598 int mem_ap_sel_write_buf(struct adiv5_dap *swjdp, uint8_t ap,
599 const uint8_t *buffer, uint32_t size, uint32_t count, uint32_t address)
601 dap_ap_select(swjdp, ap);
602 return mem_ap_write(swjdp, buffer, size, count, address, true);
605 int mem_ap_sel_read_buf_noincr(struct adiv5_dap *swjdp, uint8_t ap,
606 uint8_t *buffer, uint32_t size, uint32_t count, uint32_t address)
608 dap_ap_select(swjdp, ap);
609 return mem_ap_read(swjdp, buffer, size, count, address, false);
612 int mem_ap_sel_write_buf_noincr(struct adiv5_dap *swjdp, uint8_t ap,
613 const uint8_t *buffer, uint32_t size, uint32_t count, uint32_t address)
615 dap_ap_select(swjdp, ap);
616 return mem_ap_write(swjdp, buffer, size, count, address, false);
619 #define MDM_REG_STAT 0x00
620 #define MDM_REG_CTRL 0x04
621 #define MDM_REG_ID 0xfc
623 #define MDM_STAT_FMEACK (1<<0)
624 #define MDM_STAT_FREADY (1<<1)
625 #define MDM_STAT_SYSSEC (1<<2)
626 #define MDM_STAT_SYSRES (1<<3)
627 #define MDM_STAT_FMEEN (1<<5)
628 #define MDM_STAT_BACKDOOREN (1<<6)
629 #define MDM_STAT_LPEN (1<<7)
630 #define MDM_STAT_VLPEN (1<<8)
631 #define MDM_STAT_LLSMODEXIT (1<<9)
632 #define MDM_STAT_VLLSXMODEXIT (1<<10)
633 #define MDM_STAT_CORE_HALTED (1<<16)
634 #define MDM_STAT_CORE_SLEEPDEEP (1<<17)
635 #define MDM_STAT_CORESLEEPING (1<<18)
637 #define MEM_CTRL_FMEIP (1<<0)
638 #define MEM_CTRL_DBG_DIS (1<<1)
639 #define MEM_CTRL_DBG_REQ (1<<2)
640 #define MEM_CTRL_SYS_RES_REQ (1<<3)
641 #define MEM_CTRL_CORE_HOLD_RES (1<<4)
642 #define MEM_CTRL_VLLSX_DBG_REQ (1<<5)
643 #define MEM_CTRL_VLLSX_DBG_ACK (1<<6)
644 #define MEM_CTRL_VLLSX_STAT_ACK (1<<7)
646 #define MDM_ACCESS_TIMEOUT 3000 /* ms */
651 int dap_syssec_kinetis_mdmap(struct adiv5_dap *dap)
656 enum reset_types jtag_reset_config = jtag_get_reset_config();
658 dap_ap_select(dap, 1);
660 /* first check mdm-ap id register */
661 retval = dap_queue_ap_read(dap, MDM_REG_ID, &val);
662 if (retval != ERROR_OK)
666 if (val != 0x001C0000) {
667 LOG_DEBUG("id doesn't match %08" PRIX32 " != 0x001C0000", val);
668 dap_ap_select(dap, 0);
672 /* read and parse status register
673 * it's important that the device is out of
677 if (timeout++ > MDM_ACCESS_TIMEOUT) {
678 LOG_DEBUG("MDMAP : flash ready timeout");
681 retval = dap_queue_ap_read(dap, MDM_REG_STAT, &val);
682 if (retval != ERROR_OK)
686 LOG_DEBUG("MDM_REG_STAT %08" PRIX32, val);
687 if (val & MDM_STAT_FREADY)
692 if ((val & MDM_STAT_SYSSEC)) {
693 LOG_DEBUG("MDMAP: system is secured, masserase needed");
695 if (!(val & MDM_STAT_FMEEN))
696 LOG_DEBUG("MDMAP: masserase is disabled");
698 /* we need to assert reset */
699 if (jtag_reset_config & RESET_HAS_SRST) {
700 /* default to asserting srst */
701 adapter_assert_reset();
703 LOG_DEBUG("SRST not configured");
704 dap_ap_select(dap, 0);
709 if (timeout++ > MDM_ACCESS_TIMEOUT) {
710 LOG_DEBUG("MDMAP : flash ready timeout");
713 retval = dap_queue_ap_write(dap, MDM_REG_CTRL, MEM_CTRL_FMEIP);
714 if (retval != ERROR_OK)
717 /* read status register and wait for ready */
718 retval = dap_queue_ap_read(dap, MDM_REG_STAT, &val);
719 if (retval != ERROR_OK)
722 LOG_DEBUG("MDM_REG_STAT %08" PRIX32, val);
730 if (timeout++ > MDM_ACCESS_TIMEOUT) {
731 LOG_DEBUG("MDMAP : flash ready timeout");
734 retval = dap_queue_ap_write(dap, MDM_REG_CTRL, 0);
735 if (retval != ERROR_OK)
738 /* read status register */
739 retval = dap_queue_ap_read(dap, MDM_REG_STAT, &val);
740 if (retval != ERROR_OK)
743 LOG_DEBUG("MDM_REG_STAT %08" PRIX32, val);
744 /* read control register and wait for ready */
745 retval = dap_queue_ap_read(dap, MDM_REG_CTRL, &val);
746 if (retval != ERROR_OK)
749 LOG_DEBUG("MDM_REG_CTRL %08" PRIX32, val);
758 dap_ap_select(dap, 0);
764 struct dap_syssec_filter {
768 int (*dap_init)(struct adiv5_dap *dap);
772 static struct dap_syssec_filter dap_syssec_filter_data[] = {
773 { 0x4BA00477, dap_syssec_kinetis_mdmap }
779 int dap_syssec(struct adiv5_dap *dap)
782 struct jtag_tap *tap;
784 for (i = 0; i < sizeof(dap_syssec_filter_data); i++) {
785 tap = dap->jtag_info->tap;
787 while (tap != NULL) {
788 if (tap->hasidcode && (dap_syssec_filter_data[i].idcode == tap->idcode)) {
789 LOG_DEBUG("DAP: mdmap_init for idcode: %08" PRIx32, tap->idcode);
790 dap_syssec_filter_data[i].dap_init(dap);
799 /*--------------------------------------------------------------------------*/
802 /* FIXME don't import ... just initialize as
803 * part of DAP transport setup
805 extern const struct dap_ops jtag_dp_ops;
807 /*--------------------------------------------------------------------------*/
810 * Initialize a DAP. This sets up the power domains, prepares the DP
811 * for further use, and arranges to use AP #0 for all AP operations
812 * until dap_ap-select() changes that policy.
814 * @param dap The DAP being initialized.
816 * @todo Rename this. We also need an initialization scheme which account
817 * for SWD transports not just JTAG; that will need to address differences
818 * in layering. (JTAG is useful without any debug target; but not SWD.)
819 * And this may not even use an AHB-AP ... e.g. DAP-Lite uses an APB-AP.
821 int ahbap_debugport_init(struct adiv5_dap *dap)
829 /* JTAG-DP or SWJ-DP, in JTAG mode
830 * ... for SWD mode this is patched as part
834 dap->ops = &jtag_dp_ops;
836 /* Default MEM-AP setup.
838 * REVISIT AP #0 may be an inappropriate default for this.
839 * Should we probe, or take a hint from the caller?
840 * Presumably we can ignore the possibility of multiple APs.
842 dap->ap_current = !0;
843 dap_ap_select(dap, 0);
845 /* DP initialization */
847 retval = dap_queue_dp_read(dap, DP_CTRL_STAT, NULL);
848 if (retval != ERROR_OK)
851 retval = dap_queue_dp_write(dap, DP_CTRL_STAT, SSTICKYERR);
852 if (retval != ERROR_OK)
855 retval = dap_queue_dp_read(dap, DP_CTRL_STAT, NULL);
856 if (retval != ERROR_OK)
859 dap->dp_ctrl_stat = CDBGPWRUPREQ | CSYSPWRUPREQ;
860 retval = dap_queue_dp_write(dap, DP_CTRL_STAT, dap->dp_ctrl_stat);
861 if (retval != ERROR_OK)
864 retval = dap_queue_dp_read(dap, DP_CTRL_STAT, &ctrlstat);
865 if (retval != ERROR_OK)
867 retval = dap_run(dap);
868 if (retval != ERROR_OK)
871 /* Check that we have debug power domains activated */
872 while (!(ctrlstat & CDBGPWRUPACK) && (cnt++ < 10)) {
873 LOG_DEBUG("DAP: wait CDBGPWRUPACK");
874 retval = dap_queue_dp_read(dap, DP_CTRL_STAT, &ctrlstat);
875 if (retval != ERROR_OK)
877 retval = dap_run(dap);
878 if (retval != ERROR_OK)
883 while (!(ctrlstat & CSYSPWRUPACK) && (cnt++ < 10)) {
884 LOG_DEBUG("DAP: wait CSYSPWRUPACK");
885 retval = dap_queue_dp_read(dap, DP_CTRL_STAT, &ctrlstat);
886 if (retval != ERROR_OK)
888 retval = dap_run(dap);
889 if (retval != ERROR_OK)
894 retval = dap_queue_dp_read(dap, DP_CTRL_STAT, NULL);
895 if (retval != ERROR_OK)
897 /* With debug power on we can activate OVERRUN checking */
898 dap->dp_ctrl_stat = CDBGPWRUPREQ | CSYSPWRUPREQ | CORUNDETECT;
899 retval = dap_queue_dp_write(dap, DP_CTRL_STAT, dap->dp_ctrl_stat);
900 if (retval != ERROR_OK)
902 retval = dap_queue_dp_read(dap, DP_CTRL_STAT, NULL);
903 if (retval != ERROR_OK)
908 /* check that we support packed transfers */
911 retval = dap_setup_accessport(dap, CSW_8BIT | CSW_ADDRINC_PACKED, 0);
912 if (retval != ERROR_OK)
915 retval = dap_queue_ap_read(dap, AP_REG_CSW, &csw);
916 if (retval != ERROR_OK)
919 retval = dap_queue_ap_read(dap, AP_REG_CFG, &cfg);
920 if (retval != ERROR_OK)
923 retval = dap_run(dap);
924 if (retval != ERROR_OK)
927 if (csw & CSW_ADDRINC_PACKED)
928 dap->packed_transfers = true;
930 dap->packed_transfers = false;
932 /* Packed transfers on TI BE-32 processors do not work correctly in
934 if (dap->ti_be_32_quirks)
935 dap->packed_transfers = false;
937 LOG_DEBUG("MEM_AP Packed Transfers: %s",
938 dap->packed_transfers ? "enabled" : "disabled");
940 /* The ARM ADI spec leaves implementation-defined whether unaligned
941 * memory accesses work, only work partially, or cause a sticky error.
942 * On TI BE-32 processors, reads seem to return garbage in some bytes
943 * and unaligned writes seem to cause a sticky error.
944 * TODO: it would be nice to have a way to detect whether unaligned
945 * operations are supported on other processors. */
946 dap->unaligned_access_bad = dap->ti_be_32_quirks;
948 LOG_DEBUG("MEM_AP CFG: large data %d, long address %d, big-endian %d",
949 !!(cfg & 0x04), !!(cfg & 0x02), !!(cfg & 0x01));
954 /* CID interpretation -- see ARM IHI 0029B section 3
955 * and ARM IHI 0031A table 13-3.
957 static const char *class_description[16] = {
958 "Reserved", "ROM table", "Reserved", "Reserved",
959 "Reserved", "Reserved", "Reserved", "Reserved",
960 "Reserved", "CoreSight component", "Reserved", "Peripheral Test Block",
961 "Reserved", "OptimoDE DESS",
962 "Generic IP component", "PrimeCell or System component"
965 static bool is_dap_cid_ok(uint32_t cid3, uint32_t cid2, uint32_t cid1, uint32_t cid0)
967 return cid3 == 0xb1 && cid2 == 0x05
968 && ((cid1 & 0x0f) == 0) && cid0 == 0x0d;
972 * This function checks the ID for each access port to find the requested Access Port type
974 int dap_find_ap(struct adiv5_dap *dap, enum ap_type type_to_find, uint8_t *ap_num_out)
978 /* Maximum AP number is 255 since the SELECT register is 8 bits */
979 for (ap = 0; ap <= 255; ap++) {
981 /* read the IDR register of the Access Port */
983 dap_ap_select(dap, ap);
985 int retval = dap_queue_ap_read(dap, AP_REG_IDR, &id_val);
986 if (retval != ERROR_OK)
989 retval = dap_run(dap);
993 * 27-24 : JEDEC bank (0x4 for ARM)
994 * 23-17 : JEDEC code (0x3B for ARM)
997 * 7-0 : AP Identity (1=AHB-AP 2=APB-AP 0x10=JTAG-AP)
1000 /* Reading register for a non-existant AP should not cause an error,
1001 * but just to be sure, try to continue searching if an error does happen.
1003 if ((retval == ERROR_OK) && /* Register read success */
1004 ((id_val & 0x0FFF0000) == 0x04770000) && /* Jedec codes match */
1005 ((id_val & 0xFF) == type_to_find)) { /* type matches*/
1007 LOG_DEBUG("Found %s at AP index: %d (IDR=0x%08" PRIX32 ")",
1008 (type_to_find == AP_TYPE_AHB_AP) ? "AHB-AP" :
1009 (type_to_find == AP_TYPE_APB_AP) ? "APB-AP" :
1010 (type_to_find == AP_TYPE_JTAG_AP) ? "JTAG-AP" : "Unknown",
1018 LOG_DEBUG("No %s found",
1019 (type_to_find == AP_TYPE_AHB_AP) ? "AHB-AP" :
1020 (type_to_find == AP_TYPE_APB_AP) ? "APB-AP" :
1021 (type_to_find == AP_TYPE_JTAG_AP) ? "JTAG-AP" : "Unknown");
1025 int dap_get_debugbase(struct adiv5_dap *dap, int ap,
1026 uint32_t *out_dbgbase, uint32_t *out_apid)
1030 uint32_t dbgbase, apid;
1032 /* AP address is in bits 31:24 of DP_SELECT */
1034 return ERROR_COMMAND_SYNTAX_ERROR;
1036 ap_old = dap->ap_current;
1037 dap_ap_select(dap, ap);
1039 retval = dap_queue_ap_read(dap, AP_REG_BASE, &dbgbase);
1040 if (retval != ERROR_OK)
1042 retval = dap_queue_ap_read(dap, AP_REG_IDR, &apid);
1043 if (retval != ERROR_OK)
1045 retval = dap_run(dap);
1046 if (retval != ERROR_OK)
1049 /* Excavate the device ID code */
1050 struct jtag_tap *tap = dap->jtag_info->tap;
1051 while (tap != NULL) {
1054 tap = tap->next_tap;
1056 if (tap == NULL || !tap->hasidcode)
1059 dap_ap_select(dap, ap_old);
1061 /* The asignment happens only here to prevent modification of these
1062 * values before they are certain. */
1063 *out_dbgbase = dbgbase;
1069 int dap_lookup_cs_component(struct adiv5_dap *dap, int ap,
1070 uint32_t dbgbase, uint8_t type, uint32_t *addr)
1073 uint32_t romentry, entry_offset = 0, component_base, devtype;
1074 int retval = ERROR_FAIL;
1077 return ERROR_COMMAND_SYNTAX_ERROR;
1079 ap_old = dap->ap_current;
1080 dap_ap_select(dap, ap);
1083 retval = mem_ap_read_atomic_u32(dap, (dbgbase&0xFFFFF000) |
1084 entry_offset, &romentry);
1085 if (retval != ERROR_OK)
1088 component_base = (dbgbase & 0xFFFFF000)
1089 + (romentry & 0xFFFFF000);
1091 if (romentry & 0x1) {
1092 retval = mem_ap_read_atomic_u32(dap,
1093 (component_base & 0xfffff000) | 0xfcc,
1095 if (retval != ERROR_OK)
1097 if ((devtype & 0xff) == type) {
1098 *addr = component_base;
1104 } while (romentry > 0);
1106 dap_ap_select(dap, ap_old);
1111 static int dap_rom_display(struct command_context *cmd_ctx,
1112 struct adiv5_dap *dap, int ap, uint32_t dbgbase, int depth)
1115 uint32_t cid0, cid1, cid2, cid3, memtype, romentry;
1116 uint16_t entry_offset;
1120 command_print(cmd_ctx, "\tTables too deep");
1125 snprintf(tabs, sizeof(tabs), "[L%02d] ", depth);
1127 /* bit 16 of apid indicates a memory access port */
1129 command_print(cmd_ctx, "\t%sValid ROM table present", tabs);
1131 command_print(cmd_ctx, "\t%sROM table in legacy format", tabs);
1133 /* Now we read ROM table ID registers, ref. ARM IHI 0029B sec */
1134 retval = mem_ap_read_u32(dap, (dbgbase&0xFFFFF000) | 0xFF0, &cid0);
1135 if (retval != ERROR_OK)
1137 retval = mem_ap_read_u32(dap, (dbgbase&0xFFFFF000) | 0xFF4, &cid1);
1138 if (retval != ERROR_OK)
1140 retval = mem_ap_read_u32(dap, (dbgbase&0xFFFFF000) | 0xFF8, &cid2);
1141 if (retval != ERROR_OK)
1143 retval = mem_ap_read_u32(dap, (dbgbase&0xFFFFF000) | 0xFFC, &cid3);
1144 if (retval != ERROR_OK)
1146 retval = mem_ap_read_u32(dap, (dbgbase&0xFFFFF000) | 0xFCC, &memtype);
1147 if (retval != ERROR_OK)
1149 retval = dap_run(dap);
1150 if (retval != ERROR_OK)
1153 if (!is_dap_cid_ok(cid3, cid2, cid1, cid0))
1154 command_print(cmd_ctx, "\t%sCID3 0x%02x"
1159 (unsigned)cid3, (unsigned)cid2,
1160 (unsigned)cid1, (unsigned)cid0);
1162 command_print(cmd_ctx, "\t%sMEMTYPE system memory present on bus", tabs);
1164 command_print(cmd_ctx, "\t%sMEMTYPE system memory not present: dedicated debug bus", tabs);
1166 /* Now we read ROM table entries from dbgbase&0xFFFFF000) | 0x000 until we get 0x00000000 */
1167 for (entry_offset = 0; ; entry_offset += 4) {
1168 retval = mem_ap_read_atomic_u32(dap, (dbgbase&0xFFFFF000) | entry_offset, &romentry);
1169 if (retval != ERROR_OK)
1171 command_print(cmd_ctx, "\t%sROMTABLE[0x%x] = 0x%" PRIx32 "",
1172 tabs, entry_offset, romentry);
1173 if (romentry & 0x01) {
1174 uint32_t c_cid0, c_cid1, c_cid2, c_cid3;
1175 uint32_t c_pid0, c_pid1, c_pid2, c_pid3, c_pid4;
1176 uint32_t component_base;
1180 component_base = (dbgbase & 0xFFFFF000) + (romentry & 0xFFFFF000);
1182 /* IDs are in last 4K section */
1183 retval = mem_ap_read_atomic_u32(dap, component_base + 0xFE0, &c_pid0);
1184 if (retval != ERROR_OK) {
1185 command_print(cmd_ctx, "\t%s\tCan't read component with base address 0x%" PRIx32
1186 ", the corresponding core might be turned off", tabs, component_base);
1190 retval = mem_ap_read_atomic_u32(dap, component_base + 0xFE4, &c_pid1);
1191 if (retval != ERROR_OK)
1194 retval = mem_ap_read_atomic_u32(dap, component_base + 0xFE8, &c_pid2);
1195 if (retval != ERROR_OK)
1198 retval = mem_ap_read_atomic_u32(dap, component_base + 0xFEC, &c_pid3);
1199 if (retval != ERROR_OK)
1202 retval = mem_ap_read_atomic_u32(dap, component_base + 0xFD0, &c_pid4);
1203 if (retval != ERROR_OK)
1207 retval = mem_ap_read_atomic_u32(dap, component_base + 0xFF0, &c_cid0);
1208 if (retval != ERROR_OK)
1211 retval = mem_ap_read_atomic_u32(dap, component_base + 0xFF4, &c_cid1);
1212 if (retval != ERROR_OK)
1215 retval = mem_ap_read_atomic_u32(dap, component_base + 0xFF8, &c_cid2);
1216 if (retval != ERROR_OK)
1219 retval = mem_ap_read_atomic_u32(dap, component_base + 0xFFC, &c_cid3);
1220 if (retval != ERROR_OK)
1224 command_print(cmd_ctx, "\t\tComponent base address 0x%" PRIx32 ", "
1225 "start address 0x%" PRIx32, component_base,
1226 /* component may take multiple 4K pages */
1227 (uint32_t)(component_base - 0x1000*(c_pid4 >> 4)));
1228 command_print(cmd_ctx, "\t\tComponent class is 0x%" PRIx8 ", %s",
1229 (uint8_t)((c_cid1 >> 4) & 0xf),
1230 /* See ARM IHI 0029B Table 3-3 */
1231 class_description[(c_cid1 >> 4) & 0xf]);
1233 /* CoreSight component? */
1234 if (((c_cid1 >> 4) & 0x0f) == 9) {
1237 char *major = "Reserved", *subtype = "Reserved";
1239 retval = mem_ap_read_atomic_u32(dap,
1240 (component_base & 0xfffff000) | 0xfcc,
1242 if (retval != ERROR_OK)
1244 minor = (devtype >> 4) & 0x0f;
1245 switch (devtype & 0x0f) {
1247 major = "Miscellaneous";
1253 subtype = "Validation component";
1258 major = "Trace Sink";
1272 major = "Trace Link";
1278 subtype = "Funnel, router";
1284 subtype = "FIFO, buffer";
1289 major = "Trace Source";
1295 subtype = "Processor";
1301 subtype = "Engine/Coprocessor";
1309 major = "Debug Control";
1315 subtype = "Trigger Matrix";
1318 subtype = "Debug Auth";
1323 major = "Debug Logic";
1329 subtype = "Processor";
1335 subtype = "Engine/Coprocessor";
1340 command_print(cmd_ctx, "\t\tType is 0x%02" PRIx8 ", %s, %s",
1341 (uint8_t)(devtype & 0xff),
1343 /* REVISIT also show 0xfc8 DevId */
1346 if (!is_dap_cid_ok(cid3, cid2, cid1, cid0))
1347 command_print(cmd_ctx,
1356 command_print(cmd_ctx,
1357 "\t\tPeripheral ID[4..0] = hex "
1358 "%02x %02x %02x %02x %02x",
1359 (int)c_pid4, (int)c_pid3, (int)c_pid2,
1360 (int)c_pid1, (int)c_pid0);
1362 /* Part number interpretations are from Cortex
1363 * core specs, the CoreSight components TRM
1364 * (ARM DDI 0314H), CoreSight System Design
1365 * Guide (ARM DGI 0012D) and ETM specs; also
1366 * from chip observation (e.g. TI SDTI).
1368 part_num = (c_pid0 & 0xff);
1369 part_num |= (c_pid1 & 0x0f) << 8;
1372 type = "Cortex-M3 NVIC";
1373 full = "(Interrupt Controller)";
1376 type = "Cortex-M3 ITM";
1377 full = "(Instrumentation Trace Module)";
1380 type = "Cortex-M3 DWT";
1381 full = "(Data Watchpoint and Trace)";
1384 type = "Cortex-M3 FBP";
1385 full = "(Flash Patch and Breakpoint)";
1388 type = "Cortex-M4 SCS";
1389 full = "(System Control Space)";
1392 type = "CoreSight ETM11";
1393 full = "(Embedded Trace)";
1395 /* case 0x113: what? */
1396 case 0x120: /* from OMAP3 memmap */
1398 full = "(System Debug Trace Interface)";
1400 case 0x343: /* from OMAP3 memmap */
1405 type = "Coresight CTI";
1406 full = "(Cross Trigger)";
1409 type = "Coresight ETB";
1410 full = "(Trace Buffer)";
1413 type = "Coresight CSTF";
1414 full = "(Trace Funnel)";
1417 type = "CoreSight ETM9";
1418 full = "(Embedded Trace)";
1421 type = "Coresight TPIU";
1422 full = "(Trace Port Interface Unit)";
1425 type = "Coresight ITM";
1426 full = "(Instrumentation Trace Macrocell)";
1429 type = "Cortex-A8 ETM";
1430 full = "(Embedded Trace)";
1433 type = "Cortex-A8 CTI";
1434 full = "(Cross Trigger)";
1437 type = "Cortex-M3 TPIU";
1438 full = "(Trace Port Interface Unit)";
1441 type = "Cortex-M3 ETM";
1442 full = "(Embedded Trace)";
1445 type = "Cortex-M4 ETM";
1446 full = "(Embedded Trace)";
1449 type = "Cortex-R4 ETM";
1450 full = "(Embedded Trace)";
1453 type = "CoreSight Component";
1454 full = "(unidentified Cortex-A9 component)";
1457 type = "CoreSight PMU";
1458 full = "(Performance Monitoring Unit)";
1461 type = "Cortex-M4 TPUI";
1462 full = "(Trace Port Interface Unit)";
1465 type = "Cortex-A8 Debug";
1466 full = "(Debug Unit)";
1469 type = "Cortex-A9 Debug";
1470 full = "(Debug Unit)";
1473 type = "-*- unrecognized -*-";
1477 command_print(cmd_ctx, "\t\tPart is %s %s",
1481 if (((c_cid1 >> 4) & 0x0f) == 1) {
1482 retval = dap_rom_display(cmd_ctx, dap, ap, component_base, depth + 1);
1483 if (retval != ERROR_OK)
1488 command_print(cmd_ctx, "\t\tComponent not present");
1493 command_print(cmd_ctx, "\t%s\tEnd of ROM table", tabs);
1497 static int dap_info_command(struct command_context *cmd_ctx,
1498 struct adiv5_dap *dap, int ap)
1501 uint32_t dbgbase = 0, apid = 0; /* Silence gcc by initializing */
1502 int romtable_present = 0;
1506 retval = dap_get_debugbase(dap, ap, &dbgbase, &apid);
1507 if (retval != ERROR_OK)
1510 ap_old = dap->ap_current;
1511 dap_ap_select(dap, ap);
1513 /* Now we read ROM table ID registers, ref. ARM IHI 0029B sec */
1514 mem_ap = ((apid&0x10000) && ((apid&0x0F) != 0));
1515 command_print(cmd_ctx, "AP ID register 0x%8.8" PRIx32, apid);
1517 switch (apid&0x0F) {
1519 command_print(cmd_ctx, "\tType is JTAG-AP");
1522 command_print(cmd_ctx, "\tType is MEM-AP AHB");
1525 command_print(cmd_ctx, "\tType is MEM-AP APB");
1528 command_print(cmd_ctx, "\tUnknown AP type");
1532 /* NOTE: a MEM-AP may have a single CoreSight component that's
1533 * not a ROM table ... or have no such components at all.
1536 command_print(cmd_ctx, "AP BASE 0x%8.8" PRIx32, dbgbase);
1538 command_print(cmd_ctx, "No AP found at this ap 0x%x", ap);
1540 romtable_present = ((mem_ap) && (dbgbase != 0xFFFFFFFF));
1541 if (romtable_present) {
1542 dap_rom_display(cmd_ctx, dap, ap, dbgbase, 0);
1544 command_print(cmd_ctx, "\tNo ROM table present");
1545 dap_ap_select(dap, ap_old);
1550 COMMAND_HANDLER(handle_dap_info_command)
1552 struct target *target = get_current_target(CMD_CTX);
1553 struct arm *arm = target_to_arm(target);
1554 struct adiv5_dap *dap = arm->dap;
1562 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], apsel);
1565 return ERROR_COMMAND_SYNTAX_ERROR;
1568 return dap_info_command(CMD_CTX, dap, apsel);
1571 COMMAND_HANDLER(dap_baseaddr_command)
1573 struct target *target = get_current_target(CMD_CTX);
1574 struct arm *arm = target_to_arm(target);
1575 struct adiv5_dap *dap = arm->dap;
1577 uint32_t apsel, baseaddr;
1585 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], apsel);
1586 /* AP address is in bits 31:24 of DP_SELECT */
1588 return ERROR_COMMAND_SYNTAX_ERROR;
1591 return ERROR_COMMAND_SYNTAX_ERROR;
1594 dap_ap_select(dap, apsel);
1596 /* NOTE: assumes we're talking to a MEM-AP, which
1597 * has a base address. There are other kinds of AP,
1598 * though they're not common for now. This should
1599 * use the ID register to verify it's a MEM-AP.
1601 retval = dap_queue_ap_read(dap, AP_REG_BASE, &baseaddr);
1602 if (retval != ERROR_OK)
1604 retval = dap_run(dap);
1605 if (retval != ERROR_OK)
1608 command_print(CMD_CTX, "0x%8.8" PRIx32, baseaddr);
1613 COMMAND_HANDLER(dap_memaccess_command)
1615 struct target *target = get_current_target(CMD_CTX);
1616 struct arm *arm = target_to_arm(target);
1617 struct adiv5_dap *dap = arm->dap;
1619 uint32_t memaccess_tck;
1623 memaccess_tck = dap->memaccess_tck;
1626 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], memaccess_tck);
1629 return ERROR_COMMAND_SYNTAX_ERROR;
1631 dap->memaccess_tck = memaccess_tck;
1633 command_print(CMD_CTX, "memory bus access delay set to %" PRIi32 " tck",
1634 dap->memaccess_tck);
1639 COMMAND_HANDLER(dap_apsel_command)
1641 struct target *target = get_current_target(CMD_CTX);
1642 struct arm *arm = target_to_arm(target);
1643 struct adiv5_dap *dap = arm->dap;
1645 uint32_t apsel, apid;
1653 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], apsel);
1654 /* AP address is in bits 31:24 of DP_SELECT */
1656 return ERROR_COMMAND_SYNTAX_ERROR;
1659 return ERROR_COMMAND_SYNTAX_ERROR;
1663 dap_ap_select(dap, apsel);
1665 retval = dap_queue_ap_read(dap, AP_REG_IDR, &apid);
1666 if (retval != ERROR_OK)
1668 retval = dap_run(dap);
1669 if (retval != ERROR_OK)
1672 command_print(CMD_CTX, "ap %" PRIi32 " selected, identification register 0x%8.8" PRIx32,
1678 COMMAND_HANDLER(dap_apcsw_command)
1680 struct target *target = get_current_target(CMD_CTX);
1681 struct arm *arm = target_to_arm(target);
1682 struct adiv5_dap *dap = arm->dap;
1684 uint32_t apcsw = dap->apcsw[dap->apsel], sprot = 0;
1688 command_print(CMD_CTX, "apsel %" PRIi32 " selected, csw 0x%8.8" PRIx32,
1689 (dap->apsel), apcsw);
1692 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], sprot);
1693 /* AP address is in bits 31:24 of DP_SELECT */
1695 return ERROR_COMMAND_SYNTAX_ERROR;
1699 apcsw &= ~CSW_SPROT;
1702 return ERROR_COMMAND_SYNTAX_ERROR;
1704 dap->apcsw[dap->apsel] = apcsw;
1711 COMMAND_HANDLER(dap_apid_command)
1713 struct target *target = get_current_target(CMD_CTX);
1714 struct arm *arm = target_to_arm(target);
1715 struct adiv5_dap *dap = arm->dap;
1717 uint32_t apsel, apid;
1725 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], apsel);
1726 /* AP address is in bits 31:24 of DP_SELECT */
1728 return ERROR_COMMAND_SYNTAX_ERROR;
1731 return ERROR_COMMAND_SYNTAX_ERROR;
1734 dap_ap_select(dap, apsel);
1736 retval = dap_queue_ap_read(dap, AP_REG_IDR, &apid);
1737 if (retval != ERROR_OK)
1739 retval = dap_run(dap);
1740 if (retval != ERROR_OK)
1743 command_print(CMD_CTX, "0x%8.8" PRIx32, apid);
1748 COMMAND_HANDLER(dap_ti_be_32_quirks_command)
1750 struct target *target = get_current_target(CMD_CTX);
1751 struct arm *arm = target_to_arm(target);
1752 struct adiv5_dap *dap = arm->dap;
1754 uint32_t enable = dap->ti_be_32_quirks;
1760 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], enable);
1762 return ERROR_COMMAND_SYNTAX_ERROR;
1765 return ERROR_COMMAND_SYNTAX_ERROR;
1767 dap->ti_be_32_quirks = enable;
1768 command_print(CMD_CTX, "TI BE-32 quirks mode %s",
1769 enable ? "enabled" : "disabled");
1774 static const struct command_registration dap_commands[] = {
1777 .handler = handle_dap_info_command,
1778 .mode = COMMAND_EXEC,
1779 .help = "display ROM table for MEM-AP "
1780 "(default currently selected AP)",
1781 .usage = "[ap_num]",
1785 .handler = dap_apsel_command,
1786 .mode = COMMAND_EXEC,
1787 .help = "Set the currently selected AP (default 0) "
1788 "and display the result",
1789 .usage = "[ap_num]",
1793 .handler = dap_apcsw_command,
1794 .mode = COMMAND_EXEC,
1795 .help = "Set csw access bit ",
1801 .handler = dap_apid_command,
1802 .mode = COMMAND_EXEC,
1803 .help = "return ID register from AP "
1804 "(default currently selected AP)",
1805 .usage = "[ap_num]",
1809 .handler = dap_baseaddr_command,
1810 .mode = COMMAND_EXEC,
1811 .help = "return debug base address from MEM-AP "
1812 "(default currently selected AP)",
1813 .usage = "[ap_num]",
1816 .name = "memaccess",
1817 .handler = dap_memaccess_command,
1818 .mode = COMMAND_EXEC,
1819 .help = "set/get number of extra tck for MEM-AP memory "
1820 "bus access [0-255]",
1821 .usage = "[cycles]",
1824 .name = "ti_be_32_quirks",
1825 .handler = dap_ti_be_32_quirks_command,
1826 .mode = COMMAND_CONFIG,
1827 .help = "set/get quirks mode for TI TMS450/TMS570 processors",
1828 .usage = "[enable]",
1830 COMMAND_REGISTRATION_DONE
1833 const struct command_registration dap_command_handlers[] = {
1836 .mode = COMMAND_EXEC,
1837 .help = "DAP command group",
1839 .chain = dap_commands,
1841 COMMAND_REGISTRATION_DONE
projects / openocd / blob