OpenOCD
arm920t.c
Go to the documentation of this file.
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 
3 
4 /***************************************************************************
5  * Copyright (C) 2005 by Dominic Rath *
6  * Dominic.Rath@gmx.de *
7  ***************************************************************************/
8 
9 #ifdef HAVE_CONFIG_H
10 #include "config.h"
11 #endif
12 
13 #include "arm920t.h"
14 #include <helper/time_support.h>
15 #include <helper/string_choices.h>
16 #include "target_type.h"
17 #include "register.h"
18 #include "arm_opcodes.h"
19 
20 /*
21  * For information about the ARM920T, see ARM DDI 0151C especially
22  * Chapter 9 about debug support, which shows how to manipulate each
23  * of the different scan chains:
24  *
25  * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
26  * 1 ... debugging; watchpoint and breakpoint status, etc; also
27  * MMU and cache access in conjunction with scan chain 15
28  * 2 ... EmbeddedICE
29  * 3 ... external boundary scan (SoC-specific, unused here)
30  * 4 ... access to cache tag RAM
31  * 6 ... ETM9
32  * 15 ... access coprocessor 15, "physical" or "interpreted" modes
33  * "interpreted" works with a few actual MRC/MCR instructions
34  * "physical" provides register-like behaviors. Section 9.6.7
35  * covers these details.
36  *
37  * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
38  */
39 
40 #if 0
41 #define _DEBUG_INSTRUCTION_EXECUTION_
42 #endif
43 
44 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
45  * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
46  * JTAG scan, while reads use two.
47  *
48  * Table 9-9 lists the thirteen registers which support physical access.
49  * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
50  * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
51  *
52  * x == bit[38]
53  * y == bits[37:34]
54  * z == bit[33]
55  */
56 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
57 
58 /* Registers supporting physical Read access (from table 9-9) */
59 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
60 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
61 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
62 /* NOTE: several more registers support only physical read access */
63 
64 /* Registers supporting physical Read/Write access (from table 9-9) */
65 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
66 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
67 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
68 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
69 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
70 
71 static int arm920t_read_cp15_physical(struct target *target,
72  int reg_addr, uint32_t *value)
73 {
74  struct arm920t_common *arm920t = target_to_arm920(target);
75  struct arm_jtag *jtag_info;
76  struct scan_field fields[4];
77  uint8_t access_type_buf = 1;
78  uint8_t reg_addr_buf = reg_addr & 0x3f;
79  uint8_t nr_w_buf = 0;
80  int retval;
81 
82  jtag_info = &arm920t->arm7_9_common.jtag_info;
83 
84  retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
85  if (retval != ERROR_OK)
86  return retval;
87  retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_IDLE);
88  if (retval != ERROR_OK)
89  return retval;
90 
91  fields[0].num_bits = 1;
92  fields[0].out_value = &access_type_buf;
93  fields[0].in_value = NULL;
94 
95  fields[1].num_bits = 32;
96  fields[1].out_value = NULL;
97  fields[1].in_value = NULL;
98 
99  fields[2].num_bits = 6;
100  fields[2].out_value = &reg_addr_buf;
101  fields[2].in_value = NULL;
102 
103  fields[3].num_bits = 1;
104  fields[3].out_value = &nr_w_buf;
105  fields[3].in_value = NULL;
106 
107  jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
108 
109  fields[1].in_value = (uint8_t *)value;
110 
111  jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
112 
113  jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
114 
115 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
116  jtag_execute_queue();
117  LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
118 #endif
119 
120  return ERROR_OK;
121 }
122 
123 static int arm920t_write_cp15_physical(struct target *target,
124  int reg_addr, uint32_t value)
125 {
126  struct arm920t_common *arm920t = target_to_arm920(target);
127  struct arm_jtag *jtag_info;
128  struct scan_field fields[4];
129  uint8_t access_type_buf = 1;
130  uint8_t reg_addr_buf = reg_addr & 0x3f;
131  uint8_t nr_w_buf = 1;
132  uint8_t value_buf[4];
133  int retval;
134 
135  jtag_info = &arm920t->arm7_9_common.jtag_info;
136 
137  buf_set_u32(value_buf, 0, 32, value);
138 
139  retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
140  if (retval != ERROR_OK)
141  return retval;
142  retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_IDLE);
143  if (retval != ERROR_OK)
144  return retval;
145 
146  fields[0].num_bits = 1;
147  fields[0].out_value = &access_type_buf;
148  fields[0].in_value = NULL;
149 
150  fields[1].num_bits = 32;
151  fields[1].out_value = value_buf;
152  fields[1].in_value = NULL;
153 
154  fields[2].num_bits = 6;
155  fields[2].out_value = &reg_addr_buf;
156  fields[2].in_value = NULL;
157 
158  fields[3].num_bits = 1;
159  fields[3].out_value = &nr_w_buf;
160  fields[3].in_value = NULL;
161 
162  jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
163 
164 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
165  LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
166 #endif
167 
168  return ERROR_OK;
169 }
170 
171 /* See table 9-10 for scan chain 15 format during interpreted access mode.
172  * If the TESTSTATE register is set for interpreted access, certain CP15
173  * MRC and MCR instructions may be executed through scan chain 15.
174  *
175  * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
176  * executed using scan chain 15 interpreted mode.
177  */
178 static int arm920t_execute_cp15(struct target *target, uint32_t cp15_opcode,
179  uint32_t arm_opcode)
180 {
181  int retval;
182  struct arm920t_common *arm920t = target_to_arm920(target);
183  struct arm_jtag *jtag_info;
184  struct scan_field fields[4];
185  uint8_t access_type_buf = 0; /* interpreted access */
186  uint8_t reg_addr_buf = 0x0;
187  uint8_t nr_w_buf = 0;
188  uint8_t cp15_opcode_buf[4];
189 
190  jtag_info = &arm920t->arm7_9_common.jtag_info;
191 
192  retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
193  if (retval != ERROR_OK)
194  return retval;
195  retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_IDLE);
196  if (retval != ERROR_OK)
197  return retval;
198 
199  buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
200 
201  fields[0].num_bits = 1;
202  fields[0].out_value = &access_type_buf;
203  fields[0].in_value = NULL;
204 
205  fields[1].num_bits = 32;
206  fields[1].out_value = cp15_opcode_buf;
207  fields[1].in_value = NULL;
208 
209  fields[2].num_bits = 6;
210  fields[2].out_value = &reg_addr_buf;
211  fields[2].in_value = NULL;
212 
213  fields[3].num_bits = 1;
214  fields[3].out_value = &nr_w_buf;
215  fields[3].in_value = NULL;
216 
217  jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
218 
219  arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
220  arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
221  retval = arm7_9_execute_sys_speed(target);
222  if (retval != ERROR_OK)
223  return retval;
224 
225  retval = jtag_execute_queue();
226  if (retval != ERROR_OK) {
227  LOG_ERROR("failed executing JTAG queue");
228  return retval;
229  }
230 
231  return ERROR_OK;
232 }
233 
234 static int arm920t_read_cp15_interpreted(struct target *target,
235  uint32_t cp15_opcode, uint32_t address, uint32_t *value)
236 {
237  struct arm *arm = target_to_arm(target);
238  uint32_t *regs_p[16];
239  uint32_t regs[16];
240  uint32_t cp15c15 = 0x0;
241  struct reg *r = arm->core_cache->reg_list;
242 
243  /* load address into R1 */
244  regs[1] = address;
245  arm9tdmi_write_core_regs(target, 0x2, regs);
246 
247  /* read-modify-write CP15 test state register
248  * to enable interpreted access mode */
249  arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
250  jtag_execute_queue();
251  cp15c15 |= 1; /* set interpret mode */
252  arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
253 
254  /* execute CP15 instruction and ARM load (reading from coprocessor) */
255  arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
256 
257  /* disable interpreted access mode */
258  cp15c15 &= ~1U; /* clear interpret mode */
259  arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
260 
261  /* retrieve value from R0 */
262  regs_p[0] = value;
263  arm9tdmi_read_core_regs(target, 0x1, regs_p);
264  jtag_execute_queue();
265 
266 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
267  LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
268  cp15_opcode, address, *value);
269 #endif
270 
271  if (!is_arm_mode(arm->core_mode)) {
272  LOG_ERROR("not a valid arm core mode - communication failure?");
273  return ERROR_FAIL;
274  }
275 
276  r[0].dirty = true;
277  r[1].dirty = true;
278 
279  return ERROR_OK;
280 }
281 
282 static
283 int arm920t_write_cp15_interpreted(struct target *target,
284  uint32_t cp15_opcode, uint32_t value, uint32_t address)
285 {
286  uint32_t cp15c15 = 0x0;
287  struct arm *arm = target_to_arm(target);
288  uint32_t regs[16];
289  struct reg *r = arm->core_cache->reg_list;
290 
291  /* load value, address into R0, R1 */
292  regs[0] = value;
293  regs[1] = address;
294  arm9tdmi_write_core_regs(target, 0x3, regs);
295 
296  /* read-modify-write CP15 test state register
297  * to enable interpreted access mode */
298  arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
299  jtag_execute_queue();
300  cp15c15 |= 1; /* set interpret mode */
301  arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
302 
303  /* execute CP15 instruction and ARM store (writing to coprocessor) */
304  arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
305 
306  /* disable interpreted access mode */
307  cp15c15 &= ~1U; /* set interpret mode */
308  arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
309 
310 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
311  LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
312  cp15_opcode, value, address);
313 #endif
314 
315  if (!is_arm_mode(arm->core_mode)) {
316  LOG_ERROR("not a valid arm core mode - communication failure?");
317  return ERROR_FAIL;
318  }
319 
320  r[0].dirty = true;
321  r[1].dirty = true;
322 
323  return ERROR_OK;
324 }
325 
326 /* EXPORTED to FA256 */
327 int arm920t_get_ttb(struct target *target, uint32_t *result)
328 {
329  int retval;
330  uint32_t ttb = 0x0;
331 
332  retval = arm920t_read_cp15_interpreted(target,
333  /* FIXME use opcode macro */
334  0xeebf0f51, 0x0, &ttb);
335  if (retval != ERROR_OK)
336  return retval;
337 
338  *result = ttb;
339  return ERROR_OK;
340 }
341 
342 /* EXPORTED to FA256 */
343 int arm920t_disable_mmu_caches(struct target *target, int mmu,
344  int d_u_cache, int i_cache)
345 {
346  uint32_t cp15_control;
347  int retval;
348 
349  /* read cp15 control register */
350  retval = arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
351  if (retval != ERROR_OK)
352  return retval;
353  retval = jtag_execute_queue();
354  if (retval != ERROR_OK)
355  return retval;
356 
357  if (mmu)
358  cp15_control &= ~0x1U;
359 
360  if (d_u_cache)
361  cp15_control &= ~0x4U;
362 
363  if (i_cache)
364  cp15_control &= ~0x1000U;
365 
366  return arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
367 }
368 
369 /* EXPORTED to FA256 */
370 int arm920t_enable_mmu_caches(struct target *target, int mmu,
371  int d_u_cache, int i_cache)
372 {
373  uint32_t cp15_control;
374  int retval;
375 
376  /* read cp15 control register */
377  retval = arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
378  if (retval != ERROR_OK)
379  return retval;
380  retval = jtag_execute_queue();
381  if (retval != ERROR_OK)
382  return retval;
383 
384  if (mmu)
385  cp15_control |= 0x1U;
386 
387  if (d_u_cache)
388  cp15_control |= 0x4U;
389 
390  if (i_cache)
391  cp15_control |= 0x1000U;
392 
393  return arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
394 }
395 
396 /* EXPORTED to FA256 */
397 int arm920t_post_debug_entry(struct target *target)
398 {
399  uint32_t cp15c15;
400  struct arm920t_common *arm920t = target_to_arm920(target);
401  int retval;
402 
403  /* examine cp15 control reg */
404  retval = arm920t_read_cp15_physical(target,
405  CP15PHYS_CTRL, &arm920t->cp15_control_reg);
406  if (retval != ERROR_OK)
407  return retval;
408  retval = jtag_execute_queue();
409  if (retval != ERROR_OK)
410  return retval;
411  LOG_DEBUG("cp15_control_reg: %8.8" PRIx32, arm920t->cp15_control_reg);
412 
413  if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1) {
414  uint32_t cache_type_reg;
415  /* identify caches */
416  retval = arm920t_read_cp15_physical(target,
417  CP15PHYS_CACHETYPE, &cache_type_reg);
418  if (retval != ERROR_OK)
419  return retval;
420  retval = jtag_execute_queue();
421  if (retval != ERROR_OK)
422  return retval;
423  armv4_5_identify_cache(cache_type_reg,
424  &arm920t->armv4_5_mmu.armv4_5_cache);
425  }
426 
427  arm920t->armv4_5_mmu.mmu_enabled = arm920t->cp15_control_reg & 0x1U;
428  arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled =
429  arm920t->cp15_control_reg & 0x4U;
430  arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled =
431  arm920t->cp15_control_reg & 0x1000U;
432 
433  /* save i/d fault status and address register
434  * FIXME use opcode macros */
435  retval = arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
436  if (retval != ERROR_OK)
437  return retval;
438  retval = arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
439  if (retval != ERROR_OK)
440  return retval;
441  retval = arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
442  if (retval != ERROR_OK)
443  return retval;
444  retval = arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
445  if (retval != ERROR_OK)
446  return retval;
447 
448  LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32
449  ", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32,
450  arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
451 
452  if (arm920t->preserve_cache) {
453  /* read-modify-write CP15 test state register
454  * to disable I/D-cache linefills */
455  retval = arm920t_read_cp15_physical(target,
456  CP15PHYS_TESTSTATE, &cp15c15);
457  if (retval != ERROR_OK)
458  return retval;
459  retval = jtag_execute_queue();
460  if (retval != ERROR_OK)
461  return retval;
462  cp15c15 |= 0x600;
463  retval = arm920t_write_cp15_physical(target,
464  CP15PHYS_TESTSTATE, cp15c15);
465  if (retval != ERROR_OK)
466  return retval;
467  }
468  return ERROR_OK;
469 }
470 
471 /* EXPORTED to FA256 */
472 void arm920t_pre_restore_context(struct target *target)
473 {
474  uint32_t cp15c15 = 0;
475  struct arm920t_common *arm920t = target_to_arm920(target);
476 
477  /* restore i/d fault status and address register */
478  arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
479  arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
480  arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
481  arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
482 
483  /* read-modify-write CP15 test state register
484  * to reenable I/D-cache linefills */
485  if (arm920t->preserve_cache) {
486  arm920t_read_cp15_physical(target,
487  CP15PHYS_TESTSTATE, &cp15c15);
488  jtag_execute_queue();
489  cp15c15 &= ~0x600U;
490  arm920t_write_cp15_physical(target,
491  CP15PHYS_TESTSTATE, cp15c15);
492  }
493 }
494 
495 static const char arm920_not[] = "target is not an ARM920";
496 
497 static int arm920t_verify_pointer(struct command_invocation *cmd,
498  struct arm920t_common *arm920t)
499 {
500  if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
501  command_print(cmd, arm920_not);
502  return ERROR_TARGET_INVALID;
503  }
504 
505  return ERROR_OK;
506 }
507 
509 int arm920t_arch_state(struct target *target)
510 {
511  struct arm920t_common *arm920t = target_to_arm920(target);
512 
513  if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
514  LOG_ERROR("BUG: %s", arm920_not);
515  return ERROR_TARGET_INVALID;
516  }
517 
518  arm_arch_state(target);
519  LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
520  str_enabled_disabled(arm920t->armv4_5_mmu.mmu_enabled),
521  str_enabled_disabled(arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled),
522  str_enabled_disabled(arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled));
523 
524  return ERROR_OK;
525 }
526 
527 static int arm920_mmu(struct target *target, bool *enabled)
528 {
529  if (target->state != TARGET_HALTED) {
530  LOG_TARGET_ERROR(target, "not halted");
531  return ERROR_TARGET_NOT_HALTED;
532  }
533 
534  *enabled = target_to_arm920(target)->armv4_5_mmu.mmu_enabled;
535  return ERROR_OK;
536 }
537 
538 static int arm920_virt2phys(struct target *target,
539  target_addr_t virt, target_addr_t *phys)
540 {
541  uint32_t cb;
542  struct arm920t_common *arm920t = target_to_arm920(target);
543 
544  uint32_t ret;
545  int retval = armv4_5_mmu_translate_va(target,
546  &arm920t->armv4_5_mmu, virt, &cb, &ret);
547  if (retval != ERROR_OK)
548  return retval;
549  *phys = ret;
550  return ERROR_OK;
551 }
552 
554 int arm920t_read_memory(struct target *target, target_addr_t address,
555  uint32_t size, uint32_t count, uint8_t *buffer)
556 {
557  return arm7_9_read_memory(target, address, size, count, buffer);
558 }
559 
560 
561 static int arm920t_read_phys_memory(struct target *target,
562  target_addr_t address, uint32_t size,
563  uint32_t count, uint8_t *buffer)
564 {
565  struct arm920t_common *arm920t = target_to_arm920(target);
566 
567  return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu,
568  address, size, count, buffer);
569 }
570 
571 static int arm920t_write_phys_memory(struct target *target,
572  target_addr_t address, uint32_t size,
573  uint32_t count, const uint8_t *buffer)
574 {
575  struct arm920t_common *arm920t = target_to_arm920(target);
576 
577  return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu,
578  address, size, count, buffer);
579 }
580 
582 int arm920t_write_memory(struct target *target, target_addr_t address,
583  uint32_t size, uint32_t count, const uint8_t *buffer)
584 {
585  int retval;
586  const uint32_t cache_mask = ~0x1f; /* cache line size : 32 byte */
587  struct arm920t_common *arm920t = target_to_arm920(target);
588 
589  /* FIX!!!! this should be cleaned up and made much more general. The
590  * plan is to write up and test on arm920t specifically and
591  * then generalize and clean up afterwards.
592  *
593  * Also it should be moved to the callbacks that handle breakpoints
594  * specifically and not the generic memory write fn's. See XScale code.
595  */
596  if (arm920t->armv4_5_mmu.mmu_enabled && (count == 1) &&
597  ((size == 2) || (size == 4))) {
598  /* special case the handling of single word writes to
599  * bypass MMU, to allow implementation of breakpoints
600  * in memory marked read only
601  * by MMU
602  */
603  uint32_t cb;
604  uint32_t pa;
605 
606  /*
607  * We need physical address and cb
608  */
609  retval = armv4_5_mmu_translate_va(target, &arm920t->armv4_5_mmu,
610  address, &cb, &pa);
611  if (retval != ERROR_OK)
612  return retval;
613 
614  if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled) {
615  if (cb & 0x1) {
616  LOG_DEBUG("D-Cache buffered, "
617  "drain write buffer");
618  /*
619  * Buffered ?
620  * Drain write buffer - MCR p15,0,Rd,c7,c10,4
621  */
622 
623  retval = arm920t_write_cp15_interpreted(target,
624  ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
625  0x0, 0);
626  if (retval != ERROR_OK)
627  return retval;
628  }
629 
630  if (cb == 0x3) {
631  /*
632  * Write back memory ? -> clean cache
633  *
634  * There is no way to clean cache lines using
635  * cp15 scan chain, so copy the full cache
636  * line from cache to physical memory.
637  */
638  uint8_t data[32];
639 
640  LOG_DEBUG("D-Cache in 'write back' mode, "
641  "flush cache line");
642 
643  retval = target_read_memory(target,
644  address & cache_mask, 1,
645  sizeof(data), &data[0]);
646  if (retval != ERROR_OK)
647  return retval;
648 
649  retval = armv4_5_mmu_write_physical(target,
650  &arm920t->armv4_5_mmu,
651  pa & cache_mask, 1,
652  sizeof(data), &data[0]);
653  if (retval != ERROR_OK)
654  return retval;
655  }
656 
657  /* Cached ? */
658  if (cb & 0x2) {
659  /*
660  * Cached ? -> Invalidate data cache using MVA
661  *
662  * MCR p15,0,Rd,c7,c6,1
663  */
664  LOG_DEBUG("D-Cache enabled, "
665  "invalidate cache line");
666 
667  retval = arm920t_write_cp15_interpreted(target,
668  ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
669  address & cache_mask);
670  if (retval != ERROR_OK)
671  return retval;
672  }
673  }
674 
675  /* write directly to physical memory,
676  * bypassing any read only MMU bits, etc.
677  */
678  retval = armv4_5_mmu_write_physical(target,
679  &arm920t->armv4_5_mmu, pa, size,
680  count, buffer);
681  if (retval != ERROR_OK)
682  return retval;
683  } else {
684  retval = arm7_9_write_memory(target, address, size, count, buffer);
685  if (retval != ERROR_OK)
686  return retval;
687  }
688 
689  /* If ICache is enabled, we have to invalidate affected ICache lines
690  * the DCache is forced to write-through,
691  * so we don't have to clean it here
692  */
693  if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled) {
694  if (count <= 1) {
695  /* invalidate ICache single entry with MVA
696  * mcr 15, 0, r0, cr7, cr5, {1}
697  */
698  LOG_DEBUG("I-Cache enabled, "
699  "invalidating affected I-Cache line");
700  retval = arm920t_write_cp15_interpreted(target,
701  ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
702  0x0, address & cache_mask);
703  if (retval != ERROR_OK)
704  return retval;
705  } else {
706  /* invalidate ICache
707  * mcr 15, 0, r0, cr7, cr5, {0}
708  */
709  retval = arm920t_write_cp15_interpreted(target,
710  ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
711  0x0, 0x0);
712  if (retval != ERROR_OK)
713  return retval;
714  }
715  }
716 
717  return ERROR_OK;
718 }
719 
720 /* EXPORTED to FA256 */
721 int arm920t_soft_reset_halt(struct target *target)
722 {
723  int retval = ERROR_OK;
724  struct arm920t_common *arm920t = target_to_arm920(target);
725  struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
726  struct arm *arm = &arm7_9->arm;
727  struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
728 
729  retval = target_halt(target);
730  if (retval != ERROR_OK)
731  return retval;
732 
733  int64_t then = timeval_ms();
734  bool timeout;
735  while (!(timeout = ((timeval_ms()-then) > 1000))) {
736  if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0) {
737  embeddedice_read_reg(dbg_stat);
738  retval = jtag_execute_queue();
739  if (retval != ERROR_OK)
740  return retval;
741  } else
742  break;
743  if (LOG_LEVEL_IS(LOG_LVL_DEBUG)) {
744  /* do not eat all CPU, time out after 1 se*/
745  alive_sleep(100);
746  } else
747  keep_alive();
748  }
749  if (timeout) {
750  LOG_ERROR("Failed to halt CPU after 1 sec");
751  return ERROR_TARGET_TIMEOUT;
752  }
753 
754  target->state = TARGET_HALTED;
755 
756  /* SVC, ARM state, IRQ and FIQ disabled */
757  uint32_t cpsr;
758 
759  cpsr = buf_get_u32(arm->cpsr->value, 0, 32);
760  cpsr &= ~0xff;
761  cpsr |= 0xd3;
762  arm_set_cpsr(arm, cpsr);
763  arm->cpsr->dirty = true;
764 
765  /* start fetching from 0x0 */
766  buf_set_u32(arm->pc->value, 0, 32, 0x0);
767  arm->pc->dirty = true;
768  arm->pc->valid = true;
769 
770  arm920t_disable_mmu_caches(target, 1, 1, 1);
771  arm920t->armv4_5_mmu.mmu_enabled = false;
772  arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = false;
773  arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = false;
774 
775  return target_call_event_callbacks(target, TARGET_EVENT_HALTED);
776 }
777 
778 /* FIXME remove forward decls */
779 static int arm920t_mrc(struct target *target, int cpnum,
780  uint32_t op1, uint32_t op2,
781  uint32_t crn, uint32_t crm,
782  uint32_t *value);
783 static int arm920t_mcr(struct target *target, int cpnum,
784  uint32_t op1, uint32_t op2,
785  uint32_t crn, uint32_t crm,
786  uint32_t value);
787 
788 static int arm920t_init_arch_info(struct target *target,
789  struct arm920t_common *arm920t, struct jtag_tap *tap)
790 {
791  struct arm7_9_common *arm7_9 = &arm920t->arm7_9_common;
792 
793  arm7_9->arm.mrc = arm920t_mrc;
794  arm7_9->arm.mcr = arm920t_mcr;
795 
796  /* initialize arm7/arm9 specific info (including armv4_5) */
797  arm9tdmi_init_arch_info(target, arm7_9, tap);
798 
799  arm920t->common_magic = ARM920T_COMMON_MAGIC;
800 
801  arm7_9->post_debug_entry = arm920t_post_debug_entry;
802  arm7_9->pre_restore_context = arm920t_pre_restore_context;
803  arm7_9->write_memory = arm920t_write_memory;
804 
805  arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
806  arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
807  arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
808  arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
809  arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
810  arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
811  arm920t->armv4_5_mmu.has_tiny_pages = 1;
812  arm920t->armv4_5_mmu.mmu_enabled = false;
813 
814  /* disabling linefills leads to lockups, so keep them enabled for now
815  * this doesn't affect correctness, but might affect timing issues, if
816  * important data is evicted from the cache during the debug session
817  * */
818  arm920t->preserve_cache = 0;
819 
820  /* override hw single-step capability from ARM9TDMI */
821  arm7_9->has_single_step = 1;
822 
823  return ERROR_OK;
824 }
825 
826 static int arm920t_target_create(struct target *target)
827 {
828  struct arm920t_common *arm920t;
829 
830  arm920t = calloc(1, sizeof(struct arm920t_common));
831  return arm920t_init_arch_info(target, arm920t, target->tap);
832 }
833 
834 static void arm920t_deinit_target(struct target *target)
835 {
836  struct arm *arm = target_to_arm(target);
837  struct arm920t_common *arm920t = target_to_arm920(target);
838 
839  arm7_9_deinit(target);
840  arm_free_reg_cache(arm);
841  free(arm920t);
842 }
843 
844 COMMAND_HANDLER(arm920t_handle_read_cache_command)
845 {
846  int retval = ERROR_OK;
847  struct target *target = get_current_target(CMD_CTX);
848  struct arm920t_common *arm920t = target_to_arm920(target);
849  struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
850  struct arm *arm = &arm7_9->arm;
851  uint32_t cp15c15;
852  uint32_t cp15_ctrl, cp15_ctrl_saved;
853  uint32_t regs[16];
854  uint32_t *regs_p[16];
855  uint32_t c15_c_d_ind, c15_c_i_ind;
856  int i;
857  FILE *output;
858  int segment, index_t;
859  struct reg *r;
860 
861  retval = arm920t_verify_pointer(CMD, arm920t);
862  if (retval != ERROR_OK)
863  return retval;
864 
865  if (CMD_ARGC != 1)
866  return ERROR_COMMAND_SYNTAX_ERROR;
867 
868  output = fopen(CMD_ARGV[0], "w");
869  if (!output) {
870  LOG_DEBUG("error opening cache content file");
871  return ERROR_OK;
872  }
873 
874  for (i = 0; i < 16; i++)
875  regs_p[i] = &regs[i];
876 
877  /* disable MMU and Caches */
878  arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
879  retval = jtag_execute_queue();
880  if (retval != ERROR_OK)
881  return retval;
882  cp15_ctrl_saved = cp15_ctrl;
883  cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED
884  | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
885  arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
886 
887  /* read CP15 test state register */
888  arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
889  jtag_execute_queue();
890 
891  /* read DCache content */
892  fprintf(output, "DCache:\n");
893 
894  /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
895  for (segment = 0;
896  segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;
897  segment++) {
898  fprintf(output, "\nsegment: %i\n----------", segment);
899 
900  /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
901  regs[0] = 0x0 | (segment << 5);
902  arm9tdmi_write_core_regs(target, 0x1, regs);
903 
904  /* set interpret mode */
905  cp15c15 |= 0x1;
906  arm920t_write_cp15_physical(target,
907  CP15PHYS_TESTSTATE, cp15c15);
908 
909  /* D CAM Read, loads current victim into C15.C.D.Ind */
910  arm920t_execute_cp15(target,
911  ARMV4_5_MCR(15, 2, 0, 15, 6, 2), ARMV4_5_LDR(1, 0));
912 
913  /* read current victim */
914  arm920t_read_cp15_physical(target,
915  CP15PHYS_DCACHE_IDX, &c15_c_d_ind);
916 
917  /* clear interpret mode */
918  cp15c15 &= ~0x1;
919  arm920t_write_cp15_physical(target,
920  CP15PHYS_TESTSTATE, cp15c15);
921 
922  for (index_t = 0; index_t < 64; index_t++) {
923  /* Ra:
924  * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
925  */
926  regs[0] = 0x0 | (segment << 5) | (index_t << 26);
927  arm9tdmi_write_core_regs(target, 0x1, regs);
928 
929  /* set interpret mode */
930  cp15c15 |= 0x1;
931  arm920t_write_cp15_physical(target,
932  CP15PHYS_TESTSTATE, cp15c15);
933 
934  /* Write DCache victim */
935  arm920t_execute_cp15(target,
936  ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));
937 
938  /* Read D RAM */
939  arm920t_execute_cp15(target,
940  ARMV4_5_MCR(15, 2, 0, 15, 10, 2),
941  ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
942 
943  /* Read D CAM */
944  arm920t_execute_cp15(target,
945  ARMV4_5_MCR(15, 2, 0, 15, 6, 2),
946  ARMV4_5_LDR(9, 0));
947 
948  /* clear interpret mode */
949  cp15c15 &= ~0x1;
950  arm920t_write_cp15_physical(target,
951  CP15PHYS_TESTSTATE, cp15c15);
952 
953  /* read D RAM and CAM content */
954  arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
955  retval = jtag_execute_queue();
956  if (retval != ERROR_OK)
957  return retval;
958 
959  /* mask LFSR[6] */
960  regs[9] &= 0xfffffffe;
961  fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8"
962  PRIx32 ", content (%s):\n",
963  segment, index_t, regs[9],
964  (regs[9] & 0x10) ? "valid" : "invalid");
965 
966  for (i = 1; i < 9; i++) {
967  fprintf(output, "%i: 0x%8.8" PRIx32 "\n",
968  i-1, regs[i]);
969  }
970 
971  }
972 
973  /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
974  regs[0] = 0x0 | (segment << 5) | (c15_c_d_ind << 26);
975  arm9tdmi_write_core_regs(target, 0x1, regs);
976 
977  /* set interpret mode */
978  cp15c15 |= 0x1;
979  arm920t_write_cp15_physical(target,
980  CP15PHYS_TESTSTATE, cp15c15);
981 
982  /* Write DCache victim */
983  arm920t_execute_cp15(target,
984  ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));
985 
986  /* clear interpret mode */
987  cp15c15 &= ~0x1;
988  arm920t_write_cp15_physical(target,
989  CP15PHYS_TESTSTATE, cp15c15);
990  }
991 
992  /* read ICache content */
993  fprintf(output, "ICache:\n");
994 
995  /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
996  for (segment = 0;
997  segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;
998  segment++) {
999  fprintf(output, "segment: %i\n----------", segment);
1000 
1001  /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1002  regs[0] = 0x0 | (segment << 5);
1003  arm9tdmi_write_core_regs(target, 0x1, regs);
1004 
1005  /* set interpret mode */
1006  cp15c15 |= 0x1;
1007  arm920t_write_cp15_physical(target,
1008  CP15PHYS_TESTSTATE, cp15c15);
1009 
1010  /* I CAM Read, loads current victim into C15.C.I.Ind */
1011  arm920t_execute_cp15(target,
1012  ARMV4_5_MCR(15, 2, 0, 15, 5, 2), ARMV4_5_LDR(1, 0));
1013 
1014  /* read current victim */
1015  arm920t_read_cp15_physical(target, CP15PHYS_ICACHE_IDX,
1016  &c15_c_i_ind);
1017 
1018  /* clear interpret mode */
1019  cp15c15 &= ~0x1;
1020  arm920t_write_cp15_physical(target,
1021  CP15PHYS_TESTSTATE, cp15c15);
1022 
1023  for (index_t = 0; index_t < 64; index_t++) {
1024  /* Ra:
1025  * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1026  */
1027  regs[0] = 0x0 | (segment << 5) | (index_t << 26);
1028  arm9tdmi_write_core_regs(target, 0x1, regs);
1029 
1030  /* set interpret mode */
1031  cp15c15 |= 0x1;
1032  arm920t_write_cp15_physical(target,
1033  CP15PHYS_TESTSTATE, cp15c15);
1034 
1035  /* Write ICache victim */
1036  arm920t_execute_cp15(target,
1037  ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));
1038 
1039  /* Read I RAM */
1040  arm920t_execute_cp15(target,
1041  ARMV4_5_MCR(15, 2, 0, 15, 9, 2),
1042  ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1043 
1044  /* Read I CAM */
1045  arm920t_execute_cp15(target,
1046  ARMV4_5_MCR(15, 2, 0, 15, 5, 2),
1047  ARMV4_5_LDR(9, 0));
1048 
1049  /* clear interpret mode */
1050  cp15c15 &= ~0x1;
1051  arm920t_write_cp15_physical(target,
1052  CP15PHYS_TESTSTATE, cp15c15);
1053 
1054  /* read I RAM and CAM content */
1055  arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
1056  retval = jtag_execute_queue();
1057  if (retval != ERROR_OK)
1058  return retval;
1059 
1060  /* mask LFSR[6] */
1061  regs[9] &= 0xfffffffe;
1062  fprintf(output, "\nsegment: %i, index: %i, "
1063  "CAM: 0x%8.8" PRIx32 ", content (%s):\n",
1064  segment, index_t, regs[9],
1065  (regs[9] & 0x10) ? "valid" : "invalid");
1066 
1067  for (i = 1; i < 9; i++) {
1068  fprintf(output, "%i: 0x%8.8" PRIx32 "\n",
1069  i-1, regs[i]);
1070  }
1071  }
1072 
1073  /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1074  regs[0] = 0x0 | (segment << 5) | (c15_c_d_ind << 26);
1075  arm9tdmi_write_core_regs(target, 0x1, regs);
1076 
1077  /* set interpret mode */
1078  cp15c15 |= 0x1;
1079  arm920t_write_cp15_physical(target,
1080  CP15PHYS_TESTSTATE, cp15c15);
1081 
1082  /* Write ICache victim */
1083  arm920t_execute_cp15(target,
1084  ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));
1085 
1086  /* clear interpret mode */
1087  cp15c15 &= ~0x1;
1088  arm920t_write_cp15_physical(target,
1089  CP15PHYS_TESTSTATE, cp15c15);
1090  }
1091 
1092  /* restore CP15 MMU and Cache settings */
1093  arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1094 
1095  command_print(CMD, "cache content successfully output to %s",
1096  CMD_ARGV[0]);
1097 
1098  fclose(output);
1099 
1100  if (!is_arm_mode(arm->core_mode)) {
1101  LOG_ERROR("not a valid arm core mode - communication failure?");
1102  return ERROR_FAIL;
1103  }
1104 
1105  /* force writeback of the valid data */
1106  r = arm->core_cache->reg_list;
1107  r[0].dirty = r[0].valid;
1108  r[1].dirty = r[1].valid;
1109  r[2].dirty = r[2].valid;
1110  r[3].dirty = r[3].valid;
1111  r[4].dirty = r[4].valid;
1112  r[5].dirty = r[5].valid;
1113  r[6].dirty = r[6].valid;
1114  r[7].dirty = r[7].valid;
1115 
1116  r = arm_reg_current(arm, 8);
1117  r->dirty = r->valid;
1118 
1119  r = arm_reg_current(arm, 9);
1120  r->dirty = r->valid;
1121 
1122  return ERROR_OK;
1123 }
1124 
1125 COMMAND_HANDLER(arm920t_handle_read_mmu_command)
1126 {
1127  int retval = ERROR_OK;
1128  struct target *target = get_current_target(CMD_CTX);
1129  struct arm920t_common *arm920t = target_to_arm920(target);
1130  struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1131  struct arm *arm = &arm7_9->arm;
1132  uint32_t cp15c15;
1133  uint32_t cp15_ctrl, cp15_ctrl_saved;
1134  uint32_t regs[16];
1135  uint32_t *regs_p[16];
1136  int i;
1137  FILE *output;
1138  uint32_t d_lockdown, i_lockdown;
1139  struct arm920t_tlb_entry d_tlb[64], i_tlb[64];
1140  int victim;
1141  struct reg *r;
1142 
1143  retval = arm920t_verify_pointer(CMD, arm920t);
1144  if (retval != ERROR_OK)
1145  return retval;
1146 
1147  if (CMD_ARGC != 1)
1148  return ERROR_COMMAND_SYNTAX_ERROR;
1149 
1150  output = fopen(CMD_ARGV[0], "w");
1151  if (!output) {
1152  LOG_DEBUG("error opening mmu content file");
1153  return ERROR_OK;
1154  }
1155 
1156  for (i = 0; i < 16; i++)
1157  regs_p[i] = &regs[i];
1158 
1159  /* disable MMU and Caches */
1160  arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
1161  retval = jtag_execute_queue();
1162  if (retval != ERROR_OK)
1163  return retval;
1164  cp15_ctrl_saved = cp15_ctrl;
1165  cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED
1166  | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
1167  arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
1168 
1169  /* read CP15 test state register */
1170  arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
1171  retval = jtag_execute_queue();
1172  if (retval != ERROR_OK)
1173  return retval;
1174 
1175  /* prepare reading D TLB content
1176  * */
1177 
1178  /* set interpret mode */
1179  cp15c15 |= 0x1;
1180  arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1181 
1182  /* Read D TLB lockdown */
1183  arm920t_execute_cp15(target,
1184  ARMV4_5_MRC(15, 0, 0, 10, 0, 0), ARMV4_5_LDR(1, 0));
1185 
1186  /* clear interpret mode */
1187  cp15c15 &= ~0x1;
1188  arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1189 
1190  /* read D TLB lockdown stored to r1 */
1191  arm9tdmi_read_core_regs(target, 0x2, regs_p);
1192  retval = jtag_execute_queue();
1193  if (retval != ERROR_OK)
1194  return retval;
1195  d_lockdown = regs[1];
1196 
1197  for (victim = 0; victim < 64; victim += 8) {
1198  /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1199  * base remains unchanged, victim goes through entries 0 to 63
1200  */
1201  regs[1] = (d_lockdown & 0xfc000000) | (victim << 20);
1202  arm9tdmi_write_core_regs(target, 0x2, regs);
1203 
1204  /* set interpret mode */
1205  cp15c15 |= 0x1;
1206  arm920t_write_cp15_physical(target,
1207  CP15PHYS_TESTSTATE, cp15c15);
1208 
1209  /* Write D TLB lockdown */
1210  arm920t_execute_cp15(target,
1211  ARMV4_5_MCR(15, 0, 0, 10, 0, 0),
1212  ARMV4_5_STR(1, 0));
1213 
1214  /* Read D TLB CAM */
1215  arm920t_execute_cp15(target,
1216  ARMV4_5_MCR(15, 4, 0, 15, 6, 4),
1217  ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1218 
1219  /* clear interpret mode */
1220  cp15c15 &= ~0x1;
1221  arm920t_write_cp15_physical(target,
1222  CP15PHYS_TESTSTATE, cp15c15);
1223 
1224  /* read D TLB CAM content stored to r2-r9 */
1225  arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1226  retval = jtag_execute_queue();
1227  if (retval != ERROR_OK)
1228  return retval;
1229 
1230  for (i = 0; i < 8; i++)
1231  d_tlb[victim + i].cam = regs[i + 2];
1232  }
1233 
1234  for (victim = 0; victim < 64; victim++) {
1235  /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1236  * base remains unchanged, victim goes through entries 0 to 63
1237  */
1238  regs[1] = (d_lockdown & 0xfc000000) | (victim << 20);
1239  arm9tdmi_write_core_regs(target, 0x2, regs);
1240 
1241  /* set interpret mode */
1242  cp15c15 |= 0x1;
1243  arm920t_write_cp15_physical(target,
1244  CP15PHYS_TESTSTATE, cp15c15);
1245 
1246  /* Write D TLB lockdown */
1247  arm920t_execute_cp15(target,
1248  ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));
1249 
1250  /* Read D TLB RAM1 */
1251  arm920t_execute_cp15(target,
1252  ARMV4_5_MCR(15, 4, 0, 15, 10, 4), ARMV4_5_LDR(2, 0));
1253 
1254  /* Read D TLB RAM2 */
1255  arm920t_execute_cp15(target,
1256  ARMV4_5_MCR(15, 4, 0, 15, 2, 5), ARMV4_5_LDR(3, 0));
1257 
1258  /* clear interpret mode */
1259  cp15c15 &= ~0x1;
1260  arm920t_write_cp15_physical(target,
1261  CP15PHYS_TESTSTATE, cp15c15);
1262 
1263  /* read D TLB RAM content stored to r2 and r3 */
1264  arm9tdmi_read_core_regs(target, 0xc, regs_p);
1265  retval = jtag_execute_queue();
1266  if (retval != ERROR_OK)
1267  return retval;
1268 
1269  d_tlb[victim].ram1 = regs[2];
1270  d_tlb[victim].ram2 = regs[3];
1271  }
1272 
1273  /* restore D TLB lockdown */
1274  regs[1] = d_lockdown;
1275  arm9tdmi_write_core_regs(target, 0x2, regs);
1276 
1277  /* Write D TLB lockdown */
1278  arm920t_execute_cp15(target,
1279  ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));
1280 
1281  /* prepare reading I TLB content
1282  * */
1283 
1284  /* set interpret mode */
1285  cp15c15 |= 0x1;
1286  arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1287 
1288  /* Read I TLB lockdown */
1289  arm920t_execute_cp15(target,
1290  ARMV4_5_MRC(15, 0, 0, 10, 0, 1), ARMV4_5_LDR(1, 0));
1291 
1292  /* clear interpret mode */
1293  cp15c15 &= ~0x1;
1294  arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1295 
1296  /* read I TLB lockdown stored to r1 */
1297  arm9tdmi_read_core_regs(target, 0x2, regs_p);
1298  retval = jtag_execute_queue();
1299  if (retval != ERROR_OK)
1300  return retval;
1301  i_lockdown = regs[1];
1302 
1303  for (victim = 0; victim < 64; victim += 8) {
1304  /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1305  * base remains unchanged, victim goes through entries 0 to 63
1306  */
1307  regs[1] = (i_lockdown & 0xfc000000) | (victim << 20);
1308  arm9tdmi_write_core_regs(target, 0x2, regs);
1309 
1310  /* set interpret mode */
1311  cp15c15 |= 0x1;
1312  arm920t_write_cp15_physical(target,
1313  CP15PHYS_TESTSTATE, cp15c15);
1314 
1315  /* Write I TLB lockdown */
1316  arm920t_execute_cp15(target,
1317  ARMV4_5_MCR(15, 0, 0, 10, 0, 1),
1318  ARMV4_5_STR(1, 0));
1319 
1320  /* Read I TLB CAM */
1321  arm920t_execute_cp15(target,
1322  ARMV4_5_MCR(15, 4, 0, 15, 5, 4),
1323  ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1324 
1325  /* clear interpret mode */
1326  cp15c15 &= ~0x1;
1327  arm920t_write_cp15_physical(target,
1328  CP15PHYS_TESTSTATE, cp15c15);
1329 
1330  /* read I TLB CAM content stored to r2-r9 */
1331  arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1332  retval = jtag_execute_queue();
1333  if (retval != ERROR_OK)
1334  return retval;
1335 
1336  for (i = 0; i < 8; i++)
1337  i_tlb[i + victim].cam = regs[i + 2];
1338  }
1339 
1340  for (victim = 0; victim < 64; victim++) {
1341  /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1342  * base remains unchanged, victim goes through entries 0 to 63
1343  */
1344  regs[1] = (d_lockdown & 0xfc000000) | (victim << 20);
1345  arm9tdmi_write_core_regs(target, 0x2, regs);
1346 
1347  /* set interpret mode */
1348  cp15c15 |= 0x1;
1349  arm920t_write_cp15_physical(target,
1350  CP15PHYS_TESTSTATE, cp15c15);
1351 
1352  /* Write I TLB lockdown */
1353  arm920t_execute_cp15(target,
1354  ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));
1355 
1356  /* Read I TLB RAM1 */
1357  arm920t_execute_cp15(target,
1358  ARMV4_5_MCR(15, 4, 0, 15, 9, 4), ARMV4_5_LDR(2, 0));
1359 
1360  /* Read I TLB RAM2 */
1361  arm920t_execute_cp15(target,
1362  ARMV4_5_MCR(15, 4, 0, 15, 1, 5), ARMV4_5_LDR(3, 0));
1363 
1364  /* clear interpret mode */
1365  cp15c15 &= ~0x1;
1366  arm920t_write_cp15_physical(target,
1367  CP15PHYS_TESTSTATE, cp15c15);
1368 
1369  /* read I TLB RAM content stored to r2 and r3 */
1370  arm9tdmi_read_core_regs(target, 0xc, regs_p);
1371  retval = jtag_execute_queue();
1372  if (retval != ERROR_OK)
1373  return retval;
1374 
1375  i_tlb[victim].ram1 = regs[2];
1376  i_tlb[victim].ram2 = regs[3];
1377  }
1378 
1379  /* restore I TLB lockdown */
1380  regs[1] = i_lockdown;
1381  arm9tdmi_write_core_regs(target, 0x2, regs);
1382 
1383  /* Write I TLB lockdown */
1384  arm920t_execute_cp15(target,
1385  ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));
1386 
1387  /* restore CP15 MMU and Cache settings */
1388  arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1389 
1390  /* output data to file */
1391  fprintf(output, "D TLB content:\n");
1392  for (i = 0; i < 64; i++) {
1393  fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32
1394  " 0x%8.8" PRIx32 " %s\n",
1395  i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2,
1396  (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1397  }
1398 
1399  fprintf(output, "\n\nI TLB content:\n");
1400  for (i = 0; i < 64; i++) {
1401  fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32
1402  " 0x%8.8" PRIx32 " %s\n",
1403  i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2,
1404  (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1405  }
1406 
1407  command_print(CMD, "mmu content successfully output to %s",
1408  CMD_ARGV[0]);
1409 
1410  fclose(output);
1411 
1412  if (!is_arm_mode(arm->core_mode)) {
1413  LOG_ERROR("not a valid arm core mode - communication failure?");
1414  return ERROR_FAIL;
1415  }
1416 
1417  /* force writeback of the valid data */
1418  r = arm->core_cache->reg_list;
1419  r[0].dirty = r[0].valid;
1420  r[1].dirty = r[1].valid;
1421  r[2].dirty = r[2].valid;
1422  r[3].dirty = r[3].valid;
1423  r[4].dirty = r[4].valid;
1424  r[5].dirty = r[5].valid;
1425  r[6].dirty = r[6].valid;
1426  r[7].dirty = r[7].valid;
1427 
1428  r = arm_reg_current(arm, 8);
1429  r->dirty = r->valid;
1430 
1431  r = arm_reg_current(arm, 9);
1432  r->dirty = r->valid;
1433 
1434  return ERROR_OK;
1435 }
1436 
1437 COMMAND_HANDLER(arm920t_handle_cp15_command)
1438 {
1439  int retval;
1440  struct target *target = get_current_target(CMD_CTX);
1441  struct arm920t_common *arm920t = target_to_arm920(target);
1442 
1443  retval = arm920t_verify_pointer(CMD, arm920t);
1444  if (retval != ERROR_OK)
1445  return retval;
1446 
1447  if (target->state != TARGET_HALTED) {
1448  command_print(CMD, "Error: target must be stopped for "
1449  "\"%s\" command", CMD_NAME);
1450  return ERROR_TARGET_NOT_HALTED;
1451  }
1452 
1453  /* one argument, read a register.
1454  * two arguments, write it.
1455  */
1456  if (CMD_ARGC >= 1) {
1457  int address;
1458  COMMAND_PARSE_NUMBER(int, CMD_ARGV[0], address);
1459 
1460  if (CMD_ARGC == 1) {
1461  uint32_t value;
1462  retval = arm920t_read_cp15_physical(target, address, &value);
1463  if (retval != ERROR_OK) {
1464  command_print(CMD,
1465  "couldn't access reg %i", address);
1466  return ERROR_OK;
1467  }
1468  retval = jtag_execute_queue();
1469  if (retval != ERROR_OK)
1470  return retval;
1471 
1472  command_print(CMD, "%i: %8.8" PRIx32,
1473  address, value);
1474  } else if (CMD_ARGC == 2) {
1475  uint32_t value;
1476  COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1477  retval = arm920t_write_cp15_physical(target,
1478  address, value);
1479  if (retval != ERROR_OK) {
1480  command_print(CMD,
1481  "couldn't access reg %i", address);
1482  /* REVISIT why lie? "return retval"? */
1483  return ERROR_OK;
1484  }
1485  command_print(CMD, "%i: %8.8" PRIx32,
1486  address, value);
1487  }
1488  }
1489 
1490  return ERROR_OK;
1491 }
1492 
1493 COMMAND_HANDLER(arm920t_handle_cache_info_command)
1494 {
1495  int retval;
1496  struct target *target = get_current_target(CMD_CTX);
1497  struct arm920t_common *arm920t = target_to_arm920(target);
1498 
1499  retval = arm920t_verify_pointer(CMD, arm920t);
1500  if (retval != ERROR_OK)
1501  return retval;
1502 
1503  return armv4_5_handle_cache_info_command(CMD,
1504  &arm920t->armv4_5_mmu.armv4_5_cache);
1505 }
1506 
1507 
1508 static int arm920t_mrc(struct target *target, int cpnum,
1509  uint32_t op1, uint32_t op2,
1510  uint32_t crn, uint32_t crm,
1511  uint32_t *value)
1512 {
1513  if (cpnum != 15) {
1514  LOG_ERROR("Only cp15 is supported");
1515  return ERROR_FAIL;
1516  }
1517 
1518  /* read "to" r0 */
1519  return arm920t_read_cp15_interpreted(target,
1520  ARMV4_5_MRC(cpnum, op1, 0, crn, crm, op2),
1521  0, value);
1522 }
1523 
1524 static int arm920t_mcr(struct target *target, int cpnum,
1525  uint32_t op1, uint32_t op2,
1526  uint32_t crn, uint32_t crm,
1527  uint32_t value)
1528 {
1529  if (cpnum != 15) {
1530  LOG_ERROR("Only cp15 is supported");
1531  return ERROR_FAIL;
1532  }
1533 
1534  /* write "from" r0 */
1535  return arm920t_write_cp15_interpreted(target,
1536  ARMV4_5_MCR(cpnum, op1, 0, crn, crm, op2),
1537  0, value);
1538 }
1539 
1540 static const struct command_registration arm920t_exec_command_handlers[] = {
1541  {
1542  .name = "cp15",
1543  .handler = arm920t_handle_cp15_command,
1544  .mode = COMMAND_EXEC,
1545  .help = "display/modify cp15 register",
1546  .usage = "regnum [value]",
1547  },
1548  {
1549  .name = "cache_info",
1550  .handler = arm920t_handle_cache_info_command,
1551  .mode = COMMAND_EXEC,
1552  .usage = "",
1553  .help = "display information about target caches",
1554  },
1555  {
1556  .name = "read_cache",
1557  .handler = arm920t_handle_read_cache_command,
1558  .mode = COMMAND_EXEC,
1559  .help = "dump I/D cache content to file",
1560  .usage = "filename",
1561  },
1562  {
1563  .name = "read_mmu",
1564  .handler = arm920t_handle_read_mmu_command,
1565  .mode = COMMAND_EXEC,
1566  .help = "dump I/D mmu content to file",
1567  .usage = "filename",
1568  },
1569  COMMAND_REGISTRATION_DONE
1570 };
1571 const struct command_registration arm920t_command_handlers[] = {
1572  {
1573  .chain = arm9tdmi_command_handlers,
1574  },
1575  {
1576  .name = "arm920t",
1577  .mode = COMMAND_ANY,
1578  .help = "arm920t command group",
1579  .usage = "",
1580  .chain = arm920t_exec_command_handlers,
1581  },
1582  COMMAND_REGISTRATION_DONE
1583 };
1584 
1586 struct target_type arm920t_target = {
1587  .name = "arm920t",
1588 
1589  .poll = arm7_9_poll,
1590  .arch_state = arm920t_arch_state,
1591 
1592  .target_request_data = arm7_9_target_request_data,
1593 
1594  .halt = arm7_9_halt,
1595  .resume = arm7_9_resume,
1596  .step = arm7_9_step,
1597 
1598  .assert_reset = arm7_9_assert_reset,
1599  .deassert_reset = arm7_9_deassert_reset,
1600  .soft_reset_halt = arm920t_soft_reset_halt,
1601 
1602  .get_gdb_arch = arm_get_gdb_arch,
1603  .get_gdb_reg_list = arm_get_gdb_reg_list,
1604 
1605  .read_memory = arm920t_read_memory,
1606  .write_memory = arm7_9_write_memory_opt,
1607  .read_phys_memory = arm920t_read_phys_memory,
1608  .write_phys_memory = arm920t_write_phys_memory,
1609  .mmu = arm920_mmu,
1610  .virt2phys = arm920_virt2phys,
1611 
1612  .checksum_memory = arm_checksum_memory,
1613  .blank_check_memory = arm_blank_check_memory,
1614 
1615  .run_algorithm = armv4_5_run_algorithm,
1616 
1617  .add_breakpoint = arm7_9_add_breakpoint,
1618  .remove_breakpoint = arm7_9_remove_breakpoint,
1619  .add_watchpoint = arm7_9_add_watchpoint,
1620  .remove_watchpoint = arm7_9_remove_watchpoint,
1621 
1622  .commands = arm920t_command_handlers,
1623  .target_create = arm920t_target_create,
1624  .init_target = arm9tdmi_init_target,
1625  .deinit_target = arm920t_deinit_target,
1626  .examine = arm7_9_examine,
1627  .check_reset = arm7_9_check_reset,
1628 };
arm7_9_write_memory_opt
int arm7_9_write_memory_opt(struct target *target, target_addr_t address, uint32_t size, uint32_t count, const uint8_t *buffer)
Definition: arm7_9_common.c:2482
arm7_9_examine
int arm7_9_examine(struct target *target)
Perform per-target setup that requires JTAG access.
Definition: arm7_9_common.c:2654
arm7_9_deinit
void arm7_9_deinit(struct target *target)
Definition: arm7_9_common.c:2685
arm7_9_read_memory
int arm7_9_read_memory(struct target *target, target_addr_t address, uint32_t size, uint32_t count, uint8_t *buffer)
Definition: arm7_9_common.c:2103
arm7_9_add_breakpoint
int arm7_9_add_breakpoint(struct target *target, struct breakpoint *breakpoint)
Add a breakpoint to an ARM7/9 target.
Definition: arm7_9_common.c:376
arm7_9_assert_reset
int arm7_9_assert_reset(struct target *target)
Asserts the reset (SRST) on an ARM7/9 target.
Definition: arm7_9_common.c:862
arm7_9_poll
int arm7_9_poll(struct target *target)
Polls an ARM7/9 target for its current status.
Definition: arm7_9_common.c:796
arm7_9_execute_sys_speed
int arm7_9_execute_sys_speed(struct target *target)
Restarts the target by sending a RESTART instruction and moving the JTAG state to IDLE.
Definition: arm7_9_common.c:611
arm7_9_halt
int arm7_9_halt(struct target *target)
Halt an ARM7/9 target.
Definition: arm7_9_common.c:1167
arm7_9_remove_breakpoint
int arm7_9_remove_breakpoint(struct target *target, struct breakpoint *breakpoint)
Removes a breakpoint from an ARM7/9 target.
Definition: arm7_9_common.c:415
arm7_9_remove_watchpoint
int arm7_9_remove_watchpoint(struct target *target, struct watchpoint *watchpoint)
Remove a watchpoint from an ARM7/9 target.
Definition: arm7_9_common.c:586
arm7_9_deassert_reset
int arm7_9_deassert_reset(struct target *target)
Deassert the reset (SRST) signal on an ARM7/9 target.
Definition: arm7_9_common.c:967
arm7_9_write_memory
int arm7_9_write_memory(struct target *target, target_addr_t address, uint32_t size, uint32_t count, const uint8_t *buffer)
Definition: arm7_9_common.c:2268
arm7_9_target_request_data
int arm7_9_target_request_data(struct target *target, uint32_t size, uint8_t *buffer)
Get some data from the ARM7/9 target.
Definition: arm7_9_common.c:709
arm7_9_step
int arm7_9_step(struct target *target, bool current, target_addr_t address, bool handle_breakpoints)
Definition: arm7_9_common.c:1903
arm7_9_add_watchpoint
int arm7_9_add_watchpoint(struct target *target, struct watchpoint *watchpoint)
Add a watchpoint to an ARM7/9 target.
Definition: arm7_9_common.c:563
arm7_9_check_reset
int arm7_9_check_reset(struct target *target)
Definition: arm7_9_common.c:2695
arm7_9_resume
int arm7_9_resume(struct target *target, bool current, target_addr_t address, bool handle_breakpoints, bool debug_execution)
Definition: arm7_9_common.c:1699
target_to_arm7_9
static struct arm7_9_common * target_to_arm7_9(struct target *target)
Definition: arm7_9_common.h:125
arm920t_exec_command_handlers
static const struct command_registration arm920t_exec_command_handlers[]
Definition: arm920t.c:1540
arm920t_write_cp15_physical
static int arm920t_write_cp15_physical(struct target *target, int reg_addr, uint32_t value)
Definition: arm920t.c:123
arm920t_post_debug_entry
int arm920t_post_debug_entry(struct target *target)
Definition: arm920t.c:397
CP15PHYS_ICACHE_IDX
#define CP15PHYS_ICACHE_IDX
Definition: arm920t.c:60
arm920t_command_handlers
const struct command_registration arm920t_command_handlers[]
Definition: arm920t.c:1571
arm920t_write_memory
int arm920t_write_memory(struct target *target, target_addr_t address, uint32_t size, uint32_t count, const uint8_t *buffer)
Writes a buffer, in the specified word size, with current MMU settings.
Definition: arm920t.c:582
arm920_not
static const char arm920_not[]
Definition: arm920t.c:495
arm920t_disable_mmu_caches
int arm920t_disable_mmu_caches(struct target *target, int mmu, int d_u_cache, int i_cache)
Definition: arm920t.c:343
arm920t_read_memory
int arm920t_read_memory(struct target *target, target_addr_t address, uint32_t size, uint32_t count, uint8_t *buffer)
Reads a buffer, in the specified word size, with current MMU settings.
Definition: arm920t.c:554
arm920t_soft_reset_halt
int arm920t_soft_reset_halt(struct target *target)
Definition: arm920t.c:721
arm920t_mcr
static int arm920t_mcr(struct target *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t crn, uint32_t crm, uint32_t value)
Definition: arm920t.c:1524
arm920t_read_cp15_interpreted
static int arm920t_read_cp15_interpreted(struct target *target, uint32_t cp15_opcode, uint32_t address, uint32_t *value)
Definition: arm920t.c:234
arm920t_deinit_target
static void arm920t_deinit_target(struct target *target)
Definition: arm920t.c:834
arm920t_verify_pointer
static int arm920t_verify_pointer(struct command_invocation *cmd, struct arm920t_common *arm920t)
Definition: arm920t.c:497
arm920t_get_ttb
int arm920t_get_ttb(struct target *target, uint32_t *result)
Definition: arm920t.c:327
arm920t_init_arch_info
static int arm920t_init_arch_info(struct target *target, struct arm920t_common *arm920t, struct jtag_tap *tap)
Definition: arm920t.c:788
arm920t_target_create
static int arm920t_target_create(struct target *target)
Definition: arm920t.c:826
COMMAND_HANDLER
COMMAND_HANDLER(arm920t_handle_read_cache_command)
Definition: arm920t.c:844
arm920t_pre_restore_context
void arm920t_pre_restore_context(struct target *target)
Definition: arm920t.c:472
arm920t_write_phys_memory
static int arm920t_write_phys_memory(struct target *target, target_addr_t address, uint32_t size, uint32_t count, const uint8_t *buffer)
Definition: arm920t.c:571
arm920_mmu
static int arm920_mmu(struct target *target, bool *enabled)
Definition: arm920t.c:527
CP15PHYS_CACHETYPE
#define CP15PHYS_CACHETYPE
Definition: arm920t.c:59
CP15PHYS_TESTSTATE
#define CP15PHYS_TESTSTATE
Definition: arm920t.c:67
arm920t_enable_mmu_caches
int arm920t_enable_mmu_caches(struct target *target, int mmu, int d_u_cache, int i_cache)
Definition: arm920t.c:370
arm920t_arch_state
int arm920t_arch_state(struct target *target)
Logs summary of ARM920 state for a halted target.
Definition: arm920t.c:509
arm920t_read_phys_memory
static int arm920t_read_phys_memory(struct target *target, target_addr_t address, uint32_t size, uint32_t count, uint8_t *buffer)
Definition: arm920t.c:561
arm920t_write_cp15_interpreted
static int arm920t_write_cp15_interpreted(struct target *target, uint32_t cp15_opcode, uint32_t value, uint32_t address)
Definition: arm920t.c:283
arm920t_target
struct target_type arm920t_target
Holds methods for ARM920 targets.
Definition: arm920t.c:1586
arm920t_mrc
static int arm920t_mrc(struct target *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t crn, uint32_t crm, uint32_t *value)
Definition: arm920t.c:1508
arm920_virt2phys
static int arm920_virt2phys(struct target *target, target_addr_t virt, target_addr_t *phys)
Definition: arm920t.c:538
arm920t_execute_cp15
static int arm920t_execute_cp15(struct target *target, uint32_t cp15_opcode, uint32_t arm_opcode)
Definition: arm920t.c:178
arm920t_read_cp15_physical
static int arm920t_read_cp15_physical(struct target *target, int reg_addr, uint32_t *value)
Definition: arm920t.c:71
CP15PHYS_DCACHE_IDX
#define CP15PHYS_DCACHE_IDX
Definition: arm920t.c:61
CP15PHYS_CTRL
#define CP15PHYS_CTRL
Definition: arm920t.c:65
ARM920T_COMMON_MAGIC
#define ARM920T_COMMON_MAGIC
Definition: arm920t.h:14
target_to_arm920
static struct arm920t_common * target_to_arm920(struct target *target)
Definition: arm920t.h:29
arm9tdmi_init_arch_info
int arm9tdmi_init_arch_info(struct target *target, struct arm7_9_common *arm7_9, struct jtag_tap *tap)
Definition: arm9tdmi.c:711
arm9tdmi_read_core_regs
void arm9tdmi_read_core_regs(struct target *target, uint32_t mask, uint32_t *core_regs[16])
Definition: arm9tdmi.c:352
arm9tdmi_init_target
int arm9tdmi_init_target(struct command_context *cmd_ctx, struct target *target)
Definition: arm9tdmi.c:703
arm9tdmi_command_handlers
const struct command_registration arm9tdmi_command_handlers[]
Definition: arm9tdmi.c:873
arm9tdmi_write_core_regs
void arm9tdmi_write_core_regs(struct target *target, uint32_t mask, uint32_t core_regs[16])
Definition: arm9tdmi.c:494
arm9tdmi_clock_out
int arm9tdmi_clock_out(struct arm_jtag *jtag_info, uint32_t instr, uint32_t out, uint32_t *in, int sysspeed)
Definition: arm9tdmi.c:124
arm_reg_current
struct reg * arm_reg_current(struct arm *arm, unsigned int regnum)
Returns handle to the register currently mapped to a given number.
Definition: armv4_5.c:517
arm_arch_state
int arm_arch_state(struct target *target)
Definition: armv4_5.c:798
is_arm_mode
bool is_arm_mode(unsigned int psr_mode)
Return true iff the parameter denotes a valid ARM processor mode.
Definition: armv4_5.c:182
arm_checksum_memory
int arm_checksum_memory(struct target *target, target_addr_t address, uint32_t count, uint32_t *checksum)
Runs ARM code in the target to calculate a CRC32 checksum.
Definition: armv4_5.c:1614
arm_blank_check_memory
int arm_blank_check_memory(struct target *target, struct target_memory_check_block *blocks, unsigned int num_blocks, uint8_t erased_value, unsigned int *checked)
Runs ARM code in the target to check whether a memory block holds all ones.
Definition: armv4_5.c:1688
arm_get_gdb_arch
const char * arm_get_gdb_arch(const struct target *target)
Definition: armv4_5.c:1283
arm_get_gdb_reg_list
int arm_get_gdb_reg_list(struct target *target, struct reg **reg_list[], int *reg_list_size, enum target_register_class reg_class)
Definition: armv4_5.c:1288
arm_free_reg_cache
void arm_free_reg_cache(struct arm *arm)
Definition: armv4_5.c:777
target_to_arm
static struct arm * target_to_arm(const struct target *target)
Convert target handle to generic ARM target state handle.
Definition: arm.h:262
arm_set_cpsr
void arm_set_cpsr(struct arm *arm, uint32_t cpsr)
Configures host-side ARM records to reflect the specified CPSR.
Definition: armv4_5.c:453
armv4_5_run_algorithm
int armv4_5_run_algorithm(struct target *target, int num_mem_params, struct mem_param *mem_params, int num_reg_params, struct reg_param *reg_params, target_addr_t entry_point, target_addr_t exit_point, unsigned int timeout_ms, void *arch_info)
Definition: armv4_5.c:1588
arm_jtag_scann
static int arm_jtag_scann(struct arm_jtag *jtag_info, uint32_t new_scan_chain, enum tap_state end_state)
Definition: arm_jtag.h:43
arm_jtag_set_instr
static int arm_jtag_set_instr(struct jtag_tap *tap, uint32_t new_instr, void *no_verify_capture, enum tap_state end_state)
Definition: arm_jtag.h:31
arm_le_to_h_u32
static void arm_le_to_h_u32(jtag_callback_data_t arg)
Definition: arm_jtag.h:63
arm_opcodes.h
Macros used to generate various ARM or Thumb opcodes.
ARMV4_5_LDMIA
#define ARMV4_5_LDMIA(rn, list, s, w)
Definition: arm_opcodes.h:42
ARMV4_5_MRC
#define ARMV4_5_MRC(cp, op1, rd, crn, crm, op2)
Definition: arm_opcodes.h:186
ARMV4_5_LDR
#define ARMV4_5_LDR(rd, rn)
Definition: arm_opcodes.h:64
ARMV4_5_MCR
#define ARMV4_5_MCR(cp, op1, rd, crn, crm, op2)
Definition: arm_opcodes.h:209
ARMV4_5_STR
#define ARMV4_5_STR(rd, rn)
Definition: arm_opcodes.h:58
ARMV4_5_NOP
#define ARMV4_5_NOP
Definition: arm_opcodes.h:46
armv4_5_identify_cache
int armv4_5_identify_cache(uint32_t cache_type_reg, struct armv4_5_cache_common *cache)
Definition: armv4_5_cache.c:15
armv4_5_handle_cache_info_command
int armv4_5_handle_cache_info_command(struct command_invocation *cmd, struct armv4_5_cache_common *armv4_5_cache)
Definition: armv4_5_cache.c:68
ARMV4_5_D_U_CACHE_ENABLED
@ ARMV4_5_D_U_CACHE_ENABLED
Definition: armv4_5_cache.h:40
ARMV4_5_I_CACHE_ENABLED
@ ARMV4_5_I_CACHE_ENABLED
Definition: armv4_5_cache.h:41
armv4_5_mmu_read_physical
int armv4_5_mmu_read_physical(struct target *target, struct armv4_5_mmu_common *armv4_5_mmu, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
Definition: armv4_5_mmu.c:104
armv4_5_mmu_write_physical
int armv4_5_mmu_write_physical(struct target *target, struct armv4_5_mmu_common *armv4_5_mmu, uint32_t address, uint32_t size, uint32_t count, const uint8_t *buffer)
Definition: armv4_5_mmu.c:134
armv4_5_mmu_translate_va
int armv4_5_mmu_translate_va(struct target *target, struct armv4_5_mmu_common *armv4_5_mmu, uint32_t va, uint32_t *cb, uint32_t *val)
Definition: armv4_5_mmu.c:16
ARMV4_5_MMU_ENABLED
@ ARMV4_5_MMU_ENABLED
Definition: armv4_5_mmu.h:40
buf_get_u32
static uint32_t buf_get_u32(const uint8_t *_buffer, unsigned int first, unsigned int num)
Retrieves num bits from _buffer, starting at the first bit, returning the bits in a 32-bit word.
Definition: binarybuffer.h:104
buf_set_u32
static void buf_set_u32(uint8_t *_buffer, unsigned int first, unsigned int num, uint32_t value)
Sets num bits in _buffer, starting at the first bit, using the bits in value.
Definition: binarybuffer.h:34
command_print
void command_print(struct command_invocation *cmd, const char *format,...)
Definition: command.c:389
CMD
#define CMD
Use this macro to access the command being handled, rather than accessing the variable directly.
Definition: command.h:146
CMD_NAME
#define CMD_NAME
Use this macro to access the name of the command being handled, rather than accessing the variable di...
Definition: command.h:171
CMD_ARGV
#define CMD_ARGV
Use this macro to access the arguments for the command being handled, rather than accessing the varia...
Definition: command.h:161
ERROR_COMMAND_SYNTAX_ERROR
#define ERROR_COMMAND_SYNTAX_ERROR
Definition: command.h:405
CMD_ARGC
#define CMD_ARGC
Use this macro to access the number of arguments for the command being handled, rather than accessing...
Definition: command.h:156
COMMAND_PARSE_NUMBER
#define COMMAND_PARSE_NUMBER(type, in, out)
parses the string in into out as a type, or prints a command error and passes the error code to the c...
Definition: command.h:445
CMD_CTX
#define CMD_CTX
Use this macro to access the context of the command being handled, rather than accessing the variable...
Definition: command.h:151
COMMAND_REGISTRATION_DONE
#define COMMAND_REGISTRATION_DONE
Use this as the last entry in an array of command_registration records.
Definition: command.h:256
COMMAND_ANY
@ COMMAND_ANY
Definition: command.h:42
COMMAND_EXEC
@ COMMAND_EXEC
Definition: command.h:40
buffer
uint64_t buffer
Pointer to data buffer to send over SPI.
Definition: dw-spi-helper.h:0
size
uint32_t size
Size of dw_spi_transaction::buffer.
Definition: dw-spi-helper.h:4
address
uint32_t address
Starting address. Sector aligned.
Definition: dw-spi-helper.h:0
embeddedice_read_reg
int embeddedice_read_reg(struct reg *reg)
Queue a read for an EmbeddedICE register into the register cache, not checking the value read.
Definition: embeddedice.c:464
EICE_DBG_STATUS_DBGACK
@ EICE_DBG_STATUS_DBGACK
Definition: embeddedice.h:53
EICE_DBG_STAT
@ EICE_DBG_STAT
Definition: embeddedice.h:21
output
static uint16_t output
Definition: ftdi.c:156
jtag_execute_queue
int jtag_execute_queue(void)
For software FIFO implementations, the queued commands can be executed during this call or earlier.
Definition: jtag/core.c:1045
jtag_add_dr_scan
void jtag_add_dr_scan(struct jtag_tap *active, int in_num_fields, const struct scan_field *in_fields, enum tap_state state)
Generate a DR SCAN using the fields passed to the function.
Definition: jtag/core.c:452
jtag_add_callback
void jtag_add_callback(jtag_callback1_t f, jtag_callback_data_t data0)
A simpler version of jtag_add_callback4().
Definition: jtag/drivers/driver.c:403
TAP_IDLE
@ TAP_IDLE
Definition: jtag.h:53
jtag_callback_data_t
intptr_t jtag_callback_data_t
Defines the type of data passed to the jtag_callback_t interface.
Definition: jtag.h:336
regs
static const struct @113 regs[]
alive_sleep
void alive_sleep(uint64_t ms)
Definition: log.c:478
keep_alive
void keep_alive(void)
Definition: log.c:437
LOG_USER
#define LOG_USER(expr ...)
Definition: log.h:150
ERROR_FAIL
#define ERROR_FAIL
Definition: log.h:188
LOG_TARGET_ERROR
#define LOG_TARGET_ERROR(target, fmt_str,...)
Definition: log.h:176
LOG_ERROR
#define LOG_ERROR(expr ...)
Definition: log.h:147
LOG_LEVEL_IS
#define LOG_LEVEL_IS(FOO)
Definition: log.h:112
LOG_DEBUG
#define LOG_DEBUG(expr ...)
Definition: log.h:124
ERROR_OK
#define ERROR_OK
Definition: log.h:182
LOG_LVL_DEBUG
@ LOG_LVL_DEBUG
Definition: log.h:55
string_choices.h
str_enabled_disabled
static const char * str_enabled_disabled(bool value)
Definition: string_choices.h:17
arm7_9_common
Structure for items that are common between both ARM7 and ARM9 targets.
Definition: arm7_9_common.h:28
arm7_9_common::arm
struct arm arm
Definition: arm7_9_common.h:31
arm7_9_common::has_single_step
bool has_single_step
Definition: arm7_9_common.h:51
arm7_9_common::write_memory
int(* write_memory)(struct target *target, target_addr_t address, uint32_t size, uint32_t count, const uint8_t *buffer)
Variant specific memory write function that does not dispatch to bulk_write_memory.
Definition: arm7_9_common.h:115
arm7_9_common::jtag_info
struct arm_jtag jtag_info
JTAG information for target.
Definition: arm7_9_common.h:33
arm7_9_common::eice_cache
struct reg_cache * eice_cache
Embedded ICE register cache.
Definition: arm7_9_common.h:34
arm7_9_common::post_debug_entry
int(* post_debug_entry)(struct target *target)
Callback function called after entering debug mode.
Definition: arm7_9_common.h:104
arm7_9_common::pre_restore_context
void(* pre_restore_context)(struct target *target)
Callback function called before restoring the processor context.
Definition: arm7_9_common.h:107
arm920t_common
Definition: arm920t.h:16
arm920t_common::preserve_cache
int preserve_cache
Definition: arm920t.h:26
arm920t_common::cp15_control_reg
uint32_t cp15_control_reg
Definition: arm920t.h:21
arm920t_common::common_magic
unsigned int common_magic
Definition: arm920t.h:17
arm920t_common::i_far
uint32_t i_far
Definition: arm920t.h:25
arm920t_common::d_fsr
uint32_t d_fsr
Definition: arm920t.h:22
arm920t_common::i_fsr
uint32_t i_fsr
Definition: arm920t.h:23
arm920t_common::arm7_9_common
struct arm7_9_common arm7_9_common
Definition: arm920t.h:19
arm920t_common::d_far
uint32_t d_far
Definition: arm920t.h:24
arm920t_common::armv4_5_mmu
struct armv4_5_mmu_common armv4_5_mmu
Definition: arm920t.h:20
arm920t_tlb_entry
Definition: arm920t.h:39
arm920t_tlb_entry::ram2
uint32_t ram2
Definition: arm920t.h:42
arm920t_tlb_entry::ram1
uint32_t ram1
Definition: arm920t.h:41
arm_jtag
Definition: arm_jtag.h:17
arm_jtag::intest_instr
uint32_t intest_instr
Definition: arm_jtag.h:24
arm_jtag::tap
struct jtag_tap * tap
Definition: arm_jtag.h:18
arm
Represents a generic ARM core, with standard application registers.
Definition: arm.h:176
arm::mrc
int(* mrc)(struct target *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t crn, uint32_t crm, uint32_t *value)
Read coprocessor register.
Definition: arm.h:231
arm::core_mode
enum arm_mode core_mode
Record the current core mode: SVC, USR, or some other mode.
Definition: arm.h:197
arm::cpsr
struct reg * cpsr
Handle to the CPSR/xPSR; valid in all core modes.
Definition: arm.h:185
arm::pc
struct reg * pc
Handle to the PC; valid in all core modes.
Definition: arm.h:182
arm::core_cache
struct reg_cache * core_cache
Definition: arm.h:179
arm::mcr
int(* mcr)(struct target *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t crn, uint32_t crm, uint32_t value)
Write coprocessor register.
Definition: arm.h:242
armv4_5_cache_common::d_u_cache_enabled
bool d_u_cache_enabled
Definition: armv4_5_cache.h:28
armv4_5_cache_common::d_u_size
struct armv4_5_cachesize d_u_size
Definition: armv4_5_cache.h:25
armv4_5_cache_common::i_cache_enabled
bool i_cache_enabled
Definition: armv4_5_cache.h:27
armv4_5_cache_common::ctype
int ctype
Definition: armv4_5_cache.h:23
armv4_5_cachesize::nsets
int nsets
Definition: armv4_5_cache.h:18
armv4_5_mmu_common::has_tiny_pages
int has_tiny_pages
Definition: armv4_5_mmu.h:23
armv4_5_mmu_common::write_memory
int(* write_memory)(struct target *target, target_addr_t address, uint32_t size, uint32_t count, const uint8_t *buffer)
Definition: armv4_5_mmu.h:18
armv4_5_mmu_common::read_memory
int(* read_memory)(struct target *target, target_addr_t address, uint32_t size, uint32_t count, uint8_t *buffer)
Definition: armv4_5_mmu.h:17
armv4_5_mmu_common::get_ttb
int(* get_ttb)(struct target *target, uint32_t *result)
Definition: armv4_5_mmu.h:16
armv4_5_mmu_common::enable_mmu_caches
int(* enable_mmu_caches)(struct target *target, int mmu, int d_u_cache, int i_cache)
Definition: armv4_5_mmu.h:21
armv4_5_mmu_common::mmu_enabled
bool mmu_enabled
Definition: armv4_5_mmu.h:24
armv4_5_mmu_common::disable_mmu_caches
int(* disable_mmu_caches)(struct target *target, int mmu, int d_u_cache, int i_cache)
Definition: armv4_5_mmu.h:20
armv4_5_mmu_common::armv4_5_cache
struct armv4_5_cache_common armv4_5_cache
Definition: armv4_5_mmu.h:22
command_invocation
When run_command is called, a new instance will be created on the stack, filled with the proper value...
Definition: command.h:76
command_registration
Definition: command.h:238
command_registration::name
const char * name
Definition: command.h:239
command_registration::chain
const struct command_registration * chain
If non-NULL, the commands in chain will be registered in the same context and scope of this registrat...
Definition: command.h:252
jtag_tap
Definition: jtag.h:101
reg_cache::reg_list
struct reg * reg_list
Definition: register.h:147
reg
Definition: register.h:111
reg::valid
bool valid
Definition: register.h:126
reg::value
uint8_t * value
Definition: register.h:122
reg::dirty
bool dirty
Definition: register.h:124
scan_field
This structure defines a single scan field in the scan.
Definition: jtag.h:87
scan_field::in_value
uint8_t * in_value
A pointer to a 32-bit memory location for data scanned out.
Definition: jtag.h:93
scan_field::out_value
const uint8_t * out_value
A pointer to value to be scanned into the device.
Definition: jtag.h:91
scan_field::num_bits
unsigned int num_bits
The number of bits this field specifies.
Definition: jtag.h:89
target_type
This holds methods shared between all instances of a given target type.
Definition: target_type.h:26
target_type::name
const char * name
Name of this type of target.
Definition: target_type.h:31
target
Definition: target.h:119
target::tap
struct jtag_tap * tap
Definition: target.h:122
target::state
enum target_state state
Definition: target.h:167
timeout
Definition: psoc6.c:83
target_call_event_callbacks
int target_call_event_callbacks(struct target *target, enum target_event event)
Definition: target.c:1794
target_halt
int target_halt(struct target *target)
Definition: target.c:517
target_read_memory
int target_read_memory(struct target *target, target_addr_t address, uint32_t size, uint32_t count, uint8_t *buffer)
Read count items of size bytes from the memory of target at the address given.
Definition: target.c:1260
get_current_target
struct target * get_current_target(struct command_context *cmd_ctx)
Definition: target.c:468
ERROR_TARGET_NOT_HALTED
#define ERROR_TARGET_NOT_HALTED
Definition: target.h:817
ERROR_TARGET_INVALID
#define ERROR_TARGET_INVALID
Definition: target.h:814
TARGET_EVENT_HALTED
@ TARGET_EVENT_HALTED
Definition: target.h:265
TARGET_HALTED
@ TARGET_HALTED
Definition: target.h:58
ERROR_TARGET_TIMEOUT
#define ERROR_TARGET_TIMEOUT
Definition: target.h:816
target_type.h
time_support.h
timeval_ms
int64_t timeval_ms(void)
Definition: time_support_common.c:23
target_addr_t
uint64_t target_addr_t
Definition: types.h:279
NULL
#define NULL
Definition: usb.h:16
cmd
uint8_t cmd
Definition: vdebug.c:1
count
uint8_t count[4]
Definition: vdebug.c:22