1 /***************************************************************************
2 * Copyright (C) 2005, 2007 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * Copyright (C) 2009 Michael Schwingen *
5 * michael@schwingen.org *
6 * Copyright (C) 2010 Øyvind Harboe <oyvind.harboe@zylin.com> *
7 * Copyright (C) 2010 by Antonio Borneo <borneo.antonio@gmail.com> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program. If not, see <http://www.gnu.org/licenses/>. *
21 ***************************************************************************/
30 #include <target/arm.h>
31 #include <target/arm7_9_common.h>
32 #include <target/armv7m.h>
33 #include <target/mips32.h>
34 #include <helper/binarybuffer.h>
35 #include <target/algorithm.h>
37 /* defines internal maximum size for code fragment in cfi_intel_write_block() */
38 #define CFI_MAX_INTEL_CODESIZE 256
40 /* some id-types with specific handling */
41 #define AT49BV6416 0x00d6
42 #define AT49BV6416T 0x00d2
44 static const struct cfi_unlock_addresses cfi_unlock_addresses
[] = {
45 [CFI_UNLOCK_555_2AA
] = { .unlock1
= 0x555, .unlock2
= 0x2aa },
46 [CFI_UNLOCK_5555_2AAA
] = { .unlock1
= 0x5555, .unlock2
= 0x2aaa },
49 static const int cfi_status_poll_mask_dq6_dq7
= CFI_STATUS_POLL_MASK_DQ6_DQ7
;
51 /* CFI fixups forward declarations */
52 static void cfi_fixup_0002_erase_regions(struct flash_bank
*bank
, const void *param
);
53 static void cfi_fixup_0002_unlock_addresses(struct flash_bank
*bank
, const void *param
);
54 static void cfi_fixup_reversed_erase_regions(struct flash_bank
*bank
, const void *param
);
55 static void cfi_fixup_0002_write_buffer(struct flash_bank
*bank
, const void *param
);
56 static void cfi_fixup_0002_polling_bits(struct flash_bank
*bank
, const void *param
);
58 /* fixup after reading cmdset 0002 primary query table */
59 static const struct cfi_fixup cfi_0002_fixups
[] = {
60 {CFI_MFR_SST
, 0x00D4, cfi_fixup_0002_unlock_addresses
,
61 &cfi_unlock_addresses
[CFI_UNLOCK_5555_2AAA
]},
62 {CFI_MFR_SST
, 0x00D5, cfi_fixup_0002_unlock_addresses
,
63 &cfi_unlock_addresses
[CFI_UNLOCK_5555_2AAA
]},
64 {CFI_MFR_SST
, 0x00D6, cfi_fixup_0002_unlock_addresses
,
65 &cfi_unlock_addresses
[CFI_UNLOCK_5555_2AAA
]},
66 {CFI_MFR_SST
, 0x00D7, cfi_fixup_0002_unlock_addresses
,
67 &cfi_unlock_addresses
[CFI_UNLOCK_5555_2AAA
]},
68 {CFI_MFR_SST
, 0x2780, cfi_fixup_0002_unlock_addresses
,
69 &cfi_unlock_addresses
[CFI_UNLOCK_5555_2AAA
]},
70 {CFI_MFR_SST
, 0x274b, cfi_fixup_0002_unlock_addresses
,
71 &cfi_unlock_addresses
[CFI_UNLOCK_5555_2AAA
]},
72 {CFI_MFR_SST
, 0x235f, cfi_fixup_0002_polling_bits
, /* 39VF3201C */
73 &cfi_status_poll_mask_dq6_dq7
},
74 {CFI_MFR_SST
, 0x236d, cfi_fixup_0002_unlock_addresses
,
75 &cfi_unlock_addresses
[CFI_UNLOCK_555_2AA
]},
76 {CFI_MFR_ATMEL
, 0x00C8, cfi_fixup_reversed_erase_regions
, NULL
},
77 {CFI_MFR_ST
, 0x22C4, cfi_fixup_reversed_erase_regions
, NULL
}, /* M29W160ET */
78 {CFI_MFR_FUJITSU
, 0x22ea, cfi_fixup_0002_unlock_addresses
,
79 &cfi_unlock_addresses
[CFI_UNLOCK_555_2AA
]},
80 {CFI_MFR_FUJITSU
, 0x226b, cfi_fixup_0002_unlock_addresses
,
81 &cfi_unlock_addresses
[CFI_UNLOCK_5555_2AAA
]},
82 {CFI_MFR_AMIC
, 0xb31a, cfi_fixup_0002_unlock_addresses
,
83 &cfi_unlock_addresses
[CFI_UNLOCK_555_2AA
]},
84 {CFI_MFR_MX
, 0x225b, cfi_fixup_0002_unlock_addresses
,
85 &cfi_unlock_addresses
[CFI_UNLOCK_555_2AA
]},
86 {CFI_MFR_EON
, 0x225b, cfi_fixup_0002_unlock_addresses
,
87 &cfi_unlock_addresses
[CFI_UNLOCK_555_2AA
]},
88 {CFI_MFR_AMD
, 0x225b, cfi_fixup_0002_unlock_addresses
,
89 &cfi_unlock_addresses
[CFI_UNLOCK_555_2AA
]},
90 {CFI_MFR_ANY
, CFI_ID_ANY
, cfi_fixup_0002_erase_regions
, NULL
},
91 {CFI_MFR_ST
, 0x227E, cfi_fixup_0002_write_buffer
, NULL
},/* M29W128G */
95 /* fixup after reading cmdset 0001 primary query table */
96 static const struct cfi_fixup cfi_0001_fixups
[] = {
100 static void cfi_fixup(struct flash_bank
*bank
, const struct cfi_fixup
*fixups
)
102 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
104 for (const struct cfi_fixup
*f
= fixups
; f
->fixup
; f
++) {
105 if (((f
->mfr
== CFI_MFR_ANY
) || (f
->mfr
== cfi_info
->manufacturer
)) &&
106 ((f
->id
== CFI_ID_ANY
) || (f
->id
== cfi_info
->device_id
)))
107 f
->fixup(bank
, f
->param
);
111 uint32_t cfi_flash_address(struct flash_bank
*bank
, int sector
, uint32_t offset
)
113 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
115 if (cfi_info
->x16_as_x8
)
118 /* while the sector list isn't built, only accesses to sector 0 work */
120 return bank
->base
+ offset
* bank
->bus_width
;
122 if (!bank
->sectors
) {
123 LOG_ERROR("BUG: sector list not yet built");
126 return bank
->base
+ bank
->sectors
[sector
].offset
+ offset
* bank
->bus_width
;
130 static int cfi_target_write_memory(struct flash_bank
*bank
, target_addr_t addr
,
131 uint32_t count
, const uint8_t *buffer
)
133 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
134 if (cfi_info
->write_mem
) {
135 return cfi_info
->write_mem(bank
, addr
, count
, buffer
);
137 return target_write_memory(bank
->target
, addr
, bank
->bus_width
,
142 int cfi_target_read_memory(struct flash_bank
*bank
, target_addr_t addr
,
143 uint32_t count
, uint8_t *buffer
)
145 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
146 if (cfi_info
->read_mem
) {
147 return cfi_info
->read_mem(bank
, addr
, count
, buffer
);
149 return target_read_memory(bank
->target
, addr
, bank
->bus_width
,
154 static void cfi_command(struct flash_bank
*bank
, uint8_t cmd
, uint8_t *cmd_buf
)
156 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
158 /* clear whole buffer, to ensure bits that exceed the bus_width
161 for (size_t i
= 0; i
< CFI_MAX_BUS_WIDTH
; i
++)
164 if (cfi_info
->endianness
== TARGET_LITTLE_ENDIAN
) {
165 for (unsigned int i
= bank
->bus_width
; i
> 0; i
--)
166 *cmd_buf
++ = (i
& (bank
->chip_width
- 1)) ? 0x0 : cmd
;
168 for (unsigned int i
= 1; i
<= bank
->bus_width
; i
++)
169 *cmd_buf
++ = (i
& (bank
->chip_width
- 1)) ? 0x0 : cmd
;
173 int cfi_send_command(struct flash_bank
*bank
, uint8_t cmd
, uint32_t address
)
175 uint8_t command
[CFI_MAX_BUS_WIDTH
];
177 cfi_command(bank
, cmd
, command
);
178 return cfi_target_write_memory(bank
, address
, 1, command
);
181 /* read unsigned 8-bit value from the bank
182 * flash banks are expected to be made of similar chips
183 * the query result should be the same for all
185 static int cfi_query_u8(struct flash_bank
*bank
, int sector
, uint32_t offset
, uint8_t *val
)
187 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
188 uint8_t data
[CFI_MAX_BUS_WIDTH
];
191 retval
= cfi_target_read_memory(bank
, cfi_flash_address(bank
, sector
, offset
),
193 if (retval
!= ERROR_OK
)
196 if (cfi_info
->endianness
== TARGET_LITTLE_ENDIAN
)
199 *val
= data
[bank
->bus_width
- 1];
204 /* read unsigned 8-bit value from the bank
205 * in case of a bank made of multiple chips,
206 * the individual values are ORed
208 static int cfi_get_u8(struct flash_bank
*bank
, int sector
, uint32_t offset
, uint8_t *val
)
210 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
211 uint8_t data
[CFI_MAX_BUS_WIDTH
];
214 retval
= cfi_target_read_memory(bank
, cfi_flash_address(bank
, sector
, offset
),
216 if (retval
!= ERROR_OK
)
219 if (cfi_info
->endianness
== TARGET_LITTLE_ENDIAN
) {
220 for (unsigned int i
= 0; i
< bank
->bus_width
/ bank
->chip_width
; i
++)
226 for (unsigned int i
= 0; i
< bank
->bus_width
/ bank
->chip_width
; i
++)
227 value
|= data
[bank
->bus_width
- 1 - i
];
234 static int cfi_query_u16(struct flash_bank
*bank
, int sector
, uint32_t offset
, uint16_t *val
)
236 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
237 uint8_t data
[CFI_MAX_BUS_WIDTH
* 2];
240 if (cfi_info
->x16_as_x8
) {
241 for (uint8_t i
= 0; i
< 2; i
++) {
242 retval
= cfi_target_read_memory(bank
, cfi_flash_address(bank
, sector
, offset
+ i
),
243 1, &data
[i
* bank
->bus_width
]);
244 if (retval
!= ERROR_OK
)
248 retval
= cfi_target_read_memory(bank
, cfi_flash_address(bank
, sector
, offset
),
250 if (retval
!= ERROR_OK
)
254 if (cfi_info
->endianness
== TARGET_LITTLE_ENDIAN
)
255 *val
= data
[0] | data
[bank
->bus_width
] << 8;
257 *val
= data
[bank
->bus_width
- 1] | data
[(2 * bank
->bus_width
) - 1] << 8;
262 static int cfi_query_u32(struct flash_bank
*bank
, int sector
, uint32_t offset
, uint32_t *val
)
264 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
265 uint8_t data
[CFI_MAX_BUS_WIDTH
* 4];
268 if (cfi_info
->x16_as_x8
) {
269 for (uint8_t i
= 0; i
< 4; i
++) {
270 retval
= cfi_target_read_memory(bank
, cfi_flash_address(bank
, sector
, offset
+ i
),
271 1, &data
[i
* bank
->bus_width
]);
272 if (retval
!= ERROR_OK
)
276 retval
= cfi_target_read_memory(bank
, cfi_flash_address(bank
, sector
, offset
),
278 if (retval
!= ERROR_OK
)
282 if (cfi_info
->endianness
== TARGET_LITTLE_ENDIAN
)
283 *val
= data
[0] | data
[bank
->bus_width
] << 8 |
284 data
[bank
->bus_width
* 2] << 16 | data
[bank
->bus_width
* 3] << 24;
286 *val
= data
[bank
->bus_width
- 1] | data
[(2 * bank
->bus_width
) - 1] << 8 |
287 data
[(3 * bank
->bus_width
) - 1] << 16 |
288 data
[(4 * bank
->bus_width
) - 1] << 24;
293 int cfi_reset(struct flash_bank
*bank
)
295 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
296 int retval
= ERROR_OK
;
298 retval
= cfi_send_command(bank
, 0xf0, cfi_flash_address(bank
, 0, 0x0));
299 if (retval
!= ERROR_OK
)
302 retval
= cfi_send_command(bank
, 0xff, cfi_flash_address(bank
, 0, 0x0));
303 if (retval
!= ERROR_OK
)
306 if (cfi_info
->manufacturer
== 0x20 &&
307 (cfi_info
->device_id
== 0x227E || cfi_info
->device_id
== 0x7E)) {
308 /* Numonix M29W128G is cmd 0xFF intolerant - causes internal undefined state
309 * so we send an extra 0xF0 reset to fix the bug */
310 retval
= cfi_send_command(bank
, 0xf0, cfi_flash_address(bank
, 0, 0x00));
311 if (retval
!= ERROR_OK
)
318 static void cfi_intel_clear_status_register(struct flash_bank
*bank
)
320 cfi_send_command(bank
, 0x50, cfi_flash_address(bank
, 0, 0x0));
323 static int cfi_intel_wait_status_busy(struct flash_bank
*bank
, int timeout
, uint8_t *val
)
327 int retval
= ERROR_OK
;
331 LOG_ERROR("timeout while waiting for WSM to become ready");
335 retval
= cfi_get_u8(bank
, 0, 0x0, &status
);
336 if (retval
!= ERROR_OK
)
345 /* mask out bit 0 (reserved) */
346 status
= status
& 0xfe;
348 LOG_DEBUG("status: 0x%x", status
);
350 if (status
!= 0x80) {
351 LOG_ERROR("status register: 0x%x", status
);
353 LOG_ERROR("Block Lock-Bit Detected, Operation Abort");
355 LOG_ERROR("Program suspended");
357 LOG_ERROR("Low Programming Voltage Detected, Operation Aborted");
359 LOG_ERROR("Program Error / Error in Setting Lock-Bit");
361 LOG_ERROR("Error in Block Erasure or Clear Lock-Bits");
363 LOG_ERROR("Block Erase Suspended");
365 cfi_intel_clear_status_register(bank
);
374 int cfi_spansion_wait_status_busy(struct flash_bank
*bank
, int timeout
)
376 uint8_t status
, oldstatus
;
377 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
380 retval
= cfi_get_u8(bank
, 0, 0x0, &oldstatus
);
381 if (retval
!= ERROR_OK
)
385 retval
= cfi_get_u8(bank
, 0, 0x0, &status
);
387 if (retval
!= ERROR_OK
)
390 if ((status
^ oldstatus
) & 0x40) {
391 if (status
& cfi_info
->status_poll_mask
& 0x20) {
392 retval
= cfi_get_u8(bank
, 0, 0x0, &oldstatus
);
393 if (retval
!= ERROR_OK
)
395 retval
= cfi_get_u8(bank
, 0, 0x0, &status
);
396 if (retval
!= ERROR_OK
)
398 if ((status
^ oldstatus
) & 0x40) {
399 LOG_ERROR("dq5 timeout, status: 0x%x", status
);
400 return ERROR_FLASH_OPERATION_FAILED
;
402 LOG_DEBUG("status: 0x%x", status
);
406 } else {/* no toggle: finished, OK */
407 LOG_DEBUG("status: 0x%x", status
);
413 } while (timeout
-- > 0);
415 LOG_ERROR("timeout, status: 0x%x", status
);
417 return ERROR_FLASH_BUSY
;
420 static int cfi_read_intel_pri_ext(struct flash_bank
*bank
)
423 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
424 struct cfi_intel_pri_ext
*pri_ext
;
426 free(cfi_info
->pri_ext
);
428 pri_ext
= malloc(sizeof(struct cfi_intel_pri_ext
));
429 if (pri_ext
== NULL
) {
430 LOG_ERROR("Out of memory");
433 cfi_info
->pri_ext
= pri_ext
;
435 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 0, &pri_ext
->pri
[0]);
436 if (retval
!= ERROR_OK
)
438 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 1, &pri_ext
->pri
[1]);
439 if (retval
!= ERROR_OK
)
441 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 2, &pri_ext
->pri
[2]);
442 if (retval
!= ERROR_OK
)
445 if ((pri_ext
->pri
[0] != 'P') || (pri_ext
->pri
[1] != 'R') || (pri_ext
->pri
[2] != 'I')) {
446 retval
= cfi_reset(bank
);
447 if (retval
!= ERROR_OK
)
449 LOG_ERROR("Could not read bank flash bank information");
450 return ERROR_FLASH_BANK_INVALID
;
453 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 3, &pri_ext
->major_version
);
454 if (retval
!= ERROR_OK
)
456 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 4, &pri_ext
->minor_version
);
457 if (retval
!= ERROR_OK
)
460 LOG_DEBUG("pri: '%c%c%c', version: %c.%c", pri_ext
->pri
[0], pri_ext
->pri
[1],
461 pri_ext
->pri
[2], pri_ext
->major_version
, pri_ext
->minor_version
);
463 retval
= cfi_query_u32(bank
, 0, cfi_info
->pri_addr
+ 5, &pri_ext
->feature_support
);
464 if (retval
!= ERROR_OK
)
466 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 9, &pri_ext
->suspend_cmd_support
);
467 if (retval
!= ERROR_OK
)
469 retval
= cfi_query_u16(bank
, 0, cfi_info
->pri_addr
+ 0xa, &pri_ext
->blk_status_reg_mask
);
470 if (retval
!= ERROR_OK
)
473 LOG_DEBUG("feature_support: 0x%" PRIx32
", suspend_cmd_support: "
474 "0x%x, blk_status_reg_mask: 0x%x",
475 pri_ext
->feature_support
,
476 pri_ext
->suspend_cmd_support
,
477 pri_ext
->blk_status_reg_mask
);
479 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 0xc, &pri_ext
->vcc_optimal
);
480 if (retval
!= ERROR_OK
)
482 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 0xd, &pri_ext
->vpp_optimal
);
483 if (retval
!= ERROR_OK
)
486 LOG_DEBUG("Vcc opt: %x.%x, Vpp opt: %u.%x",
487 (pri_ext
->vcc_optimal
& 0xf0) >> 4, pri_ext
->vcc_optimal
& 0x0f,
488 (pri_ext
->vpp_optimal
& 0xf0) >> 4, pri_ext
->vpp_optimal
& 0x0f);
490 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 0xe, &pri_ext
->num_protection_fields
);
491 if (retval
!= ERROR_OK
)
493 if (pri_ext
->num_protection_fields
!= 1) {
494 LOG_WARNING("expected one protection register field, but found %i",
495 pri_ext
->num_protection_fields
);
498 retval
= cfi_query_u16(bank
, 0, cfi_info
->pri_addr
+ 0xf, &pri_ext
->prot_reg_addr
);
499 if (retval
!= ERROR_OK
)
501 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 0x11, &pri_ext
->fact_prot_reg_size
);
502 if (retval
!= ERROR_OK
)
504 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 0x12, &pri_ext
->user_prot_reg_size
);
505 if (retval
!= ERROR_OK
)
508 LOG_DEBUG("protection_fields: %i, prot_reg_addr: 0x%x, "
509 "factory pre-programmed: %i, user programmable: %i",
510 pri_ext
->num_protection_fields
, pri_ext
->prot_reg_addr
,
511 1 << pri_ext
->fact_prot_reg_size
, 1 << pri_ext
->user_prot_reg_size
);
516 static int cfi_read_spansion_pri_ext(struct flash_bank
*bank
)
519 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
520 struct cfi_spansion_pri_ext
*pri_ext
;
522 free(cfi_info
->pri_ext
);
524 pri_ext
= malloc(sizeof(struct cfi_spansion_pri_ext
));
525 if (pri_ext
== NULL
) {
526 LOG_ERROR("Out of memory");
529 cfi_info
->pri_ext
= pri_ext
;
531 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 0, &pri_ext
->pri
[0]);
532 if (retval
!= ERROR_OK
)
534 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 1, &pri_ext
->pri
[1]);
535 if (retval
!= ERROR_OK
)
537 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 2, &pri_ext
->pri
[2]);
538 if (retval
!= ERROR_OK
)
541 /* default values for implementation specific workarounds */
542 pri_ext
->_unlock1
= cfi_unlock_addresses
[CFI_UNLOCK_555_2AA
].unlock1
;
543 pri_ext
->_unlock2
= cfi_unlock_addresses
[CFI_UNLOCK_555_2AA
].unlock2
;
544 pri_ext
->_reversed_geometry
= 0;
546 if ((pri_ext
->pri
[0] != 'P') || (pri_ext
->pri
[1] != 'R') || (pri_ext
->pri
[2] != 'I')) {
547 retval
= cfi_send_command(bank
, 0xf0, cfi_flash_address(bank
, 0, 0x0));
548 if (retval
!= ERROR_OK
)
550 LOG_ERROR("Could not read spansion bank information");
551 return ERROR_FLASH_BANK_INVALID
;
554 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 3, &pri_ext
->major_version
);
555 if (retval
!= ERROR_OK
)
557 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 4, &pri_ext
->minor_version
);
558 if (retval
!= ERROR_OK
)
561 LOG_DEBUG("pri: '%c%c%c', version: %c.%c", pri_ext
->pri
[0], pri_ext
->pri
[1],
562 pri_ext
->pri
[2], pri_ext
->major_version
, pri_ext
->minor_version
);
564 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 5, &pri_ext
->SiliconRevision
);
565 if (retval
!= ERROR_OK
)
567 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 6, &pri_ext
->EraseSuspend
);
568 if (retval
!= ERROR_OK
)
570 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 7, &pri_ext
->BlkProt
);
571 if (retval
!= ERROR_OK
)
573 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 8, &pri_ext
->TmpBlkUnprotect
);
574 if (retval
!= ERROR_OK
)
576 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 9, &pri_ext
->BlkProtUnprot
);
577 if (retval
!= ERROR_OK
)
579 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 10, &pri_ext
->SimultaneousOps
);
580 if (retval
!= ERROR_OK
)
582 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 11, &pri_ext
->BurstMode
);
583 if (retval
!= ERROR_OK
)
585 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 12, &pri_ext
->PageMode
);
586 if (retval
!= ERROR_OK
)
588 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 13, &pri_ext
->VppMin
);
589 if (retval
!= ERROR_OK
)
591 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 14, &pri_ext
->VppMax
);
592 if (retval
!= ERROR_OK
)
594 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 15, &pri_ext
->TopBottom
);
595 if (retval
!= ERROR_OK
)
598 LOG_DEBUG("Silicon Revision: 0x%x, Erase Suspend: 0x%x, Block protect: 0x%x",
599 pri_ext
->SiliconRevision
, pri_ext
->EraseSuspend
, pri_ext
->BlkProt
);
601 LOG_DEBUG("Temporary Unprotect: 0x%x, Block Protect Scheme: 0x%x, "
602 "Simultaneous Ops: 0x%x", pri_ext
->TmpBlkUnprotect
,
603 pri_ext
->BlkProtUnprot
, pri_ext
->SimultaneousOps
);
605 LOG_DEBUG("Burst Mode: 0x%x, Page Mode: 0x%x, ", pri_ext
->BurstMode
, pri_ext
->PageMode
);
608 LOG_DEBUG("Vpp min: %u.%x, Vpp max: %u.%x",
609 (pri_ext
->VppMin
& 0xf0) >> 4, pri_ext
->VppMin
& 0x0f,
610 (pri_ext
->VppMax
& 0xf0) >> 4, pri_ext
->VppMax
& 0x0f);
612 LOG_DEBUG("WP# protection 0x%x", pri_ext
->TopBottom
);
617 static int cfi_read_atmel_pri_ext(struct flash_bank
*bank
)
620 struct cfi_atmel_pri_ext atmel_pri_ext
;
621 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
622 struct cfi_spansion_pri_ext
*pri_ext
;
624 free(cfi_info
->pri_ext
);
626 pri_ext
= malloc(sizeof(struct cfi_spansion_pri_ext
));
627 if (pri_ext
== NULL
) {
628 LOG_ERROR("Out of memory");
632 /* ATMEL devices use the same CFI primary command set (0x2) as AMD/Spansion,
633 * but a different primary extended query table.
634 * We read the atmel table, and prepare a valid AMD/Spansion query table.
637 memset(pri_ext
, 0, sizeof(struct cfi_spansion_pri_ext
));
639 cfi_info
->pri_ext
= pri_ext
;
641 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 0, &atmel_pri_ext
.pri
[0]);
642 if (retval
!= ERROR_OK
)
644 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 1, &atmel_pri_ext
.pri
[1]);
645 if (retval
!= ERROR_OK
)
647 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 2, &atmel_pri_ext
.pri
[2]);
648 if (retval
!= ERROR_OK
)
651 if ((atmel_pri_ext
.pri
[0] != 'P') || (atmel_pri_ext
.pri
[1] != 'R')
652 || (atmel_pri_ext
.pri
[2] != 'I')) {
653 retval
= cfi_send_command(bank
, 0xf0, cfi_flash_address(bank
, 0, 0x0));
654 if (retval
!= ERROR_OK
)
656 LOG_ERROR("Could not read atmel bank information");
657 return ERROR_FLASH_BANK_INVALID
;
660 pri_ext
->pri
[0] = atmel_pri_ext
.pri
[0];
661 pri_ext
->pri
[1] = atmel_pri_ext
.pri
[1];
662 pri_ext
->pri
[2] = atmel_pri_ext
.pri
[2];
664 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 3, &atmel_pri_ext
.major_version
);
665 if (retval
!= ERROR_OK
)
667 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 4, &atmel_pri_ext
.minor_version
);
668 if (retval
!= ERROR_OK
)
671 LOG_DEBUG("pri: '%c%c%c', version: %c.%c", atmel_pri_ext
.pri
[0],
672 atmel_pri_ext
.pri
[1], atmel_pri_ext
.pri
[2],
673 atmel_pri_ext
.major_version
, atmel_pri_ext
.minor_version
);
675 pri_ext
->major_version
= atmel_pri_ext
.major_version
;
676 pri_ext
->minor_version
= atmel_pri_ext
.minor_version
;
678 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 5, &atmel_pri_ext
.features
);
679 if (retval
!= ERROR_OK
)
681 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 6, &atmel_pri_ext
.bottom_boot
);
682 if (retval
!= ERROR_OK
)
684 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 7, &atmel_pri_ext
.burst_mode
);
685 if (retval
!= ERROR_OK
)
687 retval
= cfi_query_u8(bank
, 0, cfi_info
->pri_addr
+ 8, &atmel_pri_ext
.page_mode
);
688 if (retval
!= ERROR_OK
)
692 "features: 0x%2.2x, bottom_boot: 0x%2.2x, burst_mode: 0x%2.2x, page_mode: 0x%2.2x",
693 atmel_pri_ext
.features
,
694 atmel_pri_ext
.bottom_boot
,
695 atmel_pri_ext
.burst_mode
,
696 atmel_pri_ext
.page_mode
);
698 if (atmel_pri_ext
.features
& 0x02)
699 pri_ext
->EraseSuspend
= 2;
701 /* some chips got it backwards... */
702 if (cfi_info
->device_id
== AT49BV6416
||
703 cfi_info
->device_id
== AT49BV6416T
) {
704 if (atmel_pri_ext
.bottom_boot
)
705 pri_ext
->TopBottom
= 3;
707 pri_ext
->TopBottom
= 2;
709 if (atmel_pri_ext
.bottom_boot
)
710 pri_ext
->TopBottom
= 2;
712 pri_ext
->TopBottom
= 3;
715 pri_ext
->_unlock1
= cfi_unlock_addresses
[CFI_UNLOCK_555_2AA
].unlock1
;
716 pri_ext
->_unlock2
= cfi_unlock_addresses
[CFI_UNLOCK_555_2AA
].unlock2
;
721 static int cfi_read_0002_pri_ext(struct flash_bank
*bank
)
723 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
725 if (cfi_info
->manufacturer
== CFI_MFR_ATMEL
)
726 return cfi_read_atmel_pri_ext(bank
);
728 return cfi_read_spansion_pri_ext(bank
);
731 static int cfi_spansion_info(struct flash_bank
*bank
, struct command_invocation
*cmd
)
733 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
734 struct cfi_spansion_pri_ext
*pri_ext
= cfi_info
->pri_ext
;
736 command_print_sameline(cmd
, "\nSpansion primary algorithm extend information:\n");
738 command_print_sameline(cmd
, "pri: '%c%c%c', version: %c.%c\n",
739 pri_ext
->pri
[0], pri_ext
->pri
[1], pri_ext
->pri
[2],
740 pri_ext
->major_version
, pri_ext
->minor_version
);
742 command_print_sameline(cmd
, "Silicon Rev.: 0x%x, Address Sensitive unlock: 0x%x\n",
743 (pri_ext
->SiliconRevision
) >> 2,
744 (pri_ext
->SiliconRevision
) & 0x03);
746 command_print_sameline(cmd
, "Erase Suspend: 0x%x, Sector Protect: 0x%x\n",
747 pri_ext
->EraseSuspend
,
750 command_print_sameline(cmd
, "VppMin: %u.%x, VppMax: %u.%x\n",
751 (pri_ext
->VppMin
& 0xf0) >> 4, pri_ext
->VppMin
& 0x0f,
752 (pri_ext
->VppMax
& 0xf0) >> 4, pri_ext
->VppMax
& 0x0f);
757 static int cfi_intel_info(struct flash_bank
*bank
, struct command_invocation
*cmd
)
759 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
760 struct cfi_intel_pri_ext
*pri_ext
= cfi_info
->pri_ext
;
762 command_print_sameline(cmd
, "\nintel primary algorithm extend information:\n");
764 command_print_sameline(cmd
, "pri: '%c%c%c', version: %c.%c\n",
768 pri_ext
->major_version
,
769 pri_ext
->minor_version
);
771 command_print_sameline(cmd
, "feature_support: 0x%" PRIx32
", "
772 "suspend_cmd_support: 0x%x, blk_status_reg_mask: 0x%x\n",
773 pri_ext
->feature_support
,
774 pri_ext
->suspend_cmd_support
,
775 pri_ext
->blk_status_reg_mask
);
777 command_print_sameline(cmd
, "Vcc opt: %x.%x, Vpp opt: %u.%x\n",
778 (pri_ext
->vcc_optimal
& 0xf0) >> 4, pri_ext
->vcc_optimal
& 0x0f,
779 (pri_ext
->vpp_optimal
& 0xf0) >> 4, pri_ext
->vpp_optimal
& 0x0f);
781 command_print_sameline(cmd
, "protection_fields: %i, prot_reg_addr: 0x%x, "
782 "factory pre-programmed: %i, user programmable: %i\n",
783 pri_ext
->num_protection_fields
, pri_ext
->prot_reg_addr
,
784 1 << pri_ext
->fact_prot_reg_size
, 1 << pri_ext
->user_prot_reg_size
);
789 int cfi_flash_bank_cmd(struct flash_bank
*bank
, unsigned int argc
, const char **argv
)
791 struct cfi_flash_bank
*cfi_info
;
792 bool bus_swap
= false;
795 return ERROR_COMMAND_SYNTAX_ERROR
;
798 * - not exceed max value;
800 * - be equal to a power of 2.
801 * bus must be wide enough to hold one chip */
802 if ((bank
->chip_width
> CFI_MAX_CHIP_WIDTH
)
803 || (bank
->bus_width
> CFI_MAX_BUS_WIDTH
)
804 || (bank
->chip_width
== 0)
805 || (bank
->bus_width
== 0)
806 || (bank
->chip_width
& (bank
->chip_width
- 1))
807 || (bank
->bus_width
& (bank
->bus_width
- 1))
808 || (bank
->chip_width
> bank
->bus_width
)) {
809 LOG_ERROR("chip and bus width have to specified in bytes");
810 return ERROR_FLASH_BANK_INVALID
;
813 cfi_info
= calloc(1, sizeof(struct cfi_flash_bank
));
814 if (cfi_info
== NULL
) {
815 LOG_ERROR("No memory for flash bank info");
818 bank
->driver_priv
= cfi_info
;
820 for (unsigned i
= 6; i
< argc
; i
++) {
821 if (strcmp(argv
[i
], "x16_as_x8") == 0)
822 cfi_info
->x16_as_x8
= true;
823 else if (strcmp(argv
[i
], "data_swap") == 0)
824 cfi_info
->data_swap
= true;
825 else if (strcmp(argv
[i
], "bus_swap") == 0)
827 else if (strcmp(argv
[i
], "jedec_probe") == 0)
828 cfi_info
->jedec_probe
= true;
832 cfi_info
->endianness
=
833 bank
->target
->endianness
== TARGET_LITTLE_ENDIAN
?
834 TARGET_BIG_ENDIAN
: TARGET_LITTLE_ENDIAN
;
836 cfi_info
->endianness
= bank
->target
->endianness
;
838 /* bank wasn't probed yet */
839 cfi_info
->qry
[0] = 0xff;
844 /* flash_bank cfi <base> <size> <chip_width> <bus_width> <target#> [options]
846 FLASH_BANK_COMMAND_HANDLER(cfi_flash_bank_command
)
848 return cfi_flash_bank_cmd(bank
, CMD_ARGC
, CMD_ARGV
);
851 static int cfi_intel_erase(struct flash_bank
*bank
, unsigned int first
,
855 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
857 cfi_intel_clear_status_register(bank
);
859 for (unsigned int i
= first
; i
<= last
; i
++) {
860 retval
= cfi_send_command(bank
, 0x20, cfi_flash_address(bank
, i
, 0x0));
861 if (retval
!= ERROR_OK
)
864 retval
= cfi_send_command(bank
, 0xd0, cfi_flash_address(bank
, i
, 0x0));
865 if (retval
!= ERROR_OK
)
869 retval
= cfi_intel_wait_status_busy(bank
, cfi_info
->block_erase_timeout
, &status
);
870 if (retval
!= ERROR_OK
)
874 bank
->sectors
[i
].is_erased
= 1;
876 retval
= cfi_send_command(bank
, 0xff, cfi_flash_address(bank
, 0, 0x0));
877 if (retval
!= ERROR_OK
)
880 LOG_ERROR("couldn't erase block %u of flash bank at base "
881 TARGET_ADDR_FMT
, i
, bank
->base
);
882 return ERROR_FLASH_OPERATION_FAILED
;
886 return cfi_send_command(bank
, 0xff, cfi_flash_address(bank
, 0, 0x0));
889 int cfi_spansion_unlock_seq(struct flash_bank
*bank
)
892 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
893 struct cfi_spansion_pri_ext
*pri_ext
= cfi_info
->pri_ext
;
895 retval
= cfi_send_command(bank
, 0xaa, cfi_flash_address(bank
, 0, pri_ext
->_unlock1
));
896 if (retval
!= ERROR_OK
)
899 retval
= cfi_send_command(bank
, 0x55, cfi_flash_address(bank
, 0, pri_ext
->_unlock2
));
900 if (retval
!= ERROR_OK
)
906 static int cfi_spansion_erase(struct flash_bank
*bank
, unsigned int first
,
910 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
911 struct cfi_spansion_pri_ext
*pri_ext
= cfi_info
->pri_ext
;
913 for (unsigned int i
= first
; i
<= last
; i
++) {
914 retval
= cfi_spansion_unlock_seq(bank
);
915 if (retval
!= ERROR_OK
)
918 retval
= cfi_send_command(bank
, 0x80, cfi_flash_address(bank
, 0, pri_ext
->_unlock1
));
919 if (retval
!= ERROR_OK
)
922 retval
= cfi_spansion_unlock_seq(bank
);
923 if (retval
!= ERROR_OK
)
926 retval
= cfi_send_command(bank
, 0x30, cfi_flash_address(bank
, i
, 0x0));
927 if (retval
!= ERROR_OK
)
930 if (cfi_spansion_wait_status_busy(bank
, cfi_info
->block_erase_timeout
) == ERROR_OK
)
931 bank
->sectors
[i
].is_erased
= 1;
933 retval
= cfi_send_command(bank
, 0xf0, cfi_flash_address(bank
, 0, 0x0));
934 if (retval
!= ERROR_OK
)
937 LOG_ERROR("couldn't erase block %i of flash bank at base "
938 TARGET_ADDR_FMT
, i
, bank
->base
);
939 return ERROR_FLASH_OPERATION_FAILED
;
943 return cfi_send_command(bank
, 0xf0, cfi_flash_address(bank
, 0, 0x0));
946 int cfi_erase(struct flash_bank
*bank
, unsigned int first
,
949 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
951 if (bank
->target
->state
!= TARGET_HALTED
) {
952 LOG_ERROR("Target not halted");
953 return ERROR_TARGET_NOT_HALTED
;
956 if ((last
< first
) || (last
>= bank
->num_sectors
))
957 return ERROR_FLASH_SECTOR_INVALID
;
959 if (cfi_info
->qry
[0] != 'Q')
960 return ERROR_FLASH_BANK_NOT_PROBED
;
962 switch (cfi_info
->pri_id
) {
965 return cfi_intel_erase(bank
, first
, last
);
967 return cfi_spansion_erase(bank
, first
, last
);
969 LOG_ERROR("cfi primary command set %i unsupported", cfi_info
->pri_id
);
976 static int cfi_intel_protect(struct flash_bank
*bank
, int set
,
977 unsigned int first
, unsigned int last
)
980 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
981 struct cfi_intel_pri_ext
*pri_ext
= cfi_info
->pri_ext
;
984 /* if the device supports neither legacy lock/unlock (bit 3) nor
985 * instant individual block locking (bit 5).
987 if (!(pri_ext
->feature_support
& 0x28)) {
988 LOG_ERROR("lock/unlock not supported on flash");
989 return ERROR_FLASH_OPERATION_FAILED
;
992 cfi_intel_clear_status_register(bank
);
994 for (unsigned int i
= first
; i
<= last
; i
++) {
995 retval
= cfi_send_command(bank
, 0x60, cfi_flash_address(bank
, i
, 0x0));
996 if (retval
!= ERROR_OK
)
999 retval
= cfi_send_command(bank
, 0x01, cfi_flash_address(bank
, i
, 0x0));
1000 if (retval
!= ERROR_OK
)
1002 bank
->sectors
[i
].is_protected
= 1;
1004 retval
= cfi_send_command(bank
, 0xd0, cfi_flash_address(bank
, i
, 0x0));
1005 if (retval
!= ERROR_OK
)
1007 bank
->sectors
[i
].is_protected
= 0;
1010 /* instant individual block locking doesn't require reading of the status register
1012 if (!(pri_ext
->feature_support
& 0x20)) {
1013 /* Clear lock bits operation may take up to 1.4s */
1015 retval
= cfi_intel_wait_status_busy(bank
, 1400, &status
);
1016 if (retval
!= ERROR_OK
)
1019 uint8_t block_status
;
1020 /* read block lock bit, to verify status */
1021 retval
= cfi_send_command(bank
, 0x90, cfi_flash_address(bank
, 0, 0x55));
1022 if (retval
!= ERROR_OK
)
1024 retval
= cfi_get_u8(bank
, i
, 0x2, &block_status
);
1025 if (retval
!= ERROR_OK
)
1028 if ((block_status
& 0x1) != set
) {
1030 "couldn't change block lock status (set = %i, block_status = 0x%2.2x)",
1032 retval
= cfi_send_command(bank
, 0x70, cfi_flash_address(bank
, 0, 0x55));
1033 if (retval
!= ERROR_OK
)
1036 retval
= cfi_intel_wait_status_busy(bank
, 10, &status
);
1037 if (retval
!= ERROR_OK
)
1041 return ERROR_FLASH_OPERATION_FAILED
;
1050 /* if the device doesn't support individual block lock bits set/clear,
1051 * all blocks have been unlocked in parallel, so we set those that should be protected
1053 if ((!set
) && (!(pri_ext
->feature_support
& 0x20))) {
1054 /* FIX!!! this code path is broken!!!
1056 * The correct approach is:
1058 * 1. read out current protection status
1060 * 2. override read out protection status w/unprotected.
1062 * 3. re-protect what should be protected.
1065 for (unsigned int i
= 0; i
< bank
->num_sectors
; i
++) {
1066 if (bank
->sectors
[i
].is_protected
== 1) {
1067 cfi_intel_clear_status_register(bank
);
1069 retval
= cfi_send_command(bank
, 0x60, cfi_flash_address(bank
, i
, 0x0));
1070 if (retval
!= ERROR_OK
)
1073 retval
= cfi_send_command(bank
, 0x01, cfi_flash_address(bank
, i
, 0x0));
1074 if (retval
!= ERROR_OK
)
1078 retval
= cfi_intel_wait_status_busy(bank
, 100, &status
);
1079 if (retval
!= ERROR_OK
)
1085 return cfi_send_command(bank
, 0xff, cfi_flash_address(bank
, 0, 0x0));
1088 int cfi_protect(struct flash_bank
*bank
, int set
, unsigned int first
,
1091 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
1093 if (bank
->target
->state
!= TARGET_HALTED
) {
1094 LOG_ERROR("Target not halted");
1095 return ERROR_TARGET_NOT_HALTED
;
1098 if (cfi_info
->qry
[0] != 'Q')
1099 return ERROR_FLASH_BANK_NOT_PROBED
;
1101 switch (cfi_info
->pri_id
) {
1104 return cfi_intel_protect(bank
, set
, first
, last
);
1106 LOG_WARNING("protect: cfi primary command set %i unsupported", cfi_info
->pri_id
);
1111 static uint32_t cfi_command_val(struct flash_bank
*bank
, uint8_t cmd
)
1113 struct target
*target
= bank
->target
;
1115 uint8_t buf
[CFI_MAX_BUS_WIDTH
];
1116 cfi_command(bank
, cmd
, buf
);
1117 switch (bank
->bus_width
) {
1121 return target_buffer_get_u16(target
, buf
);
1123 return target_buffer_get_u32(target
, buf
);
1125 LOG_ERROR("Unsupported bank buswidth %u, can't do block memory writes",
1131 static int cfi_intel_write_block(struct flash_bank
*bank
, const uint8_t *buffer
,
1132 uint32_t address
, uint32_t count
)
1134 struct target
*target
= bank
->target
;
1135 struct reg_param reg_params
[7];
1136 struct arm_algorithm arm_algo
;
1137 struct working_area
*write_algorithm
;
1138 struct working_area
*source
= NULL
;
1139 uint32_t buffer_size
= 32768;
1140 uint32_t write_command_val
, busy_pattern_val
, error_pattern_val
;
1142 /* algorithm register usage:
1143 * r0: source address (in RAM)
1144 * r1: target address (in Flash)
1146 * r3: flash write command
1147 * r4: status byte (returned to host)
1148 * r5: busy test pattern
1149 * r6: error test pattern
1152 /* see contrib/loaders/flash/armv4_5_cfi_intel_32.s for src */
1153 static const uint32_t word_32_code
[] = {
1154 0xe4904004, /* loop: ldr r4, [r0], #4 */
1155 0xe5813000, /* str r3, [r1] */
1156 0xe5814000, /* str r4, [r1] */
1157 0xe5914000, /* busy: ldr r4, [r1] */
1158 0xe0047005, /* and r7, r4, r5 */
1159 0xe1570005, /* cmp r7, r5 */
1160 0x1afffffb, /* bne busy */
1161 0xe1140006, /* tst r4, r6 */
1162 0x1a000003, /* bne done */
1163 0xe2522001, /* subs r2, r2, #1 */
1164 0x0a000001, /* beq done */
1165 0xe2811004, /* add r1, r1 #4 */
1166 0xeafffff2, /* b loop */
1167 0xeafffffe /* done: b -2 */
1170 /* see contrib/loaders/flash/armv4_5_cfi_intel_16.s for src */
1171 static const uint32_t word_16_code
[] = {
1172 0xe0d040b2, /* loop: ldrh r4, [r0], #2 */
1173 0xe1c130b0, /* strh r3, [r1] */
1174 0xe1c140b0, /* strh r4, [r1] */
1175 0xe1d140b0, /* busy ldrh r4, [r1] */
1176 0xe0047005, /* and r7, r4, r5 */
1177 0xe1570005, /* cmp r7, r5 */
1178 0x1afffffb, /* bne busy */
1179 0xe1140006, /* tst r4, r6 */
1180 0x1a000003, /* bne done */
1181 0xe2522001, /* subs r2, r2, #1 */
1182 0x0a000001, /* beq done */
1183 0xe2811002, /* add r1, r1 #2 */
1184 0xeafffff2, /* b loop */
1185 0xeafffffe /* done: b -2 */
1188 /* see contrib/loaders/flash/armv4_5_cfi_intel_8.s for src */
1189 static const uint32_t word_8_code
[] = {
1190 0xe4d04001, /* loop: ldrb r4, [r0], #1 */
1191 0xe5c13000, /* strb r3, [r1] */
1192 0xe5c14000, /* strb r4, [r1] */
1193 0xe5d14000, /* busy ldrb r4, [r1] */
1194 0xe0047005, /* and r7, r4, r5 */
1195 0xe1570005, /* cmp r7, r5 */
1196 0x1afffffb, /* bne busy */
1197 0xe1140006, /* tst r4, r6 */
1198 0x1a000003, /* bne done */
1199 0xe2522001, /* subs r2, r2, #1 */
1200 0x0a000001, /* beq done */
1201 0xe2811001, /* add r1, r1 #1 */
1202 0xeafffff2, /* b loop */
1203 0xeafffffe /* done: b -2 */
1205 uint8_t target_code
[4*CFI_MAX_INTEL_CODESIZE
];
1206 const uint32_t *target_code_src
;
1207 uint32_t target_code_size
;
1208 int retval
= ERROR_OK
;
1210 /* check we have a supported arch */
1211 if (is_arm(target_to_arm(target
))) {
1212 /* All other ARM CPUs have 32 bit instructions */
1213 arm_algo
.common_magic
= ARM_COMMON_MAGIC
;
1214 arm_algo
.core_mode
= ARM_MODE_SVC
;
1215 arm_algo
.core_state
= ARM_STATE_ARM
;
1217 LOG_ERROR("Unknown architecture");
1218 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1221 cfi_intel_clear_status_register(bank
);
1223 /* If we are setting up the write_algorithm, we need target_code_src
1224 * if not we only need target_code_size. */
1226 /* However, we don't want to create multiple code paths, so we
1227 * do the unnecessary evaluation of target_code_src, which the
1228 * compiler will probably nicely optimize away if not needed */
1230 /* prepare algorithm code for target endian */
1231 switch (bank
->bus_width
) {
1233 target_code_src
= word_8_code
;
1234 target_code_size
= sizeof(word_8_code
);
1237 target_code_src
= word_16_code
;
1238 target_code_size
= sizeof(word_16_code
);
1241 target_code_src
= word_32_code
;
1242 target_code_size
= sizeof(word_32_code
);
1245 LOG_ERROR("Unsupported bank buswidth %u, can't do block memory writes",
1247 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1250 /* flash write code */
1251 if (target_code_size
> sizeof(target_code
)) {
1252 LOG_WARNING("Internal error - target code buffer to small. "
1253 "Increase CFI_MAX_INTEL_CODESIZE and recompile.");
1254 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1257 target_buffer_set_u32_array(target
, target_code
, target_code_size
/ 4, target_code_src
);
1259 /* Get memory for block write handler */
1260 retval
= target_alloc_working_area(target
,
1263 if (retval
!= ERROR_OK
) {
1264 LOG_WARNING("No working area available, can't do block memory writes");
1265 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1268 /* write algorithm code to working area */
1269 retval
= target_write_buffer(target
, write_algorithm
->address
,
1270 target_code_size
, target_code
);
1271 if (retval
!= ERROR_OK
) {
1272 LOG_ERROR("Unable to write block write code to target");
1276 /* Get a workspace buffer for the data to flash starting with 32k size.
1277 * Half size until buffer would be smaller 256 Bytes then fail back */
1278 /* FIXME Why 256 bytes, why not 32 bytes (smallest flash write page */
1279 while (target_alloc_working_area_try(target
, buffer_size
, &source
) != ERROR_OK
) {
1281 if (buffer_size
<= 256) {
1283 "no large enough working area available, can't do block memory writes");
1284 retval
= ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1289 /* setup algo registers */
1290 init_reg_param(®_params
[0], "r0", 32, PARAM_OUT
);
1291 init_reg_param(®_params
[1], "r1", 32, PARAM_OUT
);
1292 init_reg_param(®_params
[2], "r2", 32, PARAM_OUT
);
1293 init_reg_param(®_params
[3], "r3", 32, PARAM_OUT
);
1294 init_reg_param(®_params
[4], "r4", 32, PARAM_IN
);
1295 init_reg_param(®_params
[5], "r5", 32, PARAM_OUT
);
1296 init_reg_param(®_params
[6], "r6", 32, PARAM_OUT
);
1298 /* prepare command and status register patterns */
1299 write_command_val
= cfi_command_val(bank
, 0x40);
1300 busy_pattern_val
= cfi_command_val(bank
, 0x80);
1301 error_pattern_val
= cfi_command_val(bank
, 0x7e);
1303 LOG_DEBUG("Using target buffer at " TARGET_ADDR_FMT
" and of size 0x%04" PRIx32
,
1304 source
->address
, buffer_size
);
1306 /* Programming main loop */
1308 uint32_t thisrun_count
= (count
> buffer_size
) ? buffer_size
: count
;
1311 retval
= target_write_buffer(target
, source
->address
, thisrun_count
, buffer
);
1312 if (retval
!= ERROR_OK
)
1315 buf_set_u32(reg_params
[0].value
, 0, 32, source
->address
);
1316 buf_set_u32(reg_params
[1].value
, 0, 32, address
);
1317 buf_set_u32(reg_params
[2].value
, 0, 32, thisrun_count
/ bank
->bus_width
);
1319 buf_set_u32(reg_params
[3].value
, 0, 32, write_command_val
);
1320 buf_set_u32(reg_params
[5].value
, 0, 32, busy_pattern_val
);
1321 buf_set_u32(reg_params
[6].value
, 0, 32, error_pattern_val
);
1323 LOG_DEBUG("Write 0x%04" PRIx32
" bytes to flash at 0x%08" PRIx32
,
1324 thisrun_count
, address
);
1326 /* Execute algorithm, assume breakpoint for last instruction */
1327 retval
= target_run_algorithm(target
, 0, NULL
, 7, reg_params
,
1328 write_algorithm
->address
,
1329 write_algorithm
->address
+ target_code_size
-
1331 10000, /* 10s should be enough for max. 32k of data */
1334 /* On failure try a fall back to direct word writes */
1335 if (retval
!= ERROR_OK
) {
1336 cfi_intel_clear_status_register(bank
);
1338 "Execution of flash algorithm failed. Can't fall back. Please report.");
1339 retval
= ERROR_FLASH_OPERATION_FAILED
;
1340 /* retval = ERROR_TARGET_RESOURCE_NOT_AVAILABLE; */
1341 /* FIXME To allow fall back or recovery, we must save the actual status
1342 * somewhere, so that a higher level code can start recovery. */
1346 /* Check return value from algo code */
1347 wsm_error
= buf_get_u32(reg_params
[4].value
, 0, 32) & error_pattern_val
;
1349 /* read status register (outputs debug information) */
1351 cfi_intel_wait_status_busy(bank
, 100, &status
);
1352 cfi_intel_clear_status_register(bank
);
1353 retval
= ERROR_FLASH_OPERATION_FAILED
;
1357 buffer
+= thisrun_count
;
1358 address
+= thisrun_count
;
1359 count
-= thisrun_count
;
1364 /* free up resources */
1367 target_free_working_area(target
, source
);
1369 target_free_working_area(target
, write_algorithm
);
1371 destroy_reg_param(®_params
[0]);
1372 destroy_reg_param(®_params
[1]);
1373 destroy_reg_param(®_params
[2]);
1374 destroy_reg_param(®_params
[3]);
1375 destroy_reg_param(®_params
[4]);
1376 destroy_reg_param(®_params
[5]);
1377 destroy_reg_param(®_params
[6]);
1382 static int cfi_spansion_write_block_mips(struct flash_bank
*bank
, const uint8_t *buffer
,
1383 uint32_t address
, uint32_t count
)
1385 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
1386 struct cfi_spansion_pri_ext
*pri_ext
= cfi_info
->pri_ext
;
1387 struct target
*target
= bank
->target
;
1388 struct reg_param reg_params
[10];
1389 struct mips32_algorithm mips32_info
;
1390 struct working_area
*write_algorithm
;
1391 struct working_area
*source
;
1392 uint32_t buffer_size
= 32768;
1394 int retval
= ERROR_OK
;
1396 /* input parameters -
1397 * 4 A0 = source address
1398 * 5 A1 = destination address
1399 * 6 A2 = number of writes
1400 * 7 A3 = flash write command
1401 * 8 T0 = constant to mask DQ7 bits (also used for Dq5 with shift)
1402 * output parameters -
1403 * 9 T1 = 0x80 ok 0x00 bad
1405 * 10 T2 = value read from flash to test status
1406 * 11 T3 = holding register
1407 * unlock registers -
1408 * 12 T4 = unlock1_addr
1409 * 13 T5 = unlock1_cmd
1410 * 14 T6 = unlock2_addr
1411 * 15 T7 = unlock2_cmd */
1413 static const uint32_t mips_word_16_code
[] = {
1415 MIPS32_LHU(0, 9, 0, 4), /* lhu $t1, ($a0) ; out = &saddr */
1416 MIPS32_ADDI(0, 4, 4, 2), /* addi $a0, $a0, 2 ; saddr += 2 */
1417 MIPS32_SH(0, 13, 0, 12), /* sh $t5, ($t4) ; *fl_unl_addr1 = fl_unl_cmd1 */
1418 MIPS32_SH(0, 15, 0, 14), /* sh $t7, ($t6) ; *fl_unl_addr2 = fl_unl_cmd2 */
1419 MIPS32_SH(0, 7, 0, 12), /* sh $a3, ($t4) ; *fl_unl_addr1 = fl_write_cmd */
1420 MIPS32_SH(0, 9, 0, 5), /* sh $t1, ($a1) ; *daddr = out */
1421 MIPS32_NOP
, /* nop */
1423 MIPS32_LHU(0, 10, 0, 5), /* lhu $t2, ($a1) ; temp1 = *daddr */
1424 MIPS32_XOR(0, 11, 9, 10), /* xor $t3, $a0, $t2 ; temp2 = out ^ temp1; */
1425 MIPS32_AND(0, 11, 8, 11), /* and $t3, $t0, $t3 ; temp2 = temp2 & DQ7mask */
1426 MIPS32_BNE(0, 11, 8, 13), /* bne $t3, $t0, cont ; if (temp2 != DQ7mask) goto cont */
1427 MIPS32_NOP
, /* nop */
1429 MIPS32_SRL(0, 10, 8, 2), /* srl $t2,$t0,2 ; temp1 = DQ7mask >> 2 */
1430 MIPS32_AND(0, 11, 10, 11), /* and $t3, $t2, $t3 ; temp2 = temp2 & temp1 */
1431 MIPS32_BNE(0, 11, 10, NEG16(8)), /* bne $t3, $t2, busy ; if (temp2 != temp1) goto busy */
1432 MIPS32_NOP
, /* nop */
1434 MIPS32_LHU(0, 10, 0, 5), /* lhu $t2, ($a1) ; temp1 = *daddr */
1435 MIPS32_XOR(0, 11, 9, 10), /* xor $t3, $a0, $t2 ; temp2 = out ^ temp1; */
1436 MIPS32_AND(0, 11, 8, 11), /* and $t3, $t0, $t3 ; temp2 = temp2 & DQ7mask */
1437 MIPS32_BNE(0, 11, 8, 4), /* bne $t3, $t0, cont ; if (temp2 != DQ7mask) goto cont */
1438 MIPS32_NOP
, /* nop */
1440 MIPS32_XOR(0, 9, 9, 9), /* xor $t1, $t1, $t1 ; out = 0 */
1441 MIPS32_BEQ(0, 9, 0, 11), /* beq $t1, $zero, done ; if (out == 0) goto done */
1442 MIPS32_NOP
, /* nop */
1444 MIPS32_ADDI(0, 6, 6, NEG16(1)), /* addi, $a2, $a2, -1 ; numwrites-- */
1445 MIPS32_BNE(0, 6, 0, 5), /* bne $a2, $zero, cont2 ; if (numwrite != 0) goto cont2 */
1446 MIPS32_NOP
, /* nop */
1448 MIPS32_LUI(0, 9, 0), /* lui $t1, 0 */
1449 MIPS32_ORI(0, 9, 9, 0x80), /* ori $t1, $t1, 0x80 ; out = 0x80 */
1451 MIPS32_B(0, 4), /* b done ; goto done */
1452 MIPS32_NOP
, /* nop */
1454 MIPS32_ADDI(0, 5, 5, 2), /* addi $a0, $a0, 2 ; daddr += 2 */
1455 MIPS32_B(0, NEG16(33)), /* b start ; goto start */
1456 MIPS32_NOP
, /* nop */
1458 MIPS32_SDBBP(0), /* sdbbp ; break(); */
1461 mips32_info
.common_magic
= MIPS32_COMMON_MAGIC
;
1462 mips32_info
.isa_mode
= MIPS32_ISA_MIPS32
;
1464 int target_code_size
= 0;
1465 const uint32_t *target_code_src
= NULL
;
1467 switch (bank
->bus_width
) {
1469 /* Check for DQ5 support */
1470 if (cfi_info
->status_poll_mask
& (1 << 5)) {
1471 target_code_src
= mips_word_16_code
;
1472 target_code_size
= sizeof(mips_word_16_code
);
1474 LOG_ERROR("Need DQ5 support");
1475 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1476 /* target_code_src = mips_word_16_code_dq7only; */
1477 /* target_code_size = sizeof(mips_word_16_code_dq7only); */
1481 LOG_ERROR("Unsupported bank buswidth %u, can't do block memory writes",
1483 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1486 /* flash write code */
1487 uint8_t *target_code
;
1489 /* convert bus-width dependent algorithm code to correct endianness */
1490 target_code
= malloc(target_code_size
);
1491 if (target_code
== NULL
) {
1492 LOG_ERROR("Out of memory");
1496 target_buffer_set_u32_array(target
, target_code
, target_code_size
/ 4, target_code_src
);
1498 /* allocate working area */
1499 retval
= target_alloc_working_area(target
, target_code_size
,
1501 if (retval
!= ERROR_OK
) {
1506 /* write algorithm code to working area */
1507 retval
= target_write_buffer(target
, write_algorithm
->address
,
1508 target_code_size
, target_code
);
1509 if (retval
!= ERROR_OK
) {
1516 /* the following code still assumes target code is fixed 24*4 bytes */
1518 while (target_alloc_working_area_try(target
, buffer_size
, &source
) != ERROR_OK
) {
1520 if (buffer_size
<= 256) {
1521 /* we already allocated the writing code, but failed to get a
1522 * buffer, free the algorithm */
1523 target_free_working_area(target
, write_algorithm
);
1526 "not enough working area available, can't do block memory writes");
1527 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1531 init_reg_param(®_params
[0], "r4", 32, PARAM_OUT
);
1532 init_reg_param(®_params
[1], "r5", 32, PARAM_OUT
);
1533 init_reg_param(®_params
[2], "r6", 32, PARAM_OUT
);
1534 init_reg_param(®_params
[3], "r7", 32, PARAM_OUT
);
1535 init_reg_param(®_params
[4], "r8", 32, PARAM_OUT
);
1536 init_reg_param(®_params
[5], "r9", 32, PARAM_IN
);
1537 init_reg_param(®_params
[6], "r12", 32, PARAM_OUT
);
1538 init_reg_param(®_params
[7], "r13", 32, PARAM_OUT
);
1539 init_reg_param(®_params
[8], "r14", 32, PARAM_OUT
);
1540 init_reg_param(®_params
[9], "r15", 32, PARAM_OUT
);
1543 uint32_t thisrun_count
= (count
> buffer_size
) ? buffer_size
: count
;
1545 retval
= target_write_buffer(target
, source
->address
, thisrun_count
, buffer
);
1546 if (retval
!= ERROR_OK
)
1549 buf_set_u32(reg_params
[0].value
, 0, 32, source
->address
);
1550 buf_set_u32(reg_params
[1].value
, 0, 32, address
);
1551 buf_set_u32(reg_params
[2].value
, 0, 32, thisrun_count
/ bank
->bus_width
);
1552 buf_set_u32(reg_params
[3].value
, 0, 32, cfi_command_val(bank
, 0xA0));
1553 buf_set_u32(reg_params
[4].value
, 0, 32, cfi_command_val(bank
, 0x80));
1554 buf_set_u32(reg_params
[6].value
, 0, 32, cfi_flash_address(bank
, 0, pri_ext
->_unlock1
));
1555 buf_set_u32(reg_params
[7].value
, 0, 32, 0xaaaaaaaa);
1556 buf_set_u32(reg_params
[8].value
, 0, 32, cfi_flash_address(bank
, 0, pri_ext
->_unlock2
));
1557 buf_set_u32(reg_params
[9].value
, 0, 32, 0x55555555);
1559 retval
= target_run_algorithm(target
, 0, NULL
, 10, reg_params
,
1560 write_algorithm
->address
,
1561 write_algorithm
->address
+ ((target_code_size
) - 4),
1562 10000, &mips32_info
);
1563 if (retval
!= ERROR_OK
)
1566 status
= buf_get_u32(reg_params
[5].value
, 0, 32);
1567 if (status
!= 0x80) {
1568 LOG_ERROR("flash write block failed status: 0x%" PRIx32
, status
);
1569 retval
= ERROR_FLASH_OPERATION_FAILED
;
1573 buffer
+= thisrun_count
;
1574 address
+= thisrun_count
;
1575 count
-= thisrun_count
;
1578 target_free_all_working_areas(target
);
1580 destroy_reg_param(®_params
[0]);
1581 destroy_reg_param(®_params
[1]);
1582 destroy_reg_param(®_params
[2]);
1583 destroy_reg_param(®_params
[3]);
1584 destroy_reg_param(®_params
[4]);
1585 destroy_reg_param(®_params
[5]);
1586 destroy_reg_param(®_params
[6]);
1587 destroy_reg_param(®_params
[7]);
1588 destroy_reg_param(®_params
[8]);
1589 destroy_reg_param(®_params
[9]);
1594 static int cfi_spansion_write_block(struct flash_bank
*bank
, const uint8_t *buffer
,
1595 uint32_t address
, uint32_t count
)
1597 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
1598 struct cfi_spansion_pri_ext
*pri_ext
= cfi_info
->pri_ext
;
1599 struct target
*target
= bank
->target
;
1600 struct reg_param reg_params
[10];
1602 struct arm_algorithm armv4_5_algo
;
1603 struct armv7m_algorithm armv7m_algo
;
1604 struct working_area
*write_algorithm
;
1605 struct working_area
*source
;
1606 uint32_t buffer_size
= 32768;
1608 int retval
= ERROR_OK
;
1610 /* input parameters -
1611 * R0 = source address
1612 * R1 = destination address
1613 * R2 = number of writes
1614 * R3 = flash write command
1615 * R4 = constant to mask DQ7 bits (also used for Dq5 with shift)
1616 * output parameters -
1617 * R5 = 0x80 ok 0x00 bad
1619 * R6 = value read from flash to test status
1620 * R7 = holding register
1621 * unlock registers -
1624 * R10 = unlock2_addr
1625 * R11 = unlock2_cmd */
1627 /* see contrib/loaders/flash/armv4_5_cfi_span_32.s for src */
1628 static const uint32_t armv4_5_word_32_code
[] = {
1629 /* 00008100 <sp_32_code>: */
1630 0xe4905004, /* ldr r5, [r0], #4 */
1631 0xe5889000, /* str r9, [r8] */
1632 0xe58ab000, /* str r11, [r10] */
1633 0xe5883000, /* str r3, [r8] */
1634 0xe5815000, /* str r5, [r1] */
1635 0xe1a00000, /* nop */
1636 /* 00008110 <sp_32_busy>: */
1637 0xe5916000, /* ldr r6, [r1] */
1638 0xe0257006, /* eor r7, r5, r6 */
1639 0xe0147007, /* ands r7, r4, r7 */
1640 0x0a000007, /* beq 8140 <sp_32_cont> ; b if DQ7 == Data7 */
1641 0xe0166124, /* ands r6, r6, r4, lsr #2 */
1642 0x0afffff9, /* beq 8110 <sp_32_busy> ; b if DQ5 low */
1643 0xe5916000, /* ldr r6, [r1] */
1644 0xe0257006, /* eor r7, r5, r6 */
1645 0xe0147007, /* ands r7, r4, r7 */
1646 0x0a000001, /* beq 8140 <sp_32_cont> ; b if DQ7 == Data7 */
1647 0xe3a05000, /* mov r5, #0 ; 0x0 - return 0x00, error */
1648 0x1a000004, /* bne 8154 <sp_32_done> */
1649 /* 00008140 <sp_32_cont>: */
1650 0xe2522001, /* subs r2, r2, #1 ; 0x1 */
1651 0x03a05080, /* moveq r5, #128 ; 0x80 */
1652 0x0a000001, /* beq 8154 <sp_32_done> */
1653 0xe2811004, /* add r1, r1, #4 ; 0x4 */
1654 0xeaffffe8, /* b 8100 <sp_32_code> */
1655 /* 00008154 <sp_32_done>: */
1656 0xeafffffe /* b 8154 <sp_32_done> */
1659 /* see contrib/loaders/flash/armv4_5_cfi_span_16.s for src */
1660 static const uint32_t armv4_5_word_16_code
[] = {
1661 /* 00008158 <sp_16_code>: */
1662 0xe0d050b2, /* ldrh r5, [r0], #2 */
1663 0xe1c890b0, /* strh r9, [r8] */
1664 0xe1cab0b0, /* strh r11, [r10] */
1665 0xe1c830b0, /* strh r3, [r8] */
1666 0xe1c150b0, /* strh r5, [r1] */
1667 0xe1a00000, /* nop (mov r0,r0) */
1668 /* 00008168 <sp_16_busy>: */
1669 0xe1d160b0, /* ldrh r6, [r1] */
1670 0xe0257006, /* eor r7, r5, r6 */
1671 0xe0147007, /* ands r7, r4, r7 */
1672 0x0a000007, /* beq 8198 <sp_16_cont> */
1673 0xe0166124, /* ands r6, r6, r4, lsr #2 */
1674 0x0afffff9, /* beq 8168 <sp_16_busy> */
1675 0xe1d160b0, /* ldrh r6, [r1] */
1676 0xe0257006, /* eor r7, r5, r6 */
1677 0xe0147007, /* ands r7, r4, r7 */
1678 0x0a000001, /* beq 8198 <sp_16_cont> */
1679 0xe3a05000, /* mov r5, #0 ; 0x0 */
1680 0x1a000004, /* bne 81ac <sp_16_done> */
1681 /* 00008198 <sp_16_cont>: */
1682 0xe2522001, /* subs r2, r2, #1 ; 0x1 */
1683 0x03a05080, /* moveq r5, #128 ; 0x80 */
1684 0x0a000001, /* beq 81ac <sp_16_done> */
1685 0xe2811002, /* add r1, r1, #2 ; 0x2 */
1686 0xeaffffe8, /* b 8158 <sp_16_code> */
1687 /* 000081ac <sp_16_done>: */
1688 0xeafffffe /* b 81ac <sp_16_done> */
1691 /* see contrib/loaders/flash/armv7m_cfi_span_16.s for src */
1692 static const uint32_t armv7m_word_16_code
[] = {
1713 /* see contrib/loaders/flash/armv7m_cfi_span_16_dq7.s for src */
1714 static const uint32_t armv7m_word_16_code_dq7only
[] = {
1715 /* 00000000 <code>: */
1716 0x5B02F830, /* ldrh.w r5, [r0], #2 */
1717 0x9000F8A8, /* strh.w r9, [r8] */
1718 0xB000F8AA, /* strh.w fp, [sl] */
1719 0x3000F8A8, /* strh.w r3, [r8] */
1720 0xBF00800D, /* strh r5, [r1, #0] */
1723 /* 00000014 <busy>: */
1724 0xEA85880E, /* ldrh r6, [r1, #0] */
1725 /* eor.w r7, r5, r6 */
1726 0x40270706, /* ands r7, r4 */
1727 0x3A01D1FA, /* bne.n 14 <busy> */
1729 0xF101D002, /* beq.n 28 <success> */
1730 0xE7EB0102, /* add.w r1, r1, #2 */
1733 /* 00000028 <success>: */
1734 0x0580F04F, /* mov.w r5, #128 */
1735 0xBF00E7FF, /* b.n 30 <done> */
1736 /* nop (for alignment purposes) */
1738 /* 00000030 <done>: */
1739 0x0000BE00 /* bkpt 0x0000 */
1742 /* see contrib/loaders/flash/armv4_5_cfi_span_16_dq7.s for src */
1743 static const uint32_t armv4_5_word_16_code_dq7only
[] = {
1745 0xe0d050b2, /* ldrh r5, [r0], #2 */
1746 0xe1c890b0, /* strh r9, [r8] */
1747 0xe1cab0b0, /* strh r11, [r10] */
1748 0xe1c830b0, /* strh r3, [r8] */
1749 0xe1c150b0, /* strh r5, [r1] */
1750 0xe1a00000, /* nop (mov r0,r0) */
1752 0xe1d160b0, /* ldrh r6, [r1] */
1753 0xe0257006, /* eor r7, r5, r6 */
1754 0xe2177080, /* ands r7, #0x80 */
1755 0x1afffffb, /* bne 8168 <sp_16_busy> */
1757 0xe2522001, /* subs r2, r2, #1 ; 0x1 */
1758 0x03a05080, /* moveq r5, #128 ; 0x80 */
1759 0x0a000001, /* beq 81ac <sp_16_done> */
1760 0xe2811002, /* add r1, r1, #2 ; 0x2 */
1761 0xeafffff0, /* b 8158 <sp_16_code> */
1762 /* 000081ac <sp_16_done>: */
1763 0xeafffffe /* b 81ac <sp_16_done> */
1766 /* see contrib/loaders/flash/armv4_5_cfi_span_8.s for src */
1767 static const uint32_t armv4_5_word_8_code
[] = {
1768 /* 000081b0 <sp_16_code_end>: */
1769 0xe4d05001, /* ldrb r5, [r0], #1 */
1770 0xe5c89000, /* strb r9, [r8] */
1771 0xe5cab000, /* strb r11, [r10] */
1772 0xe5c83000, /* strb r3, [r8] */
1773 0xe5c15000, /* strb r5, [r1] */
1774 0xe1a00000, /* nop (mov r0,r0) */
1775 /* 000081c0 <sp_8_busy>: */
1776 0xe5d16000, /* ldrb r6, [r1] */
1777 0xe0257006, /* eor r7, r5, r6 */
1778 0xe0147007, /* ands r7, r4, r7 */
1779 0x0a000007, /* beq 81f0 <sp_8_cont> */
1780 0xe0166124, /* ands r6, r6, r4, lsr #2 */
1781 0x0afffff9, /* beq 81c0 <sp_8_busy> */
1782 0xe5d16000, /* ldrb r6, [r1] */
1783 0xe0257006, /* eor r7, r5, r6 */
1784 0xe0147007, /* ands r7, r4, r7 */
1785 0x0a000001, /* beq 81f0 <sp_8_cont> */
1786 0xe3a05000, /* mov r5, #0 ; 0x0 */
1787 0x1a000004, /* bne 8204 <sp_8_done> */
1788 /* 000081f0 <sp_8_cont>: */
1789 0xe2522001, /* subs r2, r2, #1 ; 0x1 */
1790 0x03a05080, /* moveq r5, #128 ; 0x80 */
1791 0x0a000001, /* beq 8204 <sp_8_done> */
1792 0xe2811001, /* add r1, r1, #1 ; 0x1 */
1793 0xeaffffe8, /* b 81b0 <sp_16_code_end> */
1794 /* 00008204 <sp_8_done>: */
1795 0xeafffffe /* b 8204 <sp_8_done> */
1798 if (strncmp(target_type_name(target
), "mips_m4k", 8) == 0)
1799 return cfi_spansion_write_block_mips(bank
, buffer
, address
, count
);
1801 if (is_armv7m(target_to_armv7m(target
))) { /* armv7m target */
1802 armv7m_algo
.common_magic
= ARMV7M_COMMON_MAGIC
;
1803 armv7m_algo
.core_mode
= ARM_MODE_THREAD
;
1804 arm_algo
= &armv7m_algo
;
1805 } else if (is_arm(target_to_arm(target
))) {
1806 /* All other ARM CPUs have 32 bit instructions */
1807 armv4_5_algo
.common_magic
= ARM_COMMON_MAGIC
;
1808 armv4_5_algo
.core_mode
= ARM_MODE_SVC
;
1809 armv4_5_algo
.core_state
= ARM_STATE_ARM
;
1810 arm_algo
= &armv4_5_algo
;
1812 LOG_ERROR("Unknown architecture");
1813 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1816 int target_code_size
= 0;
1817 const uint32_t *target_code_src
= NULL
;
1819 switch (bank
->bus_width
) {
1821 if (is_armv7m(target_to_armv7m(target
))) {
1822 LOG_ERROR("Unknown ARM architecture");
1825 target_code_src
= armv4_5_word_8_code
;
1826 target_code_size
= sizeof(armv4_5_word_8_code
);
1829 /* Check for DQ5 support */
1830 if (cfi_info
->status_poll_mask
& (1 << 5)) {
1831 if (is_armv7m(target_to_armv7m(target
))) {
1833 target_code_src
= armv7m_word_16_code
;
1834 target_code_size
= sizeof(armv7m_word_16_code
);
1835 } else { /* armv4_5 target */
1836 target_code_src
= armv4_5_word_16_code
;
1837 target_code_size
= sizeof(armv4_5_word_16_code
);
1840 /* No DQ5 support. Use DQ7 DATA# polling only. */
1841 if (is_armv7m(target_to_armv7m(target
))) {
1843 target_code_src
= armv7m_word_16_code_dq7only
;
1844 target_code_size
= sizeof(armv7m_word_16_code_dq7only
);
1845 } else { /* armv4_5 target */
1846 target_code_src
= armv4_5_word_16_code_dq7only
;
1847 target_code_size
= sizeof(armv4_5_word_16_code_dq7only
);
1852 if (is_armv7m(target_to_armv7m(target
))) {
1853 LOG_ERROR("Unknown ARM architecture");
1856 target_code_src
= armv4_5_word_32_code
;
1857 target_code_size
= sizeof(armv4_5_word_32_code
);
1860 LOG_ERROR("Unsupported bank buswidth %u, can't do block memory writes",
1862 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1865 /* flash write code */
1866 uint8_t *target_code
;
1868 /* convert bus-width dependent algorithm code to correct endianness */
1869 target_code
= malloc(target_code_size
);
1870 if (target_code
== NULL
) {
1871 LOG_ERROR("Out of memory");
1875 target_buffer_set_u32_array(target
, target_code
, target_code_size
/ 4, target_code_src
);
1877 /* allocate working area */
1878 retval
= target_alloc_working_area(target
, target_code_size
,
1880 if (retval
!= ERROR_OK
) {
1885 /* write algorithm code to working area */
1886 retval
= target_write_buffer(target
, write_algorithm
->address
,
1887 target_code_size
, target_code
);
1888 if (retval
!= ERROR_OK
) {
1895 /* the following code still assumes target code is fixed 24*4 bytes */
1897 while (target_alloc_working_area_try(target
, buffer_size
, &source
) != ERROR_OK
) {
1899 if (buffer_size
<= 256) {
1900 /* we already allocated the writing code, but failed to get a
1901 * buffer, free the algorithm */
1902 target_free_working_area(target
, write_algorithm
);
1905 "not enough working area available, can't do block memory writes");
1906 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1910 init_reg_param(®_params
[0], "r0", 32, PARAM_OUT
);
1911 init_reg_param(®_params
[1], "r1", 32, PARAM_OUT
);
1912 init_reg_param(®_params
[2], "r2", 32, PARAM_OUT
);
1913 init_reg_param(®_params
[3], "r3", 32, PARAM_OUT
);
1914 init_reg_param(®_params
[4], "r4", 32, PARAM_OUT
);
1915 init_reg_param(®_params
[5], "r5", 32, PARAM_IN
);
1916 init_reg_param(®_params
[6], "r8", 32, PARAM_OUT
);
1917 init_reg_param(®_params
[7], "r9", 32, PARAM_OUT
);
1918 init_reg_param(®_params
[8], "r10", 32, PARAM_OUT
);
1919 init_reg_param(®_params
[9], "r11", 32, PARAM_OUT
);
1922 uint32_t thisrun_count
= (count
> buffer_size
) ? buffer_size
: count
;
1924 retval
= target_write_buffer(target
, source
->address
, thisrun_count
, buffer
);
1925 if (retval
!= ERROR_OK
)
1928 buf_set_u32(reg_params
[0].value
, 0, 32, source
->address
);
1929 buf_set_u32(reg_params
[1].value
, 0, 32, address
);
1930 buf_set_u32(reg_params
[2].value
, 0, 32, thisrun_count
/ bank
->bus_width
);
1931 buf_set_u32(reg_params
[3].value
, 0, 32, cfi_command_val(bank
, 0xA0));
1932 buf_set_u32(reg_params
[4].value
, 0, 32, cfi_command_val(bank
, 0x80));
1933 buf_set_u32(reg_params
[6].value
, 0, 32, cfi_flash_address(bank
, 0, pri_ext
->_unlock1
));
1934 buf_set_u32(reg_params
[7].value
, 0, 32, 0xaaaaaaaa);
1935 buf_set_u32(reg_params
[8].value
, 0, 32, cfi_flash_address(bank
, 0, pri_ext
->_unlock2
));
1936 buf_set_u32(reg_params
[9].value
, 0, 32, 0x55555555);
1938 retval
= target_run_algorithm(target
, 0, NULL
, 10, reg_params
,
1939 write_algorithm
->address
,
1940 write_algorithm
->address
+ ((target_code_size
) - 4),
1942 if (retval
!= ERROR_OK
)
1945 status
= buf_get_u32(reg_params
[5].value
, 0, 32);
1946 if (status
!= 0x80) {
1947 LOG_ERROR("flash write block failed status: 0x%" PRIx32
, status
);
1948 retval
= ERROR_FLASH_OPERATION_FAILED
;
1952 buffer
+= thisrun_count
;
1953 address
+= thisrun_count
;
1954 count
-= thisrun_count
;
1957 target_free_all_working_areas(target
);
1959 destroy_reg_param(®_params
[0]);
1960 destroy_reg_param(®_params
[1]);
1961 destroy_reg_param(®_params
[2]);
1962 destroy_reg_param(®_params
[3]);
1963 destroy_reg_param(®_params
[4]);
1964 destroy_reg_param(®_params
[5]);
1965 destroy_reg_param(®_params
[6]);
1966 destroy_reg_param(®_params
[7]);
1967 destroy_reg_param(®_params
[8]);
1968 destroy_reg_param(®_params
[9]);
1973 static int cfi_intel_write_word(struct flash_bank
*bank
, uint8_t *word
, uint32_t address
)
1976 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
1978 cfi_intel_clear_status_register(bank
);
1979 retval
= cfi_send_command(bank
, 0x40, address
);
1980 if (retval
!= ERROR_OK
)
1983 retval
= cfi_target_write_memory(bank
, address
, 1, word
);
1984 if (retval
!= ERROR_OK
)
1988 retval
= cfi_intel_wait_status_busy(bank
, cfi_info
->word_write_timeout
, &status
);
1989 if (retval
!= ERROR_OK
)
1991 if (status
!= 0x80) {
1992 retval
= cfi_send_command(bank
, 0xff, cfi_flash_address(bank
, 0, 0x0));
1993 if (retval
!= ERROR_OK
)
1996 LOG_ERROR("couldn't write word at base " TARGET_ADDR_FMT
1997 ", address 0x%" PRIx32
,
1998 bank
->base
, address
);
1999 return ERROR_FLASH_OPERATION_FAILED
;
2005 static int cfi_intel_write_words(struct flash_bank
*bank
, const uint8_t *word
,
2006 uint32_t wordcount
, uint32_t address
)
2009 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2011 /* Calculate buffer size and boundary mask
2012 * buffersize is (buffer size per chip) * (number of chips)
2013 * bufferwsize is buffersize in words */
2014 uint32_t buffersize
=
2015 (1UL << cfi_info
->max_buf_write_size
) * (bank
->bus_width
/ bank
->chip_width
);
2016 uint32_t buffermask
= buffersize
-1;
2017 uint32_t bufferwsize
= buffersize
/ bank
->bus_width
;
2019 /* Check for valid range */
2020 if (address
& buffermask
) {
2021 LOG_ERROR("Write address at base " TARGET_ADDR_FMT
", address 0x%"
2022 PRIx32
" not aligned to 2^%d boundary",
2023 bank
->base
, address
, cfi_info
->max_buf_write_size
);
2024 return ERROR_FLASH_OPERATION_FAILED
;
2027 /* Check for valid size */
2028 if (wordcount
> bufferwsize
) {
2029 LOG_ERROR("Number of data words %" PRIu32
" exceeds available buffersize %" PRIu32
,
2030 wordcount
, buffersize
);
2031 return ERROR_FLASH_OPERATION_FAILED
;
2034 /* Write to flash buffer */
2035 cfi_intel_clear_status_register(bank
);
2037 /* Initiate buffer operation _*/
2038 retval
= cfi_send_command(bank
, 0xe8, address
);
2039 if (retval
!= ERROR_OK
)
2042 retval
= cfi_intel_wait_status_busy(bank
, cfi_info
->buf_write_timeout
, &status
);
2043 if (retval
!= ERROR_OK
)
2045 if (status
!= 0x80) {
2046 retval
= cfi_send_command(bank
, 0xff, cfi_flash_address(bank
, 0, 0x0));
2047 if (retval
!= ERROR_OK
)
2051 "couldn't start buffer write operation at base " TARGET_ADDR_FMT
2052 ", address 0x%" PRIx32
,
2055 return ERROR_FLASH_OPERATION_FAILED
;
2058 /* Write buffer wordcount-1 and data words */
2059 retval
= cfi_send_command(bank
, bufferwsize
-1, address
);
2060 if (retval
!= ERROR_OK
)
2063 retval
= cfi_target_write_memory(bank
, address
, bufferwsize
, word
);
2064 if (retval
!= ERROR_OK
)
2067 /* Commit write operation */
2068 retval
= cfi_send_command(bank
, 0xd0, address
);
2069 if (retval
!= ERROR_OK
)
2072 retval
= cfi_intel_wait_status_busy(bank
, cfi_info
->buf_write_timeout
, &status
);
2073 if (retval
!= ERROR_OK
)
2076 if (status
!= 0x80) {
2077 retval
= cfi_send_command(bank
, 0xff, cfi_flash_address(bank
, 0, 0x0));
2078 if (retval
!= ERROR_OK
)
2081 LOG_ERROR("Buffer write at base " TARGET_ADDR_FMT
2082 ", address 0x%" PRIx32
" failed.", bank
->base
, address
);
2083 return ERROR_FLASH_OPERATION_FAILED
;
2089 static int cfi_spansion_write_word(struct flash_bank
*bank
, uint8_t *word
, uint32_t address
)
2092 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2093 struct cfi_spansion_pri_ext
*pri_ext
= cfi_info
->pri_ext
;
2095 retval
= cfi_spansion_unlock_seq(bank
);
2096 if (retval
!= ERROR_OK
)
2099 retval
= cfi_send_command(bank
, 0xa0, cfi_flash_address(bank
, 0, pri_ext
->_unlock1
));
2100 if (retval
!= ERROR_OK
)
2103 retval
= cfi_target_write_memory(bank
, address
, 1, word
);
2104 if (retval
!= ERROR_OK
)
2107 if (cfi_spansion_wait_status_busy(bank
, cfi_info
->word_write_timeout
) != ERROR_OK
) {
2108 retval
= cfi_send_command(bank
, 0xf0, cfi_flash_address(bank
, 0, 0x0));
2109 if (retval
!= ERROR_OK
)
2112 LOG_ERROR("couldn't write word at base " TARGET_ADDR_FMT
2113 ", address 0x%" PRIx32
, bank
->base
, address
);
2114 return ERROR_FLASH_OPERATION_FAILED
;
2120 static int cfi_spansion_write_words(struct flash_bank
*bank
, const uint8_t *word
,
2121 uint32_t wordcount
, uint32_t address
)
2124 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2126 /* Calculate buffer size and boundary mask
2127 * buffersize is (buffer size per chip) * (number of chips)
2128 * bufferwsize is buffersize in words */
2129 uint32_t buffersize
=
2130 (1UL << cfi_info
->max_buf_write_size
) * (bank
->bus_width
/ bank
->chip_width
);
2131 uint32_t buffermask
= buffersize
-1;
2132 uint32_t bufferwsize
= buffersize
/ bank
->bus_width
;
2134 /* Check for valid range */
2135 if (address
& buffermask
) {
2136 LOG_ERROR("Write address at base " TARGET_ADDR_FMT
2137 ", address 0x%" PRIx32
" not aligned to 2^%d boundary",
2138 bank
->base
, address
, cfi_info
->max_buf_write_size
);
2139 return ERROR_FLASH_OPERATION_FAILED
;
2142 /* Check for valid size */
2143 if (wordcount
> bufferwsize
) {
2144 LOG_ERROR("Number of data words %" PRIu32
" exceeds available buffersize %"
2145 PRIu32
, wordcount
, buffersize
);
2146 return ERROR_FLASH_OPERATION_FAILED
;
2150 retval
= cfi_spansion_unlock_seq(bank
);
2151 if (retval
!= ERROR_OK
)
2154 /* Buffer load command */
2155 retval
= cfi_send_command(bank
, 0x25, address
);
2156 if (retval
!= ERROR_OK
)
2159 /* Write buffer wordcount-1 and data words */
2160 retval
= cfi_send_command(bank
, bufferwsize
-1, address
);
2161 if (retval
!= ERROR_OK
)
2164 retval
= cfi_target_write_memory(bank
, address
, bufferwsize
, word
);
2165 if (retval
!= ERROR_OK
)
2168 /* Commit write operation */
2169 retval
= cfi_send_command(bank
, 0x29, address
);
2170 if (retval
!= ERROR_OK
)
2173 if (cfi_spansion_wait_status_busy(bank
, cfi_info
->buf_write_timeout
) != ERROR_OK
) {
2174 retval
= cfi_send_command(bank
, 0xf0, cfi_flash_address(bank
, 0, 0x0));
2175 if (retval
!= ERROR_OK
)
2178 LOG_ERROR("couldn't write block at base " TARGET_ADDR_FMT
2179 ", address 0x%" PRIx32
", size 0x%" PRIx32
, bank
->base
, address
,
2181 return ERROR_FLASH_OPERATION_FAILED
;
2187 int cfi_write_word(struct flash_bank
*bank
, uint8_t *word
, uint32_t address
)
2189 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2191 switch (cfi_info
->pri_id
) {
2194 return cfi_intel_write_word(bank
, word
, address
);
2196 return cfi_spansion_write_word(bank
, word
, address
);
2198 LOG_ERROR("cfi primary command set %i unsupported", cfi_info
->pri_id
);
2202 return ERROR_FLASH_OPERATION_FAILED
;
2205 static int cfi_write_words(struct flash_bank
*bank
, const uint8_t *word
,
2206 uint32_t wordcount
, uint32_t address
)
2208 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2210 if (cfi_info
->buf_write_timeout_typ
== 0) {
2211 /* buffer writes are not supported */
2212 LOG_DEBUG("Buffer Writes Not Supported");
2213 return ERROR_FLASH_OPER_UNSUPPORTED
;
2216 switch (cfi_info
->pri_id
) {
2219 return cfi_intel_write_words(bank
, word
, wordcount
, address
);
2221 return cfi_spansion_write_words(bank
, word
, wordcount
, address
);
2223 LOG_ERROR("cfi primary command set %i unsupported", cfi_info
->pri_id
);
2227 return ERROR_FLASH_OPERATION_FAILED
;
2230 static int cfi_read(struct flash_bank
*bank
, uint8_t *buffer
, uint32_t offset
, uint32_t count
)
2232 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2233 uint32_t address
= bank
->base
+ offset
;
2235 int align
; /* number of unaligned bytes */
2236 uint8_t current_word
[CFI_MAX_BUS_WIDTH
];
2239 LOG_DEBUG("reading buffer of %i byte at 0x%8.8x",
2240 (int)count
, (unsigned)offset
);
2242 if (bank
->target
->state
!= TARGET_HALTED
) {
2243 LOG_ERROR("Target not halted");
2244 return ERROR_TARGET_NOT_HALTED
;
2247 if (offset
+ count
> bank
->size
)
2248 return ERROR_FLASH_DST_OUT_OF_BANK
;
2250 if (cfi_info
->qry
[0] != 'Q')
2251 return ERROR_FLASH_BANK_NOT_PROBED
;
2253 /* start at the first byte of the first word (bus_width size) */
2254 read_p
= address
& ~(bank
->bus_width
- 1);
2255 align
= address
- read_p
;
2257 LOG_INFO("Fixup %d unaligned read head bytes", align
);
2259 /* read a complete word from flash */
2260 retval
= cfi_target_read_memory(bank
, read_p
, 1, current_word
);
2261 if (retval
!= ERROR_OK
)
2264 /* take only bytes we need */
2265 for (unsigned int i
= align
; (i
< bank
->bus_width
) && (count
> 0); i
++, count
--)
2266 *buffer
++ = current_word
[i
];
2268 read_p
+= bank
->bus_width
;
2271 align
= count
/ bank
->bus_width
;
2273 retval
= cfi_target_read_memory(bank
, read_p
, align
, buffer
);
2274 if (retval
!= ERROR_OK
)
2277 read_p
+= align
* bank
->bus_width
;
2278 buffer
+= align
* bank
->bus_width
;
2279 count
-= align
* bank
->bus_width
;
2283 LOG_INFO("Fixup %" PRIu32
" unaligned read tail bytes", count
);
2285 /* read a complete word from flash */
2286 retval
= cfi_target_read_memory(bank
, read_p
, 1, current_word
);
2287 if (retval
!= ERROR_OK
)
2290 /* take only bytes we need */
2291 for (unsigned int i
= 0; (i
< bank
->bus_width
) && (count
> 0); i
++, count
--)
2292 *buffer
++ = current_word
[i
];
2298 static int cfi_write(struct flash_bank
*bank
, const uint8_t *buffer
, uint32_t offset
, uint32_t count
)
2300 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2301 uint32_t address
= bank
->base
+ offset
; /* address of first byte to be programmed */
2303 int align
; /* number of unaligned bytes */
2304 int blk_count
; /* number of bus_width bytes for block copy */
2305 uint8_t current_word
[CFI_MAX_BUS_WIDTH
* 4]; /* word (bus_width size) currently being
2307 uint8_t *swapped_buffer
= NULL
;
2308 const uint8_t *real_buffer
= NULL
;
2311 if (bank
->target
->state
!= TARGET_HALTED
) {
2312 LOG_ERROR("Target not halted");
2313 return ERROR_TARGET_NOT_HALTED
;
2316 if (offset
+ count
> bank
->size
)
2317 return ERROR_FLASH_DST_OUT_OF_BANK
;
2319 if (cfi_info
->qry
[0] != 'Q')
2320 return ERROR_FLASH_BANK_NOT_PROBED
;
2322 /* start at the first byte of the first word (bus_width size) */
2323 write_p
= address
& ~(bank
->bus_width
- 1);
2324 align
= address
- write_p
;
2326 LOG_INFO("Fixup %d unaligned head bytes", align
);
2328 /* read a complete word from flash */
2329 retval
= cfi_target_read_memory(bank
, write_p
, 1, current_word
);
2330 if (retval
!= ERROR_OK
)
2333 /* replace only bytes that must be written */
2334 for (unsigned int i
= align
; (i
< bank
->bus_width
) && (count
> 0); i
++, count
--)
2335 if (cfi_info
->data_swap
)
2336 /* data bytes are swapped (reverse endianness) */
2337 current_word
[bank
->bus_width
- i
] = *buffer
++;
2339 current_word
[i
] = *buffer
++;
2341 retval
= cfi_write_word(bank
, current_word
, write_p
);
2342 if (retval
!= ERROR_OK
)
2344 write_p
+= bank
->bus_width
;
2347 if (cfi_info
->data_swap
&& count
) {
2348 swapped_buffer
= malloc(count
& ~(bank
->bus_width
- 1));
2349 switch (bank
->bus_width
) {
2351 buf_bswap16(swapped_buffer
, buffer
,
2352 count
& ~(bank
->bus_width
- 1));
2355 buf_bswap32(swapped_buffer
, buffer
,
2356 count
& ~(bank
->bus_width
- 1));
2359 real_buffer
= buffer
;
2360 buffer
= swapped_buffer
;
2363 /* handle blocks of bus_size aligned bytes */
2364 blk_count
= count
& ~(bank
->bus_width
- 1); /* round down, leave tail bytes */
2365 switch (cfi_info
->pri_id
) {
2366 /* try block writes (fails without working area) */
2369 retval
= cfi_intel_write_block(bank
, buffer
, write_p
, blk_count
);
2372 retval
= cfi_spansion_write_block(bank
, buffer
, write_p
, blk_count
);
2375 LOG_ERROR("cfi primary command set %i unsupported", cfi_info
->pri_id
);
2376 retval
= ERROR_FLASH_OPERATION_FAILED
;
2379 if (retval
== ERROR_OK
) {
2380 /* Increment pointers and decrease count on successful block write */
2381 buffer
+= blk_count
;
2382 write_p
+= blk_count
;
2385 if (retval
== ERROR_TARGET_RESOURCE_NOT_AVAILABLE
) {
2386 /* Calculate buffer size and boundary mask
2387 * buffersize is (buffer size per chip) * (number of chips)
2388 * bufferwsize is buffersize in words */
2389 uint32_t buffersize
=
2391 cfi_info
->max_buf_write_size
) *
2392 (bank
->bus_width
/ bank
->chip_width
);
2393 uint32_t buffermask
= buffersize
-1;
2394 uint32_t bufferwsize
= buffersize
/ bank
->bus_width
;
2396 /* fall back to memory writes */
2397 while (count
>= (uint32_t)bank
->bus_width
) {
2399 if ((write_p
& 0xff) == 0) {
2400 LOG_INFO("Programming at 0x%08" PRIx32
", count 0x%08"
2401 PRIx32
" bytes remaining", write_p
, count
);
2404 if ((bufferwsize
> 0) && (count
>= buffersize
) &&
2405 !(write_p
& buffermask
)) {
2406 retval
= cfi_write_words(bank
, buffer
, bufferwsize
, write_p
);
2407 if (retval
== ERROR_OK
) {
2408 buffer
+= buffersize
;
2409 write_p
+= buffersize
;
2410 count
-= buffersize
;
2412 } else if (retval
!= ERROR_FLASH_OPER_UNSUPPORTED
)
2415 /* try the slow way? */
2417 for (unsigned int i
= 0; i
< bank
->bus_width
; i
++)
2418 current_word
[i
] = *buffer
++;
2420 retval
= cfi_write_word(bank
, current_word
, write_p
);
2421 if (retval
!= ERROR_OK
)
2424 write_p
+= bank
->bus_width
;
2425 count
-= bank
->bus_width
;
2432 if (swapped_buffer
) {
2433 buffer
= real_buffer
+ (buffer
- swapped_buffer
);
2434 free(swapped_buffer
);
2437 /* return to read array mode, so we can read from flash again for padding */
2438 retval
= cfi_reset(bank
);
2439 if (retval
!= ERROR_OK
)
2442 /* handle unaligned tail bytes */
2444 LOG_INFO("Fixup %" PRIu32
" unaligned tail bytes", count
);
2446 /* read a complete word from flash */
2447 retval
= cfi_target_read_memory(bank
, write_p
, 1, current_word
);
2448 if (retval
!= ERROR_OK
)
2451 /* replace only bytes that must be written */
2452 for (unsigned int i
= 0; (i
< bank
->bus_width
) && (count
> 0); i
++, count
--)
2453 if (cfi_info
->data_swap
)
2454 /* data bytes are swapped (reverse endianness) */
2455 current_word
[bank
->bus_width
- i
] = *buffer
++;
2457 current_word
[i
] = *buffer
++;
2459 retval
= cfi_write_word(bank
, current_word
, write_p
);
2460 if (retval
!= ERROR_OK
)
2464 /* return to read array mode */
2465 return cfi_reset(bank
);
2468 static void cfi_fixup_reversed_erase_regions(struct flash_bank
*bank
, const void *param
)
2471 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2472 struct cfi_spansion_pri_ext
*pri_ext
= cfi_info
->pri_ext
;
2474 pri_ext
->_reversed_geometry
= 1;
2477 static void cfi_fixup_0002_erase_regions(struct flash_bank
*bank
, const void *param
)
2479 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2480 struct cfi_spansion_pri_ext
*pri_ext
= cfi_info
->pri_ext
;
2483 if ((pri_ext
->_reversed_geometry
) || (pri_ext
->TopBottom
== 3)) {
2484 LOG_DEBUG("swapping reversed erase region information on cmdset 0002 device");
2486 for (unsigned int i
= 0; i
< cfi_info
->num_erase_regions
/ 2; i
++) {
2487 int j
= (cfi_info
->num_erase_regions
- 1) - i
;
2490 swap
= cfi_info
->erase_region_info
[i
];
2491 cfi_info
->erase_region_info
[i
] = cfi_info
->erase_region_info
[j
];
2492 cfi_info
->erase_region_info
[j
] = swap
;
2497 static void cfi_fixup_0002_unlock_addresses(struct flash_bank
*bank
, const void *param
)
2499 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2500 struct cfi_spansion_pri_ext
*pri_ext
= cfi_info
->pri_ext
;
2501 const struct cfi_unlock_addresses
*unlock_addresses
= param
;
2503 pri_ext
->_unlock1
= unlock_addresses
->unlock1
;
2504 pri_ext
->_unlock2
= unlock_addresses
->unlock2
;
2507 static void cfi_fixup_0002_polling_bits(struct flash_bank
*bank
, const void *param
)
2509 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2510 const int *status_poll_mask
= param
;
2512 cfi_info
->status_poll_mask
= *status_poll_mask
;
2516 static int cfi_query_string(struct flash_bank
*bank
, int address
)
2518 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2521 retval
= cfi_send_command(bank
, 0x98, cfi_flash_address(bank
, 0, address
));
2522 if (retval
!= ERROR_OK
)
2525 retval
= cfi_query_u8(bank
, 0, 0x10, &cfi_info
->qry
[0]);
2526 if (retval
!= ERROR_OK
)
2528 retval
= cfi_query_u8(bank
, 0, 0x11, &cfi_info
->qry
[1]);
2529 if (retval
!= ERROR_OK
)
2531 retval
= cfi_query_u8(bank
, 0, 0x12, &cfi_info
->qry
[2]);
2532 if (retval
!= ERROR_OK
)
2535 LOG_DEBUG("CFI qry returned: 0x%2.2x 0x%2.2x 0x%2.2x",
2536 cfi_info
->qry
[0], cfi_info
->qry
[1], cfi_info
->qry
[2]);
2538 if ((cfi_info
->qry
[0] != 'Q') || (cfi_info
->qry
[1] != 'R') || (cfi_info
->qry
[2] != 'Y')) {
2539 retval
= cfi_reset(bank
);
2540 if (retval
!= ERROR_OK
)
2542 LOG_ERROR("Could not probe bank: no QRY");
2543 return ERROR_FLASH_BANK_INVALID
;
2549 int cfi_probe(struct flash_bank
*bank
)
2551 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2552 struct target
*target
= bank
->target
;
2553 unsigned int num_sectors
= 0;
2555 uint32_t unlock1
= 0x555;
2556 uint32_t unlock2
= 0x2aa;
2558 uint8_t value_buf0
[CFI_MAX_BUS_WIDTH
], value_buf1
[CFI_MAX_BUS_WIDTH
];
2560 if (bank
->target
->state
!= TARGET_HALTED
) {
2561 LOG_ERROR("Target not halted");
2562 return ERROR_TARGET_NOT_HALTED
;
2565 cfi_info
->probed
= false;
2566 cfi_info
->num_erase_regions
= 0;
2568 free(bank
->sectors
);
2569 bank
->sectors
= NULL
;
2571 free(cfi_info
->erase_region_info
);
2572 cfi_info
->erase_region_info
= NULL
;
2574 /* JEDEC standard JESD21C uses 0x5555 and 0x2aaa as unlock addresses,
2575 * while CFI compatible AMD/Spansion flashes use 0x555 and 0x2aa
2577 if (cfi_info
->jedec_probe
) {
2582 /* switch to read identifier codes mode ("AUTOSELECT") */
2583 retval
= cfi_send_command(bank
, 0xaa, cfi_flash_address(bank
, 0, unlock1
));
2584 if (retval
!= ERROR_OK
)
2586 retval
= cfi_send_command(bank
, 0x55, cfi_flash_address(bank
, 0, unlock2
));
2587 if (retval
!= ERROR_OK
)
2589 retval
= cfi_send_command(bank
, 0x90, cfi_flash_address(bank
, 0, unlock1
));
2590 if (retval
!= ERROR_OK
)
2593 retval
= cfi_target_read_memory(bank
, cfi_flash_address(bank
, 0, 0x00),
2595 if (retval
!= ERROR_OK
)
2597 retval
= cfi_target_read_memory(bank
, cfi_flash_address(bank
, 0, 0x01),
2599 if (retval
!= ERROR_OK
)
2601 switch (bank
->chip_width
) {
2603 cfi_info
->manufacturer
= *value_buf0
;
2604 cfi_info
->device_id
= *value_buf1
;
2607 cfi_info
->manufacturer
= target_buffer_get_u16(target
, value_buf0
);
2608 cfi_info
->device_id
= target_buffer_get_u16(target
, value_buf1
);
2611 cfi_info
->manufacturer
= target_buffer_get_u32(target
, value_buf0
);
2612 cfi_info
->device_id
= target_buffer_get_u32(target
, value_buf1
);
2615 LOG_ERROR("Unsupported bank chipwidth %u, can't probe memory",
2617 return ERROR_FLASH_OPERATION_FAILED
;
2620 LOG_INFO("Flash Manufacturer/Device: 0x%04x 0x%04x",
2621 cfi_info
->manufacturer
, cfi_info
->device_id
);
2622 /* switch back to read array mode */
2623 retval
= cfi_reset(bank
);
2624 if (retval
!= ERROR_OK
)
2627 /* check device/manufacturer ID for known non-CFI flashes. */
2628 cfi_fixup_non_cfi(bank
);
2630 /* query only if this is a CFI compatible flash,
2631 * otherwise the relevant info has already been filled in
2633 if (!cfi_info
->not_cfi
) {
2634 /* enter CFI query mode
2635 * according to JEDEC Standard No. 68.01,
2636 * a single bus sequence with address = 0x55, data = 0x98 should put
2637 * the device into CFI query mode.
2639 * SST flashes clearly violate this, and we will consider them incompatible for now
2642 retval
= cfi_query_string(bank
, 0x55);
2643 if (retval
!= ERROR_OK
) {
2645 * Spansion S29WS-N CFI query fix is to try 0x555 if 0x55 fails. Should
2646 * be harmless enough:
2648 * http://www.infradead.org/pipermail/linux-mtd/2005-September/013618.html
2650 LOG_USER("Try workaround w/0x555 instead of 0x55 to get QRY.");
2651 retval
= cfi_query_string(bank
, 0x555);
2653 if (retval
!= ERROR_OK
)
2656 retval
= cfi_query_u16(bank
, 0, 0x13, &cfi_info
->pri_id
);
2657 if (retval
!= ERROR_OK
)
2659 retval
= cfi_query_u16(bank
, 0, 0x15, &cfi_info
->pri_addr
);
2660 if (retval
!= ERROR_OK
)
2662 retval
= cfi_query_u16(bank
, 0, 0x17, &cfi_info
->alt_id
);
2663 if (retval
!= ERROR_OK
)
2665 retval
= cfi_query_u16(bank
, 0, 0x19, &cfi_info
->alt_addr
);
2666 if (retval
!= ERROR_OK
)
2669 LOG_DEBUG("qry: '%c%c%c', pri_id: 0x%4.4x, pri_addr: 0x%4.4x, alt_id: "
2670 "0x%4.4x, alt_addr: 0x%4.4x", cfi_info
->qry
[0], cfi_info
->qry
[1],
2671 cfi_info
->qry
[2], cfi_info
->pri_id
, cfi_info
->pri_addr
,
2672 cfi_info
->alt_id
, cfi_info
->alt_addr
);
2674 retval
= cfi_query_u8(bank
, 0, 0x1b, &cfi_info
->vcc_min
);
2675 if (retval
!= ERROR_OK
)
2677 retval
= cfi_query_u8(bank
, 0, 0x1c, &cfi_info
->vcc_max
);
2678 if (retval
!= ERROR_OK
)
2680 retval
= cfi_query_u8(bank
, 0, 0x1d, &cfi_info
->vpp_min
);
2681 if (retval
!= ERROR_OK
)
2683 retval
= cfi_query_u8(bank
, 0, 0x1e, &cfi_info
->vpp_max
);
2684 if (retval
!= ERROR_OK
)
2687 retval
= cfi_query_u8(bank
, 0, 0x1f, &cfi_info
->word_write_timeout_typ
);
2688 if (retval
!= ERROR_OK
)
2690 retval
= cfi_query_u8(bank
, 0, 0x20, &cfi_info
->buf_write_timeout_typ
);
2691 if (retval
!= ERROR_OK
)
2693 retval
= cfi_query_u8(bank
, 0, 0x21, &cfi_info
->block_erase_timeout_typ
);
2694 if (retval
!= ERROR_OK
)
2696 retval
= cfi_query_u8(bank
, 0, 0x22, &cfi_info
->chip_erase_timeout_typ
);
2697 if (retval
!= ERROR_OK
)
2699 retval
= cfi_query_u8(bank
, 0, 0x23, &cfi_info
->word_write_timeout_max
);
2700 if (retval
!= ERROR_OK
)
2702 retval
= cfi_query_u8(bank
, 0, 0x24, &cfi_info
->buf_write_timeout_max
);
2703 if (retval
!= ERROR_OK
)
2705 retval
= cfi_query_u8(bank
, 0, 0x25, &cfi_info
->block_erase_timeout_max
);
2706 if (retval
!= ERROR_OK
)
2708 retval
= cfi_query_u8(bank
, 0, 0x26, &cfi_info
->chip_erase_timeout_max
);
2709 if (retval
!= ERROR_OK
)
2713 retval
= cfi_query_u8(bank
, 0, 0x27, &data
);
2714 if (retval
!= ERROR_OK
)
2716 cfi_info
->dev_size
= 1 << data
;
2718 retval
= cfi_query_u16(bank
, 0, 0x28, &cfi_info
->interface_desc
);
2719 if (retval
!= ERROR_OK
)
2721 retval
= cfi_query_u16(bank
, 0, 0x2a, &cfi_info
->max_buf_write_size
);
2722 if (retval
!= ERROR_OK
)
2724 retval
= cfi_query_u8(bank
, 0, 0x2c, &cfi_info
->num_erase_regions
);
2725 if (retval
!= ERROR_OK
)
2728 LOG_DEBUG("size: 0x%" PRIx32
", interface desc: %i, max buffer write size: 0x%x",
2729 cfi_info
->dev_size
, cfi_info
->interface_desc
,
2730 (1 << cfi_info
->max_buf_write_size
));
2732 if (cfi_info
->num_erase_regions
) {
2733 cfi_info
->erase_region_info
= malloc(sizeof(*cfi_info
->erase_region_info
)
2734 * cfi_info
->num_erase_regions
);
2735 for (unsigned int i
= 0; i
< cfi_info
->num_erase_regions
; i
++) {
2736 retval
= cfi_query_u32(bank
,
2739 &cfi_info
->erase_region_info
[i
]);
2740 if (retval
!= ERROR_OK
)
2743 "erase region[%i]: %" PRIu32
" blocks of size 0x%" PRIx32
"",
2745 (cfi_info
->erase_region_info
[i
] & 0xffff) + 1,
2746 (cfi_info
->erase_region_info
[i
] >> 16) * 256);
2749 cfi_info
->erase_region_info
= NULL
;
2751 /* We need to read the primary algorithm extended query table before calculating
2752 * the sector layout to be able to apply fixups
2754 switch (cfi_info
->pri_id
) {
2755 /* Intel command set (standard and extended) */
2758 cfi_read_intel_pri_ext(bank
);
2760 /* AMD/Spansion, Atmel, ... command set */
2762 cfi_info
->status_poll_mask
= CFI_STATUS_POLL_MASK_DQ5_DQ6_DQ7
; /*
2769 cfi_read_0002_pri_ext(bank
);
2772 LOG_ERROR("cfi primary command set %i unsupported", cfi_info
->pri_id
);
2776 /* return to read array mode
2777 * we use both reset commands, as some Intel flashes fail to recognize the 0xF0 command
2779 retval
= cfi_reset(bank
);
2780 if (retval
!= ERROR_OK
)
2782 } /* end CFI case */
2784 LOG_DEBUG("Vcc min: %x.%x, Vcc max: %x.%x, Vpp min: %u.%x, Vpp max: %u.%x",
2785 (cfi_info
->vcc_min
& 0xf0) >> 4, cfi_info
->vcc_min
& 0x0f,
2786 (cfi_info
->vcc_max
& 0xf0) >> 4, cfi_info
->vcc_max
& 0x0f,
2787 (cfi_info
->vpp_min
& 0xf0) >> 4, cfi_info
->vpp_min
& 0x0f,
2788 (cfi_info
->vpp_max
& 0xf0) >> 4, cfi_info
->vpp_max
& 0x0f);
2790 LOG_DEBUG("typ. word write timeout: %u us, typ. buf write timeout: %u us, "
2791 "typ. block erase timeout: %u ms, typ. chip erase timeout: %u ms",
2792 1 << cfi_info
->word_write_timeout_typ
, 1 << cfi_info
->buf_write_timeout_typ
,
2793 1 << cfi_info
->block_erase_timeout_typ
, 1 << cfi_info
->chip_erase_timeout_typ
);
2795 LOG_DEBUG("max. word write timeout: %u us, max. buf write timeout: %u us, "
2796 "max. block erase timeout: %u ms, max. chip erase timeout: %u ms",
2797 (1 << cfi_info
->word_write_timeout_max
) * (1 << cfi_info
->word_write_timeout_typ
),
2798 (1 << cfi_info
->buf_write_timeout_max
) * (1 << cfi_info
->buf_write_timeout_typ
),
2799 (1 << cfi_info
->block_erase_timeout_max
) * (1 << cfi_info
->block_erase_timeout_typ
),
2800 (1 << cfi_info
->chip_erase_timeout_max
) * (1 << cfi_info
->chip_erase_timeout_typ
));
2802 /* convert timeouts to real values in ms */
2803 cfi_info
->word_write_timeout
= DIV_ROUND_UP((1L << cfi_info
->word_write_timeout_typ
) *
2804 (1L << cfi_info
->word_write_timeout_max
), 1000);
2805 cfi_info
->buf_write_timeout
= DIV_ROUND_UP((1L << cfi_info
->buf_write_timeout_typ
) *
2806 (1L << cfi_info
->buf_write_timeout_max
), 1000);
2807 cfi_info
->block_erase_timeout
= (1L << cfi_info
->block_erase_timeout_typ
) *
2808 (1L << cfi_info
->block_erase_timeout_max
);
2809 cfi_info
->chip_erase_timeout
= (1L << cfi_info
->chip_erase_timeout_typ
) *
2810 (1L << cfi_info
->chip_erase_timeout_max
);
2812 LOG_DEBUG("calculated word write timeout: %u ms, buf write timeout: %u ms, "
2813 "block erase timeout: %u ms, chip erase timeout: %u ms",
2814 cfi_info
->word_write_timeout
, cfi_info
->buf_write_timeout
,
2815 cfi_info
->block_erase_timeout
, cfi_info
->chip_erase_timeout
);
2817 /* apply fixups depending on the primary command set */
2818 switch (cfi_info
->pri_id
) {
2819 /* Intel command set (standard and extended) */
2822 cfi_fixup(bank
, cfi_0001_fixups
);
2824 /* AMD/Spansion, Atmel, ... command set */
2826 cfi_fixup(bank
, cfi_0002_fixups
);
2829 LOG_ERROR("cfi primary command set %i unsupported", cfi_info
->pri_id
);
2833 if ((cfi_info
->dev_size
* bank
->bus_width
/ bank
->chip_width
) != bank
->size
) {
2834 LOG_WARNING("configuration specifies 0x%" PRIx32
" size, but a 0x%" PRIx32
2835 " size flash was found", bank
->size
, cfi_info
->dev_size
);
2838 if (cfi_info
->num_erase_regions
== 0) {
2839 /* a device might have only one erase block, spanning the whole device */
2840 bank
->num_sectors
= 1;
2841 bank
->sectors
= malloc(sizeof(struct flash_sector
));
2843 bank
->sectors
[sector
].offset
= 0x0;
2844 bank
->sectors
[sector
].size
= bank
->size
;
2845 bank
->sectors
[sector
].is_erased
= -1;
2846 bank
->sectors
[sector
].is_protected
= -1;
2848 uint32_t offset
= 0;
2850 for (unsigned int i
= 0; i
< cfi_info
->num_erase_regions
; i
++)
2851 num_sectors
+= (cfi_info
->erase_region_info
[i
] & 0xffff) + 1;
2853 bank
->num_sectors
= num_sectors
;
2854 bank
->sectors
= malloc(sizeof(struct flash_sector
) * num_sectors
);
2856 for (unsigned int i
= 0; i
< cfi_info
->num_erase_regions
; i
++) {
2857 for (uint32_t j
= 0; j
< (cfi_info
->erase_region_info
[i
] & 0xffff) + 1; j
++) {
2858 bank
->sectors
[sector
].offset
= offset
;
2859 bank
->sectors
[sector
].size
=
2860 ((cfi_info
->erase_region_info
[i
] >> 16) * 256)
2861 * bank
->bus_width
/ bank
->chip_width
;
2862 offset
+= bank
->sectors
[sector
].size
;
2863 bank
->sectors
[sector
].is_erased
= -1;
2864 bank
->sectors
[sector
].is_protected
= -1;
2868 if (offset
!= (cfi_info
->dev_size
* bank
->bus_width
/ bank
->chip_width
)) {
2870 "CFI size is 0x%" PRIx32
", but total sector size is 0x%" PRIx32
"",
2871 (cfi_info
->dev_size
* bank
->bus_width
/ bank
->chip_width
),
2876 cfi_info
->probed
= true;
2881 int cfi_auto_probe(struct flash_bank
*bank
)
2883 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2884 if (cfi_info
->probed
)
2886 return cfi_probe(bank
);
2889 static int cfi_intel_protect_check(struct flash_bank
*bank
)
2892 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2893 struct cfi_intel_pri_ext
*pri_ext
= cfi_info
->pri_ext
;
2895 /* check if block lock bits are supported on this device */
2896 if (!(pri_ext
->blk_status_reg_mask
& 0x1))
2897 return ERROR_FLASH_OPERATION_FAILED
;
2899 retval
= cfi_send_command(bank
, 0x90, cfi_flash_address(bank
, 0, 0x55));
2900 if (retval
!= ERROR_OK
)
2903 for (unsigned int i
= 0; i
< bank
->num_sectors
; i
++) {
2904 uint8_t block_status
;
2905 retval
= cfi_get_u8(bank
, i
, 0x2, &block_status
);
2906 if (retval
!= ERROR_OK
)
2909 if (block_status
& 1)
2910 bank
->sectors
[i
].is_protected
= 1;
2912 bank
->sectors
[i
].is_protected
= 0;
2915 return cfi_send_command(bank
, 0xff, cfi_flash_address(bank
, 0, 0x0));
2918 static int cfi_spansion_protect_check(struct flash_bank
*bank
)
2921 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2922 struct cfi_spansion_pri_ext
*pri_ext
= cfi_info
->pri_ext
;
2924 retval
= cfi_spansion_unlock_seq(bank
);
2925 if (retval
!= ERROR_OK
)
2928 retval
= cfi_send_command(bank
, 0x90, cfi_flash_address(bank
, 0, pri_ext
->_unlock1
));
2929 if (retval
!= ERROR_OK
)
2932 for (unsigned int i
= 0; i
< bank
->num_sectors
; i
++) {
2933 uint8_t block_status
;
2934 retval
= cfi_get_u8(bank
, i
, 0x2, &block_status
);
2935 if (retval
!= ERROR_OK
)
2938 if (block_status
& 1)
2939 bank
->sectors
[i
].is_protected
= 1;
2941 bank
->sectors
[i
].is_protected
= 0;
2944 return cfi_send_command(bank
, 0xf0, cfi_flash_address(bank
, 0, 0x0));
2947 int cfi_protect_check(struct flash_bank
*bank
)
2949 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2951 if (bank
->target
->state
!= TARGET_HALTED
) {
2952 LOG_ERROR("Target not halted");
2953 return ERROR_TARGET_NOT_HALTED
;
2956 if (cfi_info
->qry
[0] != 'Q')
2957 return ERROR_FLASH_BANK_NOT_PROBED
;
2959 switch (cfi_info
->pri_id
) {
2962 return cfi_intel_protect_check(bank
);
2964 return cfi_spansion_protect_check(bank
);
2966 LOG_ERROR("cfi primary command set %i unsupported", cfi_info
->pri_id
);
2973 int cfi_get_info(struct flash_bank
*bank
, struct command_invocation
*cmd
)
2975 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
2977 if (cfi_info
->qry
[0] == 0xff) {
2978 command_print_sameline(cmd
, "\ncfi flash bank not probed yet\n");
2982 if (!cfi_info
->not_cfi
)
2983 command_print_sameline(cmd
, "\nCFI flash: ");
2985 command_print_sameline(cmd
, "\nnon-CFI flash: ");
2987 command_print_sameline(cmd
, "mfr: 0x%4.4x, id:0x%4.4x\n",
2988 cfi_info
->manufacturer
, cfi_info
->device_id
);
2990 command_print_sameline(cmd
, "qry: '%c%c%c', pri_id: 0x%4.4x, pri_addr: "
2991 "0x%4.4x, alt_id: 0x%4.4x, alt_addr: 0x%4.4x\n",
2992 cfi_info
->qry
[0], cfi_info
->qry
[1], cfi_info
->qry
[2],
2993 cfi_info
->pri_id
, cfi_info
->pri_addr
, cfi_info
->alt_id
, cfi_info
->alt_addr
);
2995 command_print_sameline(cmd
, "Vcc min: %x.%x, Vcc max: %x.%x, "
2996 "Vpp min: %u.%x, Vpp max: %u.%x\n",
2997 (cfi_info
->vcc_min
& 0xf0) >> 4, cfi_info
->vcc_min
& 0x0f,
2998 (cfi_info
->vcc_max
& 0xf0) >> 4, cfi_info
->vcc_max
& 0x0f,
2999 (cfi_info
->vpp_min
& 0xf0) >> 4, cfi_info
->vpp_min
& 0x0f,
3000 (cfi_info
->vpp_max
& 0xf0) >> 4, cfi_info
->vpp_max
& 0x0f);
3002 command_print_sameline(cmd
, "typ. word write timeout: %u us, "
3003 "typ. buf write timeout: %u us, "
3004 "typ. block erase timeout: %u ms, "
3005 "typ. chip erase timeout: %u ms\n",
3006 1 << cfi_info
->word_write_timeout_typ
,
3007 1 << cfi_info
->buf_write_timeout_typ
,
3008 1 << cfi_info
->block_erase_timeout_typ
,
3009 1 << cfi_info
->chip_erase_timeout_typ
);
3011 command_print_sameline(cmd
, "max. word write timeout: %u us, "
3012 "max. buf write timeout: %u us, max. "
3013 "block erase timeout: %u ms, max. chip erase timeout: %u ms\n",
3015 cfi_info
->word_write_timeout_max
) * (1 << cfi_info
->word_write_timeout_typ
),
3017 cfi_info
->buf_write_timeout_max
) * (1 << cfi_info
->buf_write_timeout_typ
),
3019 cfi_info
->block_erase_timeout_max
) *
3020 (1 << cfi_info
->block_erase_timeout_typ
),
3022 cfi_info
->chip_erase_timeout_max
) *
3023 (1 << cfi_info
->chip_erase_timeout_typ
));
3025 command_print_sameline(cmd
, "size: 0x%" PRIx32
", interface desc: %i, "
3026 "max buffer write size: 0x%x\n",
3028 cfi_info
->interface_desc
,
3029 1 << cfi_info
->max_buf_write_size
);
3031 switch (cfi_info
->pri_id
) {
3034 cfi_intel_info(bank
, cmd
);
3037 cfi_spansion_info(bank
, cmd
);
3040 LOG_ERROR("cfi primary command set %i unsupported", cfi_info
->pri_id
);
3047 static void cfi_fixup_0002_write_buffer(struct flash_bank
*bank
, const void *param
)
3049 struct cfi_flash_bank
*cfi_info
= bank
->driver_priv
;
3051 /* disable write buffer for M29W128G */
3052 cfi_info
->buf_write_timeout_typ
= 0;
3055 const struct flash_driver cfi_flash
= {
3057 .flash_bank_command
= cfi_flash_bank_command
,
3059 .protect
= cfi_protect
,
3063 .auto_probe
= cfi_auto_probe
,
3064 /* FIXME: access flash at bus_width size */
3065 .erase_check
= default_flash_blank_check
,
3066 .protect_check
= cfi_protect_check
,
3067 .info
= cfi_get_info
,
3068 .free_driver_priv
= default_flash_free_driver_priv
,