Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
aarch64: handle exceptions taken in debug state
[openocd.git] / src / target / aarch64.c
1 /***************************************************************************
2 * Copyright (C) 2015 by David Ung *
3 * *
4 * This program is free software; you can redistribute it and/or modify *
5 * it under the terms of the GNU General Public License as published by *
6 * the Free Software Foundation; either version 2 of the License, or *
7 * (at your option) any later version. *
8 * *
9 * This program is distributed in the hope that it will be useful, *
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
12 * GNU General Public License for more details. *
13 * *
14 * You should have received a copy of the GNU General Public License *
15 * along with this program; if not, write to the *
16 * Free Software Foundation, Inc., *
17 * *
18 ***************************************************************************/
19
20 #ifdef HAVE_CONFIG_H
21 #include "config.h"
22 #endif
23
24 #include "breakpoints.h"
25 #include "aarch64.h"
26 #include "register.h"
27 #include "target_request.h"
28 #include "target_type.h"
29 #include "armv8_opcodes.h"
30 #include "armv8_cache.h"
31 #include <helper/time_support.h>
32
33 static int aarch64_poll(struct target *target);
34 static int aarch64_debug_entry(struct target *target);
35 static int aarch64_restore_context(struct target *target, bool bpwp);
36 static int aarch64_set_breakpoint(struct target *target,
37 struct breakpoint *breakpoint, uint8_t matchmode);
38 static int aarch64_set_context_breakpoint(struct target *target,
39 struct breakpoint *breakpoint, uint8_t matchmode);
40 static int aarch64_set_hybrid_breakpoint(struct target *target,
41 struct breakpoint *breakpoint);
42 static int aarch64_unset_breakpoint(struct target *target,
43 struct breakpoint *breakpoint);
44 static int aarch64_mmu(struct target *target, int *enabled);
45 static int aarch64_virt2phys(struct target *target,
46 target_addr_t virt, target_addr_t *phys);
47 static int aarch64_read_apb_ap_memory(struct target *target,
48 uint64_t address, uint32_t size, uint32_t count, uint8_t *buffer);
49
50 static int aarch64_restore_system_control_reg(struct target *target)
51 {
52 int retval = ERROR_OK;
53
54 struct aarch64_common *aarch64 = target_to_aarch64(target);
55 struct armv8_common *armv8 = target_to_armv8(target);
56
57 if (aarch64->system_control_reg != aarch64->system_control_reg_curr) {
58 aarch64->system_control_reg_curr = aarch64->system_control_reg;
59 /* LOG_INFO("cp15_control_reg: %8.8" PRIx32, cortex_v8->cp15_control_reg); */
60
61 switch (armv8->arm.core_mode) {
62 case ARMV8_64_EL0T:
63 case ARMV8_64_EL1T:
64 case ARMV8_64_EL1H:
65 retval = armv8->arm.msr(target, 3, /*op 0*/
66 0, 1, /* op1, op2 */
67 0, 0, /* CRn, CRm */
68 aarch64->system_control_reg);
69 if (retval != ERROR_OK)
70 return retval;
71 break;
72 case ARMV8_64_EL2T:
73 case ARMV8_64_EL2H:
74 retval = armv8->arm.msr(target, 3, /*op 0*/
75 4, 1, /* op1, op2 */
76 0, 0, /* CRn, CRm */
77 aarch64->system_control_reg);
78 if (retval != ERROR_OK)
79 return retval;
80 break;
81 case ARMV8_64_EL3H:
82 case ARMV8_64_EL3T:
83 retval = armv8->arm.msr(target, 3, /*op 0*/
84 6, 1, /* op1, op2 */
85 0, 0, /* CRn, CRm */
86 aarch64->system_control_reg);
87 if (retval != ERROR_OK)
88 return retval;
89 break;
90 default:
91 retval = armv8->arm.mcr(target, 15, 0, 0, 1, 0, aarch64->system_control_reg);
92 if (retval != ERROR_OK)
93 return retval;
94 break;
95 }
96 }
97 return retval;
98 }
99
100 /* check address before aarch64_apb read write access with mmu on
101 * remove apb predictible data abort */
102 static int aarch64_check_address(struct target *target, uint32_t address)
103 {
104 /* TODO */
105 return ERROR_OK;
106 }
107 /* modify system_control_reg in order to enable or disable mmu for :
108 * - virt2phys address conversion
109 * - read or write memory in phys or virt address */
110 static int aarch64_mmu_modify(struct target *target, int enable)
111 {
112 struct aarch64_common *aarch64 = target_to_aarch64(target);
113 struct armv8_common *armv8 = &aarch64->armv8_common;
114 int retval = ERROR_OK;
115
116 if (enable) {
117 /* if mmu enabled at target stop and mmu not enable */
118 if (!(aarch64->system_control_reg & 0x1U)) {
119 LOG_ERROR("trying to enable mmu on target stopped with mmu disable");
120 return ERROR_FAIL;
121 }
122 if (!(aarch64->system_control_reg_curr & 0x1U)) {
123 aarch64->system_control_reg_curr |= 0x1U;
124 switch (armv8->arm.core_mode) {
125 case ARMV8_64_EL0T:
126 case ARMV8_64_EL1T:
127 case ARMV8_64_EL1H:
128 retval = armv8->arm.msr(target, 3, /*op 0*/
129 0, 0, /* op1, op2 */
130 1, 0, /* CRn, CRm */
131 aarch64->system_control_reg_curr);
132 if (retval != ERROR_OK)
133 return retval;
134 break;
135 case ARMV8_64_EL2T:
136 case ARMV8_64_EL2H:
137 retval = armv8->arm.msr(target, 3, /*op 0*/
138 4, 0, /* op1, op2 */
139 1, 0, /* CRn, CRm */
140 aarch64->system_control_reg_curr);
141 if (retval != ERROR_OK)
142 return retval;
143 break;
144 case ARMV8_64_EL3H:
145 case ARMV8_64_EL3T:
146 retval = armv8->arm.msr(target, 3, /*op 0*/
147 6, 0, /* op1, op2 */
148 1, 0, /* CRn, CRm */
149 aarch64->system_control_reg_curr);
150 if (retval != ERROR_OK)
151 return retval;
152 break;
153 default:
154 LOG_DEBUG("unknow cpu state 0x%x" PRIx32, armv8->arm.core_state);
155 }
156 }
157 } else {
158 if (aarch64->system_control_reg_curr & 0x4U) {
159 /* data cache is active */
160 aarch64->system_control_reg_curr &= ~0x4U;
161 /* flush data cache armv7 function to be called */
162 if (armv8->armv8_mmu.armv8_cache.flush_all_data_cache)
163 armv8->armv8_mmu.armv8_cache.flush_all_data_cache(target);
164 }
165 if ((aarch64->system_control_reg_curr & 0x1U)) {
166 aarch64->system_control_reg_curr &= ~0x1U;
167 switch (armv8->arm.core_mode) {
168 case ARMV8_64_EL0T:
169 case ARMV8_64_EL1T:
170 case ARMV8_64_EL1H:
171 retval = armv8->arm.msr(target, 3, /*op 0*/
172 0, 0, /* op1, op2 */
173 1, 0, /* CRn, CRm */
174 aarch64->system_control_reg_curr);
175 if (retval != ERROR_OK)
176 return retval;
177 break;
178 case ARMV8_64_EL2T:
179 case ARMV8_64_EL2H:
180 retval = armv8->arm.msr(target, 3, /*op 0*/
181 4, 0, /* op1, op2 */
182 1, 0, /* CRn, CRm */
183 aarch64->system_control_reg_curr);
184 if (retval != ERROR_OK)
185 return retval;
186 break;
187 case ARMV8_64_EL3H:
188 case ARMV8_64_EL3T:
189 retval = armv8->arm.msr(target, 3, /*op 0*/
190 6, 0, /* op1, op2 */
191 1, 0, /* CRn, CRm */
192 aarch64->system_control_reg_curr);
193 if (retval != ERROR_OK)
194 return retval;
195 break;
196 default:
197 LOG_DEBUG("unknow cpu state 0x%x" PRIx32, armv8->arm.core_state);
198 break;
199 }
200 }
201 }
202 return retval;
203 }
204
205 /*
206 * Basic debug access, very low level assumes state is saved
207 */
208 static int aarch64_init_debug_access(struct target *target)
209 {
210 struct armv8_common *armv8 = target_to_armv8(target);
211 int retval;
212 uint32_t dummy;
213
214 LOG_DEBUG(" ");
215
216 /* Clear Sticky Power Down status Bit in PRSR to enable access to
217 the registers in the Core Power Domain */
218 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
219 armv8->debug_base + CPUV8_DBG_PRSR, &dummy);
220 if (retval != ERROR_OK)
221 return retval;
222
223 /*
224 * Static CTI configuration:
225 * Channel 0 -> trigger outputs HALT request to PE
226 * Channel 1 -> trigger outputs Resume request to PE
227 * Gate all channel trigger events from entering the CTM
228 */
229
230 /* Enable CTI */
231 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
232 armv8->cti_base + CTI_CTR, 1);
233 /* By default, gate all channel triggers to and from the CTM */
234 if (retval == ERROR_OK)
235 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
236 armv8->cti_base + CTI_GATE, 0);
237 /* output halt requests to PE on channel 0 trigger */
238 if (retval == ERROR_OK)
239 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
240 armv8->cti_base + CTI_OUTEN0, CTI_CHNL(0));
241 /* output restart requests to PE on channel 1 trigger */
242 if (retval == ERROR_OK)
243 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
244 armv8->cti_base + CTI_OUTEN1, CTI_CHNL(1));
245 if (retval != ERROR_OK)
246 return retval;
247
248 /* Resync breakpoint registers */
249
250 /* Since this is likely called from init or reset, update target state information*/
251 return aarch64_poll(target);
252 }
253
254 /* Write to memory mapped registers directly with no cache or mmu handling */
255 static int aarch64_dap_write_memap_register_u32(struct target *target,
256 uint32_t address,
257 uint32_t value)
258 {
259 int retval;
260 struct armv8_common *armv8 = target_to_armv8(target);
261
262 retval = mem_ap_write_atomic_u32(armv8->debug_ap, address, value);
263
264 return retval;
265 }
266
267 static int aarch64_dpm_setup(struct aarch64_common *a8, uint64_t debug)
268 {
269 struct arm_dpm *dpm = &a8->armv8_common.dpm;
270 int retval;
271
272 dpm->arm = &a8->armv8_common.arm;
273 dpm->didr = debug;
274
275 retval = armv8_dpm_setup(dpm);
276 if (retval == ERROR_OK)
277 retval = armv8_dpm_initialize(dpm);
278
279 return retval;
280 }
281
282 static struct target *get_aarch64(struct target *target, int32_t coreid)
283 {
284 struct target_list *head;
285 struct target *curr;
286
287 head = target->head;
288 while (head != (struct target_list *)NULL) {
289 curr = head->target;
290 if ((curr->coreid == coreid) && (curr->state == TARGET_HALTED))
291 return curr;
292 head = head->next;
293 }
294 return target;
295 }
296 static int aarch64_halt(struct target *target);
297
298 static int aarch64_halt_smp(struct target *target)
299 {
300 int retval = ERROR_OK;
301 struct target_list *head = target->head;
302
303 while (head != (struct target_list *)NULL) {
304 struct target *curr = head->target;
305 struct armv8_common *armv8 = target_to_armv8(curr);
306
307 /* open the gate for channel 0 to let HALT requests pass to the CTM */
308 if (curr->smp)
309 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
310 armv8->cti_base + CTI_GATE, CTI_CHNL(0));
311 if (retval != ERROR_OK)
312 break;
313
314 head = head->next;
315 }
316
317 /* halt the target PE */
318 if (retval == ERROR_OK)
319 retval = aarch64_halt(target);
320
321 return retval;
322 }
323
324 static int update_halt_gdb(struct target *target)
325 {
326 int retval = 0;
327 if (target->gdb_service && target->gdb_service->core[0] == -1) {
328 target->gdb_service->target = target;
329 target->gdb_service->core[0] = target->coreid;
330 retval += aarch64_halt_smp(target);
331 }
332 return retval;
333 }
334
335 /*
336 * Cortex-A8 Run control
337 */
338
339 static int aarch64_poll(struct target *target)
340 {
341 int retval = ERROR_OK;
342 uint32_t dscr;
343 struct aarch64_common *aarch64 = target_to_aarch64(target);
344 struct armv8_common *armv8 = &aarch64->armv8_common;
345 enum target_state prev_target_state = target->state;
346 /* toggle to another core is done by gdb as follow */
347 /* maint packet J core_id */
348 /* continue */
349 /* the next polling trigger an halt event sent to gdb */
350 if ((target->state == TARGET_HALTED) && (target->smp) &&
351 (target->gdb_service) &&
352 (target->gdb_service->target == NULL)) {
353 target->gdb_service->target =
354 get_aarch64(target, target->gdb_service->core[1]);
355 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
356 return retval;
357 }
358 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
359 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
360 if (retval != ERROR_OK)
361 return retval;
362 aarch64->cpudbg_dscr = dscr;
363
364 if (DSCR_RUN_MODE(dscr) == 0x3) {
365 if (prev_target_state != TARGET_HALTED) {
366 /* We have a halting debug event */
367 LOG_DEBUG("Target halted");
368 target->state = TARGET_HALTED;
369 if ((prev_target_state == TARGET_RUNNING)
370 || (prev_target_state == TARGET_UNKNOWN)
371 || (prev_target_state == TARGET_RESET)) {
372 retval = aarch64_debug_entry(target);
373 if (retval != ERROR_OK)
374 return retval;
375 if (target->smp) {
376 retval = update_halt_gdb(target);
377 if (retval != ERROR_OK)
378 return retval;
379 }
380 target_call_event_callbacks(target,
381 TARGET_EVENT_HALTED);
382 }
383 if (prev_target_state == TARGET_DEBUG_RUNNING) {
384 LOG_DEBUG(" ");
385
386 retval = aarch64_debug_entry(target);
387 if (retval != ERROR_OK)
388 return retval;
389 if (target->smp) {
390 retval = update_halt_gdb(target);
391 if (retval != ERROR_OK)
392 return retval;
393 }
394
395 target_call_event_callbacks(target,
396 TARGET_EVENT_DEBUG_HALTED);
397 }
398 }
399 } else
400 target->state = TARGET_RUNNING;
401
402 return retval;
403 }
404
405 static int aarch64_halt(struct target *target)
406 {
407 int retval = ERROR_OK;
408 uint32_t dscr;
409 struct armv8_common *armv8 = target_to_armv8(target);
410
411 /*
412 * add HDE in halting debug mode
413 */
414 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
415 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
416 if (retval == ERROR_OK)
417 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
418 armv8->debug_base + CPUV8_DBG_DSCR, dscr | DSCR_HDE);
419 if (retval != ERROR_OK)
420 return retval;
421
422 /* trigger an event on channel 0, this outputs a halt request to the PE */
423 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
424 armv8->cti_base + CTI_APPPULSE, CTI_CHNL(0));
425 if (retval != ERROR_OK)
426 return retval;
427
428 long long then = timeval_ms();
429 for (;; ) {
430 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
431 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
432 if (retval != ERROR_OK)
433 return retval;
434 if ((dscr & DSCRV8_HALT_MASK) != 0)
435 break;
436 if (timeval_ms() > then + 1000) {
437 LOG_ERROR("Timeout waiting for halt");
438 return ERROR_FAIL;
439 }
440 }
441
442 target->debug_reason = DBG_REASON_DBGRQ;
443
444 return ERROR_OK;
445 }
446
447 static int aarch64_internal_restore(struct target *target, int current,
448 uint64_t *address, int handle_breakpoints, int debug_execution)
449 {
450 struct armv8_common *armv8 = target_to_armv8(target);
451 struct arm *arm = &armv8->arm;
452 int retval;
453 uint64_t resume_pc;
454
455 if (!debug_execution)
456 target_free_all_working_areas(target);
457
458 /* current = 1: continue on current pc, otherwise continue at <address> */
459 resume_pc = buf_get_u64(arm->pc->value, 0, 64);
460 if (!current)
461 resume_pc = *address;
462 else
463 *address = resume_pc;
464
465 /* Make sure that the Armv7 gdb thumb fixups does not
466 * kill the return address
467 */
468 switch (arm->core_state) {
469 case ARM_STATE_ARM:
470 resume_pc &= 0xFFFFFFFC;
471 break;
472 case ARM_STATE_AARCH64:
473 resume_pc &= 0xFFFFFFFFFFFFFFFC;
474 break;
475 case ARM_STATE_THUMB:
476 case ARM_STATE_THUMB_EE:
477 /* When the return address is loaded into PC
478 * bit 0 must be 1 to stay in Thumb state
479 */
480 resume_pc |= 0x1;
481 break;
482 case ARM_STATE_JAZELLE:
483 LOG_ERROR("How do I resume into Jazelle state??");
484 return ERROR_FAIL;
485 }
486 LOG_DEBUG("resume pc = 0x%16" PRIx64, resume_pc);
487 buf_set_u64(arm->pc->value, 0, 64, resume_pc);
488 arm->pc->dirty = 1;
489 arm->pc->valid = 1;
490 armv8_dpm_modeswitch(&armv8->dpm, ARM_MODE_ANY);
491
492 /* called it now before restoring context because it uses cpu
493 * register r0 for restoring system control register */
494 retval = aarch64_restore_system_control_reg(target);
495 if (retval != ERROR_OK)
496 return retval;
497 retval = aarch64_restore_context(target, handle_breakpoints);
498 if (retval != ERROR_OK)
499 return retval;
500 target->debug_reason = DBG_REASON_NOTHALTED;
501 target->state = TARGET_RUNNING;
502
503 /* registers are now invalid */
504 register_cache_invalidate(arm->core_cache);
505
506 return retval;
507 }
508
509 static int aarch64_internal_restart(struct target *target, bool slave_pe)
510 {
511 struct armv8_common *armv8 = target_to_armv8(target);
512 struct arm *arm = &armv8->arm;
513 int retval;
514 uint32_t dscr;
515 /*
516 * * Restart core and wait for it to be started. Clear ITRen and sticky
517 * * exception flags: see ARMv7 ARM, C5.9.
518 *
519 * REVISIT: for single stepping, we probably want to
520 * disable IRQs by default, with optional override...
521 */
522
523 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
524 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
525 if (retval != ERROR_OK)
526 return retval;
527
528 if ((dscr & DSCR_ITE) == 0)
529 LOG_ERROR("DSCR InstrCompl must be set before leaving debug!");
530
531 /* make sure to acknowledge the halt event before resuming */
532 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
533 armv8->cti_base + CTI_INACK, CTI_TRIG(HALT));
534
535 /*
536 * open the CTI gate for channel 1 so that the restart events
537 * get passed along to all PEs
538 */
539 if (retval == ERROR_OK)
540 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
541 armv8->cti_base + CTI_GATE, CTI_CHNL(1));
542 if (retval != ERROR_OK)
543 return retval;
544
545 if (!slave_pe) {
546 /* trigger an event on channel 1, generates a restart request to the PE */
547 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
548 armv8->cti_base + CTI_APPPULSE, CTI_CHNL(1));
549 if (retval != ERROR_OK)
550 return retval;
551
552 long long then = timeval_ms();
553 for (;; ) {
554 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
555 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
556 if (retval != ERROR_OK)
557 return retval;
558 if ((dscr & DSCR_HDE) != 0)
559 break;
560 if (timeval_ms() > then + 1000) {
561 LOG_ERROR("Timeout waiting for resume");
562 return ERROR_FAIL;
563 }
564 }
565 }
566
567 target->debug_reason = DBG_REASON_NOTHALTED;
568 target->state = TARGET_RUNNING;
569
570 /* registers are now invalid */
571 register_cache_invalidate(arm->core_cache);
572
573 return ERROR_OK;
574 }
575
576 static int aarch64_restore_smp(struct target *target, int handle_breakpoints)
577 {
578 int retval = 0;
579 struct target_list *head;
580 struct target *curr;
581 uint64_t address;
582 head = target->head;
583 while (head != (struct target_list *)NULL) {
584 curr = head->target;
585 if ((curr != target) && (curr->state != TARGET_RUNNING)) {
586 /* resume current address , not in step mode */
587 retval += aarch64_internal_restore(curr, 1, &address,
588 handle_breakpoints, 0);
589 retval += aarch64_internal_restart(curr, true);
590 }
591 head = head->next;
592
593 }
594 return retval;
595 }
596
597 static int aarch64_resume(struct target *target, int current,
598 target_addr_t address, int handle_breakpoints, int debug_execution)
599 {
600 int retval = 0;
601 uint64_t addr = address;
602
603 /* dummy resume for smp toggle in order to reduce gdb impact */
604 if ((target->smp) && (target->gdb_service->core[1] != -1)) {
605 /* simulate a start and halt of target */
606 target->gdb_service->target = NULL;
607 target->gdb_service->core[0] = target->gdb_service->core[1];
608 /* fake resume at next poll we play the target core[1], see poll*/
609 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
610 return 0;
611 }
612 aarch64_internal_restore(target, current, &addr, handle_breakpoints,
613 debug_execution);
614 if (target->smp) {
615 target->gdb_service->core[0] = -1;
616 retval = aarch64_restore_smp(target, handle_breakpoints);
617 if (retval != ERROR_OK)
618 return retval;
619 }
620 aarch64_internal_restart(target, false);
621
622 if (!debug_execution) {
623 target->state = TARGET_RUNNING;
624 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
625 LOG_DEBUG("target resumed at 0x%" PRIx64, addr);
626 } else {
627 target->state = TARGET_DEBUG_RUNNING;
628 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
629 LOG_DEBUG("target debug resumed at 0x%" PRIx64, addr);
630 }
631
632 return ERROR_OK;
633 }
634
635 static int aarch64_debug_entry(struct target *target)
636 {
637 int retval = ERROR_OK;
638 struct aarch64_common *aarch64 = target_to_aarch64(target);
639 struct armv8_common *armv8 = target_to_armv8(target);
640 struct arm_dpm *dpm = &armv8->dpm;
641 enum arm_state core_state;
642
643 LOG_DEBUG("%s dscr = 0x%08" PRIx32, target_name(target), aarch64->cpudbg_dscr);
644
645 dpm->dscr = aarch64->cpudbg_dscr;
646 core_state = armv8_dpm_get_core_state(dpm);
647 armv8_select_opcodes(armv8, core_state == ARM_STATE_AARCH64);
648 armv8_select_reg_access(armv8, core_state == ARM_STATE_AARCH64);
649
650 /* make sure to clear all sticky errors */
651 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
652 armv8->debug_base + CPUV8_DBG_DRCR, DRCR_CSE);
653 if (retval != ERROR_OK)
654 return retval;
655
656 /* Examine debug reason */
657 armv8_dpm_report_dscr(&armv8->dpm, aarch64->cpudbg_dscr);
658
659 /* save address of instruction that triggered the watchpoint? */
660 if (target->debug_reason == DBG_REASON_WATCHPOINT) {
661 uint32_t tmp;
662 uint64_t wfar = 0;
663
664 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
665 armv8->debug_base + CPUV8_DBG_WFAR1,
666 &tmp);
667 if (retval != ERROR_OK)
668 return retval;
669 wfar = tmp;
670 wfar = (wfar << 32);
671 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
672 armv8->debug_base + CPUV8_DBG_WFAR0,
673 &tmp);
674 if (retval != ERROR_OK)
675 return retval;
676 wfar |= tmp;
677 armv8_dpm_report_wfar(&armv8->dpm, wfar);
678 }
679
680 retval = armv8_dpm_read_current_registers(&armv8->dpm);
681
682 if (retval == ERROR_OK && armv8->post_debug_entry)
683 retval = armv8->post_debug_entry(target);
684
685 return retval;
686 }
687
688 static int aarch64_post_debug_entry(struct target *target)
689 {
690 struct aarch64_common *aarch64 = target_to_aarch64(target);
691 struct armv8_common *armv8 = &aarch64->armv8_common;
692 int retval;
693
694 /* clear sticky errors */
695 mem_ap_write_atomic_u32(armv8->debug_ap,
696 armv8->debug_base + CPUV8_DBG_DRCR, DRCR_CSE);
697
698 switch (armv8->arm.core_mode) {
699 case ARMV8_64_EL0T:
700 armv8_dpm_modeswitch(&armv8->dpm, ARMV8_64_EL1H);
701 /* fall through */
702 case ARMV8_64_EL1T:
703 case ARMV8_64_EL1H:
704 retval = armv8->arm.mrs(target, 3, /*op 0*/
705 0, 0, /* op1, op2 */
706 1, 0, /* CRn, CRm */
707 &aarch64->system_control_reg);
708 if (retval != ERROR_OK)
709 return retval;
710 break;
711 case ARMV8_64_EL2T:
712 case ARMV8_64_EL2H:
713 retval = armv8->arm.mrs(target, 3, /*op 0*/
714 4, 0, /* op1, op2 */
715 1, 0, /* CRn, CRm */
716 &aarch64->system_control_reg);
717 if (retval != ERROR_OK)
718 return retval;
719 break;
720 case ARMV8_64_EL3H:
721 case ARMV8_64_EL3T:
722 retval = armv8->arm.mrs(target, 3, /*op 0*/
723 6, 0, /* op1, op2 */
724 1, 0, /* CRn, CRm */
725 &aarch64->system_control_reg);
726 if (retval != ERROR_OK)
727 return retval;
728 break;
729
730 case ARM_MODE_SVC:
731 retval = armv8->arm.mrc(target, 15, 0, 0, 1, 0, &aarch64->system_control_reg);
732 if (retval != ERROR_OK)
733 return retval;
734 break;
735
736 default:
737 LOG_INFO("cannot read system control register in this mode");
738 break;
739 }
740
741 armv8_dpm_modeswitch(&armv8->dpm, ARM_MODE_ANY);
742
743 LOG_DEBUG("System_register: %8.8" PRIx32, aarch64->system_control_reg);
744 aarch64->system_control_reg_curr = aarch64->system_control_reg;
745
746 if (armv8->armv8_mmu.armv8_cache.info == -1) {
747 armv8_identify_cache(armv8);
748 armv8_read_mpidr(armv8);
749 }
750
751 armv8->armv8_mmu.mmu_enabled =
752 (aarch64->system_control_reg & 0x1U) ? 1 : 0;
753 armv8->armv8_mmu.armv8_cache.d_u_cache_enabled =
754 (aarch64->system_control_reg & 0x4U) ? 1 : 0;
755 armv8->armv8_mmu.armv8_cache.i_cache_enabled =
756 (aarch64->system_control_reg & 0x1000U) ? 1 : 0;
757 aarch64->curr_mode = armv8->arm.core_mode;
758 return ERROR_OK;
759 }
760
761 static int aarch64_set_dscr_bits(struct target *target, unsigned long bit_mask, unsigned long value)
762 {
763 struct armv8_common *armv8 = target_to_armv8(target);
764 uint32_t dscr;
765
766 /* Read DSCR */
767 int retval = mem_ap_read_atomic_u32(armv8->debug_ap,
768 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
769 if (ERROR_OK != retval)
770 return retval;
771
772 /* clear bitfield */
773 dscr &= ~bit_mask;
774 /* put new value */
775 dscr |= value & bit_mask;
776
777 /* write new DSCR */
778 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
779 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
780 return retval;
781 }
782
783 static int aarch64_step(struct target *target, int current, target_addr_t address,
784 int handle_breakpoints)
785 {
786 struct armv8_common *armv8 = target_to_armv8(target);
787 int retval;
788 uint32_t edecr;
789
790 if (target->state != TARGET_HALTED) {
791 LOG_WARNING("target not halted");
792 return ERROR_TARGET_NOT_HALTED;
793 }
794
795 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
796 armv8->debug_base + CPUV8_DBG_EDECR, &edecr);
797 if (retval != ERROR_OK)
798 return retval;
799
800 /* make sure EDECR.SS is not set when restoring the register */
801 edecr &= ~0x4;
802
803 /* set EDECR.SS to enter hardware step mode */
804 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
805 armv8->debug_base + CPUV8_DBG_EDECR, (edecr|0x4));
806 if (retval != ERROR_OK)
807 return retval;
808
809 /* disable interrupts while stepping */
810 retval = aarch64_set_dscr_bits(target, 0x3 << 22, 0x3 << 22);
811 if (retval != ERROR_OK)
812 return ERROR_OK;
813
814 /* resume the target */
815 retval = aarch64_resume(target, current, address, 0, 0);
816 if (retval != ERROR_OK)
817 return retval;
818
819 long long then = timeval_ms();
820 while (target->state != TARGET_HALTED) {
821 retval = aarch64_poll(target);
822 if (retval != ERROR_OK)
823 return retval;
824 if (timeval_ms() > then + 1000) {
825 LOG_ERROR("timeout waiting for target halt");
826 return ERROR_FAIL;
827 }
828 }
829
830 /* restore EDECR */
831 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
832 armv8->debug_base + CPUV8_DBG_EDECR, edecr);
833 if (retval != ERROR_OK)
834 return retval;
835
836 /* restore interrupts */
837 retval = aarch64_set_dscr_bits(target, 0x3 << 22, 0);
838 if (retval != ERROR_OK)
839 return ERROR_OK;
840
841 return ERROR_OK;
842 }
843
844 static int aarch64_restore_context(struct target *target, bool bpwp)
845 {
846 struct armv8_common *armv8 = target_to_armv8(target);
847
848 LOG_DEBUG(" ");
849
850 if (armv8->pre_restore_context)
851 armv8->pre_restore_context(target);
852
853 return armv8_dpm_write_dirty_registers(&armv8->dpm, bpwp);
854
855 }
856
857 /*
858 * Cortex-A8 Breakpoint and watchpoint functions
859 */
860
861 /* Setup hardware Breakpoint Register Pair */
862 static int aarch64_set_breakpoint(struct target *target,
863 struct breakpoint *breakpoint, uint8_t matchmode)
864 {
865 int retval;
866 int brp_i = 0;
867 uint32_t control;
868 uint8_t byte_addr_select = 0x0F;
869 struct aarch64_common *aarch64 = target_to_aarch64(target);
870 struct armv8_common *armv8 = &aarch64->armv8_common;
871 struct aarch64_brp *brp_list = aarch64->brp_list;
872
873 if (breakpoint->set) {
874 LOG_WARNING("breakpoint already set");
875 return ERROR_OK;
876 }
877
878 if (breakpoint->type == BKPT_HARD) {
879 int64_t bpt_value;
880 while (brp_list[brp_i].used && (brp_i < aarch64->brp_num))
881 brp_i++;
882 if (brp_i >= aarch64->brp_num) {
883 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
884 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
885 }
886 breakpoint->set = brp_i + 1;
887 if (breakpoint->length == 2)
888 byte_addr_select = (3 << (breakpoint->address & 0x02));
889 control = ((matchmode & 0x7) << 20)
890 | (1 << 13)
891 | (byte_addr_select << 5)
892 | (3 << 1) | 1;
893 brp_list[brp_i].used = 1;
894 brp_list[brp_i].value = breakpoint->address & 0xFFFFFFFFFFFFFFFC;
895 brp_list[brp_i].control = control;
896 bpt_value = brp_list[brp_i].value;
897
898 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
899 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_i].BRPn,
900 (uint32_t)(bpt_value & 0xFFFFFFFF));
901 if (retval != ERROR_OK)
902 return retval;
903 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
904 + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_i].BRPn,
905 (uint32_t)(bpt_value >> 32));
906 if (retval != ERROR_OK)
907 return retval;
908
909 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
910 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_i].BRPn,
911 brp_list[brp_i].control);
912 if (retval != ERROR_OK)
913 return retval;
914 LOG_DEBUG("brp %i control 0x%0" PRIx32 " value 0x%" TARGET_PRIxADDR, brp_i,
915 brp_list[brp_i].control,
916 brp_list[brp_i].value);
917
918 } else if (breakpoint->type == BKPT_SOFT) {
919 uint8_t code[4];
920
921 buf_set_u32(code, 0, 32, ARMV8_HLT(0x11));
922 retval = target_read_memory(target,
923 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
924 breakpoint->length, 1,
925 breakpoint->orig_instr);
926 if (retval != ERROR_OK)
927 return retval;
928
929 armv8_cache_d_inner_flush_virt(armv8,
930 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
931 breakpoint->length);
932
933 retval = target_write_memory(target,
934 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
935 breakpoint->length, 1, code);
936 if (retval != ERROR_OK)
937 return retval;
938
939 armv8_cache_d_inner_flush_virt(armv8,
940 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
941 breakpoint->length);
942
943 armv8_cache_i_inner_inval_virt(armv8,
944 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
945 breakpoint->length);
946
947 breakpoint->set = 0x11; /* Any nice value but 0 */
948 }
949
950 /* Ensure that halting debug mode is enable */
951 retval = aarch64_set_dscr_bits(target, DSCR_HDE, DSCR_HDE);
952 if (retval != ERROR_OK) {
953 LOG_DEBUG("Failed to set DSCR.HDE");
954 return retval;
955 }
956
957 return ERROR_OK;
958 }
959
960 static int aarch64_set_context_breakpoint(struct target *target,
961 struct breakpoint *breakpoint, uint8_t matchmode)
962 {
963 int retval = ERROR_FAIL;
964 int brp_i = 0;
965 uint32_t control;
966 uint8_t byte_addr_select = 0x0F;
967 struct aarch64_common *aarch64 = target_to_aarch64(target);
968 struct armv8_common *armv8 = &aarch64->armv8_common;
969 struct aarch64_brp *brp_list = aarch64->brp_list;
970
971 if (breakpoint->set) {
972 LOG_WARNING("breakpoint already set");
973 return retval;
974 }
975 /*check available context BRPs*/
976 while ((brp_list[brp_i].used ||
977 (brp_list[brp_i].type != BRP_CONTEXT)) && (brp_i < aarch64->brp_num))
978 brp_i++;
979
980 if (brp_i >= aarch64->brp_num) {
981 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
982 return ERROR_FAIL;
983 }
984
985 breakpoint->set = brp_i + 1;
986 control = ((matchmode & 0x7) << 20)
987 | (1 << 13)
988 | (byte_addr_select << 5)
989 | (3 << 1) | 1;
990 brp_list[brp_i].used = 1;
991 brp_list[brp_i].value = (breakpoint->asid);
992 brp_list[brp_i].control = control;
993 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
994 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_i].BRPn,
995 brp_list[brp_i].value);
996 if (retval != ERROR_OK)
997 return retval;
998 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
999 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_i].BRPn,
1000 brp_list[brp_i].control);
1001 if (retval != ERROR_OK)
1002 return retval;
1003 LOG_DEBUG("brp %i control 0x%0" PRIx32 " value 0x%" TARGET_PRIxADDR, brp_i,
1004 brp_list[brp_i].control,
1005 brp_list[brp_i].value);
1006 return ERROR_OK;
1007
1008 }
1009
1010 static int aarch64_set_hybrid_breakpoint(struct target *target, struct breakpoint *breakpoint)
1011 {
1012 int retval = ERROR_FAIL;
1013 int brp_1 = 0; /* holds the contextID pair */
1014 int brp_2 = 0; /* holds the IVA pair */
1015 uint32_t control_CTX, control_IVA;
1016 uint8_t CTX_byte_addr_select = 0x0F;
1017 uint8_t IVA_byte_addr_select = 0x0F;
1018 uint8_t CTX_machmode = 0x03;
1019 uint8_t IVA_machmode = 0x01;
1020 struct aarch64_common *aarch64 = target_to_aarch64(target);
1021 struct armv8_common *armv8 = &aarch64->armv8_common;
1022 struct aarch64_brp *brp_list = aarch64->brp_list;
1023
1024 if (breakpoint->set) {
1025 LOG_WARNING("breakpoint already set");
1026 return retval;
1027 }
1028 /*check available context BRPs*/
1029 while ((brp_list[brp_1].used ||
1030 (brp_list[brp_1].type != BRP_CONTEXT)) && (brp_1 < aarch64->brp_num))
1031 brp_1++;
1032
1033 printf("brp(CTX) found num: %d\n", brp_1);
1034 if (brp_1 >= aarch64->brp_num) {
1035 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1036 return ERROR_FAIL;
1037 }
1038
1039 while ((brp_list[brp_2].used ||
1040 (brp_list[brp_2].type != BRP_NORMAL)) && (brp_2 < aarch64->brp_num))
1041 brp_2++;
1042
1043 printf("brp(IVA) found num: %d\n", brp_2);
1044 if (brp_2 >= aarch64->brp_num) {
1045 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1046 return ERROR_FAIL;
1047 }
1048
1049 breakpoint->set = brp_1 + 1;
1050 breakpoint->linked_BRP = brp_2;
1051 control_CTX = ((CTX_machmode & 0x7) << 20)
1052 | (brp_2 << 16)
1053 | (0 << 14)
1054 | (CTX_byte_addr_select << 5)
1055 | (3 << 1) | 1;
1056 brp_list[brp_1].used = 1;
1057 brp_list[brp_1].value = (breakpoint->asid);
1058 brp_list[brp_1].control = control_CTX;
1059 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1060 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_1].BRPn,
1061 brp_list[brp_1].value);
1062 if (retval != ERROR_OK)
1063 return retval;
1064 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1065 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_1].BRPn,
1066 brp_list[brp_1].control);
1067 if (retval != ERROR_OK)
1068 return retval;
1069
1070 control_IVA = ((IVA_machmode & 0x7) << 20)
1071 | (brp_1 << 16)
1072 | (1 << 13)
1073 | (IVA_byte_addr_select << 5)
1074 | (3 << 1) | 1;
1075 brp_list[brp_2].used = 1;
1076 brp_list[brp_2].value = breakpoint->address & 0xFFFFFFFFFFFFFFFC;
1077 brp_list[brp_2].control = control_IVA;
1078 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1079 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_2].BRPn,
1080 brp_list[brp_2].value & 0xFFFFFFFF);
1081 if (retval != ERROR_OK)
1082 return retval;
1083 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1084 + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_2].BRPn,
1085 brp_list[brp_2].value >> 32);
1086 if (retval != ERROR_OK)
1087 return retval;
1088 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1089 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_2].BRPn,
1090 brp_list[brp_2].control);
1091 if (retval != ERROR_OK)
1092 return retval;
1093
1094 return ERROR_OK;
1095 }
1096
1097 static int aarch64_unset_breakpoint(struct target *target, struct breakpoint *breakpoint)
1098 {
1099 int retval;
1100 struct aarch64_common *aarch64 = target_to_aarch64(target);
1101 struct armv8_common *armv8 = &aarch64->armv8_common;
1102 struct aarch64_brp *brp_list = aarch64->brp_list;
1103
1104 if (!breakpoint->set) {
1105 LOG_WARNING("breakpoint not set");
1106 return ERROR_OK;
1107 }
1108
1109 if (breakpoint->type == BKPT_HARD) {
1110 if ((breakpoint->address != 0) && (breakpoint->asid != 0)) {
1111 int brp_i = breakpoint->set - 1;
1112 int brp_j = breakpoint->linked_BRP;
1113 if ((brp_i < 0) || (brp_i >= aarch64->brp_num)) {
1114 LOG_DEBUG("Invalid BRP number in breakpoint");
1115 return ERROR_OK;
1116 }
1117 LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%" TARGET_PRIxADDR, brp_i,
1118 brp_list[brp_i].control, brp_list[brp_i].value);
1119 brp_list[brp_i].used = 0;
1120 brp_list[brp_i].value = 0;
1121 brp_list[brp_i].control = 0;
1122 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1123 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_i].BRPn,
1124 brp_list[brp_i].control);
1125 if (retval != ERROR_OK)
1126 return retval;
1127 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1128 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_i].BRPn,
1129 (uint32_t)brp_list[brp_i].value);
1130 if (retval != ERROR_OK)
1131 return retval;
1132 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1133 + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_i].BRPn,
1134 (uint32_t)brp_list[brp_i].value);
1135 if (retval != ERROR_OK)
1136 return retval;
1137 if ((brp_j < 0) || (brp_j >= aarch64->brp_num)) {
1138 LOG_DEBUG("Invalid BRP number in breakpoint");
1139 return ERROR_OK;
1140 }
1141 LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%0" PRIx64, brp_j,
1142 brp_list[brp_j].control, brp_list[brp_j].value);
1143 brp_list[brp_j].used = 0;
1144 brp_list[brp_j].value = 0;
1145 brp_list[brp_j].control = 0;
1146 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1147 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_j].BRPn,
1148 brp_list[brp_j].control);
1149 if (retval != ERROR_OK)
1150 return retval;
1151 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1152 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_j].BRPn,
1153 (uint32_t)brp_list[brp_j].value);
1154 if (retval != ERROR_OK)
1155 return retval;
1156 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1157 + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_j].BRPn,
1158 (uint32_t)brp_list[brp_j].value);
1159 if (retval != ERROR_OK)
1160 return retval;
1161
1162 breakpoint->linked_BRP = 0;
1163 breakpoint->set = 0;
1164 return ERROR_OK;
1165
1166 } else {
1167 int brp_i = breakpoint->set - 1;
1168 if ((brp_i < 0) || (brp_i >= aarch64->brp_num)) {
1169 LOG_DEBUG("Invalid BRP number in breakpoint");
1170 return ERROR_OK;
1171 }
1172 LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%0" PRIx64, brp_i,
1173 brp_list[brp_i].control, brp_list[brp_i].value);
1174 brp_list[brp_i].used = 0;
1175 brp_list[brp_i].value = 0;
1176 brp_list[brp_i].control = 0;
1177 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1178 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_i].BRPn,
1179 brp_list[brp_i].control);
1180 if (retval != ERROR_OK)
1181 return retval;
1182 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1183 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_i].BRPn,
1184 brp_list[brp_i].value);
1185 if (retval != ERROR_OK)
1186 return retval;
1187
1188 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1189 + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_i].BRPn,
1190 (uint32_t)brp_list[brp_i].value);
1191 if (retval != ERROR_OK)
1192 return retval;
1193 breakpoint->set = 0;
1194 return ERROR_OK;
1195 }
1196 } else {
1197 /* restore original instruction (kept in target endianness) */
1198
1199 armv8_cache_d_inner_flush_virt(armv8,
1200 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1201 breakpoint->length);
1202
1203 if (breakpoint->length == 4) {
1204 retval = target_write_memory(target,
1205 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1206 4, 1, breakpoint->orig_instr);
1207 if (retval != ERROR_OK)
1208 return retval;
1209 } else {
1210 retval = target_write_memory(target,
1211 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1212 2, 1, breakpoint->orig_instr);
1213 if (retval != ERROR_OK)
1214 return retval;
1215 }
1216
1217 armv8_cache_d_inner_flush_virt(armv8,
1218 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1219 breakpoint->length);
1220
1221 armv8_cache_i_inner_inval_virt(armv8,
1222 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1223 breakpoint->length);
1224 }
1225 breakpoint->set = 0;
1226
1227 return ERROR_OK;
1228 }
1229
1230 static int aarch64_add_breakpoint(struct target *target,
1231 struct breakpoint *breakpoint)
1232 {
1233 struct aarch64_common *aarch64 = target_to_aarch64(target);
1234
1235 if ((breakpoint->type == BKPT_HARD) && (aarch64->brp_num_available < 1)) {
1236 LOG_INFO("no hardware breakpoint available");
1237 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1238 }
1239
1240 if (breakpoint->type == BKPT_HARD)
1241 aarch64->brp_num_available--;
1242
1243 return aarch64_set_breakpoint(target, breakpoint, 0x00); /* Exact match */
1244 }
1245
1246 static int aarch64_add_context_breakpoint(struct target *target,
1247 struct breakpoint *breakpoint)
1248 {
1249 struct aarch64_common *aarch64 = target_to_aarch64(target);
1250
1251 if ((breakpoint->type == BKPT_HARD) && (aarch64->brp_num_available < 1)) {
1252 LOG_INFO("no hardware breakpoint available");
1253 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1254 }
1255
1256 if (breakpoint->type == BKPT_HARD)
1257 aarch64->brp_num_available--;
1258
1259 return aarch64_set_context_breakpoint(target, breakpoint, 0x02); /* asid match */
1260 }
1261
1262 static int aarch64_add_hybrid_breakpoint(struct target *target,
1263 struct breakpoint *breakpoint)
1264 {
1265 struct aarch64_common *aarch64 = target_to_aarch64(target);
1266
1267 if ((breakpoint->type == BKPT_HARD) && (aarch64->brp_num_available < 1)) {
1268 LOG_INFO("no hardware breakpoint available");
1269 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1270 }
1271
1272 if (breakpoint->type == BKPT_HARD)
1273 aarch64->brp_num_available--;
1274
1275 return aarch64_set_hybrid_breakpoint(target, breakpoint); /* ??? */
1276 }
1277
1278
1279 static int aarch64_remove_breakpoint(struct target *target, struct breakpoint *breakpoint)
1280 {
1281 struct aarch64_common *aarch64 = target_to_aarch64(target);
1282
1283 #if 0
1284 /* It is perfectly possible to remove breakpoints while the target is running */
1285 if (target->state != TARGET_HALTED) {
1286 LOG_WARNING("target not halted");
1287 return ERROR_TARGET_NOT_HALTED;
1288 }
1289 #endif
1290
1291 if (breakpoint->set) {
1292 aarch64_unset_breakpoint(target, breakpoint);
1293 if (breakpoint->type == BKPT_HARD)
1294 aarch64->brp_num_available++;
1295 }
1296
1297 return ERROR_OK;
1298 }
1299
1300 /*
1301 * Cortex-A8 Reset functions
1302 */
1303
1304 static int aarch64_assert_reset(struct target *target)
1305 {
1306 struct armv8_common *armv8 = target_to_armv8(target);
1307
1308 LOG_DEBUG(" ");
1309
1310 /* FIXME when halt is requested, make it work somehow... */
1311
1312 /* Issue some kind of warm reset. */
1313 if (target_has_event_action(target, TARGET_EVENT_RESET_ASSERT))
1314 target_handle_event(target, TARGET_EVENT_RESET_ASSERT);
1315 else if (jtag_get_reset_config() & RESET_HAS_SRST) {
1316 /* REVISIT handle "pulls" cases, if there's
1317 * hardware that needs them to work.
1318 */
1319 jtag_add_reset(0, 1);
1320 } else {
1321 LOG_ERROR("%s: how to reset?", target_name(target));
1322 return ERROR_FAIL;
1323 }
1324
1325 /* registers are now invalid */
1326 register_cache_invalidate(armv8->arm.core_cache);
1327
1328 target->state = TARGET_RESET;
1329
1330 return ERROR_OK;
1331 }
1332
1333 static int aarch64_deassert_reset(struct target *target)
1334 {
1335 int retval;
1336
1337 LOG_DEBUG(" ");
1338
1339 /* be certain SRST is off */
1340 jtag_add_reset(0, 0);
1341
1342 retval = aarch64_poll(target);
1343 if (retval != ERROR_OK)
1344 return retval;
1345
1346 if (target->reset_halt) {
1347 if (target->state != TARGET_HALTED) {
1348 LOG_WARNING("%s: ran after reset and before halt ...",
1349 target_name(target));
1350 retval = target_halt(target);
1351 if (retval != ERROR_OK)
1352 return retval;
1353 }
1354 }
1355
1356 return ERROR_OK;
1357 }
1358
1359 static int aarch64_write_apb_ap_memory(struct target *target,
1360 uint64_t address, uint32_t size,
1361 uint32_t count, const uint8_t *buffer)
1362 {
1363 /* write memory through APB-AP */
1364 int retval = ERROR_COMMAND_SYNTAX_ERROR;
1365 struct armv8_common *armv8 = target_to_armv8(target);
1366 struct arm_dpm *dpm = &armv8->dpm;
1367 struct arm *arm = &armv8->arm;
1368 int total_bytes = count * size;
1369 int total_u32;
1370 int start_byte = address & 0x3;
1371 int end_byte = (address + total_bytes) & 0x3;
1372 struct reg *reg;
1373 uint32_t dscr;
1374 uint8_t *tmp_buff = NULL;
1375
1376 LOG_DEBUG("Writing APB-AP memory address 0x%" PRIx64 " size %" PRIu32 " count%" PRIu32,
1377 address, size, count);
1378 if (target->state != TARGET_HALTED) {
1379 LOG_WARNING("target not halted");
1380 return ERROR_TARGET_NOT_HALTED;
1381 }
1382
1383 total_u32 = DIV_ROUND_UP((address & 3) + total_bytes, 4);
1384
1385 /* Mark register R0 as dirty, as it will be used
1386 * for transferring the data.
1387 * It will be restored automatically when exiting
1388 * debug mode
1389 */
1390 reg = armv8_reg_current(arm, 1);
1391 reg->dirty = true;
1392
1393 reg = armv8_reg_current(arm, 0);
1394 reg->dirty = true;
1395
1396 /* clear any abort */
1397 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1398 armv8->debug_base + CPUV8_DBG_DRCR, DRCR_CSE);
1399 if (retval != ERROR_OK)
1400 return retval;
1401
1402
1403 /* This algorithm comes from DDI0487A.g, chapter J9.1 */
1404
1405 /* The algorithm only copies 32 bit words, so the buffer
1406 * should be expanded to include the words at either end.
1407 * The first and last words will be read first to avoid
1408 * corruption if needed.
1409 */
1410 tmp_buff = malloc(total_u32 * 4);
1411
1412 if ((start_byte != 0) && (total_u32 > 1)) {
1413 /* First bytes not aligned - read the 32 bit word to avoid corrupting
1414 * the other bytes in the word.
1415 */
1416 retval = aarch64_read_apb_ap_memory(target, (address & ~0x3), 4, 1, tmp_buff);
1417 if (retval != ERROR_OK)
1418 goto error_free_buff_w;
1419 }
1420
1421 /* If end of write is not aligned, or the write is less than 4 bytes */
1422 if ((end_byte != 0) ||
1423 ((total_u32 == 1) && (total_bytes != 4))) {
1424
1425 /* Read the last word to avoid corruption during 32 bit write */
1426 int mem_offset = (total_u32-1) * 4;
1427 retval = aarch64_read_apb_ap_memory(target, (address & ~0x3) + mem_offset, 4, 1, &tmp_buff[mem_offset]);
1428 if (retval != ERROR_OK)
1429 goto error_free_buff_w;
1430 }
1431
1432 /* Copy the write buffer over the top of the temporary buffer */
1433 memcpy(&tmp_buff[start_byte], buffer, total_bytes);
1434
1435 /* We now have a 32 bit aligned buffer that can be written */
1436
1437 /* Read DSCR */
1438 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1439 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1440 if (retval != ERROR_OK)
1441 goto error_free_buff_w;
1442
1443 /* Set Normal access mode */
1444 dscr = (dscr & ~DSCR_MA);
1445 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1446 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1447
1448 if (arm->core_state == ARM_STATE_AARCH64) {
1449 /* Write X0 with value 'address' using write procedure */
1450 /* Step 1.a+b - Write the address for read access into DBGDTR_EL0 */
1451 /* Step 1.c - Copy value from DTR to R0 using instruction mrs DBGDTR_EL0, x0 */
1452 retval = dpm->instr_write_data_dcc_64(dpm,
1453 ARMV8_MRS(SYSTEM_DBG_DBGDTR_EL0, 0), address & ~0x3ULL);
1454 } else {
1455 /* Write R0 with value 'address' using write procedure */
1456 /* Step 1.a+b - Write the address for read access into DBGDTRRX */
1457 /* Step 1.c - Copy value from DTR to R0 using instruction mrc DBGDTRTXint, r0 */
1458 dpm->instr_write_data_dcc(dpm,
1459 ARMV4_5_MRC(14, 0, 0, 0, 5, 0), address & ~0x3ULL);
1460
1461 }
1462 /* Step 1.d - Change DCC to memory mode */
1463 dscr = dscr | DSCR_MA;
1464 retval += mem_ap_write_atomic_u32(armv8->debug_ap,
1465 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1466 if (retval != ERROR_OK)
1467 goto error_unset_dtr_w;
1468
1469
1470 /* Step 2.a - Do the write */
1471 retval = mem_ap_write_buf_noincr(armv8->debug_ap,
1472 tmp_buff, 4, total_u32, armv8->debug_base + CPUV8_DBG_DTRRX);
1473 if (retval != ERROR_OK)
1474 goto error_unset_dtr_w;
1475
1476 /* Step 3.a - Switch DTR mode back to Normal mode */
1477 dscr = (dscr & ~DSCR_MA);
1478 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1479 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1480 if (retval != ERROR_OK)
1481 goto error_unset_dtr_w;
1482
1483 /* Check for sticky abort flags in the DSCR */
1484 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1485 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1486 if (retval != ERROR_OK)
1487 goto error_free_buff_w;
1488
1489 dpm->dscr = dscr;
1490 if (dscr & (DSCR_ERR | DSCR_SYS_ERROR_PEND)) {
1491 /* Abort occurred - clear it and exit */
1492 LOG_ERROR("abort occurred - dscr = 0x%08" PRIx32, dscr);
1493 mem_ap_write_atomic_u32(armv8->debug_ap,
1494 armv8->debug_base + CPUV8_DBG_DRCR, 1<<2);
1495 armv8_dpm_handle_exception(dpm);
1496 goto error_free_buff_w;
1497 }
1498
1499 /* Done */
1500 free(tmp_buff);
1501 return ERROR_OK;
1502
1503 error_unset_dtr_w:
1504 /* Unset DTR mode */
1505 mem_ap_read_atomic_u32(armv8->debug_ap,
1506 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1507 dscr = (dscr & ~DSCR_MA);
1508 mem_ap_write_atomic_u32(armv8->debug_ap,
1509 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1510 error_free_buff_w:
1511 LOG_ERROR("error");
1512 free(tmp_buff);
1513 return ERROR_FAIL;
1514 }
1515
1516 static int aarch64_read_apb_ap_memory(struct target *target,
1517 target_addr_t address, uint32_t size,
1518 uint32_t count, uint8_t *buffer)
1519 {
1520 /* read memory through APB-AP */
1521 int retval = ERROR_COMMAND_SYNTAX_ERROR;
1522 struct armv8_common *armv8 = target_to_armv8(target);
1523 struct arm_dpm *dpm = &armv8->dpm;
1524 struct arm *arm = &armv8->arm;
1525 int total_bytes = count * size;
1526 int total_u32;
1527 int start_byte = address & 0x3;
1528 int end_byte = (address + total_bytes) & 0x3;
1529 struct reg *reg;
1530 uint32_t dscr;
1531 uint8_t *tmp_buff = NULL;
1532 uint8_t *u8buf_ptr;
1533 uint32_t value;
1534
1535 LOG_DEBUG("Reading APB-AP memory address 0x%" TARGET_PRIxADDR " size %" PRIu32 " count%" PRIu32,
1536 address, size, count);
1537 if (target->state != TARGET_HALTED) {
1538 LOG_WARNING("target not halted");
1539 return ERROR_TARGET_NOT_HALTED;
1540 }
1541
1542 total_u32 = DIV_ROUND_UP((address & 3) + total_bytes, 4);
1543 /* Mark register X0, X1 as dirty, as it will be used
1544 * for transferring the data.
1545 * It will be restored automatically when exiting
1546 * debug mode
1547 */
1548 reg = armv8_reg_current(arm, 1);
1549 reg->dirty = true;
1550
1551 reg = armv8_reg_current(arm, 0);
1552 reg->dirty = true;
1553
1554 /* clear any abort */
1555 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1556 armv8->debug_base + CPUV8_DBG_DRCR, DRCR_CSE);
1557 if (retval != ERROR_OK)
1558 goto error_free_buff_r;
1559
1560 /* Read DSCR */
1561 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1562 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1563
1564 /* This algorithm comes from DDI0487A.g, chapter J9.1 */
1565
1566 /* Set Normal access mode */
1567 dscr = (dscr & ~DSCR_MA);
1568 retval += mem_ap_write_atomic_u32(armv8->debug_ap,
1569 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1570
1571 if (arm->core_state == ARM_STATE_AARCH64) {
1572 /* Write X0 with value 'address' using write procedure */
1573 /* Step 1.a+b - Write the address for read access into DBGDTR_EL0 */
1574 /* Step 1.c - Copy value from DTR to R0 using instruction mrs DBGDTR_EL0, x0 */
1575 retval += dpm->instr_write_data_dcc_64(dpm,
1576 ARMV8_MRS(SYSTEM_DBG_DBGDTR_EL0, 0), address & ~0x3ULL);
1577 /* Step 1.d - Dummy operation to ensure EDSCR.Txfull == 1 */
1578 retval += dpm->instr_execute(dpm, ARMV8_MSR_GP(SYSTEM_DBG_DBGDTR_EL0, 0));
1579 /* Step 1.e - Change DCC to memory mode */
1580 dscr = dscr | DSCR_MA;
1581 retval += mem_ap_write_atomic_u32(armv8->debug_ap,
1582 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1583 /* Step 1.f - read DBGDTRTX and discard the value */
1584 retval += mem_ap_read_atomic_u32(armv8->debug_ap,
1585 armv8->debug_base + CPUV8_DBG_DTRTX, &value);
1586 } else {
1587 /* Write R0 with value 'address' using write procedure */
1588 /* Step 1.a+b - Write the address for read access into DBGDTRRXint */
1589 /* Step 1.c - Copy value from DTR to R0 using instruction mrc DBGDTRTXint, r0 */
1590 retval += dpm->instr_write_data_dcc(dpm,
1591 ARMV4_5_MRC(14, 0, 0, 0, 5, 0), address & ~0x3ULL);
1592 /* Step 1.d - Dummy operation to ensure EDSCR.Txfull == 1 */
1593 retval += dpm->instr_execute(dpm, ARMV4_5_MCR(14, 0, 0, 0, 5, 0));
1594 /* Step 1.e - Change DCC to memory mode */
1595 dscr = dscr | DSCR_MA;
1596 retval += mem_ap_write_atomic_u32(armv8->debug_ap,
1597 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1598 /* Step 1.f - read DBGDTRTX and discard the value */
1599 retval += mem_ap_read_atomic_u32(armv8->debug_ap,
1600 armv8->debug_base + CPUV8_DBG_DTRTX, &value);
1601
1602 }
1603 if (retval != ERROR_OK)
1604 goto error_unset_dtr_r;
1605
1606 /* Optimize the read as much as we can, either way we read in a single pass */
1607 if ((start_byte) || (end_byte)) {
1608 /* The algorithm only copies 32 bit words, so the buffer
1609 * should be expanded to include the words at either end.
1610 * The first and last words will be read into a temp buffer
1611 * to avoid corruption
1612 */
1613 tmp_buff = malloc(total_u32 * 4);
1614 if (!tmp_buff)
1615 goto error_unset_dtr_r;
1616
1617 /* use the tmp buffer to read the entire data */
1618 u8buf_ptr = tmp_buff;
1619 } else
1620 /* address and read length are aligned so read directly into the passed buffer */
1621 u8buf_ptr = buffer;
1622
1623 /* Read the data - Each read of the DTRTX register causes the instruction to be reissued
1624 * Abort flags are sticky, so can be read at end of transactions
1625 *
1626 * This data is read in aligned to 32 bit boundary.
1627 */
1628
1629 /* Step 2.a - Loop n-1 times, each read of DBGDTRTX reads the data from [X0] and
1630 * increments X0 by 4. */
1631 retval = mem_ap_read_buf_noincr(armv8->debug_ap, u8buf_ptr, 4, total_u32-1,
1632 armv8->debug_base + CPUV8_DBG_DTRTX);
1633 if (retval != ERROR_OK)
1634 goto error_unset_dtr_r;
1635
1636 /* Step 3.a - set DTR access mode back to Normal mode */
1637 dscr = (dscr & ~DSCR_MA);
1638 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1639 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1640 if (retval != ERROR_OK)
1641 goto error_free_buff_r;
1642
1643 /* Step 3.b - read DBGDTRTX for the final value */
1644 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1645 armv8->debug_base + CPUV8_DBG_DTRTX, &value);
1646 memcpy(u8buf_ptr + (total_u32-1) * 4, &value, 4);
1647
1648 /* Check for sticky abort flags in the DSCR */
1649 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1650 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1651 if (retval != ERROR_OK)
1652 goto error_free_buff_r;
1653
1654 dpm->dscr = dscr;
1655
1656 if (dscr & (DSCR_ERR | DSCR_SYS_ERROR_PEND)) {
1657 /* Abort occurred - clear it and exit */
1658 LOG_ERROR("abort occurred - dscr = 0x%08" PRIx32, dscr);
1659 mem_ap_write_atomic_u32(armv8->debug_ap,
1660 armv8->debug_base + CPUV8_DBG_DRCR, DRCR_CSE);
1661 armv8_dpm_handle_exception(dpm);
1662 goto error_free_buff_r;
1663 }
1664
1665 /* check if we need to copy aligned data by applying any shift necessary */
1666 if (tmp_buff) {
1667 memcpy(buffer, tmp_buff + start_byte, total_bytes);
1668 free(tmp_buff);
1669 }
1670
1671 /* Done */
1672 return ERROR_OK;
1673
1674 error_unset_dtr_r:
1675 /* Unset DTR mode */
1676 mem_ap_read_atomic_u32(armv8->debug_ap,
1677 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1678 dscr = (dscr & ~DSCR_MA);
1679 mem_ap_write_atomic_u32(armv8->debug_ap,
1680 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1681 error_free_buff_r:
1682 LOG_ERROR("error");
1683 free(tmp_buff);
1684 return ERROR_FAIL;
1685 }
1686
1687 static int aarch64_read_phys_memory(struct target *target,
1688 target_addr_t address, uint32_t size,
1689 uint32_t count, uint8_t *buffer)
1690 {
1691 int retval = ERROR_COMMAND_SYNTAX_ERROR;
1692 LOG_DEBUG("Reading memory at real address 0x%" TARGET_PRIxADDR "; size %" PRId32 "; count %" PRId32,
1693 address, size, count);
1694
1695 if (count && buffer) {
1696 /* read memory through APB-AP */
1697 retval = aarch64_mmu_modify(target, 0);
1698 if (retval != ERROR_OK)
1699 return retval;
1700 retval = aarch64_read_apb_ap_memory(target, address, size, count, buffer);
1701 }
1702 return retval;
1703 }
1704
1705 static int aarch64_read_memory(struct target *target, target_addr_t address,
1706 uint32_t size, uint32_t count, uint8_t *buffer)
1707 {
1708 int mmu_enabled = 0;
1709 int retval;
1710
1711 /* aarch64 handles unaligned memory access */
1712 LOG_DEBUG("Reading memory at address 0x%" TARGET_PRIxADDR "; size %" PRId32 "; count %" PRId32, address,
1713 size, count);
1714
1715 /* determine if MMU was enabled on target stop */
1716 retval = aarch64_mmu(target, &mmu_enabled);
1717 if (retval != ERROR_OK)
1718 return retval;
1719
1720 if (mmu_enabled) {
1721 retval = aarch64_check_address(target, address);
1722 if (retval != ERROR_OK)
1723 return retval;
1724 /* enable MMU as we could have disabled it for phys access */
1725 retval = aarch64_mmu_modify(target, 1);
1726 if (retval != ERROR_OK)
1727 return retval;
1728 }
1729 return aarch64_read_apb_ap_memory(target, address, size, count, buffer);
1730 }
1731
1732 static int aarch64_write_phys_memory(struct target *target,
1733 target_addr_t address, uint32_t size,
1734 uint32_t count, const uint8_t *buffer)
1735 {
1736 int retval = ERROR_COMMAND_SYNTAX_ERROR;
1737
1738 LOG_DEBUG("Writing memory to real address 0x%" TARGET_PRIxADDR "; size %" PRId32 "; count %" PRId32, address,
1739 size, count);
1740
1741 if (count && buffer) {
1742 /* write memory through APB-AP */
1743 retval = aarch64_mmu_modify(target, 0);
1744 if (retval != ERROR_OK)
1745 return retval;
1746 return aarch64_write_apb_ap_memory(target, address, size, count, buffer);
1747 }
1748
1749 return retval;
1750 }
1751
1752 static int aarch64_write_memory(struct target *target, target_addr_t address,
1753 uint32_t size, uint32_t count, const uint8_t *buffer)
1754 {
1755 int mmu_enabled = 0;
1756 int retval;
1757
1758 /* aarch64 handles unaligned memory access */
1759 LOG_DEBUG("Writing memory at address 0x%" TARGET_PRIxADDR "; size %" PRId32
1760 "; count %" PRId32, address, size, count);
1761
1762 /* determine if MMU was enabled on target stop */
1763 retval = aarch64_mmu(target, &mmu_enabled);
1764 if (retval != ERROR_OK)
1765 return retval;
1766
1767 if (mmu_enabled) {
1768 retval = aarch64_check_address(target, address);
1769 if (retval != ERROR_OK)
1770 return retval;
1771 /* enable MMU as we could have disabled it for phys access */
1772 retval = aarch64_mmu_modify(target, 1);
1773 if (retval != ERROR_OK)
1774 return retval;
1775 }
1776 return aarch64_write_apb_ap_memory(target, address, size, count, buffer);
1777 }
1778
1779 static int aarch64_handle_target_request(void *priv)
1780 {
1781 struct target *target = priv;
1782 struct armv8_common *armv8 = target_to_armv8(target);
1783 int retval;
1784
1785 if (!target_was_examined(target))
1786 return ERROR_OK;
1787 if (!target->dbg_msg_enabled)
1788 return ERROR_OK;
1789
1790 if (target->state == TARGET_RUNNING) {
1791 uint32_t request;
1792 uint32_t dscr;
1793 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1794 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1795
1796 /* check if we have data */
1797 while ((dscr & DSCR_DTR_TX_FULL) && (retval == ERROR_OK)) {
1798 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1799 armv8->debug_base + CPUV8_DBG_DTRTX, &request);
1800 if (retval == ERROR_OK) {
1801 target_request(target, request);
1802 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1803 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1804 }
1805 }
1806 }
1807
1808 return ERROR_OK;
1809 }
1810
1811 static int aarch64_examine_first(struct target *target)
1812 {
1813 struct aarch64_common *aarch64 = target_to_aarch64(target);
1814 struct armv8_common *armv8 = &aarch64->armv8_common;
1815 struct adiv5_dap *swjdp = armv8->arm.dap;
1816 int i;
1817 int retval = ERROR_OK;
1818 uint64_t debug, ttypr;
1819 uint32_t cpuid;
1820 uint32_t tmp0, tmp1;
1821 debug = ttypr = cpuid = 0;
1822
1823 /* We do one extra read to ensure DAP is configured,
1824 * we call ahbap_debugport_init(swjdp) instead
1825 */
1826 retval = dap_dp_init(swjdp);
1827 if (retval != ERROR_OK)
1828 return retval;
1829
1830 /* Search for the APB-AB - it is needed for access to debug registers */
1831 retval = dap_find_ap(swjdp, AP_TYPE_APB_AP, &armv8->debug_ap);
1832 if (retval != ERROR_OK) {
1833 LOG_ERROR("Could not find APB-AP for debug access");
1834 return retval;
1835 }
1836
1837 retval = mem_ap_init(armv8->debug_ap);
1838 if (retval != ERROR_OK) {
1839 LOG_ERROR("Could not initialize the APB-AP");
1840 return retval;
1841 }
1842
1843 armv8->debug_ap->memaccess_tck = 80;
1844
1845 if (!target->dbgbase_set) {
1846 uint32_t dbgbase;
1847 /* Get ROM Table base */
1848 uint32_t apid;
1849 int32_t coreidx = target->coreid;
1850 retval = dap_get_debugbase(armv8->debug_ap, &dbgbase, &apid);
1851 if (retval != ERROR_OK)
1852 return retval;
1853 /* Lookup 0x15 -- Processor DAP */
1854 retval = dap_lookup_cs_component(armv8->debug_ap, dbgbase, 0x15,
1855 &armv8->debug_base, &coreidx);
1856 if (retval != ERROR_OK)
1857 return retval;
1858 LOG_DEBUG("Detected core %" PRId32 " dbgbase: %08" PRIx32
1859 " apid: %08" PRIx32, coreidx, armv8->debug_base, apid);
1860 } else
1861 armv8->debug_base = target->dbgbase;
1862
1863 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1864 armv8->debug_base + CPUV8_DBG_LOCKACCESS, 0xC5ACCE55);
1865 if (retval != ERROR_OK) {
1866 LOG_DEBUG("LOCK debug access fail");
1867 return retval;
1868 }
1869
1870 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1871 armv8->debug_base + CPUV8_DBG_OSLAR, 0);
1872 if (retval != ERROR_OK) {
1873 LOG_DEBUG("Examine %s failed", "oslock");
1874 return retval;
1875 }
1876
1877 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1878 armv8->debug_base + CPUV8_DBG_MAINID0, &cpuid);
1879 if (retval != ERROR_OK) {
1880 LOG_DEBUG("Examine %s failed", "CPUID");
1881 return retval;
1882 }
1883
1884 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1885 armv8->debug_base + CPUV8_DBG_MEMFEATURE0, &tmp0);
1886 retval += mem_ap_read_atomic_u32(armv8->debug_ap,
1887 armv8->debug_base + CPUV8_DBG_MEMFEATURE0 + 4, &tmp1);
1888 if (retval != ERROR_OK) {
1889 LOG_DEBUG("Examine %s failed", "Memory Model Type");
1890 return retval;
1891 }
1892 ttypr |= tmp1;
1893 ttypr = (ttypr << 32) | tmp0;
1894
1895 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1896 armv8->debug_base + CPUV8_DBG_DBGFEATURE0, &tmp0);
1897 retval += mem_ap_read_atomic_u32(armv8->debug_ap,
1898 armv8->debug_base + CPUV8_DBG_DBGFEATURE0 + 4, &tmp1);
1899 if (retval != ERROR_OK) {
1900 LOG_DEBUG("Examine %s failed", "ID_AA64DFR0_EL1");
1901 return retval;
1902 }
1903 debug |= tmp1;
1904 debug = (debug << 32) | tmp0;
1905
1906 LOG_DEBUG("cpuid = 0x%08" PRIx32, cpuid);
1907 LOG_DEBUG("ttypr = 0x%08" PRIx64, ttypr);
1908 LOG_DEBUG("debug = 0x%08" PRIx64, debug);
1909
1910 if (target->ctibase == 0) {
1911 /* assume a v8 rom table layout */
1912 armv8->cti_base = target->ctibase = armv8->debug_base + 0x10000;
1913 LOG_INFO("Target ctibase is not set, assuming 0x%0" PRIx32, target->ctibase);
1914 } else
1915 armv8->cti_base = target->ctibase;
1916
1917 armv8->arm.core_type = ARM_MODE_MON;
1918 retval = aarch64_dpm_setup(aarch64, debug);
1919 if (retval != ERROR_OK)
1920 return retval;
1921
1922 /* Setup Breakpoint Register Pairs */
1923 aarch64->brp_num = (uint32_t)((debug >> 12) & 0x0F) + 1;
1924 aarch64->brp_num_context = (uint32_t)((debug >> 28) & 0x0F) + 1;
1925 aarch64->brp_num_available = aarch64->brp_num;
1926 aarch64->brp_list = calloc(aarch64->brp_num, sizeof(struct aarch64_brp));
1927 for (i = 0; i < aarch64->brp_num; i++) {
1928 aarch64->brp_list[i].used = 0;
1929 if (i < (aarch64->brp_num-aarch64->brp_num_context))
1930 aarch64->brp_list[i].type = BRP_NORMAL;
1931 else
1932 aarch64->brp_list[i].type = BRP_CONTEXT;
1933 aarch64->brp_list[i].value = 0;
1934 aarch64->brp_list[i].control = 0;
1935 aarch64->brp_list[i].BRPn = i;
1936 }
1937
1938 LOG_DEBUG("Configured %i hw breakpoints", aarch64->brp_num);
1939
1940 target_set_examined(target);
1941 return ERROR_OK;
1942 }
1943
1944 static int aarch64_examine(struct target *target)
1945 {
1946 int retval = ERROR_OK;
1947
1948 /* don't re-probe hardware after each reset */
1949 if (!target_was_examined(target))
1950 retval = aarch64_examine_first(target);
1951
1952 /* Configure core debug access */
1953 if (retval == ERROR_OK)
1954 retval = aarch64_init_debug_access(target);
1955
1956 return retval;
1957 }
1958
1959 /*
1960 * Cortex-A8 target creation and initialization
1961 */
1962
1963 static int aarch64_init_target(struct command_context *cmd_ctx,
1964 struct target *target)
1965 {
1966 /* examine_first() does a bunch of this */
1967 return ERROR_OK;
1968 }
1969
1970 static int aarch64_init_arch_info(struct target *target,
1971 struct aarch64_common *aarch64, struct jtag_tap *tap)
1972 {
1973 struct armv8_common *armv8 = &aarch64->armv8_common;
1974 struct adiv5_dap *dap = armv8->arm.dap;
1975
1976 armv8->arm.dap = dap;
1977
1978 /* Setup struct aarch64_common */
1979 aarch64->common_magic = AARCH64_COMMON_MAGIC;
1980 /* tap has no dap initialized */
1981 if (!tap->dap) {
1982 tap->dap = dap_init();
1983
1984 /* Leave (only) generic DAP stuff for debugport_init() */
1985 tap->dap->tap = tap;
1986 }
1987
1988 armv8->arm.dap = tap->dap;
1989
1990 aarch64->fast_reg_read = 0;
1991
1992 /* register arch-specific functions */
1993 armv8->examine_debug_reason = NULL;
1994
1995 armv8->post_debug_entry = aarch64_post_debug_entry;
1996
1997 armv8->pre_restore_context = NULL;
1998
1999 armv8->armv8_mmu.read_physical_memory = aarch64_read_phys_memory;
2000
2001 /* REVISIT v7a setup should be in a v7a-specific routine */
2002 armv8_init_arch_info(target, armv8);
2003 target_register_timer_callback(aarch64_handle_target_request, 1, 1, target);
2004
2005 return ERROR_OK;
2006 }
2007
2008 static int aarch64_target_create(struct target *target, Jim_Interp *interp)
2009 {
2010 struct aarch64_common *aarch64 = calloc(1, sizeof(struct aarch64_common));
2011
2012 return aarch64_init_arch_info(target, aarch64, target->tap);
2013 }
2014
2015 static int aarch64_mmu(struct target *target, int *enabled)
2016 {
2017 if (target->state != TARGET_HALTED) {
2018 LOG_ERROR("%s: target not halted", __func__);
2019 return ERROR_TARGET_INVALID;
2020 }
2021
2022 *enabled = target_to_aarch64(target)->armv8_common.armv8_mmu.mmu_enabled;
2023 return ERROR_OK;
2024 }
2025
2026 static int aarch64_virt2phys(struct target *target, target_addr_t virt,
2027 target_addr_t *phys)
2028 {
2029 return armv8_mmu_translate_va_pa(target, virt, phys, 1);
2030 }
2031
2032 COMMAND_HANDLER(aarch64_handle_cache_info_command)
2033 {
2034 struct target *target = get_current_target(CMD_CTX);
2035 struct armv8_common *armv8 = target_to_armv8(target);
2036
2037 return armv8_handle_cache_info_command(CMD_CTX,
2038 &armv8->armv8_mmu.armv8_cache);
2039 }
2040
2041
2042 COMMAND_HANDLER(aarch64_handle_dbginit_command)
2043 {
2044 struct target *target = get_current_target(CMD_CTX);
2045 if (!target_was_examined(target)) {
2046 LOG_ERROR("target not examined yet");
2047 return ERROR_FAIL;
2048 }
2049
2050 return aarch64_init_debug_access(target);
2051 }
2052 COMMAND_HANDLER(aarch64_handle_smp_off_command)
2053 {
2054 struct target *target = get_current_target(CMD_CTX);
2055 /* check target is an smp target */
2056 struct target_list *head;
2057 struct target *curr;
2058 head = target->head;
2059 target->smp = 0;
2060 if (head != (struct target_list *)NULL) {
2061 while (head != (struct target_list *)NULL) {
2062 curr = head->target;
2063 curr->smp = 0;
2064 head = head->next;
2065 }
2066 /* fixes the target display to the debugger */
2067 target->gdb_service->target = target;
2068 }
2069 return ERROR_OK;
2070 }
2071
2072 COMMAND_HANDLER(aarch64_handle_smp_on_command)
2073 {
2074 struct target *target = get_current_target(CMD_CTX);
2075 struct target_list *head;
2076 struct target *curr;
2077 head = target->head;
2078 if (head != (struct target_list *)NULL) {
2079 target->smp = 1;
2080 while (head != (struct target_list *)NULL) {
2081 curr = head->target;
2082 curr->smp = 1;
2083 head = head->next;
2084 }
2085 }
2086 return ERROR_OK;
2087 }
2088
2089 COMMAND_HANDLER(aarch64_handle_smp_gdb_command)
2090 {
2091 struct target *target = get_current_target(CMD_CTX);
2092 int retval = ERROR_OK;
2093 struct target_list *head;
2094 head = target->head;
2095 if (head != (struct target_list *)NULL) {
2096 if (CMD_ARGC == 1) {
2097 int coreid = 0;
2098 COMMAND_PARSE_NUMBER(int, CMD_ARGV[0], coreid);
2099 if (ERROR_OK != retval)
2100 return retval;
2101 target->gdb_service->core[1] = coreid;
2102
2103 }
2104 command_print(CMD_CTX, "gdb coreid %" PRId32 " -> %" PRId32, target->gdb_service->core[0]
2105 , target->gdb_service->core[1]);
2106 }
2107 return ERROR_OK;
2108 }
2109
2110 static const struct command_registration aarch64_exec_command_handlers[] = {
2111 {
2112 .name = "cache_info",
2113 .handler = aarch64_handle_cache_info_command,
2114 .mode = COMMAND_EXEC,
2115 .help = "display information about target caches",
2116 .usage = "",
2117 },
2118 {
2119 .name = "dbginit",
2120 .handler = aarch64_handle_dbginit_command,
2121 .mode = COMMAND_EXEC,
2122 .help = "Initialize core debug",
2123 .usage = "",
2124 },
2125 { .name = "smp_off",
2126 .handler = aarch64_handle_smp_off_command,
2127 .mode = COMMAND_EXEC,
2128 .help = "Stop smp handling",
2129 .usage = "",
2130 },
2131 {
2132 .name = "smp_on",
2133 .handler = aarch64_handle_smp_on_command,
2134 .mode = COMMAND_EXEC,
2135 .help = "Restart smp handling",
2136 .usage = "",
2137 },
2138 {
2139 .name = "smp_gdb",
2140 .handler = aarch64_handle_smp_gdb_command,
2141 .mode = COMMAND_EXEC,
2142 .help = "display/fix current core played to gdb",
2143 .usage = "",
2144 },
2145
2146
2147 COMMAND_REGISTRATION_DONE
2148 };
2149 static const struct command_registration aarch64_command_handlers[] = {
2150 {
2151 .chain = arm_command_handlers,
2152 },
2153 {
2154 .chain = armv8_command_handlers,
2155 },
2156 {
2157 .name = "cortex_a",
2158 .mode = COMMAND_ANY,
2159 .help = "Cortex-A command group",
2160 .usage = "",
2161 .chain = aarch64_exec_command_handlers,
2162 },
2163 COMMAND_REGISTRATION_DONE
2164 };
2165
2166 struct target_type aarch64_target = {
2167 .name = "aarch64",
2168
2169 .poll = aarch64_poll,
2170 .arch_state = armv8_arch_state,
2171
2172 .halt = aarch64_halt,
2173 .resume = aarch64_resume,
2174 .step = aarch64_step,
2175
2176 .assert_reset = aarch64_assert_reset,
2177 .deassert_reset = aarch64_deassert_reset,
2178
2179 /* REVISIT allow exporting VFP3 registers ... */
2180 .get_gdb_reg_list = armv8_get_gdb_reg_list,
2181
2182 .read_memory = aarch64_read_memory,
2183 .write_memory = aarch64_write_memory,
2184
2185 .checksum_memory = arm_checksum_memory,
2186 .blank_check_memory = arm_blank_check_memory,
2187
2188 .run_algorithm = armv4_5_run_algorithm,
2189
2190 .add_breakpoint = aarch64_add_breakpoint,
2191 .add_context_breakpoint = aarch64_add_context_breakpoint,
2192 .add_hybrid_breakpoint = aarch64_add_hybrid_breakpoint,
2193 .remove_breakpoint = aarch64_remove_breakpoint,
2194 .add_watchpoint = NULL,
2195 .remove_watchpoint = NULL,
2196
2197 .commands = aarch64_command_handlers,
2198 .target_create = aarch64_target_create,
2199 .init_target = aarch64_init_target,
2200 .examine = aarch64_examine,
2201
2202 .read_phys_memory = aarch64_read_phys_memory,
2203 .write_phys_memory = aarch64_write_phys_memory,
2204 .mmu = aarch64_mmu,
2205 .virt2phys = aarch64_virt2phys,
2206 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)