Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
duan ellis target tcl work in progress
[openocd.git] / src / target / arm920t.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
9 * *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
14 * *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
20 #ifdef HAVE_CONFIG_H
21 #include "config.h"
22 #endif
23
24 #include "arm920t.h"
25 #include "jtag.h"
26 #include "log.h"
27 #include "time_support.h"
28
29 #include <stdlib.h>
30 #include <string.h>
31
32 #if 0
33 #define _DEBUG_INSTRUCTION_EXECUTION_
34 #endif
35
36 /* cli handling */
37 int arm920t_register_commands(struct command_context_s *cmd_ctx);
38
39 int arm920t_handle_cp15_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
40 int arm920t_handle_cp15i_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
41 int arm920t_handle_virt2phys_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
42 int arm920t_handle_cache_info_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
43 int arm920t_handle_md_phys_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
44 int arm920t_handle_mw_phys_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
45
46 int arm920t_handle_read_cache_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
47 int arm920t_handle_read_mmu_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
48
49 /* forward declarations */
50 int arm920t_target_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc, struct target_s *target);
51 int arm920t_init_target(struct command_context_s *cmd_ctx, struct target_s *target);
52 int arm920t_quit(void);
53 int arm920t_arch_state(struct target_s *target);
54 int arm920t_read_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer);
55 int arm920t_write_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer);
56 int arm920t_soft_reset_halt(struct target_s *target);
57
58 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
59
60 target_type_t arm920t_target =
61 {
62 .name = "arm920t",
63
64 .poll = arm7_9_poll,
65 .arch_state = arm920t_arch_state,
66
67 .target_request_data = arm7_9_target_request_data,
68
69 .halt = arm7_9_halt,
70 .resume = arm7_9_resume,
71 .step = arm7_9_step,
72
73 .assert_reset = arm7_9_assert_reset,
74 .deassert_reset = arm7_9_deassert_reset,
75 .soft_reset_halt = arm920t_soft_reset_halt,
76
77 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
78
79 .read_memory = arm920t_read_memory,
80 .write_memory = arm920t_write_memory,
81 .bulk_write_memory = arm7_9_bulk_write_memory,
82 .checksum_memory = arm7_9_checksum_memory,
83 .blank_check_memory = arm7_9_blank_check_memory,
84
85 .run_algorithm = armv4_5_run_algorithm,
86
87 .add_breakpoint = arm7_9_add_breakpoint,
88 .remove_breakpoint = arm7_9_remove_breakpoint,
89 .add_watchpoint = arm7_9_add_watchpoint,
90 .remove_watchpoint = arm7_9_remove_watchpoint,
91
92 .register_commands = arm920t_register_commands,
93 .target_command = arm920t_target_command,
94 .init_target = arm920t_init_target,
95 .examine = arm9tdmi_examine,
96 .quit = arm920t_quit
97 };
98
99 int arm920t_read_cp15_physical(target_t *target, int reg_addr, u32 *value)
100 {
101 armv4_5_common_t *armv4_5 = target->arch_info;
102 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
103 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
104 scan_field_t fields[4];
105 u8 access_type_buf = 1;
106 u8 reg_addr_buf = reg_addr & 0x3f;
107 u8 nr_w_buf = 0;
108
109 jtag_add_end_state(TAP_RTI);
110 arm_jtag_scann(jtag_info, 0xf);
111 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
112
113 fields[0].device = jtag_info->chain_pos;
114 fields[0].num_bits = 1;
115 fields[0].out_value = &access_type_buf;
116 fields[0].out_mask = NULL;
117 fields[0].in_value = NULL;
118 fields[0].in_check_value = NULL;
119 fields[0].in_check_mask = NULL;
120 fields[0].in_handler = NULL;
121 fields[0].in_handler_priv = NULL;
122
123 fields[1].device = jtag_info->chain_pos;
124 fields[1].num_bits = 32;
125 fields[1].out_value = NULL;
126 fields[1].out_mask = NULL;
127 fields[1].in_value = NULL;
128 fields[1].in_check_value = NULL;
129 fields[1].in_check_mask = NULL;
130 fields[1].in_handler = NULL;
131 fields[1].in_handler_priv = NULL;
132
133 fields[2].device = jtag_info->chain_pos;
134 fields[2].num_bits = 6;
135 fields[2].out_value = &reg_addr_buf;
136 fields[2].out_mask = NULL;
137 fields[2].in_value = NULL;
138 fields[2].in_check_value = NULL;
139 fields[2].in_check_mask = NULL;
140 fields[2].in_handler = NULL;
141 fields[2].in_handler_priv = NULL;
142
143 fields[3].device = jtag_info->chain_pos;
144 fields[3].num_bits = 1;
145 fields[3].out_value = &nr_w_buf;
146 fields[3].out_mask = NULL;
147 fields[3].in_value = NULL;
148 fields[3].in_check_value = NULL;
149 fields[3].in_check_mask = NULL;
150 fields[3].in_handler = NULL;
151 fields[3].in_handler_priv = NULL;
152
153 jtag_add_dr_scan(4, fields, -1);
154
155 fields[1].in_handler_priv = value;
156 fields[1].in_handler = arm_jtag_buf_to_u32;
157
158 jtag_add_dr_scan(4, fields, -1);
159
160 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
161 jtag_execute_queue();
162 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
163 #endif
164
165 return ERROR_OK;
166 }
167
168 int arm920t_write_cp15_physical(target_t *target, int reg_addr, u32 value)
169 {
170 armv4_5_common_t *armv4_5 = target->arch_info;
171 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
172 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
173 scan_field_t fields[4];
174 u8 access_type_buf = 1;
175 u8 reg_addr_buf = reg_addr & 0x3f;
176 u8 nr_w_buf = 1;
177 u8 value_buf[4];
178
179 buf_set_u32(value_buf, 0, 32, value);
180
181 jtag_add_end_state(TAP_RTI);
182 arm_jtag_scann(jtag_info, 0xf);
183 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
184
185 fields[0].device = jtag_info->chain_pos;
186 fields[0].num_bits = 1;
187 fields[0].out_value = &access_type_buf;
188 fields[0].out_mask = NULL;
189 fields[0].in_value = NULL;
190 fields[0].in_check_value = NULL;
191 fields[0].in_check_mask = NULL;
192 fields[0].in_handler = NULL;
193 fields[0].in_handler_priv = NULL;
194
195 fields[1].device = jtag_info->chain_pos;
196 fields[1].num_bits = 32;
197 fields[1].out_value = value_buf;
198 fields[1].out_mask = NULL;
199 fields[1].in_value = NULL;
200 fields[1].in_check_value = NULL;
201 fields[1].in_check_mask = NULL;
202 fields[1].in_handler = NULL;
203 fields[1].in_handler_priv = NULL;
204
205 fields[2].device = jtag_info->chain_pos;
206 fields[2].num_bits = 6;
207 fields[2].out_value = &reg_addr_buf;
208 fields[2].out_mask = NULL;
209 fields[2].in_value = NULL;
210 fields[2].in_check_value = NULL;
211 fields[2].in_check_mask = NULL;
212 fields[2].in_handler = NULL;
213 fields[2].in_handler_priv = NULL;
214
215 fields[3].device = jtag_info->chain_pos;
216 fields[3].num_bits = 1;
217 fields[3].out_value = &nr_w_buf;
218 fields[3].out_mask = NULL;
219 fields[3].in_value = NULL;
220 fields[3].in_check_value = NULL;
221 fields[3].in_check_mask = NULL;
222 fields[3].in_handler = NULL;
223 fields[3].in_handler_priv = NULL;
224
225 jtag_add_dr_scan(4, fields, -1);
226
227 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
228 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
229 #endif
230
231 return ERROR_OK;
232 }
233
234 int arm920t_execute_cp15(target_t *target, u32 cp15_opcode, u32 arm_opcode)
235 {
236 armv4_5_common_t *armv4_5 = target->arch_info;
237 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
238 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
239 scan_field_t fields[4];
240 u8 access_type_buf = 0; /* interpreted access */
241 u8 reg_addr_buf = 0x0;
242 u8 nr_w_buf = 0;
243 u8 cp15_opcode_buf[4];
244
245 jtag_add_end_state(TAP_RTI);
246 arm_jtag_scann(jtag_info, 0xf);
247 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
248
249 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
250
251 fields[0].device = jtag_info->chain_pos;
252 fields[0].num_bits = 1;
253 fields[0].out_value = &access_type_buf;
254 fields[0].out_mask = NULL;
255 fields[0].in_value = NULL;
256 fields[0].in_check_value = NULL;
257 fields[0].in_check_mask = NULL;
258 fields[0].in_handler = NULL;
259 fields[0].in_handler_priv = NULL;
260
261 fields[1].device = jtag_info->chain_pos;
262 fields[1].num_bits = 32;
263 fields[1].out_value = cp15_opcode_buf;
264 fields[1].out_mask = NULL;
265 fields[1].in_value = NULL;
266 fields[1].in_check_value = NULL;
267 fields[1].in_check_mask = NULL;
268 fields[1].in_handler = NULL;
269 fields[1].in_handler_priv = NULL;
270
271 fields[2].device = jtag_info->chain_pos;
272 fields[2].num_bits = 6;
273 fields[2].out_value = &reg_addr_buf;
274 fields[2].out_mask = NULL;
275 fields[2].in_value = NULL;
276 fields[2].in_check_value = NULL;
277 fields[2].in_check_mask = NULL;
278 fields[2].in_handler = NULL;
279 fields[2].in_handler_priv = NULL;
280
281 fields[3].device = jtag_info->chain_pos;
282 fields[3].num_bits = 1;
283 fields[3].out_value = &nr_w_buf;
284 fields[3].out_mask = NULL;
285 fields[3].in_value = NULL;
286 fields[3].in_check_value = NULL;
287 fields[3].in_check_mask = NULL;
288 fields[3].in_handler = NULL;
289 fields[3].in_handler_priv = NULL;
290
291 jtag_add_dr_scan(4, fields, -1);
292
293 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
294 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
295 arm7_9_execute_sys_speed(target);
296
297 if (jtag_execute_queue() != ERROR_OK)
298 {
299 LOG_ERROR("failed executing JTAG queue, exiting");
300 exit(-1);
301 }
302
303 return ERROR_OK;
304 }
305
306 int arm920t_read_cp15_interpreted(target_t *target, u32 cp15_opcode, u32 address, u32 *value)
307 {
308 armv4_5_common_t *armv4_5 = target->arch_info;
309 u32* regs_p[1];
310 u32 regs[2];
311 u32 cp15c15 = 0x0;
312
313 /* load address into R1 */
314 regs[1] = address;
315 arm9tdmi_write_core_regs(target, 0x2, regs);
316
317 /* read-modify-write CP15 test state register
318 * to enable interpreted access mode */
319 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
320 jtag_execute_queue();
321 cp15c15 |= 1; /* set interpret mode */
322 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
323
324 /* execute CP15 instruction and ARM load (reading from coprocessor) */
325 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
326
327 /* disable interpreted access mode */
328 cp15c15 &= ~1U; /* clear interpret mode */
329 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
330
331 /* retrieve value from R0 */
332 regs_p[0] = value;
333 arm9tdmi_read_core_regs(target, 0x1, regs_p);
334 jtag_execute_queue();
335
336 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
337 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x", cp15_opcode, address, *value);
338 #endif
339
340 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
341 return ERROR_FAIL;
342
343 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
344 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
345
346 return ERROR_OK;
347 }
348
349 int arm920t_write_cp15_interpreted(target_t *target, u32 cp15_opcode, u32 value, u32 address)
350 {
351 u32 cp15c15 = 0x0;
352 armv4_5_common_t *armv4_5 = target->arch_info;
353 u32 regs[2];
354
355 /* load value, address into R0, R1 */
356 regs[0] = value;
357 regs[1] = address;
358 arm9tdmi_write_core_regs(target, 0x3, regs);
359
360 /* read-modify-write CP15 test state register
361 * to enable interpreted access mode */
362 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
363 jtag_execute_queue();
364 cp15c15 |= 1; /* set interpret mode */
365 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
366
367 /* execute CP15 instruction and ARM store (writing to coprocessor) */
368 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
369
370 /* disable interpreted access mode */
371 cp15c15 &= ~1U; /* set interpret mode */
372 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
373
374 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
375 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x", cp15_opcode, value, address);
376 #endif
377
378 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
379 return ERROR_FAIL;
380
381 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
382 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
383
384 return ERROR_OK;
385 }
386
387 u32 arm920t_get_ttb(target_t *target)
388 {
389 int retval;
390 u32 ttb = 0x0;
391
392 if ((retval = arm920t_read_cp15_interpreted(target, 0xeebf0f51, 0x0, &ttb)) != ERROR_OK)
393 return retval;
394
395 return ttb;
396 }
397
398 void arm920t_disable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
399 {
400 u32 cp15_control;
401
402 /* read cp15 control register */
403 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
404 jtag_execute_queue();
405
406 if (mmu)
407 cp15_control &= ~0x1U;
408
409 if (d_u_cache)
410 cp15_control &= ~0x4U;
411
412 if (i_cache)
413 cp15_control &= ~0x1000U;
414
415 arm920t_write_cp15_physical(target, 0x2, cp15_control);
416 }
417
418 void arm920t_enable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
419 {
420 u32 cp15_control;
421
422 /* read cp15 control register */
423 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
424 jtag_execute_queue();
425
426 if (mmu)
427 cp15_control |= 0x1U;
428
429 if (d_u_cache)
430 cp15_control |= 0x4U;
431
432 if (i_cache)
433 cp15_control |= 0x1000U;
434
435 arm920t_write_cp15_physical(target, 0x2, cp15_control);
436 }
437
438 void arm920t_post_debug_entry(target_t *target)
439 {
440 u32 cp15c15;
441 armv4_5_common_t *armv4_5 = target->arch_info;
442 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
443 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
444 arm920t_common_t *arm920t = arm9tdmi->arch_info;
445
446 /* examine cp15 control reg */
447 arm920t_read_cp15_physical(target, 0x2, &arm920t->cp15_control_reg);
448 jtag_execute_queue();
449 LOG_DEBUG("cp15_control_reg: %8.8x", arm920t->cp15_control_reg);
450
451 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1)
452 {
453 u32 cache_type_reg;
454 /* identify caches */
455 arm920t_read_cp15_physical(target, 0x1, &cache_type_reg);
456 jtag_execute_queue();
457 armv4_5_identify_cache(cache_type_reg, &arm920t->armv4_5_mmu.armv4_5_cache);
458 }
459
460 arm920t->armv4_5_mmu.mmu_enabled = (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
461 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
462 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
463
464 /* save i/d fault status and address register */
465 arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
466 arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
467 arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
468 arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
469
470 LOG_DEBUG("D FSR: 0x%8.8x, D FAR: 0x%8.8x, I FSR: 0x%8.8x, I FAR: 0x%8.8x",
471 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
472
473 if (arm920t->preserve_cache)
474 {
475 /* read-modify-write CP15 test state register
476 * to disable I/D-cache linefills */
477 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
478 jtag_execute_queue();
479 cp15c15 |= 0x600;
480 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
481 }
482 }
483
484 void arm920t_pre_restore_context(target_t *target)
485 {
486 u32 cp15c15;
487 armv4_5_common_t *armv4_5 = target->arch_info;
488 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
489 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
490 arm920t_common_t *arm920t = arm9tdmi->arch_info;
491
492 /* restore i/d fault status and address register */
493 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
494 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
495 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
496 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
497
498 /* read-modify-write CP15 test state register
499 * to reenable I/D-cache linefills */
500 if (arm920t->preserve_cache)
501 {
502 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
503 jtag_execute_queue();
504 cp15c15 &= ~0x600U;
505 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
506 }
507 }
508
509 int arm920t_get_arch_pointers(target_t *target, armv4_5_common_t **armv4_5_p, arm7_9_common_t **arm7_9_p, arm9tdmi_common_t **arm9tdmi_p, arm920t_common_t **arm920t_p)
510 {
511 armv4_5_common_t *armv4_5 = target->arch_info;
512 arm7_9_common_t *arm7_9;
513 arm9tdmi_common_t *arm9tdmi;
514 arm920t_common_t *arm920t;
515
516 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
517 {
518 return -1;
519 }
520
521 arm7_9 = armv4_5->arch_info;
522 if (arm7_9->common_magic != ARM7_9_COMMON_MAGIC)
523 {
524 return -1;
525 }
526
527 arm9tdmi = arm7_9->arch_info;
528 if (arm9tdmi->common_magic != ARM9TDMI_COMMON_MAGIC)
529 {
530 return -1;
531 }
532
533 arm920t = arm9tdmi->arch_info;
534 if (arm920t->common_magic != ARM920T_COMMON_MAGIC)
535 {
536 return -1;
537 }
538
539 *armv4_5_p = armv4_5;
540 *arm7_9_p = arm7_9;
541 *arm9tdmi_p = arm9tdmi;
542 *arm920t_p = arm920t;
543
544 return ERROR_OK;
545 }
546
547 int arm920t_arch_state(struct target_s *target)
548 {
549 armv4_5_common_t *armv4_5 = target->arch_info;
550 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
551 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
552 arm920t_common_t *arm920t = arm9tdmi->arch_info;
553
554 char *state[] =
555 {
556 "disabled", "enabled"
557 };
558
559 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
560 {
561 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
562 exit(-1);
563 }
564
565 LOG_USER( "target halted in %s state due to %s, current mode: %s\n"
566 "cpsr: 0x%8.8x pc: 0x%8.8x\n"
567 "MMU: %s, D-Cache: %s, I-Cache: %s",
568 armv4_5_state_strings[armv4_5->core_state],
569 Jim_Nvp_value2name_simple(nvp_target_debug_reason, target->debug_reason)->name,
570 armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
571 buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
572 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
573 state[arm920t->armv4_5_mmu.mmu_enabled],
574 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
575 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
576
577 return ERROR_OK;
578 }
579
580 int arm920t_read_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
581 {
582 int retval;
583
584 retval = arm7_9_read_memory(target, address, size, count, buffer);
585
586 return retval;
587 }
588
589 int arm920t_write_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
590 {
591 int retval;
592 armv4_5_common_t *armv4_5 = target->arch_info;
593 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
594 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
595 arm920t_common_t *arm920t = arm9tdmi->arch_info;
596
597 if ((retval = arm7_9_write_memory(target, address, size, count, buffer)) != ERROR_OK)
598 return retval;
599
600 if (((size == 4) || (size == 2)) && (count == 1))
601 {
602 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
603 {
604 LOG_DEBUG("D-Cache enabled, writing through to main memory");
605 u32 pa, cb, ap;
606 int type, domain;
607
608 pa = armv4_5_mmu_translate_va(target, &arm920t->armv4_5_mmu, address, &type, &cb, &domain, &ap);
609 if (type == -1)
610 return ERROR_OK;
611 /* cacheable & bufferable means write-back region */
612 if (cb == 3)
613 armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu, pa, size, count, buffer);
614 }
615
616 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
617 {
618 LOG_DEBUG("I-Cache enabled, invalidating affected I-Cache line");
619 arm920t_write_cp15_interpreted(target, 0xee070f35, 0x0, address);
620 }
621 }
622
623 return retval;
624 }
625
626 int arm920t_soft_reset_halt(struct target_s *target)
627 {
628 armv4_5_common_t *armv4_5 = target->arch_info;
629 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
630 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
631 arm920t_common_t *arm920t = arm9tdmi->arch_info;
632 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
633
634 target_halt(target);
635
636 long long then=timeval_ms();
637 int timeout;
638 while (!(timeout=((timeval_ms()-then)>1000)))
639 {
640 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0)
641 {
642 embeddedice_read_reg(dbg_stat);
643 jtag_execute_queue();
644 } else
645 {
646 break;
647 }
648 if (debug_level>=3)
649 {
650 /* do not eat all CPU, time out after 1 se*/
651 alive_sleep(100);
652 } else
653 {
654 keep_alive();
655 }
656 }
657 if (timeout)
658 {
659 LOG_ERROR("Failed to halt CPU after 1 sec");
660 return ERROR_TARGET_TIMEOUT;
661 }
662
663 target->state = TARGET_HALTED;
664
665 /* SVC, ARM state, IRQ and FIQ disabled */
666 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8, 0xd3);
667 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
668 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
669
670 /* start fetching from 0x0 */
671 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
672 armv4_5->core_cache->reg_list[15].dirty = 1;
673 armv4_5->core_cache->reg_list[15].valid = 1;
674
675 armv4_5->core_mode = ARMV4_5_MODE_SVC;
676 armv4_5->core_state = ARMV4_5_STATE_ARM;
677
678 arm920t_disable_mmu_caches(target, 1, 1, 1);
679 arm920t->armv4_5_mmu.mmu_enabled = 0;
680 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
681 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
682
683 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
684
685 return ERROR_OK;
686 }
687
688 int arm920t_init_target(struct command_context_s *cmd_ctx, struct target_s *target)
689 {
690 arm9tdmi_init_target(cmd_ctx, target);
691
692 return ERROR_OK;
693
694 }
695
696 int arm920t_quit(void)
697 {
698
699 return ERROR_OK;
700 }
701
702 int arm920t_init_arch_info(target_t *target, arm920t_common_t *arm920t, int chain_pos, char *variant)
703 {
704 arm9tdmi_common_t *arm9tdmi = &arm920t->arm9tdmi_common;
705 arm7_9_common_t *arm7_9 = &arm9tdmi->arm7_9_common;
706
707 /* initialize arm9tdmi specific info (including arm7_9 and armv4_5)
708 */
709 arm9tdmi_init_arch_info(target, arm9tdmi, chain_pos, variant);
710
711 arm9tdmi->arch_info = arm920t;
712 arm920t->common_magic = ARM920T_COMMON_MAGIC;
713
714 arm7_9->post_debug_entry = arm920t_post_debug_entry;
715 arm7_9->pre_restore_context = arm920t_pre_restore_context;
716
717 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
718 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
719 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
720 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
721 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
722 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
723 arm920t->armv4_5_mmu.has_tiny_pages = 1;
724 arm920t->armv4_5_mmu.mmu_enabled = 0;
725
726 /* disabling linefills leads to lockups, so keep them enabled for now
727 * this doesn't affect correctness, but might affect timing issues, if
728 * important data is evicted from the cache during the debug session
729 * */
730 arm920t->preserve_cache = 0;
731
732 /* override hw single-step capability from ARM9TDMI */
733 arm7_9->has_single_step = 1;
734
735 return ERROR_OK;
736 }
737
738 int arm920t_target_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc, struct target_s *target)
739 {
740 int chain_pos;
741 char *variant = NULL;
742 arm920t_common_t *arm920t = malloc(sizeof(arm920t_common_t));
743 memset(arm920t, 0, sizeof(*arm920t));
744
745 if (argc < 4)
746 {
747 LOG_ERROR("'target arm920t' requires at least one additional argument");
748 exit(-1);
749 }
750
751 chain_pos = strtoul(args[3], NULL, 0);
752
753 if (argc >= 5)
754 variant = args[4];
755
756 LOG_DEBUG("chain_pos: %i, variant: %s", chain_pos, variant);
757
758 arm920t_init_arch_info(target, arm920t, chain_pos, variant);
759
760 return ERROR_OK;
761 }
762
763 int arm920t_register_commands(struct command_context_s *cmd_ctx)
764 {
765 int retval;
766 command_t *arm920t_cmd;
767
768
769 retval = arm9tdmi_register_commands(cmd_ctx);
770
771 arm920t_cmd = register_command(cmd_ctx, NULL, "arm920t", NULL, COMMAND_ANY, "arm920t specific commands");
772
773 register_command(cmd_ctx, arm920t_cmd, "cp15", arm920t_handle_cp15_command, COMMAND_EXEC, "display/modify cp15 register <num> [value]");
774 register_command(cmd_ctx, arm920t_cmd, "cp15i", arm920t_handle_cp15i_command, COMMAND_EXEC, "display/modify cp15 (interpreted access) <opcode> [value] [address]");
775 register_command(cmd_ctx, arm920t_cmd, "cache_info", arm920t_handle_cache_info_command, COMMAND_EXEC, "display information about target caches");
776 register_command(cmd_ctx, arm920t_cmd, "virt2phys", arm920t_handle_virt2phys_command, COMMAND_EXEC, "translate va to pa <va>");
777
778 register_command(cmd_ctx, arm920t_cmd, "mdw_phys", arm920t_handle_md_phys_command, COMMAND_EXEC, "display memory words <physical addr> [count]");
779 register_command(cmd_ctx, arm920t_cmd, "mdh_phys", arm920t_handle_md_phys_command, COMMAND_EXEC, "display memory half-words <physical addr> [count]");
780 register_command(cmd_ctx, arm920t_cmd, "mdb_phys", arm920t_handle_md_phys_command, COMMAND_EXEC, "display memory bytes <physical addr> [count]");
781
782 register_command(cmd_ctx, arm920t_cmd, "mww_phys", arm920t_handle_mw_phys_command, COMMAND_EXEC, "write memory word <physical addr> <value>");
783 register_command(cmd_ctx, arm920t_cmd, "mwh_phys", arm920t_handle_mw_phys_command, COMMAND_EXEC, "write memory half-word <physical addr> <value>");
784 register_command(cmd_ctx, arm920t_cmd, "mwb_phys", arm920t_handle_mw_phys_command, COMMAND_EXEC, "write memory byte <physical addr> <value>");
785
786 register_command(cmd_ctx, arm920t_cmd, "read_cache", arm920t_handle_read_cache_command, COMMAND_EXEC, "display I/D cache content");
787 register_command(cmd_ctx, arm920t_cmd, "read_mmu", arm920t_handle_read_mmu_command, COMMAND_EXEC, "display I/D mmu content");
788
789 return ERROR_OK;
790 }
791
792 int arm920t_handle_read_cache_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
793 {
794 target_t *target = get_current_target(cmd_ctx);
795 armv4_5_common_t *armv4_5;
796 arm7_9_common_t *arm7_9;
797 arm9tdmi_common_t *arm9tdmi;
798 arm920t_common_t *arm920t;
799 arm_jtag_t *jtag_info;
800 u32 cp15c15;
801 u32 cp15_ctrl, cp15_ctrl_saved;
802 u32 regs[16];
803 u32 *regs_p[16];
804 u32 C15_C_D_Ind, C15_C_I_Ind;
805 int i;
806 FILE *output;
807 arm920t_cache_line_t d_cache[8][64], i_cache[8][64];
808 int segment, index;
809
810 if (argc != 1)
811 {
812 command_print(cmd_ctx, "usage: arm920t read_cache <filename>");
813 return ERROR_OK;
814 }
815
816 if ((output = fopen(args[0], "w")) == NULL)
817 {
818 LOG_DEBUG("error opening cache content file");
819 return ERROR_OK;
820 }
821
822 for (i = 0; i < 16; i++)
823 regs_p[i] = &regs[i];
824
825 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
826 {
827 command_print(cmd_ctx, "current target isn't an ARM920t target");
828 return ERROR_OK;
829 }
830
831 jtag_info = &arm7_9->jtag_info;
832
833 /* disable MMU and Caches */
834 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
835 jtag_execute_queue();
836 cp15_ctrl_saved = cp15_ctrl;
837 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
838 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
839
840 /* read CP15 test state register */
841 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
842 jtag_execute_queue();
843
844 /* read DCache content */
845 fprintf(output, "DCache:\n");
846
847 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
848 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
849 {
850 fprintf(output, "\nsegment: %i\n----------", segment);
851
852 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
853 regs[0] = 0x0 | (segment << 5);
854 arm9tdmi_write_core_regs(target, 0x1, regs);
855
856 /* set interpret mode */
857 cp15c15 |= 0x1;
858 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
859
860 /* D CAM Read, loads current victim into C15.C.D.Ind */
861 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
862
863 /* read current victim */
864 arm920t_read_cp15_physical(target, 0x3d, &C15_C_D_Ind);
865
866 /* clear interpret mode */
867 cp15c15 &= ~0x1;
868 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
869
870 for (index = 0; index < 64; index++)
871 {
872 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
873 regs[0] = 0x0 | (segment << 5) | (index << 26);
874 arm9tdmi_write_core_regs(target, 0x1, regs);
875
876 /* set interpret mode */
877 cp15c15 |= 0x1;
878 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
879
880 /* Write DCache victim */
881 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
882
883 /* Read D RAM */
884 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,10,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
885
886 /* Read D CAM */
887 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(9, 0));
888
889 /* clear interpret mode */
890 cp15c15 &= ~0x1;
891 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
892
893 /* read D RAM and CAM content */
894 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
895 jtag_execute_queue();
896
897 d_cache[segment][index].cam = regs[9];
898
899 /* mask LFSR[6] */
900 regs[9] &= 0xfffffffe;
901 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8x, content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
902
903 for (i = 1; i < 9; i++)
904 {
905 d_cache[segment][index].data[i] = regs[i];
906 fprintf(output, "%i: 0x%8.8x\n", i-1, regs[i]);
907 }
908
909 }
910
911 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
912 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
913 arm9tdmi_write_core_regs(target, 0x1, regs);
914
915 /* set interpret mode */
916 cp15c15 |= 0x1;
917 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
918
919 /* Write DCache victim */
920 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
921
922 /* clear interpret mode */
923 cp15c15 &= ~0x1;
924 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
925 }
926
927 /* read ICache content */
928 fprintf(output, "ICache:\n");
929
930 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
931 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
932 {
933 fprintf(output, "segment: %i\n----------", segment);
934
935 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
936 regs[0] = 0x0 | (segment << 5);
937 arm9tdmi_write_core_regs(target, 0x1, regs);
938
939 /* set interpret mode */
940 cp15c15 |= 0x1;
941 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
942
943 /* I CAM Read, loads current victim into C15.C.I.Ind */
944 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
945
946 /* read current victim */
947 arm920t_read_cp15_physical(target, 0x3b, &C15_C_I_Ind);
948
949 /* clear interpret mode */
950 cp15c15 &= ~0x1;
951 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
952
953 for (index = 0; index < 64; index++)
954 {
955 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
956 regs[0] = 0x0 | (segment << 5) | (index << 26);
957 arm9tdmi_write_core_regs(target, 0x1, regs);
958
959 /* set interpret mode */
960 cp15c15 |= 0x1;
961 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
962
963 /* Write ICache victim */
964 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
965
966 /* Read I RAM */
967 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,9,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
968
969 /* Read I CAM */
970 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(9, 0));
971
972 /* clear interpret mode */
973 cp15c15 &= ~0x1;
974 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
975
976 /* read I RAM and CAM content */
977 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
978 jtag_execute_queue();
979
980 i_cache[segment][index].cam = regs[9];
981
982 /* mask LFSR[6] */
983 regs[9] &= 0xfffffffe;
984 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8x, content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
985
986 for (i = 1; i < 9; i++)
987 {
988 i_cache[segment][index].data[i] = regs[i];
989 fprintf(output, "%i: 0x%8.8x\n", i-1, regs[i]);
990 }
991
992 }
993
994
995 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
996 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
997 arm9tdmi_write_core_regs(target, 0x1, regs);
998
999 /* set interpret mode */
1000 cp15c15 |= 0x1;
1001 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1002
1003 /* Write ICache victim */
1004 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1005
1006 /* clear interpret mode */
1007 cp15c15 &= ~0x1;
1008 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1009 }
1010
1011 /* restore CP15 MMU and Cache settings */
1012 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
1013
1014 command_print(cmd_ctx, "cache content successfully output to %s", args[0]);
1015
1016 fclose(output);
1017
1018 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1019 return ERROR_FAIL;
1020
1021 /* mark registers dirty. */
1022 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
1023 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
1024 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
1025 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
1026 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
1027 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
1028 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
1029 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
1030 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
1031 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
1032
1033 return ERROR_OK;
1034 }
1035
1036 int arm920t_handle_read_mmu_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
1037 {
1038 target_t *target = get_current_target(cmd_ctx);
1039 armv4_5_common_t *armv4_5;
1040 arm7_9_common_t *arm7_9;
1041 arm9tdmi_common_t *arm9tdmi;
1042 arm920t_common_t *arm920t;
1043 arm_jtag_t *jtag_info;
1044 u32 cp15c15;
1045 u32 cp15_ctrl, cp15_ctrl_saved;
1046 u32 regs[16];
1047 u32 *regs_p[16];
1048 int i;
1049 FILE *output;
1050 u32 Dlockdown, Ilockdown;
1051 arm920t_tlb_entry_t d_tlb[64], i_tlb[64];
1052 int victim;
1053
1054 if (argc != 1)
1055 {
1056 command_print(cmd_ctx, "usage: arm920t read_mmu <filename>");
1057 return ERROR_OK;
1058 }
1059
1060 if ((output = fopen(args[0], "w")) == NULL)
1061 {
1062 LOG_DEBUG("error opening mmu content file");
1063 return ERROR_OK;
1064 }
1065
1066 for (i = 0; i < 16; i++)
1067 regs_p[i] = &regs[i];
1068
1069 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1070 {
1071 command_print(cmd_ctx, "current target isn't an ARM920t target");
1072 return ERROR_OK;
1073 }
1074
1075 jtag_info = &arm7_9->jtag_info;
1076
1077 /* disable MMU and Caches */
1078 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
1079 jtag_execute_queue();
1080 cp15_ctrl_saved = cp15_ctrl;
1081 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
1082 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
1083
1084 /* read CP15 test state register */
1085 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
1086 jtag_execute_queue();
1087
1088 /* prepare reading D TLB content
1089 * */
1090
1091 /* set interpret mode */
1092 cp15c15 |= 0x1;
1093 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1094
1095 /* Read D TLB lockdown */
1096 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1097
1098 /* clear interpret mode */
1099 cp15c15 &= ~0x1;
1100 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1101
1102 /* read D TLB lockdown stored to r1 */
1103 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1104 jtag_execute_queue();
1105 Dlockdown = regs[1];
1106
1107 for (victim = 0; victim < 64; victim += 8)
1108 {
1109 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1110 * base remains unchanged, victim goes through entries 0 to 63 */
1111 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1112 arm9tdmi_write_core_regs(target, 0x2, regs);
1113
1114 /* set interpret mode */
1115 cp15c15 |= 0x1;
1116 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1117
1118 /* Write D TLB lockdown */
1119 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1120
1121 /* Read D TLB CAM */
1122 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,6,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1123
1124 /* clear interpret mode */
1125 cp15c15 &= ~0x1;
1126 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1127
1128 /* read D TLB CAM content stored to r2-r9 */
1129 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1130 jtag_execute_queue();
1131
1132 for (i = 0; i < 8; i++)
1133 d_tlb[victim + i].cam = regs[i + 2];
1134 }
1135
1136 for (victim = 0; victim < 64; victim++)
1137 {
1138 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1139 * base remains unchanged, victim goes through entries 0 to 63 */
1140 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1141 arm9tdmi_write_core_regs(target, 0x2, regs);
1142
1143 /* set interpret mode */
1144 cp15c15 |= 0x1;
1145 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1146
1147 /* Write D TLB lockdown */
1148 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1149
1150 /* Read D TLB RAM1 */
1151 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1152
1153 /* Read D TLB RAM2 */
1154 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1155
1156 /* clear interpret mode */
1157 cp15c15 &= ~0x1;
1158 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1159
1160 /* read D TLB RAM content stored to r2 and r3 */
1161 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1162 jtag_execute_queue();
1163
1164 d_tlb[victim].ram1 = regs[2];
1165 d_tlb[victim].ram2 = regs[3];
1166 }
1167
1168 /* restore D TLB lockdown */
1169 regs[1] = Dlockdown;
1170 arm9tdmi_write_core_regs(target, 0x2, regs);
1171
1172 /* Write D TLB lockdown */
1173 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1174
1175 /* prepare reading I TLB content
1176 * */
1177
1178 /* set interpret mode */
1179 cp15c15 |= 0x1;
1180 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1181
1182 /* Read I TLB lockdown */
1183 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1184
1185 /* clear interpret mode */
1186 cp15c15 &= ~0x1;
1187 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1188
1189 /* read I TLB lockdown stored to r1 */
1190 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1191 jtag_execute_queue();
1192 Ilockdown = regs[1];
1193
1194 for (victim = 0; victim < 64; victim += 8)
1195 {
1196 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1197 * base remains unchanged, victim goes through entries 0 to 63 */
1198 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1199 arm9tdmi_write_core_regs(target, 0x2, regs);
1200
1201 /* set interpret mode */
1202 cp15c15 |= 0x1;
1203 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1204
1205 /* Write I TLB lockdown */
1206 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1207
1208 /* Read I TLB CAM */
1209 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,5,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1210
1211 /* clear interpret mode */
1212 cp15c15 &= ~0x1;
1213 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1214
1215 /* read I TLB CAM content stored to r2-r9 */
1216 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1217 jtag_execute_queue();
1218
1219 for (i = 0; i < 8; i++)
1220 i_tlb[i + victim].cam = regs[i + 2];
1221 }
1222
1223 for (victim = 0; victim < 64; victim++)
1224 {
1225 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1226 * base remains unchanged, victim goes through entries 0 to 63 */
1227 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1228 arm9tdmi_write_core_regs(target, 0x2, regs);
1229
1230 /* set interpret mode */
1231 cp15c15 |= 0x1;
1232 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1233
1234 /* Write I TLB lockdown */
1235 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1236
1237 /* Read I TLB RAM1 */
1238 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1239
1240 /* Read I TLB RAM2 */
1241 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1242
1243 /* clear interpret mode */
1244 cp15c15 &= ~0x1;
1245 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1246
1247 /* read I TLB RAM content stored to r2 and r3 */
1248 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1249 jtag_execute_queue();
1250
1251 i_tlb[victim].ram1 = regs[2];
1252 i_tlb[victim].ram2 = regs[3];
1253 }
1254
1255 /* restore I TLB lockdown */
1256 regs[1] = Ilockdown;
1257 arm9tdmi_write_core_regs(target, 0x2, regs);
1258
1259 /* Write I TLB lockdown */
1260 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1261
1262 /* restore CP15 MMU and Cache settings */
1263 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
1264
1265 /* output data to file */
1266 fprintf(output, "D TLB content:\n");
1267 for (i = 0; i < 64; i++)
1268 {
1269 fprintf(output, "%i: 0x%8.8x 0x%8.8x 0x%8.8x %s\n", i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2, (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1270 }
1271
1272 fprintf(output, "\n\nI TLB content:\n");
1273 for (i = 0; i < 64; i++)
1274 {
1275 fprintf(output, "%i: 0x%8.8x 0x%8.8x 0x%8.8x %s\n", i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2, (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1276 }
1277
1278 command_print(cmd_ctx, "mmu content successfully output to %s", args[0]);
1279
1280 fclose(output);
1281
1282 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1283 return ERROR_FAIL;
1284
1285 /* mark registers dirty */
1286 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
1287 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
1288 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
1289 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
1290 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
1291 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
1292 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
1293 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
1294 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
1295 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
1296
1297 return ERROR_OK;
1298 }
1299 int arm920t_handle_cp15_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
1300 {
1301 int retval;
1302 target_t *target = get_current_target(cmd_ctx);
1303 armv4_5_common_t *armv4_5;
1304 arm7_9_common_t *arm7_9;
1305 arm9tdmi_common_t *arm9tdmi;
1306 arm920t_common_t *arm920t;
1307 arm_jtag_t *jtag_info;
1308
1309 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1310 {
1311 command_print(cmd_ctx, "current target isn't an ARM920t target");
1312 return ERROR_OK;
1313 }
1314
1315 jtag_info = &arm7_9->jtag_info;
1316
1317 if (target->state != TARGET_HALTED)
1318 {
1319 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
1320 return ERROR_OK;
1321 }
1322
1323 /* one or more argument, access a single register (write if second argument is given */
1324 if (argc >= 1)
1325 {
1326 int address = strtoul(args[0], NULL, 0);
1327
1328 if (argc == 1)
1329 {
1330 u32 value;
1331 if ((retval = arm920t_read_cp15_physical(target, address, &value)) != ERROR_OK)
1332 {
1333 command_print(cmd_ctx, "couldn't access reg %i", address);
1334 return ERROR_OK;
1335 }
1336 jtag_execute_queue();
1337
1338 command_print(cmd_ctx, "%i: %8.8x", address, value);
1339 }
1340 else if (argc == 2)
1341 {
1342 u32 value = strtoul(args[1], NULL, 0);
1343 if ((retval = arm920t_write_cp15_physical(target, address, value)) != ERROR_OK)
1344 {
1345 command_print(cmd_ctx, "couldn't access reg %i", address);
1346 return ERROR_OK;
1347 }
1348 command_print(cmd_ctx, "%i: %8.8x", address, value);
1349 }
1350 }
1351
1352 return ERROR_OK;
1353 }
1354
1355 int arm920t_handle_cp15i_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
1356 {
1357 int retval;
1358 target_t *target = get_current_target(cmd_ctx);
1359 armv4_5_common_t *armv4_5;
1360 arm7_9_common_t *arm7_9;
1361 arm9tdmi_common_t *arm9tdmi;
1362 arm920t_common_t *arm920t;
1363 arm_jtag_t *jtag_info;
1364
1365 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1366 {
1367 command_print(cmd_ctx, "current target isn't an ARM920t target");
1368 return ERROR_OK;
1369 }
1370
1371 jtag_info = &arm7_9->jtag_info;
1372
1373 if (target->state != TARGET_HALTED)
1374 {
1375 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
1376 return ERROR_OK;
1377 }
1378
1379 /* one or more argument, access a single register (write if second argument is given */
1380 if (argc >= 1)
1381 {
1382 u32 opcode = strtoul(args[0], NULL, 0);
1383
1384 if (argc == 1)
1385 {
1386 u32 value;
1387 if ((retval = arm920t_read_cp15_interpreted(target, opcode, 0x0, &value)) != ERROR_OK)
1388 {
1389 command_print(cmd_ctx, "couldn't execute %8.8x", opcode);
1390 return ERROR_OK;
1391 }
1392
1393 command_print(cmd_ctx, "%8.8x: %8.8x", opcode, value);
1394 }
1395 else if (argc == 2)
1396 {
1397 u32 value = strtoul(args[1], NULL, 0);
1398 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, 0)) != ERROR_OK)
1399 {
1400 command_print(cmd_ctx, "couldn't execute %8.8x", opcode);
1401 return ERROR_OK;
1402 }
1403 command_print(cmd_ctx, "%8.8x: %8.8x", opcode, value);
1404 }
1405 else if (argc == 3)
1406 {
1407 u32 value = strtoul(args[1], NULL, 0);
1408 u32 address = strtoul(args[2], NULL, 0);
1409 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, address)) != ERROR_OK)
1410 {
1411 command_print(cmd_ctx, "couldn't execute %8.8x", opcode);
1412 return ERROR_OK;
1413 }
1414 command_print(cmd_ctx, "%8.8x: %8.8x %8.8x", opcode, value, address);
1415 }
1416 }
1417 else
1418 {
1419 command_print(cmd_ctx, "usage: arm920t cp15i <opcode> [value] [address]");
1420 }
1421
1422 return ERROR_OK;
1423 }
1424
1425 int arm920t_handle_cache_info_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
1426 {
1427 target_t *target = get_current_target(cmd_ctx);
1428 armv4_5_common_t *armv4_5;
1429 arm7_9_common_t *arm7_9;
1430 arm9tdmi_common_t *arm9tdmi;
1431 arm920t_common_t *arm920t;
1432
1433 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1434 {
1435 command_print(cmd_ctx, "current target isn't an ARM920t target");
1436 return ERROR_OK;
1437 }
1438
1439 return armv4_5_handle_cache_info_command(cmd_ctx, &arm920t->armv4_5_mmu.armv4_5_cache);
1440 }
1441
1442 int arm920t_handle_virt2phys_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
1443 {
1444 target_t *target = get_current_target(cmd_ctx);
1445 armv4_5_common_t *armv4_5;
1446 arm7_9_common_t *arm7_9;
1447 arm9tdmi_common_t *arm9tdmi;
1448 arm920t_common_t *arm920t;
1449 arm_jtag_t *jtag_info;
1450
1451 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1452 {
1453 command_print(cmd_ctx, "current target isn't an ARM920t target");
1454 return ERROR_OK;
1455 }
1456
1457 jtag_info = &arm7_9->jtag_info;
1458
1459 if (target->state != TARGET_HALTED)
1460 {
1461 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
1462 return ERROR_OK;
1463 }
1464
1465 return armv4_5_mmu_handle_virt2phys_command(cmd_ctx, cmd, args, argc, target, &arm920t->armv4_5_mmu);
1466 }
1467
1468 int arm920t_handle_md_phys_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
1469 {
1470 target_t *target = get_current_target(cmd_ctx);
1471 armv4_5_common_t *armv4_5;
1472 arm7_9_common_t *arm7_9;
1473 arm9tdmi_common_t *arm9tdmi;
1474 arm920t_common_t *arm920t;
1475 arm_jtag_t *jtag_info;
1476
1477 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1478 {
1479 command_print(cmd_ctx, "current target isn't an ARM920t target");
1480 return ERROR_OK;
1481 }
1482
1483 jtag_info = &arm7_9->jtag_info;
1484
1485 if (target->state != TARGET_HALTED)
1486 {
1487 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
1488 return ERROR_OK;
1489 }
1490
1491 return armv4_5_mmu_handle_md_phys_command(cmd_ctx, cmd, args, argc, target, &arm920t->armv4_5_mmu);
1492 }
1493
1494 int arm920t_handle_mw_phys_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
1495 {
1496 target_t *target = get_current_target(cmd_ctx);
1497 armv4_5_common_t *armv4_5;
1498 arm7_9_common_t *arm7_9;
1499 arm9tdmi_common_t *arm9tdmi;
1500 arm920t_common_t *arm920t;
1501 arm_jtag_t *jtag_info;
1502
1503 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1504 {
1505 command_print(cmd_ctx, "current target isn't an ARM920t target");
1506 return ERROR_OK;
1507 }
1508
1509 jtag_info = &arm7_9->jtag_info;
1510
1511 if (target->state != TARGET_HALTED)
1512 {
1513 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
1514 return ERROR_OK;
1515 }
1516
1517 return armv4_5_mmu_handle_mw_phys_command(cmd_ctx, cmd, args, argc, target, &arm920t->armv4_5_mmu);
1518 }
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)