X-Git-Url: https://review.openocd.org/gitweb?p=openocd.git;a=blobdiff_plain;f=src%2Fflash%2Fnor%2Fcore.c;h=2c1d9dee04dbcb29b12abb038e7d7f69679c8b8d;hp=01088f3c14e5bbc6387e12580618cabe3d8a89a3;hb=45e5d1d90acaff8cf57f694e70ec41ece9bddfcd;hpb=cba1813d5c017e2d20969bb419a856fe15c5ceef diff --git a/src/flash/nor/core.c b/src/flash/nor/core.c index 01088f3c14..2c1d9dee04 100644 --- a/src/flash/nor/core.c +++ b/src/flash/nor/core.c @@ -1,8 +1,9 @@ /*************************************************************************** * Copyright (C) 2005 by Dominic Rath * - * Copyright (C) 2007,2008 Øyvind Harboe * + * Copyright (C) 2007-2010 Øyvind Harboe * * Copyright (C) 2008 by Spencer Oliver * * Copyright (C) 2009 Zachary T Welch * + * Copyright (C) 2010 by Antonio Borneo * * * * This program is free software; you can redistribute it and/or modify * * it under the terms of the GNU General Public License as published by * @@ -29,7 +30,14 @@ #include -struct flash_bank *flash_banks; +/** + * @file + * Upper level of NOR flash framework. + * The lower level interfaces are to drivers. These upper level ones + * primarily support access from Tcl scripts or from GDB. + */ + +static struct flash_bank *flash_banks; int flash_driver_erase(struct flash_bank *bank, int first, int last) { @@ -48,6 +56,27 @@ int flash_driver_protect(struct flash_bank *bank, int set, int first, int last) { int retval; + /* callers may not supply illegal parameters ... */ + if (first < 0 || first > last || last >= bank->num_sectors) + { + LOG_ERROR("illegal sector range"); + return ERROR_FAIL; + } + + /* force "set" to 0/1 */ + set = !!set; + + /* DANGER! + * + * We must not use any cached information about protection state!!!! + * + * There are a million things that could change the protect state: + * + * the target could have reset, power cycled, been hot plugged, + * the application could have run, etc. + * + * Drivers only receive valid sector range. + */ retval = bank->driver->protect(bank, set, first, last); if (retval != ERROR_OK) { @@ -72,6 +101,29 @@ int flash_driver_write(struct flash_bank *bank, return retval; } +int flash_driver_read(struct flash_bank *bank, + uint8_t *buffer, uint32_t offset, uint32_t count) +{ + int retval; + + LOG_DEBUG("call flash_driver_read()"); + + retval = bank->driver->read(bank, buffer, offset, count); + if (retval != ERROR_OK) + { + LOG_ERROR("error reading to flash at address 0x%08" PRIx32 " at offset 0x%8.8" PRIx32 " (%d)", + bank->base, offset, retval); + } + + return retval; +} + +int default_flash_read(struct flash_bank *bank, + uint8_t *buffer, uint32_t offset, uint32_t count) +{ + return target_read_buffer(bank->target, offset + bank->base, count, buffer); +} + void flash_bank_add(struct flash_bank *bank) { /* put flash bank in linked list */ @@ -126,7 +178,7 @@ int flash_get_bank_count(void) return i; } -struct flash_bank *get_flash_bank_by_name(const char *name) +struct flash_bank *get_flash_bank_by_name_noprobe(const char *name) { unsigned requested = get_flash_name_index(name); unsigned found = 0; @@ -145,26 +197,51 @@ struct flash_bank *get_flash_bank_by_name(const char *name) return NULL; } -struct flash_bank *get_flash_bank_by_num(int num) +int get_flash_bank_by_name(const char *name, struct flash_bank **bank_result) +{ + struct flash_bank *bank; + int retval; + + bank = get_flash_bank_by_name_noprobe(name); + if (bank != NULL) + { + retval = bank->driver->auto_probe(bank); + + if (retval != ERROR_OK) + { + LOG_ERROR("auto_probe failed %d\n", retval); + return retval; + } + } + + *bank_result = bank; + return ERROR_OK; +} + +int get_flash_bank_by_num(int num, struct flash_bank **bank) { struct flash_bank *p = get_flash_bank_by_num_noprobe(num); int retval; if (p == NULL) - return NULL; + { + return ERROR_FAIL; + } retval = p->driver->auto_probe(p); if (retval != ERROR_OK) { LOG_ERROR("auto_probe failed %d\n", retval); - return NULL; + return retval; } - return p; + *bank = p; + return ERROR_OK; } -/* lookup flash bank by address */ -struct flash_bank *get_flash_bank_by_addr(struct target *target, uint32_t addr) +/* lookup flash bank by address, bank not found is success, but + * result_bank is set to NULL. */ +int get_flash_bank_by_addr(struct target *target, uint32_t addr, bool check, struct flash_bank **result_bank) { struct flash_bank *c; @@ -177,14 +254,22 @@ struct flash_bank *get_flash_bank_by_addr(struct target *target, uint32_t addr) if (retval != ERROR_OK) { LOG_ERROR("auto_probe failed %d\n", retval); - return NULL; + return retval; } /* check whether address belongs to this flash bank */ if ((addr >= c->base) && (addr <= c->base + (c->size - 1)) && target == c->target) - return c; + { + *result_bank = c; + return ERROR_OK; + } } - LOG_ERROR("No flash at address 0x%08" PRIx32 "\n", addr); - return NULL; + *result_bank = NULL; + if (check) + { + LOG_ERROR("No flash at address 0x%08" PRIx32 "\n", addr); + return ERROR_FAIL; + } + return ERROR_OK; } int default_flash_mem_blank_check(struct flash_bank *bank) @@ -280,9 +365,22 @@ int default_flash_blank_check(struct flash_bank *bank) return ERROR_OK; } -/* erase given flash region, selects proper bank according to target and address */ +/* Manipulate given flash region, selecting the bank according to target + * and address. Maps an address range to a set of sectors, and issues + * the callback() on that set ... e.g. to erase or unprotect its members. + * + * (Note a current bad assumption: that protection operates on the same + * size sectors as erase operations use.) + * + * The "pad_reason" parameter is a kind of boolean: when it's NULL, the + * range must fit those sectors exactly. This is clearly safe; it can't + * erase data which the caller said to leave alone, for example. If it's + * non-NULL, rather than failing, extra data in the first and/or last + * sectors will be added to the range, and that reason string is used when + * warning about those additions. + */ static int flash_iterate_address_range(struct target *target, - uint32_t addr, uint32_t length, + char *pad_reason, uint32_t addr, uint32_t length, int (*callback)(struct flash_bank *bank, int first, int last)) { struct flash_bank *c; @@ -291,8 +389,9 @@ static int flash_iterate_address_range(struct target *target, int last = -1; int i; - if ((c = get_flash_bank_by_addr(target, addr)) == NULL) - return ERROR_FLASH_DST_OUT_OF_BANK; /* no corresponding bank found */ + int retval = get_flash_bank_by_addr(target, addr, true, &c); + if (retval != ERROR_OK) + return retval; if (c->size == 0 || c->num_sectors == 0) { @@ -304,14 +403,20 @@ static int flash_iterate_address_range(struct target *target, { /* special case, erase whole bank when length is zero */ if (addr != c->base) + { + LOG_ERROR("Whole bank access must start at beginning of bank."); return ERROR_FLASH_DST_BREAKS_ALIGNMENT; + } return callback(c, 0, c->num_sectors - 1); } /* check whether it all fits in this bank */ if (addr + length - 1 > c->base + c->size - 1) + { + LOG_ERROR("Flash access does not fit into bank."); return ERROR_FLASH_DST_BREAKS_ALIGNMENT; + } /** @todo: handle erasures that cross into adjacent banks */ @@ -321,18 +426,53 @@ static int flash_iterate_address_range(struct target *target, for (i = 0; i < c->num_sectors; i++) { struct flash_sector *f = c->sectors + i; + uint32_t end = f->offset + f->size; /* start only on a sector boundary */ if (first < 0) { + /* scanned past the first sector? */ + if (addr < f->offset) + break; + /* is this the first sector? */ if (addr == f->offset) first = i; - else if (addr < f->offset) - break; + + /* Does this need head-padding? If so, pad and warn; + * or else force an error. + * + * Such padding can make trouble, since *WE* can't + * ever know if that data was in use. The warning + * should help users sort out messes later. + */ + else if (addr < end && pad_reason) { + /* FIXME say how many bytes (e.g. 80 KB) */ + LOG_WARNING("Adding extra %s range, " + "%#8.8x to %#8.8x", + pad_reason, + (unsigned) f->offset, + (unsigned) addr - 1); + first = i; + } else + continue; } /* is this (also?) the last sector? */ - if (last_addr == f->offset + f->size) { + if (last_addr == end) { + last = i; + break; + } + + /* Does this need tail-padding? If so, pad and warn; + * or else force an error. + */ + if (last_addr < end && pad_reason) { + /* FIXME say how many bytes (e.g. 80 KB) */ + LOG_WARNING("Adding extra %s range, " + "%#8.8x to %#8.8x", + pad_reason, + (unsigned) last_addr, + (unsigned) end - 1); last = i; break; } @@ -347,22 +487,21 @@ static int flash_iterate_address_range(struct target *target, LOG_ERROR("address range 0x%8.8x .. 0x%8.8x " "is not sector-aligned", (unsigned) (c->base + addr), - (unsigned) (last_addr - 1)); + (unsigned) (c->base + last_addr - 1)); return ERROR_FLASH_DST_BREAKS_ALIGNMENT; } - /* The NOR driver may trim this range down, based on - * whether or not a given sector is already erased. - * - * REVISIT should *we* trim it... ? + /* The NOR driver may trim this range down, based on what + * sectors are already erased/unprotected. GDB currently + * blocks such optimizations. */ return callback(c, first, last); } int flash_erase_address_range(struct target *target, - uint32_t addr, uint32_t length) + bool pad, uint32_t addr, uint32_t length) { - return flash_iterate_address_range(target, + return flash_iterate_address_range(target, pad ? "erase" : NULL, addr, length, &flash_driver_erase); } @@ -371,12 +510,35 @@ static int flash_driver_unprotect(struct flash_bank *bank, int first, int last) return flash_driver_protect(bank, 0, first, last); } -static int flash_unlock_address_range(struct target *target, uint32_t addr, uint32_t length) +int flash_unlock_address_range(struct target *target, uint32_t addr, uint32_t length) { - return flash_iterate_address_range(target, + /* By default, pad to sector boundaries ... the real issue here + * is that our (only) caller *permanently* removes protection, + * and doesn't restore it. + */ + return flash_iterate_address_range(target, "unprotect", addr, length, &flash_driver_unprotect); } +static int compare_section (const void * a, const void * b) +{ + struct imagesection *b1, *b2; + b1=*((struct imagesection **)a); + b2=*((struct imagesection **)b); + + if (b1->base_address == b2->base_address) + { + return 0; + } else if (b1->base_address > b2->base_address) + { + return 1; + } else + { + return -1; + } +} + + int flash_write_unlock(struct target *target, struct image *image, uint32_t *written, int erase, bool unlock) { @@ -404,6 +566,19 @@ int flash_write_unlock(struct target *target, struct image *image, /* allocate padding array */ padding = calloc(image->num_sections, sizeof(*padding)); + /* This fn requires all sections to be in ascending order of addresses, + * whereas an image can have sections out of order. */ + struct imagesection **sections = malloc(sizeof(struct imagesection *) * + image->num_sections); + int i; + for (i = 0; i < image->num_sections; i++) + { + sections[i] = &image->sections[i]; + } + + qsort(sections, image->num_sections, sizeof(struct imagesection *), + compare_section); + /* loop until we reach end of the image */ while (section < image->num_sections) { @@ -411,11 +586,11 @@ int flash_write_unlock(struct target *target, struct image *image, uint8_t *buffer; int section_first; int section_last; - uint32_t run_address = image->sections[section].base_address + section_offset; - uint32_t run_size = image->sections[section].size - section_offset; + uint32_t run_address = sections[section]->base_address + section_offset; + uint32_t run_size = sections[section]->size - section_offset; int pad_bytes = 0; - if (image->sections[section].size == 0) + if (sections[section]->size == 0) { LOG_WARNING("empty section %d", section); section++; @@ -424,7 +599,12 @@ int flash_write_unlock(struct target *target, struct image *image, } /* find the corresponding flash bank */ - if ((c = get_flash_bank_by_addr(target, run_address)) == NULL) + retval = get_flash_bank_by_addr(target, run_address, false, &c); + if (retval != ERROR_OK) + { + goto done; + } + if (c == NULL) { section++; /* and skip it */ section_offset = 0; @@ -438,20 +618,20 @@ int flash_write_unlock(struct target *target, struct image *image, while ((run_address + run_size - 1 < c->base + c->size - 1) && (section_last + 1 < image->num_sections)) { - if (image->sections[section_last + 1].base_address < (run_address + run_size)) + /* sections are sorted */ + assert(sections[section_last + 1]->base_address >= c->base); + if (sections[section_last + 1]->base_address >= (c->base + c->size)) { - LOG_DEBUG("section %d out of order " - "(surprising, but supported)", - section_last + 1); - /* REVISIT this can break with autoerase ... - * clobbering data after it's written. - */ - break; + /* Done with this bank */ + break; } - /* REVISIT This needlessly touches sectors BETWEEN the + /* FIXME This needlessly touches sectors BETWEEN the * sections it's writing. Without auto erase, it just - * writes ones; unlikely to destroy data. + * writes ones. That WILL INVALIDATE data in cases + * like Stellaris Tempest chips, corrupting internal + * ECC codes; and at least FreeScale suggests issues + * with that approach (in HC11 documentation). * * With auto erase enabled, data in those sectors will * be needlessly destroyed; and some of the limited @@ -460,27 +640,23 @@ int flash_write_unlock(struct target *target, struct image *image, * In both cases, the extra writes slow things down. */ - /* if we have multiple sections within our image, flash programming could fail due to alignment issues + /* if we have multiple sections within our image, + * flash programming could fail due to alignment issues * attempt to rebuild a consecutive buffer for the flash loader */ - pad_bytes = (image->sections[section_last + 1].base_address) - (run_address + run_size); - if ((run_address + run_size + pad_bytes) > (c->base + c->size)) - break; + pad_bytes = (sections[section_last + 1]->base_address) - (run_address + run_size); padding[section_last] = pad_bytes; - run_size += image->sections[++section_last].size; + run_size += sections[++section_last]->size; run_size += pad_bytes; - LOG_INFO("Padding image section %d with %d bytes", section_last-1, pad_bytes); + if (pad_bytes > 0) + LOG_INFO("Padding image section %d with %d bytes", section_last-1, pad_bytes); } - /* fit the run into bank constraints */ if (run_address + run_size - 1 > c->base + c->size - 1) { - /* REVISIT isn't this superfluous, given the while() - * loop conditions above?? - */ - LOG_WARNING("writing %d bytes only - as image section is %d bytes and bank is only %d bytes", \ - (int)(c->base + c->size - run_address), (int)(run_size), (int)(c->size)); - run_size = c->base + c->size - run_address; + LOG_ERROR("The image is too big for the flash"); + retval = ERROR_FAIL; + goto done; } /* If we're applying any sector automagic, then pad this @@ -506,6 +682,12 @@ int flash_write_unlock(struct target *target, struct image *image, /* allocate buffer */ buffer = malloc(run_size); + if (buffer == NULL) + { + LOG_ERROR("Out of memory for flash bank buffer"); + retval = ERROR_FAIL; + goto done; + } buffer_size = 0; /* read sections to the buffer */ @@ -514,15 +696,25 @@ int flash_write_unlock(struct target *target, struct image *image, size_t size_read; size_read = run_size - buffer_size; - if (size_read > image->sections[section].size - section_offset) - size_read = image->sections[section].size - section_offset; + if (size_read > sections[section]->size - section_offset) + size_read = sections[section]->size - section_offset; + + /* KLUDGE! + * + * #¤%#"%¤% we have to figure out the section # from the sorted + * list of pointers to sections to invoke image_read_section()... + */ + intptr_t diff = (intptr_t)sections[section] - (intptr_t)image->sections; + int t_section_num = diff / sizeof(struct imagesection); - if ((retval = image_read_section(image, section, section_offset, + LOG_DEBUG("image_read_section: section = %d, t_section_num = %d, section_offset = %d, buffer_size = %d, size_read = %d", + (int)section, +(int)t_section_num, (int)section_offset, (int)buffer_size, (int)size_read); + if ((retval = image_read_section(image, t_section_num, section_offset, size_read, buffer + buffer_size, &size_read)) != ERROR_OK || size_read == 0) { free(buffer); - free(padding); - return retval; + goto done; } /* see if we need to pad the section */ @@ -532,7 +724,7 @@ int flash_write_unlock(struct target *target, struct image *image, buffer_size += size_read; section_offset += size_read; - if (section_offset >= image->sections[section].size) + if (section_offset >= sections[section]->size) { section++; section_offset = 0; @@ -550,7 +742,8 @@ int flash_write_unlock(struct target *target, struct image *image, if (erase) { /* calculate and erase sectors */ - retval = flash_erase_address_range(target, run_address, run_size); + retval = flash_erase_address_range(target, + true, run_address, run_size); } } @@ -564,14 +757,17 @@ int flash_write_unlock(struct target *target, struct image *image, if (retval != ERROR_OK) { - free(padding); - return retval; /* abort operation */ + /* abort operation */ + goto done; } if (written != NULL) *written += run_size; /* add run size to total written counter */ } + +done: + free(sections); free(padding); return retval;