git.rot13.org Git - goodfet/blob - client/GoodFETCC.py

   1 #!/usr/bin/env python
   2 # GoodFET Client Library
   3 #
   4 # (C) 2009 Travis Goodspeed <travis at radiantmachines.com>
   5 #
   6 # This code is being rewritten and refactored.  You've been warned!
   7
   8 import sys;
   9 import binascii;
  10
  11 from GoodFET import GoodFET;
  12 from intelhex import IntelHex;
  13
  14 import xml.dom.minidom;
  15
  16 class GoodFETCC(GoodFET):
  17     """A GoodFET variant for use with Chipcon 8051 Zigbee SoC."""
  18     APP=0x30;
  19
  20
  21
  22
  23     smartrfpath="/opt/smartrf7";
  24     def loadsymbols(self):
  25         try: self.SRF_loadsymbols();
  26         except:
  27             if self.verbose==1: print "SmartRF load failed.";
  28     def SRF_chipdom(self,chip="cc1110", doc="register_definition.xml"):
  29         fn="%s/config/xml/%s/%s" % (self.smartrfpath,chip,doc);
  30         #print "Opening %s" % fn;
  31         return xml.dom.minidom.parse(fn)
  32
  33     def CMDrs(self,args=[]):
  34         """Chip command to grab the radio state."""
  35         self.SRF_radiostate();
  36     def SRF_bitfieldstr(self,bf):
  37         name="unused";
  38         start=0;
  39         stop=0;
  40         access="";
  41         reset="0x00";
  42         description="";
  43         for e in bf.childNodes:
  44             if e.localName=="Name" and e.childNodes: name= e.childNodes[0].nodeValue;
  45             elif e.localName=="Start": start=e.childNodes[0].nodeValue;
  46             elif e.localName=="Stop": stop=e.childNodes[0].nodeValue;
  47         return "   [%s:%s] %30s " % (start,stop,name);
  48     def SRF_radiostate(self):
  49         ident=self.CCident();
  50         chip=self.CCversions.get(ident&0xFF00);
  51         dom=self.SRF_chipdom(chip,"register_definition.xml");
  52         for e in dom.getElementsByTagName("registerdefinition"):
  53             for f in e.childNodes:
  54                 if f.localName=="DeviceName":
  55                     print "// %s RadioState" % (f.childNodes[0].nodeValue);
  56                 elif f.localName=="Register":
  57                     name="unknownreg";
  58                     address="0xdead";
  59                     description="";
  60                     bitfields="";
  61                     for g in f.childNodes:
  62                         if g.localName=="Name":
  63                             name=g.childNodes[0].nodeValue;
  64                         elif g.localName=="Address":
  65                             address=g.childNodes[0].nodeValue;
  66                         elif g.localName=="Description":
  67                             if g.childNodes:
  68                                 description=g.childNodes[0].nodeValue;
  69                         elif g.localName=="Bitfield":
  70                             bitfields+="%17s/* %-50s */\n" % ("",self.SRF_bitfieldstr(g));
  71                     #print "SFRX(%10s, %s); /* %50s */" % (name,address, description);
  72                     print "%-10s=0x%02x; /* %-50s */" % (
  73                         name,self.CCpeekdatabyte(eval(address)), description);
  74                     if bitfields!="": print bitfields.rstrip();
  75     def RF_getrssi(self):
  76         """Returns the received signal strenght, from 0 to 1."""
  77         rssireg=self.symbols.get("RSSI");
  78         return self.CCpeekdatabyte(rssireg);
  79     def SRF_loadsymbols(self):
  80         ident=self.CCident();
  81         chip=self.CCversions.get(ident&0xFF00);
  82         dom=self.SRF_chipdom(chip,"register_definition.xml");
  83         for e in dom.getElementsByTagName("registerdefinition"):
  84             for f in e.childNodes:
  85                 if f.localName=="Register":
  86                     name="unknownreg";
  87                     address="0xdead";
  88                     description="";
  89                     bitfields="";
  90                     for g in f.childNodes:
  91                         if g.localName=="Name":
  92                             name=g.childNodes[0].nodeValue;
  93                         elif g.localName=="Address":
  94                             address=g.childNodes[0].nodeValue;
  95                         elif g.localName=="Description":
  96                             if g.childNodes:
  97                                 description=g.childNodes[0].nodeValue;
  98                         elif g.localName=="Bitfield":
  99                             bitfields+="%17s/* %-50s */\n" % ("",self.SRF_bitfieldstr(g));
 100                     #print "SFRX(%10s, %s); /* %50s */" % (name,address, description);
 101                     self.symbols.define(eval(address),name,description,"data");
 102     def halt(self):
 103         """Halt the CPU."""
 104         self.CChaltcpu();
 105     def CChaltcpu(self):
 106         """Halt the CPU."""
 107         self.writecmd(self.APP,0x86,0,self.data);
 108     def resume(self):
 109         self.CCreleasecpu();
 110     def CCreleasecpu(self):
 111         """Resume the CPU."""
 112         self.writecmd(self.APP,0x87,0,self.data);
 113     def test(self):
 114         self.CCreleasecpu();
 115         self.CChaltcpu();
 116         #print "Status: %s" % self.CCstatusstr();
 117
 118         #Grab ident three times, should be equal.
 119         ident1=self.CCident();
 120         ident2=self.CCident();
 121         ident3=self.CCident();
 122         if(ident1!=ident2 or ident2!=ident3):
 123             print "Error, repeated ident attempts unequal."
 124             print "%04x, %04x, %04x" % (ident1, ident2, ident3);
 125
 126         #Single step, printing PC.
 127         print "Tracing execution at startup."
 128         for i in range(1,15):
 129             pc=self.CCgetPC();
 130             byte=self.CCpeekcodebyte(i);
 131             #print "PC=%04x, %02x" % (pc, byte);
 132             self.CCstep_instr();
 133
 134         print "Verifying that debugging a NOP doesn't affect the PC."
 135         for i in range(1,15):
 136             pc=self.CCgetPC();
 137             self.CCdebuginstr([0x00]);
 138             if(pc!=self.CCgetPC()):
 139                 print "ERROR: PC changed during CCdebuginstr([NOP])!";
 140
 141         print "Checking pokes to XRAM."
 142         for i in range(0xf000,0xf020):
 143             self.CCpokedatabyte(i,0xde);
 144             if(self.CCpeekdatabyte(i)!=0xde):
 145                 print "Error in XDATA at 0x%04x" % i;
 146
 147         #print "Status: %s." % self.CCstatusstr();
 148         #Exit debugger
 149         self.stop();
 150         print "Done.";
 151
 152     def setup(self):
 153         """Move the FET into the CC2430/CC2530 application."""
 154         #print "Initializing Chipcon.";
 155         self.writecmd(self.APP,0x10,0,self.data);
 156     def CCrd_config(self):
 157         """Read the config register of a Chipcon."""
 158         self.writecmd(self.APP,0x82,0,self.data);
 159         return ord(self.data[0]);
 160     def CCwr_config(self,config):
 161         """Write the config register of a Chipcon."""
 162         self.writecmd(self.APP,0x81,1,[config&0xFF]);
 163     def CClockchip(self):
 164         """Set the flash lock bit in info mem."""
 165         self.writecmd(self.APP, 0x9A, 0, None);
 166     def lock(self):
 167         """Set the flash lock bit in info mem."""
 168         self.CClockchip();
 169
 170
 171     CCversions={0x0100:"cc1110",
 172                 0x1100:"cc1111",
 173                 0x8500:"cc2430",
 174                 0x8900:"cc2431",
 175                 0x8100:"cc2510",
 176                 0x9100:"cc2511",
 177                 0xA500:"cc2530", #page 52 of SWRU191
 178                 0xB500:"cc2531",
 179                 0xFF00:"CCmissing"};
 180     CCpagesizes={0x01: 1024, #"CC1110",
 181                  0x11: 1024, #"CC1111",
 182                  0x85: 2048, #"CC2430",
 183                  0x89: 2048, #"CC2431",
 184                  0x81: 1024, #"CC2510",
 185                  0x91: 1024, #"CC2511",
 186                  0xA5: 2048, #"CC2530", #page 52 of SWRU191
 187                  0xB5: 2048, #"CC2531",
 188                  0xFF: 0    } #"CCmissing"};
 189     def infostring(self):
 190         return self.CCidentstr();
 191     def CCidentstr(self):
 192         ident=self.CCident();
 193         chip=self.CCversions.get(ident&0xFF00);
 194         pagesize=self.CCpagesizes.get(ident>0xFF);
 195         try:
 196             return "%s/r%0.4x/ps0x%0.4x" % (chip, ident, pagesize);
 197         except:
 198             return "%04x" % ident;
 199     def CCident(self):
 200         """Get a chipcon's ID."""
 201         self.writecmd(self.APP,0x8B,0,None);
 202         chip=ord(self.data[0]);
 203         rev=ord(self.data[1]);
 204         return (chip<<8)+rev;
 205     def CCpagesize(self):
 206         """Get a chipcon's ID."""
 207         self.writecmd(self.APP,0x8B,0,None);
 208         chip=ord(self.data[0]);
 209         size=self.CCpagesizes.get(chip);
 210         if(size<10):
 211             print "ERROR: Pagesize undefined.";
 212             print "chip=%0.4x" %chip;
 213             sys.exit(1);
 214             #return 2048;
 215         return size;
 216     def getpc(self):
 217         return self.CCgetPC();
 218     def CCgetPC(self):
 219         """Get a chipcon's PC."""
 220         self.writecmd(self.APP,0x83,0,None);
 221         hi=ord(self.data[0]);
 222         lo=ord(self.data[1]);
 223         return (hi<<8)+lo;
 224     def CCcmd(self,phrase):
 225         self.writecmd(self.APP,0x00,len(phrase),phrase);
 226         val=ord(self.data[0]);
 227         print "Got %02x" % val;
 228         return val;
 229     def CCdebuginstr(self,instr):
 230         self.writecmd(self.APP,0x88,len(instr),instr);
 231         return ord(self.data[0]);
 232     def peek8(self,address, memory="code"):
 233         if(memory=="code" or memory=="flash" or memory=="vn"):
 234             return self.CCpeekcodebyte(address);
 235         elif(memory=="data" or memory=="xdata" or memory=="ram"):
 236             return self.CCpeekdatabyte(address);
 237         elif(memory=="idata" or memory=="iram"):
 238             return self.CCpeekirambyte(address);
 239         print "%s is an unknown memory." % memory;
 240         return 0xdead;
 241     def CCpeekcodebyte(self,adr):
 242         """Read the contents of code memory at an address."""
 243         self.data=[adr&0xff, (adr&0xff00)>>8];
 244         self.writecmd(self.APP,0x90,2,self.data);
 245         return ord(self.data[0]);
 246     def CCpeekdatabyte(self,adr):
 247         """Read the contents of data memory at an address."""
 248         self.data=[adr&0xff, (adr&0xff00)>>8];
 249         self.writecmd(self.APP,0x91, 2, self.data);
 250         return ord(self.data[0]);
 251     def CCpeekirambyte(self,adr):
 252         """Read the contents of IRAM at an address."""
 253         self.data=[adr&0xff];
 254         self.writecmd(self.APP,0x02, 1, self.data);
 255         return ord(self.data[0]);
 256     def CCpeekiramword(self,adr):
 257         """Read the little-endian contents of IRAM at an address."""
 258         return self.CCpeekirambyte(adr)+(
 259             self.CCpeekirambyte(adr+1)<<8);
 260     def CCpokeiramword(self,adr,val):
 261         self.CCpokeirambyte(adr,val&0xff);
 262         self.CCpokeirambyte(adr+1,(val>>8)&0xff);
 263     def CCpokeirambyte(self,adr,val):
 264         """Write the contents of IRAM at an address."""
 265         self.data=[adr&0xff, val&0xff];
 266         self.writecmd(self.APP,0x02, 2, self.data);
 267         return ord(self.data[0]);
 268
 269     def CCpokedatabyte(self,adr,val):
 270         """Write a byte to data memory."""
 271         self.data=[adr&0xff, (adr&0xff00)>>8, val];
 272         self.writecmd(self.APP, 0x92, 3, self.data);
 273         return ord(self.data[0]);
 274     def CCchiperase(self):
 275         """Erase all of the target's memory."""
 276         self.writecmd(self.APP,0x80,0,None);
 277     def erase(self):
 278         """Erase all of the target's memory."""
 279         self.CCchiperase();
 280         self.start();
 281
 282     def CCstatus(self):
 283         """Check the status."""
 284         self.writecmd(self.APP,0x84,0,None);
 285         return ord(self.data[0])
 286     #Same as CC2530
 287     CCstatusbits={0x80 : "erase_busy",
 288                   0x40 : "pcon_idle",
 289                   0x20 : "cpu_halted",
 290                   0x10 : "pm0",
 291                   0x08 : "halt_status",
 292                   0x04 : "locked",
 293                   0x02 : "oscstable",
 294                   0x01 : "overflow"
 295                   };
 296     CCconfigbits={0x20 : "soft_power_mode",   #new for CC2530
 297                   0x08 : "timers_off",
 298                   0x04 : "dma_pause",
 299                   0x02 : "timer_suspend",
 300                   0x01 : "sel_flash_info_page" #stricken from CC2530
 301                   };
 302
 303     def status(self):
 304         """Check the status as a string."""
 305         status=self.CCstatus();
 306         str="";
 307         i=1;
 308         while i<0x100:
 309             if(status&i):
 310                 str="%s %s" %(self.CCstatusbits[i],str);
 311             i*=2;
 312         return str;
 313     def start(self):
 314         """Start debugging."""
 315         self.setup();
 316         self.writecmd(self.APP,0x20,0,self.data);
 317         ident=self.CCidentstr();
 318         #print "Target identifies as %s." % ident;
 319         #print "Status: %s." % self.status();
 320         self.CCreleasecpu();
 321         self.CChaltcpu();
 322         #Get SmartRF Studio regs if they exist.
 323         self.loadsymbols();
 324
 325         #print "Status: %s." % self.status();
 326
 327     def stop(self):
 328         """Stop debugging."""
 329         self.writecmd(self.APP,0x21,0,self.data);
 330     def CCstep_instr(self):
 331         """Step one instruction."""
 332         self.writecmd(self.APP,0x89,0,self.data);
 333     def CCeraseflashbuffer(self):
 334         """Erase the 2kB flash buffer"""
 335         self.writecmd(self.APP,0x99);
 336     def CCflashpage(self,adr):
 337         """Flash 2kB a page of flash from 0xF000 in XDATA"""
 338         data=[adr&0xFF,
 339               (adr>>8)&0xFF,
 340               (adr>>16)&0xFF,
 341               (adr>>24)&0xFF];
 342         print "Flashing buffer to 0x%06x" % adr;
 343         self.writecmd(self.APP,0x95,4,data);
 344
 345     def setsecret(self,value):
 346         """Set a secret word for later retreival.  Used by glitcher."""
 347         page = 0x0000;
 348         pagelen = self.CCpagesize(); #Varies by chip.
 349         print "page=%04x, pagelen=%04x" % (page,pagelen);
 350
 351         self.CCeraseflashbuffer();
 352         print "Setting secret to %x" % value;
 353         self.CCpokedatabyte(0xF000,value);
 354         self.CCpokedatabyte(0xF800,value);
 355         print "Setting secret to %x==%x" % (value,
 356                                             self.CCpeekdatabyte(0xf000));
 357         self.CCflashpage(0);
 358         print "code[0]=%x" % self.CCpeekcodebyte(0);
 359     def getsecret(self):
 360         """Get a secret word.  Used by glitcher."""
 361         secret=self.CCpeekcodebyte(0);
 362         #print "Got secret %02x" % secret;
 363         return secret;
 364
 365     def dump(self,file,start=0,stop=0xffff):
 366         """Dump an intel hex file from code memory."""
 367         print "Dumping code from %04x to %04x as %s." % (start,stop,file);
 368         h = IntelHex(None);
 369         i=start;
 370         while i<=stop:
 371             h[i]=self.CCpeekcodebyte(i);
 372             if(i%0x100==0):
 373                 print "Dumped %04x."%i;
 374                 h.write_hex_file(file); #buffer to disk.
 375             i+=1;
 376         h.write_hex_file(file);
 377
 378     def flash(self,file):
 379         """Flash an intel hex file to code memory."""
 380         print "Flashing %s" % file;
 381
 382         h = IntelHex(file);
 383         page = 0x0000;
 384         pagelen = self.CCpagesize(); #Varies by chip.
 385
 386         #print "page=%04x, pagelen=%04x" % (page,pagelen);
 387
 388         bcount = 0;
 389
 390         #Wipe the RAM buffer for the next flash page.
 391         self.CCeraseflashbuffer();
 392         for i in h._buf.keys():
 393             while(i>=page+pagelen):
 394                 if bcount>0:
 395                     self.CCflashpage(page);
 396                     #client.CCeraseflashbuffer();
 397                     bcount=0;
 398                     print "Flashed page at %06x" % page
 399                 page+=pagelen;
 400
 401             #Place byte into buffer.
 402             self.CCpokedatabyte(0xF000+i-page,
 403                                 h[i]);
 404             bcount+=1;
 405             if(i%0x100==0):
 406                 print "Buffering %04x toward %06x" % (i,page);
 407         #last page
 408         self.CCflashpage(page);
 409         print "Flashed final page at %06x" % page;
 410