1 /*! \file jtagarm7tdmi.h
2 \brief JTAG handler functions for the ARM7TDMI family of processors
12 #define JTAGSTATE_ARM 0 // bit 4 on dbg status reg is low
13 #define JTAGSTATE_THUMB 1
22 #define Capture_DR 0x6
28 #define RunTest_Idle 0xc
30 #define Capture_IR 0xe
31 #define Test_Reset 0xf
36 void jtagarm7tdmi_start(void);
38 //! Set a 32-bit ARM register
39 void jtagarm7tdmi_set_register(unsigned long reg, unsigned long val);
40 //! Get a 32-bit ARM register
41 unsigned long jtagarm7tdmi_get_register(unsigned long reg);
43 //! Shift an arbitrary number of bits, using an array of uchars
44 uint8_t* jtag_trans_many(uint8_t *word, uint8_t bitcount, enum eTransFlags flags);
46 // ARM7TDMI-specific pins
47 // DBGRQ - GoodFET Pin 8
51 The instruction register is 4 bits in length.
52 There is no parity bit.
53 The fixed value 0001 is loaded into the instruction register during the CAPTURE-IR
55 The least significant bit of the instruction register is scanned in and scanned out first.
58 //4-bit ARM7TDMI JTAG commands, bit-swapped
59 #define ARM7TDMI_IR_EXTEST 0x0
60 #define ARM7TDMI_IR_SCAN_N 0x2
61 #define ARM7TDMI_IR_SAMPLE 0x3
62 #define ARM7TDMI_IR_RESTART 0x4
63 #define ARM7TDMI_IR_CLAMP 0x5
64 #define ARM7TDMI_IR_HIGHZ 0x7
65 #define ARM7TDMI_IR_CLAMPZ 0x9
66 #define ARM7TDMI_IR_INTEST 0xC
67 #define ARM7TDMI_IR_IDCODE 0xE
68 #define ARM7TDMI_IR_BYPASS 0xF
70 // read 3 bit - Debug Control
71 #define EICE_DBGCTRL 0
72 #define EICE_DBGCTRL_BITLEN 3
73 // read 5 bit - Debug Status
74 #define EICE_DBGSTATUS 1
75 #define EICE_DBGSTATUS_BITLEN 5
76 // read 6 bit - Debug Comms Control Register
78 #define EICE_DBGCCR_BITLEN 6
79 // r/w 32 bit - Debug Comms Data Register
81 // r/w 32 bit - Watchpoint 0 Address
82 #define EICE_WP0ADDR 8
83 // r/w 32 bit - Watchpoint 0 Addres Mask
84 #define EICE_WP0ADDRMASK 9
85 // r/w 32 bit - Watchpoint 0 Data
86 #define EICE_WP0DATA 10
87 // r/w 32 bit - Watchpoint 0 Data Masl
88 #define EICE_WP0DATAMASK 11
89 // r/w 9 bit - Watchpoint 0 Control Value
90 #define EICE_WP0CTRL 12
91 // r/w 8 bit - Watchpoint 0 Control Mask
92 #define EICE_WP0CTRLMASK 13
93 // r/w 32 bit - Watchpoint 0 Address
94 #define EICE_WP1ADDR 16
95 // r/w 32 bit - Watchpoint 0 Addres Mask
96 #define EICE_WP1ADDRMASK 17
97 // r/w 32 bit - Watchpoint 0 Data
98 #define EICE_WP1DATA 18
99 // r/w 32 bit - Watchpoint 0 Data Masl
100 #define EICE_WP1DATAMASK 19
101 // r/w 9 bit - Watchpoint 0 Control Value
102 #define EICE_WP1CTRL 20
103 // r/w 8 bit - Watchpoint 0 Control Mask
104 #define EICE_WP1CTRLMASK 21
107 //JTAGARM7TDMI commands
108 #define JTAGARM7_GET_REGISTER 0x8d
109 #define JTAGARM7_SET_REGISTER 0x8e
110 #define JTAGARM7_DEBUG_INSTR 0x8f
111 // Really ARM specific stuff
112 #define JTAGARM7_SET_IR 0x90
113 #define JTAGARM7_WAIT_DBG 0x91
114 #define JTAGARM7_SHIFT_DR 0x92
115 #define JTAGARM7_CHAIN0 0x93
116 #define JTAGARM7_SCANCHAIN1 0x94
117 #define JTAGARM7_EICE_READ 0x95
118 #define JTAGARM7_EICE_WRITE 0x96
119 #define JTAGARM7_IR_SIZE 0x9f
120 #define JTAGARM7_SCAN_N_SIZE 0x9e
122 #define JTAGARM_SCAN1_MANY 0x9d
123 #define JTAG_DR_SHIFT_MANY 0x9c
125 // for deeper understanding, read the instruction cycle timing section of:
126 // http://www.atmel.com/dyn/resources/prod_documents/DDI0029G_7TDMI_R3_trm.pdf
127 #define EXECNOPARM 0xe1a00000L
128 #define ARM_INSTR_NOP 0xe1a00000L
129 #define ARM_INSTR_BX_R0 0xe12fff10L
130 #define ARM_INSTR_STR_Rx_r14 0xe58f0000L // from atmel docs
131 #define ARM_READ_REG ARM_INSTR_STR_Rx_r14
132 #define ARM_INSTR_LDR_Rx_r14 0xe5900000L // NOT from atmel docs (e59e0000L is from atmel docs)
133 #define ARM_WRITE_REG ARM_INSTR_LDR_Rx_r14
134 #define ARM_INSTR_LDR_R1_r0_4 0xe4901004L
135 #define ARM_READ_MEM ARM_INSTR_LDR_R1_r0_4
136 #define ARM_INSTR_STR_R1_r0_4 0xe4801004L
137 #define ARM_WRITE_MEM ARM_INSTR_STR_R1_r0_4
138 #define ARM_INSTR_MRS_R0_CPSR 0xe10f0000L
139 #define ARM_INSTR_MSR_cpsr_cxsf_R0 0xe12ff000L
140 #define ARM_INSTR_STMIA_R14_r0_rx 0xE88E0000L // add up to 65k to indicate which registers...
141 #define ARM_STORE_MULTIPLE ARM_INSTR_STMIA_R14_r0_rx
142 #define ARM_INSTR_SKANKREGS 0xE88F7fffL
143 #define ARM_INSTR_CLOBBEREGS 0xE89F7fffL
145 #define ARM_INSTR_B_IMM 0xea000000L
146 #define ARM_INSTR_BX_PC 0xe12fff10L // need to set r0 to the desired address
147 #define THUMB_INSTR_LDR_R0_r0 0x68006800L
148 #define THUMB_WRITE_REG THUMB_INSTR_LDR_R0_r0
149 #define THUMB_INSTR_STR_R0_r0 0x60006000L
150 #define THUMB_READ_REG THUMB_INSTR_STR_R0_r0
151 #define THUMB_INSTR_MOV_R0_PC 0x46b846b8L
152 #define THUMB_INSTR_MOV_PC_R0 0x46474647L
153 #define THUMB_INSTR_MOV_HiLo 0x46404640L
154 #define THUMB_INSTR_MOV_LoHi 0x46804680L
155 #define THUMB_INSTR_BX_PC 0x47784778L
156 #define THUMB_INSTR_NOP 0x1c001c00L
157 #define THUMB_SWAP_HiLo 0
158 #define THUMB_SWAP_LoHi 1
159 #define ARM_REG_PC 15
161 #define JTAG_ARM7TDMI_DBG_DBGACK 1
162 #define JTAG_ARM7TDMI_DBG_DBGRQ 2
163 #define JTAG_ARM7TDMI_DBG_IFEN 4
164 #define JTAG_ARM7TDMI_DBG_cgenL 8
165 #define JTAG_ARM7TDMI_DBG_TBIT 16
166 extern app_t const jtagarm7_app;
167 extern unsigned char g_jtag_ir_size;
168 extern unsigned char g_jtagarm_scan_n_bitsize;