X-Git-Url: http://git.rot13.org/?p=goodfet;a=blobdiff_plain;f=firmware%2Fapps%2Fchipcon%2Fchipcon.c;h=96fec225cd07e0c3de430977a6376faa7164a274;hp=0b883db4f29d21dcf1b604a97efacaf9a53df2c6;hb=69539bb167246135b1bde3c55dca7d19bc3c7aee;hpb=fe0b90ea2de166862138b8080bfa02dab4a0a212 diff --git a/firmware/apps/chipcon/chipcon.c b/firmware/apps/chipcon/chipcon.c index 0b883db..96fec22 100644 --- a/firmware/apps/chipcon/chipcon.c +++ b/firmware/apps/chipcon/chipcon.c @@ -19,6 +19,27 @@ #include #include +//! Handles a chipcon command. +void cc_handle_fn( uint8_t const app, + uint8_t const verb, + uint32_t const len); + +// define the jtag app's app_t +app_t const chipcon_app = { + + /* app number */ + CHIPCON, + + /* handle fn */ + cc_handle_fn, + + /* name */ + "CHIPCON", + + /* desc */ + "\tThe CHIPCON app adds support for debugging the chipcon\n" + "\t8051 processor.\n" +}; /* Concerning clock rates, the maximimum clock rates are defined on page 4 of the spec. They vary, but are roughly 30MHz. Raising @@ -29,51 +50,127 @@ //Pins and I/O //MISO and MOSI are the same pin, direction changes. + +#if (platform == tilaunchpad) +/* + * The Launchpad has only pins easily available + * P5.3 TCK SCK (labeled TEST J3-10 J2-17) DC closest to antenna (blue) + * P5.2 IO MISO MOSI (labeled RST J3-8 J2-16) DD next to closer to USB (yellow) + * P3.6 txd1 RST (labeled RXD J3-6 J1-4) next to GND, which is closest to USB (orange) + * P3.7 rxd1 RST (labeled TXD J3-4 J1-3) connect to led1 J1-2 + * + * for a permanent marriage between a TI-Launchpad, move RST to pin48 P5.4 + * (requeries soldering) and use rxd/txd for direct communication with IM-ME dongle. + */ + +#define RST BIT6 // P3.7 +#include +#else // tilaunchpad #define RST BIT0 +#define dputs(s) +#endif // ! tilaunchad + #define MOSI BIT2 #define MISO BIT2 #define SCK BIT3 + //This could be more accurate. //Does it ever need to be? #define CCSPEED 3 -#define CCDELAY(x) delay(x) - -#define SETMOSI P5OUT|=MOSI -#define CLRMOSI P5OUT&=~MOSI -#define SETCLK P5OUT|=SCK -#define CLRCLK P5OUT&=~SCK -#define READMISO (P5IN&MISO?1:0) - -#define CCWRITE P5DIR|=MOSI -#define CCREAD P5DIR&=~MISO +//#define CCSPEED 3 +//#define CCDELAY(x) delay(x) +#define CCDELAY(x) + +#define SETMOSI SPIOUT|=MOSI +#define CLRMOSI SPIOUT&=~MOSI +#define SETCLK SPIOUT|=SCK +#define CLRCLK SPIOUT&=~SCK +#define READMISO (SPIIN&MISO?1:0) + +#if (platform == tilaunchpad) +# if (SPIDIR != P5DIR) +# error "SPIDIR != P5DIR" +# endif +# if (SPIOUT != P5OUT) +# error "SPIOUT != P5OUT" +# endif +# define SETRST P3OUT|=RST +# define CLRRST P3OUT&=~RST +#else +# define SETRST P3OUT|=RST +# define CLRRST P3OUT&=~RST +#endif + +#define CCWRITE SPIDIR|=MOSI +#define CCREAD SPIDIR&=~MISO //! Set up the pins for CC mode. Does not init debugger. void ccsetup(){ - P5OUT|=MOSI+SCK+RST; - P5DIR|=MOSI+SCK+RST; - //P5DIR&=~MISO; //MOSI is MISO +#if (platform == tilaunchpad) + dputs("ccsetup"); + SPIOUT|=MOSI+SCK; + SPIDIR|=MOSI+SCK; + P3OUT|=RST; + P3DIR|=RST; + dputs("done ccsetup"); +#else + SPIOUT|=MOSI+SCK+RST; + SPIDIR|=MOSI+SCK+RST; +#endif + //P5REN=0xFF; } + +/* 33 cycle critical region +0000000e : + e: f2 d0 0d 00 bis.b #13, &0x0031 ;5 cycles + 12: 31 00 + 14: f2 c2 31 00 bic.b #8, &0x0031 ;4 cycles + 18: d2 c3 31 00 bic.b #1, &0x0031 ;4 + 1c: f2 e2 31 00 xor.b #8, &0x0031 ;4 + 20: f2 e2 31 00 xor.b #8, &0x0031 ;4 + 24: f2 e2 31 00 xor.b #8, &0x0031 ;4 + 28: f2 e2 31 00 xor.b #8, &0x0031 ;4 + 2c: d2 d3 31 00 bis.b #1, &0x0031 ;4 + 30: 30 41 ret +*/ + + //! Initialize the debugger void ccdebuginit(){ + //Port output BUT NOT DIRECTION is set at start. +#if (platform == tilaunchpad) + dputs("ccdebuginit"); + SPIOUT|=MOSI+SCK; + P3OUT|=RST; +#else + SPIOUT|=MOSI+SCK+RST; +#endif + + delay(30); //So the beginning is ready for glitching. + //Two positive debug clock pulses while !RST is low. //Take RST low, pulse twice, then high. - P5OUT&=~SCK; - P5OUT&=~RST; - - //pulse twice - CCDELAY(CCSPEED); - P5OUT|=SCK; //up - CCDELAY(CCSPEED); - P5OUT&=~SCK; //down - CCDELAY(CCSPEED); - P5OUT|=SCK; //up - CCDELAY(CCSPEED); - P5OUT&=~SCK; //down + SPIOUT&=~SCK; + delay(10); + CLRRST; + + delay(10); + + //Two rising edges. + SPIOUT^=SCK; //up + delay(1); + SPIOUT^=SCK; //down + delay(1); + SPIOUT^=SCK; //up + delay(1); + SPIOUT^=SCK; //Unnecessary. + delay(1); + //delay(0); //Raise !RST. - P5OUT|=RST; + SETRST; } //! Read and write a CC bit. @@ -91,11 +188,11 @@ unsigned char cctrans8(unsigned char byte){ byte <<= 1; /* half a clock cycle before leading/rising edge */ - CCDELAY(CCSPEED/2); + CCDELAY(CCSPEED>>2); SETCLK; /* half a clock cycle before trailing/falling edge */ - CCDELAY(CCSPEED/2); + CCDELAY(CCSPEED>>2); /* read MISO on trailing edge */ byte |= READMISO; @@ -121,20 +218,31 @@ void ccread(unsigned char len){ cmddata[i]=cctrans8(0); } -//! Handles a monitor command. -void cchandle(unsigned char app, - unsigned char verb, - unsigned long len){ +//! Handles a chipcon command. +void cc_handle_fn( uint8_t const app, + uint8_t const verb, + uint32_t const len) +{ //Always init. Might help with buggy lines. //Might hurt too. //ccdebuginit(); long i; + int blocklen, blockadr; switch(verb){ //CC_PEEK and CC_POKE will come later. + case PEEK: + cmddata[0]=cc_peekirambyte(cmddata[0]); + txdata(app,verb,1); + break; + case POKE: + cmddata[0]=cc_pokeirambyte(cmddata[0],cmddata[1]); + txdata(app,verb,0); + break; case READ: //Write a command and return 1-byte reply. cccmd(len); - ccread(1); + if(cmddata[0]&0x4) + ccread(1); txdata(app,verb,1); break; case WRITE: //Write a command with no reply. @@ -147,9 +255,9 @@ void cchandle(unsigned char app, break; case STOP://exit debugger //Take RST low, then high. - P5OUT&=~RST; + CLRRST; CCDELAY(CCSPEED); - P5OUT|=RST; + SETRST; txdata(app,verb,0); break; case SETUP: @@ -159,6 +267,7 @@ void cchandle(unsigned char app, //Micro commands! case CC_CHIP_ERASE: + case CC_MASS_ERASE_FLASH: cc_chip_erase(); txdata(app,verb,1); break; @@ -202,10 +311,10 @@ void cchandle(unsigned char app, txdata(app,verb,1); break; case CC_STEP_REPLACE: - txdata(app,NOK,0);//TODO add me + txdata(app,NOK,0);//Don't add this; it's non-standard. break; case CC_GET_CHIP_ID: - cc_get_chip_id(); + cmddataword[0]=cc_get_chip_id(); txdata(app,verb,2); break; @@ -216,9 +325,18 @@ void cchandle(unsigned char app, txdata(app,verb,1); break; case CC_READ_XDATA_MEMORY: - cmddata[0]=cc_peekdatabyte(cmddataword[0]); - txdata(app,verb,1); + //Read the length. + blocklen=1; + if(len>2) + blocklen=cmddataword[1]; + blockadr=cmddataword[0]; + + //Return that many bytes. + for(i=0;i> 8) / FLASH_WORD_SIZE) & 0x7E, + //0x75, 0xAB, 0x23, //Set FWT per clock 0x75, 0xAC, 0x00, // MOV FADDRL, #00; /* Erase page. */ 0x75, 0xAE, 0x01, // MOV FLC, #01H; // ERASE // ; Wait for flash erase to complete 0xE5, 0xAE, // eraseWaitLoop: MOV A, FLC; 0x20, 0xE7, 0xFB, // JB ACC_BUSY, eraseWaitLoop; + /* End erase page. */ // ; Initialize the data pointer 0x90, 0xF0, 0x00, // MOV DPTR, #0F000H; @@ -357,7 +523,8 @@ const u8 flash_routine[] = { 0x7E, LOBYTE_WORDS_PER_FLASH_PAGE, // MOV R6, #imm; 0x75, 0xAE, 0x02, // MOV FLC, #02H; // WRITE // ; Inner loops - 0x7D, FLASH_WORD_SIZE, // writeLoop: MOV R5, #imm; + //24: + 0x7D, 0xde /*FLASH_WORD_SIZE*/, // writeLoop: MOV R5, #imm; 0xE0, // writeWordLoop: MOVX A, @DPTR; 0xA3, // INC DPTR; 0xF5, 0xAF, // MOV FWDATA, A; @@ -369,7 +536,7 @@ const u8 flash_routine[] = { 0xDF, 0xEF, // DJNZ R7, writeLoop; // ; Done, fake a breakpoint 0xA5 // DB 0xA5; -}; +}; //! Copies flash buffer to flash. @@ -377,22 +544,33 @@ void cc_write_flash_page(u32 adr){ //Assumes that page has already been written to XDATA 0xF000 //debugstr("Flashing 2kb at 0xF000 to given adr."); - if(adr&(FLASHPAGE_SIZE-1)){ - debugstr("Flash page address is not on a multiple of 2kB. Aborting."); + if(adr&(MINFLASHPAGE_SIZE-1)){ + debugstr("Flash page address is not on a page boundary. Aborting."); return; } + if(flash_word_size!=2 && flash_word_size!=4){ + debugstr("Flash word size is wrong, aborting write to"); + debughex(adr); + while(1); + } + //Routine comes next //WRITE_XDATA_MEMORY(IN: 0xF000 + FLASH_PAGE_SIZE, sizeof(routine), routine); - cc_write_xdata(0xF000+FLASHPAGE_SIZE, + cc_write_xdata(0xF000+MAXFLASHPAGE_SIZE, (u8*) flash_routine, sizeof(flash_routine)); //Patch routine's third byte with //((address >> 8) / FLASH_WORD_SIZE) & 0x7E - cc_pokedatabyte(0xF000+FLASHPAGE_SIZE+2, - ((adr>>8)/FLASH_WORD_SIZE)&0x7E); - //debugstr("Wrote flash routine."); - + cc_pokedatabyte(0xF000+MAXFLASHPAGE_SIZE+2, + ((adr>>8)/flash_word_size)&0x7E); + //Patch routine to define FLASH_WORD_SIZE + if(flash_routine[25]!=0xde) + debugstr("Ugly patching code failing in chipcon.c"); + cc_pokedatabyte(0xF000+MAXFLASHPAGE_SIZE+25, + flash_word_size); + //debugstr("Wrote flash routine."); + //MOV MEMCTR, (bank * 16) + 1; cmddata[0]=0x75; cmddata[1]=0xc7; @@ -400,20 +578,20 @@ void cc_write_flash_page(u32 adr){ cc_debug_instr(3); //debugstr("Loaded bank info."); - cc_set_pc(0xf000+FLASHPAGE_SIZE);//execute code fragment + cc_set_pc(0xf000+MAXFLASHPAGE_SIZE);//execute code fragment cc_resume(); //debugstr("Executing."); while(!(cc_read_status()&CC_STATUS_CPUHALTED)){ - P1OUT^=1;//blink LED while flashing + led_toggle();//blink LED while flashing } //debugstr("Done flashing."); - P1OUT&=~1;//clear LED + led_off(); } //! Read the PC @@ -544,15 +722,31 @@ for (n = 0; n < count; n++) { unsigned char cc_peekdatabyte(unsigned int adr){ unsigned char hb=(adr&0xFF00)>>8, - lb=adr&0xFF, - toret; + lb=adr&0xFF; //MOV DPTR, adr cc_debug(3, 0x90, hb, lb); //MOVX A, @DPTR //Must be 2, perhaps for clocking? - toret=cc_debug(3, 0xE0, 0, 0); - return toret; + return cc_debug(3, 0xE0, 0, 0); +} + + +//! Fetch a byte of IRAM. +u8 cc_peekirambyte(u8 adr){ + //CLR A + cc_debug(2, 0xE4, 0, 0); + //MOV A, #iram + return cc_debug(3, 0xE5, adr, 0); +} + +//! Write a byte of IRAM. +u8 cc_pokeirambyte(u8 adr, u8 val){ + //CLR A + cc_debug(2, 0xE4, 0, 0); + //MOV #iram, #val + return cc_debug(3, 0x75, adr, val); + //return cc_debug(3, 0x75, val, adr); }