From 78b9aa88dbfedd83c38c878d9f423af7da7cd36a Mon Sep 17 00:00:00 2001 From: dodge-this Date: Thu, 19 Aug 2010 15:26:30 +0000 Subject: [PATCH 1/1] latest updates including GoodFETARM.py "DEPRECATED" message git-svn-id: https://svn.code.sf.net/p/goodfet/code/trunk@704 12e2690d-a6be-4b82-a7b7-67c4a43b65c8 --- client/GoodFETARM.py | 4 + firmware/apps/jtag/jtagarm7.c | 36 +++---- firmware/include/jtag.h | 1 + firmware/include/jtagarm7.h | 183 ++++++++++++++++++++++++++++++++++ 4 files changed, 207 insertions(+), 17 deletions(-) create mode 100644 firmware/include/jtagarm7.h diff --git a/client/GoodFETARM.py b/client/GoodFETARM.py index b549416..a2212d3 100644 --- a/client/GoodFETARM.py +++ b/client/GoodFETARM.py @@ -6,6 +6,10 @@ # Contributions and bug reports welcome. # + + +raise Exception("DEPRECATED. USE GoodFETARM7") + import sys, binascii, struct, time import atlasutils.smartprint as asp from GoodFET import GoodFET diff --git a/firmware/apps/jtag/jtagarm7.c b/firmware/apps/jtag/jtagarm7.c index 63ab746..2ef7dad 100644 --- a/firmware/apps/jtag/jtagarm7.c +++ b/firmware/apps/jtag/jtagarm7.c @@ -1,11 +1,10 @@ -/*! \file jtagarm7tdmi.c +/*! \file jtagarm7.c \brief ARM7TDMI JTAG (AT91R40008, AT91SAM7xxx) */ #include "platform.h" #include "command.h" -#include "jtag.h" -#include "jtagarm7tdmi.h" +#include "jtagarm7.h" /**** 20-pin Connection Information (pin1 is on top-right for both connectors)**** @@ -34,17 +33,6 @@ GoodFET -> 7TDMI 14-pin connector http://hri.sourceforge.net/tools/jtag_faq_org.html ********************************/ - -// ! Start JTAG, setup pins, reset TAP and return IDCODE -void jtagarm7tdmi_start() { - jtagsetup(); - jtag_resettap(); -} - - -//! Reset TAP State Machine - - /* WHAT SHOULD THIS MODULE DO? * *start * *shift_ir @@ -59,6 +47,14 @@ void jtagarm7tdmi_start() { * *set_register */ +// ! Start JTAG, setup pins, reset TAP and return IDCODE +void jtagarm7tdmi_start() { + jtagsetup(); + SETTST; + jtag_resettap(); +} + + u8 shift_ir(u8 ir, u8 flags){ u8 retval; jtag_goto_shift_ir(); @@ -140,7 +136,7 @@ u32 jtagarm7tdmi_nop(u8 brkpt){ unsigned long jtagarm7tdmi_get_register(unsigned long reg) { //PROVEN unsigned long retval=0L, instr; if (eice_read(EICE_DBGSTATUS)& JTAG_ARM7TDMI_DBG_TBIT) - instr = THUMB_INSTR_STR_R0_r0 | reg | (reg<<16); + instr = THUMB_READ_REG | reg | (reg<<16); else instr = (unsigned long)(reg<<12L) | (unsigned long)ARM_READ_REG; // STR Rx, [R14] @@ -157,8 +153,9 @@ unsigned long jtagarm7tdmi_get_register(unsigned long reg) { //! Set a 32-bit Register value void jtagarm7tdmi_set_register(unsigned long reg, unsigned long val) { // PROVEN (assuming target reg is word aligned) unsigned long instr; - //if (current_dbgstate & JTAG_ARM7TDMI_DBG_TBIT) - //instr = THUMB_WRITE_REG + if (eice_read(EICE_DBGSTATUS) & JTAG_ARM7TDMI_DBG_TBIT) + instr = THUMB_WRITE_REG | (reg&7) | ((reg&7)<<16); + else instr = (unsigned long)(((unsigned long)reg<<12L) | ARM_WRITE_REG); // LDR Rx, [R14] jtagarm7tdmi_nop( 0); // push nop into pipeline - clean out the pipeline... @@ -234,6 +231,11 @@ void jtagarm7tdmihandle(unsigned char app, unsigned char verb, unsigned long len jtagarm7tdmi_set_register(cmddatalong[1], cmddatalong[0]); txdata(app,verb,4); break; + case JTAG_RESETTARGET: + CLRTST; + delay(10); + SETTST; + break; //case JTAGARM7_STEP_INSTR: diff --git a/firmware/include/jtag.h b/firmware/include/jtag.h index b4c4155..4795109 100644 --- a/firmware/include/jtag.h +++ b/firmware/include/jtag.h @@ -93,6 +93,7 @@ extern int savedtclk; #define JTAG_IR_SHIFT 0x80 #define JTAG_DR_SHIFT 0x81 #define JTAG_RESETTAP 0x82 +#define JTAG_RESETTARGET 0x83 #define JTAG_DR_SHIFT20 0x91 #define MSB 0 diff --git a/firmware/include/jtagarm7.h b/firmware/include/jtagarm7.h new file mode 100644 index 0000000..dad30bc --- /dev/null +++ b/firmware/include/jtagarm7.h @@ -0,0 +1,183 @@ +/*! \file jtagarm7tdmi.h + \brief JTAG handler functions for the ARM7TDMI family of processors +*/ + +#include "jtag.h" + + +#define JTAGSTATE_ARM 0 // bit 4 on dbg status reg is low +#define JTAGSTATE_THUMB 1 + +#define ARMTCKTOCK CLRTCK; PLEDOUT^=PLEDPIN; SETTCK; PLEDOUT^=PLEDPIN; +// ASSUME RUN-TEST/IDLE STATE +#define SHIFT_IR SETTMS;TCKTOCK;TCKTOCK;CLRTMS;TCKTOCK;TCKTOCK; +#define SHIFT_DR SETTMS;TCKTOCK;CLRTMS;TCKTOCK;TCKTOCK; + + + +unsigned char current_chain; +unsigned char current_dbgstate = -1; +//unsigned char last_halt_debug_state = -1; +//unsigned long last_halt_pc = -1; + + +//void jtag_goto_shift_ir(); +//void jtag_goto_shift_dr(); +//void jtag_reset_to_runtest_idle(); +//void jtag_arm_tcktock(); + + +// JTAGARM7TDMI Commands + +//! Write data to address. +unsigned long jtagarm7tdmi_writemem(unsigned long adr, unsigned long data); +//! Read data from address +unsigned long jtagarm7tdmi_readmem(unsigned long adr); + +//! Halt the CPU +unsigned long jtagarm7tdmi_haltcpu(); +//! Release the CPU +unsigned long jtagarm7tdmi_releasecpu(); + +//! Set the program counter. +void jtagarm7tdmi_setpc(unsigned long adr); + +//! Write data to address. +unsigned long jtagarm7tdmi_writeflash(unsigned long adr, unsigned long data); + + +//! Start JTAG +void jtagarm7tdmi_start(void); +//! Reset TAP State Machine +void jtagarm7tdmi_resettap(); + +//! ARM-specific JTAG bit-transfer +unsigned long jtagarmtransn(unsigned long word, unsigned char bitcount, unsigned char lsb, unsigned char end, unsigned char retidle); + +//! Grab debug register - Expect chain 2 to be selected +unsigned long jtagarm7tdmi_get_dbgstate() ; +//! Grab the core ID. +unsigned long jtagarm7tdmi_idcode(); +//! Connect Bypass Register to TDO/TDI +unsigned char jtagarm7tdmi_bypass(); +//! Connect the appropriate scan chain to TDO/TDI +unsigned long jtagarm7tdmi_scan_intest(int n); +//! Set a 32-bit ARM register +void jtagarm7tdmi_set_register(unsigned long reg, unsigned long val); +//! Get a 32-bit ARM register +unsigned long jtagarm7tdmi_get_register(unsigned long reg); + +// ARM7TDMI-specific pins +// DBGRQ - GoodFET Pin 8 +#define DBGRQ TST + +/* ARM7TDMI data +The instruction register is 4 bits in length. +There is no parity bit. +The fixed value 0001 is loaded into the instruction register during the CAPTURE-IR +controller state. +The least significant bit of the instruction register is scanned in and scanned out first. +*/ + +//4-bit ARM7TDMI JTAG commands, bit-swapped +#define ARM7TDMI_IR_EXTEST 0x0 +#define ARM7TDMI_IR_SCAN_N 0x2 +#define ARM7TDMI_IR_SAMPLE 0x3 +#define ARM7TDMI_IR_RESTART 0x4 +#define ARM7TDMI_IR_CLAMP 0x5 +#define ARM7TDMI_IR_HIGHZ 0x7 +#define ARM7TDMI_IR_CLAMPZ 0x9 +#define ARM7TDMI_IR_INTEST 0xC +#define ARM7TDMI_IR_IDCODE 0xE +#define ARM7TDMI_IR_BYPASS 0xF + +// read 3 bit - Debug Control +#define EICE_DBGCTRL 0 +#define EICE_DBGCTRL_BITLEN 3 +// read 5 bit - Debug Status +#define EICE_DBGSTATUS 1 +#define EICE_DBGSTATUS_BITLEN 5 +// read 6 bit - Debug Comms Control Register +#define EICE_DBGCCR 4 +#define EICE_DBGCCR_BITLEN 6 +// r/w 32 bit - Debug Comms Data Register +#define EICE_DBGCDR 5 +// r/w 32 bit - Watchpoint 0 Address +#define EICE_WP0ADDR 8 +// r/w 32 bit - Watchpoint 0 Addres Mask +#define EICE_WP0ADDRMASK 9 +// r/w 32 bit - Watchpoint 0 Data +#define EICE_WP0DATA 10 +// r/w 32 bit - Watchpoint 0 Data Masl +#define EICE_WP0DATAMASK 11 +// r/w 9 bit - Watchpoint 0 Control Value +#define EICE_WP0CTRL 12 +// r/w 8 bit - Watchpoint 0 Control Mask +#define EICE_WP0CTRLMASK 13 +// r/w 32 bit - Watchpoint 0 Address +#define EICE_WP1ADDR 16 +// r/w 32 bit - Watchpoint 0 Addres Mask +#define EICE_WP1ADDRMASK 17 +// r/w 32 bit - Watchpoint 0 Data +#define EICE_WP1DATA 18 +// r/w 32 bit - Watchpoint 0 Data Masl +#define EICE_WP1DATAMASK 19 +// r/w 9 bit - Watchpoint 0 Control Value +#define EICE_WP1CTRL 20 +// r/w 8 bit - Watchpoint 0 Control Mask +#define EICE_WP1CTRLMASK 21 + + +//JTAGARM7TDMI commands +#define JTAGARM7_RESETTARGET 0x86 +#define JTAGARM7_GET_REGISTER 0x87 +#define JTAGARM7_SET_REGISTER 0x88 +#define JTAGARM7_DEBUG_INSTR 0x89 +// Really ARM specific stuff +#define JTAGARM7_SET_IR 0x90 +#define JTAGARM7_WAIT_DBG 0x91 +#define JTAGARM7_SHIFT_DR 0x92 +#define JTAGARM7_CHAIN0 0x93 +#define JTAGARM7_SCANCHAIN1 0x94 +#define JTAGARM7_EICE_READ 0x95 +#define JTAGARM7_EICE_WRITE 0x96 + + +// for deeper understanding, read the instruction cycle timing section of: +// http://www.atmel.com/dyn/resources/prod_documents/DDI0029G_7TDMI_R3_trm.pdf +#define EXECNOPARM 0xe1a00000L +#define ARM_INSTR_NOP 0xe1a00000L +#define ARM_INSTR_BX_R0 0xe12fff10L +#define ARM_INSTR_STR_Rx_r14 0xe58f0000L // from atmel docs +#define ARM_READ_REG ARM_INSTR_STR_Rx_r14 +#define ARM_INSTR_LDR_Rx_r14 0xe59f0000L // from atmel docs +#define ARM_WRITE_REG ARM_INSTR_LDR_Rx_r14 +#define ARM_INSTR_LDR_R1_r0_4 0xe4901004L +#define ARM_READ_MEM ARM_INSTR_LDR_R1_r0_4 +#define ARM_INSTR_STR_R1_r0_4 0xe4801004L +#define ARM_WRITE_MEM ARM_INSTR_STR_R1_r0_4 +#define ARM_INSTR_MRS_R0_CPSR 0xe10f0000L +#define ARM_INSTR_MSR_cpsr_cxsf_R0 0xe12ff000L +#define ARM_INSTR_STMIA_R14_r0_rx 0xE88E0000L // add up to 65k to indicate which registers... +#define ARM_STORE_MULTIPLE ARM_INSTR_STMIA_R14_r0_rx +#define ARM_INSTR_SKANKREGS 0xE88F7fffL +#define ARM_INSTR_CLOBBEREGS 0xE89F7fffL + +#define ARM_INSTR_B_IMM 0xea000000L +#define ARM_INSTR_BX_PC 0xe12fff10L // need to set r0 to the desired address +#define THUMB_INSTR_LDR_R0_r0 0x68006800L +#define THUMB_WRITE_REG THUMB_INSTR_LDR_R0_r0 +#define THUMB_INSTR_STR_R0_r0 0x60006000L +#define THUMB_READ_REG THUMB_INSTR_STR_R0_r0 +#define THUMB_INSTR_MOV_R0_PC 0x46b846b8L +#define THUMB_INSTR_MOV_PC_R0 0x46474647L +#define THUMB_INSTR_BX_PC 0x47784778L +#define THUMB_INSTR_NOP 0x1c001c00L +#define ARM_REG_PC 15 + +#define JTAG_ARM7TDMI_DBG_DBGACK 1 +#define JTAG_ARM7TDMI_DBG_DBGRQ 2 +#define JTAG_ARM7TDMI_DBG_IFEN 4 +#define JTAG_ARM7TDMI_DBG_cgenL 8 +#define JTAG_ARM7TDMI_DBG_TBIT 16 + -- 2.20.1